Linux.nginx

Aus OrgaMon Wiki
Zur Navigation springen Zur Suche springen

Überblick

  • Ich verwendet nginx als HTTP/2 Server auf einem Raspberry Pi
  • PHP soll in allen Stufen möglich sein

Authentifizierung

   auth_basic           "Administrator’s Area";
   auth_basic_user_file /etc/apache2/.htpasswd;

Stufe 1, :80 HTTP-Server

apt-get install nginx
apt-get install php php-fpm
  • orgamon-2.dyndns.org
server {
       listen 80 default_server;
       listen [::]:80 default_server;

       root /srv/ngx/orgamon-2.dyndns.org;

       index index.html index.htm index.nginx-debian.html;

       server_name orgamon-2.dyndns.org;

       location / {
               # First attempt to serve request as file, then
               # as directory, then fall back to displaying a 404.
               try_files $uri $uri/ =404;
       }

       location ~ \.php$ {
               include snippets/fastcgi-php.conf;
               fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
       }

}

Stufe 2, :443 HTTPS-Server (TLS 1.2)

apt-get install certbot
certbot certonly
  • /etc/nginx/sites-enabled/orgamon-2.dyndns.org
server {

       listen 443 ssl default_server;
       ssl_protocols TLSv1.2;

       root /srv/ngx/orgamon-2.dyndns.org;

       index index.html index.htm index.nginx-debian.html;

       server_name orgamon-2.dyndns.org;

       ssl_certificate /etc/letsencrypt/live/orgamon-2.dyndns.org/fullchain.pem;
       ssl_certificate_key /etc/letsencrypt/live/orgamon-2.dyndns.org/privkey.pem;

       location / {
               # First attempt to serve request as file, then
               # as directory, then fall back to displaying a 404.
               try_files $uri $uri/ =404;
       }

       location ~ \.php$ {
               include snippets/fastcgi-php.conf;
               fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
       }

Stufe 3, :443 HTTP/2 Server mit TLS 1.2

server {

      listen 443 ssl http2;
...

Stufe 4, :443 HTTP/2 Server mit TLS 1.3 (only!)