Configuration in NGINX in raspberry

Posted on 2016-08-29
Last Modified: 2016-09-21
I followed this tutorial and it works fine.

Meanwhile I want a different configuration in my RPI; I want multiple sites and services running behind NGINX.

<RPI IP>/owncloud
<RPI IP>/othersite (inside folder /var/www)
<RPI IP>/service (reverse proxy to localhost:9090)

Can anyone help with this configuration?
Question by:Bruno Martins
  • 2
LVL 40

Accepted Solution

noci earned 500 total points (awarded by participants)
ID: 41779276
Here is a possible setup my looks a bit like it but i have a separate hostname (same ip address) for several services
to keep the configuration a bit sane.

nginx.conf    ( not complete.... may need more/other }
http {
        include /etc/nginx/mime.types;
        default_type application/octet-stream;

        log_format main
                '$remote_addr - $remote_user [$time_local] '
                '"$request" $status $bytes_sent '
                '"$http_referer" "$http_user_agent" '
                '"$host" "$uri" "$request_filename" "$gzip_ratio"';

        client_header_timeout 10m;
        client_body_timeout 10m;
        client_max_body_size 10m;
        client_body_buffer_size 128k;

        send_timeout 10m;

        connection_pool_size 256;
        client_header_buffer_size 1k;
        large_client_header_buffers 4 2k;
        request_pool_size 4k;

        gzip on;
        gzip_min_length 1100;
        gzip_buffers 16 8k;
        gzip_types text/plain;
        gzip_disable "msie6";

        output_buffers 2 32k;
        postpone_output 1460;

        sendfile on;
        tcp_nopush on;
        tcp_nodelay on;
        keepalive_timeout 75 20;

        ignore_invalid_headers on;
        proxy_connect_timeout 90;
        proxy_send_timeout 90;
        proxy_read_timeout 90;
        proxy_buffer_size 4k;
        proxy_buffers 4 32k;
        proxy_busy_buffers_size   64k;
        proxy_temp_file_write_size 64k;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_max_temp_file_size 0;

        ssl_session_timeout 5m;
        ssl_session_cache builtin:1000 shared:SSL:10m;
        ssl_protocols TLSv1 TLSv1.1 TLSv1.2 ; # required by SNI
        #ssl_ciphers HIGH:!aNULL:!eNULL:!MD5:!RC4:!PSK:!DES;
        ssl_prefer_server_ciphers on;

        real_ip_header X-Forwarded-For;

        index index.php index.html index.htm;
        access_log /var/log/nginx/access_log combined buffer=32k flush=5m;
        error_log /var/log/nginx/error_log;

        fastcgi_cache_path /data/nginx-cache/ levels=1:2 keys_zone=OWNCLOUD:100m inactive=60m;

        map $request_uri $skip_cache {
                default 1;
                ~*/thumbnail.php 0;
                ~*/apps/galleryplus/ 0;
                ~*/apps/gallery/ 0;

        upstream php-handler { server fail_timeout=60s; }

        include /etc/nginx/nginx.d/*.conf ;

        server {
                listen 80;
                server_name _;
                root /var/www/localhost/htdocs/ ;
                index index.html;
                access_log      /var/log/nginx/access_unknown combined buffer=32k flush=5m;
                error_log       /var/log/nginx/error_unknown;
        server { 
                listen localhost:443 ssl; 
                server_name _;
                access_log      /var/log/nginx/access_unknown combined buffer=32k flush=5m;
                error_log       /var/log/nginx/error_unknown;
                include /etc/nginx/ ;
                ssl_certificate /etc/ssl/server/yourcert-cert.pem ;
                ssl_certificate_key /etc/ssl/server/yourcert-key.pem;

                # Path to the root of your installation
                root /var/www/localhost/htdocs/;
                index index.html;

Open in new window

sslparams:  these are separate to be able to easily adjust settings on a central place.
                ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
                #ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELIA:!DES:!MD5:!PSK:!RC4 ;
                ssl_prefer_server_ciphers on;
                #ssl_ciphers 'ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5';

                ssl_dhparam /etc/nginx/dhparam.pem ;
                ssl_session_timeout 180m;
                ssl_session_cache builtin:1000 shared:SSL:10m;
                # Before enabling Strict-Transport-Security headers please read into this topic first.
                add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";

Open in new window

and per service:
simple service conf:
        server { 
                listen 80; 
                server_name domainname ; 
                root /var/www/domainname/htdocs/ ;
                index index.html;

Open in new window

regular otherservice conf with https:
        server { listen 80; server_name domainname otherdomainname; return 301 https://domainname/$request_uri; } # enforce https

        server { 
                listen localhost:443 ssl; 
                server_name domainname otherdomainname ;   { whatever matches the certificate }
                ssl_certificate /etc/letsencrypt/live/domainname/fullchain.pem ; #   /etc/ssl/server/domainname.chain.pem ;
                ssl_certificate_key /etc/letsencrypt/live/domainname/privkey.pem;  #   /etc/ssl/server/domainname.key.pem;
                ssl_session_cache builtin:1000 shared:SSL:10m;
                include nginx.d/ ;
                # Path to the root of your installation
                root /var/www/domainname/htdocs/;

                client_max_body_size 1M; # set max upload size
                fastcgi_buffers 64 4K;
                proxy_set_header  Host domainname:443;

                location ~ ^/robots.txt {
                        allow all;
                        log_not_found off;
                        access_log off;

                location ~ (\.php) {                      ## Settings for my setup "
                        try_files $uri =404;
                        include fastcgi-php.conf;
                        fastcgi_index index.php;
                        fastcgi_keep_conn on;
                        fastcgi_split_path_info       ^(.+\.php)(.*)$;
                        fastcgi_param HTTP_PROXY "";
                        fastcgi_param PATH_INFO       $fastcgi_path_info;
                        fastcgi_param PATH_TRANSLATED    $request_filename;
                        #       fastcgi_param SCRIPT_FILENAME    $request_filename;
                        fastcgi_pass php-handler;

                location ~ ^/$ {
                        try_files $uri $uri/ index.html;

Open in new window

     upstream lh9090 { server; }

     server {
         listen 80; 
         server_name domainname;

         location ~ ^/service {
              # Forward WebSocket, if needed......
              proxy_http_version 1.1;
              proxy_set_header Upgrade $http_upgrade;
              proxy_set_header Connection $connection_upgrade;
              # forward request
              proxy_set_header Host $host;
              proxy_pass http://lh9090;

           location ~ ^/owncloud {
# see owncloud for settings, they may depend on version and the presented config may interfere with other settings within a host.... and are far more complex.
# may i suggest using a different hostname for that....

            location ~ ^/othersite {
                root /var/www/domainname/othersite;

Open in new window

LVL 40

Expert Comment

ID: 41808380
it works, nothing heard back though.
Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Tool to email me when a website changes 29 133
Using ONEDRIVE as a server 1 139
How to stress test an ASP.NET https website 3 79
Amazon AWS EC2  - how can I delete an instance? 2 95
Moving applications to the cloud or switching services to cloud-based ones, is a stressful job.  Here's how you can make it easier.
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
Need to grow your business through quality cloud solutions? With everything required to build a cloud platform and solution, you may feel like the distance between you and the cloud is quite long. Help is here. Spend some time learning about the Con…

856 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question