NGINX

NGINX - SUBDOMAINS AND SERVER BLOCKS

• cf : tuto digital ocean
• cf : tuto linuxize / nginx
• cf : tuto linuxize / blocks

SETUP NGINX

• install nginx

sudo apt update
sudo apt install nginx

• check status

sudo systemctl status nginx

• check possible configs

sudo ufw app list

• for http and https

sudo ufw allow 'Nginx Full' 

also

sudo ufw allow 'Nginx HTTP'
sudo ufw allow 'Nginx HTTPS’

MANAGE NGINX SERVICES

sudo systemctl stop nginx
sudo systemctl start nginx
sudo systemctl restart nginx
sudo systemctl reload nginx

• if you want to disable the Nginx service to start at boot

sudo systemctl disable nginx
sudo systemctl enable nginx

• All Nginx configuration files are located in the /etc/nginx directory.

• The main Nginx configuration file is /etc/nginx/nginx.conf

• To make Nginx configuration easier to maintain it is recommended to create a separate configuration file for each domain. You can have as many server block files as you need.

• Nginx server block files are stored in /etc/nginx/sites-available directory. The configuration files found in this directory are not used by Nginx unless they are linked to the /etc/nginx/sites-enabled directory.

• To activate a server block you need to create a symlink (a pointer) from the configuration file sites in a sites-available directory to the sites-enabled directory.

• It is recommended to follow the standard naming convention, for example if your domain name is mydomain.com then your configuration file should be named /etc/nginx/sites-available/mydomain.com.conf

• The /etc/nginx/snippets directory contains configuration snippets that can be included in the server block files. If you use repeatable configuration segments then you can refactor those segments into snippets and include the snippet file to the server blocks.

• Nginx log files (access.log and error.log) are located in the /var/log/nginx directory. It is recommended to have a different access and error log files for each server block.

• You can set your domain document root directory to any location you want. The most common locations for webroot include:

  • /home/<user_name>/<YOUR-PROD-DOMAIN>
  • /var/www/<YOUR-PROD-DOMAIN>
  • /var/www/html/<YOUR-PROD-DOMAIN>
  • /opt/<YOUR-PROD-DOMAIN>

DIRECTORIES FOR BLOCKS OF CODE

• make a subdirectory for each subdomain on droplet (-p : make parent dir if needed )

sudo mkdir -p /var/www/<YOUR-PROD-DOMAIN>/
sudo mkdir -p /var/www/<YOUR-PREPROD-DOMAIN>/
…

• Change group owner of the directory cf : https://askubuntu.com/questions/488485/allowing-a-group-read-write-access-to-a-directory

sudo usermod -aG adminsys www-data

• Change group owner of the directory cf : https://askubuntu.com/questions/30629/how-can-i-recursively-change-the-permissions-of-files-and-directories

sudo chgrp -R adminsys /var/www

• Give write permission to the group / ug == user + group

sudo chmod -R ug+rw /var/www

---

configure nginx for process launched by supervisor

• create a nginx conf file for this server block

sudo nano /etc/nginx/sites-available/<YOUR-PREPROD-DOMAIN>

server {
        listen 80 ;

        server_name <YOUR-PREPROD-DOMAIN> www.<YOUR-PREPROD-DOMAIN> ;

        location / {

                ### made it work using supervisor + gunicorn
                proxy_pass        http://YOUR.SERVER.IP.ADDRESS:4100/;

                proxy_redirect    off;

                proxy_set_header  X-Real-IP            $remote_addr;
                proxy_set_header  X-Forwarded-For      $proxy_add_x_forwarded_for;
                proxy_set_header  X-Forwarded-Proto    $scheme;

                proxy_pass_header Server;
                proxy_set_header  X-Scheme $scheme;

        }
}

• create link from sites-available to sites-enabled

sudo ln -s /etc/nginx/sites-available/<YOUR-PREPROD-DOMAIN> /etc/nginx/sites-enabled

• check syntax

sudo nginx -t

• restart nginx

sudo systemctl restart nginx