Nginx: Difference between revisions
Jump to navigation
Jump to search
No edit summary |
No edit summary |
||
| (One intermediate revision by the same user not shown) | |||
| Line 13: | Line 13: | ||
{|class='wikitable mw-collapsible mw-collapsed' | {|class='wikitable mw-collapsible mw-collapsed' | ||
!scope='col' style='text-align:left'| | !scope='col' style='text-align:left'| | ||
[https://editor.plantuml.com/uml/fPH1Rzf048Nl-okcv51G2g79XLQYYeXIcggABEEeFVGoUDVWOEzOksl0_xwpjXCSY9fAtOib-xrv-yqCN5k7nfLv9h1qfCjygOnuvzOgLr1ac6eXtiF2LLcgLv2GWSYWjWKQfUCAK4luWHMLJjXDglarvh34UBCoL6fvGnax-BXdKrTeroXfvmi_dmGpgpgI6Uq3bBAhkHmB8J1sJUNsz1wiCZ0pjEDd3quFMl0ImMLT6gS5QjSOxrUftl_M_L1jbR4A0aFxQj3h6ck944lQloZP2yjbnRrXN2y_KrV9PIA5_zHDwGLbZh1GPllwpNo2bmZ5pUICLuA2ogr9FqMT9H-JYVfq6ZGlTHgJqHVbpyNyxZJB1zML_XBr7RVOOKgIv4gDJwCMXV4pcH4vxjqjRusKIa94UOoEkyTHZUGG9QPJ27bJlCyHrCthU_01JAUYdX_0y4lJRO3pS_WCyzi8BWoccHrYKOZs4ulgdhQYhsHsQ2HiKuI7-xjViA1ue_ozr6Wr-W3i75b-DH2jwn0o7B8_P5W8bIr8y-uTCfwkv3NVeYWuQ8vGsl7qVTVVWf6Fg5TqJDCKEA7ngSqm_LewYYbZge2CWybuF6QWndW4L1l-1wXUWdvdnczHFRA1cT9EMEkkDVLl2WAqjiQARe83neGnMkqHniih_XF6DMyR_vVz0G00 | [https://editor.plantuml.com/uml/fPH1Rzf048Nl-okcv51G2g79XLQYYeXIcggABEEeFVGoUDVWOEzOksl0_xwpjXCSY9fAtOib-xrv-yqCN5k7nfLv9h1qfCjygOnuvzOgLr1ac6eXtiF2LLcgLv2GWSYWjWKQfUCAK4luWHMLJjXDglarvh34UBCoL6fvGnax-BXdKrTeroXfvmi_dmGpgpgI6Uq3bBAhkHmB8J1sJUNsz1wiCZ0pjEDd3quFMl0ImMLT6gS5QjSOxrUftl_M_L1jbR4A0aFxQj3h6ck944lQloZP2yjbnRrXN2y_KrV9PIA5_zHDwGLbZh1GPllwpNo2bmZ5pUICLuA2ogr9FqMT9H-JYVfq6ZGlTHgJqHVbpyNyxZJB1zML_XBr7RVOOKgIv4gDJwCMXV4pcH4vxjqjRusKIa94UOoEkyTHZUGG9QPJ27bJlCyHrCthU_01JAUYdX_0y4lJRO3pS_WCyzi8BWoccHrYKOZs4ulgdhQYhsHsQ2HiKuI7-xjViA1ue_ozr6Wr-W3i75b-DH2jwn0o7B8_P5W8bIr8y-uTCfwkv3NVeYWuQ8vGsl7qVTVVWf6Fg5TqJDCKEA7ngSqm_LewYYbZge2CWybuF6QWndW4L1l-1wXUWdvdnczHFRA1cT9EMEkkDVLl2WAqjiQARe83neGnMkqHniih_XF6DMyR_vVz0G00 PlantUML] | ||
|- | |- | ||
|valign='top'| | |valign='top'| | ||
| Line 23: | Line 23: | ||
' Styling for Transparency and Layout | ' Styling for Transparency and Layout | ||
skinparam backgroundColor transparent | skinparam backgroundColor transparent | ||
skinparam DefaultFontName Helvetica | |||
skinparam shadowing false | skinparam shadowing false | ||
skinparam BoxPadding 20 | skinparam BoxPadding 20 | ||
Latest revision as of 23:44, 6 February 2026
sudo apt-get update;echo
sudo apt install -y nginx
|
|||
| |||
Virtual Host
|
Virtual Host |
|---|
cat << EOF | tee /etc/nginx/sites-available/academia.chorke.org >/dev/null
server {
server_name academia.chorke.org;
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 3;
gzip_buffers 64 8k;
gzip_disable "msie6";
gzip_min_length 1100;
gzip_http_version 1.0;
gzip_types text/css text/xml application/x-javascript application/atom+xml text/mathml text/plain text/vnd.sun.j2me.app-descriptor text/vnd.wap.wml text/x-component image/bmp image/svg+xml image/x-icon;
root /var/chorke/academia.chorke.org/www;
access_log /var/chorke/academia.chorke.org/logs/nginx.access.log;
error_log /var/chorke/academia.chorke.org/logs/nginx.error.log info;
error_page 500 502 503 504 /500.html;
client_max_body_size 25M;
keepalive_timeout 10;
expires $expires;
location ~ ^/.well-known(/.*|$) {
alias /var/www/html/.well-known$1;
add_header Cache-Control public;
gzip_static on;
expires max;
}
location ^~ /assets/ {
root /var/chorke/academia.chorke.org/www/assets;
add_header Cache-Control public;
gzip_static on;
expires max;
}
location /minio/ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_buffering on;
proxy_buffer_size 8k;
proxy_buffers 2048 8k;
proxy_pass http://127.0.0.1:9801;
}
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/academia.chorke.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/academia.chorke.org/privkey.pem;
include /etc/letsencrypt/options-ssl-nginx.conf;
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}
server {
server_name academia.chorke.org;
if ($host = academia.chorke.org) {
return 301 https://$host$request_uri;
}
listen 80;
return 404;
}
EOF
ln -s /etc/nginx/sites-available/academia.chorke.org\
/etc/nginx/sites-enabled/academia.chorke.org
|
Reverse Proxy
|
Reverse Proxy | |
|---|---|
| Reverse Proxy » MinIO | |
MINIO_OPTS="--address :9800 --console-address :9801"
MINIO_VOLUMES="/home/minio/.minio/data"
MINIO_ROOT_USER=admin
MINIO_ROOT_PASSWORD=academia
MINIO_CONFIG_ENV_FILE=/etc/default/minio
MINIO_BROWSER_REDIRECT_URL="http://academia.chorke.org/minio/"
location /minio/ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_buffering on;
proxy_buffer_size 8k;
proxy_buffers 2048 8k;
proxy_redirect off;
proxy_pass http://127.0.0.1:9801/;
}
|
|
| Reverse Proxy » ROR | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header Host $http_host;
proxy_redirect off;
location / {
proxy_pass http://127.0.0.1:3001;
}
location /api {
proxy_pass http://127.0.0.1:3002;
}
|
|
Knowledge
|
Knowledge | ||
|---|---|---|
ufw status
netstat -a
netstat -lpn
apt install ufw
apt install nmap
|
sudo ss -tulwn | grep LISTEN
sudo ss -tulpn | grep LISTEN
sudo ss -tulpn | grep LISTEN | grep sshd
sudo ss -tulpn | grep LISTEN | grep minio
sudo ss -tulpn | grep LISTEN | grep resolve
|
sudo ufw status
sudo ufw app list
sudo ufw allow 'Nginx HTTP'
sudo ss -tulpn | grep LISTEN
sudo lsof -i -P -n | grep LISTEN
|
apt install telnet apt list --installed netstat -uap|grep nginx |
||
References
|
References | ||
|---|---|---|