Welcome to Centmin Mod Community
Become a Member

Centmin Mod Questions/feedback

Discussion in 'Centmin Mod Insights' started by tjk, Jun 8, 2016.

  1. tjk

    tjk Member

    76
    16
    8
    Jun 27, 2015
    Ratings:
    +27
    Local Time:
    6:31 PM
    Hey @eva2000, just some general questions and feedback from using Centmin Mod for the last 2 days, as I said been a LEMP person for a bit, but finally bit the bullet and trying Centos and Centmin Mod out.

    1. Why two domain.com.conf files for nginx? Couldn't you create just one and have the user enable an include if they were going to do SSL? A bit confusing initially, which one should I modify, etc.

    2. Should an admin be modifying the nginx domain.com.conf files directly or should we put our changes in an include? I don't know if you overwrite the domain.com.conf files at all during upgrades/re-installs/etc, which leads to #2a.

    2a. I'm not sure if you update/change the domain.com.conf file with new releases/tweaks/improvements overtime, and if you don't, how does one take advantage of those since you aren't updating them? Hence it should be one of those files that takes just the required changes and end user changes are incorporated via includes.

    3. On the domain.com.conf non SSL version, you use reuseport, on the SSL one, you don't, why is that?

    4. Maybe it exists and I haven't seen it, but it would be nice to have a page somewhere on the site that says "these are your config files and the path's to them, these files WILL BE overwritten on upgrades/recompiles so do not edit them directly, and these files WILL NOT be overwritten, feel free to add your changes here.

    And some feedback, it would be cool to see the docs in one place like a wiki instead of spread out over multiple forum posts and such, sort of like the OLS folks are doing at OpenLiteSpeed


    Keep up the great work btw, happy so far with what I've seen, just a bit of a learning curve tracking where everything is, all the includes, and different directories, bouncing between forum posts, etc, again not a bad thing, just having to retrain this old dog on new stuff! :)
     
  2. eva2000

    eva2000 Administrator Staff Member

    50,922
    11,805
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,263
    Local Time:
    9:31 AM
    Nginx 1.25.x
    MariaDB 10.x
    Because not all folks use exclusively http or https, so if they answer yes to self-signed ssl or letsencrypt ssl in future, i can auto create and it up on the domain.com.ssl.conf version at initial vhost creation time which allows end user to decide if they want to use http only or https only or http to https redirect themselves. Some folks also start with http first then switch to https and are confused with the https vhost structure and setup. If you have both http and https vhost files separate then can clearly see what is needed for https version if they want to switch.

    The official site docs is where i'd point folks switching to https at Nginx Vhost & NSD DNS Setup - CentminMod.com LEMP Nginx web stack for CentOS from http. Official site also has a vhost generator at Generate Centmin Mod Nginx Vhost - CentminMod.com LEMP Nginx web stack for CentOS based on 123.08stable structure if folks want to re-create their vhosts after customising and want to revert.

    either if fine and up to your comfortable levels, I use include files myself where possible. I don't touch the nginx vhost domain.com.conf/domain.com.ssl.conf vhost files once they're created so future Centmin Mod updates generally don't mess with existing site nginx vhost config files with the exception of the vhost config file's include files - i.e. in future additional include files maybe added for other extended futures, and generally that is just via sed replacements to minimize the impact to existing nginx vhost config files folks have customised.

    touched on that with previous answer - generally I don't touch the vhosts besides maybe future additional include files then get appended to existing ones like:
    Code (Text):
    include /usr/local/nginx/conf/staticfiles.conf;
    include /usr/local/nginx/conf/include_opcache.conf;
    include /usr/local/nginx/conf/php.conf;
    #include /usr/local/nginx/conf/phpstatus.conf;
    include /usr/local/nginx/conf/drop.conf;    
    #include /usr/local/nginx/conf/errorpage.conf;    
    

    if it's stable release changes, i'd update my nginx vhost generator at Generate Centmin Mod Nginx Vhost - CentminMod.com LEMP Nginx web stack for CentOS with the new templates as well so folks can re-generate their own domain nginx vhost's template and compare with what they have customised and make appropriate additions to sync up with latest stable release changes if they want. I generally don't mess with existing vhosts much after they're created though.

    reuseport is per listen ip address and used once. So if both http and https site are on same server ip, only one instance of reuseport on listen line is allowed. If http and https sites server {} listen line was on separate IP addresses, then you can use reuseport on both. Centmin Mod detects if your server kernel supports reuseport option and adds it to main hostname's /usr/local/nginx/conf/conf.d/virtual.conf vhost file's listen line. That will cover every domain that is served on the same IP as the main hostname. Usually 99.9999% of the time, the server has the same single IP address from my experience.

    if you try adding reuseport to another vhost file other than virtual.conf on the same IP address, an nginx restart will give you an error like
    Code (Text):
    nginx -t
    nginx: [emerg] duplicate listen options for 0.0.0.0:80 in /usr/local/nginx/conf/conf.d/virtual.conf:3
    nginx: configuration file /usr/local/nginx/conf/nginx.conf test failed
    


    official site has that at Centmin Mod Configuration Files - CentminMod.com LEMP Nginx web stack for CentOS :)

    Mainly official site is where docs are CentminMod.com LEMP Fully Optimized Nginx web stack for CentOS for stable release and forums' info evolve from beta releases. Then once betas becomes stable, official site docs get updated with latest info. Then the cycle repeats. The forum's info evolves much quicker than having to update the site every few minutes :) Wiki like the site is too static in nature to keep up with how fast things can change on a forum discussion based on feedback from members and users :)

    Thanks - I do what i can as I only work on Centmin Mod in my spare time and I am only one guy :)

    Practice is the key, test VPS or local virtualbox/vmware server testing of Centmin Mod can get you up to speed and more comfortable for live production use :)
     
    Last edited: Jun 8, 2016
  3. eva2000

    eva2000 Administrator Staff Member

    50,922
    11,805
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,263
    Local Time:
    9:31 AM
    Nginx 1.25.x
    MariaDB 10.x
  4. tjk

    tjk Member

    76
    16
    8
    Jun 27, 2015
    Ratings:
    +27
    Local Time:
    6:31 PM
    I see now, you enable it on virtual.conf, and if we "disable" domain.com.conf and use domain.com.ssl.conf we don't need to enable it there again, as long as we use the same IP binding.

    And I'm very appreciative of that!
     
  5. eva2000

    eva2000 Administrator Staff Member

    50,922
    11,805
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +18,263
    Local Time:
    9:31 AM
    Nginx 1.25.x
    MariaDB 10.x
    yup :)