Learn about Centmin Mod LEMP Stack today
Register Now

Nginx Nginx configuration

Discussion in 'Nginx, PHP-FPM & MariaDB MySQL' started by VovaZ, Dec 2, 2019 at 2:27 AM.

  1. VovaZ

    VovaZ New Member

    20
    1
    3
    Jun 6, 2019
    Russia
    Ratings:
    +3
    Local Time:
    9:34 AM
    1.17.x
    MariaDB 10.4.x
    Please fill in any relevant information that applies to you:
    • CentOS Version: CentOS 7 64bit ?
    • Centmin Mod Version Installed: 123.09beta01
    • Nginx Version Installed: 1.17.6
    • PHP Version Installed: PHP 7.3.11 (cli)
    • MariaDB MySQL Version Installed: mysql Ver 15.1 Distrib 10.4.10-MariaDB
    • When was last time updated Centmin Mod code base ? : yesterday
    • Persistent Config: Do you have any persistent config file options set in /etc/centminmod/custom_config.inc ? You can check via this command:
      Code (Text):
      # cat /etc/centminmod/custom_config.inc
      LETSENCRYPT_DETECT='y'
      DUALCERTS=’y’
      WP_FASTCGI_CACHE='y'
      ENABLE_MARIADBTENTWOUPGRADE='y'
      ENABLE_MARIADBTENTHREEUPGRADE='y'
      ENABLE_MARIADBTENFOURUPGRADE='y'
       

      Tell me, please. Need to mirror the site. How it is more correct to make and easier? To write to nginx.conf site.1 and site.2? Will they receive a Let's Encrypt certificate after editing?

     
    Last edited: Dec 2, 2019 at 2:32 AM
  2. VovaZ

    VovaZ New Member

    20
    1
    3
    Jun 6, 2019
    Russia
    Ratings:
    +3
    Local Time:
    9:34 AM
    1.17.x
    MariaDB 10.4.x
    Maybe make a new vhost site.2 and with him to do redirection on site.1, in order for The let's Encrypt certificate to be issued automatically for the site.2?:
     
  3. eva2000

    eva2000 Administrator Staff Member

    42,269
    9,550
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,708
    Local Time:
    4:34 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    1. You mean you want a site with 2 different domains to display same mirrored content on same centmin mod server or different centmin mod server ? as in domain1.com and domain2.com both mirror same content but on different centmin mod servers or same centmin mod servers ?
    2. So both domain1.com and domain2.com point to same set of files and database ?
    3. Have you actually created both sites yet or going to later ? If you have not create either domain, then manual method 1 outlined might work for you.

    If on same centmin mod server, then it's matter of parking a domain as a domain alias to the original domain site.

    You currently can't automate parking one HTTPS SSL cert enabled domain (yourparkeddomain.com) on top of another HTTPS SSL cert enabled domain (domain.com) as you need for each domain to have it's own SSL certificate reference and Centmin Mod 123.09beta01 can only do one domain Letsencrypt SSL certificate issuance per centmin.sh menu option 2, 22 or nv command runs. See below instructions for Parked HTTPS SSL Domains.

    Parked HTTPS SSL Domains



    Parked domains meaning different domains and/or subdomains all point to same IP address and site content when accessed in a web browser. These methods outlined below are NOT for multiple domains pointing to different site/content.

    As there's no way to automate such you have 2 manual methods available

    Manual Method 1 - Do manual Nginx vhost creation via the underlying acme.sh client. If you have not yet created any of the intended domains/nginx vhosts, you can use addons/acmetool.sh directly via SANS Multi-Domain SSL Certificates method. Otherwise, if some or all intended domains/nginx vhosts have already been created then use manual method as discussed in steps in this post here and here.

    Manual Method 2 - create a domain Nginx HTTPS vhost site for each domain.

    It would be a manual process which involves creating the parked domain's own Nginx HTTPS SSL cert enabled vhost via centmin.sh menu option 2 or nv command and setting it up with valid working DNS A records for domain's www and non-www versions if main domain or DNS A for subdomain and ensure it's working and select letsencrypt option with live default HTTPS SSL cert and then editing it's nginx config file at /usr/local/nginx/conf/conf.d/yourparkeddomain.com.ssl.conf and then just changing root path to your origin domain's root

    in /usr/local/nginx/conf/conf.d/yourparkeddomain.com.ssl.conf change it's default public web root path from
    Code (Text):
    root /home/nginx/domains/yourparkeddomain.com/public

    to
    Code (Text):
    root /home/nginx/domains/domain.com/public

    which now matches the public web root for domain.com nginx vhost listed in domain.com nginx vhost config file at /usr/local/nginx/conf/conf.d/domain.com.ssl.conf

    now both yourparkeddomain.com and domain.com public web root paths point to /home/nginx/domains/domain.com/public so access via the domains will serve files located in /home/nginx/domains/domain.com/public. It does mean that any configurations you manually setup in /usr/local/nginx/conf/conf.d/domain.com.ssl.conf need to be replicated in /usr/local/nginx/conf/conf.d/yourparkeddomain.com.ssl.conf.

    you can use common include file templates you set to make it easier i.e. if in both /usr/local/nginx/conf/conf.d/yourparkeddomain.com.ssl.conf and /usr/local/nginx/conf/conf.d/domain.com.ssl.conf you have a custom location content like
    Code (Text):
    location /test {
      include /usr/local/nginx/conf/php.conf;
      try_files $uri $uri/ /index.php
    }

    you could place that location /test context into a custom template file you create at /home/nginx/domains/domain.com/common_includes.conf and reference it in both /usr/local/nginx/conf/conf.d/yourparkeddomain.com.ssl.conf and /usr/local/nginx/conf/conf.d/domain.com.ssl.conf as
    Code (Text):
    include /home/nginx/domains/domain.com/common_includes.conf;

    Final note in origin domain's nginx vhost at /usr/local/nginx/conf/conf.d/domain.com.ssl.conf also add canonical header to ensure search engines visiting domain.com know content is originally at domain.com to prevent search engines from flagging yourparkeddomain.com content as duplicated content.
    Code (Text):
    add_header Link "<http://domain.com$request_uri>; rel=\"canonical\"";
    

    i.e. placing the header just below existing add_header entries in default nginx vhost config for HTTPS SSL domains
    Code (Text):
      # before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts
      #add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;";
      #add_header X-Frame-Options SAMEORIGIN;
      add_header X-Xss-Protection "1; mode=block" always;
      add_header X-Content-Type-Options "nosniff" always;
      #add_header Referrer-Policy "strict-origin-when-cross-origin";
      add_header Link "<http://domain.com$request_uri>; rel=\"canonical\"";
    

    then restart nginx and php-fpm services
    Code (Text):
    nprestart

    To confirm just run curl command in SSH against your domain i.e. curl headers and grep filter for word canonical
    Code (Text):
    curl -sI https://domain.com | grep canonical
    

    output would be something like
    Code (Text):
    curl -sI https://domain.com | grep canonical
    Link: <http://domain.com/>; rel="canonical"
    
     
    • Informative Informative x 1
  4. VovaZ

    VovaZ New Member

    20
    1
    3
    Jun 6, 2019
    Russia
    Ratings:
    +3
    Local Time:
    9:34 AM
    1.17.x
    MariaDB 10.4.x
    I want a site with 2 different domains to display the same mirrored content on the same centmin mod server. Site.1 i have already created menu item 22 with let's Encrypt certificate. Site.1-works. Now you can not do through the menu item 2 site.2, then in /usr/local/nginx/conf/conf.d/site.2.ssl.conf change to
    Code (Text):
    root /home/nginx/domains/site.1/public
    ?
    Do I need to do as in manual method 2?
    Thanks for your help!
     
    Last edited: Dec 3, 2019 at 12:07 AM
  5. eva2000

    eva2000 Administrator Staff Member

    42,269
    9,550
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,708
    Local Time:
    4:34 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    Manual method 2 outlined above usually would work for non-wordpress sites. But wordpress is different it is usually configured to respond to the domain it's installed. So setting up site2 with root path change usually won't work. I've never tried multi domains on same wordpress instance myself so not entirely sure and can't really advise you. Just googled and there's wordpress plugins like Multiple Domain Mapping on Single Site so that along with manual method 2 MAY work - no guarantees and probably need to ask on https://wordpress.stackexchange.com/.

    Do you want both site1 and site2 domains to be browseable by visitors with respective site1 and site2 domain shown in browser url bar ? or just need for site2 to redirect to site1 when visitors visit site2 ?
     
  6. VovaZ

    VovaZ New Member

    20
    1
    3
    Jun 6, 2019
    Russia
    Ratings:
    +3
    Local Time:
    9:34 AM
    1.17.x
    MariaDB 10.4.x
    Yes, i want both site1 and site2 domains to be viewable by visitors with the corresponding site1 and site2 domain shown in the browser url bar. If it is difficult to do so, you just need to redirect site2 to site1 when visitors visit site2..
     
  7. eva2000

    eva2000 Administrator Staff Member

    42,269
    9,550
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,708
    Local Time:
    4:34 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    then try manual method 2 and search wordpress plugin directory and try different multiple domain mapping to single wp domain plugins and see which works best for you
     
  8. eva2000

    eva2000 Administrator Staff Member

    42,269
    9,550
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,708
    Local Time:
    4:34 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    However, note Google will consider it duplicate content and penalize you in search engines. So not sure you'd want to that unless you use canonical headers which can be added by nginx level or maybe some wordpress plugins for multiple domains will do that automatically ? not sure. You'd have to try yourself.
     
  9. VovaZ

    VovaZ New Member

    20
    1
    3
    Jun 6, 2019
    Russia
    Ratings:
    +3
    Local Time:
    9:34 AM
    1.17.x
    MariaDB 10.4.x
    I found the AA-DomainMirror plugin - link(rus). Now you need to create a domain mirror (also called an alias or alias).
    If you do a redirect from site2 to site1 c wordpress, suitable creation through the item centminmod menu 2 and editing vhost.conf site2 to redirect to site1?
    Thanks for your help!
     
  10. eva2000

    eva2000 Administrator Staff Member

    42,269
    9,550
    113
    May 24, 2014
    Brisbane, Australia
    Ratings:
    +14,708
    Local Time:
    4:34 PM
    Nginx 1.17.x
    MariaDB 5.5/10.x
    should be fine if you do a redirect but if that is the case, then you can do domain redirects at DNS level without needing nginx site2 domain vhost/site. Use cloudflare and DNS and pagerule to redirect site2 domain to site1.

    see https://support.cloudflare.com/hc/e...rding-or-redirects-with-Cloudflare-Page-Rules