NGINX Rules

Hello,

I have a question relating to nginx rules as they are more complicated than what we are using to with nginx directly.

I've installed a custom php script and need to add a few rules for it to work.

---

This is my current domain conf file: (/usr/local/nginx/conf/conf.d/somedomain.com.conf)

Code:

# Centmin Mod Getting Started Guide
# must read http://centminmod.com/getstarted.html

# redirect from non-www to www
# uncomment, save file and restart Nginx to enable
# if unsure use return 302 before using return 301
#server {
#            listen   80;
#            server_name somedomain.com;
#            return 301 $scheme://www.somedomain.com$request_uri;
#       }

server {
  server_name somedomain.com www.somedomain.com;

# ngx_pagespeed & ngx_pagespeed handler
#include /usr/local/nginx/conf/pagespeed.conf;
#include /usr/local/nginx/conf/pagespeedhandler.conf;
#include /usr/local/nginx/conf/pagespeedstatslog.conf;

  # limit_conn limit_per_ip 16;
  # ssi  on;

  access_log /home/nginx/domains/somedomain.com/log/access.log combined buffer=256k flush=60m;
  error_log /home/nginx/domains/somedomain.com/log/error.log;

  root /home/nginx/domains/somedomain.com/public;

  # prevent access to ./directories and files
  location ~ (?:^|/)\. {
   deny all;
  }

  location / {

# block common exploits, sql injections etc
#include /usr/local/nginx/conf/block.conf;

  # Enables directory listings when index file not found
  #autoindex  on;

  # Shows file listing times as local time
  #autoindex_localtime on;

  # Enable for vBulletin usage WITHOUT vbSEO installed
  # More example Nginx vhost configurations at
  # http://centminmod.com/nginx_configure.html
  #try_files            $uri $uri/ /index.php;

  }

  include /usr/local/nginx/conf/staticfiles.conf;
  include /usr/local/nginx/conf/php.conf;
  include /usr/local/nginx/conf/drop.conf;
  #include /usr/local/nginx/conf/errorpage.conf;
  include /usr/local/nginx/conf/vts_server.conf;
}

and what i need to add in is this:

Code:

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    location ~ \.php$ {
        if (!-e $request_filename) { rewrite ^/(.*) /index.php?_page_url=$1 last; }
    }

    location / {
        if (!-e $request_filename) {
            rewrite ^/(.*) /index.php?_page_url=$1 last;
        }
    }

    location /files/ {
        internal;
    }

    # these locations would be hidden by .htaccess normally
    location /core/logs/ {
        deny all;
    }

I have tried everything and it doesnt work, either nginx check conf says its all ok and starts but no joy or it fails and nginx errors out.

thanks for your help in advance

 

Thanks @eva2000 for the unbelievably comprehensive post, i'll try it out and post my results.

The webapp is yetishare, it's basically a file sharing script.

 

I don't get it, i literally followed your guide to the t and still no joy, not sure what's wrong.

nginx -t says all conf is ok however any pages that go through the index through a rewrite won't work so in essence this rule is not being applied for some reason:
if (!-e $request_filename) { rewrite ^/(.*) /index.php?_page_url=$1 last; }

this is my /usr/local/nginx/conf/conf.d/somedomain.com.conf

Code:

# Centmin Mod Getting Started Guide
# must read http://centminmod.com/getstarted.html

# redirect from non-www to www
# uncomment, save file and restart Nginx to enable
# if unsure use return 302 before using return 301
#server {
#            listen   80;
#            server_name somedomain.com;
#            return 301 $scheme://www.somedomain.com$request_uri;
#       }

server {
  server_name somedomain.com www.somedomain.com;

# ngx_pagespeed & ngx_pagespeed handler
#include /usr/local/nginx/conf/pagespeed.conf;
#include /usr/local/nginx/conf/pagespeedhandler.conf;
#include /usr/local/nginx/conf/pagespeedstatslog.conf;

  # limit_conn limit_per_ip 16;
  # ssi  on;

  access_log /home/nginx/domains/somedomain.com/log/access.log combined buffer=256k flush=60m;
  error_log /home/nginx/domains/somedomain.com/log/error.log;

  root /home/nginx/domains/somedomain.com/public;

  # prevent access to ./directories and files
  location ~ (?:^|/)\. {
   deny all;
  }

  location / {

if (!-e $request_filename) {
            rewrite ^/(.*) /index.php?_page_url=$1 last;
        }

# block common exploits, sql injections etc
#include /usr/local/nginx/conf/block.conf;

  # Enables directory listings when index file not found
  #autoindex  on;

  # Shows file listing times as local time
  #autoindex_localtime on;

  # Enable for vBulletin usage WITHOUT vbSEO installed
  # More example Nginx vhost configurations at
  # http://centminmod.com/nginx_configure.html
  #try_files            $uri $uri/ /index.php;

  }


location /files/ {
        internal;
    }

    # these locations would be hidden by .htaccess normally
    location /core/logs/ {
        deny all;
    }


  include /usr/local/nginx/conf/staticfiles.conf;
  #include /usr/local/nginx/conf/php.conf;
   include /usr/local/nginx/conf/php_somedomain.com.conf;
  include /usr/local/nginx/conf/drop.conf;
  #include /usr/local/nginx/conf/errorpage.conf;
  include /usr/local/nginx/conf/vts_server.conf;
}

and this is /usr/local/nginx/conf/php_somedomain.com.conf

Code:

location ~ [^/]\.php(/|$) {
    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
   #if (!-f $document_root$fastcgi_script_name) {
    #    return 404;
    #}
if (!-e $request_filename) { rewrite ^/(.*) /index.php?_page_url=$1 last; }

    fastcgi_pass   127.0.0.1:9000;
    #fastcgi_pass   unix:/tmp/php5-fpm.sock;
    fastcgi_index  index.php;
    fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    #fastcgi_param  SCRIPT_FILENAME    $request_filename;
    #fastcgi_param PHP_ADMIN_VALUE open_basedir=$document_root/:/usr/local/lib/php/:/tmp/;

# might shave 200+ ms off PHP requests
# which don't pass on a content length header
# slightly faster page response time at the
# expense of throughput / scalability
sendfile on;
#tcp_nopush off;
#keepalive_requests 0;

fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 512k;
fastcgi_buffers 512 16k;
fastcgi_busy_buffers_size 1m;
fastcgi_temp_file_write_size 4m;
fastcgi_max_temp_file_size 4m;
fastcgi_intercept_errors on;

# next 3 lines when uncommented / enabled
# allow Nginx to handle uploads which then
# passes back the completed upload to PHP
#fastcgi_pass_request_body off;
#client_body_in_file_only clean;
#fastcgi_param  REQUEST_BODY_FILE  $request_body_file;

#new .04+ map method
fastcgi_param HTTPS $server_https;

# comment out PATH_TRANSLATED line if /usr/local/lib/php.ini sets following:
# cgi.fix_pathinfo=0
# as of centminmod v1.2.3-eva2000.01 default is set to cgi.fix_pathinfo=1

fastcgi_param  PATH_INFO          $fastcgi_path_info;
fastcgi_param  PATH_TRANSLATED    $document_root$fastcgi_path_info;

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REQUEST_SCHEME     $scheme;
fastcgi_param  HTTPS              $https if_not_empty;
fastcgi_param  HTTP_PROXY         "";

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# Set php-fpm geoip variables
fastcgi_param GEOIP_COUNTRY_CODE $geoip_country_code;
fastcgi_param GEOIP_COUNTRY_CODE3 $geoip_country_code3;
fastcgi_param GEOIP_COUNTRY_NAME $geoip_country_name;
fastcgi_param GEOIP_CITY_COUNTRY_CODE $geoip_city_country_code;
fastcgi_param GEOIP_CITY_COUNTRY_CODE3 $geoip_city_country_code3;
fastcgi_param GEOIP_CITY_COUNTRY_NAME $geoip_city_country_name;
fastcgi_param GEOIP_REGION $geoip_region;
fastcgi_param GEOIP_CITY $geoip_city;
fastcgi_param GEOIP_POSTAL_CODE $geoip_postal_code;
fastcgi_param GEOIP_CITY_CONTINENT_CODE $geoip_city_continent_code;
fastcgi_param GEOIP_LATITUDE $geoip_latitude;
fastcgi_param GEOIP_LONGITUDE $geoip_longitude;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

                   }

 

thanks @eva2000, I'll give that a shot, I hate nginx with a passion, unfortunately, it' a better fit for what I intend to build. I'm fairly convinced the original developer of nginx built it to screw over the world.

 

fair enough @pamamolf, but c'mon there's hundreds of better ways to deal with conf files vs the current method, no one wants to deal with include city, maybe i should rent the nasa control room so i can use all their screens