summaryrefslogtreecommitdiff
path: root/blog/dst/a/website_with_nginx.html
diff options
context:
space:
mode:
Diffstat (limited to 'blog/dst/a/website_with_nginx.html')
-rw-r--r--blog/dst/a/website_with_nginx.html49
1 files changed, 28 insertions, 21 deletions
diff --git a/blog/dst/a/website_with_nginx.html b/blog/dst/a/website_with_nginx.html
index 7e5bd99..caf756f 100644
--- a/blog/dst/a/website_with_nginx.html
+++ b/blog/dst/a/website_with_nginx.html
@@ -95,14 +95,18 @@
</li>
</ul>
<h2 id="nginx">Nginx</h2>
+<p><a href="https://wiki.archlinux.org/title/Nginx">Nginx</a> is a web (HTTP) server and reverse proxy server.</p>
<p>You have two options: <code>nginx</code> and <code>nginx-mainline</code>. I prefer <code>nginx-mainline</code> because it&rsquo;s the &ldquo;up to date&rdquo; package even though <code>nginx</code> is labeled to be the &ldquo;stable&rdquo; version. Install the package and enable/start the service:</p>
<pre><code class="language-sh">pacman -S nginx-mainline
systemctl enable nginx.service
systemctl start nginx.service
</code></pre>
-<p>And that&rsquo;s it, at this point you can already look at the default initial page of nginx if you enter the ip of your server in a web browser. You should see something like this:</p>
-<p><img alt="Nginx welcome page" src="images/b/notes/nginx/nginx_welcome_page.png"></p>
-<p>As stated in the welcome page, configuration is needed, head to the directory of nginx:</p>
+<p>And that&rsquo;s it, at this point you can already look at the default initial page of Nginx if you enter the IP of your server in a web browser. You should see something like this:</p>
+<figure id="__yafg-figure-1">
+<img alt="Nginx welcome page" src="images/b/notes/nginx/nginx_welcome_page.png" title="Nginx welcome page">
+<figcaption>Nginx welcome page</figcaption>
+</figure>
+<p>As stated in the welcome page, configuration is needed, head to the directory of Nginx:</p>
<pre><code class="language-sh">cd /etc/nginx
</code></pre>
<p>Here you have several files, the important one is <code>nginx.conf</code>, which as its name implies, contains general configuration of the web server. If you peek into the file, you will see that it contains around 120 lines, most of which are commented out and contains the welcome page server block. While you can configure a website in this file, it&rsquo;s common practice to do it on a separate file (so you can scale really easily if needed for mor websites or sub-domains).</p>
@@ -125,7 +129,7 @@ http {
types_hash_max_size 4096;
}
</code></pre>
-<p>Next, inside the directory <code>/etc/nginx/</code> create the <code>sites-available</code> and <code>sites-enabled</code>, and go into the <code>sites-available</code> one:</p>
+<p>Next, inside the directory <code>/etc/nginx/</code> create the <code>sites-available</code> and <code>sites-enabled</code> directories, and go into the <code>sites-available</code> one:</p>
<pre><code class="language-sh">mkdir sites-available
mkdir sites-enabled
cd sites-available
@@ -144,28 +148,32 @@ cd sites-available
}
}
</code></pre>
-<p>Note several things:</p>
+<p>That could serve as a template if you intend to add more domains.</p>
+<p>Note some things:</p>
<ul>
-<li><code>listen</code>: we&rsquo;re telling nginx which port to listen to (ipv4 and ipv6, respectively).</li>
+<li><code>listen</code>: we&rsquo;re telling Nginx which port to listen to (IPv4 and IPv6, respectively).</li>
<li><code>root</code>: the root directory of where the website files (<code>.html</code>, <code>.css</code>, <code>.js</code>, etc. files) are located. I followed Luke&rsquo;s directory path <code>/var/www/some_folder</code>.</li>
-<li><code>server_name</code>: the actual domain to &ldquo;listen&rdquo; to (for my website it is: <code>server_name luevano.xyz www.luevano.xyz</code>; and for this blog is: <code>server_name blog.luevano.xyz www.blog.luevano.xyz</code>).</li>
+<li><code>server_name</code>: the actual domain to &ldquo;listen&rdquo; to (for my website it is: <code>server_name luevano.xyz www.luevano.xyz;</code> and for this blog is: <code>server_name blog.luevano.xyz www.blog.luevano.xyz;</code>).</li>
<li><code>index</code>: what file to serve as the index (could be any <code>.html</code>, <code>.htm</code>, <code>.php</code>, etc. file) when just entering the website.</li>
-<li><code>location</code>: used in case of different configurations across different URL paths.<ul>
-<li><code>try_files</code>: tells what files to look for, don&rsquo;t look into this too much for now.</li>
+<li><code>location</code>: what goes after <code>domain.name</code>, used in case of different configurations depending on the URL paths (deny access on <code>/private</code>, make a proxy on <code>/proxy</code>, etc).<ul>
+<li><code>try_files</code>: tells what files to look for.</li>
</ul>
</li>
</ul>
-<p>Then, make a symbolic from this config file to the <code>sites-enabled</code> directory:</p>
+<p>Then, make a symbolic link from this configuration file to the <code>sites-enabled</code> directory:</p>
<pre><code class="language-sh">ln -s /etc/nginx/sites-available/your_config_file.conf /etc/nginx/sites-enabled
</code></pre>
-<p>This is so the <code>nginx.conf</code> file can look up the newly created server config. With this method of having each server configuration file separate you can easily &ldquo;deactivate&rdquo; any website by just deleting the symbolic link in <code>sites-enabled</code> and you&rsquo;re good, or just add new configuration files and keep everything nice and tidy.</p>
-<p>All you have to do now is restart (or enable and start if you haven&rsquo;t already) the nginx service (and optionally test the configuration):</p>
+<p>This is so the <code>nginx.conf</code> file can look up the newly created server configuration. With this method of having each server configuration file separate you can easily &ldquo;deactivate&rdquo; any website by just deleting the symbolic link in <code>sites-enabled</code> and you&rsquo;re good, or just add new configuration files and keep everything nice and tidy.</p>
+<p>All you have to do now is restart (or enable and start if you haven&rsquo;t already) the Nginx service (and optionally test the configuration):</p>
<pre><code class="language-sh">nginx -t
systemctl restart nginx
</code></pre>
-<p>If everything goes correctly, you can now go to your website by typing &ldquo;domain.name&rdquo; on a web browser. But you will see a &ldquo;404 Not Found&rdquo; page like the following (maybe with different nginx version):</p>
-<p><img alt="Nginx 404 page" src="images/b/notes/nginx/nginx_404_page.png"></p>
-<p>That&rsquo;s no problem, because it means that the web server it&rsquo;s actually working. Just add an <code>index.html</code> file with something simple to see it in action. If you keep seeing the 404 page make sure your <code>root</code> line is correct and that the directory/index file exists.</p>
+<p>If everything goes correctly, you can now go to your website by typing <code>domain.name</code> on a web browser. But you will see a &ldquo;404 Not Found&rdquo; page like the following (maybe with different Nginx version):</p>
+<figure id="__yafg-figure-2">
+<img alt="Nginx 404 Not Found page" src="images/b/notes/nginx/nginx_404_page.png" title="Nginx 404 Not Found page">
+<figcaption>Nginx 404 Not Found page</figcaption>
+</figure>
+<p>That&rsquo;s no problem, because it means that the web server it&rsquo;s actually working. Just add an <code>index.html</code> file with something simple to see it in action (in the <code>/var/www/some_folder</code> that you decided upon). If you keep seeing the 404 page make sure your <code>root</code> line is correct and that the directory/index file exists.</p>
<p>I like to remove the <code>.html</code> and trailing <code>/</code> on the URLs of my website, for that you need to add the following <code>rewrite</code> lines and modify the <code>try_files</code> line (for more: <a href="https://www.seancdavis.com/blog/remove-html-extension-and-trailing-slash-in-nginx-config/">Sean C. Davis: Remove HTML Extension And Trailing Slash In Nginx Config</a>):</p>
<pre><code class="language-nginx">server {
...
@@ -175,27 +183,26 @@ systemctl restart nginx
try_files $uri/index.html $uri.html $uri/ $uri =404;
...
</code></pre>
-<p>For more: <a href="https://wiki.archlinux.org/index.php/nginx">Arch Linux Wiki: nginx</a>.</p>
<h2 id="certbot">Certbot</h2>
-<p>The only &ldquo;bad&rdquo; (bloated) thing about certbot, is that it uses <code>python</code>, but for me it doesn&rsquo;t matter too much. You may want to look up another alternative if you prefer. Install the packages <code>certbot</code> and <code>certbot-nginx</code>:</p>
+<p><a href="https://wiki.archlinux.org/title/Certbot">Certbot</a> is what provides the SSL certificates via <a href="https://letsencrypt.org/">Let&rsquo;s Encrypt</a>.</p>
+<p>The only &ldquo;bad&rdquo; (bloated) thing about Certbot, is that it uses <code>python</code>, but for me it doesn&rsquo;t matter too much. You may want to look up another alternative if you prefer. Install the packages <code>certbot</code> and <code>certbot-nginx</code>:</p>
<pre><code class="language-sh">pacman -S certbot certbot-nginx
</code></pre>
<p>After that, all you have to do now is run <code>certbot</code> and follow the instructions given by the tool:</p>
<pre><code class="language-sh">certbot --nginx
</code></pre>
-<p>It will ask you for some information, for you to accept some agreements and the names to activate https for. Also, you will want to &ldquo;say yes&rdquo; to the redirection from http to https. And that&rsquo;s it, you can now go to your website and see that you have https active.</p>
+<p>It will ask you for some information, for you to accept some agreements and the names to activate HTTPS for. Also, you will want to &ldquo;say yes&rdquo; to the redirection from HTTP to HTTPS. And that&rsquo;s it, you can now go to your website and see that you have HTTPS active.</p>
<p>Now, the certificate given by <code>certbot</code> expires every 3 months or something like that, so you want to renew this certificate every once in a while. Using <code>cron</code>, you can do this by running:</p>
<pre><code class="language-sh">crontab -e
</code></pre>
-<p>And a file will be opened where you need to add a new rule for certbot, just append the line: <code>1 1 1 * * certbot renew</code> (renew on the first day of every month) and you&rsquo;re good. Alternatively use <code>systemd</code> timers as stated in the <a href="https://wiki.archlinux.org/index.php/Certbot#Automatic_renewal">Arch Linux Wiki</a>.</p>
-<p>For more: <a href="https://wiki.archlinux.org/index.php/Certbot">Arch Linux Wiki: Certbot</a>.</p>
+<p>And a file will be opened where you need to add a new rule for Certbot, just append the line: <code>1 1 1 * * certbot renew</code> (renew on the first day of every month) and you&rsquo;re good. Alternatively use <code>systemd</code> timers as stated in the <a href="https://wiki.archlinux.org/title/Certbot#Automatic_renewal">Arch Linux Wiki</a>.</p>
<p>That&rsquo;s it, you now have a website with SSL certificate.</p>
<hr>
<div class="article-info">
<p>By David Luévano</p>
<p>Created: Fri, Mar 19, 2021 @ 02:58 UTC</p>
- <p>Modified: Sun, Jun 06, 2021 @ 00:23 UTC</p>
+ <p>Modified: Tue, Jun 08, 2021 @ 06:11 UTC</p>
<div class="article-tags">
<p>Tags:
<a href="https://blog.luevano.xyz/tag/@english.html">english</a>, <a href="https://blog.luevano.xyz/tag/@server.html">server</a>, <a href="https://blog.luevano.xyz/tag/@tools.html">tools</a>, <a href="https://blog.luevano.xyz/tag/@tutorial.html">tutorial</a> </p>