Loading...
Latest news
HTTP2 Support and Install – Part 2
HTTP2 Support and Install – Part 1
Goaccess
CMS Master Slave Rules
Apache 2.4 with PHP-FPM
Real Time Concepts

Nginx and lsyncd proxy_pass

Laxman -

We create three `server` blocks:

  1. One to redirect http to https
  2. One to decide if requests should go to web1 or be served locally
  3. One to serve local wordpress
nginx slave config

# Upstream to abstract backend connection(s) for php
upstream php {
server unix:/var/run/php-fpm/www.sock;
}

# This server block just redirects everyone to https
server {
server_name matthew.mdamp.com;
return 301 https://$host$request_uri;
}

# This map directs us which backend to use
map “METHOD: $request_method URI: $request_uri” $backend {
default https://127.0.0.1:444;
“~^METHOD: POST ” https://web1;
“~URI: [^ ]+/(wp-admin/|wp-login.php)” https://web1;
}

# This server block just routes incoming requests to either web1 or 127.0.0.1:444
server {
listen *:443 ssl;
server_name matthew.mdamp.com;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto https;
location / {
proxy_pass $backend;
}
# SSL Configuration
ssl_certificate /etc/letsencrypt/live/matthew.mdamp.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/matthew.mdamp.com/privkey.pem;
}

# This server block, serves wordpress locally
server {
listen 127.0.0.1:444 ssl;
server_name matthew.mdamp.com;

root /var/www/vhosts/matthew.mdamp.com;
index index.php;

location = /favicon.ico {
log_not_found off;
access_log off;
}

location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}

# If we can’t find a file  ;  it’s probably on web1
recursive_error_pages off;
error_page 404 = @web1;

location @web1 {
proxy_pass https://web1;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $server_name;
proxy_set_header X-Forwarded-Proto https;
}

access_log /var/log/nginx/matthew.mdamp.com-access_log;
error_log /var/log/nginx/matthew.mdamp.com-error_log;

location / {
try_files $uri $uri/ /index.php?$args;
}

location ~ \.php$ {
include fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_pass php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}

location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}

# SSL Configuration
ssl_certificate /etc/letsencrypt/live/matthew.mdamp.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/matthew.mdamp.com/privkey.pem;
}

Leave a Reply

Your email address will not be published. Required fields are marked *