stackoom
  简体   繁体   中英

Share Nginx server configuration

 原文  2014-06-11 04:04:32       php/ nginx

Question

How can i share common configuration between two servers. My app support both http and https(for few pages) and i am currently using fastcgi_param to save sensitive information like DB name and password. How can i share the location and fastcgi_param for both server(80, 443). 

server {
    listen 80;
    server_name example.com;
}

server {
    listen 443 ssl;
    server_name example.com;
    root /home/forge/example.com/public;

    # FORGE SSL (DO NOT REMOVE!)
    ssl on;
    ssl_certificate /etc/nginx/ssl/example.com/304/server.crt;
    ssl_certificate_key /etc/nginx/ssl/example.com/304/server.key;

    index index.html index.htm index.php;

    charset utf-8;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/example.com-error.log error;

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_param ENV "production";
        fastcgi_param DB_HOST "127.0.0.1";
        fastcgi_param DB_PASSWORD "123456";
        fastcgi_param DB_USERNAME "user";
        fastcgi_param DB_NAME "example";
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }
}

conf i want to share: 

index index.html index.htm index.php;

    charset utf-8;

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/example.com-error.log error;

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_param ENV "production";
        fastcgi_param DB_HOST "127.0.0.1";
        fastcgi_param DB_PASSWORD "123456";
        fastcgi_param DB_USERNAME "user";
        fastcgi_param DB_NAME "example";
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }

3 answers

solution1
 7  2015-04-23 20:22:17

Starting from 0.7.14, you can combine HTTP and HTTPS server blocks into single one - much easier to maintain: 

server {
    listen 80;
    listen 443 ssl;
    server_name example.com;
    ...
}

Take a look on http://nginx.org/en/docs/http/configuring_https_servers.html#single_http_https_server for details.

solution2
 3  2016-09-24 16:15:00

In addition to Andrey's answer which should help you immensely.

NGINX also supports an include statement.

You could for example create a common directory ( /etc/nginx/common/ ) and then create /etc/nginx/common/locations.conf . Your locations.conf file would then contain something like, 

# NGINX CONFIGURATION FOR COMMON LOCATION
# Basic locations files
location = /favicon.ico {
  access_log off;
  log_not_found off;
  expires max;
}
# Cache static files
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf)$ {
  add_header "Access-Control-Allow-Origin" "*";
  access_log off;
  log_not_found off;
  expires max;
}
# Security settings for better privacy
# Deny hidden files
location ~ /\.well-known {
  allow all;
}
location ~ /\. {
  deny all;
  access_log off;
  log_not_found off;
}
# Deny backup extensions & log files
location ~* ^.+\.(bak|log|old|orig|original|php#|php~|php_bak|save|swo|swp|sql)$ {
  deny all;
  access_log off;
  log_not_found off;
}
# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html)
if ($uri ~* "^.+(readme|license|example)\.(txt|html)$") {
  return 403;
}

Then in one of your site configuration files you just use include common/locations.conf; to include the locations file. For example, 

server {
    listen 80;
    listen 443 ssl;
    server_name example.com;

    include common/locations.conf;

    ...
}

solution3
 0  2019-02-08 01:21:43

Personally I use Ansible to provision and setup the servers via a data file the describes the endstate you want. See https://github.com/geerlingguy/ansible-role-nginx

requirements.yml 

---
- src: geerlingguy/ansible-role-nginx

hosts 

[local]
localhost ansible_connection=local

playbook.yml PSEUDO CODE 

---
- hosts: server
  roles:
    - { role: geerlingguy.nginx }
  nginx_vhosts:
  - listen: "80"
    server_name: "example.com www.example.com"
    return: "301 https://example.com$request_uri"
    filename: "example.com.80.conf"

And you can use Jinja2 templates to copy & configure fragments

Run it all with ansible-galaxy -i hosts playbook.yml

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Server configuration file for nginx NGINX server configuration for Codeigniter NGINX server configuration zabbix configuration with rails and nginx server Nginx Configuration - Upstream - Backup Server Nginx configuration for Server Sent Event nginx server configuration returns php code Nginx Configuration throws 500 Internal Server Error nginx + php-fpm configuration. Server stalls AWS Elastic Beanstalk Apply configuration file on nginx server
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM