Author Topic: Varnish+NginX+APache+Letsencrypt proposal  (Read 17391 times)

0 Members and 1 Guest are viewing this topic.

Offline
*
Varnish+NginX+APache+Letsencrypt proposal
« on: July 18, 2016, 04:34:25 AM »
Currently, there is an option right within CWP to configure the web server so that it uses Varnish on the front, and NginX as a reverse proxy for apache on the back. Which works fine. But if we need to use ssl/letsencrypt we would face the problem that varnish can not deal with ssl.

I propose the option to change their order, make nginx handle the request and deal with ssl on the front, forwarding back to varnish which decides wheather to serve from cache or forward it to apache in the back. So they would be NginX >> Varnish >> Apache. That way the site still has cache, reverse proxy, ssl and uses apache as a backend to serve dynamic content.

Offline
***
Re: Varnish+NginX+APache+Letsencrypt proposal
« Reply #1 on: July 21, 2016, 09:52:15 AM »
Wao, sounds like your website has very high traffic  ;D

Offline
*
Re: Varnish+NginX+APache+Letsencrypt proposal
« Reply #2 on: August 08, 2016, 11:33:31 AM »
Yep, this is really needed as many sites are moving to https.

With https, current nginx/Varnish setup is useless unless you tweak configuration files manually. and you cant opcache,apc with CWP.

Hope this feature comes to CWP soon.

Offline
*
Re: Varnish+NginX+APache+Letsencrypt proposal
« Reply #3 on: August 08, 2016, 11:14:56 PM »
Yep, this is really needed as many sites are moving to https.

With https, current nginx/Varnish setup is useless unless you tweak configuration files manually. and you cant opcache,apc with CWP.

Hope this feature comes to CWP soon.
I am also hoping for that feature. I have some projects which use https and for now I do not know any working solution how to use Varnish + apache. Hope that developers will fix this problem very soon.

Offline
*
Re: Varnish+NginX+APache+Letsencrypt proposal
« Reply #4 on: August 13, 2016, 01:46:41 AM »
wondering, if this even planned in future versions?

Offline
*
« Last Edit: August 13, 2016, 07:30:06 PM by steves »

Offline
*
Re: Varnish+NginX+APache+Letsencrypt proposal
« Reply #6 on: August 14, 2016, 06:38:11 AM »
i got Nginx >> Varnish >> Apache working and results are amazing.

my $10 vps was able to handle 1000 clients/s for over 1 minute, theoretically that mean 86 million visitors a day. i am sure it can handle even more but i only test for 1000 clients using loader.io.

3 GB data was  transferred in 1 minute.

Offline
***
Re: Varnish+NginX+APache+Letsencrypt proposal
« Reply #7 on: September 20, 2016, 07:51:19 AM »
i got Nginx >> Varnish >> Apache working and results are amazing.

my $10 vps was able to handle 1000 clients/s for over 1 minute, theoretically that mean 86 million visitors a day. i am sure it can handle even more but i only test for 1000 clients using loader.io.

3 GB data was  transferred in 1 minute.

It's gonna be better if you spend you time to give instruction instead of talking about your server.
----

Guys I tell you how to install Apache, Let's Encrypt and Varnish cache, latest Centos Web Panel on 20 Sep 2016. I haven't try NginX yet because I dont need it for now, maybe in future I will update this post


I assume you have done installing Centos Web panel. Now login at http://<your_ip>:2030/
Overview :
You might follow my setup in order : Apache Configuration > Lets encrypt > Varnish
1. Make your your website is running on port 80 , http://your_domain.com/
2. Navigate to Apache Setting > Install Let's encrypt > Manager , press Install
3. After install the service, go to that menu again and install SSL certificate for your first domain. Fill information on this box :  "Install Letsencrypt for Account/Main Domain" , or Custom Install of Letsencrypt if you modified your public_html folder location (default : /home/username/public_html)
Then press Install

Ok, now they are installing and verify certificate, if you failed or whatever error, here are some reasons:
- the folder is not exist . Go check if there is a folder named : '.well-known' inside your public_html folder
- If it is exist, go check on browser if you can load it on browser, because your server is going to verify this certificate via http

If you done this part, go check your domain at https://yourdomain/
At this point, even you failed at install SSL certificate, you still can access your Panel at https://yourdomain:2031 , but you will get warning from browser since it is missing certificate

Now you go ahead and choose your webserver. Apache Settings > Select Webservers
Choose Apache & Varnish Cache (Varnish on port 80 and apache on port 8181)

Click Save and Rebuild

----
Apache settings > Apache Configuration
Find Listen 80   , change it to 8181

Find and update
ServerName yourdomain.com

Save it and restart Apache

Test it:
https://yourdomain.com
https://yourdomain.com

Directly load Apache Server SSL:
http://yourdomain.com:443

Load Vanish cache:
http://yourdomain.com

Verify Vanish cache working:
http://www.isvarnishworking.com   and submit your site.

Please note that Vanish cache is not supported for https. So you will serve ether Vanish Cache http or https (no cache).
I think the process gonna be similar to NignX.
« Last Edit: September 20, 2016, 08:07:29 AM by locvfx »

Offline
*
Re: Varnish+NginX+APache+Letsencrypt proposal
« Reply #8 on: January 24, 2017, 09:12:52 PM »
I know this is old, but many thanks for your tips mate, ultra useful !

Thanks a lot !