Hi
Has anyone experienced how to adapt this magento nginx file so that it maintains the same CWP nginx structure using nginx+varnish+apache?
That file has many locations and it is necessary to add the proxy_pass parameters, etc but I don't manage in nginx and I haven't had good results in that.
The Magento documentation says that you should create the vhost in the following way and include a file that has all the configuration but obviously is only intended for use on an only nginx server.
### I think this block is not necessary because in CWP the parameters are already loaded in the nginx configuration
upstream fastcgi_backend {
use tcp connection
server 127.0.0.1:9000;
or socket
server proxy:unix:/opt/alt/php-fpm73/usr/var/sockets/me.sock
}
### This block already comes in the domain configuration so I can take only the necessary parameters and include them
server {
listen 80;
server_name mage.dev;
set $MAGE_ROOT /var/www/magento2;
set $MAGE_DEBUG_SHOW_ARGS 1;
include /magento2/nginx.conf.sample;
}Although they then show how to configure varnish on its own, I can't find how to adapt this nginx file to work with varnish or SSL
This is the magento nginx.conf.sample content to include but I don't know where I should add the call parameters to the proxy. Would it be in every block location?
root $MAGE_ROOT/pub;
index index.php;
autoindex off;
charset UTF-8;
error_page 404 403 = /errors/404.php;
#add_header "X-UA-Compatible" "IE=Edge";
# Deny access to sensitive files
location /.user.ini {
deny all;
}
# PHP entry point for setup application
location ~* ^/setup($|/) {
root $MAGE_ROOT;
location ~ ^/setup/index.php {
fastcgi_pass fastcgi_backend;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=2GM \n max_execution_time=1800";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/setup/(?!pub/). {
deny all;
}
location ~ ^/setup/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
}
}
# PHP entry point for update application
location ~* ^/update($|/) {
root $MAGE_ROOT;
location ~ ^/update/index.php {
fastcgi_split_path_info ^(/update/index.php)(/.+)$;
fastcgi_pass fastcgi_backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi_params;
}
# Deny everything but index.php
location ~ ^/update/(?!pub/). {
deny all;
}
location ~ ^/update/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
}
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location /pub/ {
location ~ ^/pub/media/(downloadable|customer|import|custom_options|theme_customization/.*\.xml) {
deny all;
}
alias $MAGE_ROOT/pub/;
add_header X-Frame-Options "SAMEORIGIN";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
}
location /static/ {
# Uncomment the following line in production mode
# expires max;
# Remove signature of the static files that is used to overcome the browser cache
location ~ ^/static/version {
rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2|html|json)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
expires +1y;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
expires off;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
add_header X-Frame-Options "SAMEORIGIN";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
}
location /media/ {
try_files $uri $uri/ /get.php$is_args$args;
location ~ ^/media/theme_customization/.*\.xml {
deny all;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
expires +1y;
try_files $uri $uri/ /get.php$is_args$args;
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
expires off;
try_files $uri $uri/ /get.php$is_args$args;
}
add_header X-Frame-Options "SAMEORIGIN";
add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
}
location /media/customer/ {
deny all;
}
location /media/downloadable/ {
deny all;
}
location /media/import/ {
deny all;
}
location /media/custom_options/ {
deny all;
}
location /errors/ {
location ~* \.xml$ {
deny all;
}
}
# PHP entry point for main application
location ~ ^/(index|get|static|errors/report|errors/404|errors/503|health_check)\.php$ {
try_files $uri =404;
fastcgi_pass fastcgi_backend;
fastcgi_buffers 1024 4k;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=2G \n max_execution_time=18000";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
gzip on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types
text/plain
text/css
text/js
text/xml
text/javascript
application/javascript
application/x-javascript
application/json
application/xml
application/xml+rss
image/svg+xml;
gzip_vary on;
# Banned locations (only reached if the earlier PHP entry point regexes don't match)
location ~* (\.php$|\.phtml$|\.htaccess$|\.git) {
deny all;
}
I have tried to apply it to the default domain nginx vhost according to CWP in the following way but it doesn't work for me:
server {
listen 207.244.241.9:80;
server_name tienda.proitsecurity.com www.tienda.proitsecurity.com;
access_log /usr/local/apache/domlogs/tienda.proitsecurity.com.bytes bytes;
access_log /usr/local/apache/domlogs/tienda.proitsecurity.com.log combined;
error_log /usr/local/apache/domlogs/tienda.proitsecurity.com.error.log error;
location / {
location ~.*\.(3gp|gif|jpg|jpeg|png|ico|wmv|avi|asf|asx|mpg|mpeg|mp4|pls|mp3|mid|wav|swf|flv|html|htm|txt|js|css|exe|zip|tar|rar|gz|tgz|bz2|uha|7z|doc|docx|xls|xlsx|pdf|iso|woff|ttf|svg|eot|sh)$ {
expires max;
try_files $uri @backend;
}
# Set magento variable
set $MAGE_ROOT /var/www/magento2;
set $MAGE_DEBUG_SHOW_ARGS 1;
# I moved the nginx.conf.sample to /etc/nginx
include /etc/nginx/nginx.conf.sample;
error_page 405 = @backend;
error_page 500 = @custom;
add_header X-Cache "HIT from Backend";
proxy_pass http://207.244.241.9:82;
include proxy.inc;
return 301 https://$server_name$request_uri;
}
location @backend {
internal;
proxy_pass http://207.244.241.9:82;
include proxy.inc;
}
location @custom {
internal;
proxy_pass http://207.244.241.9:82;
include proxy.inc;
}
location ~ .*\.(php|jsp|cgi|pl|py)?$ {
proxy_pass http://207.244.241.9:82;
include proxy.inc;
}
location ~ /\.ht {deny all;}
location ~ /\.svn/ {deny all;}
location ~ /\.git/ {deny all;}
location ~ /\.hg/ {deny all;}
location ~ /\.bzr/ {deny all;}
disable_symlinks if_not_owner from=/home/proitcom/tienda.proitsecurity.com;
location /.well-known/acme-challenge {
default_type "text/plain";
alias /usr/local/apache/autossl_tmp/.well-known/acme-challenge;
}
}Any suggestions on how to do it, please?
Thank you very much.
Topic: Custom nginx vhost for magento2 (Read 7177 times)
