Building Web Server

Getting Ready
useradd -r -U nginx useradd webmaster usermod -G webmaster nginx

yum -y install gcc libxslt-devel gd-devel GeoIP-devel subversion git multitail

Installing Nginx
The below will walk you threw installing Nginx from Subversion on a Fedora system. With minor modification, the below instructions should also work for other flavors of Linux/Unix.

I always build source files in /var/src, you may choose a different location if you wish. cd /var/src svn checkout svn://svn.nginx.org/nginx/trunk nginx cd nginx/ ln auto/configure configure Next you need to configure Nginx for your setup. The below is a pretty generic/basic setup with the gzip_static module, SSL module & the stub_status module. ./configure --user=nginx --group=nginx --prefix=/usr/local --conf-path=/etc/nginx/nginx.conf \ --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid \ --with-http_gzip_static_module --with-http_ssl_module --with-http_stub_status_module Now make and install it. make && make install After you have installed Nginx, you need to start it. To do this on Fedora, create the Nginx INIT script into /etc/init.d named as nginx. chmod 755 /etc/init.d/nginx chkconfig --add nginx chkconfig nginx on adduser nginx groups nginx service nginx start

Firewall (IPTables)
To open normal web traffic for all network cards add the below to /etc/sysconfig/iptables: -A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT Or to restrict connections to a single network card and IP address, add: -A INPUT -m state --state NEW -m udp -p udp -i eth1 -s 10.176.228.120 --dport 80 -j ACCEPT Once done, restart iptables service iptables restart

Log Rotation
/etc/logrotate.d/nginx: /var/log/nginx/*log { weekly rotate 104 dateext missingok notifempty olddir /var/log/nginx/archive compress sharedscripts postrotate /etc/init.d/nginx reopen_logs endscript }