Fedora/webserver/nginx

From MattWiki
Jump to: navigation, search

Installing Nginx on Fedora (RPM)

This page will explain how I configured nginx for my WordPress sites.

My configuration prior to migrating to nginx was built on two servers as following:

Before After

Installing needed components

yum -y install nginx php-fpm

php-fpm

We will be using socket to connect to php-fpm, so you will need to change the default configuration to create a socket opposed to TCP.

vim /etc/php-fpm.d/www.conf

Around line 12, change listen from 127.0.0.1:9000 to /var/run/php-fpm.socket so it looks like:

listen = /var/run/php-fpm.socket

Then around line 39, change the user and group to nginx

user = nginx
group = nginx

Then start it:

chkconfig php-fpm on
service php-fpm start

Firewall (IPTables)

To open normal web traffic for all network cards add the below to /etc/sysconfig/iptables:

-A INPUT -m state --state NEW -m tcp -p tcp --dport 80 -j ACCEPT

Or to restrict connections to a single network card and IP address, add:

-A INPUT -m state --state NEW -m udp -p udp -i eth1 -s 10.176.228.120 --dport 80 -j ACCEPT

Once done, restart iptables

service iptables restart

Log Rotation

/etc/logrotate.d/nginx:

/var/log/nginx/*log {
    weekly
    rotate 104
    dateext
    missingok
    notifempty
    olddir /var/log/nginx/archive
    compress
    sharedscripts
    postrotate
        /etc/init.d/nginx reopen_logs
    endscript
}

Installing Nginx on Fedora (Source - SVN)

The below will walk you threw installing Nginx from Subversion on a Fedora system. With minor modification, the below instructions should also work for other flavors of Linux/Unix.

To start out with, confirm you have the needed prerequisites installed.

yum -y install gcc libxslt-devel gd-devel GeoIP-devel subversion

After you install the needed software, you can start getting ready to compile the software. I always build source files in /var/src, you may choose a different location if you wish.

cd /var/src
svn checkout svn://svn.nginx.org/nginx/trunk nginx
cd nginx/
ln auto/configure configure

Next you need to configure Nginx for your setup. The below is a pretty generic/basic setup with the gzip_static module, SSL module & the stub_status module.

./configure --user=nginx --group=nginx --prefix=/usr/local --conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid \
--with-http_gzip_static_module --with-http_ssl_module --with-http_stub_status_module

Now make and install it.

make && make install

After you have installed Nginx, you need to start it. To do this on Fedora, create the Nginx INIT script into /etc/init.d named as nginx.

chmod 755 /etc/init.d/nginx
chkconfig --add nginx
chkconfig nginx on
adduser nginx
groups nginx
service nginx start

Upgrading Nginx on Fedora from Source (SVN)

cd /var/src/nginx/
rm -rf *
svn update
ln auto/configure configure
./configure --user=nginx --group=nginx --prefix=/usr/local --conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid \
--with-http_gzip_static_module --with-http_ssl_module --with-http_stub_status_module
make && make install && kill -USR2 $( cat /var/run/nginx.pid )
ps -eaf |grep "nginx: " |grep -v "grep"
kill -WINCH $( cat /var/run/nginx.pid.oldbin )
kill -QUIT $( cat /var/run/nginx.pid.oldbin )