ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Install Nginx as a Reverse Proxy on Fedora 27

    IT Discussion
    nginx fedora certbot fedora 27 reverse proxy guides real instructions how to
    16
    107
    23.3k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      JaredBusch @scottalanmiller
      last edited by

      @scottalanmiller said in Install Nginx as a Reverse Proxy on Fedora 27:

      @black3dynamite said in Install Nginx as a Reverse Proxy on Fedora 27:

      @coliver said in Install Nginx as a Reverse Proxy on Fedora 27:

      @wirestyle22 said in Install Nginx as a Reverse Proxy on Fedora 27:

      @scottalanmiller Yeah, thin provisioning makes sense for something like this for sure

      For almost everything thin provisioning makes sense. I'm sure there is an exception to the rule but I can't think of one off the top of my head.

      Databases?

      That would generally be it. HOWEVER, I normally put my DB on thin provisioning and have a separate, dedicated storage just for the data (DB files) which is thick provisioned.

      Or if on Scale, the main storage gets a low HEAT score and the dedicated DB files gets set to 11.

      It depends on how much your database grows. Then provisioning is still just fine if the database size is fairly stable

      1 Reply Last reply Reply Quote 1
      • D
        Donahue @JaredBusch
        last edited by Donahue

        @JaredBusch said in Install Nginx as a Reverse Proxy on Fedora 27:

        Before you can request your SSL certificate, you have to have a valid configuration file in place listening on port 80.
        Nginx stores the configuration files in /etc/nginx/conf.d/, so let's make our nextcloud.conf.
        I am not going to go aver all the pieces here. If you want ot know more about what all these settings mean, go look them up.
        Finally, this is a sample base don Nextcloud. Change it to fit your application needs.
        The structure may look strange at first, but there is a method to my madness. It is based on how certbot --nginx works.

        cat > /etc/nginx/conf.d/nextcloud.conf <<EOF
        server {
            client_max_body_size 40M;
            server_name nc.domain.com;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_set_header Host $http_host;
            proxy_set_header X-NginX-Proxy true;
            proxy_redirect off;
            location / {
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $http_host;
                proxy_set_header X-NginX-Proxy true;
                proxy_pass http://10.150.0.17;
                proxy_redirect off;
                # Socket.IO Support
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
            }
        ##    ssl_stapling on;
        ##    ssl_stapling_verify on;
        ##    ssl_session_cache shared:SSL:10m;
        ##    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
            listen 80;
        }
        ##server {
        ##    client_max_body_size 40M;
        #    listen 80;
        ##    server_name nc.domain.com;
        ##    return 301 https://$host$request_uri;
        ##}
        EOF
        

        NOTE: This is on purpose only one # while the others have two, # listen 80;.

        Test the config

        nginx -t
        

        When I run this step, I get an error.

        [root@nginx ~]# nginx -t
        nginx: [emerg] invalid number of arguments in "proxy_set_header" directive in /etc/nginx/conf.d/nextcloud.conf:4
        nginx: configuration file /etc/nginx/nginx.conf test failed
        
        T 1 Reply Last reply Reply Quote 0
        • T
          travisdh1 @Donahue
          last edited by

          @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

          @JaredBusch said in Install Nginx as a Reverse Proxy on Fedora 27:

          Before you can request your SSL certificate, you have to have a valid configuration file in place listening on port 80.
          Nginx stores the configuration files in /etc/nginx/conf.d/, so let's make our nextcloud.conf.
          I am not going to go aver all the pieces here. If you want ot know more about what all these settings mean, go look them up.
          Finally, this is a sample base don Nextcloud. Change it to fit your application needs.
          The structure may look strange at first, but there is a method to my madness. It is based on how certbot --nginx works.

          cat > /etc/nginx/conf.d/nextcloud.conf <<EOF
          server {
              client_max_body_size 40M;
              server_name nc.domain.com;
              proxy_set_header X-Real-IP $remote_addr;
              proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
              proxy_set_header Host $http_host;
              proxy_set_header X-NginX-Proxy true;
              proxy_redirect off;
              location / {
                  proxy_set_header X-Real-IP $remote_addr;
                  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                  proxy_set_header Host $http_host;
                  proxy_set_header X-NginX-Proxy true;
                  proxy_pass http://10.150.0.17;
                  proxy_redirect off;
                  # Socket.IO Support
                  proxy_http_version 1.1;
                  proxy_set_header Upgrade $http_upgrade;
                  proxy_set_header Connection "upgrade";
              }
          ##    ssl_stapling on;
          ##    ssl_stapling_verify on;
          ##    ssl_session_cache shared:SSL:10m;
          ##    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
              listen 80;
          }
          ##server {
          ##    client_max_body_size 40M;
          #    listen 80;
          ##    server_name nc.domain.com;
          ##    return 301 https://$host$request_uri;
          ##}
          EOF
          

          NOTE: This is on purpose only one # while the others have two, # listen 80;.

          Test the config

          nginx -t
          

          When I run this step, I get an error.

          [root@nginx ~]# nginx -t
          nginx: [emerg] invalid number of arguments in "proxy_set_header" directive in /etc/nginx/conf.d/nextcloud.conf:4
          nginx: configuration file /etc/nginx/nginx.conf test failed
          

          You've got the same thing in both the server { and location / { sections. If that's not a copy/paste error, remove them from the server { section.

          D 1 Reply Last reply Reply Quote 0
          • D
            Donahue
            last edited by

            I figured out that step. Somehow it only pasted some of the arguments in there. I am still waiting on the DNS A record before I can move on

            S 1 Reply Last reply Reply Quote 0
            • D
              Donahue @travisdh1
              last edited by

              @travisdh1 said in Install Nginx as a Reverse Proxy on Fedora 27:

              @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

              @JaredBusch said in Install Nginx as a Reverse Proxy on Fedora 27:

              Before you can request your SSL certificate, you have to have a valid configuration file in place listening on port 80.
              Nginx stores the configuration files in /etc/nginx/conf.d/, so let's make our nextcloud.conf.
              I am not going to go aver all the pieces here. If you want ot know more about what all these settings mean, go look them up.
              Finally, this is a sample base don Nextcloud. Change it to fit your application needs.
              The structure may look strange at first, but there is a method to my madness. It is based on how certbot --nginx works.

              cat > /etc/nginx/conf.d/nextcloud.conf <<EOF
              server {
                  client_max_body_size 40M;
                  server_name nc.domain.com;
                  proxy_set_header X-Real-IP $remote_addr;
                  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                  proxy_set_header Host $http_host;
                  proxy_set_header X-NginX-Proxy true;
                  proxy_redirect off;
                  location / {
                      proxy_set_header X-Real-IP $remote_addr;
                      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                      proxy_set_header Host $http_host;
                      proxy_set_header X-NginX-Proxy true;
                      proxy_pass http://10.150.0.17;
                      proxy_redirect off;
                      # Socket.IO Support
                      proxy_http_version 1.1;
                      proxy_set_header Upgrade $http_upgrade;
                      proxy_set_header Connection "upgrade";
                  }
              ##    ssl_stapling on;
              ##    ssl_stapling_verify on;
              ##    ssl_session_cache shared:SSL:10m;
              ##    add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
                  listen 80;
              }
              ##server {
              ##    client_max_body_size 40M;
              #    listen 80;
              ##    server_name nc.domain.com;
              ##    return 301 https://$host$request_uri;
              ##}
              EOF
              

              NOTE: This is on purpose only one # while the others have two, # listen 80;.

              Test the config

              nginx -t
              

              When I run this step, I get an error.

              [root@nginx ~]# nginx -t
              nginx: [emerg] invalid number of arguments in "proxy_set_header" directive in /etc/nginx/conf.d/nextcloud.conf:4
              nginx: configuration file /etc/nginx/nginx.conf test failed
              

              You've got the same thing in both the server { and location / { sections. If that's not a copy/paste error, remove them from the server { section.

              that's not mine, that is from @JaredBusch

              1 Reply Last reply Reply Quote 0
              • S
                scottalanmiller @Donahue
                last edited by

                @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

                I figured out that step. Somehow it only pasted some of the arguments in there. I am still waiting on the DNS A record before I can move on

                Why do you need an A record?

                D 1 Reply Last reply Reply Quote 0
                • D
                  Donahue @scottalanmiller
                  last edited by

                  @scottalanmiller said in Install Nginx as a Reverse Proxy on Fedora 27:

                  @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

                  I figured out that step. Somehow it only pasted some of the arguments in there. I am still waiting on the DNS A record before I can move on

                  Why do you need an A record?

                  I need an external DNS record. Certbot failed because it said it needed an A record.

                  S 1 Reply Last reply Reply Quote 0
                  • S
                    scottalanmiller @Donahue
                    last edited by

                    @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

                    @scottalanmiller said in Install Nginx as a Reverse Proxy on Fedora 27:

                    @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

                    I figured out that step. Somehow it only pasted some of the arguments in there. I am still waiting on the DNS A record before I can move on

                    Why do you need an A record?

                    I need an external DNS record. Certbot failed because it said it needed an A record.

                    OIC

                    1 Reply Last reply Reply Quote 0
                    • D
                      Donahue
                      last edited by

                      I've got to wait for my DNS provider to put in the record for me, which I am told will be done "sometime today". We will see, but I kinda doubt it.

                      S 1 Reply Last reply Reply Quote 0
                      • S
                        scottalanmiller @Donahue
                        last edited by

                        @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

                        I've got to wait for my DNS provider to put in the record for me, which I am told will be done "sometime today". We will see, but I kinda doubt it.

                        How long would it take to move to a good DNS provider?

                        J 1 Reply Last reply Reply Quote 0
                        • S
                          scottalanmiller
                          last edited by

                          Rhetorical question, answer is "about two hours."

                          J 1 Reply Last reply Reply Quote 0
                          • J
                            JaredBusch @scottalanmiller
                            last edited by

                            @scottalanmiller said in Install Nginx as a Reverse Proxy on Fedora 27:

                            @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

                            I've got to wait for my DNS provider to put in the record for me, which I am told will be done "sometime today". We will see, but I kinda doubt it.

                            How long would it take to move to a good DNS provider?

                            The problem is that his entire domain is apparently outsource and not in theri control. Or this would be trivial.

                            S 1 Reply Last reply Reply Quote 1
                            • J
                              JaredBusch @scottalanmiller
                              last edited by

                              @scottalanmiller said in Install Nginx as a Reverse Proxy on Fedora 27:

                              Rhetorical question, answer is "about two hours."

                              And then 24 hours for replication 😛

                              1 Reply Last reply Reply Quote 2
                              • D
                                Donahue
                                last edited by

                                So far, all of that external stuff has been under the "marketing" department, and I have no part of it. It also predates me at this company, probably by a decade. The marketing lady can be a PITA sometimes, so I don't want to step into that fire until I actually have to.

                                1 Reply Last reply Reply Quote 0
                                • S
                                  scottalanmiller @JaredBusch
                                  last edited by

                                  @JaredBusch said in Install Nginx as a Reverse Proxy on Fedora 27:

                                  @scottalanmiller said in Install Nginx as a Reverse Proxy on Fedora 27:

                                  @Donahue said in Install Nginx as a Reverse Proxy on Fedora 27:

                                  I've got to wait for my DNS provider to put in the record for me, which I am told will be done "sometime today". We will see, but I kinda doubt it.

                                  How long would it take to move to a good DNS provider?

                                  The problem is that his entire domain is apparently outsource and not in theri control. Or this would be trivial.

                                  It's cutting off the outsourcing that I'm trying to fix 🙂

                                  1 Reply Last reply Reply Quote 0
                                  • D
                                    Donahue @JaredBusch
                                    last edited by

                                    @JaredBusch said in Install Nginx as a Reverse Proxy on Fedora 27:

                                    client_max_body_size 40M;
                                    

                                    One thing I just ran into was having to up this limit to be able to sync larger files. I would suggest flagging that in the first post so someone like me would know to change this if they work with larger files. I set mine to 16G. For some reason, this only effected the NC sync client, the browser upload as increased by other means.

                                    1 Reply Last reply Reply Quote 1
                                    • brandon220B
                                      brandon220
                                      last edited by

                                      Trying to get this to work tonight. The nextcloud.conf is copied on the Nginx server. I changed the server_name and the proxy_pass. Everything else is unchanged. When I run the nginx-t to verify, it returns

                                      nginx: [emerg] invalid number of arguments in "proxy_set_header" directive in /etc/nginx/conf.d/nextcloud.conf:4
                                      nginx: configuration file /etc/nginx/nginx.conf test failed

                                      I have researched for a few hours and cannot "see" where the issue is. I am in need of some guidance.

                                      J 1 Reply Last reply Reply Quote 0
                                      • J
                                        JaredBusch @brandon220
                                        last edited by

                                        @brandon220 said in Install Nginx as a Reverse Proxy on Fedora 27:

                                        Trying to get this to work tonight. The nextcloud.conf is copied on the Nginx server. I changed the server_name and the proxy_pass. Everything else is unchanged. When I run the nginx-t to verify, it returns

                                        nginx: [emerg] invalid number of arguments in "proxy_set_header" directive in /etc/nginx/conf.d/nextcloud.conf:4
                                        nginx: configuration file /etc/nginx/nginx.conf test failed

                                        I have researched for a few hours and cannot "see" where the issue is. I am in need of some guidance.

                                        You likely missed a semicolon to close a line.

                                        brandon220B 1 Reply Last reply Reply Quote 0
                                        • brandon220B
                                          brandon220 @JaredBusch
                                          last edited by

                                          @JaredBusch I looked at the config till my eyes went cross and didn’t notice that. I’ll check again later and see. I looked at the logs and they don’t really give any clues.

                                          J 1 Reply Last reply Reply Quote 0
                                          • J
                                            JaredBusch @brandon220
                                            last edited by

                                            @brandon220 said in Install Nginx as a Reverse Proxy on Fedora 27:

                                            @JaredBusch I looked at the config till my eyes went cross and didn’t notice that. I’ll check again later and see. I looked at the logs and they don’t really give any clues.

                                            That error you posted tells you that. On that line you didn’t close it, so it thinks you next line is another parameter of the command.

                                            1 Reply Last reply Reply Quote 0
                                            • 1
                                            • 2
                                            • 3
                                            • 4
                                            • 5
                                            • 6
                                            • 1 / 6
                                            • First post
                                              Last post