Intro¶
Nginx is one of the most popular web servers in the world and is responsible for some of the largest and most trafficked sites on the Internet. It is a lightweight choice that can be used as either a web server or a reverse proxy.
Step 0 – Installing NGINX to new VM¶
Make a new computer for NGINX. See video for information
Step 1 – Installing NGINX¶
Since Nginx is available in Ubuntu's default package directory (default repositories), you can install it using the apt package manager.
First, let's update our local package directory to get access to the latest package lists. After that, nginx can be installed:
Press Y when prompted to confirm installation. If prompted to restart the service, accept the defaults and press ENTER to continue. apt installs Nginx and all necessary dependencies on your server.Step 2 – UFW-firewall configuration if needed. (In the Google Cloud main firewall will be the clouds.)¶
NOTE : You don't need to do this in google cloud
Before testing Nginx, the firewall software must be configured to allow access to the service. Nginx registers itself as a service with ufw upon installation, which makes allowing Nginx access simple.
user@ngix2:~$ sudo ufw app list
Available applications:
Nginx Full
Nginx HTTP
Nginx HTTPS
OpenSSH
user@ngix2:~$ sudo ufw status
Status: inactive
List of application profiles:
As the output shows, there are three profiles available for Nginx:
Nginx Full: This profile opens both port 80 (normal, unencrypted web traffic) and port 443 (TLS/SSL encrypted traffic) Nginx HTTP: This profile opens only port 80 (normal, unencrypted web traffic) Nginx HTTPS: This profile opens only port 443 (TLS/SSL encrypted traffic)
To enable traffic through http, type:
Check the status of the UFW firewall: HTTP traffic (80) is allowed.Note : We are using Google Cloud so UFW is not really active.
Output
Status: active
To Action From
-- ------ ----
OpenSSH ALLOW Anywhere
Nginx HTTP ALLOW Anywhere
OpenSSH (v6) ALLOW Anywhere (v6)
Nginx HTTP (v6) ALLOW Anywhere (v6)
Step 3 – Checking the status of the web server¶
At the end of the installation process, Ubuntu starts Nginx. The web server should already be running.
Output:
nginx.service - A high performance web server and a reverse proxy server
Loaded: loaded (/lib/systemd/system/nginx.service; enabled; vendor preset: enabled)
Active: active (running) since Fri 2022-03-01 16:08:19 UTC; 3 days ago
Docs: man:nginx(8)
Main PID: 2369 (nginx)
Tasks: 2 (limit: 1153)
Memory: 3.5M
CGroup: /system.slice/nginx.service
├─2369 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
└─2380 nginx: worker process
To test that Nginx is working correctly, open a web browser and enter the IP address of your server in the address bar.
The browser should display the home page of the NGINX www server:
Step 4 – Managing NGINX processes¶
Now that you have your web server up and running, let's look at some basic administration commands.
Stop the web server by typing:
To start the web server when it is stopped, type: To stop and then start the service again, type: If you are only making configuration changes, Nginx can often reload without dropping connections. To do this, type:NGINX to apache2 and vice versa¶
By default, Nginx is configured to start automatically when the server boots. If this is not what you want, you can disable this behavior by typing:
To re-enable the service to start up at boot, you can type:Same commands can be used to enable/disable apache2 service.
Step 5 – Configuring NGINX¶
Let's take a look at a few more important NGINX server directories and files.
The actual web content, which by default consists of just the default Nginx page you saw earlier, is served from the /var/www/html directory. This can be changed by changing the Nginx configuration files.
Basic settings¶
/etc/nginx
Nginx configuration directory. All Nginx configuration files are located here.
/etc/nginx/nginx.conf
Nginx main configuration file. This can be edited to change the general configuration of Nginx.
/etc/nginx/sites-available/
Directory where Site-specific server blocks can be saved. Configuration files found in this directory are not used by Nginx unless they are linked to the sites-enabled directory. Typically, all server block configuration is done in this directory and then deployed by linking to another directory.
/etc/nginx/sites-enabled/
The directory where the Site-specific server blocks in use are stored. Typically, these are created by linking to configuration files found in the sites-available directory.
/etc/nginx/snippets
This directory contains configuration sections that can be included elsewhere in the Nginx configuration. Potentially repeatable configuration segments are good candidates for reshaping into fragments.
Server logs¶
/var/log/nginx/access.log
Every request to your web server is recorded in this log file, unless Nginx is configured to do otherwise.
/var/log/nginx/error.log
All Nginx errors are recorded in this log.
You have now learned the basic administration commands and should be ready to configure your site to host more than one domain.
Step 6 – Quality of life improvements Vscode and ssh keys¶
Configuring user account to www-data group
SSH keys login to server¶
Plan A¶
You have to create a key pair and transfer the public key to Google Cloud keymanager. Then you can use that key to login to all servers.
Plan B (Add Teros and Your Github key to webserver)¶
0) Make sure that you have github key in https://github.com/settings/keys 1) Download Tero Keso's public key from moodle and save it to your computer. 2) If needed generate your own key pair. 3) Open WSL Ubuntu --> Navigate to .ssh folder --> Locate needed public key(s) 4) Transfer the public key(s) to the server
How to make a SSH config to VScode
Host cluster01-dev
HostName 172.18.138.62
User student
IdentityFile C:\Users\tkeso\.ssh\SSHKEY
Host rancher01-dev
HostName 172.18.137.4
User student
IdentityFile C:\Users\tkeso\.ssh\SSHKEY
Dev tunnels (typically a bad idea, but useful for testing)¶
Basic information: https://code.visualstudio.com/docs/remote/tunnels