night0721.xyz/content/posts/nginx/index.md

---
title: "Nginx Configuration for websites and file server in Arch Linux"
date: 2023-11-11T01:30:00+00:00
---

1. Point A and AAAA records to VPS ipv4 and ipv6
Move public ssh key to .ssh/authorized_keys
2. pacman-S nginx certbot-nginx
Allow port 80, 443
systemctl start nginx
3. Create according files according to nginx configuration
Create cert using certbot —nginx
Generate .htpasswd using htpasswd command with sudo
Edit nginx configuration
Create two folders at /etc/nginx
sites-available and sites-enabled

```
#sites-available/tty
#ln -sf sites-available/tty sites-enabled/tty
server {
    server_name ng.night0721.xyz ;
    location / {
        root /etc/nginx/website;
        index index.html
    }
    
    # google drive
    location /files {
        root /etc/nginx/files         
        autoindex on;
        auth_basic "Restricted Access";
        auth_basic_user_file /etc/nginx/.htpasswd;
    }
    
    location /discord {
        proxy_pass https://discord.com/;
        proxy_set_header Host discord.com;
        proxy_set_header X-Real-IP $remote_addr;    
    }

    listen [::]:443 ssl ipv6only=on;
    listen 443 ssl;
    ssl_certificate /etc/letsencrypt/live/ng.night0721.xyz/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/ng.night0721.xyz/privkey.pem;
    include /etc/letsencrypt/options-ssl-nginx.conf;
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
}

server {
    if ($host = ng.night0721.xyz) {
        return 301 https://$host$request_uri;
    }
    listen 80 ;
    listen [::]:80 ;
    server_name ng.night0721.xyz ;
    return 404;
}
```

```
# nginx.conf
user http;
worker_processes auto;
worker_cpu_affinity auto;

events {
    multi_accept on;
    worker_connections 1024;
}

http {
    charset utf-8;
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    server_tokens off;
    log_not_found off;
    types_hash_max_size 4096;
    client_max_body_size 16M;

    # MIME
    include mime.types;
    default_type application/octet-stream;

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log warn;

    # load configs
    include /etc/nginx/sites-enabled/*;
}
```

Useful video for setting up nginx: https://youtu.be/ugWydr_QdIY?si=vgyS-l6yWsqlSHZC
videos 2023-11-11 19:45:42 +01:00			`---`
			`title: "Nginx Configuration for websites and file server in Arch Linux"`
			`date: 2023-11-11T01:30:00+00:00`
			`---`

			`1. Point A and AAAA records to VPS ipv4 and ipv6`
			`Move public ssh key to .ssh/authorized_keys`
			`2. pacman-S nginx certbot-nginx`
			`Allow port 80, 443`
			`systemctl start nginx`
			`3. Create according files according to nginx configuration`
			`Create cert using certbot —nginx`
			`Generate .htpasswd using htpasswd command with sudo`
			`Edit nginx configuration`
			`Create two folders at /etc/nginx`
			`sites-available and sites-enabled`

			```
			`#sites-available/tty`
			`#ln -sf sites-available/tty sites-enabled/tty`
			`server {`
			`server_name ng.night0721.xyz ;`
			`location / {`
			`root /etc/nginx/website;`
			`index index.html`
			`}`

			`# google drive`
			`location /files {`
			`root /etc/nginx/files`
			`autoindex on;`
			`auth_basic "Restricted Access";`
			`auth_basic_user_file /etc/nginx/.htpasswd;`
			`}`

			`location /discord {`
			`proxy_pass https://discord.com/;`
			`proxy_set_header Host discord.com;`
			`proxy_set_header X-Real-IP $remote_addr;`
			`}`

			`listen [::]:443 ssl ipv6only=on;`
			`listen 443 ssl;`
			`ssl_certificate /etc/letsencrypt/live/ng.night0721.xyz/fullchain.pem;`
			`ssl_certificate_key /etc/letsencrypt/live/ng.night0721.xyz/privkey.pem;`
			`include /etc/letsencrypt/options-ssl-nginx.conf;`
			`ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;`
			`}`

			`server {`
			`if ($host = ng.night0721.xyz) {`
			`return 301 https://$host$request_uri;`
			`}`
			`listen 80 ;`
			`listen [::]:80 ;`
			`server_name ng.night0721.xyz ;`
			`return 404;`
			`}`
			```

			```
			`# nginx.conf`
			`user http;`
			`worker_processes auto;`
			`worker_cpu_affinity auto;`

			`events {`
			`multi_accept on;`
			`worker_connections 1024;`
			`}`

			`http {`
			`charset utf-8;`
			`sendfile on;`
			`tcp_nopush on;`
			`tcp_nodelay on;`
			`server_tokens off;`
			`log_not_found off;`
			`types_hash_max_size 4096;`
			`client_max_body_size 16M;`

			`# MIME`
			`include mime.types;`
			`default_type application/octet-stream;`

			`access_log /var/log/nginx/access.log;`
			`error_log /var/log/nginx/error.log warn;`

			`# load configs`
			`include /etc/nginx/sites-enabled/*;`
			`}`
			```

			`Useful video for setting up nginx: https://youtu.be/ugWydr_QdIY?si=vgyS-l6yWsqlSHZC`