95 lines
2.2 KiB
Markdown
95 lines
2.2 KiB
Markdown
|
---
|
||
|
title: "Nginx Configuration for websites and file server in Arch Linux"
|
||
|
date: 2023-11-11T01:30:00+00:00
|
||
|
---
|
||
|
|
||
|
1. Point A and AAAA records to VPS ipv4 and ipv6
|
||
|
Move public ssh key to .ssh/authorized_keys
|
||
|
2. pacman-S nginx certbot-nginx
|
||
|
Allow port 80, 443
|
||
|
systemctl start nginx
|
||
|
3. Create according files according to nginx configuration
|
||
|
Create cert using certbot —nginx
|
||
|
Generate .htpasswd using htpasswd command with sudo
|
||
|
Edit nginx configuration
|
||
|
Create two folders at /etc/nginx
|
||
|
sites-available and sites-enabled
|
||
|
|
||
|
```
|
||
|
#sites-available/tty
|
||
|
#ln -sf sites-available/tty sites-enabled/tty
|
||
|
server {
|
||
|
server_name ng.night0721.xyz ;
|
||
|
location / {
|
||
|
root /etc/nginx/website;
|
||
|
index index.html
|
||
|
}
|
||
|
|
||
|
# google drive
|
||
|
location /files {
|
||
|
root /etc/nginx/files
|
||
|
autoindex on;
|
||
|
auth_basic "Restricted Access";
|
||
|
auth_basic_user_file /etc/nginx/.htpasswd;
|
||
|
}
|
||
|
|
||
|
location /discord {
|
||
|
proxy_pass https://discord.com/;
|
||
|
proxy_set_header Host discord.com;
|
||
|
proxy_set_header X-Real-IP $remote_addr;
|
||
|
}
|
||
|
|
||
|
listen [::]:443 ssl ipv6only=on;
|
||
|
listen 443 ssl;
|
||
|
ssl_certificate /etc/letsencrypt/live/ng.night0721.xyz/fullchain.pem;
|
||
|
ssl_certificate_key /etc/letsencrypt/live/ng.night0721.xyz/privkey.pem;
|
||
|
include /etc/letsencrypt/options-ssl-nginx.conf;
|
||
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem;
|
||
|
}
|
||
|
|
||
|
server {
|
||
|
if ($host = ng.night0721.xyz) {
|
||
|
return 301 https://$host$request_uri;
|
||
|
}
|
||
|
listen 80 ;
|
||
|
listen [::]:80 ;
|
||
|
server_name ng.night0721.xyz ;
|
||
|
return 404;
|
||
|
}
|
||
|
```
|
||
|
|
||
|
```
|
||
|
# nginx.conf
|
||
|
user http;
|
||
|
worker_processes auto;
|
||
|
worker_cpu_affinity auto;
|
||
|
|
||
|
events {
|
||
|
multi_accept on;
|
||
|
worker_connections 1024;
|
||
|
}
|
||
|
|
||
|
http {
|
||
|
charset utf-8;
|
||
|
sendfile on;
|
||
|
tcp_nopush on;
|
||
|
tcp_nodelay on;
|
||
|
server_tokens off;
|
||
|
log_not_found off;
|
||
|
types_hash_max_size 4096;
|
||
|
client_max_body_size 16M;
|
||
|
|
||
|
# MIME
|
||
|
include mime.types;
|
||
|
default_type application/octet-stream;
|
||
|
|
||
|
access_log /var/log/nginx/access.log;
|
||
|
error_log /var/log/nginx/error.log warn;
|
||
|
|
||
|
# load configs
|
||
|
include /etc/nginx/sites-enabled/*;
|
||
|
}
|
||
|
```
|
||
|
|
||
|
Useful video for setting up nginx: https://youtu.be/ugWydr_QdIY?si=vgyS-l6yWsqlSHZC
|