Re: nginx how to run first site as open , and second
thanks for einfach's kind advise , i at last do it. final nginx.conf is worker_processes 1; worker_rlimit_nofile 1024; events { worker_connections 800; } #h http { include mime.types; default_type application/octet-stream; index index.html index.htm; keepalive_timeout 65; server_tokens off; server { listen 80; listen [::]:80; server_name localhost;#-for test root /var/www/d1; auth_basic Restricted; auth_basic_user_file /var/www/1/.htpasswd; } #0 server { listen 80; listen [::]:80; server_name a.mydns.jp; root /var/www/d0; auth_basic Restricted; auth_basic_user_file /var/www/1/.htpasswd; } #1 server { listen 80; listen [::]:80; server_name s.sun.ddns.vc; root /var/www/d1; auth_basic Restricted; auth_basic_user_file /var/www/1/.htpasswd; } #2 server { listen 80; listen [::]:80; server_name k.sun.ddns.vc; root /var/www/d2; auth_basic Restricted; auth_basic_user_file /var/www/2/.htpasswd; } #11 server { listen 80; listen [::]:80; server_name member.planex.ddns.vc; root /var/www/d11; auth_basic Restricted; auth_basic_user_file /var/www/11/.htpasswd; } #12 server { listen 80; listen [::]:80; server_name n.luna.ddns.vc; root /var/www/d12; auth_basic Restricted; auth_basic_user_file /var/www/12/.htpasswd; } #h } and i run openbsd on USB only about 4GB . so i must use hard sisk . Filesystem 512-blocks Used Avail Capacity Mounted on /dev/sd1a 8293692 5045444 283356464%/ /dev/sd0a 58566000 30109240 2548143254%/var/www so # cat /etc/rc.local umount /var/www mount_ext2fs /dev/sd0a /var/www # -ext2fs if [ -x /usr/local/sbin/nginx ]; then echo ' - Starting nginx - '; /etc/rc.d/nginx -f start fi because cat /etc/rc.d/nginx #!/bin/sh # # $OpenBSD: nginx,v 1.1 2012/02/19 11:34:36 robert Exp $ daemon=/usr/local/sbin/nginx #-- . /etc/rc.d/rc.subr pexp=nginx:.*master.*process rc_reload() { ${daemon} -s reload } rc_stop() { ${daemon} -s stop || pkill -f ^${pexp} } rc_cmd $1 and cat /etc/rc.shutdown umount /var/www/ thanks thanks -- tuyosi * http://marc.info/?a=14167909673r=1w=2*
Re: nginx how to run first site as open , and second
Hi ,all . how to compile nginx who has ability of basic auth using ports ? according to http://wiki.nginx.org/Modules , if auth_basic is not wanted, compile nginx --without-http_auth_basic_module . --- i need basic auth because of family privacy photos , i run nginx on arch linux out of need . nginx.conf is worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfileon; keepalive_timeout 65; # local server { listen 80; server_name localhost; root /mnt-nginx/d3; index index.html index.htm; auth_basic Restricted; auth_basic_user_file /etc/nginx/13/.htpasswd; # 13 insted of require } #-open-mydns server { listen 80; server_name a.mydns.jp; root /mnt-nginx/d1; index index.html index.htm; } #-basic auth---ddns server { listen 80; server_name s.sun.ddns.vc; root /mnt-nginx/htdocs/Fam; index index.html index.htm; auth_basic Restricted; auth_basic_user_file /etc/nginx/1/.htpasswd; # 1 insted of require } } --- tuyosi
Re: nginx how to run first site as open , and second
On 2014-12-29 at 08:59 CET Tuyosi Takesima wrote: Hi ,all . how to compile nginx who has ability of basic auth using ports ? according to http://wiki.nginx.org/Modules , if auth_basic is not wanted, compile nginx --without-http_auth_basic_module . --- i need basic auth because of family privacy photos , i run nginx on arch linux out of need . nginx.conf is worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfileon; keepalive_timeout 65; # local server { listen 80; server_name localhost; root /mnt-nginx/d3; index index.html index.htm; auth_basic Restricted; auth_basic_user_file /etc/nginx/13/.htpasswd; # 13 insted of require } #-open-mydns server { listen 80; server_name a.mydns.jp; root /mnt-nginx/d1; index index.html index.htm; } #-basic auth---ddns server { listen 80; server_name s.sun.ddns.vc; root /mnt-nginx/htdocs/Fam; index index.html index.htm; auth_basic Restricted; auth_basic_user_file /etc/nginx/1/.htpasswd; # 1 insted of require } } --- tuyosi Hiya, basic_auth is available by default in nginx on OpenBSD. You do not need to compile it with any special flags/settings. Thus you can set your PACKAGE_PATH to a mirror near you and simply do # pkg_add nginx or if you really want to compile it (why?) you can build it from ports $ cd /usr/ports/www/nginx $ make $ sudo make install See http://www.openbsd.org/faq/faq15.html for the documentation of the package and ports system. Be aware that nginx on OpenBSD runs in a proper chroot under /var/www, thus you need to create the directories /var/www/etc/nginx/1 and /var/www/etc/nginx/13 and put your .htpasswd files there if you want to use your configuration as quoted above. Otherwise you will get errors like *1 open() /etc/nginx/conf/13/.htpasswd failed (2: No such file or directory) in /var/www/logs/error.log The same goes for the document roots. You will need the directories /var/www/mnt-nginx/d1 /var/www/mnt-nginx/d3 /var/www/mnt-nginx/htdocs/Fam for your unaltered configuration to work. Note that basic_auth over unencrypted http might be a weak authentication mechanism for your purpose. Also note that the nginx-package does not bring you the htpasswd program to generate your .htaccess files. htpasswd is in the OpenBSD base system since OpenBSD 5.6 HTH rru
Re: nginx how to run first site as open , and second
thanks for good advise . surely no need to compile to obtain basic auth . my test nginx.conf is next . cat /etc/nginx /nginx.conf worker_processes 1; worker_rlimit_nofile 1024; events { worker_connections 800; } http { include mime.types; default_type application/octet-stream; index index.html index.htm; keepalive_timeout 65; server_tokens off; server { listen 80; listen [::]:80 server_name s.sun.ddns.vc; root /var/www/htdocs; error_page 500 502 503 504 /50x.html; auth_basic Restricted; auth_basic_user_file /var/www/1/.htpasswd; location = /50x.html { root /var/www/htdocs; } } } when intenal server error occur .i overcom by ' chown -R www /var/www ' . is this right ? -- tuyosi
Re: nginx how to run first site as open , and second
Hi, On 2014-12-30 on 05:30 CET Tuyosi Takesima wrote : thanks for good advise . surely no need to compile to obtain basic auth . my test nginx.conf is next . cat /etc/nginx /nginx.conf worker_processes 1; worker_rlimit_nofile 1024; events { worker_connections 800; } http { include mime.types; default_type application/octet-stream; index index.html index.htm; keepalive_timeout 65; server_tokens off; server { listen 80; listen [::]:80 You are missing a ; here--^ server_name s.sun.ddns.vc; root /var/www/htdocs; error_page 500 502 503 504 /50x.html; auth_basic Restricted; auth_basic_user_file /var/www/1/.htpasswd; location = /50x.html { root /var/www/htdocs; } } } when intenal server error occur .i overcom by ' chown -R www /var/www ' . is this right ? No. You just need to check the entries in /var/www/logs/error.log where you will probably find something like *1 open() /1/.htpasswd failed (13: Permission denied), and so you should check the ownership of /var/www/1/.htpasswd . This file must be readable by user www. It should be something like $ ls -l /var/www/1/.htpasswd -r 1 www daemon 67 Dec 30 05:50 .htpasswd If you created .htpasswd as root or another user the ownership will probably be wrong. No need to change the ownership of the whole tree under /var/www . -- tuyosi Cheers, rru
nginx how to run first site as open , and second as basic auth .
hi,all . i use name based virtual host (=server block). i want to run first site as open and second site as ristricted (basic auth), but it is hard to do and there is little information on internet about this . it is easy to run only name based virtualhost (=server block) . nginx.conf is next . worker_processes 1; worker_rlimit_nofile 1024; events { worker_connections 800; } http { include mime.types; default_type application/octet-stream; index index.html index.htm; keepalive_timeout 65; server_tokens off; server { listen 80; listen [::]:80; server_name a.mydns.jp; --- 1st site root /var/www/htdocs/d1; } server { listen 80; listen [::]:80; server_name s.sun.ddns.vc; --- 2nd site root /var/www/htdocs/d2; } } --- give me some hints .
Re: nginx how to run first site as open , and second as basic auth .
i want to run first site as open and second site as ristricted (basic auth), but it is hard to do and there is little information on internet about this Just add auth_basic Test site; auth_basic_user_file .htpasswd; to second server { ... } block.
Re: nginx how to run first site as open , and second
thanks for kind reply . i rewrite /etc/nginx/nginx.conf . worker_processes 1; worker_rlimit_nofile 1024; events { worker_connections 800; } http { include mime.types; default_type application/octet-stream; index index.html index.htm; keepalive_timeout 65; server_tokens off; server { listen 80; listen [::]:80; server_name aoiyuma.mydns.jp; root /var/apache2/d1; } server { listen 80; listen [::]:80; server_name saigyou.sun.ddns.vc; root /var/apache2/d2; auth_basic Test site; auth_basic_user_file /etc/nginx/.htpasswd; } } but by using walking telephone , internal server error happens . about apache2 , ' Require user XXX ' is needed in nginx , is it not nessesary ? --- tuyosi
Re: nginx how to run first site as open , and second
i think , think ,so i try archlinux's nginx . the following /etc/nginx/nginx.conf goes well. -- worker_processes 1; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; sendfileon; keepalive_timeout 65; server { listen 80; server_name a.mydns.jp; root /srv/http; index index.html index.htm; } server { listen 80; server_name s.sun.ddns.vc; root /srv/http/Fam/; index index.html index.htm; auth_basic Restricted; #For Basic Auth auth_basic_user_file /etc/nginx/.htpasswd; #For Basic Auth } } in archlinux 21 nginx -V | tr -- - '\n' | grep _module is next (see http://serverfault.com/questions/223509/how-can-i-see-which-flags-nginx-was-compiled-with ) imap_ssl_module http_dav_module http_gunzip_module http_gzip_static_module http_realip_module http_spdy_module http_ssl_module http_stub_status_module http_addition_module http_degradation_module http_flv_module http_mp4_module http_secure_link_module http_sub_module but in openbsd , there are much less modules by security first policy . so basic auth except ssl is ineffective in openbsd , so i think . - tuyosi