Re: nginx how to run first site as open , and second
thanks for einfach's kind advise , i at last do it.
final nginx.conf is
worker_processes 1;
worker_rlimit_nofile 1024;
events {
worker_connections 800;
}
#h
http {
include mime.types;
default_type application/octet-stream;
index index.html index.htm;
keepalive_timeout 65;
server_tokens off;
server {
listen 80;
listen [::]:80;
server_name localhost;#-for test
root /var/www/d1;
auth_basic Restricted;
auth_basic_user_file /var/www/1/.htpasswd;
}
#0
server {
listen 80;
listen [::]:80;
server_name a.mydns.jp;
root /var/www/d0;
auth_basic Restricted;
auth_basic_user_file /var/www/1/.htpasswd;
}
#1
server {
listen 80;
listen [::]:80;
server_name s.sun.ddns.vc;
root /var/www/d1;
auth_basic Restricted;
auth_basic_user_file /var/www/1/.htpasswd;
}
#2
server {
listen 80;
listen [::]:80;
server_name k.sun.ddns.vc;
root /var/www/d2;
auth_basic Restricted;
auth_basic_user_file /var/www/2/.htpasswd;
}
#11
server {
listen 80;
listen [::]:80;
server_name member.planex.ddns.vc;
root /var/www/d11;
auth_basic Restricted;
auth_basic_user_file /var/www/11/.htpasswd;
}
#12
server {
listen 80;
listen [::]:80;
server_name n.luna.ddns.vc;
root /var/www/d12;
auth_basic Restricted;
auth_basic_user_file /var/www/12/.htpasswd;
}
#h
}
and i run openbsd on USB only about 4GB .
so i must use hard sisk .
Filesystem 512-blocks Used Avail Capacity Mounted on
/dev/sd1a 8293692 5045444 283356464%/
/dev/sd0a 58566000 30109240 2548143254%/var/www
so
# cat /etc/rc.local
umount /var/www
mount_ext2fs /dev/sd0a /var/www # -ext2fs
if [ -x /usr/local/sbin/nginx ]; then
echo ' - Starting nginx - '; /etc/rc.d/nginx -f start
fi
because
cat /etc/rc.d/nginx
#!/bin/sh
#
# $OpenBSD: nginx,v 1.1 2012/02/19 11:34:36 robert Exp $
daemon=/usr/local/sbin/nginx #--
. /etc/rc.d/rc.subr
pexp=nginx:.*master.*process
rc_reload() {
${daemon} -s reload
}
rc_stop() {
${daemon} -s stop || pkill -f ^${pexp}
}
rc_cmd $1
and
cat
/etc/rc.shutdown
umount /var/www/
thanks thanks
--
tuyosi
* http://marc.info/?a=14167909673r=1w=2*
Re: nginx how to run first site as open , and second
Hi ,all .
how to compile nginx who has ability of basic auth using ports ?
according to http://wiki.nginx.org/Modules ,
if auth_basic is not wanted,
compile nginx --without-http_auth_basic_module .
---
i need basic auth because of family privacy photos ,
i run nginx on arch linux out of need .
nginx.conf is
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfileon;
keepalive_timeout 65;
# local
server {
listen 80;
server_name localhost;
root /mnt-nginx/d3;
index index.html index.htm;
auth_basic Restricted;
auth_basic_user_file /etc/nginx/13/.htpasswd;
# 13 insted of require
}
#-open-mydns
server {
listen 80;
server_name a.mydns.jp;
root /mnt-nginx/d1;
index index.html index.htm;
}
#-basic auth---ddns
server {
listen 80;
server_name s.sun.ddns.vc;
root /mnt-nginx/htdocs/Fam;
index index.html index.htm;
auth_basic Restricted;
auth_basic_user_file /etc/nginx/1/.htpasswd;
# 1 insted of require
}
}
---
tuyosi
Re: nginx how to run first site as open , and second
On 2014-12-29 at 08:59 CET Tuyosi Takesima wrote:
Hi ,all .
how to compile nginx who has ability of basic auth using ports ?
according to http://wiki.nginx.org/Modules ,
if auth_basic is not wanted,
compile nginx --without-http_auth_basic_module .
---
i need basic auth because of family privacy photos ,
i run nginx on arch linux out of need .
nginx.conf is
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfileon;
keepalive_timeout 65;
# local
server {
listen 80;
server_name localhost;
root /mnt-nginx/d3;
index index.html index.htm;
auth_basic Restricted;
auth_basic_user_file /etc/nginx/13/.htpasswd;
# 13 insted of require
}
#-open-mydns
server {
listen 80;
server_name a.mydns.jp;
root /mnt-nginx/d1;
index index.html index.htm;
}
#-basic auth---ddns
server {
listen 80;
server_name s.sun.ddns.vc;
root /mnt-nginx/htdocs/Fam;
index index.html index.htm;
auth_basic Restricted;
auth_basic_user_file /etc/nginx/1/.htpasswd;
# 1 insted of require
}
}
---
tuyosi
Hiya,
basic_auth is available by default in nginx on OpenBSD.
You do not need to compile it with any special flags/settings.
Thus you can set your PACKAGE_PATH to a mirror near you and simply do
# pkg_add nginx
or if you really want to compile it (why?) you can build it from ports
$ cd /usr/ports/www/nginx
$ make
$ sudo make install
See http://www.openbsd.org/faq/faq15.html for the documentation of the
package and ports system.
Be aware that nginx on OpenBSD runs in a proper chroot under /var/www,
thus you need to create the directories
/var/www/etc/nginx/1
and
/var/www/etc/nginx/13
and put your .htpasswd files there if you want to use your configuration
as quoted above. Otherwise you will get errors like
*1 open() /etc/nginx/conf/13/.htpasswd failed (2: No such file or
directory)
in /var/www/logs/error.log
The same goes for the document roots. You will need the directories
/var/www/mnt-nginx/d1
/var/www/mnt-nginx/d3
/var/www/mnt-nginx/htdocs/Fam
for your unaltered configuration to work.
Note that basic_auth over unencrypted http might be a weak
authentication mechanism for your purpose.
Also note that the nginx-package does not bring you the htpasswd program
to generate your .htaccess files.
htpasswd is in the OpenBSD base system since OpenBSD 5.6
HTH
rru
Re: nginx how to run first site as open , and second
thanks for good advise .
surely no need to compile to obtain basic auth .
my test nginx.conf is next .
cat /etc/nginx
/nginx.conf
worker_processes 1;
worker_rlimit_nofile 1024;
events {
worker_connections 800;
}
http {
include mime.types;
default_type application/octet-stream;
index index.html index.htm;
keepalive_timeout 65;
server_tokens off;
server {
listen 80;
listen [::]:80
server_name s.sun.ddns.vc;
root /var/www/htdocs;
error_page 500 502 503 504 /50x.html;
auth_basic Restricted;
auth_basic_user_file /var/www/1/.htpasswd;
location = /50x.html {
root /var/www/htdocs;
}
}
}
when intenal server error occur .i overcom by
' chown -R www /var/www ' .
is this right ?
--
tuyosi
Re: nginx how to run first site as open , and second
Hi,
On 2014-12-30 on 05:30 CET Tuyosi Takesima wrote :
thanks for good advise .
surely no need to compile to obtain basic auth .
my test nginx.conf is next .
cat /etc/nginx
/nginx.conf
worker_processes 1;
worker_rlimit_nofile 1024;
events {
worker_connections 800;
}
http {
include mime.types;
default_type application/octet-stream;
index index.html index.htm;
keepalive_timeout 65;
server_tokens off;
server {
listen 80;
listen [::]:80
You are missing a ; here--^
server_name s.sun.ddns.vc;
root /var/www/htdocs;
error_page 500 502 503 504 /50x.html;
auth_basic Restricted;
auth_basic_user_file /var/www/1/.htpasswd;
location = /50x.html {
root /var/www/htdocs;
}
}
}
when intenal server error occur .i overcom by
' chown -R www /var/www ' .
is this right ?
No. You just need to check the entries in /var/www/logs/error.log
where you will probably find something like
*1 open() /1/.htpasswd failed (13: Permission denied),
and so you should check the ownership of /var/www/1/.htpasswd .
This file must be readable by user www. It should be something like
$ ls -l /var/www/1/.htpasswd
-r 1 www daemon 67 Dec 30 05:50 .htpasswd
If you created .htpasswd as root or another user the ownership will
probably be wrong.
No need to change the ownership of the whole tree under /var/www .
--
tuyosi
Cheers,
rru
nginx how to run first site as open , and second as basic auth .
hi,all .
i use name based virtual host (=server block).
i want to run first site as open and second site as ristricted (basic
auth),
but it is hard to do and there is little information on internet about this
.
it is easy to run only name based virtualhost (=server block) .
nginx.conf is next .
worker_processes 1;
worker_rlimit_nofile 1024;
events {
worker_connections 800;
}
http {
include mime.types;
default_type application/octet-stream;
index index.html index.htm;
keepalive_timeout 65;
server_tokens off;
server {
listen 80;
listen [::]:80;
server_name a.mydns.jp; --- 1st site
root /var/www/htdocs/d1;
}
server {
listen 80;
listen [::]:80;
server_name s.sun.ddns.vc; --- 2nd site
root /var/www/htdocs/d2;
}
}
---
give me some hints .
Re: nginx how to run first site as open , and second as basic auth .
i want to run first site as open and second site as ristricted (basic
auth),
but it is hard to do and there is little information on internet about
this
Just add
auth_basic Test site;
auth_basic_user_file .htpasswd;
to second server { ... } block.
Re: nginx how to run first site as open , and second
thanks for kind reply .
i rewrite /etc/nginx/nginx.conf .
worker_processes 1;
worker_rlimit_nofile 1024;
events {
worker_connections 800;
}
http {
include mime.types;
default_type application/octet-stream;
index index.html index.htm;
keepalive_timeout 65;
server_tokens off;
server {
listen 80;
listen [::]:80;
server_name aoiyuma.mydns.jp;
root /var/apache2/d1;
}
server {
listen 80;
listen [::]:80;
server_name saigyou.sun.ddns.vc;
root /var/apache2/d2;
auth_basic Test site;
auth_basic_user_file /etc/nginx/.htpasswd;
}
}
but by using walking telephone , internal server error happens .
about apache2 , ' Require user XXX ' is needed
in nginx , is it not nessesary ?
---
tuyosi
Re: nginx how to run first site as open , and second
i think , think ,so i try archlinux's nginx .
the following /etc/nginx/nginx.conf goes well.
--
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
sendfileon;
keepalive_timeout 65;
server {
listen 80;
server_name a.mydns.jp;
root /srv/http;
index index.html index.htm;
}
server {
listen 80;
server_name s.sun.ddns.vc;
root /srv/http/Fam/;
index index.html index.htm;
auth_basic Restricted; #For Basic
Auth
auth_basic_user_file /etc/nginx/.htpasswd; #For Basic
Auth
}
}
in archlinux
21 nginx -V | tr -- - '\n' | grep _module is next
(see
http://serverfault.com/questions/223509/how-can-i-see-which-flags-nginx-was-compiled-with
)
imap_ssl_module
http_dav_module
http_gunzip_module
http_gzip_static_module
http_realip_module
http_spdy_module
http_ssl_module
http_stub_status_module
http_addition_module
http_degradation_module
http_flv_module
http_mp4_module
http_secure_link_module
http_sub_module
but in openbsd , there are much less modules by security first policy .
so basic auth except ssl is ineffective in openbsd , so i think .
-
tuyosi
