Saturday 21 February 2015

Install nginx on Centos 7



Install nginx on Centos 7
    #Disable SELinux !!!!!: http://blog.saitov.me/2015/02/disabling-selinux.html
    # install nging
    # set firewall
    # start
    # Start on system start
    # move folder www to vars

 yum install nginx -y
firewall-cmd --zone=public --add-port=80/tcp --permanent
firewall-cmd --reload
service nginx start
sudo chkconfig --levels 235 nginx on

 if /var/www not exists -

    mkdir /var/www
    chown -R nginx:nginx /var/www
    mv -v /usr/share/nginx/html/ /var/www
    chmod -R 0755 /var/www


#edit /etc/nginx/nginx.conf to new www path
# take config example : https://drive.google.com/file/d/0B4jtobl4lJX7STlBaTU0UENrN00/view?usp=sharing
service nginx restart

How To Set Up HTTP Authentication With Nginx


printf "USER:$(openssl passwd -crypt PASSWORD)\n" >> .htpasswd
Replace USER and PASSWORD for your user and password 

Your nginx configuration file for the website should be under /etc/nginx/sites-available/. Add the two entries below under for the domain path that you want to secure.
    auth_basic "Restricted";
    auth_basic_user_file /etc/nginx/.htpasswd;
The second line is the location of the htpasswd file for your website.
!

If you familiar with paranoia, and not disabled SELinux

Set SELinux permissions !!!!
I experienced the same problem and it was due to SELinux.
To check if SELinux is running:
# getenforce
To disable SELinux until next reboot:
# setenforce Permissive
Restart Nginx and see if the problem persists. If you would like to permanently alter the settings you can edit /etc/sysconfig/selinux
http://blog.saitov.me/2015/02/disabling-selinux.html
If SELinux is your problem you can run the following to allow nginx to serve your www directory (make sure you turn SELinux back on before testing this. i.e, # setenforce Enforcing)
# chcon -Rt httpd_sys_content_t /path/to/www
If you're still having issues take a look at the boolean flags in getsebool -a, in particular you may need to turn on httpd_can_network_connect for network access
# setsebool -P httpd_can_network_connect on
For me it was enough to allow http to serve my www directory.
Set writable directories :  
chown nginx -R /var/www..../web/runtime
chown nginx -R /var/www/..../www/assets

No comments:

Post a Comment