Reverse-proxy NGINX + Apache on Directadmin powered server with CB 2.x

There also was redefined:

port_80

in directadmin.conf from the previous customization, and now it's also fixed.
 
That's a normal behavior. You removed DirectAdmin original (not customized templates) with the commands given, now you should manually update DA to get them back or install DA pre-release binaries :) Please check for custom virtual_host2.conf templates in /usr/local/directadmin/data/templates/custom next time, but it seems you did not have them.

Oh! yes right!

Right, it was my mistake in cd command, now it should be fixed.

There also was redefined:

port_80

in directadmin.conf from the previous customization, and now it's also fixed.

Great job man, thank you very much for helping me, my websites back to normal and now up

Thank you again
 
It was noticed that Apache`s server-status page is displaying 127.0.0.1 instead of Real IPs. The guide was updated with a fix for it (it is UPDATE 1 in the very first message in the thread).
 
This issue was already fixed about a month ago in DA pre-release binaries. Please install them and run "./build rewrite_confs", that should fix it for you. Good luck! :)
 
Custombuild 2 allows us to have a reverse-proxy NGINX + Apache on Directadmin powered server without a need for any 3rd party scripts or plugins, addons. That's quite easy to start using it.

Custombuild 2.x: NGINX + Apache

Run this code to build nginx + apache with custombuild:
Code:
cd /usr/local/directamin/custombuild
./build update
./build update_da
./build set webserver nginx_apache
./build nginx_apache
./build rewrite_confs

That's it. Have fun with it.

hello,
I just install NGINX + Apache in the above way but after the end of ./build nginx_apache the nginx failed to start and i got this error :
2014/09/01 18:46:07 [emerg] 8279#0: SSL_CTX_use_PrivateKey_file("/etc/httpd/conf/ssl.key/server.key") failed (SSL: error:0B080074:x509 certificate routines:X509_check_private_key:key values mismatch)

could you please give me some tips about that ? what should i do to fix this ?

Thanks
 
Hello,

You should correct your /etc/httpd/conf/ssl.key/server.key and /etc/httpd/conf/ssl.crt/server.crt.combined

You need to copy /etc/httpd/conf/ssl.crt/server.crt and CA root or intermediate certs (the latest are optional) into /etc/httpd/conf/ssl.crt/server.crt.combined

There were noticed other issues with server.crt.combined on regular hosts, when the file does not get created as expected.
 
you should , you should
but you need fight with it !!!

but it's all because of Smtalk !!! ( joking )
but again i want run this since so long time.. and they always have something to fix..

now we need to use this fix :
http://www.directadmin.com/features.php?id=1638

i just waiting the next stable version of directadmin, and maybe with some luck we can begin to be stable with nginx apache.. i really need it on so many server..

Waiting to be happy :)
 
Has the setup been tested with alternative protocols such as DAV and WBXML?
Do settings like these need to be ported to the NGINX config?
Code:
Order Allow,Deny
Allow from all
 
Apache bug is now fixed in CustomBuild 2.0, and it uses useragent_ip instead of client_ip directory from Apache's scoreboard for mod_status. It reports real IP, instead of a proxy (server) IP in /server-status page. Reinstallation of apache is enough to fix the problem:
Code:
cd /usr/local/directadmin/custombuild
./build update
./build apache
 
Now im using apache with mod_fcgid (opcache + memcache).
Nginx work's only with mod_ruid2 or can i run them with mod_fcgid?

build nginx_apache is safe for my configuration? All settings will works with nginx as proxy (SSL certificates, client IP's and other settings)?

Im very happy with taht feature :).
I don't belive, build nginx_apache and world will be better :D.

Regards
 
NGINX as a reverse proxy doesn't care how you run PHP. Though there might be issues all errors are fixed very quickly by Directadmin staff. Just make sure to have the latest release of Directadmin which contains bug fixes related to NGINX.

Thus your configuration is safe.
 
All work's fine. Sites load faster. It's wonderful feature.
Great job guys.

Regards

EDIT (not all work's OK :])
-----------------------------------------------------
Everything works fine except for one site.

Files are not loading.
In error.log errors appear.

2014/09/17 09:55:17 [error] 62888#0: *27919 openat() "/home/znak/domains/userdomain.com/public_html/administrator/templates/khepri/js/menu.js.gz" failed (13: Permission denied), client: 46.175.239.112, server: userdomain.com, request: "GET /administrator/templates/khepri/js/menu.js HTTP/1.1", upstream: "http://37.28.155.253:8080/administrator/templates/khepri/js/menu.js", host: "userdomain.com", referrer: "http://userdomain.com/administrator/index.php?option=com_config"
2014/09/17 09:55:17 [error] 62888#0: *27919 openat() "/home/znak/domains/userdomain.com/public_html/administrator/templates/khepri/js/menu.js" failed (13: Permission denied), client: 46.175.239.112, server: userdomain.com, request: "GET /administrator/templates/khepri/js/menu.js HTTP/1.1", upstream: "http://37.28.155.253:8080/administrator/templates/khepri/js/menu.js", host: "userdomain.com", referrer: "http://userdomain.com/administrator/index.php?option=com_config"
2014/09/17 09:55:17 [error] 62888#0: *27924 openat() "/home/znak/domains/userdomain.com/public_html/administrator/components/com_aicontactsafe/images/aicontactsafe_icon.gif.gz" failed (13: Permission denied), client: 46.175.239.112, server: userdomain.com, request: "GET /administrator/components/com_aicontactsafe/images/aicontactsafe_icon.gif HTTP/1.1", upstream: "http://37.28.155.253:8080/administrator/components/com_aicontactsafe/images/aicontactsafe_icon.gif", host: "userdomain.com", referrer: "http://userdomain.com/administrator/index.php?option=com_config"
2014/09/17 09:55:17 [error] 62888#0: *27924 openat() "/home/znak/domains/userdomain.com/public_html/administrator/components/com_aicontactsafe/images/aicontactsafe_icon.gif" failed (13: Permission denied), client: 46.175.239.112, server: userdomain.com, request: "GET /administrator/components/com_aicontactsafe/images/aicontactsafe_icon.gif HTTP/1.1", upstream: "http://37.28.155.253:8080/administrator/components/com_aicontactsafe/images/aicontactsafe_icon.gif", host: "userdomain.com", referrer: "http://userdomain.com/administrator/index.php?option=com_config"

User permissions:
Code:
root@server:/# ls -l /home/znak/domains/znak-osk.pl/public_html/index.php
-rw-r--r-- 1 znak znak 2052 mar  8  2012 /home/znak/domains/znak-osk.pl/public_html/index.php
root@server:/# ls -l /home/znak/domains/znak-osk.pl|grep public_html
drwxr-xr-x 17 znak znak  4096 wrz 17 09:25 public_html
root@server:/# ls -l /home/znak|grep domains
drwx--x--x 3 znak znak 4096 mar  8  2012 domains
lrwxrwxrwx 1 znak znak   33 sty  3  2014 public_html -> ./domains/znak-osk.pl/public_html


Any ideas how to fix this problem?
 
Last edited:
Now 3 site's have the same problem. All sites have old joomla (1.6).
Is any possibility to turn off reverse proxy for selected domains?

EDIT
---
I noticed that after more nginx reboots the problem affects more domains.
I must turn off nginx :(

Regards
 
Last edited:
Back
Top