Reverse-proxy NGINX + Apache on Directadmin powered server with CB 2.x

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
15,143
Location
GMT +7.00
Custombuild 2 allows us to have a reverse-proxy NGINX + Apache on Directadmin powered server without a need for any 3rd party scripts or plugins, addons. That's quite easy to start using it.


CustomBuild 2.x version

First of all make sure you've got custombuild 2:
Code:
cd /usr/local/directadmin/custombuild
./build version
You should see an output similar to the following:
Code:
[root@server custombuild]# ./build version
2.0.0-RC7 (rev: 863)


If it differes much then you've got custombuild 1.x


Directadmin version

To check directadmin version run this code:
Code:
[root@server custombuild]# /usr/local/directadmin/directadmin v
Version: DirectAdmin v.1.45.4

Make sure to have version of directadmin no less than 1.45.2 otherwise the things won't work.


Custombuild 2.x: NGINX + Apache

Run this code to build nginx + apache with custombuild:
Code:
cd /usr/local/directadmin/custombuild
./build update
./build update_da
./build set webserver nginx_apache
./build nginx_apache
./build rewrite_confs

That's it. Have fun with it.


UPDATE #1: Real IP on Apache`s server-status page (*** ACTUAL VERSION OF APACHE SHOULD HAVE IT FIXED ALREADY ***)

Please do not follow this update #1 if you have the latest apache version with a patch that fixes the issue!

Apache gets real IPs, you may see it in $_SERVER with PHP or in apache logs; but it shows incorrect IP in apache's server status.

Before to start, please make sure to have unzip installed on your server:

On RHEL/CentOS
Code:
yum install unzip

On Debian/Ubuntu
Code:
apt-get install unzip

To get real IPs instead 127.0.0.1 on Apache`s server-status page you need to install mod_rpaf, as remoteip is buggy in this case:

Code:
cd /usr/local/src
wget [URL]https://github.com/y-ken/mod_rpaf/archive/master.zip[/URL]
unzip master.zip
cd mod_rpaf-master
/bin/sed -i "s/remote_/client_/g" mod_rpaf-2.0.c
make && make install

and insert following instructions:

Code:
LoadModule rpaf_module      /usr/lib/apache/mod_rpaf-2.0.so
<IfModule mod_rpaf-2.0.c>
    RPAFenable On
    RPAFproxy_ips 127.0.0.1
    RPAFsethostname On
    RPAFheader X-Client-IP
</IfModule>

into /etc/httpd/conf/extra/httpd-includes.conf and restart apache.
 
Last edited:
Thanks!

But is this a viable configuration on a Sharedhosting environment?

My current configuration
Apache + Mod_Ruid2 (CLI)
 
I've installed it on my servers and the increase in performance is huge!
The Initial load and the load times between pages have decreased dramaticly!

Great work on the how to :)
 
Another addition:

If you get a 504 Gateway Timeout.
Add these settings below http{

/etc/nginx/nginx.conf
Code:
proxy_connect_timeout       600;
proxy_send_timeout          600;
proxy_read_timeout          600;
send_timeout                600;
 
Marc,

to protect your modificatations, you should now update the file:

/usr/local/directadmin/custombuild/configure/nginx_reverse/conf/nginx.conf

the same way and copy it to

/usr/local/directadmin/custombuild/custom/nginx_reverse/conf/nginx.conf

Create a directory /usr/local/directadmin/custombuild/custom/nginx_reverse/conf/ if does not exist.

That will protect your changes against being lost.
 
Hi!

Is there any way to host multiple SSL sites with DA + Nginx on one IP address, but with different certificates?

In clear nginx+apache setup I can do this very easy by just proxying nginx SSL front to plain apache backend, but with DirectAdmin its looks impossible to me, because DA says: "You can only add a certificate if you own the ip you are using".

Is there any ideas?
 
After switch from 3rd party reverse proxy nginx-apache to DA nginx_apache and do all steps same as first post then my websites are display same errors in the blank page:

Apache is functioning normally

How can I solve it ?
 
You should remove all custom virtual_host2*.conf templates from /usr/local/directadmin/data/tempates/custom/ :


Code:
cd /usr/local/directadmin/data/templates/custom
rm -fv virtual_host2*.conf


and rewrite all virtual hosts:

Code:
echo "action=rewrite&value=httpd" >> /usr/local/directadmin/data/task.queue

let it upto 3-4 minutes to complete and check your web-sites.
 
Last edited:
You should remove all custom virtual_host2*.conf templates from /usr/local/directadmin/data/tempates/custom/ :


Code:
cd /usr/local/directadmin/data/templates
rm -fv virtual_host2*.conf


and rewrite all virtual hosts:

Code:
echo "action=rewrite&value=httpd" >> /usr/local/directadmin/data/task.queue

let it upto 3-4 minutes to complete and check your web-sites.

It take 3-4 min. or I should wait for 3-4 min. ?

run above commands but still nothing, same as before...
 
Please show here an apache's virtual host for a domain.

After running above commands that you wrote, only available

Code:
<Directory "/home/fsaco/public_html">
        <IfModule mod_ruid2.c>
                RMode config
                RUidGid fsaco fsaco
                #RGroups apache access
                RGroups @none
        </IfModule>
</Directory>
 
That's something wrong, please provide admin acces into directadmin so I could see it myself.
 
After running above commands that you wrote, only available

Code:
<Directory "/home/fsaco/public_html">
        <IfModule mod_ruid2.c>
                RMode config
                RUidGid fsaco fsaco
                #RGroups apache access
                RGroups @none
        </IfModule>
</Directory>

That's a normal behavior. You removed DirectAdmin original (not customized templates) with the commands given, now you should manually update DA to get them back or install DA pre-release binaries :) Please check for custom virtual_host2.conf templates in /usr/local/directadmin/data/templates/custom next time, but it seems you did not have them.
 
Back
Top