Reverse-proxy NGINX + Apache on Directadmin powered server with CB 2.x

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,854
Location
GMT +7.00
Custombuild 2 allows us to have a reverse-proxy NGINX + Apache on Directadmin powered server without a need for any 3rd party scripts or plugins, addons. That's quite easy to start using it.


CustomBuild 2.x version

First of all make sure you've got custombuild 2:
Code:
cd /usr/local/directadmin/custombuild
./build version
You should see an output similar to the following:
Code:
[root@server custombuild]# ./build version
2.0.0-RC7 (rev: 863)

If it differes much then you've got custombuild 1.x


Directadmin version

To check directadmin version run this code:
Code:
[root@server custombuild]# /usr/local/directadmin/directadmin v
Version: DirectAdmin v.1.45.4
Make sure to have version of directadmin no less than 1.45.2 otherwise the things won't work.


Custombuild 2.x: NGINX + Apache

Run this code to build nginx + apache with custombuild:
Code:
cd /usr/local/directadmin/custombuild
./build update
./build update_da
./build set webserver nginx_apache
./build nginx_apache
./build rewrite_confs
That's it. Have fun with it.


UPDATE #1: Real IP on Apache`s server-status page (*** ACTUAL VERSION OF APACHE SHOULD HAVE IT FIXED ALREADY ***)

Please do not follow this update #1 if you have the latest apache version with a patch that fixes the issue!

Apache gets real IPs, you may see it in $_SERVER with PHP or in apache logs; but it shows incorrect IP in apache's server status.

Before to start, please make sure to have unzip installed on your server:

On RHEL/CentOS
Code:
yum install unzip
On Debian/Ubuntu
Code:
apt-get install unzip
To get real IPs instead 127.0.0.1 on Apache`s server-status page you need to install mod_rpaf, as remoteip is buggy in this case:

Code:
cd /usr/local/src
wget [URL]https://github.com/y-ken/mod_rpaf/archive/master.zip[/URL]
unzip master.zip
cd mod_rpaf-master
/bin/sed -i "s/remote_/client_/g" mod_rpaf-2.0.c
make && make install
and insert following instructions:

Code:
LoadModule rpaf_module      /usr/lib/apache/mod_rpaf-2.0.so
<IfModule mod_rpaf-2.0.c>
    RPAFenable On
    RPAFproxy_ips 127.0.0.1
    RPAFsethostname On
    RPAFheader X-Client-IP
</IfModule>
into /etc/httpd/conf/extra/httpd-includes.conf and restart apache.
 
Last edited:

Hexweb

Verified User
Joined
Apr 29, 2014
Messages
64
Location
Netherlands
Thanks!

But is this a viable configuration on a Sharedhosting environment?

My current configuration
Apache + Mod_Ruid2 (CLI)
 

Hexweb

Verified User
Joined
Apr 29, 2014
Messages
64
Location
Netherlands
I've installed it on my servers and the increase in performance is huge!
The Initial load and the load times between pages have decreased dramaticly!

Great work on the how to :)
 

Hexweb

Verified User
Joined
Apr 29, 2014
Messages
64
Location
Netherlands
Another addition:

If you get a 504 Gateway Timeout.
Add these settings below http{

/etc/nginx/nginx.conf
Code:
proxy_connect_timeout       600;
proxy_send_timeout          600;
proxy_read_timeout          600;
send_timeout                600;
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,854
Location
GMT +7.00
Marc,

to protect your modificatations, you should now update the file:

/usr/local/directadmin/custombuild/configure/nginx_reverse/conf/nginx.conf

the same way and copy it to

/usr/local/directadmin/custombuild/custom/nginx_reverse/conf/nginx.conf

Create a directory /usr/local/directadmin/custombuild/custom/nginx_reverse/conf/ if does not exist.

That will protect your changes against being lost.
 

roman_m

Verified User
Joined
May 5, 2005
Messages
130
Location
Ukraine, Kiev
Hi!

Is there any way to host multiple SSL sites with DA + Nginx on one IP address, but with different certificates?

In clear nginx+apache setup I can do this very easy by just proxying nginx SSL front to plain apache backend, but with DirectAdmin its looks impossible to me, because DA says: "You can only add a certificate if you own the ip you are using".

Is there any ideas?
 

sIiiS

Verified User
Joined
Apr 1, 2014
Messages
9
After switch from 3rd party reverse proxy nginx-apache to DA nginx_apache and do all steps same as first post then my websites are display same errors in the blank page:

Apache is functioning normally

How can I solve it ?
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,854
Location
GMT +7.00
You should remove all custom virtual_host2*.conf templates from /usr/local/directadmin/data/tempates/custom/ :


Code:
cd /usr/local/directadmin/data/templates/custom
rm -fv virtual_host2*.conf

and rewrite all virtual hosts:

Code:
echo "action=rewrite&value=httpd" >> /usr/local/directadmin/data/task.queue
let it upto 3-4 minutes to complete and check your web-sites.
 
Last edited:

sIiiS

Verified User
Joined
Apr 1, 2014
Messages
9
You should remove all custom virtual_host2*.conf templates from /usr/local/directadmin/data/tempates/custom/ :


Code:
cd /usr/local/directadmin/data/templates
rm -fv virtual_host2*.conf

and rewrite all virtual hosts:

Code:
echo "action=rewrite&value=httpd" >> /usr/local/directadmin/data/task.queue
let it upto 3-4 minutes to complete and check your web-sites.
It take 3-4 min. or I should wait for 3-4 min. ?

run above commands but still nothing, same as before...
 

sIiiS

Verified User
Joined
Apr 1, 2014
Messages
9
Please show here an apache's virtual host for a domain.
After running above commands that you wrote, only available

Code:
<Directory "/home/fsaco/public_html">
        <IfModule mod_ruid2.c>
                RMode config
                RUidGid fsaco fsaco
                #RGroups apache access
                RGroups @none
        </IfModule>
</Directory>
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,854
Location
GMT +7.00
That's something wrong, please provide admin acces into directadmin so I could see it myself.
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,339
Location
LT, EU
After running above commands that you wrote, only available

Code:
<Directory "/home/fsaco/public_html">
        <IfModule mod_ruid2.c>
                RMode config
                RUidGid fsaco fsaco
                #RGroups apache access
                RGroups @none
        </IfModule>
</Directory>
That's a normal behavior. You removed DirectAdmin original (not customized templates) with the commands given, now you should manually update DA to get them back or install DA pre-release binaries :) Please check for custom virtual_host2.conf templates in /usr/local/directadmin/data/templates/custom next time, but it seems you did not have them.
 
Top