Reverse-proxy NGINX + Apache on Directadmin powered server with CB 2.x

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,331
Location
LT, EU
Anyone having the problem feel free to contact me to check & fix that on your servers (that would be free of charge, of course)
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,331
Location
LT, EU
JohnyByk, thank you for the access. A solution for now is to use the following in /etc/nginx/webapps.conf instead your current proxy_pass lines:
Code:
proxy_pass http://$server_addr:8080;
And for webapps.ssl.conf:
Code:
proxy_pass https://$server_addr:8081;
A fix should be uploaded shortly to DA fileservers. BTW, the issue affected owned IPs only. Thank you for the reports! :)
 

JohnyByk

Verified User
Joined
Mar 7, 2012
Messages
217
Thanks a lot.
It help for phpmyadmin.

Roundcube load static files but don't work.
HTML:
CONFIGURATION ERROR

config.inc.php was not found.
Please read the INSTALL instructions!

http://178.255.45.51/roundcube/ - server IP, work's OK
http://flowstore.pl/roundcube/ - Problem with config.inc.php (the same server, same configuration - another IP and host in URL, nothing in error logs)

Reffering to other question.
It's possible to protect nginx_proxy.conf from rewrites (i must increase all timeouts after rewrite_confs).

Regards
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,853
Location
GMT +7.00
Try this:

Code:
chmod 644 /var/www/html/roundcube/[COLOR=#333333]config.inc.php[/COLOR]


recently they changed it to:

Code:
-r--r----- 1 webapps apache 4503 Oct  1 03:46 /var/www/html/roundcube/config/config.inc.php
that makes troubles as PHP as it was notied works under admin username in some cases.
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,853
Location
GMT +7.00
This I see

HTML:
string(47) "uid=502(admin) gid=503(admin) groups=503(admin)"

with /var/www/html/roundcube/i.php:


PHP:
<?php
var_dump(exec('id'));
on

Code:
[root@server custombuild]# ./build options | egrep "php|nginx|apache" -i
Apache: 2.4.10
Nginx (reverse proxy): 1.6.2
PHP (default): 5.4 as fastcgi
PHP (additional): 5.5 as fastcgi
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,331
Location
LT, EU
Setting 644 for the config.inc.php file is dangerous. It's not recommended to do that. The reason behind the permissions problem is suExec (that's why only php-fastcgi is having problem). I wrote a patch for Apache to fix the issue. With the patch applied, "SuexecUserGroup webapps webapps" should be specified in /etc/httpd/conf/extra/httpd-hostname.conf. I'll probably ask apache devs to apply this patch to Apache trunk.
 

Attachments

evildon

Verified User
Joined
May 19, 2010
Messages
7
Guys, i would love to know if this NGINX + Apache on Directadmin will create automatically the config files for each domain i add or i need to manually create the Nginx config file for each domain?

( I'm actually running a custom nginx installation on the server with directadmin and there i was needed to manually created separate files for each domain i add)
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,853
Location
GMT +7.00
No need to create configs manually. Directadmin and custombuild care of all the needed files for you. Everytime you add/rename/delete domain they will catch it and update configurations.
 

evildon

Verified User
Joined
May 19, 2010
Messages
7
No need to create configs manually. Directadmin and custombuild care of all the needed files for you. Everytime you add/rename/delete domain they will catch it and update configurations.
Superb.. that will work then :) thanks for the update..

Let's start working on it :)
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,853
Location
GMT +7.00
Please feel free to contact me for a private help if you need someone to switch your existing setup to CB2: nginx+apache.
 

Scott DeLeury

Verified User
Joined
Mar 25, 2005
Messages
80
Attempted to put this in place (had varnish running in front of apache before, but uninstalled the script prior to adding nginx_apache) but for some reason, my nginx-vhosts.conf was created like this:

Code:
   server {
	listen       1.1.1.1 2.2.2.2 3.3.3.3:80;
        listen       127.0.0.1:80;
        #listen       [::1]:80;
        server_name  $hostname 1.1.1.1 2.2.2.2 3.3.3.3;

        root   /var/www/html;
        index  index.html index.htm index.php;

        location / {
                access_log off;
                proxy_pass http://1.1.1.1 2.2.2.2 3.3.3.3:8080;
                proxy_set_header X-Client-IP	  $remote_addr;
                proxy_set_header X-Accel-Internal /nginx_static_files;
                proxy_set_header Host             $host;
                proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
        }

	location /nginx_static_files/ {
                access_log  /var/log/nginx/access_log_proxy;
                alias       /var/www/html/;
                internal;
        }

	# deny access to .htaccess and .user.ini files
        location ~ /(\.ht|\.user\.ini) {
            deny  all;
        }

	include /etc/nginx/nginx-info.conf;
        include /etc/nginx/webapps.conf;
    }
with 3.3.3.3 being the primary IP for my machine (1.1.1.1 and 2.2.2.2 are the nameservers). Any idea why that might be going on, as I'd really like to get this in place and ultimately get varnish in the mix again after everything is working properly.

Thanks in advance!
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,331
Location
LT, EU
Are you sure you have only 1 "server" IP on your server? (others should have status "free", "owned", "shared") Please check:
Code:
grep -r -l -m1 '^status=server$' /usr/local/directadmin/data/admin/ips | cut -d/ -f8
 

Scott DeLeury

Verified User
Joined
Mar 25, 2005
Messages
80
For whatever reason, the other 2 addresses were set to server as well, removed those and nginx installed this time, however the end result was the same as Petertjuh360 before

I am getting the following error:



What I tried to solve it:
  1. I followed this article: http://help.directadmin.com/item.php?id=242
  2. I checked the DNS
  3. I restarted the services
  4. I recreated the domain
Made certain again that there weren't any lingering custom templates from when I had varnish running
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,331
Location
LT, EU
Make sure you have no custom nginx templates in /usr/local/directadmin/custombuild/custom & /usr/local/directadmin/data/templates/custom, because they might be the cause.
 

Scott DeLeury

Verified User
Joined
Mar 25, 2005
Messages
80
Unfortunately, the only thing I have is a custom php53 file in /usr/local/directadmin/custombuild/custom
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,331
Location
LT, EU
Doesn't "./build update; ./build rewrite_confs" fix the problem then?
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,331
Location
LT, EU
Please contact me if you'd like me to check it free of charge then :) Most of the times mismatches on the system (like you had with the "server" IPs) are the main cause.
 
Top