Reverse-proxy NGINX + Apache on Directadmin powered server with CB 2.x

Scott DeLeury

Verified User
Joined
Mar 25, 2005
Messages
80
Will do Martynas, just need to get skype installed when I get home.

I appreciate it!

Update: was definitely my own doing, accidentally moved a couple templates from /usr/local/directadmin/data/templates/custom back a directory to 'get them out of the way' without realizing where I was when I did it...

Thanks for your help Martynas
 
Last edited:

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,889
Location
GMT +7.00
Just a fresh install on CentOS 7.x, and issue with phpMyAdmin:

The requested URL /phpMyAdmin/nginx_static_files/phpMyAdmin/themes/pmahomme/img/logo_left.png was not found on this server.

as well as with roundcube and squirrelmail:

The requested URL /roundcube/nginx_static_files/roundcube/skins/larry/images/roundcube_logo.png was not found on this server.

The requested URL /squirrelmail/nginx_static_files/squirrelmail/images/sm_logo.png was not found on this server.

The server has the only one IP. All the things are defaults:

Code:
 cat /etc/nginx/webapps.conf
        location /squirrelmail {
                root /var/www/html/;
                index index.php index.html index.htm;
                location ~ ^/squirrelmail/ {
                        access_log off;
                        proxy_pass http://$server_addr:8080;
                        proxy_set_header X-Client-IP      $remote_addr;
                        proxy_set_header X-Accel-Internal /squirrelmail/nginx_static_files;
                        proxy_set_header Host             $host;
                        proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
                }
                location ~ ^/squirrelmail/nginx_static_files/ {
                        access_log  /var/log/nginx/access_log_proxy;
                        alias       /var/www/html/;
                        internal;
                }
        }
        location /roundcube {
                root /var/www/html/;
                index index.php index.html index.htm;
                location ~ ^/roundcube/ {
                        access_log off;
                        proxy_pass http://$server_addr:8080;
                        proxy_set_header X-Client-IP      $remote_addr;
                        proxy_set_header X-Accel-Internal /roundcube/nginx_static_files;
                        proxy_set_header Host             $host;
                        proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
                }
                location ~ ^/roundcube/nginx_static_files/ {
                        access_log  /var/log/nginx/access_log_proxy;
                        alias       /var/www/html/;
                        internal;
                }
        }
        location /phpMyAdmin {
                root /var/www/html/;
                index index.php index.html index.htm;
                location ~ ^/phpMyAdmin/ {
                        access_log off;
                        proxy_pass http://$server_addr:8080;
                        proxy_set_header X-Client-IP      $remote_addr;
                        proxy_set_header X-Accel-Internal /phpMyAdmin/nginx_static_files;
                        proxy_set_header Host             $host;
                        proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
                }
                location ~ ^/phpMyAdmin/nginx_static_files/ {
                        access_log  /var/log/nginx/access_log_proxy;
                        alias       /var/www/html/;
                        internal;
                }
        }
        location /phpmyadmin {
                rewrite ^/* /phpMyAdmin last;
        }
        location /pma {
                rewrite ^/* /phpMyAdmin last;
        }
        location /webmail {
                rewrite ^/* /squirrelmail last;
        }
        if ($request_method !~ ^(GET|HEAD|POST)$ ) {
                return 444;
        }
        location ~ /(\.ht|\.user\.ini) {
                deny all;
        }
Anyway to fix it without customization?
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,889
Location
GMT +7.00
Hardly on the server under the question. I'm going to rebuild another server this month to which I could give you access if the issue persists.
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,340
Location
LT, EU
May you at least check the $_SERVER['SERVER_ADDR'] when you access /roundcube, and if it matches the one set in /etc/httpd/conf/extra/httpd-vhosts.conf ? Thank you! :)
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,889
Location
GMT +7.00

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,340
Location
LT, EU
And what's your "listen" address in /etc/nginx/nginx-vhosts.conf ? Does it match with httpd-vhosts.conf ?
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,889
Location
GMT +7.00
Another server after switching to NGINX+Apache from CustomBuild 2.0 is also affected the same way, and SSL certs are mixed (SNI not working?) Do you still want to check it yourself?
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,340
Location
LT, EU
Yes, it would be really great if I could check it. Feel free to contact me on Skype for faster communication. Thank you! :)
 

zEitEr

Super Moderator
Joined
Apr 11, 2005
Messages
13,889
Location
GMT +7.00
OK, regarding SNI, it seems CentOS 5.x is too old to support it as it has only: OpenSSL 0.9.8e-fips-rhel5 01 Jul 2008. So we need to upgrade it to at least 0.9.8f or migrate to CentOS >6.x

[h=2]Prerequisites to use SNI[/h]
  • Use OpenSSL 0.9.8f or later
  • Build OpenSSL with the TLS Extensions option enabled (option enable-tlsext; OpenSSL 0.9.8k and later has this enabled by default).
  • Apache must have been built with that OpenSSL (./configure --with-ssl=/path/to/your/openssl). In that case, mod_ssl will automatically detect the availability of the TLS extensions and support SNI.
  • Apache must use that OpenSSL at run-time, which might require setting LD_LIBRARY_PATH or equivalent to point to that OpenSSL, maybe in bin/envvars. (You'll get unresolved symbol errors at Apache startup if Apache was built with SNI but isn't finding the right openssl libraries at run-time.)

https://wiki.apache.org/httpd/NameBasedSSLVHostsWithSNI
 

Arieh

Verified User
Joined
May 27, 2008
Messages
1,200
Location
The Netherlands
How to properly go back to apache? I've set 'webserver' to back to 'apache' on a box, and build apache, it was all fine but when the server rebooted, nginx came up first on port 80, not allowing apache to come up. When doing
service --status-all
it does say a '-' before both nginx and http, so I don't know where to go with this.
 

Arieh

Verified User
Joined
May 27, 2008
Messages
1,200
Location
The Netherlands
I have installed chkconfig and did the command; is there a way to check if it did anything without actually rebooting?
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,340
Location
LT, EU
Are you using debian? As chkconfig is system package :) If that's debian:
Code:
update-rc.d nginx remove
 

maiijarb

Verified User
Joined
Nov 8, 2006
Messages
57
Hello,

I want to change webserver from nginx to nginx_apache (my install Nginx use this guide http://help.directadmin.com/item.php?id=556)

run this code
./build nginx_apache
get error: nginx_apache webserver configuration option is not compatible with php-fpm, lsphp or php-fastcgi PHP mode with mod_ruid2 enabled.

problem solved
./build set webserver nginx_apache
./build set php1_mode mod_php
./build update
./build all d
./build rewrite_confs
Thank you.
 
Last edited:

rezabagh

Verified User
Joined
Sep 1, 2014
Messages
7
502 bad gateway nginx

i have recently upgraded to DirectAdmin v.1.46.3 and my custombuild v is 2.0.0-RC7 (rev: 1113) , for more that 8 mounts i used Reverse-proxy NGINX + Apache on DA v 1.45 without any problem but after this update i get 502 bad gateway nginx error ,

i did more than 10 times rebuild nginx + apache
cd /usr/local/directamin/custombuild
./build update
./build update_da
./build set webserver nginx_apache
./build nginx_apache
./build rewrite_confs

the point is that before last step which is ./build rewrite_confs seems Nginx works fine but with default page (the welcome page of Nginx) but after i run ./build rewrite_confs , it get me always 502 bad gateway nginx error , could anybody give me a hint or tips ?
Thanks alot
 

smtalk

Administrator
Staff member
Joined
Aug 22, 2006
Messages
8,340
Location
LT, EU
Do you have any templates in /usr/local/directadmin/data/templates/custom ? Or files in /usr/local/directadmin/custombuild/custom ?
 

rezabagh

Verified User
Joined
Sep 1, 2014
Messages
7
Do you have any templates in /usr/local/directadmin/data/templates/custom ? Or files in /usr/local/directadmin/custombuild/custom ?
thanks for response , i have only this folder "/usr/local/directadmin/data/templates/custom" it is empty , no data is on it , is there should be any thing ? " just to be clear at this moment i turned back to apache as webserver"
 
Top