88 lines
2.3 KiB
Markdown
88 lines
2.3 KiB
Markdown
**Cette page a été importée automatiquement de notre ancien wiki mais n'a pas encore été révisée.**
|
|
|
|
# Nginx
|
|
|
|
### Prérequis
|
|
|
|
Installation de [wiki:HowtoNginx Nginx].
|
|
|
|
### Configuration
|
|
|
|
Création du dossier de log :
|
|
|
|
~~~
|
|
mkdir /var/log/nginx/$REDMINE
|
|
chown www-data:adm /var/log/nginx/$REDMINE
|
|
chmod u=rwx,g=rxs,o= /var/log/nginx/$REDMINE
|
|
~~~
|
|
|
|
Création du vhost $REDMINE :
|
|
|
|
~~~
|
|
cat > /etc/nginx/sites-available/$REDMINE <<EOF
|
|
upstream ruby_$REDMINE {
|
|
server unix:/run/$REDMINE/ruby.sock fail_timeout=0;
|
|
}
|
|
server {
|
|
server_name $REDMINE.$(hostname -d);
|
|
|
|
listen 0.0.0.0:80;
|
|
listen [::]:80;
|
|
# listen 0.0.0.0:443 ssl;
|
|
# listen [::]:443 ssl;
|
|
|
|
# if ( $scheme = http ) {
|
|
# return 301 <https://$server_name$request_uri;>
|
|
# }
|
|
|
|
|
|
# ssl_certificate /etc/ssl/certs/redmine_$REDMINE.crt;
|
|
# ssl_certificate_key /etc/ssl/private/redmine_$REDMINE.key;
|
|
|
|
root /home/$REDMINE/www/public;
|
|
access_log /var/log/nginx/$REDMINE/access.log;
|
|
error_log /var/log/nginx/$REDMINE/error.log;
|
|
error_page 503 @maintenance;
|
|
location / {
|
|
if (!-f /run/$REDMINE/ruby.pid) {
|
|
return 503;
|
|
}
|
|
try_files \$uri @ruby;
|
|
}
|
|
location @maintenance {
|
|
#proxy_pass <http://maintenance-url.com;>
|
|
rewrite ^(.*)$ /500.html break;
|
|
}
|
|
location @ruby {
|
|
proxy_set_header X-Forwarded-Proto \$scheme;
|
|
proxy_set_header X-Forwarded-For \$remote_addr;
|
|
proxy_set_header Host \$<http_host;>
|
|
proxy_redirect off;
|
|
proxy_read_timeout 300;
|
|
proxy_pass <http://ruby_$REDMINE;>
|
|
}
|
|
}
|
|
EOF
|
|
~~~
|
|
|
|
Activation du vhost $REDMINE :
|
|
|
|
~~~
|
|
ln -s /etc/nginx/sites-available/$REDMINE /etc/nginx/sites-enabled/$REDMINE
|
|
~~~
|
|
|
|
Pour mettre en place le ssl, voir [wiki:HowtoSSL] et nommée votre certificat et votre clé comme ceci :
|
|
|
|
* /etc/ssl/certs/redmine_$REDMINE.crt
|
|
* /etc/ssl/private/redmine_$REDMINE.key.
|
|
|
|
Test de la configuration nginx et rechargement le cas échéant :
|
|
|
|
~~~
|
|
nginx -t
|
|
if [ $? == 0 ]; then
|
|
service nginx reload
|
|
fi
|
|
~~~
|
|
|
|
#### Si iptables est configuré, pensez à ouvrir les ports 80 et 443 entrants ! |