As I'm new to web hosting I've been using a project called Dietpi various single-board computers. Dietpi utilizes a global config for Web servers enables all sites as stated by the maintainer below.
The main reason we use a single global config for all sites is:
– For most users, this global site config is ideal, allowing the user to simply "drag and drop" a website into /var/www, without the need to setup individual site configs.
– We have to support 3 webservers (Apache2, Nginx, Lighttpd). A default site for each, is preferred from our end, in terms of simplifying maintenance and support.If you are looking to control sites with multiple site configs, this is fine, however, installing any software again in dietpi-software, will rewrite (and enable) the global site config.
This set up causes some issues especially in the example of NextCloud.
- Set up SSL using Certbot
- Rewrites for .well-known for webDav
- Nextcloud has a lot of optimizations and security that are recommended by their Administration Manual and should not be in the global config.
Dietpi configuration as follows.
/etc/nginx/sites-available/default
server {
listen 80 default_server;
root /var/www;
index index.php index.html index.htm;
server_name "$hostname";
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /var/www;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_pass unix:/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
include /etc/nginx/sites-dietpi/*.config;
}
/etc/nginx/nginx.conf
user www-data;
# As a thumb rule: One per CPU.
worker_processes 4;
# Maximum file descriptors that can be opened per process
# This should be > worker_connections
worker_rlimit_nofile 100;
events {
worker_connections 50;
}
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
http {
charset utf-8;
# + Nginx - To avoid 2MB upload error: https://github.com/Fourdee/DietPi/issues/546
client_max_body_size 8796093022207M;
# Upstream to abstract back-end connection(s) for PHP
upstream php {
server unix:/run/php5-fpm.sock;
}
# Set the mime-types via the mime.types external file
include mime.types;
# And the fallback mime-type
default_type application/octet-stream;
# Click tracking!
access_log off;
# Hide nginx version
server_tokens off;
# ~2 seconds is often enough for HTML/CSS, but connections in
# Nginx are cheap, so generally it's safe to increase it
keepalive_timeout 2;
# You usually want to serve static files with Nginx
sendfile on;
tcp_nopush on; # off may be better for Comet/long-poll stuff
tcp_nodelay off; # on may be better for Comet/long-poll stuff
server_name_in_redirect off;
server_names_hash_bucket_size 64;
types_hash_max_size 2048;
gzip off;
gzip_http_version 1.0;
gzip_comp_level 1;
gzip_min_length 512;
gzip_buffers 4 8k;
gzip_proxied any;
gzip_types
# text/html is always compressed by HttpGzipModule
text/css
text/plain
text/x-component
application/javascript
application/json
application/xml
application/xhtml+xml
application/x-font-ttf
application/x-font-opentype
application/vnd.ms-fontobject
image/svg+xml
image/x-icon;
# This should be turned on if you are going to have pre-compressed copies (.gz) of
# static files available. If not it should be left off as it will cause extra I/O
# for the check. It would be better to enable this in a location {} block for
# a specific directory:
# gzip_static on;
gzip_disable "msie6";
gzip_vary on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
I cannot disturb 'nginx.conf' and 'default' configurations without breaking compatibility with software by dietpi. Is it possible to use multiple site configs that will override settings in the global site config?
Best Answer
Just add your virtual host configuration inside
/etc/nginx/sites-available
and make a symlink from/etc/nginx/sites-enabled
to that file. That is the standard way Debian-based distributions have done this for years.