Im relatively new and wanted to test a service on nginx, but I am struggling to convert this Apache config to nginx.
<VirtualHost *:80>
ServerName api.my-site.de
DocumentRoot /var/www/api.my-site.de/current/public
<Directory "/var/www/api.my-site.de/current/public">
AllowOverride FileInfo AuthConfig Limit Options=All,MultiViews Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Order deny,allow
Require all granted
</Directory>
</VirtualHost>
<VirtualHost *:443>
ServerName api.my-site.de
DocumentRoot /var/www/api.my-site.de/current/public
<Directory "/var/www/api.my-site.de/current/public">
AllowOverride FileInfo AuthConfig Limit Options=All,MultiViews Indexes
Options MultiViews Indexes SymLinksIfOwnerMatch IncludesNoExec
Order deny,allow
</Directory>
SSLEngine on
SSLCertificateFile /etc/ssl/private/wildcard.my-site.de.crt
SSLCertificateKeyFile /etc/ssl/private/wildcard.my-site.de.key
SSLCertificateChainFile /etc/ssl/private/chain.crt
</VirtualHost>
Can someone help here please? As nginx has nothin like the .htaccess I'm no sure what to do with all the tags.
Current draft:
server {
listen 80;
listen [::]:80 ipv6only=on;
listen 443 ssl;
listen [::]:443 ipv6only=on ssl;
server_name api.my-site.de
location / {
root /var/www/api.my-site.de/current/public;
}
ssl_certificate /etc/ssl/private/wildcard.my-site.de.crt;
ssl_certificate_key /etc/ssl/private/wildcard.my-site.de.key;
}
First of all I like to separate in server blocks different configurations (even when now are the same, you'll love yourself when you come back 2 years later and need to read this).
The ssl certificate:
Nginx reads only 1 crt file, under ssl_certificate, here you need to concatenate your chain and your crt in the same file, more info:
https://futurestud.io/tutorials/how-to-configure-nginx-ssl-certifcate-chain
So what I would do is:
Copy the certificate somewhere else, for security and not touching anything.
sudo cp /etc/ssl/private/wildcard.my-site.de.crt /etc/ssl/private/api-mysite-de.pem
And concatenate your chain into the "certificate".
sudo cat /etc/ssl/private/chain.crt > /etc/ssl/private/api-mysite-de.pem
Then you can set your ssl_certificate to this file for nginx to work.
server {
listen 443 ssl;
listen [::]:443 ipv6only=on ssl;
server_name api.my-site.de
ssl_on;
ssl_certificate /etc/ssl/private/api-mysite-de.pem;
ssl_certificate_key /etc/ssl/private/wildcard.my-site.de.key;
access_log /var/log/nginx/ssl-api.my-site.de.access.log;
error_log /var/log/nginx/ssl-api.my-site.de.cat.error.log;
location / {
root /var/www/api.my-site.de/current/public;
}
}
And here it is the http port 80 configuration.
Leave your .htaccess file into /var/www/api.my-site.de/current/public and it should work correctly.
server {
listen 80;
listen [::]:80 ipv6only=on;
server_name api.my-site.de
access_log /var/log/nginx/api.my-site.de.access.log;
error_log /var/log/nginx/api.my-site.de.cat.error.log;
#logs are love, logs are life
location / {
root /var/www/api.my-site.de/current/public;
}
}
If you need any further configurations or it shows any error in the logs (I configured them there) commend and I'll try to handle it.
Hope I helped.