I am now reading the USER-GUIDE, I think I will probably find answer to my questions there.
Thanks

from nginx-more.

Hi,

Nginx works
=> I can see /usr/share/nginx/html/index.html when browsing the IP.

However, I cannot see any PHP files.
=> when creating /usr/share/nginx/html/phpinfo.php and visiting the IP/phpinfo.php
I get NGINX / 502 Bad Gateway
So I Nginx works but php-fpm is not responding apparently?

Is your PHP-FPM listening on the default port (9000) or on a socket? If socket, try switching it for 127.0.0.1:9000 and the default vhost (/usr/share/nginx/html) with works out of the box.

For any other vhosts:

Use this line in your vhost if php is listening on 9000:

include conf.d/custom/fpm-default.conf;

Use this line in your vhost if php is listening on user socket:

set $fpmuser www;
include conf.d/custom/fpm-default-users.conf;

Karl

from nginx-more.

Thanks so much Karl.

It works now, thank you very much.
I finally understood that I have to build the mysitedomain.conf in "/etc/nginx/conf.d/vhosts". I was just putting my old mysitedomain.conf under /etc/nginx/conf.d/ so it wouldn't find it. Sorry...

I really like what you have done.

Could I ask you several questions please?:

1- How could I fix the following error in Nginx status:
" Jun 11 14:20:42 centostest systemd[1]: nginx.service: Can't open PID file /var/run/nginx.pid (yet?) after start: No such file or directory"

2- Should I create a "mysitedomain-ssl.conf" based on "ssl.conf-example" for every host then include it in "mysitedomain.conf" or is there a smarter way to do it for multiple domains / hosts?

3- I use "include conf.d/custom/fpm-wordpress-cache-users.conf;" as I would like to activate the cache and setup 1 user/pool per domain but I am getting into problem doing this.

For example to serve a subdomain called "wp2.mysitedomain" with a pool called "wp2user" I:

• created "/etc/php-fpm.d/wp2user.conf" with light content
• put "set $fpmuser wp2user" in /etc/nginx/conf.d/vhosts/mysitedomain.conf
• created user and group called "wp2user"
• reloaded php-fpm and nginx

The problem I am getting is that it will NOT work if I directly use "set $fpmuser wp2user;" in mysitedomain.conf.
I have to first put "set $fpmuser www;" in mysitedomain.conf, then reloaded php-fpm and Nginx (then it works under www - HTOP shows), and then again change to "set $fpmuser wp2user;", then again reloaded php-fpm and Nginx (then it works under wp2user - HTOP shows).

The pool wp2user will not work by itself, it is like the "wp2.mysitedomain" site first has to be started under "www" pool before to be passed to "wp2user" pool. wp2user poll can't "initiate" it by itself.

If I reboot the system, wp2user will stop working after reboot.
I have to do the www / wp2user exchange trick again to make it work.

Do you know why it is doing this and the way to make wp2user pool work independently from www pool?

Thank you very much for your help Karl.

from nginx-more.

Hi,

1- How could I fix the following error in Nginx status:
" Jun 11 14:20:42 centostest systemd[1]: nginx.service: Can't open PID file /var/run/nginx.pid (yet?) after start: No such file or directory"

I can't reproduce this in a CentOS 8 docker:

[root@5cf0574aa9b1 ~]# yum install nginx-more -q -y
[root@5cf0574aa9b1 ~]# systemctl start nginx
[root@5cf0574aa9b1 ~]# ls -al /var/run/nginx.pid 
-rw-r--r-- 1 root root 4 Jun 15 23:19 /var/run/nginx.pid
[root@5cf0574aa9b1 ~]# cat /var/run/nginx.pid 
205
[root@5cf0574aa9b1 ~]# systemctl status 205
● nginx.service - nginx - high performance web server
   Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
   Active: active (running) since Mon 2020-06-15 23:19:40 UTC; 3min 40s ago
     Docs: http://nginx.org/en/docs/
  Process: 204 ExecStart=/usr/sbin/nginx -c /etc/nginx/nginx.conf (code=exited, status=0/SUCCESS)
 Main PID: 205 (nginx)
    Tasks: 11 (limit: 25004)
   Memory: 26.3M
   CGroup: /docker/5cf0574aa9b1d3bbaa8e7c1737dea13c638a1048a23eb1df03776d5260cfff45/system.slice/nginx.service
           ├─205 nginx: master process /usr/sbin/nginx -c /etc/nginx/nginx.conf
           ├─206 nginx: worker process
           ├─207 nginx: worker process
           ├─208 nginx: worker process
           ├─209 nginx: worker process
           └─210 nginx: cache manager process

Jun 15 23:19:40 5cf0574aa9b1 systemd[1]: Starting nginx - high performance web server...
Jun 15 23:19:40 5cf0574aa9b1 systemd[1]: Started nginx - high performance web server.
[root@5cf0574aa9b1 ~]# 

2- Should I create a "mysitedomain-ssl.conf" based on "ssl.conf-example" for every host then include it in "mysitedomain.conf" or is there a smarter way to do it for multiple domains / hosts?

It's really up to you. On small setup, I use the same ssl.global.conf for all vhosts using Let's Encrypt. This way, it takes only few seconds to add new websites with SSL. For large or custom setup, you could use different ssl configuration for each vhost.

3- I use "include conf.d/custom/fpm-wordpress-cache-users.conf;" as I would like to activate the cache and setup 1 user/pool per domain but I am getting into problem doing this.

For example to serve a subdomain called "wp2.mysitedomain" with a pool called "wp2user" I:

• created "/etc/php-fpm.d/wp2user.conf" with light content
• put "set $fpmuser wp2user" in /etc/nginx/conf.d/vhosts/mysitedomain.conf
• created user and group called "wp2user"
• reloaded php-fpm and nginx

The problem I am getting is that it will NOT work if I directly use "set $fpmuser wp2user;" in mysitedomain.conf.
I have to first put "set $fpmuser www;" in mysitedomain.conf, then reloaded php-fpm and Nginx (then it works under www - HTOP shows), and then again change to "set $fpmuser wp2user;", then again reloaded php-fpm and Nginx (then it works under wp2user - HTOP shows).

The pool wp2user will not work by itself, it is like the "wp2.mysitedomain" site first has to be started under "www" pool before to be passed to "wp2user" pool. wp2user poll can't "initiate" it by itself.

If I reboot the system, wp2user will stop working after reboot.
I have to do the www / wp2user exchange trick again to make it work.

Do you know why it is doing this and the way to make wp2user pool work independently from www pool?

Your issue seems related to php-fpm, it has nothing to do with nginx. Your fpm pool shouldn't stop working after a reboot. Set your "www" pool on TCP 9000 and your "wp2user" pool on a socket, lets say wp2user.sock. It's getting out of nginx-more support but here's how it should looks like:

[wp2user]
user = wp2user
group = wp2user
listen = /run/php-fpm/wp2user.sock
listen.owner = nginx
listen.group = wp2user

Karl

from nginx-more.

Thanks a lot Karl,

I got PHP-FPM working with the following in /etc/php-fpm.d/wp2user.conf :

If "listen.group" is not = Nginx then it won't work.

`[wp2user]
user = wp2user
group = wp2user
listen = /run/php-fpm/wp2user.sock
listen.owner = wp2user
listen.group = nginx
;listen.mode = 0660

listen.allowed_clients = 127.0.0.1

pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3

;pm.process_idle_timeout = 10s;
;pm.max_requests = 500
slowlog = /var/log/php-fpm/www-slow.log
php_admin_value[error_log] = /var/log/php-fpm/www-error.log
php_admin_flag[log_errors] = on
;php_admin_value[memory_limit] = 128M
php_value[session.save_handler] = files
php_value[session.save_path] = /var/lib/php/session
php_value[soap.wsdl_cache_dir] = /var/lib/php/wsdlcache
;php_value[opcache.file_cache] = /var/lib/php/opcache

;php_admin_value[disable_functions] = exec,passthru,shell_exec,system
;php_admin_flag[allow_url_fopen] = off
`

The last question is about GEOIP2:

I put the following in /etc/nginx/nginx.conf, just at the top of http {...}

`
geoip2 /home/testprofile/server/assets/GeoLite2-Country.mmdb {
auto_reload 60m;
$geoip2_metadata_country_build metadata build_epoch;
$geoip2_data_country_code country iso_code;
$geoip2_data_country_name country names en;
$geoip2_data_continent_code continent code;
}

    map $geoip2_data_country_code $allowed_country {
    default no;
    CA yes;
    US yes;
    }

`

And I put the following in /etc/nginx/conf.d/vhosts/wp2.mydomain.conf

`
if ($allowed_country = no) { return 403; }

add_header X-GeoCode $geoip2_data_country_code;
`

After reloading Nginx and visiting the website from AU I still have full access.
If I check the headers, I can't find X-GeoCode anywhere.

I do not seem to be able to add headers.
I noticed that you implemented "headers-more-nginx-module", is the reason for not being able to "add-header" or am I just not doing it the right way?

Thanks a lot.

from nginx-more.

It is FIXED

It seems that the problem was coming from the fact that I was calling GeoLite2-Country.mmdb from a different directory than /usr/share/GeoIP2/?
I fixed that and it is working now.

sudo vim /etc/nginx/nginx.conf

http {
geoip2 /usr/share/GeoIP2/GeoLite2-Country.mmdb {
auto_reload 60m;
$geoip2_metadata_country_build metadata build_epoch;
$geoip2_data_country_code country iso_code;
$geoip2_data_country_name country names en;
$geoip2_data_continent_code continent code;
}
....}

===========================

sudo vim /etc/nginx/conf.d/vhosts/wp2.mydomain.conf

===========================
map $geoip2_data_country_code $allowed_country {
default no;
CA yes;
US yes;
}

server {
listen 80;
server_name wp3.mydomain.com.au www.wp3.mydomain.com.au;
return 301 https://wp3.mydomain.com.au$request_uri;
}

server {
listen 443 ssl http2;
server_name wp3.mydomain.com.au www.wp3.mydomain.com.au;
root /var/www/html/wp3.mydomain.com.au;
index index.php index.html index.htm;

    access_log /var/log/nginx/wp3.mydomain.com.au-access_log main;
    error_log /var/log/nginx/wp3.mydomain.com.au-error_log warn;

    add_header X-GeoCode $geoip2_data_country_code;
    set $fpmuser wp3user;n 444; }return 403; } 

==========================

However, I am getting a new problem:
When accessing the test site from allowed countries I am getting issues with the css:

If I refresh it a few time it works correctly, then refresh again and the css is gone again.

Do you have any idea, please?
Thanks

from nginx-more.

If I refresh it a few time it works correctly, then refresh again and the css is gone again.

Do you have any idea, please?

The 404 seems to be on a CSS file optimized by PageSpeed. You could try disabling PageSpeed for this vhost (comment the include), see if it fix this issue and then investigate from there.

Karl

from nginx-more.

Thanks Karl,
I don't know what happened/I did but the error is not there anymore so I am happy.

I have put "add_header x-geocountry $geoip2_data_country_code;" in the conf file so I am receiving "x-geocountry:AU" in the headers.
I would like to use this value is a snippet in WordPress.

Could you please let me know how I could transfer the GEOIP value from PHP to a variable in my Wordpress snippet?
Thanks a lot

from nginx-more.

Sorry, PHP / WordPress support is out of scope here.

from nginx-more.