Setup nginx para owncloud e outros serviços no mesmo servidor?

2

Neste momento, eu tenho o nginx trabalhando com 3 serviços: 1. Minha página da Web em my.example.com/~ignacio, meu servidor Rstudio em meu.exemplo.com/rstudio e meu servidor Shiny em my.example.com/ brilhante.

Este é o meu arquivo de configuração agora:

# Redirect all traffic from port 80 to SSL port
server {
    listen 80;
    return 301 https://$host$request_uri;
}
# Set reverse proxy to port 443
server {
    listen 443 ssl;
   server_name my.example.com;
   ssl_certificate /etc/letsencrypt/live/my.example.com/fullchain.pem;
   ssl_certificate_key /etc/letsencrypt/live/my.example.com/privkey.pem;
   ssl_protocols TLSv1.2;
   ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY13$
   ssl_prefer_server_ciphers on;

    index index.php index.html index.htm;

    # PHP in home directory
    location ~ ^/~(.+?)(/.*\.php)(.*)$ {
      alias /home/$1/public_html;

      try_files $2 =404;
      fastcgi_split_path_info ^(.+\.php)(.*)$;
      fastcgi_pass unix:/var/run/php5-fpm.sock;
      fastcgi_index index.php;
      fastcgi_intercept_errors on;
      include fastcgi_params;

      fastcgi_param SCRIPT_NAME /~$1$fastcgi_script_name;
    }

    # Home directories
    location ~ ^/~(.+?)(/.*)?$ {
      alias /home/$1/public_html$2;
    }


    location /shiny/ {
        rewrite ^/shiny/(.*)$ /$1 break;
        proxy_pass http://127.0.0.1:3838;
        proxy_redirect http://127.0.0.1:3838/ https://$host/shiny/;
        auth_basic "Username and Password are required";
        auth_basic_user_file /etc/nginx/.htpasswd;
    }

    location /rstudio/ {
        proxy_pass http://127.0.0.1:8787/;
    }

}

Agora estou tentando instalar o owncloud depois do tutorial . Eu tenho que mudar meu arquivo de configuração do nginx para adicionar o owncloud em my.example.com/owncloud, mas eu não sei exatamente como (e eu realmente prefiro não quebrar o que eu tenho trabalhando agora)

O que devo ter no meu arquivo de configuração para ter tudo funcionando?

Isso é o que eu tenho agora, depois de tentar adicionar o owncloud:

    upstream php-handler {
      server unix:/run/php/php7.0-fpm.sock;
    }

    # Redirect all traffic from port 80 to SSL port
    server {
        listen 80;
        return 301 https://$host$request_uri;
    }
    # Set reverse proxy to port 443
    server {
        listen 443 ssl;
       server_name my.example.com;
       ssl_certificate /etc/letsencrypt/live/my.example.com/fullchain.pem;
       ssl_certificate_key /etc/letsencrypt/live/my.example.com/privkey.pem;
       ssl_protocols TLSv1.2;
       ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
       ssl_prefer_server_ciphers on;
       # Add headers to serve security related headers
       add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
       add_header X-Content-Type-Options nosniff;
       add_header X-Frame-Options "SAMEORIGIN";
       add_header X-XSS-Protection "1; mode=block";
       add_header X-Robots-Tag none;
       add_header X-Download-Options noopen;
       add_header X-Permitted-Cross-Domain-Policies none;

        # Path to the root of your installation
        root /var/www/owncloud/;
        # set max upload size
        client_max_body_size 10G;
        fastcgi_buffers 64 4K;

        # Disable gzip to avoid the removal of the ETag header
        gzip off;
        index index.php index.html index.htm;
        error_page 403 /core/templates/403.php;
        error_page 404 /core/templates/404.php;
        rewrite ^/.well-known/carddav /remote.php/dav/ permanent;
        rewrite ^/.well-known/caldav /remote.php/dav/ permanent;

        # PHP in home directory
        location ~ ^/~(.+?)(/.*\.php)(.*)$ {
          alias /home/$1/public_html;
          try_files $2 =404;
          fastcgi_split_path_info ^(.+\.php)(.*)$;
          fastcgi_pass unix:/run/php/php7.0-fpm.sock;
          fastcgi_index index.php;
          fastcgi_intercept_errors on;
          include fastcgi_params;
          fastcgi_param SCRIPT_NAME /~$1$fastcgi_script_name;
        }

        # Home directories
        location ~ ^/~(.+?)(/.*)?$ {
          alias /home/$1/public_html$2;
        }

        location /shiny/ {
            rewrite ^/shiny/(.*)$ /$1 break;
            proxy_pass http://127.0.0.1:3838;
            proxy_redirect http://127.0.0.1:3838/ https://$host/;
            auth_basic "Username and Password are required";
            auth_basic_user_file /etc/nginx/.htpasswd;
        }

        location /rstudio/ {
            proxy_pass http://127.0.0.1:8787/;
        }

        location /owncloud/ {
            alias /var/www/owncloud/;
            try_files $2 =404;
            fastcgi_split_path_info ^(.+\.php)(.*)$;
            fastcgi_pass unix:/run/php/php7.0-fpm.sock;
            fastcgi_index index.php;
            fastcgi_intercept_errors on;
            include fastcgi_params;
            fastcgi_param SCRIPT_NAME /~$1$fastcgi_script_name;
        }
    }

Shiny, Rstudio e / ~ ignacio estão funcionando. Se eu acessar meu.exemplo.com, o navegador faz o download de um arquivo e / owncloud não pode ser acessado.

Eu também tenho uma versão que tem Shiny, Rstudio e owncloud funcionando, mas / ~ ignacio não funciona: (

    upstream php-handler {
      server unix:/run/php/php7.0-fpm.sock;
    }

    # Redirect all traffic from port 80 to SSL port
    server {
        listen 80;
        return 301 https://$host$request_uri;
    }
    # Set reverse proxy to port 443
    server {
        listen 443 ssl;
       server_name my.example.com;
       ssl_certificate /etc/letsencrypt/live/my.example.com/fullchain.pem;
       ssl_certificate_key /etc/letsencrypt/live/my.example.com/privkey.pem;
       ssl_protocols TLSv1.2;
       ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
       ssl_prefer_server_ciphers on;
       # Add headers to serve security related headers
       add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
       add_header X-Content-Type-Options nosniff;
       add_header X-Frame-Options "SAMEORIGIN";
       add_header X-XSS-Protection "1; mode=block";
       add_header X-Robots-Tag none;
       add_header X-Download-Options noopen;
       add_header X-Permitted-Cross-Domain-Policies none;

        # Path to the root of your installation
        root /var/www/;
        # set max upload size
        client_max_body_size 10G;
        fastcgi_buffers 64 4K;

        # ownCloud blacklist
        location ~ ^/owncloud/(?:\.htaccess|data|config|db_structure\.xml|README) {
            deny all;
            error_page 403 = /owncloud/core/templates/403.php;
        }

        location / {
            index index.php index.html;
        }

        location /owncloud/ {           
            error_page 403 = /owncloud/core/templates/403.php;
            error_page 404 = /owncloud/core/templates/404.php;

            rewrite ^/owncloud/caldav(.*)$ /remote.php/caldav$1 redirect;
            rewrite ^/owncloud/carddav(.*)$ /remote.php/carddav$1 redirect;
            rewrite ^/owncloud/webdav(.*)$ /remote.php/webdav$1 redirect;

            rewrite ^(/owncloud/core/doc[^\/]+/)$ $1/index.html;

            # The following rules are only needed with webfinger
            rewrite ^/owncloud/.well-known/host-meta /public.php?service=host-meta last;
            rewrite ^/owncloud/.well-known/host-meta.json /public.php?service=host-meta-json last;
            rewrite ^/owncloud/.well-known/carddav /remote.php/carddav/ redirect;
            rewrite ^/owncloud/.well-known/caldav /remote.php/caldav/ redirect;

            try_files $uri $uri/ index.php;
        }

        location ~ \.php(?:$|/) {
            fastcgi_split_path_info ^(.+\.php)(/.+)$;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param PATH_INFO $fastcgi_path_info;
            fastcgi_param HTTPS on;
            fastcgi_pass php-handler;
        }

        # Optional: set long EXPIRES header on static assets
        location ~* ^/owncloud(/.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf))$ {
            expires 30d;
            access_log off;  # Optional: Don't log access to assets
        }

        # Disable gzip to avoid the removal of the ETag header
        gzip off;
        index index.php index.html index.htm;
        error_page 403 /core/templates/403.php;
        error_page 404 /core/templates/404.php;
        rewrite ^/.well-known/carddav /remote.php/dav/ permanent;
        rewrite ^/.well-known/caldav /remote.php/dav/ permanent;

        # PHP in home directory
        location ~ ^/~(.+?)(/.*\.php)(.*)$ {
          alias /home/$1/public_html;
          try_files $2 =404;
          fastcgi_split_path_info ^(.+\.php)(.*)$;
          fastcgi_pass unix:/run/php/php7.0-fpm.sock;
          fastcgi_index index.php;
          fastcgi_intercept_errors on;
          include fastcgi_params;
          fastcgi_param SCRIPT_NAME /~$1$fastcgi_script_name;
        }

        # Home directories
        location ~ ^/~(.+?)(/.*)?$ {
          alias /home/$1/public_html$2;
        }

        location /shiny/ {
            rewrite ^/shiny/(.*)$ /$1 break;
            proxy_pass http://127.0.0.1:3838;
            proxy_redirect http://127.0.0.1:3838/ https://$host/;
            auth_basic "Username and Password are required";
            auth_basic_user_file /etc/nginx/.htpasswd;
        }

        location /rstudio/ {
            proxy_pass http://127.0.0.1:8787/;
        }


    }
    
por Ignacio 06.04.2016 / 02:56

2 respostas

0

Eu sugiro que você instale o Owncloud para rodar com o Apache. Isso ocorre porque Owncloud executa muito PHP e o Apache é muito bom nisso. Execute-o usando o prefork.

Use o seu Nginx na frente e o proxy no Apache.

Se você usar SSL, deixe o Nginx manipular o SSL e deixe que ele atenda a todos os arquivos estáticos. Em seguida, encaminhe o restante do tráfego para o Apache.

    
por 14.04.2016 / 15:12
0

Considere também que o própriocloud sugere o uso do servidor apache. Eu costumava tê-lo no nginx mas agora mudei para o apache.
Se você é capaz de fazer isso, aqui está um manual oficial e detalhado que você pode seguir: link

    
por 15.04.2016 / 13:44