Install Nginx as a Reverse Proxy on Fedora 27

Obsolesce

@travisdh1 said in Install Nginx as a Reverse Proxy on Fedora 27:

@tim_g said in Install Nginx as a Reverse Proxy on Fedora 27:

@travisdh1 said in Install Nginx as a Reverse Proxy on Fedora 27:

@coliver said in Install Nginx as a Reverse Proxy on Fedora 27:

@stacksofplates said in Install Nginx as a Reverse Proxy on Fedora 27:

@jaredbusch said in Install Nginx as a Reverse Proxy on Fedora 27:

@coliver said in Install Nginx as a Reverse Proxy on Fedora 27:

@jaredbusch

Pretty much exactly

I can't make fun. I prefer Vim. I've tried to use nano and I felt clunky. But to each their own. Just don't use emacs :upside-down_face:

I use vi/vim almost exclusively. I just enjoy poking fun at the people who are evangelical about it.

Given a choice, nano. I'm good with vi/vim as well tho, IRIX really required competency with it.

Nano is annoying, inconvenient, and much less efficient than using vim. I have no idea anymore why I used nano before, I strictly use vim now, and my life on Linux has never been better.

Learn to use the Ctrl key, you know, that new key that was added to keyboards, but vim never got around to using

It's not needed... but does make use of the Ctrl key for a few things.

Easy example... In Nano, to save and close a file is a hassle. In Vim, Shift+ZZ, done. Quick and easy!

Want to find something? Open your file with Vim, hit / and type what you want to find, hit enter... super easy! It's dumb in Nano.

travisdh1

@tim_g said in Install Nginx as a Reverse Proxy on Fedora 27:

@travisdh1 said in Install Nginx as a Reverse Proxy on Fedora 27:

@tim_g said in Install Nginx as a Reverse Proxy on Fedora 27:

@travisdh1 said in Install Nginx as a Reverse Proxy on Fedora 27:

@coliver said in Install Nginx as a Reverse Proxy on Fedora 27:

@stacksofplates said in Install Nginx as a Reverse Proxy on Fedora 27:

@jaredbusch said in Install Nginx as a Reverse Proxy on Fedora 27:

@coliver said in Install Nginx as a Reverse Proxy on Fedora 27:

@jaredbusch

Pretty much exactly

I can't make fun. I prefer Vim. I've tried to use nano and I felt clunky. But to each their own. Just don't use emacs :upside-down_face:

I use vi/vim almost exclusively. I just enjoy poking fun at the people who are evangelical about it.

Given a choice, nano. I'm good with vi/vim as well tho, IRIX really required competency with it.

Nano is annoying, inconvenient, and much less efficient than using vim. I have no idea anymore why I used nano before, I strictly use vim now, and my life on Linux has never been better.

Learn to use the Ctrl key, you know, that new key that was added to keyboards, but vim never got around to using

It's not needed... but does make use of the Ctrl key for a few things.

Easy example... In Nano, to save and close a file is a hassle. In Vim, Shift+ZZ, done. Quick and easy!

Want to find something? Open your file with Vim, hit / and type what you want to find, hit enter... super easy! It's dumb in Nano.

Shall we not get into yet another useless holy way over text editors? You're faster and more efficient in vi, I'm faster and more efficient in nano. At least your not trying to talk me into using emacs!

momurda

@tim_g Ctrl+X, Y to save a file. quicker than in vi/vim.
I can actually edit lines and insert text and cut and paste intuitively in nano, unlike vi which requires you to memorize the insert function to just add a simple word or two. Then you have to escape the insert function, then you have to remember what unnatural keyboard combo is to do something else.
CtrlW to find. Super simple, unlike vi/vim.

Obsolesce

@momurda said in Install Nginx as a Reverse Proxy on Fedora 27:

@tim_g Ctrl+X, Y to save a file. quicker than in vi/vim.
I can actually edit lines and insert text and cut and paste intuitively in nano, unlike vi which requires you to memorize the insert function to just add a simple word or two. Then you have to escape the insert function, then you have to remember what unnatural keyboard combo is to do something else.
CtrlW to find. Super simple, unlike vi/vim.

CtrlW to go into another menu and find what you want is weird. I'd rather just type /whatever and hit enter.

If you want to insert text from clipboard, you go to where you want to insert something, and (rather intuitively), hit the i button, because insert starts with "i", then paste it in like normal. In Fedora terminal windows anyways, it's ctrl+shift+v to paste. To exit insertion mode, it's the esc key... also rather intuitive, because escape.

Want to remove some lines? Just hit dd, and the line you're on goes away... hold it in to remove lots of lines. Or hit a number first then dd, and it removes that many lines (20dd removes the next 20 lines). It's all so simple, but I can see the complexity of it if you have no idea about it.

It's the whole oh I never used it before and don't know what to do because i don't have a GUI to show me.

Remove the GUI from Nano, and you're in the same boat... how the hell is Ctrl+W intuitive to "find" text? Less intuitive than to simply /TextToLookFor and hit enter.

Copy and paste is easy too... it uses y to copy (for "yank") and p for paste.
But you can do it by highlighting something (if in a gui terminal for example with your mouse) and ctrl+shift+c / v to copy and paste as well.

EddieJennings

So about that nginx reverse proxy...

:face_with_stuck-out_tongue:

JaredBusch

@tim_g STFU already. No one fucking cares.

Also get the fuck over yourself already.

scottalanmiller

@momurda said in Install Nginx as a Reverse Proxy on Fedora 27:

@tim_g Ctrl+X, Y to save a file. quicker than in vi/vim.

CtrlW to find. Super simple, unlike vi/vim.

ZZ, no more to save and exit in vi.
/ to find. Also super fast.

black3dynamite

No love for the awesome ed command? :grinning_face_with_smiling_eyes:
https://www.gnu.org/software/ed/manual/ed_manual.html

Seriously, what's up with the arguments about which editor is better?

Obsolesce

@jaredbusch said in Install Nginx as a Reverse Proxy on Fedora 27:

@tim_g STFU already. No one fucking cares.

Also get the fuck over yourself already.

Aww, is someone pointing out some flaws / difference of opinion / misconceptions in something you like or prefer?

Here's a guide for you:

0_1524246626520_5e68a19a-f7d4-4d89-a211-fa9c4d9e225b-image.png

EddieJennings

I've found a far better thread for discussing the merits of text editors. Enjoy

JaredBusch

@tim_g said in Install Nginx as a Reverse Proxy on Fedora 27:

@jaredbusch said in Install Nginx as a Reverse Proxy on Fedora 27:

@tim_g STFU already. No one fucking cares.

Also get the fuck over yourself already.

Aww, is someone pointing out some flaws / difference of opinion / misconceptions in something you like or prefer?

Here's a guide for you:

No. I honestly don't' give a shit about the editors, that was the entire point of why the guide had the comment it had.
But if you want to be a supremacist bitch about your editor of choice, feel free, just take it out of this thread.

momurda

Jared where is your nginx.conf

Obsolesce

@jaredbusch said in Install Nginx as a Reverse Proxy on Fedora 27:

@tim_g said in Install Nginx as a Reverse Proxy on Fedora 27:

@jaredbusch said in Install Nginx as a Reverse Proxy on Fedora 27:

@tim_g STFU already. No one fucking cares.

Also get the fuck over yourself already.

Aww, is someone pointing out some flaws / difference of opinion / misconceptions in something you like or prefer?

Here's a guide for you:

No. I honestly don't' give a shit about the editors, that was the entire point of why the guide had the comment it had.
But if you want to be a supremacist bitch about your editor of choice, feel free, just take it out of this thread.

Not supremacist, only correcting misconceptions that were mentioned... as you and Scott do all the time, in any thread they come up. If I do it, then I'm a "supremacist bitch"? Go piss up a rope and slip off.

JaredBusch

@momurda said in Install Nginx as a Reverse Proxy on Fedora 27:

Jared where is your nginx.conf

I do not normally modify the default conf file

EddieJennings

My experiment last night with Nginx worked. I'm going to see if I can replicate it tonight, and post the config for critique.

momurda

I am trying to copy this setup but using wildcard cert instead.
So, i have an http server setup with mediawiki. It has no https.
I have this nginx proxy setup so that the http site is redirected correctly.
edit:well it isnt doing http now either Not sure what i did, was working yesterday just fine.
However it wont seem to proxy https.
I think this is probably because my server.domain.conf in /etc/nginx/conf.d/server.domain.conf proxy_pass parameter is trying to redirect to https of this server which doesnt have https.
What to do in this type of situation?
I asked about this earlier in thread, seems it can work. Ive just messed something up.
I have not messed about with nginx.conf.
Not really sure how it can be used unmodified to proxy https as nothing is defined for https by default.

server.domain.conf file in /etc/nginx/conf.d/ :

server {
        client_max_body_size 40M;
        listen 443 ssl;
        server_name server.domain.com;
        ssl          on;
        ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;

        location / {
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $http_host;
                proxy_set_header X-NginX-Proxy true;
                proxy_pass https://10.1.0.247:443; # HERE IS ISSUE I THINK
                proxy_redirect off;
        }
}
server {
        client_max_body_size 40M;
        listen 80;
        server_name server.domain.com;

        location / {
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $http_host;
                proxy_set_header X-NginX-Proxy true;
                proxy_pass http://10.1.0.247:80;
                proxy_redirect off;
        }
}

black3dynamite

@momurda said in Install Nginx as a Reverse Proxy on Fedora 27:

I am trying to copy this setup but using wildcard cert instead.
So, i have an http server setup with mediawiki. It has no https.
I have this nginx proxy setup so that the http site is redirected correctly.
edit:well it isnt doing http now either Not sure what i did, was working yesterday just fine.
However it wont seem to proxy https.
I think this is probably because my server.domain.conf in /etc/nginx/conf.d/server.domain.conf proxy_pass parameter is trying to redirect to https of this server which doesnt have https.
What to do in this type of situation?
I asked about this earlier in thread, seems it can work. Ive just messed something up.
I have not messed about with nginx.conf.
Not really sure how it can be used unmodified to proxy https as nothing is defined for https by default.

server.domain.conf file in /etc/nginx/conf.d/ :
server {
        client_max_body_size 40M;
        listen 443 ssl;
        server_name server.domain.com;
        ssl          on;
        ssl_certificate /etc/letsencrypt/live/domain.com/fullchain.pem;
        ssl_certificate_key /etc/letsencrypt/live/domain.com/privkey.pem;

        location / {
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $http_host;
                proxy_set_header X-NginX-Proxy true;
                proxy_pass https://10.1.0.247:443; # HERE IS ISSUE I THINK
                proxy_redirect off;
        }
}
server {
        client_max_body_size 40M;
        listen 80;
        server_name server.domain.com;

        location / {
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $http_host;
                proxy_set_header X-NginX-Proxy true;
                proxy_pass http://10.1.0.247:80;
                proxy_redirect off;
        }
}

On your Mediawiki server, take a look at your LocalSettings.php file. What do you have set for $wgServer?

momurda

It is http://server.domain.com

Why did LE give me .pem files? edit: dont know

Why cant i convert these pem files to .crt and .key? edit: somehow all these .pem files now have 0 size which doesnt make sense. Worked fine yesterday.

openssl x509 -outform der -in cert.pem -out cert.crt
unable to load certificate
140515541610688:error:0906D06C:PEM routines:PEM_read_bio:no start line:../crypto/pem/pem_lib.c:691:Expecting: TRUSTED CERTIFICATE

Obsolesce

@momurda

What's the original cert that you have?

JaredBusch

@momurda said in Install Nginx as a Reverse Proxy on Fedora 27:

It is http://server.domain.com

Why did LE give me .pem files? edit: dont know

Why cant i convert these pem files to .crt and .key? edit: somehow all these .pem files now have 0 size which doesnt make sense. Worked fine yesterday.
openssl x509 -outform der -in cert.pem -out cert.crt
unable to load certificate
140515541610688:error:0906D06C:PEM routines:PEM_read_bio:no start line:../crypto/pem/pem_lib.c:691:Expecting: TRUSTED CERTIFICATE

You are supposed to have .pem files, always. That tells you the encoding type of the key and certificate. If you did not know pem files mean you have a DER encoded certificate and key file.