How to install Nginx and common error
- What is Nginx
Nginx can be web server, reverse proxy and e-mail proxy (IMAP/POP3). Nginx is front-end serve on port 80, and Apache is back-end listen on 8080. Clients come to Web Server like Client -> Nginx -> Apache.
- Install
sudo yum install epel-releasesudo yum install nginxsudo systemctl start nginxsudo firewall-cmd --permanent --zone=public --add-service=http
sudo firewall-cmd --permanent --zone=public --add-service=https
sudo firewall-cmd --reloadsudo systemctl enable nginx
3. Setup
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
listen 443;
server_name host.vn;
ssl_certificate /etc/nginx/cert.crt;
ssl_certificate_key /etc/nginx/cert.key;
ssl on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
access_log /var/log/nginx/host.vn.access.log;
location / {
root /opt/CARRIER_LOCK_PRD/;
index index.html;
try_files $uri $uri/ /index.html;
}
location /api/ {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass http://localhost:8080;
proxy_read_timeout 90;
}
}
4. ERROR
- Show error log
> journalctl -u nginx
> sudo tail -30 /var/log/nginx/error.log
- ERROR : 127.0.0.1:9104 failed (13: Permission denied) nginx
> setsebool -P httpd_can_network_connect 1
- ERROR: nginx: [emerg] bind() to 0.0.0.0:8090 failed (13: Permission denied)
semanage port -l | grep http_port_t
http_port_t tcp 80, 81, 443, 488, 8008, 8009, 8443, 9000
> As you can see from the output above with SELinux in enforcing mode http is only allowed to bind to the listed ports. The solution is to add the ports you want to bind on to the list
> SOLUTION 1:
semanage port -a -t http_port_t -p tcp 8090 → will add port 8090 to the list
> SOLUTION 2:
setenforce 0
