Since we are rolling our own Nginx, we changed the Nginx name to prevent conflict from the main Ubuntu Repository to nginx-rc
.
# Start
systemctl start nginx-rc
# Stop
systemctl stop nginx-rc
# Reload
systemctl reload nginx-rc
# Restart
systemctl restart nginx-rc
# Start nginx after reboot
systemctl enable nginx-rc
# Disable nginx automatic start after reboot
systemctl disable nginx-rc
# Config Test
nginx-rc -t
# Installation location
/RunCloud/Packages/nginx-rc
# Config location
/etc/nginx-rc/nginx.conf
# If your web application name is myapp, config will resides inside
/etc/nginx-rc/conf.d/myapp.conf
If you need more power to your Nginx config, you may edit the config file, BUT please follow this closely.
For example, if your web application name is runcloud-blog, you can find the nginx config inside /etc/nginx-rc/conf.d/runcloud-blog.d/main.conf
and the contain of the file will be as follows:
# Do not edit this file
# Editing this file manually might break RunCloud System
# If you think there is a bug, contact us at <our bug email>
server_name blog.runcloud.io;
server_tokens off;
error_log /home/runcloud/logs/nginx/runcloud-blog_error.log;
access_log /home/runcloud/logs/nginx/runcloud-blog_access.log main buffer=16k;
access_log /var/log/nginx-rc/runcloud-blog_traffic.log traffic buffer=16k;
client_max_body_size 256m;
include /etc/nginx-rc/conf.d/runcloud-blog.d/headers.conf;
root /home/runcloud/webapps/runcloud-blog;
index index.php index.html index.htm;
location ~ /.well-known/acme-challenge {
allow all;
log_not_found off;
root /opt/RunCloud/letsencrypt;
}
location / {
include /etc/nginx-rc/extra.d/runcloud-blog.location.root.*.conf;
include /etc/nginx-rc/proxy.conf;
}
location ~ /\. {
deny all;
access_log off;
log_not_found off;
}
location = /favicon.ico {
log_not_found off;
}
location = /robots.txt {
allow all;
log_not_found off;
}
location ~ .(ico|css|gif|jpe?g|png|gz|zip|flv|rar|wmv|avi|css|js|swf|png|htc|mpeg|mpg|txt|otf|ttf|eot|woff|svg|html)$ {
expires 1M;
include /etc/nginx-rc/conf.d/runcloud-blog.d/headers.conf;
add_header Cache-Control "public";
include /etc/nginx-rc/extra.d/runcloud-blog.location.static.*.conf;
try_files $uri @proxy;
}
location ~ .(html)$ {
expires 24h;
include /etc/nginx-rc/conf.d/runcloud-blog.d/headers.conf;
add_header Cache-Control "public";
include /etc/nginx-rc/extra.d/runcloud-blog.location.html.*.conf;
try_files $uri @proxy;
}
include /etc/nginx-rc/extra.d/runcloud-blog.location.main.*.conf;
location @proxy {
include /etc/nginx-rc/proxy.conf;
}
In the config, you will notice these lines
include /etc/nginx-rc/extra.d/runcloud-blog.location.root.*.conf;
include /etc/nginx-rc/extra.d/runcloud-blog.location.static.*.conf;
include /etc/nginx-rc/extra.d/runcloud-blog.location.html.*.conf;
include /etc/nginx-rc/extra.d/runcloud-blog.location.main.*.conf;
Example below will show you how to allow your IP Address to access to /admin url while prevent other people from accessing it.
Create an extra file:
touch /etc/nginx-rc/extra.d/runcloud-blog.location.main.admin-access.conf
vi /etc/nginx-rc/extra.d/runcloud-blog.location.main.admin-access.conf
Paste the configuration below:
location ~ /admin {
allow 192.168.1.0; # This should be replace with your ip address
deny all; # deny everyone from accessing this url
}
Notice that I changed the * with admin-access. You can change * with any word that you want and then issue:
systemctl reload nginx-rc