subdomain of existing site different path

Discussion in 'ISPConfig 3 Priority Support' started by DylanPedro, Feb 21, 2018.

  1. DylanPedro

    DylanPedro Member HowtoForge Supporter

    Hi,

    I am trying to install magento2 on ISPConfig. The application as two paths
    magento2/setup
    magento2/pub

    For a safe installation it is recommended to run a live setup from the root pointing to the pub folder but in order to set the software up you must point the server to the root folder of magento2 as this is where the setup folder sits.

    Is it possible to setup a subdomain like this:
    setup.example.com

    that reads files form /var/www/example.com/web/magento2/ of the same web directory of an already defined site?

    The proxy option does not help as it requires a url to proxy but the original site points to magento2/pub which is lower than magento2/setup
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    That's possible, see vhost subdomains in ISPConfig.
     
  3. DylanPedro

    DylanPedro Member HowtoForge Supporter

    Im tring to do this on nginx and would like the web directory to be one that already exists. Where do I look for the vhost subdomains in ISPConfig?

    Setting up a new vhost as setup.example.com is wrong as it creates a new web directory
    Setting up a new subdomain is wrong as it as fro a url which is also wrong

    I wand to setup a subdomain like setup.example.com which points to an existing web root e.g. /var/www/example.com/magento/setup
     
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    Vhost subdomains and vhost alias domains have to be enaböed first under system > interface > main config. You will find them then in the sites module.
     
  5. DylanPedro

    DylanPedro Member HowtoForge Supporter

    I've switched these on and dont think that is what I am looking for as a subdomain vhost create a completely new web root and does not point to the existing one. I will try to explain what I require again as I may have not explained it clearly before:
    1) Have setup.example.com point to /var/www/example.com/web/magento/setup or even /var/www/example.com/web/magento if possible
    2) Have example.com point to /var/www/example.com/web/magento/pub

    I have managed to do this setting up an alias in the nginx directives bit so that example.com/setup goes to /var/www/example.com/web/magento/setup but not using a subdomain?
     
  6. till

    till Super Moderator Staff Member ISPConfig Developer

    The vhost subdomain is what you are looking for.
    See screenshot.
    The result is that sub.domain.com points to the web/magento folder of this site.
     

    Attached Files:

  7. DylanPedro

    DylanPedro Member HowtoForge Supporter

    Hi Till,

    Worked in the end. I got confused the the path made in the www folder was just a sym link and not an actual folder :-|

    The setup page only shows if cgi.fix_pathinfo = 1 is added to the main sites php.ini section. Otherwise the log shows:
    Code:
    2018/02/23 01:01:01 [error] 6996#6996: *10 FastCGI sent in stderr: "Access to the script '/var/www/example.com/web/magento2/setup/index.php/session/prolong' has been denied (see security.limit_extensions)" while reading response header from upstream, client: 86.4.188.88, server: setup.example.com, request: "POST /setup/index.php/session/prolong HTTP/1.1", upstream: "fastcgi://unix:/var/lib/php7.0-fpm/web8.sock:", host: "setup.example.com", referrer: "https://setup.example.com/setup/"
    Is this ok or a security risk as written around the web?

    Last bit, how do I use the magento error pages eg 404 etc as it show the default ispconfig ones at present even though the include file has:
    Code:
    error_page 404 403 = /errors/404.php;
     
  8. till

    till Super Moderator Staff Member ISPConfig Developer

    That should be ok.

    See custom errr pages checkbox in the website.
     
  9. DylanPedro

    DylanPedro Member HowtoForge Supporter

    So I've unchecked the "Own Error-Documents" box.

    Have the following in the nginx directives:
    Code:
    set $MAGE_ROOT /var/www/example.co.uk/web/magento2;
    include /var/www/example.co.uk/private/magento2/nginx.conf.sample.git;
    and the nginx.conf.sample.git file looks like this:
    Code:
    #from: https://raw.githubusercontent.com/magento/magento2/2.3-develop/nginx.conf.sample
    
    ## Example configuration:
    # upstream fastcgi_backend {
    #    # use tcp connection
    #    # server  127.0.0.1:9000;
    #    # or socket
    #    server   unix:/var/run/php5-fpm.sock;
    #    server   unix:/var/run/php/php7.0-fpm.sock;
    # }
    # server {
    #    listen 80;
    #    server_name mage.dev;
    #    set $MAGE_ROOT /var/www/magento2;
    #    include /vagrant/magento2/nginx.conf.sample;
    # }
    #
    ## Optional override of deployment mode. We recommend you use the
    ## command 'bin/magento deploy:mode:set' to switch modes instead.
    ##
    ## set $MAGE_MODE default; # or production or developer
    ##
    ## If you set MAGE_MODE in server config, you must pass the variable into the
    ## PHP entry point blocks, which are indicated below. You can pass
    ## it in using:
    ##
    ## fastcgi_param  MAGE_MODE $MAGE_MODE;
    ##
    ## In production mode, you should uncomment the 'expires' directive in the /static/ location block
    
    #root $MAGE_ROOT/pub;
    
    index index.php;
    autoindex off;
    charset UTF-8;
    error_page 404 403 = /errors/404.php;
    #add_header "X-UA-Compatible" "IE=Edge";
    
    # PHP entry point for setup application
    location ~* ^/setup($|/) {
        root $MAGE_ROOT;
        location ~ ^/setup/index.php {
            fastcgi_pass   unix:/var/lib/php7.0-fpm/web8.sock;
    
            fastcgi_param  PHP_FLAG  "session.auto_start=off \n suhosin.session.cryptua=off";
            fastcgi_param  PHP_VALUE "memory_limit=756M \n max_execution_time=600";
            fastcgi_read_timeout 600s;
            fastcgi_connect_timeout 600s;
    
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        fastcgi_params;
        }
    
        location ~ ^/setup/(?!pub/). {
            deny all;
        }
    
        location ~ ^/setup/pub/ {
            add_header X-Frame-Options "SAMEORIGIN";
        }
    }
    
    # PHP entry point for update application
    location ~* ^/update($|/) {
        root $MAGE_ROOT;
    
        location ~ ^/update/index.php {
            fastcgi_split_path_info ^(/update/index.php)(/.+)$;
            fastcgi_pass   unix:/var/lib/php7.0-fpm/web8.sock;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            fastcgi_param  PATH_INFO        $fastcgi_path_info;
            include        fastcgi_params;
        }
    
        # Deny everything but index.php
        location ~ ^/update/(?!pub/). {
            deny all;
        }
    
        location ~ ^/update/pub/ {
            add_header X-Frame-Options "SAMEORIGIN";
        }
    }
    
    location / {
        try_files $uri $uri/ /index.php$is_args$args;
    }
    
    location /pub/ {
        location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
            deny all;
        }
        alias $MAGE_ROOT/pub/;
        add_header X-Frame-Options "SAMEORIGIN";
    }
    
    location /static/ {
        # Uncomment the following line in production mode
        # expires max;
    
        # Remove signature of the static files that is used to overcome the browser cache
        location ~ ^/static/version {
            rewrite ^/static/(version[^/]+/)?(.*)$ /static/$2 last;
        }
    
        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
            add_header Cache-Control "public";
            add_header X-Frame-Options "SAMEORIGIN";
            expires +1y;
    
            if (!-f $request_filename) {
                rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
            }
        }
        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
            add_header Cache-Control "no-store";
            add_header X-Frame-Options "SAMEORIGIN";
            expires    off;
    
            if (!-f $request_filename) {
               rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
            }
        }
        if (!-f $request_filename) {
            rewrite ^/static/?(.*)$ /static.php?resource=$1 last;
        }
        add_header X-Frame-Options "SAMEORIGIN";
    }
    
    location /media/ {
        try_files $uri $uri/ /get.php$is_args$args;
    
        location ~ ^/media/theme_customization/.*\.xml {
            deny all;
        }
    
        location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
            add_header Cache-Control "public";
            add_header X-Frame-Options "SAMEORIGIN";
            expires +1y;
            try_files $uri $uri/ /get.php$is_args$args;
        }
        location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
            add_header Cache-Control "no-store";
            add_header X-Frame-Options "SAMEORIGIN";
            expires    off;
            try_files $uri $uri/ /get.php$is_args$args;
        }
        add_header X-Frame-Options "SAMEORIGIN";
    }
    
    location /media/customer/ {
        deny all;
    }
    
    location /media/downloadable/ {
        deny all;
    }
    
    location /media/import/ {
        deny all;
    }
    
    # PHP entry point for main application
    location ~ (index|get|static|report|404|503|health_check)\.php$ {
        try_files $uri =404;
        fastcgi_pass   unix:/var/lib/php7.0-fpm/web8.sock;
        fastcgi_buffers 1024 4k;
    
        fastcgi_param  PHP_FLAG  "session.auto_start=off \n suhosin.session.cryptua=off";
        fastcgi_param  PHP_VALUE "memory_limit=756M \n max_execution_time=18000";
        fastcgi_read_timeout 600s;
        fastcgi_connect_timeout 600s;
    
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }
    
    gzip on;
    gzip_disable "msie6";
    
    gzip_comp_level 6;
    gzip_min_length 1100;
    gzip_buffers 16 8k;
    gzip_proxied any;
    gzip_types
        text/plain
        text/css
        text/js
        text/xml
        text/javascript
        application/javascript
        application/x-javascript
        application/json
        application/xml
        application/xml+rss
        image/svg+xml;
    gzip_vary on;
    
    # Banned locations (only reached if the earlier PHP entry point regexes don't match)
    location ~* (\.php$|\.htaccess$|\.git) {
        deny all;
    }
    Everything works except the error pages?
    They should work as follows:
    http://magento2-demo.nexcess.net/privacy-policy-cookie-restriction-mode2/

    Instead it shows the default nginx 404 page(not the ispconf version as this has been disabled as suggested)
    404 Not Found
    nginx/1.10.3
     
  10. till

    till Super Moderator Staff Member ISPConfig Developer

    Please post the vhost file of the website.
     
  11. DylanPedro

    DylanPedro Member HowtoForge Supporter

    Here it is:
    Code:
    server {
            listen *:80;
    
            listen *:443 ssl;
            ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
            ssl_certificate /var/www/clients/client0/web8/ssl/example.co.uk-le.crt;
            ssl_certificate_key /var/www/clients/client0/web8/ssl/example.co.uk-le.key;
    
            server_name example.co.uk www.example.co.uk;
    
            root   /var/www/example.co.uk/web//magento2/pub;
    
            if ($scheme != "https") {
                rewrite ^ https://$http_host$request_uri? permanent;
            }
    
    
            index index.html index.htm index.php index.cgi index.pl index.xhtml;
    
    
            location ~ \.shtml$ {
                ssi on;
            }
    
    
            error_log /var/log/ispconfig/httpd/example.co.uk/error.log;
            access_log /var/log/ispconfig/httpd/example.co.uk/access.log combined;
    
            location ~ /\. {
                deny all;
            }
    
            location ^~ /.well-known/acme-challenge/ {
                access_log off;
                log_not_found off;
                root /usr/local/ispconfig/interface/acme/;
                autoindex off;
                index index.html;
                try_files $uri $uri/ =404;
            }
    
            location = /favicon.ico {
                log_not_found off;
                access_log off;
                expires max;
                add_header Cache-Control "public, must-revalidate, proxy-revalidate";
            }
    
            location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
            }
    
            location /stats/ {
                root /var/www/example.co.uk/web/;
                index index.html index.php;
                auth_basic "Members Only";
                auth_basic_user_file /var/www/clients/client0/web8/web/stats/.htpasswd_stats;
            }
    
            location ^~ /awstats-icon {
                alias /usr/share/awstats/icon;
            }
    
            location ~ \.php$ {
                try_files /68d4a3b14f6f80d7efabcab134df4ad9.htm @php;
            }
    
            location @php {
                try_files $uri =404;
                include /etc/nginx/fastcgi_params;
                fastcgi_pass unix:/var/lib/php7.0-fpm/web8.sock;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_intercept_errors on;
            }
    
            location /cgi-bin/ {
                try_files $uri =404;
                include /etc/nginx/fastcgi_params;
                root /var/www/clients/client0/web8;
                gzip off;
                fastcgi_pass  unix:/var/run/fcgiwrap.socket;
                fastcgi_index index.cgi;
                fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
                fastcgi_intercept_errors on;
            }
    
    
    
            location /phpinfo {
                alias /usr/share/php/phpinfo;
                location ~ \.php$ {
                    auth_basic "Members Only";
                            auth_basic_user_file /var/www/clients/client0/web10/web/private/apps/.htpasswd;
                    try_files $uri =404;
                    include /etc/nginx/fastcgi_params;
                    fastcgi_pass unix:/var/lib/php7.0-fpm/web8.sock;
                    fastcgi_index index.php;
                    fastcgi_param SCRIPT_FILENAME $request_filename;
                    fastcgi_intercept_errors on;
                }
            }
    
            set $MAGE_ROOT /var/www/example.co.uk/web/magento2;
            include /var/www/example.co.uk/private/magento2/nginx.conf.sample.git;
    
    
    
    }
     
  12. till

    till Super Moderator Staff Member ISPConfig Developer

    There is no other error page config, so disabling the custom error pages worked and your include config should kick in. I've no real idea why this does not happen. Maybe the duplicate php handlers are related to that.

    you can try to remove the php handling blocks from ispconfig vhost by adding this:

    Code:
    location ~ \.php$ { ##delete##
    }
    location @php { ##delete##
    }
    in the nginx directives field of the site.
     
  13. DylanPedro

    DylanPedro Member HowtoForge Supporter

    Hi Till,

    That did the trick, Thanks!

    Only thing left is:
    I replaced all occurrences of
    Code:
    fastcgi_backend
    with
    Code:
    unix:/var/lib/php7.0-fpm/web8.sock
    in the included nginx.conf.sample file other wise it complains of the following error
    Code:
    no port in upstream "fastcgi_backend" in /var/www/example.co.uk/private/magento2/nginx.conf.sample.git.original:43
    Also I've had to comment out the following line:
    Code:
    root $MAGE_ROOT/pub;
    as it complains about the following error:
    Code:
    "root" directive is duplicate in /var/www/example.co.uk/private/magento2/nginx.conf.sample.git.original:31
    Is it possible using the ##delete method above to ignore the root set by ispconfig and instead use the one in the included file?
     
  14. till

    till Super Moderator Staff Member ISPConfig Developer

    The ##delete## function works for locations only, you can not use it to remove other directives. The root line in the git incluse needs to be commented out as you did.
     
  15. DylanPedro

    DylanPedro Member HowtoForge Supporter

    Does adding anything to the custom php.ini section of the subdomain vhost not have any affect as it looks like it take the options defined for the main website only ?
     

Share This Page