Nginx Catch-All Host As Front End To Apache For ISPConfig 3 On Debian Lenny

By Nedim Hadzimahmutovic <[email protected]>
Version: v1.1
Last Change: May 19, 2010

Introduction

Apache has always been the web server of choice for me. It is a real beast when it comes to resources usage specially in a resource limited environment such as a VPS. I started playing with Nginx a lightweight, high performance web server. My area of interest was running Nginx as a reverse proxy and making it work in a Apache/ISPConfig 3 environment.

 

The Problem

I am an OpenVZ, apache2-mpm-itk, mod_php user. Apache mpm-itk does not support FastCGI. This problem dramatically increases if you use a 64-bit OS since Apache will now use much more memory (32-bit systems have 4-byte pointers whereas 64-bit systems have 8-byte pointers). I started getting KMEMSIZE limit errors and Apache was the reason why. Apache made my VPS unusable so I had to look for an alternative.

 

The Solution

Nginx was the answer but I am a ISPConfig user which only supports Apache and if I found a way around this there was no way I would manually manage each virtual host. The solution was to setup Nginx catch all host as front-end and proxy to Apache which will be running in the back-end on a different port. This way Nginx will serve the static files and PHP would be left to Apache. You can also leave a whole domain to Nginx if you like, just put a that domain's virtual host before the default vhost. One step further would be to run a 32-bit chroot environment on top of the 64-bit OS and install 32-bit Apache but this will not be covered in this tutorial.

 

Configure Apache

Configure Apache to run on port 82 in /etc/apache2/ports.conf and in all of your virtual hosts. To make it easier use sed command:

 # sed -ie 's/YOUR-IP:80/YOUR-IP:82/g' /etc/apache2/sites-available/*.vhost

I assume your virtual host is IP based - your vhost could have *:80 instead of IP:80.

The sed command will make backup files of your .vhost files which will have .vhoste extension. You can move the backup vhost files:

mkdir /root/apache2_vhost_backup/
mv /etc/apache2/sites-available/*.vhoste /root/apache2_vhost_backup/

Restart apache and use netstat check if it is running on port 82:

# /etc/init.d/apache2 restart
# netstat -tunap | grep apache2

  tcp        0      0 0.0.0.0:82              0.0.0.0:*               LISTEN      7630/apache2

Now you have to change the ISPConfig Apache templates. Copy them to your conf-custom directory:

 # cd /usr/local/ispconfig/server/ 
 # cp conf/apache_ispconfig.conf.master conf-custom/ 
 # cp conf/vhost.conf.master conf-custom/

Open the two files and change :80 to :82. Just to be sure run grep command and check if the output matches:

 # grep :82 -i /usr/local/ispconfig/server/conf-custom/*

/usr/local/ispconfig/server/conf-custom/apache_ispconfig.conf.master:NameVirtualHost {tmpl_var name="ip_address"}:82
/usr/local/ispconfig/server/conf-custom/vhost.conf.master: :82>

You will see all requests as originating from localhost (127.0.0.1). To see users real IP address you will have to install libapache2-mod-rpaf:

 # apt-get install libapache2-mod-rpaf

Add the following to /etc/apache2/apache2.conf:

# nano /etc/apache2/apache2.conf
RPAFsethostname On
RPAFproxy_ips 127.0.0.1 YOU_IP_ADDRESS

 

Installing And Configure Nginx

Enable the lenny-backports repository, you will find the instructions on http://backports.org/.

 apt-get install nginx

Remove the default vhost:

 # rm /etc/nginx/sites-available/default

Open the file:

 # nano /etc/nginx/sites-available/default

Add the following content to the file:

server {
	listen   80 default; 
        server_name  _;
        server_name_in_redirect  off;
	resolver  127.0.0.1;
#### www. redirect	- all domains starting with www will be redirected to http://domain. ####
    if ($host ~* ^(www\.)(.+)) {
        set $rawdomain $2;
        rewrite ^/(.*)$  http://$rawdomain/$1 permanent;
    }
	access_log  /var/log/ispconfig/httpd/$host/access.log;
location ~* ^.+.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js|swf|flv|html|htm|mp3)$ {
	root   /var/www/$host/web; 
	access_log off;
	expires 30d;
    }
location / {
	root   /var/www/$host/web;
	index  index.html index.htm index.php;
        access_log      off;
        proxy_pass http://$host:82;
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}

That's it. Nginx will serve all your static files like images even html files and php stuff will be forwarded to Apache.

Share this page:

13 Comment(s)