Nginx/de

nginx ist ein robuster, kleiner und hochperformanter web server und ein Reverse Proxy Server. Es ist eine gute Alternative zu den beliebten vorhandenen Webservern wie Apache und lighttpd.

Installation
Vor der unmittelbaren Installation des Paketes, ist es sinnvoll die USE flags für Nginx zu beachten.

Nginx uses modules to enhance its features. To simplify the maintenance of this modular approach, the nginx ebuild uses expanded USE flags to denote which modules should be installed. HTTP related modules can be enabled through the  variable whereas mail related modules can be enabled through the   variable. Nginx third party modules can be enabled through the  variable.

These variables need to be set in. Their descriptions can be found in /usr/portage/profiles/desc/nginx_modules_http.desc and /usr/portage/profiles/desc/nginx_modules_mail.desc.

With the USE flags set, install :

Vergessen Sie nicht Nginx zum default Runlevel hinzuzufügen:

Betrieb
Das Nginx Paket installiert ein Serviceskript, welches Administratoren einen Stop, Start oder Neustart des Services erlaubt.

Um sicherzustellen, dass Nginx korrekt läuft, testen Sie dies mit Ihrem Browser oder nutzen Sie einen der kommandozeilbasierten Webklienten (wie ):

Konfiguration
Die Nginx Konfiguration wird mittels der Datei gesteuert.

Single site access
The following example shows a single-site access, without dynamic capabilities (such as PHP).

Multiple site access
It is possible to leverage the  directive to split the configuration in multiple files:

PHP Unterstützung aktivieren
Add the following lines to the nginx configuration to enable PHP support. In this example nginx is exchanging information with the PHP process via a UNIX socket.

To support this setup, PHP needs to be build with FastCGI Process Manager support (php-fpm), which is handled through the  USE flag:

Rebuild php with the new USE flag enabled:

Review the configuration and add following line:

Set the timezone in the php-fpm file. Substitute the  text in the FileBox below with the appropriate timezone information:

Start the php-fpm daemon:

Add php-fpm to the default runlevel:

Reload nginx with changed configuration:

Enabling an IP access list
The next example shows how to allow access to a particular URL (in this case /nginx_status) only to
 * certain hosts (e.g. 192.0.2.1 127.0.0.1)
 * and IP networks (e.g. 198.51.100.0/24)

Enabling basic authentication
nginx allows limiting access to resources by validating the user name and password:

The file can be generated using:

TLS Unterstützung aktivieren
Es ist dringend empfohlen nur TLS zu unterstützen und als unsicher bekannte Verschlüsselungsverfahren zu deaktivieren

The ebuild provides stock self signed certificates in.

Forward Secrecy
The diffie-hellman certificate can be created using openssl:

Enabling third party modules
Download third party module source and move it to or any other location. Manually compile the Nginx module, then add the following line to :

Rebuild nginx with the third party module enabled:

Fehlersuche
In case of problems, the following commands can help troubleshoot the situation.

Validierung der Konfiguration
Verify that the running nginx configuration has no errors:

By running nginx with the  option, it will validate the configuration file without actually starting the nginx daemon.

Verify processes are running
Check if nginx processes are running:

Verify bound addresses and ports
Verify nginx daemon is listening on the right TCP port (such as 80 for HTTP or 443 for HTTPS):

External resources

 * nginx Wiki
 * H5BP nginx config