Ubuntu 8.04LTS (Hardy) Nginx Proxy Pass Configuration

In this article we’ll be setting up Nginx as a proxy server. Nginx is a lightweight server that can handle tons of traffic while keeping a low memory footprint. Because Nginx can only handle serving static content we’ll have to proxy incoming dynamic requests to a server that can handle them such as Apache or a FastCGI server. Although this article is geared towards Ubuntu you should be able to use the Nginx configuration settings with slight modification in other distros as well. Let’s get started.

Installing Nginx

First we need to install the Nginx package from the repository. This will include all the dependencies and security updates in the future. It will place nginx in /etc/nginx/ along with the start, stop and restart scripts.

sudo apt-get install nginx

Nginx does not start after the package has been installed so we’ll need to start that by ourselves.

sudo /etc/init.d/nginx start

Once the server is started we can check to make sure it’s running properly using curl.

curl -I http://your.server.ip.address

If everything went okay, you should see some output similar to this.

HTTP/1.1 200 OK
Server: nginx/0.5.33
Date: Sat, 11 Jul 2009 14:12:12 GMT
Content-Type: text/html
Content-Length: 151
Last-Modified: Wed, 30 Aug 2006 10:39:17 GMT
Connection: keep-alive
Accept-Ranges: bytes

Modifying the nginx.conf:

I always like to create a backup before I modify any configuration files. If you don’t do this, you should. Trust me.

sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak

And we’ll open the file for editing, you can replace vim with your favorite editor of choice.

sudo vim /etc/nginx/nginx.conf

Next we’ll dump in the following changes. We’ve added a few more worker process, turned on sendfile and tcpnopush as well as explicitly setting which files we’re going to be gzipping. Not a lot to see here. You’ll end up wanting to tune your server for your own specific needs anyway, but this is a good start.

user www-data www-data;
worker_processes  4;

error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    access_log  /var/log/nginx/access.log;

    sendfile        on;
    tcp_nopush      on;

    keepalive_timeout  5;
    tcp_nodelay        on;

    gzip  on;
    gzip_min_length 1000;
    gzip_proxied any;
    gzip_types text/css text/plain application/atom+xml application/x-javascript;
    gzip_disable "MSIE [1-6]\.(?!.*SV1)";

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;

}

You’ll also notice we’ve added another include to /etc/nginx/conf.d that looks for all files with the .conf extension. We’re going to add our default poxy information here so all we have to do is enable the proxy pass in the individual virtual host files. Let’s make the conf.d directory then create and edit our proxy.conf.

sudo mkdir /etc/nginx/conf.d
sudo vim /etc/nginx/conf.d/proxy.conf

And now let’s add our proxy defaults to the file. You may end up wanting to play around with these settings but again this is a good starting point.

proxy_redirect     off;

proxy_set_header   Host             $host;
proxy_set_header   X-Real-IP        $remote_addr;
proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;

client_max_body_size       10m;
client_body_buffer_size    128k;
client_header_buffer_size  64k;

proxy_connect_timeout      90;
proxy_send_timeout         90;
proxy_read_timeout         90;

proxy_buffer_size          4k;
proxy_buffers              4 32k;
proxy_busy_buffers_size    64k;
proxy_temp_file_write_size 64k;

Hooking up our first virtual host

We’re going to setup our virtual host file in our sites-enabled folder which will later be sym-linked to our sites-available folder. Let’s create and edit our virtual host file now.

sudo vim /etc/nginx/sites-available/domain.com

This is optional but I always like to setup canonical links to avoid duplicate content. We’re going to setup our server to listen on port 80 for any request to the www subdomain and then rewrite the request to domain.com instead. We’ve also set up a permanent redirect response so we won’t lose any Google juice in the process.

server {

    listen   80;
    server_name  www.domain.com;
    rewrite ^/(.*) http://domain.com/$1 permanent;
}

Now that we’re sending all our www.domain.com requests to domain.com we’ll have to setup our server again to listen on port 80 and then enable our proxy pass to send our requests the local port of our choosing. I’ve used port 7000 here, but you could also use 8080 or another port that currently isn’t in use. The last thing we’ll do in this server block is setup our static folders, this is why we’re using a proxy pass in the first place, to serve static content. This location block is a regular expression that enables directories at the end our our specified root. You can add or remove directories from this regex to suit your own needs. Setting up this separate location without enabling the proxy pass will serve files in your specified directories directly with nginx. The last thing we’ve done in this location block is set expires to max in order to force the browers to cache our static files.

server {

    listen       80;
    server_name  domain.com;
    access_log  /var/log/nginx/domain_name.access.log;

    location / {
        proxy_pass         http://127.0.0.1:7000/;
    }

    location ~ ^/(components|admin_media|media)   {
        root /var/www/vhosts/domain.com/public/;
        expires max;
    }

}

An alternative to setting up static directories served under the same domain as your application is to create a static subdomain. We can achieve this by adding another server block listening to a subdomain without a proxy pass setup. Granted you’ve setup your DNS entries correctly you should then be able to access your subdomain and any files or directories that you create in your public directory.

server {

    listen 80;
    server_name static.domain.com;

    location / {
        root /var/www/vhosts/static.domain.com/public/;
        expires max;
    }

}

Now that we have our virtual host all setup we’ll have to enable it by creating a symlink and restarting the server.

sudo ln -s /etc/nginx/sites-available/domain.com /etc/nginx/sites-enabled/domain.com
sudo /etc/init.d/nginx stop
sudo /etc/init.d/nginx start

Next we’ll have to configure Apache2 to handle our proxied requests on port 7000.