Suggestion for nginx templates + backup

andrewnewby · March 24, 2023, 7:16am

Hi,

On my server, I have a custom rule in the nginx templates inside the location / { block:

include %home%/%user%/conf/web/%domain%/rules.conf*;

I then (if I need it) can include a rules.conf file that contains the rules for the domain. This works fine for me, but I wonder if it would be helpful for others as well? A bit like we have:

include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;

So its not required, but is included in the nginx templates if you want to make use of it. The reason I bring it up, is that I was just moving a site to another Hestia server. The rules.conf file wasn’t copied over. Looking in v-backup-user, we do:

		# Backup vhost config
		if [ -e "$HOMEDIR/$user/conf/web/$domain/$WEB_SYSTEM.conf" ]; then
			cp $HOMEDIR/$user/conf/web/$domain/$WEB_SYSTEM.conf* conf/
		elif [ -e "$HOMEDIR/$user/conf/web/$domain.$WEB_SYSTEM.conf" ]; then
			cp $HOMEDIR/$user/conf/web/$domain.$WEB_SYSTEM.conf* conf/
		else
			# legacy format: all domain configs in single file
			tpl_file="$WEBTPL/$WEB_SYSTEM/$WEB_BACKEND/$TPL.tpl"
			conf="$HOMEDIR/$user/conf/web/$WEB_SYSTEM.conf"
			get_web_config_lines "$tpl_file" "$conf"
			sed -n "$top_line,$bottom_line p" $conf > conf/$WEB_SYSTEM.conf
		fi

So it actually only looks for specific files. My thinking is that if we add in:

		if [ -e "$HOMEDIR/$user/conf/web/$domain/rules.conf" ]; then
			cp $HOMEDIR/$user/conf/web/$domain/rules.conf* conf/
		fi

This would then back that up as well. I guess a similar tweak would be needed in the restore process as well. What do people think? If it worth creating a PR with the updated templates + backup/restore functions?

eris · March 24, 2023, 7:47am

You should be able to use:

nginx.conf_xxxx and nginx.ssl.conf_xxxx

To load custom config those should be loaded as well

andrewnewby · March 24, 2023, 8:10am

Thanks - but those are run outside of location / {} ? My rules need to be. It needs to really be:

    location / {
        include %home%/%user%/conf/web/%domain%/rules.conf*;

... the rest

   }

Otherwise, having it in the main server block (and not within a location), makes the rules not run correctly? An example of whats in there:

rewrite mini-directories/([0-9]+)-([0-6])\.html$ /search/view-md.cgi?ID=$1&fmd_num=$2 last;
rewrite ^/p/contact$ /search/contact.cgi last;
rewrite ^/p/(.*)$ /search/page.cgi?p=$1&bar=4 last;

jlguerrero · March 24, 2023, 8:39am

The 7g firewall uses rules inside and outside the server block and I use the nginx.conf_* format

Just leave a comment in the file and with: nginx -T | grep “comment” you will know if it has been loaded

andrewnewby · March 24, 2023, 9:16am

haha wow, I didn’t know that! I just tested it on a smaller site, and it seems to work. Maybe that was just a hangover from when I used to use Vesta (and there wasn’t that extra file)

That’ll make things easier! (although now, I’ve got to go through and edit and test all the places I use rules.conf )

andrewnewby · March 24, 2023, 9:27am

Ok actually, I found a problem I think this is why I went for a custom rules.conf file within the location / {} block. In it, I have:

   location / {

        include /home/willr/conf/web/educationusingpowerpoint.co.uk/rules.conf*;

        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js|eot|otf|ttf|woff|woff2|map)$ {

            rewrite "/20(\d\d)/v\d+/js/(.+)\.js$" /20$1/js/$2.js last;
            rewrite "/20(\d\d)/v\d+/css/(.+)\.css$" /20$1/css/$2.css last;
            rewrite "/20(\d\d)/v\d+/js/(.+)\.css$" /20$1/js/$2.css last;
            rewrite "/20(\d\d)/v\d+/css/(.+)\.css\.map$" /20$1/css/$2.css.map last;

            expires     max;
            fastcgi_hide_header "Set-Cookie";
        }

        location ~ [^/]\.php(/|$) {
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            if (!-f $document_root$fastcgi_script_name) {
                return  404;
            }

            fastcgi_pass    unix:/run/php/php7.4-fpm-educationusingpowerpoint.co.uk.sock;
            fastcgi_index   index.php;
            include         /etc/nginx/fastcgi_params;
            include     /home/willr/conf/web/educationusingpowerpoint.co.uk/nginx.fastcgi_cache.conf*;
        }


        location ~ \.cgi$ {
            gzip off;
            proxy_set_header X-Real-IP  $remote_addr;
            proxy_set_header X-Forwarded-For $remote_addr;
            proxy_set_header Host $host;
            proxy_pass http://127.0.0.1:8181;

        }


    }

In particular:

        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js|eot|otf|ttf|woff|woff2|map)$ {

            rewrite "/20(\d\d)/v\d+/js/(.+)\.js$" /20$1/js/$2.js last;
            rewrite "/20(\d\d)/v\d+/css/(.+)\.css$" /20$1/css/$2.css last;
            rewrite "/20(\d\d)/v\d+/js/(.+)\.css$" /20$1/js/$2.css last;
            rewrite "/20(\d\d)/v\d+/css/(.+)\.css\.map$" /20$1/css/$2.css.map last;

            expires     max;
            fastcgi_hide_header "Set-Cookie";
        }

If I put the rewrites in nginx.ssl.conf_rules , then that takes president and the above code is never run - which results in a 404. not sure if there is any way around that?

Cheers

Andy

system · April 23, 2023, 9:27am

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.