:orphan: Proxy Package Layouts ======================================== Every software package has a suggested filesystem layout, and proxy servers like Apache and NGINX are no exception. However, Linux distribution package maintainers often have their own opinions about layout, especially with respect to following a layout standard or scheme employed by their particular distribution. Thus, although you can configure the proxy server entirely within its primary configuration file, if you have installed the proxy via your system package manager, this may not be the best idea. The primary config file in the cases of both Apache and nginx under both Debian-based distributions and Enterprise Linux-based distributions contains various *include* directives designed to allow you to place your configuration in files that are entirely controlled by you. This helps to avoid conflicts in the primary config file when the package is upgraded. .. hint:: Primary configuration files can be found at: - nginx (both EL and Debian): ``/etc/nginx/nginx.conf`` - Apache: - EL: ``/etc/httpd/conf/httpd.conf`` - Debian: ``/etc/apache2/apache2.conf`` Package Layout Overviews --------------------------- Debian ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ Debian uses a very similar directory scheme for both nginx and Apache, where ```` is ``apache2`` or ``nginx`` and ```` is some configuration subcomponent: - ``/etc//-available`` for files containing configuration snippets for various instances of the given component - ``/etc//-enabled`` for symbolic links to files in ``/etc//-available`` for each snippet that the administrator wishes to enable ``-available`` is effectively a "repository" for configurations which are enabled by symbolic links in ``-enabled``. Both nginx and Apache use the component ``sites``, intended for individual website configurations. Apache additionally uses the components ``mods`` and ``conf`` for module loading/configuration and general global configuration statements, respectively. Nginx, lacking the ``mods`` and ``conf`` components, provides ``/etc/nginx/conf.d`` .. tip:: On Debian, the paths most relevant to our purposes are: - nginx: - ``/etc/nginx/conf.d/*.conf`` for general directives that belong in the ``http {}`` block - ``/etc/nginx/sites-available/*`` for individual site configs - ``/etc/nginx/sites-enabled/*`` to enable sites - Apache: - ``/etc/apache2/conf-available/*`` for general directives that belong in the ``http {}`` block - ``/etc/apache2/conf-enabled/*`` to enable configs - ``/etc/apache2/sites-available/*`` for individual site configs - ``/etc/apache2/sites-enabled/*`` to enable sites Enterprise Linux ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ EL's layout is simpler: both nginx and Apache provide a single configuration inclusion directory, where ```` is ``httpd`` or ``nginx``: - ``/etc//conf.d/`` Apache additionally has a module configuration directory at ``/etc/httpd/conf.modules.d`` .. tip:: On EL, the paths most relevant to our purposes are: - nginx: ``/etc/nginx/conf.d/*.conf`` - Apache: ``/etc/httpd/conf.d/*.conf`` NGINX --------------------------- **Global option configuration:** On both Debian and EL, you could create ``/etc/nginx/conf.d/galaxy_options.conf`` for global options intended for the ``http {}`` block. Because this file is included from within the ``http {}`` block, you would simply define directives without enclosing them in any sort of block: .. code-block:: nginx uwsgi_read_timeout 180; client_max_body_size 10g; ssl_certificate /etc/nginx/ssl/server.crt; ssl_certificate_key /etc/nginx/ssl/server.key; #... **Site configuration:** For the site configurations, you could create: - ``/etc/nginx/sites-available/galaxy`` on Debian - ``/etc/nginx/conf.d/galaxy_site.conf`` on EL These files contain ``server {}`` blocks (again, not enclosed in an ``http {}``): .. code-block:: nginx server { listen 80 default_server; listen [::]:80 default_server; server_name _; #... } server { listen 443 default_server; listen [::]:443 default_server; server_name _; #... } On Debian, you'd then need to symlink the config with: .. code-block:: shell-session # ln -s /etc/nginx/sites-available/galaxy /etc/nginx/sites-enabled/galaxy Apache --------------------------- **Global option configuration:** For the global options, you could create: - ``/etc/apache2/confs-available/galaxy.conf`` on Debian - ``/etc/httpd/conf.d/galaxy_options.conf`` on EL With the global configuration directives: .. code-block:: apache SSLProtocol all -SSLv3 SSLCipherSuite ... #... **Site configuration:** For the site configurations, you could create: - ``/etc/apache2/sites-available/galaxy.conf`` on Debian - ``/etc/httpd/conf.d/galaxy_site.conf`` on EL With the ```` blocks: .. code-block:: apache Redirect permanent / https://galaxy.example.org SSLEngine on SSLCertificateFile /etc/apache2/ssl/server.crt SSLCertificateKeyFile /etc/apache2/ssl/server.key #... On Debian you'd then need to symlink the configs with (or do it by hand with `ln -s`): .. code-block:: shell-session # a2enconf galaxy # a2ensite galaxy