Install Nginx and Setup

pratikshag · June 5, 2020, 2:50pm

@royki…I am also having confusion about /etc/nginx/nginx.conf file…I did change the server name as ip-address and changed the location of cert and key which was commented before…I removed the #…Is there any other thing i need change except above.

royki · June 5, 2020, 3:16pm

Normally it s ok. As far I remember. You need to have the index.html file in that location.

pratikshag · June 6, 2020, 8:06am

@royki… What i have done wrong i dont know…Plsease let me know …Here is my conf file i am attchaching…

selan · August 13, 2020, 1:33pm

hi,

I am getting the result as below:

Is it correct or the message “Welcome!” should display ?

selan · August 13, 2020, 5:38pm

Completed the task successfully.

We can see the “Welcome!” message when we give curl -k https://172.16.238.10

Sasi · August 15, 2020, 8:28pm

@royki @ramashish.sharma @sudheer77 @Inderpreet
i have moved cert and key to /etc/pki/tls/certs
created index.html after rm index.html
installed nginx and attached are confid files, after i updated nginx.config i am not able to restart nginx

i have tried 10 times now so far no luck any one pls let me know why the nginx is not starting

roopal.mishra · August 15, 2020, 11:56pm

Update /etc/nginx/nginx.conf:

server {
    ......
    #root         /usr/share/nginx/html;
    root         /var/www/html;
    ......

Sasi · August 16, 2020, 12:17am

no luck @roopal.mishra

what else needs to be changed?

roopal.mishra · August 16, 2020, 12:36am

sudo mkdir /var/www
sudo cp /usr/share/nginx/html /var/www/

please share error which you are getting while starting nginx ,
are you updating iptables as well for nginx port??

Sasi · August 16, 2020, 1:06am

i didnt update iptables for nginx port

@roopal.mishra

roopal.mishra · August 16, 2020, 1:20am

it is mentioned in you config test output that you need to put one }
in nginx config file

Sasi · August 16, 2020, 1:53am

now iam getting error message

cannot load certificate “/etc/pki/nginx/server.crt”: BIO_new_file() failed (SSL: error:02001002:systemlibrary:fopen:No such file or directory:fopen(‘/etc/pki/nginx/server.crt’,‘r’) error:2006D080:BIO routines:BIO_new_file:no such file)

@roopal.mishra

Sasi · August 16, 2020, 2:13am

journalctl -xe
@roopal.mishra

Sasi · August 16, 2020, 3:38am

ssh tony@stapp01
The authenticity of host ‘stapp01 (172.16.238.10)’ can’t be established.
ECDSA key fingerprint is SHA256:k7zC8Dwb/AzGJkNZiL97XklY3H5O3AqsLBaLQkiuz5U.
ECDSA key fingerprint is MD5:2c:58:47:d0:32:b2:53:cc:66:61:cd:16:89:1b:7d:81.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added ‘stapp01,172.16.238.10’ (ECDSA) to the list of known hosts.
tony@stapp01’s password:
[tony@stapp01 ~]$ sudo su

We trust you have received the usual lecture from the local System
Administrator. It usually boils down to these three things:

#1) Respect the privacy of others.
#2) Think before you type.
#3) With great power comes great responsibility.

[sudo] password for tony:
[root@stapp01 tony]# yum install -y epel-release
Loaded plugins: fastestmirror, ovl
Determining fastest mirrors

base: linux.darkpenguin.net
extras: mirror.alpix.eu
updates: ftp.antilo.de
base | 3.6 kB 00:00:00
extras | 2.9 kB 00:00:00
updates | 2.9 kB 00:00:00
(1/4): base/7/x86_64/group_gz | 153 kB 00:00:00
(2/4): extras/7/x86_64/primary_db | 206 kB 00:00:00
(3/4): updates/7/x86_64/primary_db | 3.8 MB 00:00:00
(4/4): base/7/x86_64/primary_db | 6.1 MB 00:00:00
Resolving Dependencies
→ Running transaction check
—> Package epel-release.noarch 0:7-11 will be installed
→ Finished Dependency Resolution

Dependencies Resolved

==========================================================================================================================================
Package Arch Version Repository Size

Installing:
epel-release noarch 7-11 extras 15 k

Transaction Summary

Install 1 Package

Total download size: 15 k
Installed size: 24 k
Downloading packages:
epel-release-7-11.noarch.rpm | 15 kB 00:00:00
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : epel-release-7-11.noarch 1/1
Verifying : epel-release-7-11.noarch 1/1

Installed:
epel-release.noarch 0:7-11

Complete!
[root@stapp01 tony]# yum -y install nginx
Loaded plugins: fastestmirror, ovl
Loading mirror speeds from cached hostfile
epel/x86_64/metalink | 12 kB 00:00:00

base: linux.darkpenguin.net
epel: mirrors.n-ix.net
extras: mirror.alpix.eu
updates: ftp.antilo.de
epel | 4.7 kB 00:00:00

Total Retrieving key from file:///etc/pki/rpm-gpg/RP Importing GPG key 0x352C64E5:
Userid : “Fedora EPEL (7) [email protected]”
888f 6a2f aea2 352c 64e5
(@extras)
-7
1/57
2/57
3/57
4/57
5/57
6/57
7/57
8/57
9/57
10/57
11/57
12/57
13/57
14/57
15/57
16/57
17/57
18/57
19/57
20/57
21/57
22/57
23/57
24/57
25/57
26/57
27/57
28/57
29/57
30/57
31/57
32/57
33/57
34/57
35/57
36/57
37/57
38/57
39/57
40/57
41/57
42/57
43/57
44/57
45/57
46/57
47/57
48/57
49/57
50/57
51/57
.1-1.el7.x86_64 52/57
6.1-1.el7.x86_64 53/57
54/57
55/57
56/57
57/57
1/57
2/57
3/57
4/57
5/57
6/57
7/57
8/57
9/57
10/57
11/57
12/57
13/57
14/57
15/57
16/57
17/57
18/57
19/57
20/57
21/57
22/57
23/57
24/57
25/57
26/57
27/57
28/57
29/57
30/57
31/57
32/57
33/57
34/57
35/57
36/57
37/57
38/57
39/57
40/57
41/57
42/57
.1-1.el7.x86_64 43/57
44/57
45/57
6.1-1.el7.x86_64 46/57
47/57
48/57
49/57
50/57
51/57
52/57
53/57
54/57
55/57
56/57
57/57

Installed:
nginx.x86_64 1:1.16.1-1.el7

Dependency Installed:
centos-indexhtml.noarch 0:7-9.el7.centos centos-logos.noarch 0:70.0.6-3.el7.centos
dejavu-fonts-common.noarch 0:2.33-6.el7 dejavu-sans-fonts.noarch 0:2.33-6.el7
fontconfig.x86_64 0:2.13.0-4.3.el7 fontpackages-filesystem.noarch 0:1.44-8.el7
freetype.x86_64 0:2.8-14.el7 gd.x86_64 0:2.0.35-26.el7
gperftools-libs.x86_64 0:2.6.1-1.el7 groff-base.x86_64 0:1.22.2-8.el7
libX11.x86_64 0:1.6.7-2.el7 libX11-common.noarch 0:1.6.7-2.el7
libXau.x86_64 0:1.0.8-2.1.el7 libXpm.x86_64 0:3.5.12-1.el7
libjpeg-turbo.x86_64 0:1.2.90-8.el7 libpng.x86_64 2:1.5.13-7.el7_2
libxcb.x86_64 0:1.13-1.el7 libxslt.x86_64 0:1.1.28-5.el7
make.x86_64 1:3.82-24.el7 nginx-all-modules.noarch 1:1.16.1-1.el7
nginx-filesystem.noarch 1:1.16.1-1.el7 nginx-mod-http-image-filter.x86_64 1:1.16.1-1.el7
nginx-mod-http-perl.x86_64 1:1.16.1-1.el7 nginx-mod-http-xslt-filter.x86_64 1:1.16.1-1.el7
nginx-mod-mail.x86_64 1:1.16.1-1.el7 nginx-mod-stream.x86_64 1:1.16.1-1.el7
openssl.x86_64 1:1.0.2k-19.el7 perl.x86_64 4:5.16.3-295.el7
perl-Carp.noarch 0:1.26-244.el7 perl-Encode.x86_64 0:2.51-7.el7
perl-Exporter.noarch 0:5.68-3.el7 perl-File-Path.noarch 0:2.09-2.el7
perl-File-Temp.noarch 0:0.23.01-3.el7 perl-Filter.x86_64 0:1.49-3.el7
perl-Getopt-Long.noarch 0:2.40-3.el7 perl-HTTP-Tiny.noarch 0:0.033-3.el7
perl-PathTools.x86_64 0:3.40-5.el7 perl-Pod-Escapes.noarch 1:1.04-295.el7
perl-Pod-Perldoc.noarch 0:3.20-4.el7 perl-Pod-Simple.noarch 1:3.28-4.el7
perl-Pod-Usage.noarch 0:1.63-3.el7 perl-Scalar-List-Utils.x86_64 0:1.27-248.el7
perl-Socket.x86_64 0:2.010-5.el7 perl-Storable.x86_64 0:2.45-3.el7
perl-Text-ParseWords.noarch 0:3.29-4.el7 perl-Time-HiRes.x86_64 4:1.9725-3.el7
perl-Time-Local.noarch 0:1.2300-2.el7 perl-constant.noarch 0:1.27-2.el7
perl-libs.x86_64 4:5.16.3-295.el7 perl-macros.x86_64 4:5.16.3-295.el7
perl-parent.noarch 1:0.225-244.el7 perl-podlators.noarch 0:2.5.1-3.el7
perl-threads.x86_64 0:1.87-4.el7 perl-threads-shared.x86_64 0:1.43-6.el7

Dependency Updated:
openssl-libs.x86_64 1:1.0.2k-19.el7

Complete!
[root@stapp01 tony]# cd /usr/share/nginx/html
[root@stapp01 html]# rm index.html
rm: remove symbolic link ‘index.html’? yes
[root@stapp01 html]# vi index.html
[root@stapp01 html]# mv /tmp/nautilus.crt /etc/pki/tls/certs
[root@stapp01 html]# mv /tmp/nautilus.key /etc/pki/tls/certs
[root@stapp01 html]# vi /etc/nginx/nginx.conf
[root@stapp01 html]# nginx -t -c /etc/nginx/nginx.conf
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
[root@stapp01 html]# systemctl restart nginx
[root@stapp01 html]# systemctl status nginx
● nginx.service - The nginx HTTP and reverse proxy server
Loaded: loaded (/usr/lib/systemd/system/nginx.service; disabled; vendor preset: disabled)
Active: active (running) since Sun 2020-08-16 03:29:44 UTC; 8s ago
Process: 280 ExecStart=/usr/sbin/nginx (code=exited, status=0/SUCCESS)
Process: 279 ExecStartPre=/usr/sbin/nginx -t (code=exited, status=0/SUCCESS)
Process: 278 ExecStartPre=/usr/bin/rm -f /run/nginx.pid (code=exited, status=0/SUCCESS)
Main PID: 281 (nginx)
CGroup: /docker/8f493575a84da70a68d3c798c6bac8caf82d43065186d1569b3657cca14c3bc9/system.slice/nginx.service
├─281 nginx: master process /usr/sbin/nginx
├─282 nginx: worker process
└─283 nginx: worker process

Aug 16 03:29:44 stapp01 systemd[1]: Forked /usr/sbin/nginx as 280
Aug 16 03:29:44 stapp01 systemd[1]: nginx.service changed start-pre → start
Aug 16 03:29:44 stapp01 systemd[280]: Executing: /usr/sbin/nginx
Aug 16 03:29:44 stapp01 systemd[1]: Child 280 belongs to nginx.service
Aug 16 03:29:44 stapp01 systemd[1]: nginx.service: control process exited, code=exited status=0
Aug 16 03:29:44 stapp01 systemd[1]: nginx.service got final SIGCHLD for state start
Aug 16 03:29:44 stapp01 systemd[1]: Main PID loaded: 281
Aug 16 03:29:44 stapp01 systemd[1]: nginx.service changed start → running
Aug 16 03:29:44 stapp01 systemd[1]: Job nginx.service/start finished, result=done
Aug 16 03:29:44 stapp01 systemd[1]: Started The nginx HTTP and reverse proxy server.
[root@stapp01 html]# exit
exit
[tony@stapp01 ~]$ exit
logout
after many many tries cleared /etc/nginx/nginx.conf errors
and able to restart the nginx
and when i gave curl --k https://172.16.238.12
instead of showing response as Welcome! it shows the full content of html page as below
can you pls let me know what is stopping me in displaying Welcome! message
@swaroopcs88 @roopal.mishra @Tej-Singh-Rana @Inderpreet @ramashish.sharma
At the end got success.

@Inderpreet as tasks are getting harder pls increase session time from 1 hr to 2hrs atleast some of the tasks need trouble shooting and not easy, 1hr is too lesss.

pls mention more specific in tasks like index.html should not contain html tags, even after i got everything right i have to redo 2-3 times as i had html tags in my index.html file

Inderpreet · August 16, 2020, 6:28am

@Sasi is the lab for setting up Nginx as reverse proxy ? If so you need to make sure its configured properly so that it can pass request to Apache web server and can serve the code from Apache’s document root.

Sasi · August 19, 2020, 8:25pm

Task is Setup SSL for Nginx not the reverse proxy.

Inderpreet · August 20, 2020, 1:00pm

@Sasi Point 3. of question states that

Create an index.html file with content Welcome! under Nginx document root.

So if your curl was not returning this correct content then either you created index.html file at wrong location or your nginx config was using wrong document root.

selan · August 20, 2020, 5:03pm

@Sasi,

From your screen shots I can see you moved the certificate and keys to the location /etc/pki/tls/certs . But in the nginx.conf file you updated the locations as /etc/pki/nginx/server.crt for ssl_certificate and /etc/pki/nginx/private/server.key for ssl_certificate_key which may cause the failure.

Sasi · August 21, 2020, 12:53am

i already got his task working. your right at some point i had default paths in config file then i realized and changed to correct path

Abdulmalik-Lawal · November 2, 2022, 8:27pm

Hi @Sasi can you help me take a look at this error

Install Nginx and Setup

========================================================================================================================================== Package Arch Version Repository Size

Transaction Summary

==========================================================================================================================================
Package Arch Version Repository Size