sudo yum install epel-release
sudo yum update
sudo yum install nginx
nginx -v
sudo systemctl enable nginx
sudo systemctl start nginx
To use proxy_pass DON'T forget -p to persist the value after rebooting
sudo setsebool -P httpd_can_network_connect on
curl -I 127.0.0.1
log_format main_ext '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'"$host" sn="$server_name" '
'rt=$request_time '
'ua="$upstream_addr" us="$upstream_status" '
'ut="$upstream_response_time" ul="$upstream_response_length" '
'cs=$upstream_cache_status' ;
access_log /var/log/nginx/access.log main_ext;
Set log level to warn.
error_log /var/log/nginx/nginx_error.log warn;
sudo yum install certbot
certbot certonly --standalone --preferred-challenges tls-alpn-01 -d nginx.codetecture.com
openssl req -nodes -new -x509 -keyout nginx.codetecture.com.key -out nginx.codetecture.com.crt -days 365 -subj "/C=NO/ST=Oslo/L=Oslo/O=Codetecture/OU=IT/CN=nginx.codetecture.com"
sudo cp nginx.codetecture.com.key /etc/ssl/certs/
sudo cp nginx.codetecture.com.crt /etc/ssl/certs/
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name _;
root /usr/share/nginx/html;
ssl_certificate "/etc/ssl/certs/nginx.codetecture.com.crt";
ssl_certificate_key "/etc/ssl/certs/nginx.codetecture.com.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
}
Add ngx_http_stub_status_module
sudo vi /etc/nginx/nginx.conf
server {
listen 127.0.0.1:80;
server_name 127.0.0.1;
location /nginx_status {
stub_status on;
allow 127.0.0.1;
deny all;
}
}
Check the configuration
nginx -t
Reload
sudo service nginx reload
Make sure /nginx_status is up
curl http://127.0.0.1/nginx_status
Create an account on amplify.nginx.com and grab the API_KEY
curl -L -O https://github.com/nginxinc/nginx-amplify-agent/raw/master/packages/install.sh
API_KEY='XxXxXxXxXxXxXxXxXxXxXxXxXxXx' sh ./install.sh
sudo service amplify-agent start