trying to understand why ports dont work

2024-01-31 12:05:07 +01:00
parent bcdfc7d592
commit 47dcaad60f
13 changed files with 400 additions and 285 deletions
--- a/srcs/requirements/nginx/conf/default
+++ b/srcs/requirements/nginx/conf/default
@@ -1,91 +0,0 @@
-##
-# You should look at the following URL's in order to grasp a solid understanding
-# of Nginx configuration files in order to fully unleash the power of Nginx.
-# https://www.nginx.com/resources/wiki/start/
-# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
-# https://wiki.debian.org/Nginx/DirectoryStructure
-#
-# In most cases, administrators will remove this file from sites-enabled/ and
-# leave it as reference inside of sites-available where it will continue to be
-# updated by the nginx packaging team.
-#
-# This file will automatically load configuration files provided by other
-# applications, such as Drupal or Wordpress. These applications will be made
-# available underneath a path with that package name, such as /drupal8.
-#
-# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
-##
-
-# Default server configuration
-#
-server {
-	listen 80 default_server;
-	listen [::]:80 default_server;
-
-	# SSL configuration
-	#
-	# listen 443 ssl default_server;
-	# listen [::]:443 ssl default_server;
-	#
-	# Note: You should disable gzip for SSL traffic.
-	# See: https://bugs.debian.org/773332
-	#
-	# Read up on ssl_ciphers to ensure a secure configuration.
-	# See: https://bugs.debian.org/765782
-	#
-	# Self signed certs generated by the ssl-cert package
-	# Don't use them in a production server!
-	#
-	# include snippets/snakeoil.conf;
-
-	root /var/www/html;
-
-	# Add index.php to the list if you are using PHP
-	index index.html index.htm index.nginx-debian.html;
-
-	server_name _;
-
-	location / {
-		# First attempt to serve request as file, then
-		# as directory, then fall back to displaying a 404.
-		try_files $uri $uri/ =404;
-	}
-
-	# pass PHP scripts to FastCGI server
-	#
-	#location ~ \.php$ {
-	#	include snippets/fastcgi-php.conf;
-	#
-	#	# With php-fpm (or other unix sockets):
-	#	fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
-	#	# With php-cgi (or other tcp sockets):
-	#	fastcgi_pass 127.0.0.1:9000;
-	#}
-
-	# deny access to .htaccess files, if Apache's document root
-	# concurs with nginx's one
-	#
-	#location ~ /\.ht {
-	#	deny all;
-	#}
-}
-
-
-# Virtual Host configuration for example.com
-#
-# You can move that to a different file under sites-available/ and symlink that
-# to sites-enabled/ to enable it.
-#
-#server {
-#	listen 80;
-#	listen [::]:80;
-#
-#	server_name example.com;
-#
-#	root /var/www/example.com;
-#	index index.html;
-#
-#	location / {
-#		try_files $uri $uri/ =404;
-#	}
-#}
--- a/srcs/requirements/nginx/conf/inception_nginx.conf
+++ b/srcs/requirements/nginx/conf/inception_nginx.conf
@@ -1,48 +0,0 @@
-# doc : https://nginx.org/en/docs/dirindex.html
-
-server {
-	listen				443 ssl;										# for ipv4, on port 443, specifying that accepted connections should works in ssl mode
-	listen				[::]:443 ssl;									# for ipv6
-	server_name			${WP_URL};
-	ssl_certificate		/etc/ssl/certs/${WP_URL}.crt;					# specifies the file with the ssl certificate (self signed here) generated by openssl
-	ssl_certificate_key	/etc/ssl/private/${WP_URL}.key;					# specifies the file with the secret key of the certificate
-
-	root				/var/www/html/;									# contains default nginx index.nginx-debian.html
-	index				index.html index.php;							# defines files that will be used as index (https://nginx.org/en/docs/http/ngx_http_index_module.html)
-		 
-	access_log /var/log/nginx/${WP_URL}.access.log;
-	error_log /var/log/nginx/${WP_URL}.error.log;
-
-	# use fastcgi for all php files
-	location ~ \.php$ {
-		fastcgi_pass	wordpress:9000;
-		fastcgi_split_path_info	^(.+\.php)(/.+)$;
-		fastcgi_param	SCRIPT_FILENAME $document_root$fastcgi_script_name;
-		include			fastcgi_params;
-	}
-
-# followings are from :
-# https://www.farinspace.com/wordpress-nginx-rewrite-rules/
-
-	# unless the request is for a valid file, send to bootstrap
-	# without this, permalinks changes don't work
-	if (!-e $request_filename) {
-		rewrite ^(.+)$ /index.php?q=$1 last;
-	}
-
-	## enforce NO www
-	#if ($host ~* ^www\.(.*)) {
-	#	set $host_without_www $1;
-	#	rewrite ^/(.*)$ $scheme://$host_without_www/$1 permanent;
-	#}
-
-	## catch all
-	#error_page 404 /index.php;
-
-	## deny access to apache .htaccess files
-	#location ~ /\.ht {
-	#	deny all;
-	#}
-
-}
-
--- a/srcs/requirements/nginx/conf/nginx.conf.debian
+++ b/srcs/requirements/nginx/conf/nginx.conf.debian
@@ -1,98 +0,0 @@
-# inception modifications :
-#
-# ssl_protocols :
-#   < ssl_protocols TLSv1.3; # Dropping SSLv3, ref: POODLE
-#   > ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
-# gzip :
-#   < gzip off;
-#   > gzip on;
-# sites-enabled :
-#   < # include /etc/nginx/sites-enabled/*;
-#   > include /etc/nginx/sites-enabled/*;
-																			# doc : https://nginx.org/en/docs/dirindex.html
-
-user www-data;																# process owner name, can be anything
-worker_processes auto;														# a worker is a process that handles incoming requests, auto to automatically adjust the number of processes available
-pid /run/nginx.pid;															# defines a file that will store the process id of the main process
-include /etc/nginx/modules-enabled/*.conf;									# include a file
-
-events {																	# section for connection processing directives
-	worker_connections 768;													# max number of connection that can be opened by a worker process
-	# multi_accept on;
-}
-
-http {																		# section for http server directives
-	##
-	# Basic Settings
-	##
-
-	sendfile on;															# enable the use of linux sendfil() function, that transfer data directly betzeen fd, so withour copying to intermediate memory buffer, it increases performances in most cases (https://stackoverflow.com/questions/58066785/always-use-sendfile-with-nginx-on-linux)
-	tcp_nopush on;															# enables the socket option TCP_CORK/TCP_NOPUSH, that allows to send packets filled with more datas (https://baus.net/on-tcp_cork/)
-	tcp_nodelay on;															# opposit of TCP_CORK, TCP_NODELAY says the application to send datas as soon as it receives it, both options are exclusives but can work together in modern kernel (https://stackoverflow.com/questions/3761276/when-should-i-use-tcp-nodelay-and-when-tcp-cork)
-	keepalive_timeout 65;													# in seconds, defines time before closing a connexion without activity
-	types_hash_max_size 2048;												# maximum size for the list that stores duplicates of the hash table, size of the hash table is chosen accordingly (https://nginx.org/en/docs/hash.html, hash table : https://www.youtube.com/watch?v=KyUTuwz_b7Q)
-	# server_tokens off;
-
-	# server_names_hash_bucket_size 64;
-	# server_name_in_redirect off;
-
-	include /etc/nginx/mime.types;											# include a file
-	default_type application/octet-stream;									# defines the default MIME type (default is text/plain)
-
-	##
-	# SSL Settings
-	##
-
-	ssl_protocols TLSv1.3; # Dropping SSLv3, ref: POODLE					# enables the specified protocols. The TLSv1.1 and TLSv1.2 parameters works only when OpenSSL 1.0.1 or higher is used, and the TLSv1.3 only when OpenSSL 1.1.1 or higher is used
-	ssl_prefer_server_ciphers on;											# Specifies that server ciphers should be preferred over client ciphers when using the SSLv3 and TLS protocols (a cipher is "an algorithm for performing encryption or decryption, a series of [...] steps that can be followed as a procedure" https://en.wikipedia.org/wiki/Cipher_suite)
-
-	##
-	# Logging Settings
-	##
-
-	access_log /var/log/nginx/access.log;									# defines where to write the access logs. if gzip is used, the log will be buffered
-	error_log /var/log/nginx/error.log;										# defines where to write the error logs. if gzip is used, the log will be buffered
-
-	##
-	# Gzip Settings
-	##
-
-	gzip off;																# enable gzipping of responses. gzip is an algorithm that compress the data (disabled for security reasons : https://bugs.debian.org/773332)
-
-	# gzip_vary on;
-	# gzip_proxied any;
-	# gzip_comp_level 6;
-	# gzip_buffers 16 8k;
-	# gzip_http_version 1.1;
-	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
-
-	##
-	# Virtual Host Configs
-	##
-
-	include /etc/nginx/conf.d/*.conf;										# include the *.conf files found in conf.d folder. do the same as "sites-enabled" with another approach : you put your .conf files for the site inside this folder, and if you want to disable a config file you just rename it to no have a .conf suffix
-	# include /etc/nginx/sites-enabled/*;									# include all the (symlink) files found in sites-enabled folder. do the same as "conf.d" with another approach : you put all your configurations files into a "/etc/nginx/sites-available/" folder, and you put symlinks of a selection of thoses files that you want to use for the site, into "/etc/nginx/sites-enabled/" folder (bad practice : https://serverfault.com/questions/527630/difference-in-sites-available-vs-sites-enabled-vs-conf-d-directories-nginx#answer-870709)
-}
-
-
-#mail {
-#	# See sample authentication script at:
-#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
-# 
-#	# auth_http localhost/auth.php;
-#	# pop3_capabilities "TOP" "USER";
-#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
-# 
-#	server {
-#		listen     localhost:110;
-#		protocol   pop3;
-#		proxy      on;
-#	}
-# 
-#	server {
-#		listen     localhost:143;
-#		protocol   imap;
-#		proxy      on;
-#	}
-#}
-
--- a/srcs/requirements/nginx/conf/nginx_http_server.conf
+++ b/srcs/requirements/nginx/conf/nginx_http_server.conf
@@ -0,0 +1,52 @@
+# doc :
+# https://nginx.org/en/docs/dirindex.html
+# https://www.nginx.com/resources/wiki/start/
+# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
+# https://wiki.debian.org/Nginx/DirectoryStructure
+
+server {
+	listen							443 ssl;												# for ipv4, on port 443, specifying that accepted connections should works in ssl mode
+	listen							[::]:443 ssl;										# for ipv6
+	server_name					${WP_URL};
+	ssl_certificate			/etc/ssl/certs/${WP_URL}.crt;		# specifies the file with the ssl certificate (self signed here) generated by openssl
+	ssl_certificate_key	/etc/ssl/private/${WP_URL}.key;	# specifies the file with the secret key of the certificate
+
+	root				/var/www/html/;													# contains default nginx index.nginx-debian.html
+	index				index.html index.php;										# defines files that will be used as index (https://nginx.org/en/docs/http/ngx_http_index_module.html)
+		 
+	access_log /var/log/nginx/${WP_URL}.access.log;
+	error_log /var/log/nginx/${WP_URL}.error.log;
+
+	# use fastcgi for all php files
+	location ~ \.php$ {
+		fastcgi_pass	wordpress:9000;
+		fastcgi_split_path_info	^(.+\.php)(/.+)$;
+		fastcgi_param	SCRIPT_FILENAME $document_root$fastcgi_script_name;
+		include			fastcgi_params;
+	}
+
+# followings are from :
+# https://www.farinspace.com/wordpress-nginx-rewrite-rules/
+
+	# unless the request is for a valid file, send to bootstrap
+	# without this, permalinks changes don't work
+	if (!-e $request_filename) {
+		rewrite ^(.+)$ /index.php?q=$1 last;
+	}
+
+	## enforce NO www
+	#if ($host ~* ^www\.(.*)) {
+	#	set $host_without_www $1;
+	#	rewrite ^/(.*)$ $scheme://$host_without_www/$1 permanent;
+	#}
+
+	## catch all
+	#error_page 404 /index.php;
+
+	## deny access to apache .htaccess files
+	#location ~ /\.ht {
+	#	deny all;
+	#}
+
+}
+
--- a/srcs/requirements/nginx/conf/nginx_main.conf.alpine
+++ b/srcs/requirements/nginx/conf/nginx_main.conf.alpine
@@ -1,4 +1,4 @@
-# inception modifications :
+# modifications from original :
 #
 # user :
 #   < user www-data