diff options
| author | Kévin Le Gouguec <kevin.legouguec@gmail.com> | 2021-08-01 18:43:40 +0200 |
|---|---|---|
| committer | Kévin Le Gouguec <kevin.legouguec@gmail.com> | 2021-08-01 18:44:29 +0200 |
| commit | c772c5a5c7f8dddd39cefdb2522ee0850f256756 (patch) | |
| tree | d437cde936f17ab43ef5a60afdd4d5ced511395f | |
| parent | a78a0ac5bfe5ec9aa7e4121d60bd6f66caabb3a9 (diff) | |
| download | memory-leaks-c772c5a5c7f8dddd39cefdb2522ee0850f256756.tar.xz | |
Note down some basic nginx configuration steps
Cave in and add newlines after #+end_src, to ensure Org does not
highlight lines when everything is folded.
| -rw-r--r-- | guides/cloud/vps.org | 35 |
1 files changed, 32 insertions, 3 deletions
diff --git a/guides/cloud/vps.org b/guides/cloud/vps.org index b649fa8..f097ee8 100644 --- a/guides/cloud/vps.org +++ b/guides/cloud/vps.org @@ -36,7 +36,36 @@ So instead, I'll Match User … PasswordAuthentication yes #+end_src + +* System +** Hostname +#+begin_src sh +sudo hostnamectl set-hostname $fqdn +#+end_src + * Web server +Run ~sudo apt install nginx~; then, in +=/etc/nginx/sites-available/$FQDN=: +#+begin_src conf +server { + listen 80; + listen [::]:80; + + root /var/www/$FQDN/html; + index index.html; + + server_name $FQDN www.$FQDN; + access_log /var/log/nginx/$FQDN.access.log; + + location / { + try_files $uri $uri/ =404; + } +} +#+end_src +Use one =access_log= file per site, to simplify analytics. + +Run ~sudo systemctl restart nginx~. +** fail2ban With the following files in =$HOME=: #+begin_src conf # nginx-botsearch.local @@ -56,12 +85,12 @@ enabled = true [nginx-botsearch] enabled = true -logpath = /var/log/nginx/access.log +# Assume that each requests to $fqdn will be logged to "$fqdn.access.log". +logpath = /var/log/nginx/*access.log #+end_src -Do: +Then: #+begin_src sh -sudo apt install nginx sudo cp ~/nginx-botsearch.local /etc/fail2ban/filter.d/ sudo cp ~/jail.local /etc/fail2ban/ sudo systemctl restart fail2ban |