FreshTomato Wiki

User Tools

Site Tools

Trace:
web-nginx

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revisionPrevious revision
Next revision		Previous revision
web-nginx [2024/10/16 19:26] – [Advanced Settings] -Condense, formatting hogwildweb-nginx [2024/11/27 02:12] (current) – [Advanced Settings] hogwild
Line 4: Line 4:
  
 Note that FreshTomato also has a built-in (httpd) web server used only for router administration. Httpd is based on a more modern version of Nginx.   \\   \\ Note that FreshTomato also has a built-in (httpd) web server used only for router administration. Httpd is based on a more modern version of Nginx.   \\   \\
- 
  
 ===== Status ===== ===== Status =====
Line 10: Line 9:
  \\  {{:pasted:20220215-152554.png}} \\   \\   \\  \\  {{:pasted:20220215-152554.png}} \\   \\   \\
  
-**NGINX is currently running:** Displays the service status. Clicking [Stop Now] stops the service.+**NGINX is currently running:** displays the service status. Clicking [Stop Now] stops the service.
  
  \\  \\
  
-**NGINX is currently stopped:** Displays the service status. Clicking [Start Now] stops the service.+**NGINX is currently stopped:** displays the service status. Clicking [Start Now] stops the service.
  
  \\  \\
  
-**Enable Server on Start:**  Enabling this causes the nginx service to load at each boot.+**Enable Server on Start:**  enabling this causes the nginx service to load at boot.
  
  \\  \\
  
-**Enable PHP support:**  Enabling this causes PHP pages served by the webserver to be interpreted.+**Enable PHP support:** enabling this causes PHP pages served by the webserver to be interpreted.
  
  \\  \\
  
-**Run As:**  This specifies under which system account the nginx daemon will run.+**Run As:**  specifies under which system account the nginx daemon will run.
  
   * root - The nginx daemon will run under the root account.   * root - The nginx daemon will run under the root account.
Line 40: Line 39:
  \\  \\
  
-**Web Server Port:** Enter the LAN port on which Web content is served. Traditionally, the HTTP default port is 80. However, a conflict can occur if the httpd web server is configured with the same port (See: [[admin_access|Admin Access]]). Thus, port 85 was chosen to be Nginx's default.+**Web Server Port:** here, enter the LAN port on which Web content is served. 
 + 
 +Traditionally, the default HTTP port is 80. However, conflicts can occur if httpd web server is configured with the same port (See: [[admin_access|Admin Access]]). Thus, port 85 was chosen to be Nginx's default.
  
  \\  \\
  
-**Upload file size limit:** Enforces a specified limit for the maximum amount of data to be uploaded in one session.+**Upload file size limit:** enforces a specified limit for the maximum amount of data to be uploaded in one session.
  
  \\  \\
  
-**Allow Remote Access:** Chooses whether Nginx content is via the WAN. If enabled, content is served on the same port as "Web Server Port". \\+**Allow Remote Access:** sets whether Nginx content is available via the WAN. 
 + 
 +Content is served on the "Web Server Port". \\
  
- \\ {{:pasted:20220215-153925.png}}  \\   \\   \\ **Web Server Name:**  Here, enter the web server's name. (Default: Tomato).+ \\ {{:pasted:20220215-153925.png}}  \\   \\   \\ **Web Server Name:**  here, enter the web server's name. (Default: Tomato).
  
  \\  \\
  
-**Document Root Path:**  The filesystem location of the root folder where content/pages are located.+**Document Root Path:**  the filesystem location of the content/pages root folder.
  
  \\  \\
  
-**Server Priority:**  Set the "nice" value for nginx. This value assigns the Webserver process a CPU priority relative to other processes. Valid priority settings are between -20 (highest) and 19 (lowest).+**Server Priority:**  sets the "nice" value for nginx. 
 + 
 +This value assigns the Webserver process a CPU priority relative to other processes. Valid settings are from -20 (highest) to 19 (lowest).
  
  \\  \\
  
-**Enable h5ai support:**  h5ai is a modern file indexer for HTTP webservers with a focus on file listings. Its php code displays plain file/folder lists in an a more nicely-formatted, easy-to-read way.+**Enable h5ai support:**  h5ai is a modern file indexer for HTTP webservers emphasizing file listings. Its PHP code displays plain file/folder lists in an a nicely-formatted, easy-to-read way.
  
  \\  \\
  
-In order to benefit from h5ai, you must:+To benefit from h5ai, you must: 
 + 
 + \\
  
   - Enable h5ai support.   - Enable h5ai support.
Line 75: Line 82:
 ===== Advanced Settings ===== ===== Advanced Settings =====
  
-These fields let you add custom settings to tweak default behaviour. For more details, please consult the official Nginx [[https://nginx.org/en/|documentation]].+Here, you can add custom settings to tweak default behaviour. For details, please consult the Nginx [[https://nginx.org/en/|Documentation]].
  
  \\  \\
Line 85: Line 92:
 {{:pasted:20220215-164428.png}}\\  \\ {{:pasted:20220215-164428.png}}\\  \\
  
-**Use user config file:**  Here, choose whether a custom configuration file will be used. This will override some web interface settings.+**Use user config file:**  here, choose whether a custom configuration file is used. 
 + 
 +This will override some web interface settings.
  
  \\  \\
  
-**User config file path:**  custom path for the nginx configuration file.+**User config file path:**  custom path for the nginx configuration file.
  
 Settings in this file will be active only if //Use user config file// is enabled. When //Use user config file// is disabled, the path remains in the field, but is inactive. Settings in this file will be active only if //Use user config file// is enabled. When //Use user config file// is disabled, the path remains in the field, but is inactive.
Line 101: Line 110:
 > server {\\  listen 444 ssl;\\  server_name FreshTomato SSL;\\  access_log /var/log/nginx/access.log main;\\  http2 on;\\  ssl_certificate /etc/cert.pem;\\  ssl_certificate_key /etc/key.pem;\\  ssl_session_timeout 1d;\\  ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions\\  ssl_session_tickets off;\\  # curl [[https://ssl-config.mozilla.org/ffdhe2048.txt]] > /path/to/dhparam\\  ssl_dhparam /opt/etc/nginx/dhparam;\\  # intermediate configuration\\  ssl_protocols TLSv1.2;\\   ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA;\\  ssl_prefer_server_ciphers off;\\  # HSTS (ngx_http_headers_module is required) (63072000 seconds)\\  add_header Strict-Transport-Security "max-age=63072000" always;\\  location / {\\   root /opt/share/www;\\   index index.html index.htm index.php ;\\   error_page 404 /404.html;\\   error_page 500 502 503 504 /50x.html;\\   location /50x.html {\\    root /opt/share/www;\\   }\\   location ~ ^(?<script_name>.+?\.php)(?<path_info>/.*)?$ {\\    try_files $script_name = 404;\\    include /etc/nginx/fastcgi.conf;\\    fastcgi_param PATH_INFO $path_info;\\    fastcgi_pass unix:/var/run/php-fpm.sock;\\   }\\   location ~ ^/(images|javascript|js|css|flash|media|static)/ {\\    root /opt/share/www;\\    expires 10d;\\   }\\  }\\  autoindex on;\\  autoindex_exact_size off;\\  autoindex_localtime on;\\  charset utf-8;\\ } > server {\\  listen 444 ssl;\\  server_name FreshTomato SSL;\\  access_log /var/log/nginx/access.log main;\\  http2 on;\\  ssl_certificate /etc/cert.pem;\\  ssl_certificate_key /etc/key.pem;\\  ssl_session_timeout 1d;\\  ssl_session_cache shared:MozSSL:10m;  # about 40000 sessions\\  ssl_session_tickets off;\\  # curl [[https://ssl-config.mozilla.org/ffdhe2048.txt]] > /path/to/dhparam\\  ssl_dhparam /opt/etc/nginx/dhparam;\\  # intermediate configuration\\  ssl_protocols TLSv1.2;\\   ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA;\\  ssl_prefer_server_ciphers off;\\  # HSTS (ngx_http_headers_module is required) (63072000 seconds)\\  add_header Strict-Transport-Security "max-age=63072000" always;\\  location / {\\   root /opt/share/www;\\   index index.html index.htm index.php ;\\   error_page 404 /404.html;\\   error_page 500 502 503 504 /50x.html;\\   location /50x.html {\\    root /opt/share/www;\\   }\\   location ~ ^(?<script_name>.+?\.php)(?<path_info>/.*)?$ {\\    try_files $script_name = 404;\\    include /etc/nginx/fastcgi.conf;\\    fastcgi_param PATH_INFO $path_info;\\    fastcgi_pass unix:/var/run/php-fpm.sock;\\   }\\   location ~ ^/(images|javascript|js|css|flash|media|static)/ {\\    root /opt/share/www;\\    expires 10d;\\   }\\  }\\  autoindex on;\\  autoindex_exact_size off;\\  autoindex_localtime on;\\  charset utf-8;\\ }
  
-\\ \\+\\  \\ \\  \\
  
  
web-nginx.1729103211.txt.gz · Last modified: 2024/10/16 19:26 by hogwild

Page Tools

Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki