I really like the idea of httpd being secure and lightweight and all, but I also need flexibily, especially from my webserver. Couple of things I was missing in httpd are:<\/p>\n\n\n\n
index \"index.html index.php index.htm\"<\/code><\/li>- block access to certain locations based on IP<\/li>
- using custom error pages<\/li>
- dynamic vhosts (although I still have to figure out how to do those with https)<\/li><\/ul>\n\n\n\n
I read man pages, asked questions online, used google (as it turns out openbsd httpd<\/strong> is a really shitty search-query when you don’t just want to install wordpress….). I even looked at the code, but my C knowledge is rusty, I know where to make the needed changes in the code, but don’t know quite how to do it. And while I love to learn, that will take some time and quite frankly I don’t have that right now, so…. Let’s go back to nginx!<\/p>\n\n\n\nOEMP!<\/h2>\n\n\n\n$ doas pkg_add nginx\n$ doas mkdir \/etc\/nginx\/sites-available\n$ doas mkdir \/etc\/nginx\/sites-enabled<\/code><\/pre>\n\n\n\nFor now I just wanted my sites back online; I tweaked \/etc\/nginx\/nginx.conf<\/code> so it uses sites-available<\/code> and sites-enabled<\/code> directories:<\/p>\n\n\n\n# \/etc\/nginx\/nginx.conf:\nworker_processes 1;\n\nworker_rlimit_nofile 1024;\nevents {\n worker_connections 800;\n}\n\nhttp {\n include mime.types;\n default_type application\/octet-stream;\n index index.html index.php index.htm;\n\n keepalive_timeout 65;\n server_tokens off;\n disable_symlinks off;\n\n include sites-enabled\/*;\n}<\/code><\/pre>\n\n\n\nSimple and effective main nginx.conf<\/code> that came with the install with all outcommented lines deleted. After that I created \/etc\/nginx\/php-fpm.conf<\/code> that can be included in every site-config that needs it:<\/p>\n\n\n\n# \/etc\/nginx\/php-fpm.conf\n# pass the PHP scripts to FastCGI server listening on unix socket\n#\nlocation ~ \\.php$ {\n try_files $uri $uri\/ =404;\n fastcgi_pass unix:run\/php-fpm.sock;\n fastcgi_index index.php;\n fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;\n include fastcgi_params;\n}<\/code><\/pre>\n\n\n\nSo now for a simple site that allows for dynamic vhosting using only http:<\/p>\n\n\n\n
# \/etc\/nginx\/sites-available\/dynamic.vhosts\nserver {\n\tlisten 80 default_server;\n\tlisten [::]:80 default_server;\n\n\tindex index.php index.html index.htm index.nginx-debian.html;\n\n\tset $basepath \"\/vhosts\";\n\tset $domain $host;\n\n\tif ($domain ~ \"^(.[^.]*)\\.(.[^.]*)$\") {\n\t\tset $rootpath \"$1.$2\/www\/\";\n\t\tset $servername $domain;\n\t}\n\n\tif ($domain ~ \"^(.[^.]*)\\.(.[^.]*)\\.(.[^.]*)$\") {\n\t set $rootpath \"$2.$3\/$1\/\";\n set $servername $domain;\n\t}\n\n\tserver_name $servername;\n\troot $basepath\/$rootpath;\n\n\tlocation \/ {\n\t\t# First attempt to serve request as file, then\n\t\t# as directory, then fall back to displaying a 404.\n\t\ttry_files $uri $uri\/ =404;\n\t}\n\n\tinclude php-fpm.conf;\n}<\/code><\/pre>\n\n\n\nEnable this site:<\/p>\n\n\n\n
$ doas ln -sf \/etc\/nginx\/sites-available\/dynamic.vhosts \/etc\/nginx\/sites-enabled\/dynamic.vhosts<\/code><\/pre>\n\n\n\nWith all the configfiles in place it is time to switch:<\/p>\n\n\n\n
$ doas rcctl stop httpd\n$ doas rcctl disable httpd\n$ doas rcctl enable nginx\n$ doas rcctl start nginx<\/code><\/pre>\n\n\n\n