<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body text="#000000" bgcolor="#FFFFFF">
<p>hallo,</p>
<p>mostly all question are answered</p>
<ol>
<li>local DNS Server <br>
using DHCP server of the router and run a DNS Server on the NAS,
all unersolved queries are solved in by the means of the routers
WAN0's DNS settings<br>
</li>
<li>debug logging</li>
<li>php isolation<br>
<span style="color: rgb(0, 0, 0); font-family: "open
sans"; font-size: 15.2px; font-style: normal;
font-variant-ligatures: normal; font-variant-caps: normal;
font-weight: 400; letter-spacing: normal; orphans: 2;
text-align: start; text-indent: 0px; text-transform: none;
white-space: normal; widows: 2; word-spacing: 0px;
-webkit-text-stroke-width: 0px; text-decoration-style:
initial; text-decoration-color: initial; display: inline
!important; float: none;">create a pool per webage and rund
them as seperate users by creating a php.conf per pool<br>
</span></li>
<li><b>nginx</b><br>
this is the only one remaining. How can I isolate the servers?</li>
</ol>
<p>thx a lot</p>
<p>Stefan<br>
</p>
<div class="moz-cite-prefix">On 07.10.2018 21:42, Stefan Müller
wrote:<br>
</div>
<blockquote type="cite"
cite="mid:f00c3c44-32c7-31dc-0423-c79a27ff7f7a@gmail.com">good
evening,
<br>
<br>
in the past we were mailing each other on a daily base but now it
is silent. Anything alright?
<br>
<br>
On 03.10.2018 23:02, Stefan Müller wrote:
<br>
<blockquote type="cite">
<br>
thank you again for you quick answer but I'm getting lost
<br>
<br>
<br>
<blockquote type="cite">A typical nginx configuration has only
one http {} block.
<br>
<br>
You can look at some examples:
<br>
</blockquote>
I'm aware of those and other examples. What confuses me that you
say that but also said in the email before that one:
<br>
<br>
<blockquote type="cite">If you put everything (both the user
unix sockets and also the parent proxy server) under the same
http{} block then it makes no sense since a single instance of
nginx always runs under the same user (and beats the whole
user/app isolation).
<br>
</blockquote>
<br>
so how must be the setup to the the whole user/app isolation
<br>
<br>
nginx.pid - master process
<br>
\_nginx.conf
<br>
\_http{} - master server
<br>
\_http{} - proxied/app servers
<br>
<br>
or
<br>
<br>
nginx.pid - master process
<br>
\_nginx1.conf - master server
<br>
\_http{} - reverse proxy server
<br>
\_nginx2.conf - proxied servers
<br>
\_http{} - proxied/app servers
<br>
<br>
or?
<br>
<br>
If it is only one nginx.pid, how to I need to configure it to
run nginx1.conf and nginx2.conf?
<br>
<br>
<br>
<br>
<blockquote type="cite">Unless by "router" you mean the same
Synology box you can't proxy unix sockets over TCP, they work
only inside a single server/machine.
<br>
</blockquote>
I mean my fibre router and I'm aware that unix sockets work
only inside a single server/machine. I'll use it only to
redirect to the DNS Server what will run on the Synology box
<br>
<br>
<br>
<blockquote type="cite">Also you don't need to forward multiple
ports, just 80 and 443 (if ssl) and have name-based
virtualhosts.
<br>
</blockquote>
<br>
you got me, I have mistaken that, it got to late last night
<br>
<br>
<br>
On 03.10.2018 02:09, Reinis Rozitis wrote:
<br>
<blockquote type="cite">
<blockquote type="cite">so all goes in the same nginx.conf but
in different http{} block or do I need one nginx.conf for
each, the user unix sockets and also the parent proxy
server?
<br>
</blockquote>
A typical nginx configuration has only one http {} block.
<br>
<br>
You can look at some examples:
<br>
<a class="moz-txt-link-freetext" href="https://nginx.org/en/docs/http/request_processing.html">https://nginx.org/en/docs/http/request_processing.html</a>
<br>
<a class="moz-txt-link-freetext" href="https://nginx.org/en/docs/http/server_names.html">https://nginx.org/en/docs/http/server_names.html</a>
<a class="moz-txt-link-freetext" href="https://www.nginx.com/resources/wiki/start/topics/examples/server_blocks/">https://www.nginx.com/resources/wiki/start/topics/examples/server_blocks/</a><br>
<br>
<br>
<blockquote type="cite">You suggesting to setup virtualhosts
what listen to a port whereto traffic is forwarded from the
router. I don't to have multiple ports open at the router,
so I would like to stick with UNIX Sockets and proxy.
<br>
</blockquote>
Unless by "router" you mean the same Synology box you can't
proxy unix sockets over TCP, they work only inside a single
server/machine.
<br>
<br>
Also you don't need to forward multiple ports, just 80 and 443
(if ssl) and have name-based virtualhosts.
<br>
<br>
rr
<br>
<br>
_______________________________________________
<br>
nginx mailing list
<br>
<a class="moz-txt-link-abbreviated" href="mailto:nginx@nginx.org">nginx@nginx.org</a>
<br>
<a class="moz-txt-link-freetext" href="http://mailman.nginx.org/mailman/listinfo/nginx">http://mailman.nginx.org/mailman/listinfo/nginx</a>
<br>
</blockquote>
</blockquote>
</blockquote>
</body>
</html>