Tag Archives: nginx

How to setup nginx varnish apache on a CentOS

Posted on by
Reply

This small script does install all necessary parts to get nginx, varnish and apache running on your CentOS:

yum install screen sysstat net-snmp htop
rpm --nosignature -i http://repo.varnish-cache.org/redhat/el5/noarch/varnish-release-2.1-2.noarch.rpm
yum install varnish
wget http://download.fedora.redhat.com/pub/epel/5/x86_64/epel-release-5-4.noarch.rpm
rpm -Uvh epel-release-5-4.noarch.rpm 
yum install nginx
chkconfig varnish on
chkconfig httpd on
chkconfig nginx on
vi /etc/nginx/nginx.conf
vi /etc/nginx/conf.d/virtual.conf 
vi /etc/varnish/default.vcl 
vi /etc/httpd/conf/httpd.conf

Varnish – blast your wordpress off the ground

Posted on by
2

This is my varnish configuration, which enhances the wordpress blogs:

backend default {
  .host = "localhost";
  .port = "81"; # This need to be the same as the Apache vHost port listener!
}

acl purge {
	"localhost";
}

sub vcl_recv {
	if (req.http.host ~ "^piwik.klammeraffe.org$") {
		return(pipe);
	}
	if (req.url ~ "/server-status") {
		return (pipe);
	}
	if (req.url ~ "/wp-admin") {
		return (pipe);
	}
	if (req.url ~ "/mailman") {
		return (pipe);
	}
	if (req.request == "PURGE") {
			if (!client.ip ~ purge) {
				error 405 "Not allowed.";
			}
		return(lookup);
	}
	if (req.url ~ "^/$") {
		unset req.http.cookie;
	}
}

sub vcl_hit {
	if (req.request == "PURGE") {
		set obj.ttl = 0s;
		error 200 "Purged.";
	}
}

sub vcl_miss {
	if (req.request == "PURGE") {
		error 404 "Not in cache.";
	}
	if (!(req.url ~ "wp-(login|admin)")) {
		unset req.http.cookie;
	}
	if (req.url ~ "^/[^?]+.(jpeg|jpg|png|gif|ico|js|css|txt|gz|zip|lzma|bz2|tgz|tbz|html|htm)(\?.|)$") {
		unset req.http.cookie;
		set req.url = regsub(req.url, "\?.$", "");
	}
	if (req.url ~ "^/$") {
		unset req.http.cookie;
	}
}

sub vcl_pipe {
	set bereq.http.connection = "close";
	if (req.http.X-Forwarded-For) {
		set bereq.http.X-Forwarded-For = req.http.X-Forwarded-For;
	} else {
		set bereq.http.X-Forwarded-For = regsub(client.ip, ":.*", "");
	}
}

sub vcl_pass {
	set bereq.http.connection = "close";
	if (req.http.X-Forwarded-For) {
		set bereq.http.X-Forwarded-For = req.http.X-Forwarded-For;
	} else {
		set bereq.http.X-Forwarded-For = regsub(client.ip, ":.*", "");
	}
}

sub vcl_fetch {
	if (req.url ~ "^/index.php/archives/20") {
		set beresp.http.Cache-Control = "max-age=1000";
		set beresp.ttl = 600s;
		unset beresp.http.set-cookie;
		return (deliver);
	}
	if (req.url ~ "^/$") {
		set beresp.http.Cache-Control = "max-age=30";
		set beresp.ttl = 15s;
		unset beresp.http.set-cookie;
		return (deliver);
	}
	if (req.url ~ "\.(png|gif|jpg|swf|css|js)$") {
		set beresp.http.Cache-Control = "max-age=14400";
		set beresp.ttl = 1w;
		unset beresp.http.set-cookie;
		return (deliver);
	}
	if (req.url ~ "^/$") {
		unset beresp.http.set-cookie;
	}
	if (!(req.url ~ "wp-(login|admin)")) {
		unset beresp.http.set-cookie;
	}
	if (beresp.ttl < 60s) {
		set beresp.ttl = 60s;
	}
}

NVA setup – nginx varnish apache

Posted on by
2

The running WordPress blogs on a well known domain is slow, if you don’t optimize for speed. As the requests are going through the full LAMP stack, caching stuff is the first stop. Second I don’t use apache as primary delivery webserver, I use nginx to do this. I have chosen this setup as it provides lots of performance and there is no need to change anything in the existing WordPress installation. Even experienced WordPress users do not see the difference on the WordPress side.

LAMP - Linux Apache MySQL PHP

LAMP - Linux Apache MySQL PHP

From LAMP to NVA

Classical LAMP setup uses following apache config for a webserver with name based virtual hosts:

##### start ww.linuxpinguin.de
Listen 80
NameVirtualHost 178.63.61.72:80
LogFormat ”%V %v %h %l %u %t \”%r\” %>s %b \”%{Referer}i\” \”%{User−Agent}i\”” cvh
<VirtualHost 178.63.61.72:80 >
  DocumentRoot /var/www/linuxpinguin.de
  ServerName www.linuxpinguin.de
  php_admin value open_basedir /var/www/linuxpinguin.de:/usr/share/php:/usr/share/pear
  ErrorLog /var/log/apache2/linuxpinguin.de/error.log
  CustomLog ”|/sbin/cronolog −−symlink /var/log/apache2/linuxpinguin.de/access.log /var/log/apache2/linuxpinguin.de/access.log %Y−%m” cvh
</VirtualHost>
##### ende www.linuxpinguin.de
NVA - nginx varnish apache

NVA - nginx varnish apache

This is converted into the following apache config to fit into the NVA setup. As you see only the Listen port and the binding address have changed.

<VirtualHost 127.0.0.1:81>
  <Directory "/var/www/web5/web">
    Options Indexes FollowSymLinks MultiViews
    AllowOverride All
    Order allow,deny
    allow from all
  </Directory>
  ServerName www.linuxpinguin.de
  ServerAlias www.linux-pinguin.de
  ServerAlias linux-pinguin.de
  ServerAlias linuxpinguin.de
  ServerAdmin webmaster@linuxpinguin.de
  DocumentRoot /var/www/web5/web
  ErrorLog /var/log/apache2/error.log
  LogLevel warn
  CustomLog /var/log/apache2/access.log vhost_combined
  ServerAlias linuxpinguin.de www.linux-pinguin.de
  DirectoryIndex index.html index.htm index.php index.php5 index.php4 index.php3 index.shtml index.cgi index.pl index.jsp Default.htm default.htm
  ScriptAlias  /cgi-bin/ /var/www/web5/cgi-bin/
  AddHandler cgi-script .cgi
  AddHandler cgi-script .pl
  ErrorLog /var/www/web5/log/error.log
  AddType application/x-httpd-php .php .php3 .php4 .php5
  php_admin_flag safe_mode On
  php_admin value open_basedir /var/www/linuxpinguin.de:/usr/share/php:/usr/share/pear
  AddType text/html .shtml
  AddOutputFilter INCLUDES .shtml
  Alias /error/ "/var/www/web5/web/error/"
  ErrorDocument 400 /error/invalidSyntax.html
  ErrorDocument 401 /error/authorizationRequired.html
  ErrorDocument 403 /error/forbidden.html
  ErrorDocument 404 /error/fileNotFound.html
  ErrorDocument 405 /error/methodNotAllowed.html
  ErrorDocument 500 /error/internalServerError.html
  ErrorDocument 503 /error/overloaded.html
  AliasMatch ^/~([^/]+)(/(.*))? /var/www/web5/user/$1/web/$3
  AliasMatch ^/users/([^/]+)(/(.*))? /var/www/web5/user/$1/web/$3
  RewriteEngine on
  RewriteCond %{HTTP_HOST}   ^www\.linux-pinguin\.de [NC]
  RewriteRule ^/(.*)         http://www.linuxpinguin.de/$1 [L,R]
  RewriteCond %{HTTP_HOST}   ^linux-pinguin\.de [NC]
  RewriteRule ^/(.*)         http://www.linuxpinguin.de/$1 [L,R]
  RewriteCond %{HTTP_HOST}   ^linuxpinguin\.de [NC]
  RewriteRule ^/(.*)         http://www.linuxpinguin.de/$1 [L,R]
</VirtualHost>

Now were do the request for 127.0.0.1:8080 are coming from? They come from our varnish caching daemon. Here is the smallest configuration for it:

backend default {
  host = ”localhost ”;
  port = ”8080”; # This need to be the same as the Apache vHost port listener !
}

varnish itself listens on 127.0.0.1 port 6081, so we now need to know where varnish gets its requests from? They are coming from the nginx webserver. This is the configuration of the nginx:

###### start linuxpinguin.de
server {
 listen 80; # Default listen port
 server_name www.linuxpinguin.de linuxpinguin.de www.linux-pinguin.de linux-pinguin.de;
 access_log /var/log/apache2/linuxpinguin.de/access_log;
 gzip on; # Turn on gZip
 gzip_disable msie6;
 gzip_static on;
 gzip_comp_level 9;
 gzip_proxied any;
 gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;

 location / {
  proxy_redirect off; # Do not redirect this proxy - It needs to be pass-through
  proxy_set_header Host $host;
  proxy_set_header X-Real-IP $remote_addr;
  proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
  proxy_set_header X-Server-Address $server_addr;
  proxy_pass_header Set-Cookie;
  proxy_pass http://127.0.0.1:6081; # Pass all traffic through to Varnish
 }
}
##### end linuxpinguin.de

Switched to nginx varnish apache

Posted on by
Reply

Today I switched from the normal LAMP stack to the NVA Nginx Varnish Apache stack.

Tweaks needed are the following in PHP:

if (IsSet($_SERVER['HTTP_X_REAL_IP'])) {
  $_SERVER['REMOTE_ADDR'] = $_SERVER['HTTP_X_REAL_IP'];
}

and setting the proxy stuff in piwik

proxy_client_headers[] = HTTP_X_REAL_IP