Question

Nginx configuration for two roots

Posted February 23, 2017 13k views
NginxUbuntuPHPUbuntu 16.04

I’m using the Kirby CMS and out of the box it comes with this tree structure where everything is on the webroot:

├── assets
│   ├── css
│   │   └── main.css
│   └── js
│       └── main.js
├── content
├── kirby
├── panel
│   ├── assets
│   │   ├── main.css
│   │   └── main.js
│   └── index.php
├── site
└── index.php

This way I can access the site via https://example.com and the panel via https://example.com/panel.

I want to leave only the site index.php on the webroot and came up with the following structure:

├── content
├── kirby
├── panel
│   ├── assets
│   │   ├── main.css
│   │   └── main.js
│   └── index.php
├── public
│   ├── css
│   │   └── main.css
│   ├── js
│   │   └── main.js
│   └── index.php
└── site

I were able to get the site to work with Nginx by appending /public to the root directive:

server {
    listen 80;
    listen [::]:80;
    server_name example.com;
    root /home/example.com/public;

    # FORGE SSL (DO NOT REMOVE!)
    # ssl_certificate;
    # ssl_certificate_key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
    ssl_prefer_server_ciphers on;
    ssl_dhparam /etc/nginx/dhparams.pem;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";

    index index.html index.htm index.php;

    charset utf-8;

    # Media: images, icons, video, audio, HTC
    location ~ \.(jpe?g|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
      expires 1M;
      access_log off;
      add_header Cache-Control "public";
    }

    # CSS and Javascript
    location ~ \.(css|js)$ {
      expires 1y;
      access_log off;
      add_header Cache-Control "public";
    }

    # Removes trailing slashes
    if (!-d $request_filename) {
        rewrite ^/(.+)/$ /$1 permanent;
    }

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    # Panel links
    location /panel {
        index index.php;
        try_files $uri $uri/ /panel/index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/example.com-error.log error;

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }
}

Now, how can and I get the panel to point to the new location and respond to the PHP request and serve assets?

1 comment

These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.

×
1 answer

@pedroborges

What you’d want to do is use alias in your /panel location block, which will allow you to define a new location for this specific block.

For example, you’re web root is:

/home/example.com/public

… and your ./panel location is:

/home/example.com/panel

… so you could use alias inside the panel location block like so:

location /panel {
    alias /home/example.com/panel;
}

Once changes are made, you’d simply reload NGINX to allow the changes to take.

systemctl reload nginx

or

service nginx reload
Submit an Answer