Nginx configuration for two roots

February 23, 2017 399 views
Nginx PHP Ubuntu 16.04 Ubuntu

I'm using the Kirby CMS and out of the box it comes with this tree structure where everything is on the webroot:

├── assets
│   ├── css
│   │   └── main.css
│   └── js
│       └── main.js
├── content
├── kirby
├── panel
│   ├── assets
│   │   ├── main.css
│   │   └── main.js
│   └── index.php
├── site
└── index.php

This way I can access the site via https://example.com and the panel via https://example.com/panel.

I want to leave only the site index.php on the webroot and came up with the following structure:

├── content
├── kirby
├── panel
│   ├── assets
│   │   ├── main.css
│   │   └── main.js
│   └── index.php
├── public
│   ├── css
│   │   └── main.css
│   ├── js
│   │   └── main.js
│   └── index.php
└── site

I were able to get the site to work with Nginx by appending /public to the root directive:

server {
    listen 80;
    listen [::]:80;
    server_name example.com;
    root /home/example.com/public;

    # FORGE SSL (DO NOT REMOVE!)
    # ssl_certificate;
    # ssl_certificate_key;

    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA';
    ssl_prefer_server_ciphers on;
    ssl_dhparam /etc/nginx/dhparams.pem;

    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Content-Type-Options "nosniff";

    index index.html index.htm index.php;

    charset utf-8;

    # Media: images, icons, video, audio, HTC
    location ~ \.(jpe?g|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
      expires 1M;
      access_log off;
      add_header Cache-Control "public";
    }

    # CSS and Javascript
    location ~ \.(css|js)$ {
      expires 1y;
      access_log off;
      add_header Cache-Control "public";
    }

    # Removes trailing slashes
    if (!-d $request_filename) {
        rewrite ^/(.+)/$ /$1 permanent;
    }

    location / {
        try_files $uri $uri/ /index.php?$query_string;
    }

    # Panel links
    location /panel {
        index index.php;
        try_files $uri $uri/ /panel/index.php?$query_string;
    }

    location = /favicon.ico { access_log off; log_not_found off; }
    location = /robots.txt  { access_log off; log_not_found off; }

    access_log off;
    error_log  /var/log/nginx/example.com-error.log error;

    error_page 404 /index.php;

    location ~ \.php$ {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }
}

Now, how can and I get the panel to point to the new location and respond to the PHP request and serve assets?

1 comment
1 Answer

@pedroborges

What you'd want to do is use alias in your /panel location block, which will allow you to define a new location for this specific block.

For example, you're web root is:

/home/example.com/public

... and your ./panel location is:

/home/example.com/panel

... so you could use alias inside the panel location block like so:

location /panel {
    alias /home/example.com/panel;
}

Once changes are made, you'd simply reload NGINX to allow the changes to take.

systemctl reload nginx

or

service nginx reload
Have another answer? Share your knowledge.