NSLU2-Linux
- FAQ: Frequently Asked Questions
- Donations
- Downloads
- Trac Bug Tracker
- Package Search Engine
- All Recent Wiki Changes
General
- HowTo Recipes
- Cool Peripherals
- Cool Applications
- Information Pages
- Ideas and Wish List
- Slug Success Stories
- Slug-Related Articles
- Project Mailing Lists
- Project IRC Channels
- Donations and Sponsors
- NSLU2-Linux Photo Gallery
Projects
- NSLU2-Linux Development
- How Do I Get Involved?
- Unslung Firmware
- Optware Packages
- Debian Installation
- SlugOS Firmware
- OpenSlug Firmware
- SlugOS/LE Firmware
- OpenWrt Firmware
- Angstrom Firmware
- UcSlugC Firmware
- GentooSlug Firmware
- UpSlug Upload Tool
- Puppy Topfield Access
Firmware Targets
Optware Targets
Other Hardware
Wiki Resources
Sponsored Links
hosting by:
ReverseProxy is a component that sits in front of web server(s) or app server(s), and routes requests to the corresponding server based on configuration. The advantage of this approach is:
- Security
- App server can be behind reverse proxy server and not directly accessible
- For selective subsite, reverse proxy server can add SSL encryption
- Flexibility
- With a reverse proxy server, you can mix and match different server technologies and have them co-exist. For example, subsite1 maybe served by PHP, subsite2 by python app, subsite3 by RoR, and subsite34 by tomcat.
- Scalability with load balancing.
- Optionally, if the reverse proxy server supports, it can efficiently serve static content and thus let the app server(s) focus on dynamic content.
Using apache or even lighttpd for reverse proxy seems overkill.
On nslu2 with optware, pound and nginx are two lightweight reverse proxy servers. Pound is strictly a "reverse proxy and load balancer", while nginx can also connect to upstream (backend) PHP server with fastcgi protocol and serve static content.
It makes a lot of sense to use nginx on the slug, especially in the following scenarios:
- If a slug is all you want to use, for dynamicly generated content as well as static content, yet you don't want to use a full web server;
- If you would like to use a slug as a reverse proxy in front of your other app server(s).
Let's say we want to test nginx (localhost:7007) in front of cherokee (localhost:8008, an example of http web/app server) and PHP (localhost:9009, an example of fastcgi).
Preparation
Install cherokee and php-fcgi
# ipkg update # ipkg install cherokee # ipkg install php-fcgi
- Browse to
http://slug:8008and you should see cherokee serving/opt/share/www/cherokee/content.
Verify php-fcgi version
# /opt/bin/php-fcgi -v PHP 5.1.6 (cgi-fcgi) (built: Aug 25 2006 08:50:32) ...
Prepare a simple info.php, with just a single line of "<?php phpinfo(); ?>"
# mkdir -p /opt/share/www/php # echo "<?php phpinfo(); ?>" > /opt/share/www/phpinfo.php
Install, config & test nginx.
Basic setup
# ipkg install nginx
Change /opt/nginx/conf/nginx.conf http server to listen on port 7007 instead of the default 80
Launch nginx
# /opt/sbin/nginx
- Browse to
http://slug:7007/and you should see nginx serving/opt/share/www/nginx/content.
Add cherokee
Add the following lines to /opt/nginx/conf/nginx.conf http server section:
location /cherokee/ {
proxy_pass http://127.0.0.1:8008/;
proxy_redirect default;
}
Bounce nginx
# kill -HUP `cat /opt/var/run/nginx.pid`
- Browse to
http://slug:7007/and you should still see nginx serving/opt/share/www/nginx/ (== /opt/nginx/html/)content. - Browse to
http://slug:7007/cherokee/and you should see cherokee serving/opt/share/www/cherokee/content thru nginx.
Add php-fcgi
Add the following lines to /opt/nginx/conf/nginx.conf http server section:
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9009;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /opt/share/www/php/$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
}
Launching php-fcgi
# /opt/bin/php-fcgi -b 9009
Bounce nginx
# kill -HUP `cat /opt/var/run/nginx.pid`
- Browse to
http://slug:7007/and you should still see nginx serving/opt/share/www/nginx/content. - Browse to
http://slug:7007/cherokee/and you should still see/opt/share/www/cherokee/content. - Browse to
http://slug:7007/info.phpand you should now see the PHP info page!
Tighten security
Try to run PHP or app server as non-root, and only pass certain environment variables to PHP. See reference.
References
- nginx
- nginx English wiki
- Nginx - Small, But Very Powerful and Efficient Web Server
- nginx and Rimuhosting
Update
In order to be able to run nginx successfull (if you install nginx only) you need also to install:
zlib openssl pcre libstdc++
please use ipkg install zlib (and the name of the other components previously listed)
CIAO