nginx convert to apache

Alles, was den Apache betrifft, kann hier besprochen werden.

nginx convert to apache

Postby liusc » 15. May 2019 12:38

Anyone could help on convert below nginx conf to apache conf?Thank.
Code: Select all
#httpd.conf:
server {
    listen 80;
    listen [::]:80;
    server_name dock-sss.lab.sss.com.my;

    location / {
      return 301 https://$server_name$request_uri;
    }
  }

  server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name dock-sss.lab.sss.com.my;

    include /etc/nginx/snippets/ssl.conf;
    include /etc/nginx/snippets/secure_header.conf;

    add_header X-Frame-Options SAMEORIGIN;

    location /v2 {
      # Do not allow connections from docker 1.5 and earlier
      # docker pre-1.6.0 did not properly set the user agent on ping, catch "Go *" user agents
      if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
        return 404;
      }

      client_max_body_size 0;

      proxy_pass                          http://127.0.0.1:5000/v2;
      proxy_set_header  Host              $http_host;   # required for docker client's sake
      proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP
      proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
      proxy_set_header  X-Forwarded-Proto $scheme;
      proxy_read_timeout                  900;
    }

    location /auth {
      proxy_pass                          http://127.0.0.1:5001/auth;
      proxy_set_header  X-Real-IP         $remote_addr; # pass on real client's IP
      proxy_set_header  X-Forwarded-For   $proxy_add_x_forwarded_for;
      proxy_set_header  X-Forwarded-Proto $scheme;
    }

  }
#ssl.conf
ssl_certificate /etc/pki/tls/certs/wildcard.lab.sss.com.my.crt;
ssl_certificate_key /etc/pki/tls/private/wildcard.lab.sss.com.my.key;

ssl_session_timeout 180m;
ssl_session_cache shared:SSL:10m;
ssl_session_tickets off;

ssl_protocols TLSv1.2;
ssl_dhparam /etc/nginx/cert/dhparam.pem;
ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DHE+AES128:!ADH:!AECDH:!MD5;
ssl_ecdh_curve secp384r1;
ssl_prefer_server_ciphers on;

ssl_stapling on;
ssl_stapling_verify on;
liusc
 
Posts: 4
Joined: 15. May 2019 12:21
XAMPP version: 2.4.6
Operating System: Centos 7

Re: nginx convert to apache

Postby Altrea » 15. May 2019 16:02

Which directive do you have problems with to convert?
We don't provide any support via personal channels like PM, email, Skype, TeamViewer!

It's like porn for programmers 8)
User avatar
Altrea
AF Moderator
 
Posts: 11926
Joined: 17. August 2009 13:05
XAMPP version: several
Operating System: Windows 11 Pro x64

Re: nginx convert to apache

Postby liusc » 15. May 2019 16:25

Actually, i still dummy on the nginx and apache.
I would appreciate that i could get a compare sample of apache configuration which converted from this nginx configuration.Thank.
liusc
 
Posts: 4
Joined: 15. May 2019 12:21
XAMPP version: 2.4.6
Operating System: Centos 7

Re: nginx convert to apache

Postby Nobbie » 15. May 2019 19:03

If you are dummy for nginx and Apache configuration, you actually should read the documentation and also go for some tutorials.

As a kickoff you may read this posting from a foreign forum, where someone translates a nginx config to an apache config. Its not yours, but it should give you a first insight of the differences:

https://discuss.erpnext.com/t/convert-n ... pache/6220

But again, you *must* learn the apache configuration anyway, because there are so many configuration options, we cannot give you an "translator" from nginx to apache or vice verse. You still have to KNOW what you are doing.
Nobbie
 
Posts: 13170
Joined: 09. March 2008 13:04

Re: nginx convert to apache

Postby liusc » 15. May 2019 23:27

Ok.Most of the code quite understand now, but how to write in apache for below,thank.

if ($http_user_agent ~ "^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$" ) {
return 404;
}
liusc
 
Posts: 4
Joined: 15. May 2019 12:21
XAMPP version: 2.4.6
Operating System: Centos 7

Re: nginx convert to apache

Postby liusc » 16. May 2019 05:48

Converted to apache format, anyone could help to check for me, if anything wrong or missing?
Thank.

httpd.conf:

<VirtualHost *:80>
ServerName dock-sss.lab.sss.com.my
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>

<VirtualHost *:443>
ServerName dock-sss.lab.sss.com.my
Header always append X-Frame-Options SAMEORIGIN
SSLEngine on
SSLCertificateFile /etc/pki/tls/certs/wildcard.lab.sss.com.my.crt
SSLCertificateKeyFile /etc/pki/tls/private/wildcard.lab.sss.com.my.key

ProxyPreserveHost On
<Location /v2/>
<If "%{HTTP_USER_AGENT} == '^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$'">
Require all denied
</If>
RequestHeader set X-SCHEME https
ProxyPass http://127.0.0.1:5000/v2
ProxyPassReverse http://127.0.0.1:5000/v2
LimitRequestBody 0
ProxyTimeout 900
</Location>

<Location /auth/>
RequestHeader set X-SCHEME https
ProxyPass http://127.0.0.1:5001/auth
ProxyPassReverse http://127.0.0.1:5001/auth
</Location>

</VirtualHost>

IncludeOptional conf.d/*.conf


ssl.conf:
SSLCertificateFile /etc/pki/tls/certs/wildcard.lab.sss.com.my.crt
SSLCertificateKeyFile /etc/pki/tls/private/wildcard.lab.sss.com.my.key

SSLSessionCacheTimeout 10800
SSLSessionCache shmcb:/run/httpd/sslcache(600)
SSLSessionTickets Off

SSLProtocol -All +TLSv1.2

SSLCipherSuite ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DHE+AES128:!ADH:!AECDH:!MD5
SSLOpenSSLConfCmd Curves secp384r1
SSLHonorCipherOrder on

SSLUseStapling on
liusc
 
Posts: 4
Joined: 15. May 2019 12:21
XAMPP version: 2.4.6
Operating System: Centos 7

Re: nginx convert to apache

Postby Nobbie » 16. May 2019 11:55

It looks ok mostly, only this block is unknown for Apache:

Code: Select all
<If "%{HTTP_USER_AGENT} == '^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$'">
Require all denied
</If>


You could use Rewrite Engine for that,

Code: Select all
RewriteEngine On
RewriteCond %{HTTP_USER_AGENT} ^(docker\/1\.(3|4|5(?!\.[0-9]-dev))|Go ).*$
RewriteRule .* "-" [F]


I did not check that big regular expression, i simply took it as provided. The [F] Flag causes a Denied Error 403.

A remark on VirtualHosts: if you are using at least one VirtualHost, you have to assign ALL hosts you need to a VirtualHost. Many people for example like to access "localhost" locally, and they have a ServerName entry in httpd.conf for localhost. This entry is void in case you have any VirtualHosts in your configuration, if you would like to access localhost, you MUST declare a VirtualHost for ServerName localhost as well (and define a DocumentRoot etc.). If you dont do so, Apache would not response to a request for "localhost" as you would expect - it would take the very first (and in your case the only) VirtualHost in your configuration, that is the Declaration for ServerName dock-sss.lab.sss.com.my. It would behave is if you requested for dock-sss.lab.sss.com.my

So if you like to access localhost as a different host, extend your VirtualHost declarations:

Code: Select all
<VirtualHost *:80>
ServerName localhost
DocumentRoot /var/www/html
<Directory /var/www/html>
Require All Granted
...
</Directory>
...
</VirtualHost>

<VirtualHost *:80>
ServerName dock-sss.lab.sss.com.my
RewriteEngine On
RewriteCond %{HTTPS} off
RewriteRule (.*) https://%{SERVER_NAME}/$1 [R,L]
</VirtualHost>
Nobbie
 
Posts: 13170
Joined: 09. March 2008 13:04


Return to Apache

Who is online

Users browsing this forum: No registered users and 15 guests