IEZN

Author: rw

  • Migration to NGINX

    for some reason i wanted to switch from Apache2 to NGINX and now i am quite happy with my decision.

    So the first step was obviously to disable Apache2 and install NGINX, i read up on some differences between the configs and quickly migrated my old configs to the NGINX format.
    So this:

    <VirtualHost *:80>
    ServerName git.iezn.de
    ServerAlias git.iezn.de
    ProxyPreserveHost On

    ProxyPass / https://iezn.de:3002/
    ProxyPassReverse / https://iezn.de:3002/

    ErrorLog ${APACHE_LOG_DIR}/gittea-error.log
    CustomLog ${APACHE_LOG_DIR}/gittea-access.log combined
    RewriteEngine on
    RewriteCond %{SERVER_NAME} =git.iezn.de
    RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent]
</VirtualHost>

    turned into:

    server {
    listen 80;
    listen [::]:80;
    server_name git.iezn.de;

    location / {
        proxy_pass https://localhost:3002;

        proxy_http_version 1.1;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
    }

    access_log /var/log/nginx/git.access.log;
    error_log /var/log/nginx/git.error.log error;
}

    which with the help of certbot turned into:

    server {
    server_name git.iezn.de;

    location / {
        proxy_pass https://localhost:3002;

        proxy_http_version 1.1;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Host $http_host;
    }

    access_log /var/log/nginx/git.access.log;
    error_log /var/log/nginx/git.error.log error;

    listen [::]:443 ssl; # managed by Certbot
    listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/git.iezn.de/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/git.iezn.de/privkey.pem; # managed by Certbot
    include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
    ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}
    server {
        if ($host = git.iezn.de) {
        return 301 https://$host$request_uri;
    } # managed by Certbot

    listen 80;
    listen [::]:80;
    server_name git.iezn.de;
    return 404; # managed by Certbot
}

    and to be honest… using certbot with NGINX was WAY easier than using it with Apache2

    Also the problem with gittea that i talked about in Gittea and Apache Config never showed up here…

  • Gittea and Apache Config

    So Gittea has been set up for quite a while now, due to me changing everything to HTTPS it screamed at me when i was in the admin config that my proxy is not giving it the right headers… so i googled… and i was told about ”’mod_headers”’ but i was not able to find it through “apt search mod_headers”, that was because that package got… split up? so the thing i needed to get was ”’mod_xforward”’ because that’s what i needed.

    Oh also! its not “X-Forward: https” anymore, it’s now “XForward On” and yea it just does it automatically now *shrug*.
    Then Gittea complained that the ”’ROOT_URL”’ isn’t the same as it is detecting, so i had to go into the “app.ini” to change the little “http…” to “https…”.

    And voila, no complaints.

  • WordPress Selfhost

    If you ever want to host your own WordPress instance, use a x86 based server… not an ARM based server… it will save you alot of pain

    WordPress ssl

    If you are like me and you dont like to have a warning everytime someone enters your site, get ssl! i did it with Apache2 and certbot.

    Now the site usually doesnt work at that point bc theres alot of http hardcoded… it took me a bit but i got the solution:

    # run in wp-includes
sudo find . -maxdepth 1 -type f $(printf "! -wholename ./%s " $(cat ignore-files.txt)) -exec sed -i 's/http/https/g' {} +
sudo find . -maxdepth 1 -type f $(printf "! -wholename ./%s " $(cat ignore-files.txt)) -exec sed -i 's/httpss/https/g' {} +

sudo find . -type f -exec sed -i 's/get_https_origin/get_http_origin/g' {} +
sudo find . -type f -exec sed -i 's/wp_https_validate_url/wp_http_validate_url/g' {} +

# ignore-files.txt :
rest-api.php
ignore-files.txt
js/dist/url.js
Requests/src/Transport/Fsockopen.php
Requests/src/Transport/Curl.php
update.php
sitemaps/class-wp-sitemaps-provider.php
functions.php
http.php
rest-api/endpoints/class-wp-rest-pattern-directory-controller.php
#

    if it helped you, you are welcome.