DirectAdmin Knowledge Base and Support

DirectAdmin is a web panel for a simple administration of both virtual and dedicated servers. DirectAdmin is faster, safe and more powerful than any other CP. And we know how to customize and support it.

NGINX + Varnish + Apache on Directadmin powered server

| 12:09:49 25.09.2014

** last updated 2019-06-07 **

Custombuild 2 gives us an opportunity to have a reverse-proxy Nginx in front of Apache on a server with DirectAdmin, and the setup is quite easy. We need only a small customization in order to add Varnish Cache between them.

IMPORTANT: the guide does not cover an installation process of Varnish Cache in full, the guide does not cover a configuration process of Varnish Cache either. The guide only covers the process of integration Varnish Cache into Nginx+Apache scheme.

Install NGINX+Apache with Custombuild 2

Instructions can be found here: Reverse-proxy NGINX + Apache on Directadmin powered server

Install Varnish

Install a needed version of Varnish using a guide from the official site:

If you are not sure what version to choose, it is a good start to install varnish from the epel repository for CentOS (if you run the OS of course). 

For example CentOS 7.x at the moment offers Varnish 4.0.5, so to get it installed you will need to run:

yum -y install varnish

on Debian/Ubuntu run the following command:

sudo apt-get install varnish

or from the official Varnish Cache repository which is now hosted at Packagecloud.io.

IMPORTANT: For a full installation instructions refer to the official documentation by the link above.

Modify NGINX templates

Copy

/usr/local/directadmin/data/templates/nginx_server.conf
/usr/local/directadmin/data/templates/nginx_server_secure.conf
/usr/local/directadmin/data/templates/nginx_server_secure_sub.conf
/usr/local/directadmin/data/templates/nginx_server_sub.conf

to the custom folder:

/usr/local/directadmin/data/templates/custom/

Modify the files

/usr/local/directadmin/data/templates/custom/nginx_server.conf
/usr/local/directadmin/data/templates/custom/nginx_server_secure.conf
/usr/local/directadmin/data/templates/custom/nginx_server_secure_sub.conf
/usr/local/directadmin/data/templates/custom/nginx_server_sub.conf

change lines:

proxy_pass http://|PROXY_IP|:|PORT_8080|;

and

proxy_pass https://|PROXY_IP|:|PORT_8081|;

to

proxy_pass http://|IP|:6081;

Yes, it should be exactly http for all 4 files. Varnish does not support HTTPS.

Change 6081 to any other value of TCP post where Varnish is accepting connections.

Additions for HTTPS

As for now varnish does not support SSL, all the requests both from HTTP and HTTPS will be routed after Varnish Cache to plain HTTP backend managed by Apache.

IMPORTANT: If you have different versions of a site for HTTP and HTTPS you should either unify them, or quit using Varnish. The guide does not cover this usage case.

Add the line

proxy_set_header X-Forwarded-Proto $scheme;

into mentioned nginx templates under a line:

proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;

Add the lines into:

<IfModule setenvif_module>
    SetEnvIf X-Forwarded-Proto "^https$" HTTPS=on
    SetEnvIf X-Forwarded-Proto "^https$" X_SERVER_PORT=443
    SetEnvIf X-Forwarded-Proto "^https$" X_REQUEST_SCHEME=https
</IfModule>

/etc/httpd/conf/extra/httpd-includes.conf

You might need to change mod_rewrite rules if you use it to something like this:

RewriteEngine On
RewriteCond %{HTTP:X-Forwarded-Proto} !https [NC]
RewriteRule ^ https://%{HTTP_HOST}%{REQUEST_URI} [L,R=301]

or use DirectAdmin native feature to redirect users from HTTP to HTTPS.

Update virtual hosts

Rewrite nginx virtual hosts:

echo "action=rewrite&value=nginx" >> /usr/local/directadmin/data/task.queue
/usr/local/directadmin/dataskq

Have a good day!

Not working?!

We have many reports and emails that the guide is not working (they think so)! Be sure, it's still working. The root cause of a confuse is that the guide does not cover how to install and configure Varnish. You still need to update settings in /etc/varnish/default.vcl. And at least the backend port should be changed to 8080.

1
About Us
We are a team of professionals, and specialize in installation, configuring and managing of remote virtual and dedicated servers powered by Linux/Unix-like OS with DirectAdmin. We support various sets of software, including web-servers Apache, Nginx; internet domain name servers Bind, PowerDNS; mail-servers with POP3, IMAP and SMTP, FTP-servers, etc. After years of working through the most complex server challenges our team has gathered valuable experience and universal solutions suitable for everyday tasks. We are here to lend you a helping hand and take care of your servers in order to let you have enough time to do more of what you love.




All of the information and data on this site is for informational purposes only and is provided for the convenience of the user.
Powered by: Amiro.CMS - Free edition