The main usage for the droplet should be a webserver. And my webserver of choice is nginx.
For the time being I'll go with the nginx-lite variant. Later I might use another package or build nginx by the port system.
remote> sudo pkg install nginx-liteThe webserver should start when the system is started, so enable it in rc.conf
remote> sudo vim /etc/rc.conf
[...]
nginx_enable="YES"
[...]And start the webserver with sudo service nginx start. If the proper DNS entry is pointing at your server you should see an (error) page when acessing http://example.com.
Since I plan to serve at least two different sites from the same installation, I'll split up the nginx-config in a base config and site specific files
remote> cd /usr/local/etc/nginx
remote> sudo mkdir sites-available
remote> sudo mkdir sites-enabled
remote> sudo vim nginx.conf
user www;
worker_processes 1;
# This default error log path is compiled-in to make sure configuration parsing
# errors are logged somewhere, especially during unattended boot when stderr
# isn't normally logged anywhere. This path will be touched on every nginx
# start regardless of error log location configured here. See
# https://trac.nginx.org/nginx/ticket/147 for more info.
#
error_log /var/log/nginx/error.log;
# pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
##
# Basic Settings
##
include mime.types;
default_type application/octet-stream;
# access log is deliberatly turned off
#
# log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
# access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 2;
gzip_buffers 16 8k;
gzip_http_verison 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# SSL Setttings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # dropping SSLv3
ssl_prefer_server_ciphers on;
ssl_session_cache builtin:1000 shared:SSL:10m;
##
# Virual Host Configs
##
#
include /usr/local/etc/nginx/sites-enabled/*
}Reloading the service should be sucessful.
remote> sudo service nginx reload
Performing sanity check on nginx configuration:
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successfulBut reloading the site will not even show an error page since there is no host config. So let's create one:
remote> cd /usr/local/etc/nginx/sites-available
remote> sudo vim default.conf
server {
listen 80 default_server;
listen [::]:80;
server_name _; # an invalid name that will never trigger on a real host name
server_name_in_redirect off;
location / {
root /usr/local/www/default;
index index.html index.htm;
}
}We need to link the site in sites-enabled
remote> cd ../sites-enabled
remote> ln -s ../sites-available/default.confAnd of cause we should add an index.html in the right location and adjust the owner and group
remote> cd /usr/local/
remote> sudo mkdir www
remote> cd www
remote> sudo mkdir default
remote> sudo chown www:www default
remote> cd default
remote> sudo -u www vim index.html
<html>
<head>
<title>Welcome</title>
<style>
body {
padding: 7em 10em;
background-color: #eee;
font-family: sans-serif;
color: #222; }
h1 { margin-bottom: 1.5em; }
</style>
</head>
<bod>
<h1>Welcome...</h1>
<p>But...</p>
<p>But...</p>
<p>But is here nothing to see?</p>
<p>Not yet.</p>
<p>Check back later.</p>
<p>I a month or a year or two</p>
</body>
</html>Reloading the service and revisiting the site in the browser should now show a simple page.