I’m trying to learn how to configure Nginx so I can access Syncthing from the internet and not via a VPN and I have a few questions about the config file after installing via DietPi-Software.
So you know where I’m up to, I’ve installed the Nginx + SQL Lite stack and configured SSL certs using DietPi-LetsEncrypt. When I go to my domain name using a browser I’m seeing the Ngnix welcome page and it’s encrypted. So far so good, thanks for making this bit very easy.
Now when I open /etc/nginx/sites-enabled/default I see the below file and on line 11 is says “include /etc/nginx/sites-dietpi/*.conf;”. Does this mean I simply need to create a “some_file_name.conf” file in /sites-dietpi and nginx will know to use it? Or do I use the “Location” options in this file to configure the proxy_pass directive?
Thanks in advance for any guidance and if there are any other tips I should know about, please can you include them.
Cheers,
Dan
#D I E T - P I
# /etc/nginx/sites-available/default
server {
root /var/www;
index index.php index.html index.htm index.nginx-debian.html;
server_name *mydomain*.duckdns.org;
include /etc/nginx/sites-dietpi/*.conf;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php(?:$|/) {
include snippets/fastcgi-php.conf;
fastcgi_pass php;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/*mydomain*.duckdns.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/*mydomain*.duckdns.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
ssl_trusted_certificate /etc/letsencrypt/live/*mydomain*.duckdns.org/chain.pem; # managed by Certbot
ssl_stapling on; # managed by Certbot
ssl_stapling_verify on; # managed by Certbot
}
server {
if ($host = *mydomain*.duckdns.org) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80 default_server;
listen [::]:80 default_server;
server_name *mydomain*.duckdns.org;
Hi Joulinar, I’ve been trying this to no avail, please can you share a sample conf file you use in /sites-dietpi and I should be able to get it working.
Usually PiHole web interface should be reachable ootb as it is a normal web site, served by Nginx already. But it might be blocked for access from public internet due to security.
That’s what I thought too but after removing Lighttpd and installing Nginx I couldn’t access the pi-hole GUI locally. Looking here NGINX - Pi-hole documentation there is a guide on how to configure Nginx for pi-hole however after following that I’m getting a 502 bad gateway error from Nginx. very frustrating.
Don’t follow any guide from PiHole directly. We do it a little bit different to ensure functionality of other web applications as well. If you have set Nginx as web server preference, you could try to reinstall PiHole.
Reinstall done successfully, I can see the pi-hole config files in /etc/nginx/sites-dietpi, however when browsing to either 192.168.0.2/admin/ or pi.hole/admin/ I’m still seeing errors.
When using the IP address I’m getting a 404 Not Found and when using pi.hole/admin it’s returning a “can’t find the server” error.
I did choose the restrict public access option during installation but that shouldn’t make a difference as I’m not interested in accessing externally.
Here is the installation log but nothing looks to have gone wrong.
[i] Pi-hole blocking will be enabled
[i] Enabling blocking
[✓] Pi-hole Enabled
[i] Web Interface password: <removed>
[i] This can be changed using 'pihole -a -p'
[i] View the web interface at http://pi.hole/admin or http://192.168.0.2/admin
[i] You may now configure your devices to use the Pi-hole as their DNS server
[i] Pi-hole DNS (IPv4): 192.168.0.2
[i] Pi-hole DNS (IPv6): fde9:39d:eb90:1:dea6:32ff:fef8:159
[i] If you have not done so already, the above IP should be set to static.
[i] The install log is located at: /etc/pihole/install.log
Installation Complete!
[ OK ] DietPi-Software | ./install.sh --disable-install-webserver
[ OK ] DietPi-Software | rm install.sh
[ OK ] DietPi-Software | Added setting BLOCKINGMODE=NULL to end of file /etc/pihole/pihole-FTL.conf
[ OK ] DietPi-Software | pihole -l off
[ INFO ] DietPi-Software | Configuring Pi-hole to use Unbound
[ OK ] DietPi-Software | sed -i /^[[:blank:]]*server=/d /etc/dnsmasq.d/01-pihole.conf
[ OK ] DietPi-Software | Added setting server=127.0.0.1#5335 to end of file /etc/dnsmasq.d/01-pihole.conf
[ OK ] DietPi-Software | systemctl restart pihole-FTL
[ OK ] DietPi-Software | Setting in /etc/pihole/setupVars.conf adjusted: PIHOLE_DNS_1=127.0.0.1#5335
[ OK ] DietPi-Software | sed -i /^[[:blank:]]*PIHOLE_DNS_2=/d /etc/pihole/setupVars.conf
[ OK ] DietPi-Software | phpenmod xml sqlite3 intl
[ OK ] DietPi-Software | cd /tmp/DietPi-Software
[ OK ] DietPi-Software | curl -sSfL https://raw.githubusercontent.com/MichaIng/DietPi/master/.conf/dps_93/nginx.pihole.conf -o nginx.pihole.conf
[ OK ] DietPi-Software | mv nginx.pihole.conf /etc/nginx/sites-dietpi/dietpi-pihole.conf
[ OK ] DietPi-Software | cd /tmp/DietPi-Software
[ OK ] DietPi-Software | curl -sSfL https://raw.githubusercontent.com/MichaIng/DietPi/master/.conf/dps_93/nginx.block_public_admin.conf -o nginx.block_public_admin.conf
[ OK ] DietPi-Software | mv nginx.block_public_admin.conf /etc/nginx/sites-dietpi/dietpi-pihole-block_public_admin.off
[ OK ] DietPi-Software | ln -sf /var/www/html/admin /var/www/admin
[ OK ] DietPi-Software | ln -sf /var/www/html/pihole /var/www/pihole
[ OK ] DietPi-Software | usermod -aG pihole www-data
[✓] New password set
[ INFO ] DietPi-Software | The DNS query database logging duration is reduced to 2 days. If you require long-term query logs, read our docs about how to change the log duration:
- https://dietpi.com/docs/software/dns_servers/#pi-hole
[ OK ] DietPi-Software | Added setting MAXDBDAYS=2 to end of file /etc/pihole/pihole-FTL.conf
