Web Server Configuration
This guide covers configuring NGINX to serve your PteroCA installation.
Prerequisites
NGINX installed on your system
PteroCA files installed in
/var/www/pterocaPHP-FPM installed and running
Domain name or IP address for your panel
Create NGINX Configuration
Create the configuration file pteroca.conf and place it in /etc/nginx/sites-available/.
cd /etc/nginx/sites-available/
sudo nano pteroca.confExample NGINX Configuration
server {
listen 80;
root /var/www/pteroca/public;
index index.php index.html index.htm;
server_name YOUR.DOMAIN.COM;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
}
location ~ /\.ht {
deny all;
}
}Configuration Notes
PHP Version
The provided configuration uses php8.2-fpm.sock. If you are using a different PHP version (e.g., PHP 8.3), make sure to update the fastcgi_pass directive accordingly:
Important: Failure to adjust this may result in NGINX not starting correctly.
Domain Name
Replace YOUR.DOMAIN.COM with your actual domain name. If you are using this configuration for local development, you can use a placeholder like localhost or a custom local domain.
Enable Configuration
After creating your configuration file, enable it and restart NGINX.
Verify Configuration
Test NGINX Syntax
Before restarting, always test the configuration:
You should see:
Check NGINX Status
Test in Browser
Visit your domain or IP address in a web browser. You should see the PteroCA interface (or installation page if not yet configured).
Adding SSL with Certbot
For production environments, you should always use SSL/HTTPS. The easiest way is using Certbot from Let's Encrypt.
Install Certbot
Obtain SSL Certificate
Certbot will:
Automatically modify your NGINX configuration
Obtain and install SSL certificates
Set up automatic certificate renewal
Redirect HTTP to HTTPS
Verify Auto-Renewal
Certbot sets up automatic renewal. Test the renewal process:
NGINX Configuration After SSL
After running Certbot, your configuration will be automatically updated to something like:
Troubleshooting
NGINX Won't Start
Check error logs:
Common issues:
Wrong PHP-FPM socket path
Syntax errors in configuration
Port 80/443 already in use
Invalid domain name
502 Bad Gateway
Possible causes:
PHP-FPM not running:
Wrong socket path in configuration
PHP-FPM socket permissions
403 Forbidden
Possible causes:
Wrong document root path
File permissions:
Missing index file
404 Not Found
Possible causes:
try_filesdirective incorrectRewrite rules not working
Wrong root directory
Performance Optimization
Enable Gzip Compression
Add to your NGINX configuration:
Browser Caching
Add caching headers for static assets:
Client Body Size
Increase upload limits if needed:
Security Hardening
Hide NGINX Version
Add to http block in /etc/nginx/nginx.conf:
Add Security Headers
Next Steps
After configuring the web server:
Configure CSRF and Trusted Proxies - If using Cloudflare or reverse proxy
Configure Database - Set up MySQL/MariaDB connection
Configure System - Complete system setup
Related Guides
Manual Installation - Complete installation guide
SSL Configuration - Advanced SSL setup
Troubleshooting - Common issues and solutions
Last updated