Devlog #24

Posted on Sat 27 February 2021 in Devlog

I recently moved this site to a new Linode server running CentOS 8 Stream. Instead of using Apache this time I figured I would use nginx as it seems far easier to configure and I am always interested in trying and learning new things.

It didn't work exactly as I had hoped right out of the box. Instead of putting everything in /var/www I wanted to give each domain its own user and put the contents in that user's public_html folder. This, to me, makes more sense, keeps things organized, and avoids permissions issues when I want to update those sites. However, in order to get this to work I had to run the following commands:

  1. setsebool -P httpd_enable_homedirs 1 - Tell SELinux to allow web daemons (e.g. nginx) access to "httpd_user_content_t" type folders.
  2. chcon -R -t httpd_user_content_t /home/<user name>/public_html/ - Tell SELinux that the specificed public_html folder is a "httpd_user_content_t" type folder.
  3. gpasswd -a nginx <user group name> - Adds the nginx user to the user's group which allows nginx access to the user's group folders.
  4. chmod 750 /home/<user name> - Give read/execute permissions to the user's group to its home folder

Without these steps, nginx would contantly receive errors like:

*1 open() "/somefolder" failed (13: Permission denied)