Raspberry Pi secure server

Hi all,

I am looking at hosting a blog on my RasPi 3B+, and I stumbled apon this tutorial (https://getgrav.org/blog/raspberrypi-nginx-php7-dev) which is fantastic and just what I want.

However, I also want this server to be secure. After some searching I found this tutorial (https://bytes.fyi/build-nginx-openssl-from-source/). Again, fitting my needs exactly.

My process was to use the secure install script, then simply install PHP 7.2 using the instructions from the Grav tutorial. This went well up to the point where everything was installed and I had two main issues:

  1. I can’t seem to find where the webroot is. The secure nginx install script does not create the ‘sites-available’ and ‘sites-enabled’ directories by default. So I created them and simply copy-pasted the ‘sites-available/grav’ file into a new file as instructed. When I then try to access the RasPi, I still see ‘Welcome to Nginx’.

  2. After some fiddling around, I managed to stop seeing the default welcome page, but instead received ‘502 Bad Gateway’ error. I verified that PHP7.2 was installed and running, and I also checked that the ‘sock’ was in both the nginx.conf file and the ‘sites-available/grav’ file. I’m not certain, but I think it may be an issue with the user which nginx uses, since the install script creates a user called ‘nginx’ for the service to run on.

I should add that I have a domain name, and I want it accessible from exampledomain/blog, if possible.

As you can probably tell, I’m a relative newbie to this world. But I’d appreciate any suggestions as to how to rectify these issues. I’m confident enough to follow instructions and happy to post config files here if that would help. I appreciate any response and credit to those who put together the tutorials/install scripts.

No answer yet? (June,2019)
(unless, somehow, I am not seeing them)
I have somewhat of a similar problem. But so far no reply… :wink:
Raspberry Pis seem to be orphans here…

I am using a rpi 3 and followed the exact same link (1st link above) with no issues. This was a few years back. The 502 bad gateway error maybe an owner permission issue. I get this error whenever I add a new dir. The way I fix this is to change the owner of that dir.

sudo chown -R www-data:user .

user = my rpi login