Glad You're Ready. Let's Get Started!

Let us know how we can contact you.

Thank you!

We'll respond shortly.

Setting up a FreeBSD Server on Hetzner, Part 4: nginx

In this blog post we describe the procedure to install nginx on a FreeBSD VM.

Install nginx

Let’s ssh into the machine and install nginx:

ssh -A
sudo pkg_add -r nginx

Like homebrew, FreeBSD typically installs optional applications under /usr/local. For example, nginx’s configuration file is located at /usr/local/etc/nginx/nginx.conf.

Place /usr/local/etc under Revision Control and [Optional] Publish

We place /usr/local/etc under revision control & publish it to a public repo on github. We generally do not recommend publishing configuration directories to public repos; in this particular case we’re doing it for instructive purposes.

cd /usr/local/etc
sudo -E git init
sudo -E git add .
sudo -E git commit -m"Initial commit"
sudo -E git remote add origin
sudo -E git push -u origin master

We can browse the new repo here.

Start nginx and check

We configure our FreeBSD machine to start nginx on boot. Additionally, we start nginx manually to begin our tests:

echo 'nginx_enable="YES"' | sudo tee -a /etc/rc.conf
sudo /usr/local/etc/rc.d/nginx start

We browse to ensure we see the “Welcome to nginx!” page.

Configure the default nginx Server Block

[Server Blocks are the nginx’s term for what an Apache webserver administrator would term “VirtualHosts”]

We will configure the following server block:


We make our user, cunnie, a member of the www group:

sudo vim /etc/group

We add our userid, cunnie, to the www group:


We make sure we didn’t make any typos using chkgrp. If no errors, we check in our changes and push:

chkgrp &&
    pushd /etc &&
    sudo git add /etc/group &&
    sudo -E git commit -m"cunnie a member of www" &&
    sudo -E git push origin master &&

Although we’ve added ourselves to the www group, the change does not take effect retroactively—we need to login out and log back in again [1] .

ssh -A

We use the id command to ensure that we’re really a member of the www group:

uid=2000(cunnie) gid=2000(cunnie) groups=2000(cunnie),0(wheel),80(www)

We create a directory to host the content of our websites. We make the owner www, and we allow anyone in the www group to write to it:

sudo mkdir /www
sudo chown www:www /www
sudo chmod 775 /www

We copy the content from our original webserver using rsync:

rsync -aH --progress --stats --exclude Attic --exclude .git /www/

We create a log directory [2] to hold the webserver logs. We also copy the logs from our original server (which date back to 9/8/2001):

sudo mkdir /var/www
sudo chgrp www /var/www
sudo chmod 775 /var/www
rsync -aH --progress --stats --exclude Attic --exclude .git*log /var/www/

We edit the nginx.conf:

sudo -E vim /usr/local/etc/nginx/nginx.conf

We create a catch-all stanzas:

  server {
    server_name _; # invalid value which will never trigger on a real hostname.
    access_log /var/www/;
    root /www/;

[Note: the current nginx.conf can be viewed here]

We restart the nginx server for the new configuration to take effect:

sudo /usr/local/etc/rc.d/nginx restart

We browse to our machine to ensure it shows our content instead of the nginx splash screen:

We have successfully configured nginx under FreeBSD!


The nginx wiki has an excellent description of setting up Server Blocks

Digital Ocean has a post describing setting up Server Blocks on Ubuntu


1 There is a FreeBSD command, newgrp, which allows one to obtain newly-issued group credentials; however, the command requires additional configuration to work properly, (i.e. chmod u+s /usr/bin/newgrp), and the author decided that, in the interest of brevity, it is simpler to recommend logging out and in again.

2 We choose to place our logs under /var/www; admittedly, this is a somewhat arbitrary decision: FreeBSD conventionally places logs under /var/log; FreeBSD’s nginx’s compiled-in defaults (as seen by nginx -V) also place its access and error logs under /var/log. But we prefer our log files in their own directory to keep them separate from the other logs (e.g. syslog, cron). Even though we have decided to keep the log files in a special directory, we keep them under the /var directory where FreeBSD recommends that “multi-purpose log” (hier(7)) files be kept.

Post a Comment

Your Information (Name required. Email address will not be displayed with comment.)

* Copy This Password *

* Type Or Paste Password Here *