Friday, August 27, 2021

NGINX configuration block to run any fastcgi bash, perl, python scripts

NGINX configuration block to run fastcgi scripts by their shebangs

This configuration will use the shebang at the start of the script to select the proper interpreter.

LOCKFILE=/var/lock/$(basename $0).lock
[ -f $LOCKFILE ] && exit 0
trap "{ rc=$?; rm -f $LOCKFILE ; exit $rc; }" EXIT

''I had to be able to run bash, perl and other kinds of CGI programs but found it difficult to gather all the bits on nginx + fastcgi.

Do not forget to install ''apt install fcgiwrap'' for the generic tool, not the one for PHP.

# Bash, perl ... CGI scripts
# Make sure to allow them in this setting of /etc/php/*/fpm/pool.d/www.conf:
#    security.limit_extensions = .sh .py .pl .cgi .exe .php
location ~ ^/cgi.*(\.cgi|\.py|\.sh|\.pl)$ {
root /home/www/cgi-bin;
# Check if CGI script exists
fastcgi_split_path_info ^(.+?\.sh)(/.*)$;
try_files $fastcgi_script_name =404;
# Remove /cgi-bin/ or /cgi/ prefix in path
rewrite ^/cgi(-bin)?/(.*) /$2 break;
# Set parameters
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /home/www/cgi-bin$fastcgi_script_name;
# apt install fcgiwrap
fastcgi_pass unix:/var/run/fcgiwrap.socket;

Here is a minimalist example of a CGI script made with bash. Just do not forget to return proper HTTP data else you will end up with an error that tells ''upstream prematurely closed FastCGI stdout while reading response header from upstream''):

printf "HTTP/1.0 200 OK\r\n"
printf "Content-type: text/plain\r\n\r\n"

printenv | grep ^HTTP_ 

echo "Query string is $QUERY_STRING"

No comments:

Post a Comment