NGINX configuration block to run fastcgi scripts by their shebangs
This configuration will use the shebang at the start of the script to select the proper interpreter.
''
LOCKFILE=/var/lock/$(basename $0).lock
[ -f $LOCKFILE ] && exit 0
trap "{ rc=$?; rm -f $LOCKFILE ; exit $rc; }" EXIT
touch $LOCKFILE
[ -f $LOCKFILE ] && exit 0
trap "{ rc=$?; rm -f $LOCKFILE ; exit $rc; }" EXIT
touch $LOCKFILE
''
''I had to be able to run bash, perl and other kinds of CGI programs but found it difficult to gather all the bits on nginx + fastcgi.
Do not forget to install ''apt install fcgiwrap'' for the generic tool, not the one for PHP.
''
# Bash, perl ... CGI scripts
# Make sure to allow them in this setting of /etc/php/*/fpm/pool.d/www.conf:
# security.limit_extensions = .sh .py .pl .cgi .exe .php
location ~ ^/cgi.*(\.cgi|\.py|\.sh|\.pl)$ {
root /home/www/cgi-bin;
# Check if CGI script exists
fastcgi_split_path_info ^(.+?\.sh)(/.*)$;
try_files $fastcgi_script_name =404;
# Remove /cgi-bin/ or /cgi/ prefix in path
rewrite ^/cgi(-bin)?/(.*) /$2 break;
# Set parameters
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /home/www/cgi-bin$fastcgi_script_name;
# apt install fcgiwrap
fastcgi_pass unix:/var/run/fcgiwrap.socket;
}
''
Here is a minimalist example of a CGI script made with bash. Just do not forget to return proper HTTP data else you will end up with an error that tells ''upstream prematurely closed FastCGI stdout while reading response header from upstream''):
''
#!/bin/bash
printf "HTTP/1.0 200 OK\r\n"
printf "Content-type: text/plain\r\n\r\n"
printf "HTTP/1.0 200 OK\r\n"
printf "Content-type: text/plain\r\n\r\n"
printenv | grep ^HTTP_
echo "Query string is $QUERY_STRING"
''
No comments:
Post a Comment