-
Notifications
You must be signed in to change notification settings - Fork 420
[Tutorial] Setting up a standalone web server with MySQL SQLite
Page courtesy of: haloflooder
Following this guide will reset all the data if you are currently not using a SQL database with dynmap. All your rendered tiles will be lost since Dynmap will start saving/loading from the database after you follow this tutorial.
Using MySQL with Dynmap is not fully tested by the community. Use as your own risk
This tutorial assumes that you know a little bit of Linux. If you don't know how to Linux, it's never too late to learn!
If you are using a "minecraft server host". In most cases, you won't be able to setup a standalone web server with your minecraft server host. You will have to get website host or a vps to host a standalone web server for Dynmap.
- Would highly recommend you to use MySQL instead of SQLite if you have the choice. It may require some extra steps but look on the bright side. You can use MySQL with other plugins :)
- This tutorial also requires you to use sudo. If you don't have sudo perms then you are either out of luck or you can rent a VPS.
- If you are using SQLite, you cannot host the standalone web server on a different server/vps. You will have to migrate the SQLite database to a MySQL/MariaDB server in order to host the standalone server on a different server/vps. But that is completely optional, we will still be covering how to setup a standalone web server on the same server as the minecraft server with SQLite.
- I won't be covering how to setup a standalone web server with windows or apache unless there is some interest. As an alternative, you can get a cheap VPS and host a web server there if you are using MySQL (not SQLite).
- I cover how to get the standalone web server working with cloudflare's proxy which is completely optional. This is HIGHLY recommended if you're going to enable users to log in to the dynmap website. If are going to install a SSL cert with certbot instead, don't follow this part of the bonus tutorial.
- I will also cover how to install a SSL cert to the NGINX web server with certbot or another provider which is completely optional. This is HIGHLY recommended if you're going to enable users to log in to the dynmap website. If you are want to use the cloudflare proxy instead, don't follow this part of the bonus tutorial.
Pros:
- The Dynmap website will be available even if the minecraft server is down/restarting
- Put less load on the minecraft server
- NGINX has better performance than the internal webserver
Cons:
- Kind of annoying to setup
- Need to know a bit of linux
We will be covering these following things:
- Setting up MySQL/MariaDB (optional)
- Setting up NGINX with PHP and SQL support
- Preparing the Dynmap plugin to use with MySQL/SQLite
- Setting up the standalone server for MySQL/SQLite
- Bonus: Setting up a cloudflare proxy with the NGINX web server (optional)
- Bonus: Setting up NGINX with ssl certifications (optional)
- The FAQ's are located at the very bottom of this guide.
To get started, you need to install a web server on the server you want to host the standalone dynmap website on. This part of the tutorial also covers installing MySQL on the server as well.
If you want to use SQLite for some reason, you can just install NGINX without MySQL/MariaDB. BUT NGINX must be on the same server where the minecraft server is hosted.
If you are using a website host or using a minecraft host. See notes below the tutorial links. Where should I install MySQL/MariaDB?
You should generally install MySQL on the same server as the minecraft server. You can use the same MySQL server with plugins that uses MySQL. MySQL will be used by the Dynmap plugin to save/load data which the web server will read/write to as well.
Generally, there are more benefits if the MySQL/MariaDB server is on the same server/network as the minecraft server since the latency would be lower Tutorials
There are countless tutorials on how to setup nginx/MySQL/MariaDB on the internet. Here are some links of tutorials on setting them up with some linux OS's.
Don't worry if the tutorial tells you to install MariaDB since it's pretty much the same thing as MySQL. Links to tutorials
note, other distributions are probably supported. Use the above guides as a reference for your distribution
Test to see if your web server is serving a webpage by putting in your web server's ip into your web browser. If nothing pops up, then your firewall might be blocking the port or you didn't start the nginx server. notes
- If you already have a web server, you can skip this step. BUT you still need a MySQL server if you don't have one already.
- If you are using a website host, like stated above. You can skip this step BUT you still need a MySQL server.
- If you are using a minecraft host, you will need to get a VPS/website host. Hopefully your minecraft host also includes a MySQL server with your package. If not, you can install the MySQL server on the VPS BUT MAKE SURE YOU HAVE PLENTY OF SPACE.
Now, to setup the MySQL/MariaDB server.
It is recommended to create a new user/password with limited permissions for each application.
If you are setting up an external web server, you can also setup a firewall (iptables/firewalld/ufw/etc) to only allow the web server to connect to the database.
Using a terminal on the server that is hosting the minecraft server, we will create a new database and add some database users.
mysql -u root -p
[Enter mysql root password if there is one]
mysql> CREATE DATABASE <dynmap_database_name>;
mysql> exit
Example (click to expand)
mysql -u root -p
[Enter mysql root password if there is one]
mysql> CREATE DATABASE DynmapDatabase;
mysql> exitnote: If the MySQL server is on the same server as the minecraft server. <minecraftserver_ip> should just be localhost
mysql -u root -p
[Enter mysql root password if there is one]
mysql> CREATE USER '<webserver_user>'@'<webserver_ip>' IDENTIFIED BY '<password>';
mysql> CREATE USER '<dynmap_user>'@'<minecraftserver_ip>' IDENTIFIED BY '<password>';
mysql> GRANT CREATE, DELETE, INSERT, SELECT, UPDATE ON <dynmap_database>.*TO '<webserver_user>'@'<webserver_ip>';
mysql> GRANT CREATE, DELETE, INSERT, SELECT, UPDATE ON <dynmap_database>.* TO '<dynmap_user>'@'<minecraftserver_ip>';
mysql> FLUSH PRIVILEGES;
mysql> exitExample if the web server and minecraft server are on the same server (click me to expand)
mysql -u root -p
[Enter mysql root password if there is one]
mysql> CREATE USER 'dynmapwebserver'@'localhost' IDENTIFIED BY 'password1234';
mysql> CREATE USER 'minecraftserver'@'localhost' IDENTIFIED BY 'password5678';
mysql> GRANT CREATE, DELETE, INSERT, SELECT, UPDATE ON 'dynmapwebserver'@'localhost';
mysql> GRANT CREATE, DELETE, INSERT, SELECT, UPDATE ON 'minecraftserver'@'localhost'';
mysql> FLUSH PRIVILEGES;
mysql> exitIf you made a mistake and need to delete the mysql user. This is how you delete a user.
mysql> DROP USER '<user_to_delete>'@'<ip_you_used>';After you create a new user, try logging into the user. (after you logout from the mysql root user via "exit")
mysql -u <webserver_user> -p
[Enter user password]
mysql> exitMySQL has these permissions available to set to MySQL users.
- ALL PRIVILEGES - Grant all privileges to the user
- CREATE - Allows user to create databases/tables
- DELETE - Allows user to delete rows(data) from a table
- DROP - Allows user to drop databases and tables
- INSERT - Allows user to insert rows(data) to a table
- SELECT - Allows user to read from a database
- UPDATE - Allows user to update data in a table
Now to change some settings in configuration from the plugin.
Install the latest version of dynmap on the server. The latest version should still work with the minecraft version from 1.12.2 to 1.18.2
Turn on the minecraft server then stop the server. There should be a new folder called dynmap in the plugins folder.
MAKE A BACKUP of the configuration.txt file! Just make a copy and name it something like configuration.txt.backup.
Open the configuration file configuration.txt so we can change some settings.
Change the storage section in the configuration from
storage:
# Filetree storage (standard tree of image files for maps)
type: filetree
# SQLite db for map storage (uses dbfile as storage location)
#type: sqlite
#dbfile: dynmap.db
# MySQL DB for map storage (at 'hostname':'port' with flags "flags" in database 'database' using user 'userid' password 'password' and table prefix 'prefix')
#type: mysql
#hostname: localhost
#port: 3306
#database: dynmap
#userid: dynmap
#password: dynmap
#prefix: ""
#flags: "?allowReconnect=true"to
MySQL Example (Click to expand)
```yaml storage: # Filetree storage (standard tree of image files for maps) #type: filetree <- DONT FORGET TO COMMENT THIS OUT # SQLite db for map storage (uses dbfile as storage location) #type: sqlite #dbfile: dynmap.db # MySQL DB for map storage (at 'hostname':'port' with flags "flags" in database 'database' using user 'userid' password 'password' and table prefix 'prefix') type: mysql hostname: <mysql_ip> port: <mysql_port> database: <mysql_database> userid: <dynmap_mysql_user> password: <dynmap_mysql_password> prefix: "" # Can add prefix for tables if you want flags: "?allowReconnect=true" ```
MySQL Example (Click to expand)
```yaml storage: # Filetree storage (standard tree of image files for maps) #type: filetree <- DONT FORGET TO COMMENT THIS OUT # SQLite db for map storage (uses dbfile as storage location) type: sqlite dbfile: dynmap.db # MySQL DB for map storage (at 'hostname':'port' with flags "flags" in database 'database' using user 'userid' password 'password' and table prefix 'prefix') #type: mysql #hostname: localhost #port: 3306 #database: dynmap #userid: dynmap #password: dynmap #prefix: "" #flags: "?allowReconnect=true" ```
Right under the storage section, there should be a section called
- class: org.dynmap.InternalClientUpdateComponent that we will be commenting out.
So it would look like this:
Before (click to expand)
```yaml
- class: org.dynmap.InternalClientUpdateComponent
sendhealth: true
sendposition: true
allowwebchat: true
webchat-interval: 5
hidewebchatip: true
trustclientname: false
includehiddenplayers: false
# (optional) if true, color codes in player display names are used
use-name-colors: false
# (optional) if true, player login IDs will be used for web chat when their IPs match
use-player-login-ip: true
# (optional) if use-player-login-ip is true, setting this to true will cause chat messages not matching a known player IP to be ignored
require-player-login-ip: false
# (optional) block player login IDs that are banned from chatting
block-banned-player-chat: true
# Require login for web-to-server chat (requires login-enabled: true)
webchat-requires-login: false
# If set to true, users must have dynmap.webchat permission in order to chat
webchat-permissions: false
# Limit length of single chat messages
chatlengthlimit: 256
# # Optional - make players hidden when they are inside/underground/in shadows (#=light level: 0=full shadow,15=sky)
# hideifshadow: 4
# # Optional - make player hidden when they are under cover (#=sky light level,0=underground,15=open to sky)
# hideifundercover: 14
# # (Optional) if true, players that are crouching/sneaking will be hidden
hideifsneaking: false
# If true, player positions/status is protected (login with ID with dynmap.playermarkers.seeall permission required for info other than self)
protected-player-info: false
# If true, hide players with invisibility potion effects active
hide-if-invisiblity-potion: true
# If true, player names are not shown on map, chat, list
hidenames: false
```
After (click to expand)
```yaml
# - class: org.dynmap.InternalClientUpdateComponent
#sendhealth: true
#sendposition: true
#allowwebchat: true
#webchat-interval: 5
#hidewebchatip: false
#trustclientname: false
#includehiddenplayers: false
# (optional) if true, color codes in player display names are used
#use-name-colors: false
# (optional) if true, player login IDs will be used for web chat when their IPs match
#use-player-login-ip: true
# (optional) if use-player-login-ip is true, setting this to true will cause chat messages not matching a known player IP to be ignored
#require-player-login-ip: false
# (optional) block player login IDs that are banned from chatting
#block-banned-player-chat: true
# Require login for web-to-server chat (requires login-enabled: true)
#webchat-requires-login: false
# If set to true, users must have dynmap.webchat permission in order to chat
#webchat-permissions: false
# Limit length of single chat messages
#chatlengthlimit: 256
# # Optional - make players hidden when they are inside/underground/in shadows (#=light level: 0=full shadow,15=sky)
# hideifshadow: 4
# # Optional - make player hidden when they are under cover (#=sky light level,0=underground,15=open to sky)
# hideifundercover: 14
# # (Optional) if true, players that are crouching/sneaking will be hidden
#hideifsneaking: false
# If true, player positions/status is protected (login with ID with dynmap.playermarkers.seeall permission required for info other than self)
#protected-player-info: false
# If true, hide players with invisibility potion effects active
#hide-if-invisiblity-potion: true
# If true, player names are not shown on map, chat, list
#hidenames: false
```
After you do that, you will uncomment the section right below that. So it will look like this.
Before (click to expand)
```yaml #- class: org.dynmap.JsonFileClientUpdateComponent # writeinterval: 1 # sendhealth: true # sendposition: true # allowwebchat: true # webchat-interval: 5 # hidewebchatip: false # includehiddenplayers: false # use-name-colors: false # use-player-login-ip: false # require-player-login-ip: false # block-banned-player-chat: true # hideifshadow: 0 # hideifundercover: 0 # hideifsneaking: false # # Require login for web-to-server chat (requires login-enabled: true) # webchat-requires-login: false # # If set to true, users must have dynmap.webchat permission in order to chat # webchat-permissions: false # # Limit length of single chat messages # chatlengthlimit: 256 # hide-if-invisiblity-potion: true # hidenames: false ```
After (click to expand)
```yaml
- class: org.dynmap.JsonFileClientUpdateComponent
writeinterval: 1
sendhealth: true
sendposition: true
allowwebchat: true
webchat-interval: 5
hidewebchatip: false
includehiddenplayers: false
use-name-colors: false
use-player-login-ip: false
require-player-login-ip: false
block-banned-player-chat: true
hideifshadow: 0
hideifundercover: 0
hideifsneaking: false
# # Require login for web-to-server chat (requires login-enabled: true)
webchat-requires-login: false
# # If set to true, users must have dynmap.webchat permission in order to chat
webchat-permissions: false
# # Limit length of single chat messages
chatlengthlimit: 256
hide-if-invisiblity-potion: true
hidenames: false
```
Now we are going to disable the internal web server since we don't need it anymore.
Find disable-webserver in the configuration file and change the value from false to true.
We are going to change some urls that is required for the dynmap standalone web server to work. This is the huge part most people had trouble with as far as I know.
Find the url: section in the configuration file. It should look like this. Before (click to expand) After [MySQL Example] (click to expand) After [SQLite Example] (click to expand) Turn it on and off again
Start the minecraft server BUT DON'T TURN IT OFF JUST YET! Check and see if there are any issues with dynmap by checking the latest log. If there are no issues, then turn off the server. NOTICE
The main reason why you need to start and stop the server at the very end is because Dynmap creates configuration files for the web server to use. If you changed any settings in configuration.txt, then there is a chance that the config files in plugins/dynmap/web are changed. EVEN BIGGER NOTICE
If you are going to enable users to log into dynmap. You should DEFINITELY install a SSL cert or use cloudflare's proxy to make login credentials secure from the bad guys! Options on how the web server should be setup
Now we get down to the serious business!
Here are some options: Hosting on the same server with the minecraft server (MySQL/SQLite)
Option 1: You can link the web server to the dynmap web folder in the plugin folder (easier) Option 2: Copy the web folder to a different location on the server (more secure) Hosting on a different server that's not the same server as the minecraft server (MySQL)
Only Option: Your only option is to copy the web folder to the server that has the web server. Hosting with a web host (MySQL)
If you're using a web host such as hostgator, namecheap, 000webhost, etc. Your only option is to copy the web folder to the web host. I won't be adding details on how to get this done since there are too many web hosts to cover. General setup with the NGINX web server
Before you go to the next sections with the setup options. We will cover the general setup for the NGINX web servers. Removing the default website config
If you installed a fresh NGINX web server. We want to remove the default website config and add our own config. If you already have a NGINX before this tutorial and know what you're doing. Go to the next section with options on how the dynmap website should be setup.
The default config is usually located at /etc/nginx/sites-available/ and /etc/nginx/sites-enabled.
You want to make a copy of the default since we will be using it.
sudo cp /etc/nginx/sites-available/default /etc/nginx/sites-available/dynmap
Now remove the default config from sites-enabled to disable the default site config and restart the nginx web server
sudo rm /etc/nginx/sites-enabled/default sudo service nginx restart
Setting up the web server that's on the same server as the minecraft server
If you are hosting your own NGINX web server on the same server as the minecraft server. This is the right section for you!
Note Make sure that you followed the general setup with NGINX before you continue with this tutorial Option 1: Linking the web server to the dynmap folder (click to expand)
If you want to setup the web server the easy (but not too secure) way. This is the right option for you! But I still highly recommend you to follow option 2 since it's a more secure option than option 1.
Pros:
One command less to execute (if you're into that kind of thing)
Don't need to copy over config files if you change the dynmap configuration
Cons:
Less secure compared to Option 2 (debatable)
Editing the website config file
Start editing the dynmap config file in /etc/nginx/sites-available/dynmap
sudo nano /etc/nginx/sites-available/dynmap OR sudo vi /etc/nginx/sites-available/dynmap
The config file should look something like this. Change the values in the config to your liking
server { listen 80 default_server; listen [::]:80 default_server; server_name map.example.com;
root /home/<USERNAME>/<MINECRAFTSERVER>/plugins/dynmap/web;
index index.php index.html index.htm;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
Don't forget to change to the linux username that has the minecraft server folder in it.
Don't forget to change to the folder that you have the minecraft server in
Example:
root /home/someuser/minecraft/servers/creative/plugins/dynmap/web;
Option 2: Copying the web folder to a different location
If you want to setup the web server the more secure way. This is the right option for you!
Pros:
More secure than Option 1 (Debatable)
Cons:
Need to copy over some config files to new location if you changed the dynmap configuration
Copying the files to a new location
Copy over the dynmap web files to a different location
sudo cp -r /home///plugins/dynmap/web/ /var/www/dynmap/
Don't forget to change to the linux username that has the minecraft server folder in it.
Don't forget to change to the folder that you have the minecraft server in
Example:
sudo cp -r /home/MyUsername/minecraft/servers/creative/plugins/dynmap/web/ /var/www/dynmap/
Editing the website config file
Start editing the dynmap config file in /etc/nginx/sites-available/dynmap
sudo nano /etc/nginx/sites-available/dynmap OR sudo vi /etc/nginx/sites-available/dynmap
The config file should look something like this. Change the values in the config to your liking
server { listen 80 default_server; listen [::]:80 default_server; server_name map.example.com;
root /var/www/dynmap;
index index.php index.html index.htm;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
Now lets make the dynmap server public! (for both options 1 and 2)
After you followed the steps in Option 1/2. We are going to make a shortcut of the dynmap web server config and put it in a folder.
ln -s /etc/nginx/sites-available/dynmap /etc/nginx/sites-enabled/dynmap
Make sure the config files are error-free!
nginx -t -c /etc/nginx/sites-available/dynmap
and restart the server if there are no problems.
sudo service nginx restart
And that should be it!
Put the web server ip into your web browser, you should see dynmap. Since it's going to be empty, you can start rendering tiles by joining the server and running the command /dynmap fullrender Setting up the web server that's hosted on a different server
If you are hosting your own NGINX web server on a different server than the server that's hosting the minecraft server. This is the right section for you!
Note
Make sure that you followed the general setup with NGINX before you continue with this tutorial
The website configs should be on the server hosting the NGINX web server, not the server hosting the minecraft server!
Pros:
Even more secure than the other methods
Cons:
Need to copy over some config files to new location if you changed the dynmap configuration
Copying the files to a new location
Copy over the dynmap web files to a different location
Execute this command on the server that is hosting the minecraft server. This command will copy the folder from the minecraft server over to the web server. It will ask you for the password to the webserver.
sudo scp -r /home///plugins/dynmap/web <WEBSERVER_USERNAME>@<WEBSERVER_IP>:/var/www/dynmap
Don't forget to change to the linux username of the server that has the minecraft server folder in it.
Don't forget to change to the folder that you have the minecraft server in
Don't for
Example:
sudo scp -r /home/SomeUserName1/minecraft/servers/creative/plugins/dynmap/web SomeUserName2@123.123.123.123:/var/www/dynmap
Editing the website config file
Start editing the dynmap config file in /etc/nginx/sites-available/dynmap
sudo nano /etc/nginx/sites-available/dynmap OR sudo vi /etc/nginx/sites-available/dynmap
The config file should look something like this. Change the values in the config to your liking
server { listen 80 default_server; listen [::]:80 default_server; server_name map.example.com;
root /var/www/dynmap;
index index.php index.html index.htm;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
Now lets make the dynmap server public!
After you followed the steps. We are going to make a shortcut of the dynmap web server config and put it in a folder.
ln -s /etc/nginx/sites-available/dynmap /etc/nginx/sites-enabled/dynmap
Make sure the config files are error-free!
nginx -t -c /etc/nginx/sites-available/dynmap
and restart the server if there are no problems.
sudo service nginx restart
And that should be it!
Put the web server ip into your web browser, you should see dynmap. Since it's going to be empty, you can start rendering tiles by joining the server and running the command /dynmap fullrender Setting up the web server that's hosted by a web host
If you are using a web host since you don't want to set one up yourself. This is the right section for you! Copying the web folder to the web host
Copy the files from the minecraft server into a folder on your computer. The files you're going to be copying should be in plugins/dynmap/web on the minecraft server.
Copy the files to your web host preferably in a new directory unless it's going to be a dedicated dynmap webhost. Finish!
Yeah really! You're done. Bonus tutorials
If you installed your own NGINX web server, you can follow this part of the bonus tutorial to make your web server secure with dynmap logins. YOU SHOULD ALWAYS handle the user's credentials with care if you enable logins with Dynmap.
You can follow one of the three options to make your web server secure Installing a FREE SSL certificate with CertBot
You can just follow these instructions from the certbot website. It is the easiest way to get an SSL certificate for a website.
As a note, certbot's certifications expires quicker than other providers, but they do have an automated way to renew your certifications if you follow their instructions on how to do that. Installing an SSL certificate from a different provider
As an alternative, you can get an SSL certificate from a different provider such as NameCheap. Download the public certification and private key from the provider. YOU SHOULD NEVER SHARE THE PRIVATE KEY WITH ANOTHER PERSON OR MAKE IT PUBLIC. It is strictly for your web server and shouldn't just be up for grabs.
Place the certification file in /etc/ssl/certs/<certification_file>.pem and place the private key in /etc/ssl/private/<private_key_file>.pem
Make a backup of the website config before we make any changes
sudo cp /etc/nginx/sites-available/dynmap /etc/nginx/sites-available/dynmap_BACKUP
If you make an oopsie and need to revert back, execute this command
sudo cp /etc/nginx/sites-available/dynmap_BACKUP /etc/nginx/sites-available/dynmap
In the NGINX website config, look at the differences between your current config and add the changes you see from this example config.
server { listen 80 default_server; listen [::]:80 default_server; server_name map.example.com; return 302 https://$server_name$request_uri; }
server { # SSL configuration
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/ssl/certs/<certification_file>.pem;
ssl_certificate_key /etc/ssl/private/<private_key_file>.pem;
server_name map.example.com;
root /var/www/dynmap;
index index.php index.html index.htm;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
Then you just need to restart the NGINX web server.
sudo service nginx restart
Go to your dynmap website and it should now be secure! Very secure Setting up NGINX with Cloudflare's proxy (last updated Sept. 19 2019)
A good thing about Cloudflare's proxy is that they have a special certification that is only for communicating between your web server and their services. You can also let the certification last up to 15 years. However, it's just an alternative to having a "real" ssl certification.
First, login to cloudflare and go to the domain you want to set up the proxy with. Then go to the "SSL/TLS" section cloudflare dashboard
In the Origin Certificates section, click on "Create Certificate". Select Let Cloudflare generate a private key and a CSR and set the Private key type to ECDSA
Add the hostname map.YOURDOMAIN.com if you want to put the dynmap website on map.YOURDOMAIN.com.
Set the certificate validity to whatever you like (15 years sounds good amirite?).
Click next and you should see a fresh ssl cert and private key on your screen. Now we're going to copy the text and paste it into a file via terminal.
First lets create a certificate file and paste in the text. The text should start with -----BEGIN CERTIFICATE----- and end with -----END CERTIFICATE-----
sudo nano /etc/ssl/certs/dynmap_cert.pem OR sudo vi /etc/ssl/certs/dynmap_cert.pem
Next lets create a private key file and paste in the text. The text should start with -----BEGIN PRIVATE KEY----- and end with -----END PRIVATE KEY-----
sudo nano /etc/ssl/private/dynmap_private_key.pem OR sudo vi /etc/ssl/private/dynmap_private_key.pem
Now we are going to edit the NGINX website config. Make a backup of the website config before we make any changes
sudo cp /etc/nginx/sites-available/dynmap /etc/nginx/sites-available/dynmap_BACKUP
If you make an oopsie and need to revert back, execute this command
sudo cp /etc/nginx/sites-available/dynmap_BACKUP /etc/nginx/sites-available/dynmap
In the NGINX website config, look at the differences between your current config and add the changes you see from this example config.
server { listen 80 default_server; listen [::]:80 default_server; server_name map.example.com; return 302 https://$server_name$request_uri; }
server { # SSL configuration
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_certificate /etc/ssl/certs/dynmap_cert.pem;
ssl_certificate_key /etc/ssl/private/dynmap_private_key.pem;
server_name map.example.com;
root /var/www/dynmap;
index index.php index.html index.htm;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
# pass PHP scripts to FastCGI server
location ~ \.php$ {
include snippets/fastcgi-php.conf;
# With php-fpm (or other unix sockets):
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
# # With php-cgi (or other tcp sockets):
# fastcgi_pass 127.0.0.1:9000;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
Then you just need to restart the NGINX web server.
sudo service nginx restart
Go to your dynmap website and it should now be secure! Very secure FAQ's
- Base Plugin Settings
- Web Setup
- Storage Setup
- HD Map Configuration
- World and template settings
- Guides
- Advanced Map Configuration
- Component Configuration
- Configuration of worlds
- Exporting World Data in Wavefront OBJ Format
- External Webserver Advanced
- Support for Minecraft Servers other than CraftBukkit
- Support for MinecraftForge based mods
- Support for Tekkit
- Custom Block Definitions
- Model Definition Files
- Texture Definition Files
- Defining a Block using a Custom Block Renderer
- Defining a Block using a Volumetric Model
- Defining a Cuboid Block
- Defining a Simple Block
- Defining Cuboid Models
- Defining Volumetric Models
- Special texture file types
- Using custom block renderers
- Incompatible mods