2010年2月28日星期日

Re: Do nginx do not auto differentiate the file name and directory name in the url?

Hi

> 192.168.1.19 - - [01/Mar/2010:10:42:33 +0800] "GET /myweb HTTP/1.1" 301 178 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trid
> ent/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)"

nginx seems to be issuing the 301 HTTP redirect redirect, notice the 301 after the GET.

What's your URL after you go to http://domain/myweb and get the error? According to that log you've received a redirect and it should have changed to http://domain/myweb/. Does it show domain or localhost? You're using localhost as the server_name, I'm not sure if maybe nginx is using that domain to issue the Location on the redirect. If you're testing this from a different machine than your server it will sure fail.

Please try with the LiveHTTPHeaders Firefox plugin and tell us what Location: are you being redirected to on the HTTP 301.

Regards

--
Vicente Aguilar <bisente@bisente.com> | http://www.bisente.com


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Do nginx do not auto differentiate the file name and directory name in the url?

dear all, i use Firefox to visit "http://localhost/myweb" , is also do not work.
here is my nginx.conf
user daemon;
worker_processes 2;

#error_log logs/error.log;
#error_log logs/error.log notice;
error_log logs/error.log info;

#pid logs/nginx.pid;

events {
worker_connections 1024;
}

http {
include mime.types;
default_type application/octet-stream;
server_tokens off;

#access_log logs/access.log main;

sendfile on;
#tcp_nopush on;

keepalive_timeout 65;

#gzip on;

server {
listen 80;
server_name localhost;

#charset koi8-r;

#access_log logs/host.access.log main;

location / {
root /home/httpd/html;
index index.html index.htm index.php;
}

#error_page 404 /404.html;

# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}

# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000

location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME /home/httpd/html/$fastcgi_script_name;
include fastcgi_params;
}

}

}

here is the access.log record result
fail
192.168.1.19 - - [01/Mar/2010:10:42:33 +0800] "GET /myweb HTTP/1.1" 301 178 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trid
ent/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)"
success
192.168.1.19 - - [01/Mar/2010:10:44:18 +0800] "GET /myweb/ HTTP/1.1" 200 45696 "-" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)"

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,57890,58466#msg-58466


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: RE: access logging has stopped

Thanks for the suggestion. However I don't think that's it, as the error.log in the same directory is still being written and the filesystem is only 53% full.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,58447,58458#msg-58458


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

RE: access logging has stopped

Maybe it grows and fill up your partition? I faced this problem with
other application.

Danny Trinh
Linux Admin


-----Original Message-----
From: MarkMT [mailto:nginx-forum@nginx.us]
Sent: Sunday, February 28, 2010 7:39 PM
To: nginx@nginx.org
Subject: access logging has stopped

Entries in the access.log for my nginx server mysteriously stopped on
Feb 16. I haven't made any change to the configuration files. Any
suggestions of where I should be looking to figure out why it has
stopped logging incoming requests?

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,58447,58447#msg-58447


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

access logging has stopped

Entries in the access.log for my nginx server mysteriously stopped on Feb 16. I haven't made any change to the configuration files. Any suggestions of where I should be looking to figure out why it has stopped logging incoming requests?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,58447,58447#msg-58447


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: All domains picking same content of one site?

Hi

> Below is the config details

Doesn't look bad to me. Anyway:

> server {
> listen 80;
> server_name YOURSERVERNAME;

You need real server names here, I guess you know that and you're just hiding your server name, just like below with "myip".

The whole server block is like a <VirtualHost> block in Apache, and server_name is the list of ServerName and ServerAlias for that vhost. You can either replicate the server section for each vhost with different server names and different options, or use a generic config with server_name wildcards like "server_name _;" as per:

http://wiki.nginx.org/NginxHttpCoreModule#server_name

If you only have one name on server_name, I guess nginx would only serve that domain.

> location / {
> proxy_pass http://myip:8080/;
> proxy_redirect off;
> proxy_set_header Host $host;

This looks ok, you're correctly setting the Host header so that nginx passes it to Apache.

I assume you've tested Apache and it's working OK for every domain. One thing you can test is sniffing some traffic between nginx and Apache with tcpdump and make sure nginx is setting the correct Host header and Apache is returning the proper content. Anyway that part of the config looks ok.

Hope that helps.

Regards

--
Vicente Aguilar <bisente@bisente.com> | http://www.bisente.com


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: All domains picking same content of one site?

On Sun, Feb 28, 2010 at 7:54 PM, sam77am <nginx-forum@nginx.us> wrote:
>
> I am using nginx as proxy...please suggest what changes needs to be done.
>

unless there's another server block in /etc/nginx/conf.d/*.conf, then
surely it'll show same page for any domain.


--
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: NGiNX does not pass SMTP AUTH command to server?

Hi Maxim!

On Sun, 2010-02-28 at 15:41 +0300, Maxim Dounin wrote:
> Hello!
>
> On Sun, Feb 28, 2010 at 10:18:59PM +1100, Andree Leidenfrost wrote:
>
> > NGiNX authenticates fine for IMAP and POP3. Is it not somewhat
> > inconsistent that it does not authenticate for SMTP? Especially as it
> > seems to work the second time??? If the SMTP server can take care of
> > authentication in the first place, would it not be a good thing to
> > utilise this rather than relying on an additional authentication
> > mechanism?
>
> It is believed that there is no need to re-authenticate against
> smtp backend as it doesn't provide any additional value (unlike
> POP3 and IMAP where it's required to obtain access to specific
> mailbox).

I for once would like to use the SMTP backend for authentication. ;-)
(This is why I use a static/primitive http_auth server.) NGiNX seems to
be able to pass the AUTH command through the second time, so on
principle, I suppose, this could also work the first time? (You decide
whether this is worthwhile to support by NGiNX.)

As a side note, I would really appreciate to be able to securely
communicate to any of the backends via SSL from NGiNX, be that POP3,
IMAP or SMTP or whatever - it's letters versus postcards even within
organisations - I like the privacy of letters.

> > Has the patch you mention actually been put in front of the Postfix
> > people?
>
> AFAIK, no. But I may be wrong, I'm not the author of the patch
> in question.
>
> > I have no idea what RFCs may exist for this xclient stuff (and I
> > have not really been able to find anything definitive on this on the
> > internet),
>
> XCLIENT was originally implemented in Postfix, and there is no
> RFC. There is also patch for Exim to support it (developed by
> Vsevolod Stakhov, cebka.pp.ru; the patch was made for nginx and
> supports LOGIN attribute).

Thank you! If this is a Postfix thing in the first place, the Postfix
people should really be talked to, I guess? Not much point having a
patch that may never make it into upstream Postfix (unless you operate
in an environment where components are hand-patched all the time)?

> [...]
>
> Maxim Dounin
>
> p.s. Please do not top-post. Thank you.

Thanks a lot & best regards,
Andree

> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx


--
Andree Leidenfrost
Sydney - Australia

Re: All domains picking same content of one site?

Hi Vicente,

Thanks for your revert...

Below is the config details.

nginx.conf -

#######################################################################
#
# This is the main Nginx configuration file.
#
# More information about the configuration options is available on
# * the English wiki - http://wiki.codemongers.com/Main
# * the Russian documentation - http://sysoev.ru/nginx/
#
#######################################################################

#----------------------------------------------------------------------
# Main Module - directives that cover basic functionality
#
# http://wiki.codemongers.com/NginxMainModule
#
#----------------------------------------------------------------------

user nginx;
worker_processes 4;

error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;

pid /var/run/nginx.pid;

#----------------------------------------------------------------------
# Events Module
#
# http://wiki.codemongers.com/NginxEventsModule
#
#----------------------------------------------------------------------

events {
worker_connections 1024;
}


#----------------------------------------------------------------------
# HTTP Core Module
#
# http://wiki.codemongers.com/NginxHttpCoreModule
#
#----------------------------------------------------------------------

http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
gzip on;


# Load config files from the /etc/nginx/conf.d directory
include /etc/nginx/conf.d/*.conf;
#
# The default server
#
server {
listen 80;
server_name YOURSERVERNAME;
#charset koi8-r;
#access_log logs/host.access.log main;
#Main location
location / {
proxy_pass http://myip:8080/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
root /usr/share/nginx/html;
index index.html index.htm index.php;
}

error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}

# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}

# proxy the PHP scripts to Apache listening on myip:80
#
#location ~ \.php$ {
# proxy_pass http://myip;
#}

# pass the PHP scripts to FastCGI server listening on myip:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|wav|bmp|rtf|js)$ {root /var/www;}
}
}

I am using nginx as proxy...please suggest what changes needs to be done.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,58161,58220#msg-58220


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: All domains picking same content of one site?

Hi Vicente,

Thanks for your revert...

Below is the config details.

nginx.conf -

#######################################################################
#
# This is the main Nginx configuration file.
#
# More information about the configuration options is available on
# * the English wiki - http://wiki.codemongers.com/Main
# * the Russian documentation - http://sysoev.ru/nginx/
#
#######################################################################

#----------------------------------------------------------------------
# Main Module - directives that cover basic functionality
#
# http://wiki.codemongers.com/NginxMainModule
#
#----------------------------------------------------------------------

user nginx;
worker_processes 4;

error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;

pid /var/run/nginx.pid;

#----------------------------------------------------------------------
# Events Module
#
# http://wiki.codemongers.com/NginxEventsModule
#
#----------------------------------------------------------------------

events {
worker_connections 1024;
}


#----------------------------------------------------------------------
# HTTP Core Module
#
# http://wiki.codemongers.com/NginxHttpCoreModule
#
#----------------------------------------------------------------------

http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] $request '
'"$status" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
gzip on;


# Load config files from the /etc/nginx/conf.d directory
include /etc/nginx/conf.d/*.conf;
#
# The default server
#
server {
listen 80;
server_name YOURSERVERNAME;
#charset koi8-r;
#access_log logs/host.access.log main;
#Main location
location / {
proxy_pass http://myip:8080/;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
root /usr/share/nginx/html;
index index.html index.htm index.php;
}

error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}

# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}

# proxy the PHP scripts to Apache listening on myip:80
#
#location ~ \.php$ {
# proxy_pass http://myip;
#}

# pass the PHP scripts to FastCGI server listening on myip:9000
#
#location ~ \.php$ {
# root html;
# fastcgi_pass 127.0.0.1:9000;
# fastcgi_index index.php;
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
# include fastcgi_params;
#}

# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~* ^.+\.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|wav|bmp|rtf|js)$ {root /var/www;}
}
}

I am using nginx as proxy...please suggest what changes needs to be done.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,58161,58223#msg-58223


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: NGiNX does not pass SMTP AUTH command to server?

Hello!

On Sun, Feb 28, 2010 at 10:18:59PM +1100, Andree Leidenfrost wrote:

> NGiNX authenticates fine for IMAP and POP3. Is it not somewhat
> inconsistent that it does not authenticate for SMTP? Especially as it
> seems to work the second time??? If the SMTP server can take care of
> authentication in the first place, would it not be a good thing to
> utilise this rather than relying on an additional authentication
> mechanism?

It is believed that there is no need to re-authenticate against
smtp backend as it doesn't provide any additional value (unlike
POP3 and IMAP where it's required to obtain access to specific
mailbox).

> Has the patch you mention actually been put in front of the Postfix
> people?

AFAIK, no. But I may be wrong, I'm not the author of the patch
in question.

> I have no idea what RFCs may exist for this xclient stuff (and I
> have not really been able to find anything definitive on this on the
> internet),

XCLIENT was originally implemented in Postfix, and there is no
RFC. There is also patch for Exim to support it (developed by
Vsevolod Stakhov, cebka.pp.ru; the patch was made for nginx and
supports LOGIN attribute).

[...]

Maxim Dounin

p.s. Please do not top-post. Thank you.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: NGiNX does not pass SMTP AUTH command to server?

Hi Maxim,

Thank you for your turbo-swift reply and your explanations!

NGiNX authenticates fine for IMAP and POP3. Is it not somewhat
inconsistent that it does not authenticate for SMTP? Especially as it
seems to work the second time??? If the SMTP server can take care of
authentication in the first place, would it not be a good thing to
utilise this rather than relying on an additional authentication
mechanism?

Has the patch you mention actually been put in front of the Postfix
people? I have no idea what RFCs may exist for this xclient stuff (and I
have not really been able to find anything definitive on this on the
internet), but changing the code of an MTA is something that would not
happen on a whim, I guess?

Thanks again & best regards,
Andree


On Sun, 2010-02-28 at 12:49 +0300, Maxim Dounin wrote:
> Hello!
>
> On Sun, Feb 28, 2010 at 08:02:19PM +1100, Andree Leidenfrost wrote:
>
> [...]
>
> > According to wireshark, rather than sending the AUTH command the first
> > time, nginx just sends a HELO command. The second time the AUTH command
>
> Yes, nginx doesn't pass AUTH command to backend for SMTP. You
> should configure backend to accept mail from nginx without
> authentication.
>
> [...]
>
> > I few notes on the config:
> > - I am using a trivial authentication server.
> > - I have turned ssl off for test purposes.
> > - I have turned xclient off because Postfix does not accept the xclient
> > login attribute. (I don't believe it is required?)
>
> You need postfix patched to work with nginx's xclient on.
> Patch is here:
>
> http://citrin.ru/nginx:xclient-login-patch
>
> Maxim Dounin
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx


--
Andree Leidenfrost
Sydney - Australia

Re: auth_basic password problems

Hello,
Has this problem been resolved as of 0.8.5? I tried using nginx 0.8.33 for Windows and I still cannot authenticate a user against my htpasswd file. If I put in the encrypted password string for the prompted password dialogue, I can login but if I type the actual password that was used to create the encrypted string, it always fails. I have tried using a password created with DES and SHA1 and I cannot login unless I type the actual encrypted string e.g. r4ixdoKOMe0Js. Please let me know if this has been implemented. If not, I guess I will just put the unencrypted password string in my htpasswd so that I can authenticate!

Thanks.
JB

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4063,58189#msg-58189


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: NGiNX does not pass SMTP AUTH command to server?

Hello!

On Sun, Feb 28, 2010 at 08:02:19PM +1100, Andree Leidenfrost wrote:

[...]

> According to wireshark, rather than sending the AUTH command the first
> time, nginx just sends a HELO command. The second time the AUTH command

Yes, nginx doesn't pass AUTH command to backend for SMTP. You
should configure backend to accept mail from nginx without
authentication.

[...]

> I few notes on the config:
> - I am using a trivial authentication server.
> - I have turned ssl off for test purposes.
> - I have turned xclient off because Postfix does not accept the xclient
> login attribute. (I don't believe it is required?)

You need postfix patched to work with nginx's xclient on.
Patch is here:

http://citrin.ru/nginx:xclient-login-patch

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

NGiNX does not pass SMTP AUTH command to server?

Dear all,

I am by no means an experienced nginx user, but I have nginx working for
HTTP & IMAP and am now trying to add SMTP to the mix.

I require authentication for the SMTP server and am experiencing a
problem in that the first AUTH command that comes from the client does
not get passed through to the server by nginx; only the second one does.
Here is a telnet session to illustrate (an email client like Thunderbird
would of course not send the second AUTH command):

> telnet aurichvm04 465
Trying 192.168.1.154...
Connected to aurichvm04.ostfriesland.
Escape character is '^]'.
220 aurichvm04 ESMTP ready
AUTH PLAIN <base64 encoded user & password>
235 2.0.0 OK
AUTH PLAIN <base64 encoded user & password>
235 2.7.0 Authentication successful

According to wireshark, rather than sending the AUTH command the first
time, nginx just sends a HELO command. The second time the AUTH command
is issued by the client, nginx passes it through (as I would expect it
to do the first time round).

I include my nginx.conf and sites-availabe/default below. I am using the
current Debian unstable package (0.7.65-1). My server is Postfix.

I few notes on the config:
- I am using a trivial authentication server.
- I have turned ssl off for test purposes.
- I have turned xclient off because Postfix does not accept the xclient
login attribute. (I don't believe it is required?)

If you could help that would be great!

Thanks a lot & best regards,
Andree


--8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<--
nginx.conf:

user www-data;
worker_processes 1;

error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;

events {
worker_connections 1024;
}

http {
include /etc/nginx/mime.types;

access_log /var/log/nginx/access.log;

sendfile on;

keepalive_timeout 65;
tcp_nodelay on;

gzip on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";

include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}

mail {
ssl off;

ssl_certificate /etc/ssl/certs/aurichvm04.ostfriesland_cert.pem;

ssl_certificate_key /etc/ssl/private/aurichvm04.ostfriesland_key.pem;
ssl_session_timeout 5m;

server {
listen aurichvm04.ostfriesland:993;
protocol imap;

imap_capabilities "IMAP4rev1" "SORT" "THREAD=REFERENCES"
"MULTIAPPEND" "UNSELECT" "LITERAL+" "IDLE" "CHILDREN" "NAMESPACE"

proxy on;
auth_http 127.0.0.1:9000/auth-imap/;
}

server {
listen aurichvm04.ostfriesland:465;
protocol smtp;

smtp_capabilities "SIZE 10240000" "VRFY" "ETRN"
"ENHANCEDSTATUSCODES" "8BITMIME" "DSN" "AUTH PLAIN LOGIN"

proxy on;
xclient off;
auth_http 127.0.0.1:9000/auth-smtp/;
}
}


--8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<----8<--
sites-available/default:

server {
listen localhost:9000;

access_log /var/log/nginx/localhost_AUTH.access.log;

location = /auth-imap/ {
add_header Auth-Status OK;
add_header Auth-Server 192.168.1.152;
add_header Auth-Port 143;

empty_gif;
}

location = /auth-smtp/ {
add_header Auth-Status OK;
add_header Auth-Server 192.168.1.152;
add_header Auth-Port 25;

empty_gif;
}
}

server {
listen 443;
server_name aurichvm04.ostfriesland;

ssl on;

ssl_certificate /etc/ssl/certs/aurichvm04.ostfriesland_cert.pem;

ssl_certificate_key /etc/ssl/private/aurichvm04.ostfriesland_key.pem;
ssl_session_timeout 5m;


access_log /var/log/nginx/aurichvm04.ostfriesland_HTTPS.access.log;

location / {
proxy_pass http://emden3:8080;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
}
}
--
Andree Leidenfrost
Sydney - Australia

2010年2月27日星期六

Re: Do nginx do not auto differentiate the file name and directory name in the url?

Hi

You mean something like Apache's mod_dir's DirectorySlash. I've just tried and it works atomatically for me on a clean nginx install, no need to configure anything.

When you visit localhost/myweb, besides IE giving an error, does the address turn to "myweb/" or not? Is nginx correctly issuing the HTTP 301 redirect? Can you try with Firefox and the LiveHTTPHeaders extension and verify this?

Could you post your config?

Regards

El 27/02/2010, a las 10:32, ultrawind escribió:

> I 'm sorry for my bad english, i hope you can help me.
>
> I already setup the nginx and php.
>
> while i visit "http://localhost/myweb"
>
> the server return "Internet Explorer cannot display the webpage"
>
> while i visit "http://localhost/myweb/"
>
> then i can visit naturaly.
>
>
> how can i solve this problem?
>
> Should i config the nginx.conf file ?
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,57890,57890#msg-57890
>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx

--
Vicente Aguilar <bisente@bisente.com> | http://www.bisente.com


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: All domains picking same content of one site?

Hi

How have you configured virtual servers in nginx? You have to configure each domain to go to its content, if you haven't it wouldn't work. Could you post the part of your config dealing with this?

You say you're using both apache and nginx. But do they work together or you just want to have them side by side in order to compare them? In other workds, does nginx act as a proxy to apache or it works on its own?

Regards

El 28/02/2010, a las 06:01, sam77am escribió:

> Hii,
> I am running several sites at dedicated server. Earlier i was using apache only, but now i've change it to nginx and now i'm using nginx with apache.
>
> But after installing inginx, my one site is working properly, but rest all five sites picking the same data of one site.
>
> I've configured apache to port 8080 and Nginx to port 80.
>
> Please Suggest what needs to be done.
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,58161,58161#msg-58161
>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx

--
Vicente Aguilar <bisente@bisente.com> | http://www.bisente.com


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: [ANNOUNCE] auth request module

On Sun, Feb 28, 2010 at 3:00 AM, Maxim Dounin <mdounin@mdounin.ru> wrote:
> Here is auth request module, it allows authorization based on
> subrequest result.  It works at access phase and therefore may be
> nicely combined with other access modules (access, auth_basic) via
> satisfy directive.
>

This is really awesome!

But too sad the ngx_eval module can't work in subrequests itself so I
can not combine this with ngx_eval + ngx_drizzle + ngx_rds_json to do
mysql-based auth :)

It's mostly an issue in the ngx_eval, not your excellent
ngx_auth_request ;) Our ngx_srcache module will also take advantage of
subrequests to do response caching.

For now, I'm using something like this for mysql-based login and it
works on my machine [1]:

location = /auth {
default_type 'application/json';
eval_subrequest_in_memory off;
eval $res {
set_quote_sql_str $user $arg_user;
set_quote_sql_str $pass $arg_pass;
set $sql 'select count(*) res from users where name=$user
and passwd=$pass';
drizzle_query $sql;
drizzle_pass backend;
rds_json on;
rds_json_content_type application/octet-stream;
}
if ($res ~ '"res":1') {
echo "Cool! you're already logged in!";
}
if ($res !~ '"res":1') {
return 403;
}
}

where the "backend" upstream name used in the drizzle_pass directive
is defined like this:

upstream backend {
drizzle_server 127.0.0.1:3306 dbname=test
password=some_pass user=monty protocol=mysql;
drizzle_keepalive max=400 overflow=reject;
}

Then we can login the system by GET /auth?user=john&pass=some_pass.
Well, it's just a naive demonstration. Hopefully I'm not too OT :P

Cheers,
-agentzh

[1] Here we're using my fork of ngx_eval module (
http://github.com/agentzh/nginx-eval-module ) for two important
features: 1) capture outputs from arbitrary locations with output
filter support, 2) pass the parent request's query string (or "args")
into the eval block.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

All domains picking same content of one site?

Hii,
I am running several sites at dedicated server. Earlier i was using apache only, but now i've change it to nginx and now i'm using nginx with apache.

But after installing inginx, my one site is working properly, but rest all five sites picking the same data of one site.

I've configured apache to port 8080 and Nginx to port 80.

Please Suggest what needs to be done.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,58161,58161#msg-58161


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

[ANNOUNCE] auth request module

Hello!

Here is auth request module, it allows authorization based on
subrequest result. It works at access phase and therefore may be
nicely combined with other access modules (access, auth_basic) via
satisfy directive.

Example usage:

location /private/ {
auth_request /auth;
...
}

location = /auth {
proxy_pass ...
proxy_set_header X-Original-Uri $request_uri;
...
}

To allow access backend should return 200, to disable - 401/403.

Further info is here:

http://mdounin.ru/hg/ngx_http_auth_request_module/
http://mdounin.ru/files/ngx_http_auth_request-0.1.tar.gz

MD5 (ngx_http_auth_request-0.1.tar.gz) = c0ed1610097017813e6468e7cca28af7
SHA256 (ngx_http_auth_request-0.1.tar.gz) = ccaafc2afa4b4c98dc2b7555fc61774cfbd4f98edca87eb172ae3ec36a49f263

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Do nginx do not auto differentiate the file name and directory name in the url?

On Sat, Feb 27, 2010 at 4:32 PM, ultrawind <nginx-forum@nginx.us> wrote:
> I 'm sorry for my bad english, i hope you can help me.
>
> I already setup the nginx and php.
>
> while i visit "http://localhost/myweb"
>
> the server return "Internet Explorer cannot display the webpage"
>
> while i visit "http://localhost/myweb/"
>
> then i can visit naturaly.
>
>
> how can i solve this problem?
>
> Should i config the nginx.conf file ?
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,57890,57890#msg-57890
>
>

please post your config


--
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: When will mod_auth_mysql in nginx will be available?

Hello!

On Sat, Feb 27, 2010 at 01:54:36AM +0100, Steve wrote:

[...]

> Why not using ngx_http_auth_pam_module
> (http://web.iti.upv.es/~sto/nginx/)? I am using it since long
> time to authenticate against MySQL and against PostgreSQL
> without any issues so far.

PAM is blocking.

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Do nginx do not auto differentiate the file name and directory name in the url?

I 'm sorry for my bad english, i hope you can help me.

I already setup the nginx and php.

while i visit "http://localhost/myweb"

the server return "Internet Explorer cannot display the webpage"

while i visit "http://localhost/myweb/"

then i can visit naturaly.


how can i solve this problem?

Should i config the nginx.conf file ?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,57890,57890#msg-57890


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

2010年2月26日星期五

Re: How to log POST data?

On Sat, Feb 27, 2010 at 03:39, agentzh <agentzh@gmail.com> wrote:
> Try using the $request_body variable?
>
>    http://wiki.nginx.org/NginxHttpCoreModule#.24request_body
>
> It has some limitations though ;)

Meaning you'd have to get the data only until the first \n? Kind of
overkill, no?

--
() ascii-rubanda kampajno - kontraŭ html-a retpoŝto
/\ ascii ribbon campaign - against html e-mail

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: When will mod_auth_mysql in nginx will be available?

On Sat, Feb 27, 2010 at 9:21 AM, Steve <steeeeeveee@gmx.net> wrote:
>
> IMHO Igor would not mind if YOU or ANY one else here requesting pluggable modules would send him a patch enabling that in nginx.
>

Yeah, it's been an important item on our TODO list for long. Static
linking does not work very well for RPM/etc packaging in a corporation
environment.

Cheers,
-agentzh

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: When will mod_auth_mysql in nginx will be available?

On Sat, Feb 27, 2010 at 8:25 AM, lhmwzy <lhmwzy@gmail.com> wrote:
> I see the post:
>
> Posted by Igor Sysoev (Guest)
> on 16.03.2009 13:40
> (Received via mailing list)
>
> On Mon, Mar 16, 2009 at 01:19:20PM +0100, Manlio Perillo wrote:
>
>> Written from scratch, implementing the MySQL wire protocol?
> Yes.
>
>> By the way, after having implemented a pure PostgreSQL client in Python,
>> I tried to do the same with MySQL; but protocol design is very bad,
>> compared to PostgreSQL, so I gave up; it does not make sense to waste
>> time with MySQL, IMHO,
>
> It's already wasted :). The reamining part is parsing mysql response.
>

I'm not sure if our ngx_drizzle[1] module will help you to talk to
mysql (clusters) from within nginx in this context. We're already
using ngx_drizzle + mysql to do simple password login for our
application. 100% nginx config scripting.

Cheers,
-agentzh

[1] http://github.com/chaoslawful/drizzle-nginx-module

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: How to log POST data?

On Sat, Feb 27, 2010 at 3:01 AM, Liu Yan <gzbigegg.ml@gmail.com> wrote:
>
> hi Group,
> First time to post here, nice to meet you guys.
> How to configure log POST data in Nginx? Need any 3rd party module to achieve this?

Try using the $request_body variable?

http://wiki.nginx.org/NginxHttpCoreModule#.24request_body

It has some limitations though ;)

Cheers,
-agentzh

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: When will mod_auth_mysql in nginx will be available?

Can it be run with lastest 0.8.33?

2010/2/27 Steve <steeeeeveee@gmx.net>:
>
> -------- Original-Nachricht --------
>> Datum: Sat, 27 Feb 2010 08:25:25 +0800
>> Von: lhmwzy <lhmwzy@gmail.com>
>> An: nginx@nginx.org
>> Betreff: When will mod_auth_mysql in nginx will be available?
>
>> I see the post:
>>
>> Posted by Igor Sysoev (Guest)
>> on 16.03.2009 13:40
>> (Received via mailing list)
>>
>> On Mon, Mar 16, 2009 at 01:19:20PM +0100, Manlio Perillo wrote:
>>
>> > Written from scratch, implementing the MySQL wire protocol?
>> Yes.
>>
>> > By the way, after having implemented a pure PostgreSQL client in Python,
>> > I tried to do the same with MySQL; but protocol design is very bad,
>> > compared to PostgreSQL, so I gave up; it does not make sense to waste
>> > time with MySQL, IMHO,
>>
>> It's already wasted :). The reamining part is parsing mysql response.
>>
> Why not using ngx_http_auth_pam_module (http://web.iti.upv.es/~sto/nginx/)? I am using it since long time to authenticate against MySQL and against PostgreSQL without any issues so far.
>
>
>> _______________________________________________
>> nginx mailing list
>> nginx@nginx.org
>> http://nginx.org/mailman/listinfo/nginx
>
> --
> Sicherer, schneller und einfacher. Die aktuellen Internet-Browser -
> jetzt kostenlos herunterladen! http://portal.gmx.net/de/go/atbrowser
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx
>

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Introducing backend healthchecking plugin

I've written a plugin that can health check nginx backends, which everyone is free to use. This is similar to the healthchecking features that varnish and haproxy support. Here's a sample config[1] just to give you an idea, that uses the upstream_hash plugin. You can get the code here [2] and an example of how to patch upstream_hash here [3]. The plugin is actually an optional feature that other upstream plugins, like upstream fair or iphash for example, can plug into and use. To use it, their code needs to be modified to also check the health of the backend.

This plugin is super beta, so please be careful. Feedback/patches welcome.


[1]
  upstream test_upstreams {
    server localhost:11114;
    server localhost:11115;

    hash $filename;
    hash_again 10;
    healthcheck_enabled;
    healthcheck_delay 1000;
    healthcheck_timeout 1000;
    healthcheck_failcount 1;
    healthcheck_expected 'I_AM_ALIVE';
    healthcheck_send "GET /health HTTP/1.1" 'Host: www.mysite.com' 'Connection: close';
  }

[2]
http://github.com/cep21/healthcheck_nginx_upstreams
[3]
http://github.com/cep21/nginx_upstream_hash/tree/support_http_healthchecks


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: When will mod_auth_mysql in nginx will be available?

-------- Original-Nachricht --------
> Datum: Fri, 26 Feb 2010 17:00:37 -0800
> Von: Michael Shadle <mike503@gmail.com>
> An: nginx@nginx.org
> Betreff: Re: When will mod_auth_mysql in nginx will be available?

> On Fri, Feb 26, 2010 at 4:54 PM, Steve <steeeeeveee@gmx.net> wrote:
> > Why not using ngx_http_auth_pam_module
> (http://web.iti.upv.es/~sto/nginx/)? I am using it since long time to authenticate against MySQL and against
> PostgreSQL without any issues so far.
>
> Best question: when will nginx support pluggable modules and not
> require them at compile time? :)
>
Best response: when we (the community) help Igor and the other nginx developers changing the source code to support that.


IMHO Igor would not mind if YOU or ANY one else here requesting pluggable modules would send him a patch enabling that in nginx.

> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx

--
Sicherer, schneller und einfacher. Die aktuellen Internet-Browser -
jetzt kostenlos herunterladen! http://portal.gmx.net/de/go/chbrowser

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: When will mod_auth_mysql in nginx will be available?

On Fri, Feb 26, 2010 at 4:54 PM, Steve <steeeeeveee@gmx.net> wrote:
> Why not using ngx_http_auth_pam_module (http://web.iti.upv.es/~sto/nginx/)? I am using it since long time to authenticate against MySQL and against PostgreSQL without any issues so far.

Best question: when will nginx support pluggable modules and not
require them at compile time? :)

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: When will mod_auth_mysql in nginx will be available?

-------- Original-Nachricht --------
> Datum: Sat, 27 Feb 2010 08:25:25 +0800
> Von: lhmwzy <lhmwzy@gmail.com>
> An: nginx@nginx.org
> Betreff: When will mod_auth_mysql in nginx will be available?

> I see the post:
>
> Posted by Igor Sysoev (Guest)
> on 16.03.2009 13:40
> (Received via mailing list)
>
> On Mon, Mar 16, 2009 at 01:19:20PM +0100, Manlio Perillo wrote:
>
> > Written from scratch, implementing the MySQL wire protocol?
> Yes.
>
> > By the way, after having implemented a pure PostgreSQL client in Python,
> > I tried to do the same with MySQL; but protocol design is very bad,
> > compared to PostgreSQL, so I gave up; it does not make sense to waste
> > time with MySQL, IMHO,
>
> It's already wasted :). The reamining part is parsing mysql response.
>
Why not using ngx_http_auth_pam_module (http://web.iti.upv.es/~sto/nginx/)? I am using it since long time to authenticate against MySQL and against PostgreSQL without any issues so far.


> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx

--
Sicherer, schneller und einfacher. Die aktuellen Internet-Browser -
jetzt kostenlos herunterladen! http://portal.gmx.net/de/go/atbrowser

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

When will mod_auth_mysql in nginx will be available?

I see the post:

Posted by Igor Sysoev (Guest)
on 16.03.2009 13:40
(Received via mailing list)

On Mon, Mar 16, 2009 at 01:19:20PM +0100, Manlio Perillo wrote:

> Written from scratch, implementing the MySQL wire protocol?
Yes.

> By the way, after having implemented a pure PostgreSQL client in Python,
> I tried to do the same with MySQL; but protocol design is very bad,
> compared to PostgreSQL, so I gave up; it does not make sense to waste
> time with MySQL, IMHO,

It's already wasted :). The reamining part is parsing mysql response.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Does Nginx's proxy cache support any kind of cache validation?

Hey guys,

I have been playing with proxy cache, works well enough except for one issue.

My pages are localized (but use the same standard URL) and with other systems I can use either the vary or etag header to notify the cache of either updated content or simply a different version to serve. Nginx doesn't seem to be paying any attention to the etag so is this possible to with Nginx right now in any capacity?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,57772,57772#msg-57772


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: ngnix para kumbiaphp bajo linux rewrite

On Fri, Feb 26, 2010 at 09:51:56PM +0100, José Alberto wrote:

> Alquien sabe como poner:
>
> url.rewrite += ( "^/kumbiaphp/$" => "/kumbiaphp/app/public/" )
> url.rewrite += ( "^/kumbiaphp/([^\.]*)$" =>
> "/kumbiaphp/app/public/index.php?url=/$1" )
> url.rewrite += ( "^/kumbiaphp/(.+)$" => "/kumbiaphp/app/public/$1" )
>
> De tal modo que lo entienda ngnix¿?

This is English only mailing list.

As to your question, probably you need something liek this:

location /kumbiaphp/ {
alias /kumbiaphp/app/public/;
}

location ~ ^/kumbiaphp(/[^\.]+)$ {
fastcgi_pass ...
fastcgi_param SCRIPT_FILENAME /kumbiaphp/app/public/index.php;
fastcgi_param QUERY_STRING url=$1;
# other fastcgi params
}


--
Igor Sysoev
http://sysoev.ru/en/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: nginx cache as reverse proxy.

On Fri, Feb 26, 2010 at 11:32:16AM -0600, David Taveras wrote:

> Hello,
>
> I would like to know if I dont set any time in proxy_cache_valid ,
> will nginx base the amount of time it should cache a file from the
> proxied server response header "Expires Cache-Control" ?

Yes, nginx chooses cache time in the following order:
1) X-Accel-Expires header
2) Expires/Cache-Control headers
3) proxy_cache_valid directive

> Also, once I have this set does turning on the cache mean that if
> gifs/jpgs/txt/html files have a long expiry period of time in them
> from the proxied server .. does that mean that nginx will make ZERO
> requests to that server.. or would it still have ti fetch the HEADER
> of those files every time just to check if it has changed?

Zero requests.

> Objective:
> Trying to configure the cache on nginx to read the png/gif/html/txt
> header once and NOT many ANY rquest to the backend server for that
> file (not even a head request) for the time being the Cache Expire
> control for that particular file is valid.


--
Igor Sysoev
http://sysoev.ru/en/

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

what could prevent gzip_comp_level from chaning?

Hi all,

According to yslow I seem to get the exact same size gzipped version of
the page no matter what I set gzip_comp_level to. Does anyone know why
that might be the case? This is for the page html (generated by
mongrel) so not static content and I've checked a couple of different
pages (some several hundred kb in size where I'd expect to see some
difference) restarting nginx each time I changed the config file. I've
included the output of nginx -V and the relevant portion of the nginx
config below.

Thanks

http {
...
# gzip settings - compression saves bandwidth, 256 * 16 => 4mb max
compressed
# file size (actual max? seem like it streams through and still
compresses
# even when doesn't fit as we used to have this much smaller and it
didn't
# seem to prevent large pages from getting gzipped...)
gzip on;
gzip_min_length 512;
gzip_buffers 256 16k;
# FIXME - good compression level? Tradeoff of servertime/serverload
vs.
# bandwidth/downloadtime
gzip_comp_level 6;
gzip_proxied any;
# note that text/html is always gzipped
gzip_types text/plain text/css application/x-javascript
application/xml+rss text/javascript;
# with gzip_static on we can pre-compress our static files rather then
# recompressing them over and over again on the fly. All we need is
.gz
# versions of the files in the same locations with identical
timestamps.
gzip_static on;
# FIXME - I'm not sure if we should be setting these or not, for now
assume
# defaults are reasonable
#gzip_http_version
#gzip_vary

# Response Buffers - buffers requests from the servers to the client
# (freeing up the servers from slow clients). On by default but we
# reiterate for clarity.
# 1024 * 16kb => 16mb max memory bufferable request response size.
proxy_buffering on;
proxy_buffers 1024 16k;
# initial buffer size
proxy_buffer_size 8k;
# disable buffering to disk if response size exceeds proxy_buffers (so
will
# stream from mongrel if memory size is exceeded), if non-zero this is
the
# max size that will be buffered to disk
# FIXME - we've made the memory cache size gigantic to compensate
(since we
# do still rarely serve very, very large pages).
proxy_max_temp_file_size 0;


$ nginx -V
nginx version: nginx/0.7.65
built by gcc 4.2.4 (Ubuntu 4.2.4-1ubuntu4)
TLS SNI support disabled
configure arguments: --prefix=/usr/local/pkg/nginx-0.7.65
--with-md5=/usr/lib --http-log-path=/var/log/nginx/nginx_access.log
--error-log-path=/var/log/nginx/nginx_error.log --with-http_ssl_module
--with-http_flv_module --with-http_sub_module --user=www-data
--group=www-data --pid-path=/var/run/nginx.pid
--conf-path=/etc/nginx/nginx.conf --with-http_gzip_static_module

$ sudo nginx -t
the configuration file /etc/nginx/nginx.conf syntax is ok
configuration file /etc/nginx/nginx.conf test is successful
--
Posted via http://www.ruby-forum.com/.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

ngnix para kumbiaphp bajo linux rewrite

Alquien sabe como poner:
  url.rewrite  += ( "^/kumbiaphp/$"     => "/kumbiaphp/app/public/" )  url.rewrite  += ( "^/kumbiaphp/([^\.]*)$"  => "/kumbiaphp/app/public/index.php?url=/$1" )  url.rewrite  += ( "^/kumbiaphp/(.+)$"  => "/kumbiaphp/app/public/$1" )
 De tal modo que lo entienda ngnix¿?

Re: Lots of CLOSE_WAIT sockets, nginx+php (WordPress site)

Hi

> I'll tell you when I find out what the cause of the problem was, just for the sake of having it documented and showing up on Google in case somebody else hits the same issue. :-)


I *think* I might have found what's going on:

On my blog I have some sample scripts for running several servers with daemontools, and some of them are browsable (autoindex on) with the full daemontools directories structure. If you've worked with daemontools you'll know it uses some named pipes (fifos) ... :)

I've tracked several different processes with sockets on CLOSE_WAIT on the debug log and the last line of all of them was accessing one of these fifos. I've tried requesting those files on a freshly restarted nginx and have reproduced the issue: each GET to one of the fifos always produced one or sometimes two CLOSE_WAIT sockets. So in the end it seems it had nothing to do with PHP.

I've removed all the fifos from my site and will keep running nginx 0.6.32 during the weekend. If I have no more issues (I'm pretty confident now I won't), on monday I'll go back to my patched 0.7.65.

Configuring the debug log has been crucial here. Thanks for that tip, Maxim. :)

On a side note: while I agree this was my fault (I should'n have had those "empty" pipes there on the first place), neither Apache nor lighttpd had any problems with this. Or maybe they had but some internal process-cleaning was in place and these stuck processes were being silently killed, I don't know. In any case as I've stated before, I think the problem is not really nginx but the fifos that shouldn't be there.

Regards

--
Vicente Aguilar <bisente@bisente.com> | http://www.bisente.com


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

How to log POST data?

hi Group,

First time to post here, nice to meet you guys.

How to configure log POST data in Nginx? Need any 3rd party module to achieve this?

Regards,
Yan

nginx cache as reverse proxy.

Hello,

I would like to know if I dont set any time in proxy_cache_valid ,
will nginx base the amount of time it should cache a file from the
proxied server response header "Expires Cache-Control" ?

Also, once I have this set does turning on the cache mean that if
gifs/jpgs/txt/html files have a long expiry period of time in them
from the proxied server .. does that mean that nginx will make ZERO
requests to that server.. or would it still have ti fetch the HEADER
of those files every time just to check if it has changed?

Objective:
Trying to configure the cache on nginx to read the png/gif/html/txt
header once and NOT many ANY rquest to the backend server for that
file (not even a head request) for the time being the Cache Expire
control for that particular file is valid.

Thanks

Andres

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: NginxHttpUploadProgressModule received and size are the same

Hi,

On Fri, 2010-02-26 at 08:53 -0500, fredanthony wrote:
> Hi, I am having a weird issue. It seems I have everything up and working with the NginxHttpUploadProgressModule, however, when I upload a file and attempt to track the progress I get the expected response but the received is the same as the size:
>
> new Object({ 'state' : 'starting' })
> new Object({ 'state' : 'uploading', 'received' : 4505554, 'size' : 4505554 })
> new Object({ 'state' : 'uploading', 'received' : 4505554, 'size' : 4505554 })
> new Object({ 'state' : 'uploading', 'received' : 4505554, 'size' : 4505554 })
> new Object({ 'state' : 'uploading', 'received' : 4505554, 'size' : 4505554 })
> new Object({ 'state' : 'uploading', 'received' : 4505554, 'size' : 4505554 })
> new Object({ 'state' : 'done' })
>
> Notice its does send back done when completed. Any ideas on a possible cause? Thanks.

The usual issue when having those symptoms is that your upload actually
finished before the first upload progress probe could even reach the
server.
People usually test the upload on localhost, but nowadays localhost is
so fast that 4MiB are uploaded in less than 1 second...
To actually see something:
* either throttle your upload
or
* upload something really large (ie > 1GiB).

Compile nginx --with-debug and look to the debug log, you'll certainly
see that the upload was finished before your client sent the upload
progress probe.

If not, then please open an issue here:
http://github.com/masterzen/nginx-upload-progress-module/issues

Check issue #3 for more information:
http://github.com/masterzen/nginx-upload-progress-module/issues/closed#issue/3
--
Brice Figureau
My Blog: http://www.masterzen.fr/


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Serving jekyll generated site

My bad:

server {
listen 80;
root /whatever/path;

location /blog {
root /var/www/blog;
index index.html index.htm;
}
}

--
Posted via http://www.ruby-forum.com/.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Nginx + Php-fpm

Yes I'm sinful to use php, but for those rare occasions where I can't do
without it, Nginx + Php-fpm does a fantastic job. And it's easy to
install, configure, compile, etc.

I'm pleased to have completely removed Apache from my servers.
--
Posted via http://www.ruby-forum.com/.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Serving jekyll generated site

> This is my nginx setup:
>
> location / {
> alias /var/www/blog/;
> }
>
> location /blog {
> root /var/www;
> index index.html index.htm;
> }
>

Your config file is incorrect.

I would do something like:

server {
listen 80;

location / {
root /var/www/blog;
index index.html index.htm;
}
}
--
Posted via http://www.ruby-forum.com/.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

NginxHttpUploadProgressModule received and size are the same

Hi, I am having a weird issue. It seems I have everything up and working with the NginxHttpUploadProgressModule, however, when I upload a file and attempt to track the progress I get the expected response but the received is the same as the size:

new Object({ 'state' : 'starting' })
new Object({ 'state' : 'uploading', 'received' : 4505554, 'size' : 4505554 })
new Object({ 'state' : 'uploading', 'received' : 4505554, 'size' : 4505554 })
new Object({ 'state' : 'uploading', 'received' : 4505554, 'size' : 4505554 })
new Object({ 'state' : 'uploading', 'received' : 4505554, 'size' : 4505554 })
new Object({ 'state' : 'uploading', 'received' : 4505554, 'size' : 4505554 })
new Object({ 'state' : 'done' })

Notice its does send back done when completed. Any ideas on a possible cause? Thanks.

Fred.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,57580,57580#msg-57580


_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Embed Nginx as a static library with C++ application

rahul123 ha scritto:
> Hi,
>
> I wish to embed Nginx as a static library with my C++ application. Whether Nginx will support work on both Windows and Linux. I tried to download the Nginx source and I can only Nginx.exe and have steps to run that exe. I have also tried to download the Nginx source files from a tar file and face some compilation issues in Windows OS.
>
> I dont want to use such applications like FastCGI with Nginx. I wish to just embed as a static library in my cpp application and wish to call from my c++ itself. Is it possible?
>

Nginx is a server.
It's usually the server that embeds application code.


Manlio

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Lots of CLOSE_WAIT sockets, nginx+php (WordPress site)

HI

Not sure if this could be related to the event module as Benjamin suggested. I'm using the default one (nothing on nginx.conf), I've tried to change it but nginx always failed to start. I'm not sure which ones are compiled in ATM, will try to find that out today.

Using the epoll event module with both nginx 0.6.32 and 0.7.65. No other event modules compiled in.

BTW the server is an Amazon EC2 instance, not sure if that might affect things or if in this case some event module is better than other. :-?

Regards

-- 

2010年2月25日星期四

Re: Lots of CLOSE_WAIT sockets, nginx+php (WordPress site)

Hi

Note well 2: I've already asked you to try compiling without third
party modules and patches and check if you are able to reproduce
the problem.  It doesn't really make sense to proceed any further
without doing this.

I've gone back to the original Debian Lenny package (0.6.32-3+lenny3, I was using a patched 0.7.65) and in ~14h have had no issues at all, 0 sockets in the CLOSE_WAIT state. 

I'm going to leave it like this the whole weekend and see, but it seems there was some issue with the 0.7 release or some of the patches I was using. Funny thing is, I'm using that same binary at work but with Tomcat instead of PHP and had no issues at all. Anyway, next week I'll upgrade patch by patch and try to guess which one was causing the problem.

Not sure if this could be related to the event module as Benjamin suggested. I'm using the default one (nothing on nginx.conf), I've tried to change it but nginx always failed to start. I'm not sure which ones are compiled in ATM, will try to find that out today.

I'll tell you when I find out what the cause of the problem was, just for the sake of having it documented and showing up on Google in case somebody else hits the same issue. :-)

Thanks again

-- 

Re: POST Requests and Proxy Behavior

Hi Andy,

It looks like a problem I have with my reverse proxy setup.
I was able to correct it by setting the Host HTTP header to the proxy
request with "proxy_set_header Host $http_host;" just before proxy_pass.

Hope this helps!
GFK's

Andy Madsen a écrit :
> Hi Everyone:
>
> I have a two webservers running nginx behind a load balancer. These
> two webservers are proxying SSL content from an app server on the LAN
> address that is not on the load balancer. Configuration is below:
>
> ==================================================
> server {
> listen 443;
> server_name some.domain.com;
>
> ssl on;
> ssl_certificate /path/to/some_cert.pem;
> ssl_certificate_key /path/to/some_key.pem;
>
> access_log /var/log/httpd/nginx_ssl_access_log main;
> #access_log off;
> error_log /var/log/httpd/nginx_ssl_error_log;
>
> charset utf-8;
>
> location / {
>
> if (-f $request_filename) {
> expires max;
> break;
> }
>
> if ($request_filename !~ "\.(js|htc|ico|gif|jpg|png|css)$") {
> proxy_pass https://192.168.2.1;
> }
> }
>
> }
> =================================================
>
>
> This works very well for all GET requests, but if I try to post from a
> non-ssl machine to the load balancer, the proxy tries to serve a file
> using the LAN address, and obviously fails at https://192.168.2.1. Is
> there something I'm missing in the reverse proxy for a POST request in
> my configuration? I haven't been able to find any specific
> documentation about why a POST wouldn't work, and GET would.
>
> NGINX is great!
>
> Thanks
> Andy
>
>
>
> _______________________________________________
> nginx mailing list
> nginx@nginx.org
> http://nginx.org/mailman/listinfo/nginx

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: ip_hash clarification

On Thu, Feb 25, 2010 at 11:40 AM, J M <jerome.m@gmail.com> wrote:
> Hi,
>
>    i need details regarding ip_hash...
>
>   if i have client IP1: 192.168.1.1 and client IP2: 192.168.1.2
>
> and I have 2 servers on the upstream.. s1 and s1.. with IP_Hash configured
>
>
> if client IP1 accesses the site it will go to lets say S1 would it actually
> mean that the next request coming from a new client IP Client2.. will it go
> to s2?
>

I believe ip_hash uses only the "Class C" part of the address. This is
so people with firewalls that have them "hop" IP addressess still get
directed to the same back-end. So since both clients are coming from
192.168.1.XXX, nginx will direct them to the same back-end server.

I was actually considering a patch to make this configurable a few
moths ago, but we decided to go with session replication on our
back-ends instead, so I stopped looking into it.

For testing, you could put a client on 192.168.2.XXX to see the
desired behavior.

--
RPM

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: reverse proxy_

On Wed, Feb 24, 2010 at 3:20 AM, Fredrik Widlund
<fredrik.widlund@qbrick.com> wrote:
> Why is this not doable? I'm even considering adding support for this myself into Nginx, since we really need it and also since it seemed kind of natural?
>
> This could of course be an optional feature, but it would be interesting to know what this breaks?

I agree... this shouldn't be impossible by any stretch. Squid seems to
handle this scenrio just fine, and the Cache-Control infrastructure of
HTTP/1.1 was designed explicitly to enable this behavior.

What is the scnario that doesn't work for this?
--
RPM

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

ip_hash clarification

Hi,

   i need details regarding ip_hash...

  if i have client IP1: 192.168.1.1 and client IP2: 192.168.1.2
  
and I have 2 servers on the upstream.. s1 and s1.. with IP_Hash configured


if client IP1 accesses the site it will go to lets say S1 would it actually mean that the next request coming from a new client IP Client2.. will it go to s2?


finally how do they compute where to throw the request..


tia,

Re: question about access_log buffer size



2010/2/25 Igor Sysoev <igor@sysoev.ru>
On Thu, Feb 25, 2010 at 01:16:04PM +0800, yong xue wrote:

> The *access_log* directive sets the path, format and buffer size for the
> access log file. Using "off" as the only parameter clears all
> *access_log* directives
> for the current level. If the format is not indicated, it defaults to
> "combined" <http://wiki.nginx.org/NginxHttpLogModule#log_format_combined>.
> The size of buffer must not exceed the size of the atomic record for writing
> into the disk file. This size is not limited for FreeBSD 3.0-6.0.
>
> this is quoted from wiki.nginx.org.
> My server is running linux 2.6.16.
> I dont know the size of the atomic record for writing into the disk file.
> Can somebody help me?
>
> I googled, but cannot make sure that  the linux write system call is atomic.

Linux shell ensure atomic write for PIP_BUF, i.e. 4K. However, I believe
this value is much more for regular files, so you may try to set 32k.


thanks.

so the size depends on the implementation. And the access log is not much serious. 
I will do some reading on the kernel later if i have time. 


--
Best Regards,

薛 勇

QQ:312200

e-mail:ultraice@gmail.com
MSN:it@easy-boarding.com

Re: Lots of CLOSE_WAIT sockets, nginx+php (WordPress site)

Vicente Aguilar a écrit :

> tcp 324 0 10.10.10.10:80 66.249.68.247:36979
> ESTABLISHED -
> tcp 113 0 127.0.0.1:80 127.0.0.1:39229
> CLOSE_WAIT -
> tcp 335 0 10.10.10.10:80 65.55.207.102:47057
> ESTABLISHED -
> tcp 116 0 10.10.10.10:80 83.170.113.102:60149
> ESTABLISHED -
> tcp 413 0 10.10.10.10:80 81.52.143.26:51658
> CLOSE_WAIT -
> tcp 117 0 10.10.10.10:80 83.170.113.102:56117
> CLOSE_WAIT -

Out of curiosity, did you try switching the event module to
anything but the default (epoll) ?
ie. something like:
events {
use select;
}

The accumulating non-empty Recv-Qs and the pending CLOSE_WAITs (ie.
close() never triggered on server side) behaviors are typical
symptoms for races conditions when using an edge-triggered I/O
interface...

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx

Re: Lots of CLOSE_WAIT sockets, nginx+php (WordPress site)

Hi

From the output you provided it looks like all nginx workers are
locked out, either doing something or waiting for some system
resources.  As you can see - all connections accepted by nginx (6
connections which have nginx process listed in pid column) are in
CLOSE_WAIT state, and there are other connections to port 80 which
are sitting in listen queue.  Am I right in the assumption that
nginx does not answer any requests?

Yes, that's the issue. nginx becomes unresponsive at this point until I restart it.

Note well: you haven't posted full config you use, so please check
yourself for possible loops in it.  I've recently posted some
patches which take care of several loops which aren't automatically
resolved now, see here for patch and example loops:

http://nginx.org/pipermail/nginx-devel/2010-January/000099.html

It should be trivial to find if it's the cause though, as nginx
worker will eat 100% cpu once caught in such loop.

I have a monitoring script that detects these situations (wget can't download from localhost with a 20s timeout) and restarts nginx, but before that it captures a netstat -nap, ps and other system metrics. This is an example of what ps shows:

www-data 24610  0.0  0.1   7476  2452 ?        S    07:44   0:00 nginx: worker process
www-data 24611  0.0  0.1   7668  2412 ?        S    07:44   0:00 nginx: worker process
www-data 24612  0.0  0.1   7668  2416 ?        S    07:44   0:00 nginx: worker process
www-data 24613  0.0  0.1   7736  2624 ?        S    07:44   0:00 nginx: worker process

And vmstat:

procs -----------memory---------- ---swap-- -----io---- -system-- ----cpu----
 r  b   swpd   free   buff  cache   si   so    bi    bo   in   cs us sy id wa
 2  0    440 157012 181076 1180340    0    0     2    32   27   46  2  0 95  0
 0  0    440 156904 181076 1180340    0    0     0     0   26   28  2  0 94  0
 0  0    440 156888 181076 1180348    0    0     0     0   13   24  0  0 100  0
 0  0    440 156888 181076 1180348    0    0     0     0   12   21  0  0 100  0
 0  0    440 156888 181080 1180348    0    0     0   128   22   34  0  0 99  1

So the nginx processes don't seem to be in a loop, CPU use is negligible.

Note well 2: I've already asked you to try compiling without third
party modules and patches and check if you are able to reproduce
the problem.  It doesn't really make sense to proceed any further
without doing this.

I have to admit I still haven't tried this, sorry. :) Will try.

You have to enable debug log (see
http://nginx.org/en/docs/debugging_log.html).  Then it will be
possible to map fd number to the particular request (and it's full
logs).  Under linux it should be possible to find out fd number of
the particular connection via lsof -p <pid-of-nginx-worker>.

Will look into this too and get that info on the monitoring script. Can you think of any other system parameter that can be useful to monitor in these cases?

Thanks a lot Maxim. You're being really helpful. :-)

Regards

-- 

Re: Lots of CLOSE_WAIT sockets, nginx+php (WordPress site)

Hello!

On Thu, Feb 25, 2010 at 10:11:23AM +0100, Vicente Aguilar wrote:

> Hi
>
> > There will be another connection between nginx and php, but it
> > will be live (in ESTABLISHED state). It will wait for php to
> > finish request processing and sending response back to nginx.
> > Once php is done - nginx will close both nginx-php and
> > client-nginx connections.
>
>
> That's what I though, but I've got no nginx-php connections in ESTABLISHED mode when a client-nginx connection goes to CLOSE_WAIT.
>
> This is what I get now on a netstat -nap:
>
> Active Internet connections (servers and established)
> Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
> tcp 0 0 127.0.0.1:9000 0.0.0.0:* LISTEN 13040/php5-fpm
> tcp 0 0 127.0.0.1:3306 0.0.0.0:* LISTEN 6731/mysqld
> tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 16936/nginx
> tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 881/sshd
> tcp 0 0 127.0.0.1:25 0.0.0.0:* LISTEN 1416/exim4
> tcp 324 0 10.10.10.10:80 66.249.68.247:36979 ESTABLISHED -
> tcp 113 0 127.0.0.1:80 127.0.0.1:39229 CLOSE_WAIT -
> tcp 335 0 10.10.10.10:80 65.55.207.102:47057 ESTABLISHED -
> tcp 116 0 10.10.10.10:80 83.170.113.102:60149 ESTABLISHED -
> tcp 413 0 10.10.10.10:80 81.52.143.26:51658 CLOSE_WAIT -
> tcp 117 0 10.10.10.10:80 83.170.113.102:56117 CLOSE_WAIT -
> tcp 1 0 10.10.10.10:80 66.249.68.247:62666 CLOSE_WAIT 16940/nginx: worker
> tcp 1 0 10.10.10.10:80 66.249.68.247:37085 CLOSE_WAIT 16939/nginx: worker
> tcp 1 0 10.10.10.10:80 66.249.68.247:51700 CLOSE_WAIT 16938/nginx: worker
> tcp 1 0 10.10.10.10:80 67.195.115.83:53503 CLOSE_WAIT 16937/nginx: worker
> tcp 117 0 10.10.10.10:80 74.52.50.50:52833 CLOSE_WAIT -
> tcp 483 0 10.10.10.10:80 213.171.250.126:35648 ESTABLISHED -
> tcp 0 288 10.10.10.10:22 193.145.230.6:50184 ESTABLISHED 17110/0
> tcp 1 0 10.10.10.10:80 87.68.237.93:51575 CLOSE_WAIT 16939/nginx: worker
> tcp 244 0 10.10.10.10:80 123.125.66.48:22675 CLOSE_WAIT -
> tcp 1 0 10.10.10.10:80 193.145.230.6:50134 CLOSE_WAIT 16938/nginx: worker
> tcp 116 0 10.10.10.10:80 74.52.50.50:55178 ESTABLISHED -
> tcp6 0 0 :::22 :::* LISTEN 881/sshd
> udp 0 0 10.10.10.10:53 0.0.0.0:* 1515/tinydns
> udp 0 0 0.0.0.0:68 0.0.0.0:* 769/dhclient3
> Active UNIX domain sockets (servers and established)
> Proto RefCnt Flags Type State I-Node PID/Program name Path
> unix 2 [ ACC ] STREAM LISTENING 481377 6731/mysqld /var/run/mysqld/mysqld.sock
> unix 3 [ ] DGRAM 601444 867/rsyslogd /dev/log
> unix 2 [ ] DGRAM 673 298/udevd @/org/kernel/udev/udevd
> unix 2 [ ] DGRAM 611850 17110/0
> unix 3 [ ] STREAM CONNECTED 609800 16936/nginx
> unix 3 [ ] STREAM CONNECTED 609799 16936/nginx
> unix 3 [ ] STREAM CONNECTED 609797 16936/nginx
> unix 3 [ ] STREAM CONNECTED 609796 16936/nginx
> unix 3 [ ] STREAM CONNECTED 609794 16936/nginx
> unix 3 [ ] STREAM CONNECTED 609793 16936/nginx
> unix 3 [ ] STREAM CONNECTED 609791 16936/nginx
> unix 3 [ ] STREAM CONNECTED 609790 16936/nginx
> unix 2 [ ] DGRAM 533124 769/dhclient3
> unix 2 [ ] DGRAM 481379 6735/logger
> unix 3 [ ] STREAM CONNECTED 324617 27662/php5-fpm
> unix 3 [ ] STREAM CONNECTED 324616 27662/php5-fpm
> unix 3 [ ] STREAM CONNECTED 324613 27662/php5-fpm
> unix 3 [ ] STREAM CONNECTED 324612 27662/php5-fpm
>
>
> 11 client-nginx connections in CLOSE_WAIT, no nginx-php
> connections. Unless they're the last four unix domain sockets
> connections, but I've configured nginx to use 127.0.0.1:9000 as
> the fcgi server.

>From the output you provided it looks like all nginx workers are
locked out, either doing something or waiting for some system
resources. As you can see - all connections accepted by nginx (6
connections which have nginx process listed in pid column) are in
CLOSE_WAIT state, and there are other connections to port 80 which
are sitting in listen queue. Am I right in the assumption that
nginx does not answer any requests?

You have to examine nginx workers to find out what they are doing.
Try starting from top, truss, gdb and examining your system logs.

Note well: you haven't posted full config you use, so please check
yourself for possible loops in it. I've recently posted some
patches which take care of several loops which aren't automatically
resolved now, see here for patch and example loops:

http://nginx.org/pipermail/nginx-devel/2010-January/000099.html

It should be trivial to find if it's the cause though, as nginx
worker will eat 100% cpu once caught in such loop.

Note well 2: I've already asked you to try compiling without third
party modules and patches and check if you are able to reproduce
the problem. It doesn't really make sense to proceed any further
without doing this.

> How can I debug what these CLOSE_WAIT connections were doing,
> which request were they serving? Anything I can activate on the
> logs or on nginx-status, a la Apache's extended server-status?

You have to enable debug log (see
http://nginx.org/en/docs/debugging_log.html). Then it will be
possible to map fd number to the particular request (and it's full
logs). Under linux it should be possible to find out fd number of
the particular connection via lsof -p <pid-of-nginx-worker>.

Maxim Dounin

_______________________________________________
nginx mailing list
nginx@nginx.org
http://nginx.org/mailman/listinfo/nginx