Using the nginx conf below, I can't seem to match /api/v2/macs/, but rather it goes to /api/. The issue is that I've tried the same conf in multiple environments and it's failing in my main production environment only. Any ideas?
server {
listen 80 default_server;
client_max_body_size 0;
charset UTF-8;
proxy_read_timeout 300;
proxy_intercept_errors on;
error_page 403 /403;
error_page 404 /404;
error_page 502 /502;
server_tokens off;
add_header X-Frame-Options SAMEORIGIN;
# Enable Gzip
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_proxied any;
gzip_types
# text/html is always compressed by HttpGzipModule
text/css
text/javascript
text/xml
text/plain
text/x-component
application/javascript
application/json
image/svg+xml;
# Serve index.html
location / {
root /usr/share/nginx/html;
index index.html index.htm;
autoindex off;
error_page 404 /404;
# Cache busting
if_modified_since off;
expires -1;
}
location /api/v2/macs/ {
rewrite ^/api/v2/macs/(.*) /$1 break;
proxy_pass http://my-server:80;
}
#
# API
#
location /api/ {
rewrite ^/api/(.*) /api/$1 break;
proxy_pass http://other-server;
}
#
# Ping
#
location = /ping {
return 200;
}
#
# Errors
#
location = /403 {
root /usr/share/nginx/html/templates/error;
index 403.html;
}
location = /404 {
root /usr/share/nginx/html/templates/error;
index 404.html;
}
location = /502 {
root /usr/share/nginx/html/templates/error;
index maintenance.html;
}
}
According to my understanding, nginx should match using the longest prefix before stopping, but that's not what's happening.
Thanks!
Related
I am using below nginx file. I have hosted multiple frontend (angular) projects on single server. So, I want to access different project on different path.
When I hit url www.*********.com/st_admit/dashboard
I want to access project place in directory /usr/share/nginx/html2; but nginx is redirecting to root domain i.e. "/" and open the project placed in /usr/share/nginx/html;
Please check below configuration file and let me know how I can fix the nginx location regex.
client_max_body_size 10M;
upstream django {
ip_hash;
server django_gunicorn:8001;
}
server {
server_name *************.*** www.******.***;
listen 443 ssl;
add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload";
ssl_certificate /etc/nginx/***********.crt;
ssl_certificate_key /etc/nginx/*************.key;
client_max_body_size 4G;
proxy_read_timeout 20000;
proxy_connect_timeout 20000;
proxy_send_timeout 20000;
keepalive_timeout 200;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
server_tokens off;
ssl_protocols TLSv1.2 TLSv1.3;
root /usr/share/nginx/html;
location ^~ /st_admin/(.*) {
alias /usr/share/nginx/html2;
index index.html index.htm;
include /etc/nginx/mime.types;
gzip on;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
try_files $uri $uri/ /index.html;
}
location /api/ {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https;
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://django;
break;
}
}
location / {
root /usr/share/nginx/html;
index index.html index.htm;
include /etc/nginx/mime.types;
gzip on;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript;
try_files $uri $uri/ /index.html;
}
}
I tried below location configurations, but none of these are working.
location ^~ /st_admin
location ^~ /st_admin/*
location ^~ /st_admin/(.*)
I have three nginx server blocks and when i run nginx -t get error "nginx: [warn] conflicting server name "" on 0.0.0.0:80, ignored"
I have three nginx server blocks:
One: /etc/nginx/sites-available/default
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
server_name _;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
}
Two: /etc/nginx/sites-available/example.com
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
# Document Root
root /var/www/example.com;
index index.php index.html index.htm;
server_name .example.com;
client_max_body_size 0;
listen [::]:443 ssl http2 ipv6only=on;
listen 443 ssl http2;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 20m;
ssl_ciphers 'TLS13+AESGCM+AES128:EECDH+AES128';
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
# Rocket-Nginx configuration
include rocket-nginx/conf.d/default.conf;
# security
include nginxconfig.io/security.conf;
# Block XMLRPC
location = /xmlrpc.php {
deny all;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~* \.php$ {
if ($uri !~ "^/uploads/") {
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
}
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
log_not_found off;
access_log off;
allow all;
}
location ~* .(css|gif|svg|ico|woff2|eot|jpeg|webp|jpg|js|png)$ {
expires 1y;
log_not_found off;
}
# Enable Gzip compression.
gzip on;
# Disable Gzip on IE6.
gzip_disable "msie6";
# Allow proxies to cache both compressed and regular version of file.
# Avoids clients that don't support Gzip outputting gibberish.
gzip_vary on;
# Compress data, even when the client connects through a proxy.
gzip_proxied any;
# The level of compression to apply to files. A higher compression level increases
# CPU usage. Level 5 is a happy medium resulting in roughly 75% compression.
gzip_comp_level 5;
# Compress the following MIME types.
gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy;
}
Three: /etc/nginx/sites-available/example1.com
server {
listen 80;
return 301 https://$host$request_uri;
}
server {
# Document Root
root /var/www/example1.com;
index index.php index.html index.htm;
server_name .example1.com;
client_max_body_size 0;
listen [::]:443 ssl http2;
listen 443 ssl http2;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_certificate /etc/letsencrypt/live/example1.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example1.com/privkey.pem;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 20m;
ssl_ciphers 'TLS13+AESGCM+AES128:EECDH+AES128';
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
# Rocket-Nginx configuration
include rocket-nginx/conf.d/default.conf;
# security
include nginxconfig.io/security.conf;
# Block XMLRPC
location = /xmlrpc.php {
deny all;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~* \.php$ {
if ($uri !~ "^/uploads/") {
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
}
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
log_not_found off;
access_log off;
allow all;
}
location ~* .(css|gif|svg|ico|woff2|eot|jpeg|webp|jpg|js|png)$ {
expires 1y;
log_not_found off;
}
# Enable Gzip compression.
gzip on;
# Disable Gzip on IE6.
gzip_disable "msie6";
# Allow proxies to cache both compressed and regular version of file.
# Avoids clients that don't support Gzip outputting gibberish.
gzip_vary on;
# Compress data, even when the client connects through a proxy.
gzip_proxied any;
# The level of compression to apply to files. A higher compression level increases
# CPU usage. Level 5 is a happy medium resulting in roughly 75% compression.
gzip_comp_level 5;
# Compress the following MIME types.
gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy;
}
When i run: $ sudo nginx -t
This answer appears:
nginx: [warn] conflicting server name "" on 0.0.0.0:80, ignored
How do i solve this?
example.com and example1.com both are identical, you have to add server_name on the listen 80 of both blocks.
Corrected Server blocks is:
Two: /etc/nginx/sites-available/example.com
server {
listen 80;
server_name .example.com;
return 301 https://example.com$request_uri;
}
server {
# Document Root
root /var/www/example.com;
index index.php index.html index.htm;
server_name .example.com;
client_max_body_size 0;
listen [::]:443 ssl http2 ipv6only=on;
listen 443 ssl http2;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 20m;
ssl_ciphers 'TLS13+AESGCM+AES128:EECDH+AES128';
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
# Rocket-Nginx configuration
include rocket-nginx/conf.d/default.conf;
# security
include nginxconfig.io/security.conf;
# Block XMLRPC
location = /xmlrpc.php {
deny all;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~* \.php$ {
if ($uri !~ "^/uploads/") {
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
}
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
log_not_found off;
access_log off;
allow all;
}
location ~* .(css|gif|svg|ico|woff2|eot|jpeg|webp|jpg|js|png)$ {
expires 1y;
log_not_found off;
}
# Enable Gzip compression.
gzip on;
# Disable Gzip on IE6.
gzip_disable "msie6";
# Allow proxies to cache both compressed and regular version of file.
# Avoids clients that don't support Gzip outputting gibberish.
gzip_vary on;
# Compress data, even when the client connects through a proxy.
gzip_proxied any;
# The level of compression to apply to files. A higher compression level increases
# CPU usage. Level 5 is a happy medium resulting in roughly 75% compression.
gzip_comp_level 5;
# Compress the following MIME types.
gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-poli
}
Three: /etc/nginx/sites-available/example1.com
server {
listen 80;
server_name .example1.com;
return 301 https://example1.com$request_uri;
}
server {
# Document Root
root /var/www/example1.com;
index index.php index.html index.htm;
server_name .example1.com;
client_max_body_size 0;
listen [::]:443 ssl http2;
listen 443 ssl http2;
ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;
ssl_certificate /etc/letsencrypt/live/example1.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example1.com/privkey.pem;
ssl_prefer_server_ciphers on;
ssl_session_cache shared:SSL:20m;
ssl_session_timeout 20m;
ssl_ciphers 'TLS13+AESGCM+AES128:EECDH+AES128';
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
# Rocket-Nginx configuration
include rocket-nginx/conf.d/default.conf;
# security
include nginxconfig.io/security.conf;
# Block XMLRPC
location = /xmlrpc.php {
deny all;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~* \.php$ {
if ($uri !~ "^/uploads/") {
fastcgi_pass unix:/run/php/php8.1-fpm.sock;
}
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
log_not_found off;
access_log off;
allow all;
}
location ~* .(css|gif|svg|ico|woff2|eot|jpeg|webp|jpg|js|png)$ {
expires 1y;
log_not_found off;
}
# Enable Gzip compression.
gzip on;
# Disable Gzip on IE6.
gzip_disable "msie6";
# Allow proxies to cache both compressed and regular version of file.
# Avoids clients that don't support Gzip outputting gibberish.
gzip_vary on;
# Compress data, even when the client connects through a proxy.
gzip_proxied any;
# The level of compression to apply to files. A higher compression level increases
# CPU usage. Level 5 is a happy medium resulting in roughly 75% compression.
gzip_comp_level 5;
# Compress the following MIME types.
gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy;
}
no need to do changes on default one.
I am trying of custom the Nginx error page.
1/ I created a html page test (this name 400.html)
2/ I created a custom-error-page.conf file in the /etc/nginx/snippets/ directory :
error_page 400 /400.html;
location = /400.html {
root /var/www/apps/site_name/error_pages;
internal;
}
3/ I include custom-error-page.conf in the Nginx configuration (sites-available):
upstream site_name {
ip_hash;
server 0.0.0.0:8000;
}
server {
if ($host = site_name.domain_name.fr) {
return 301 https://$host$request_uri;
} # managed by Certbot
server_name site_name.domain_name.fr;
server_tokens off;
include /etc/nginx/domain_name_conf.d/acme_challenge.conf;
set $error_pages_root /var/www/apps/site_name/error_pages;
client_max_body_size 512M;
include /etc/nginx/domain_name_conf.d/503.conf;
location ~ /.+ {
return 301 https://$server_name$request_uri;
}
}
server {
include /etc/nginx/snippets/custom-error-page.conf;
include /etc/nginx/domain_name_conf.d/ssl_generic.conf;
server_name site_name.domain_name.fr;
root /var/www/apps/sources/site_name;
set $error_pages_root /var/www/apps/site_name/error_pages;
ssl_client_certificate /etc/nginx/private/ca.pem;
ssl_verify_client optional;
if ($ssl_client_verify != SUCCESS) {
return 400;
}
ssl_certificate /etc/letsencrypt/live/site_name.domain_name.fr/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/site_name.domain_name.fr/privkey.pem;
access_log /var/log/nginx/site_name.domain_name.fr/access.log;
error_log /var/log/nginx/site_name.domain_name.fr/error.log;
client_max_body_size 512M;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_min_length 256;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml image/png;
include /etc/nginx/domain_name_conf.d/acme_challenge.conf;
include /etc/nginx/domain_name_conf.d/503.conf;
location ~ ^/(static|media)/ {
return 301 https://site_name.fr$request_uri;
}
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Ssl $scheme;
proxy_redirect off;
proxy_set_header X-Scheme $scheme;
if (!-f $request_filename){
proxy_pass http://site_name;
break;
}
}
}
4/ Nginx -t return ok
5/ I restart the Nginx service - systemctl restart nginx.service
The 400 page is always the Nginx 400 page.
I found the solution to my problem.
I edit the custom-error-page.conf :
error_page 400 #bad_request;
location #bad_request {
root /var/www/apps/site_name/error_pages;;
rewrite ^(.*)$ /400.html break;
}
My include of custom-error-page.conf was placed in the wrong place.
I indicated it in all the servers and after the return of error 400.
I'm using nginx to serve static files, and also proxy to a backend java server. I'm using a templating language in my backend java server, that will eventually replace all html files.
I don't know nginx, so I wanted to ask for some help on the most efficient way to do this.
Files:
/assets // Lots more files in this folder
/index.html
/android-chrome-192x192.png
/android-chrome-512x512.png
/apple-touch-icon.png
/browserconfig.xml
/favicon.ico
/favicon-16x16.ico
/favicon-32x32.ico
/mstile-15x150.png
/safari-pinned-tab.svg
/site.webmanifest
Here is my conf file so far. I'm serving the static files, but not proxying:
server {
listen 80 default_server;
listen [::]:80 default_server;
root /root/web;
index index.html;
server_name _;
location /assets/ {
try_files $uri =404;
sendfile on;
sendfile_max_chunk 512k;
}
location / {
try_files $uri =404;
sendfile on;
sendfile_max_chunk 512k;
}
location ~* \.(jpg|jpeg|png|gif|ico|webp|mp4)$ {
expires 30d;
}
location ~* \.(css|js)$ {
expires 10d;
}
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied any;
gzip_types application/javascript application/json application/x-font-ttf font/opentype image/* text/plain text/css text/xml text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
gunzip on;
# error_log /root/nginx-log.txt debug;
}
My backend server will serve urls with patterns like this:
/basic-url-here // This style will serve html files built with a templating language from the server, so they need to be at the root path
/api/*
What is the right / efficient way to serve all these files with nginx while also proxying to a backend server?
I've found a solution that works, but I don't know how efficient it is. If I remove the /asset location block, and replace the / location block with this, it works:
location / {
try_files $uri $uri/ #backend;
}
location #backend {
proxy_pass http://backend:8080;
}
This is my final file:
server {
listen 80 default_server;
listen [::]:80 default_server;
root /root/web;
index index.html;
server_name _;
access_log off;
sendfile on;
sendfile_max_chunk 512k;
location / {
try_files $uri $uri/ #backend;
}
location #backend {
proxy_pass http://backend:8080;
}
location ~* \.(jpg|jpeg|png|gif|ico|webp|mp4)$ {
expires 30d;
}
location ~* \.(css|js)$ {
expires 10d;
}
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied any;
gzip_types application/javascript application/json application/x-font-ttf font/opentype image/* text/plain text/css text/xml text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
gunzip on;
# error_log /root/nginx-log.txt debug;
}
I'm not sure if this is the proper way to do this though.
You can use another location block to map your api, and say, your Java backend server will run on port 4000:
location /api/ {
proxy_pass http://localhost:4000:
..... <other configurations>
}
You can read more about this plus other configurations in the documentation.
Hope that helps!
when I open 127.0.0.1, the url would jump to 127.0.0.1/k.com/k.com/k/.com/......
my hosts
127.0.0.1 localhost
127.0.0.1 k.com
my nginx config
#user _www;
worker_processes 1;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
access_log off;
gzip off;
gzip_min_length 1k;
gzip_buffers 4 16k;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_types text/plain application/json application/x-javascript text/css application/xml text/javascript;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
include mime.types;
default_type application/octet-stream;
sendfile on;
keepalive_timeout 65;
server {
listen 80;
server_name k.com;
client_max_body_size 20M;
root F:/xxxx/www;
underscores_in_headers on;
index index.html;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Allow-Methods' 'GET,POST,PUT,DELETE';
add_header 'Access-Control-Allow-Headers' 'DNT,X-Mx-ReqToken,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,username,password,remember,token';
location / {
try_files $uri $uri/ /index.html;
}
location = /index.html {
add_header Cache-Control no-cache;
add_header Cache-Control private;
}
}
server {
listen 80;
server_name localhost;
root F:/xxxx/www/htdocs; #
index index.html index.php;
autoindex on;
location / {
try_files $uri $uri/ /index.html;
}
}
}
how to configure 127.0.0.1 , direct to another directory or empty page, either or direct to localhost.