This works in my Nginx config:
# This works
proxy_pass http://GitLab-CE:9080;
... but this does not:
# does not work
set $upstream_gitlab GitLab-CE;
proxy_pass http://$upstream_gitlab:9080;
This was copied from a different working example which uses a hyphen and a different port.
# this works
set $upstream_deluge binhex-delugevpn;
proxy_pass http://$upstream_deluge:8112;
I thought perhaps something to do with the dash, but I have another config which also uses a hyphen in its name (see above) and it works. I have tried various forms of quotation which doesn't seem to help either. What could be going on here? I am at a loss. What is it about GitLab-CE that doesn't work yet binhex-delugevpn does work? Is Nginx seeing CE has some hexidecimal math?
Full context:
# make sure that your dns has a cname set for gitlab and that your gitlab container is not using a base url
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name gitlab.*;
include /config/nginx/ssl.conf;
client_max_body_size 0;
# enable for ldap auth, fill in ldap details in ldap.conf
#include /config/nginx/ldap.conf;
location / {
# enable the next two lines for http auth
auth_basic "Restricted";
auth_basic_user_file /config/nginx/.htpasswd;
# enable the next two lines for ldap auth
#auth_request /auth;
#error_page 401 =200 /login;
include /config/nginx/proxy.conf;
resolver 127.0.0.11 valid=30s;
set $upstream_gitlab GitLab-CE;
proxy_pass http://$upstream_gitlab:9080;
}
}
I should note that 127.0.0.11 is indeed the correct resolver and the names GitLab-CE and binhex-delugevpn do correctly resolve.
Of course there is no need to use a variable when it is only being referenced a single time but this follows the templates from linuxserver.io's letsencrypt Docker image.
EDIT: more context
Here is /config/nginx/nginx.conf.
It is unmodified by me.
## Version 2018/01/29 - Changelog: https://github.com/linuxserver/docker-letsencrypt/commits/master/root/defaults/nginx.conf
user abc;
worker_processes 4;
pid /run/nginx.pid;
include /etc/nginx/modules/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
client_max_body_size 0;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /config/log/nginx/access.log;
error_log /config/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
##
# nginx-naxsi config
##
# Uncomment it if you installed nginx-naxsi
##
#include /etc/nginx/naxsi_core.rules;
##
# nginx-passenger config
##
# Uncomment it if you installed nginx-passenger
##
#passenger_root /usr;
#passenger_ruby /usr/bin/ruby;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /config/nginx/site-confs/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
daemon off;
EDIT 2:
I have verified that Nginx seems to be doing some "tolower" conversion when using variables.
I renamed my GitLab container to gitlab-ce and it worked fine.
I renamed my deluge container (and made appropriate edits to the .conf) to binhex-deLugevpn and it stopped working.
Then I renamed it back to binhex-deluge but in the .conf file I put set $upstream_deluge bInHeX-dElUgEvPn;
And it worked. So, nginx (1.14.2) from linuxserver/letsencrypt seems to be doing some lower conversions on variables.
I tried looking find /config -type f -print0 | xargs -0 grep -i lower and found nothing.
Related
I have installed nginx on a VM (OS: Ubuntu 18). I am following this tutorial but the issue is that I am not able to see the content getting served on your_domain.com. Here's my nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
Files in sites-enabled and sites-available directory: default your_domain
your_domain (both in sites-enabled and sites-available)
server {
listen 80;
listen [::]:80;
root /var/www/your_domain/html;
index index.html index.htm index.nginx-debian.html;
server_name your_domain.com www.your_domain.com;
location / {
try_files $uri $uri/ =404;
}
}
index.html file in /var/www/your_domain/html
<html>
<head>
<title>Welcome to your_domain!</title>
</head>
<body>
<h1>Success! The your_domain server block is working!</h1>
</body>
</html>
Lastly, this is my /etc/hosts
127.0.0.1 localhost
127.0.0.1 your_domain.com (trying out)
35.188.213.229 your_domain.com (trying out)
10.128.0.48 your_domain.com (trying out)
I am not sure where the issue is because whenever I open your_domain.com, it says the following in chrome browser
This site can’t be reached
your_domain.com’s server IP address could not be found.
I have tried doing traceroute your_domain.com as well:
traceroute: unknown host your_domain.com
Tried nginx in macOS, it works there but I need to set it up in ubuntu VM for my project.
Given that traceroute is unable to resolve host name into ip address, I suppose that problem is caused by your /etc/hosts or some other issues with name resolution process on client side.
Most probably linux resolver library is unhappy with () in lines. Try removing them, keeping statement as clean as possible - e.g.:
127.0.0.1 your_domain.com
Note - this thing may be cached, so you may also need to restart your browser after making changes.
On MacOS you may even need to flush system-level dns cache:
dscacheutil -flushcache && killall -HUP mDNSResponder
Can’t reach the website anymore. Get 502 Bad Gateway error.
What happened:
Updated Let’s Encrypt to ACMEv2 (at least tried, seems it worked) -> 502 error
Updated Debian 8 to 10 buster (via 9) -> 502 error
Updated NGINX 1.14.2 -> 502 error
Updated the CMS (Kirby from v1 to v3 and back to v1, at least tried) -> 502 error
The website is still not reachable. But other files and folders are reachable (e.g. domain.com/folder-added-manually/index.html
I spent hours testing many solutions. Please advise me.
Let me know which info I can provide.
Thank you very much.
var/www/domain/index.php
<?php
/*
---------------------------------------
Document root of your site
---------------------------------------
this should be identical with the directory
in which your index.php is located
*/
$root = dirname(__FILE__);
/*
---------------------------------------
Kirby system folder
---------------------------------------
by default this is located inside the root directory
but if you want to share one system folder for
multiple sites, you can easily change that here
and link to a shared kirby folder somewhere on your
server
*/
$rootKirby = $root . '/kirby';
/*
---------------------------------------
Your site folder
---------------------------------------
Your site folder contains all the site specific files
like templates and snippets. It is located in the root
directory by default, but you can move it if you want.
*/
$rootSite = $root . '/site';
/*
---------------------------------------
Your content folder
---------------------------------------
Your content folder is also located in the root
directory by default. You can change this here.
It can also be changed later in your site/config.php
*/
$rootContent = $root . '/content';
// Try to load Kirby
if(!file_exists($rootKirby . '/system.php')) {
die('The Kirby system could not be loaded');
}
require_once($rootKirby . '/system.php');
/etc/nginx/nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
/etc/nginx/php.conf
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
include fastcgi.conf;
fastcgi_index index.php;
fastcgi_pass unix:/run/hhvm/hhvm.sock;
}
etc/nginx/domain-common.conf
(which is in /etc/nginx/sites-enabled/domain.com as 'include domain-common.conf;')
root /var/www/domain;
index index.php index.html;
include php.conf;
include kirby.conf;
I have docker and nginx version: nginx/1.10.0 (Ubuntu 16.04)
my nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 1024;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
include /etc/nginx/tcpconf.d/*;
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
this is default nginx.conf, and I added include /etc/nginx/tcpconf.d/*;
tcpconf.d contains 1 file:
stream {
upstream docker{
server localhost:8182;
server localhost:8183;
}
server {
listen 443;
proxy_pass docker;
}
}
So basically i have glassfish 4 server on docker, and when i start container on port 8182 i want to nginx balance request to port 8183(if 8182 not responding) and in reverse order.
And this is works perfectly, except one thing, when i start container, glassfish server is starting and web application on this server is starting too. Glassfish starts after 1-5 seconds and web application after 30 sec - 1 min, so when glassfish is up(for example on port 8182) nginx send request to this port and i getting 404, because glassfish is up, but web application is not, in this case I want to be redirected on port 8183 because 404 is not what i want to see)
so my question is how to tell nginx to not showing me 404 and try to request another port?
Is there any reason you are using the stream module for this? If it is a regular http server NGINX is proxying to then use regular http{} and proxy_next_upstream to define behavior on 404 error:
http://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_next_upstream
After removing all the config files from directory /etc/nginx/sites-enabled , rebooting the system and then connecting to the port 80 using the browser the web page with the following content is delivered.
It works! This is the default web page for this server. The web server software is running but no content has been added, yet.
Is this content served by the nginx and if yes where does it get from ?
The contents of the configuration file /etc/nginx/nginx.conf
root#www:~# cat /etc/nginx/nginx.conf
user www-data;
worker_processes 4;
pid /var/run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
##
# nginx-naxsi config
##
# Uncomment it if you installed nginx-naxsi
##
#include /etc/nginx/naxsi_core.rules;
##
# nginx-passenger config
##
# Uncomment it if you installed nginx-passenger
##
#passenger_root /usr;
#passenger_ruby /usr/bin/ruby;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
root#www:~#
Are you sure there is only nginx installed in your system? This seems like the default index page of apache (trying to guess... apache <= 2.4.6 from ubuntu 13.10 or older).
Anyway, check the Server http response header to see who is serving your requests.
When i restart the nginx with, sudo service nginx restart,
Iam facing with this error,
Restarting nginx: nginx: [emerg] "location" directive is not allowed here in /etc/nginx/nginx.conf:76
nginx: configuration file /etc/nginx/nginx.conf test failed
This is my nginx.conf file:
user www-data;
worker_processes 4;
pid /var/run/nginx.pid;
events {
worker_connections 768;
# multi_accept on;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
# gzip_vary on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
##
# nginx-naxsi config
##
# Uncomment it if you installed nginx-naxsi
##
#include /etc/nginx/naxsi_core.rules;
##
# nginx-passenger config
##
# Uncomment it if you installed nginx-passenger
##
#passenger_root /usr;
#passenger_ruby /usr/bin/ruby;
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
location / {
/home/techcee/scrapbook/local/lib/python2.7/site-packages/django/__init__.pyc/
}
}
#mail {
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP" "USER";
# # imap_capabilities "IMAP4rev1" "UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
# `enter code here`
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
What is wrong in this ?
"location" directive should be inside a 'server' directive, e.g.
server {
listen 8765;
location / {
resolver 8.8.8.8;
proxy_pass http://$http_host$uri$is_args$args;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
The server directive has to be in the http directive. It should not be outside of it.
Incase if you need detailed information, refer this.
Since your server already includes the sites-enabled folder ( notice the include /etc/nginx/sites-enabled/* line ), then you better use that.
Create a file inside /etc/nginx/sites-available and call it whatever you want, I'll call it django since it's a djanog server
sudo touch /etc/nginx/sites-available/django
Then create a symlink that points to it
sudo ln -s /etc/nginx/sites-available/django /etc/nginx/sites-enabled
Then edit that file with whatever file editor you use, vim or nano or whatever and create the server inside it
server {
# hostname or ip or multiple separated by spaces
server_name localhost example.com 192.168.1.1; #change to your setting
location / {
root /home/techcee/scrapbook/local/lib/python2.7/site-packages/django/__init__.pyc/;
}
}
Restart or reload nginx settings
sudo service nginx reload
Note I believe that your configuration like this probably won't work yet because you need to pass it to a fastcgi server or something, but at least this is how you could create a valid server
The location directive should be in the server directive, which in turn should be in the http directive. See example below for a reverse proxy:
http {
server {
location /some-path {
proxy_pass http://1.2.3.4;
}
}
}
The above is adapted from the Wiki example. More examples and documentation on the site.
By the way, be aware of the effect of include directives.