Can Nginx duplicate TCP/UDP traffic? - nginx

Below is my nginx.conf file, I have two upstreams, http_upstream and tcp_upstream, I make duplicated HTTP traffic and send it to load-balancer2.example.com:80 by using post_action, now I am wondering if I could make duplicated TCP/UDP traffic by using something similar to post_action?
daemon on;
user root;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
stream {
upstream tcp_upstream {
server server1.example.com:2000;
server server2.example.com:2000;
server server3.example.com:2000;
}
server {
listen 2000;
proxy_pass tcp_upstream;
}
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
client_header_buffer_size 512k;
large_client_header_buffers 4 512k;
client_max_body_size 1000M;
client_body_buffer_size 1000M;
upstream http_upstream {
server server1.example.com:8088;
server server2.example.com:8088;
server server3.example.com:8088;
}
server {
listen 80;
location / {
proxy_pass http://http_upstream/;
post_action #post_action;
}
location #post_action {
proxy_pass http://load-balancer2.example.com:80;
}
}
include /etc/nginx/conf.d/*.conf;
}

Related

nginx is not proxy passing to my nest app

I am trying to configure NGINX to serve my nest app(which is running on docker).
My app is listening on port 3000
The server is amazon linux 2(ec2-user)
The conf file looks like this:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
#include /etc/nginx/conf.d/nginx.conf;
server {
listen 80;
listen [::]:80;
server_name <ip.adress>;
#web
location / {
add_header X-yahav $uri; # this gets mounted
}
#api
location = /api { # this one is never approached
add_header X-yahav "Api-pass";
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header Host $http_host;
#proxy_pass http://127.0.0.1:3000/;
}
}
}
I want to redirect /api to my nest app but it just wont have it i'm getting a simple 404 without the header i'm attaching(as you can see in the conf file)
Another thing is when I go to the root (location /) I do get my header mounted as expected
Any have any idea what is wrong?
Don't forget to add "/api" to your requests, like http://your-server:80/api/

nginx ssl_preread_server_name shows wrong content

I'm having issues with my nginx configuration, we are using a stream in order to use SSL passthrough, however we plan on having multiple URLs pointed to this nginx and we are wanting to redirect to different load balancers depending on the address
Whats currently happening is..
Both site1.example.com and site2.example.com is showing site1.example.com content
And if site1.example.com load balancer stops working, both site1.example.com and site2.example end up showing site2.example.com content
/etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
return 301 https://$host$request_uri;
}
}
stream {
log_format basic '$remote_addr [$time_local] '
'$protocol $status $bytes_sent $bytes_received '
'$session_time "$upstream_addr" '
'"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"';
access_log /var/log/nginx/access.log basic;
error_log /var/log/nginx/error.log;
map $ssl_preread_server_name $name {
site1.example.com site1_example_com;
site2.example.com site2_example_com;
}
upstream site1_example_com {
server site1.amazonaws.com:443 max_fails=3 fail_timeout=10s;
}
upstream site2_example_com {
server site2.amazonaws.com:443 max_fails=3 fail_timeout=10s;
}
server {
listen 443;
proxy_pass $name;
ssl_preread on;
}
}

Nginx site can't be reached

I tried installing nginx with virtual hosting enabled with a single site currently hosted.
my nginx.conf
user nginxsite;
worker_processes 4;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
#server_names_hash_bucket_size 64;
}
I assume that the user nginxsite; is the useradd created for the root directory ownership. default of that is just nginx.
my virtual.conf inside /etc/nginx/conf.d/
server {
listen 80;
#listen *:80;
server_name www.nginxsite.domain.com *.nginxsite.domain.com;
#access_log /var/log/nginx/access.log
location / {
root /var/www/nginxsite.com/public_html/;
index index.html index.htm; }
}
The server name and ip has already been added in my hostfile
XX.XX.XX.XX www.nginxsite.domain.com
I'm pretty sure the issue lies in my conf files but I can't seem to point out where.
Checked the logs but there's nothing.
Please help.
Thanks so much!

why nginx rewrite not working for video wilth protect from direct links?

Somedays ago, on my server appeared error: video not found or access denied. The path are correct. I play video by jwplayer.
And i have a file protection from direct links.
location /route/ {
include /home/username/shop/route/route.conf;
}
in route.conf:
rewrite ^/route/9be25319f8164b5dacd481f700b3e69d/93/video.flv$ /media/courses/video1.flv;
Why it dont working?
full server config:
user nginx nginx;
worker_processes 3;
error_log /var/log/nginx/error_log info;
events {
worker_connections 1024;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main
'$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$gzip_ratio"';
client_header_timeout 10m;
client_body_timeout 120m;
send_timeout 120m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 4 2k;
request_pool_size 4k;
gzip off;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_types text/plain;
output_buffers 1 32k;
postpone_output 1460;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 75 20;
ignore_invalid_headers on;
index index.html;
server {
listen X.X.X.X:80;
server_name mysite.com;
access_log /home/user/logs/nginx-access.log;
error_log /home/user/logs/nginx-error.log;
location /static/ {
alias /home/user/shop/static/;
}
location /media/ {
alias /home/user/shop/media/;
}
location /route/ {
include /home/shamprod/shop/route/route.conf;
}
location / {
proxy_pass http://127.0.0.1:8888/;
include /etc/nginx/proxy.conf;
}
}

Nginx don't work with sites-avaliable

Here is my config:
nginx.conf
user www-data;
worker_processes 2;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
worker_rlimit_nofile 8192;
events {
worker_connections 1024;
use epoll;
}
http {
client_max_body_size 15m;
server_names_hash_bucket_size 64;
postpone_output 1460;
sendfile_max_chunk 128k;
sendfile on;
fastcgi_cache_path /tmp/fcgi-cache/ levels=1:2 keys_zone=one:10m;
include /etc/nginx/mime.types;
default_type application/octet-stream;
server_tokens off;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
error_log /var/log/nginx/error.log;
tcp_nopush on;
keepalive_timeout 65;
gzip on;
ssi on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
here is my domain.com config in sites-available:
server {
root /var/www/domain.com/;
access_log /var/log/nginx/default-access.log;
error_log /var/log/nginx/default-error.log;
include /etc/nginx/templates/default;
include /etc/nginx/templates/php;
include /etc/nginx/templates/phpmyadmin;
}
When i enter a url domain.com it shows default nginx page. When i comment include /etc/nginx/conf.d/*.conf; i can't even load nginx page, it lools like server is not even working. I've written my site in sites-available and made a ln -s to sites-enabled.
What is wrong?
You have to put server_name domain.com; in server block :)

Resources