What I am trying to do using nginx is- to call a backend for authentication and if the response is successful I will redirect to website 1 (for example -google.com) and if authentication fail I will redirect to website2(facebook for example).
Below is my nginx.conf-
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'[===>$status] $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
keepalive_timeout 65;
# Load config files from the /etc/nginx/conf.d directory
# The default server is in conf.d/default.conf
include /etc/nginx/conf.d/default.conf;
}
The default.conf file is as below -
server {
listen 80 default_server;
server_name _;
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
# root /usr/share/nginx/html;
# index index.html index.htm;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://backend_ip_Address;
set $my_var 0;
if ($status = "200"){
set $my_var 1;
}
#if($status = 4xx) {
# set $my_var 2;
#}
if ($my_var = 1){
proxy_pass http://www.google.com;
}
if ($my_var = 2) {
proxy_pass http://www.facebook.com;
}
}
error_page 404 /404.html;
location = /404.html {
root /usr/share/nginx/html;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
The issue I am facing is when I am trying to execute sudo service nginx restart with this configuration I am getting below error-
Starting nginx: nginx: [emerg] unknown "status" variable
The same $status is also present in nginx.conf log configuration and it's logging the response code properly like 301, 200 etc. But the same status variable is not working in default.conf file. Any help on what I am doing wrong?
I tried replacing status with body_bytes_sent header and it's works.
By google search https://www.google.co.in/webhp?sourceid=chrome-instant&ion=1&espv=2&ie=UTF-8#q=nginx++unknown+%22status%22+variable only related information is https://www.drupal.org/node/2738983 but no much help to resolve this.
status variable is defined on very late phase, after request is processed and response is ready to sent back.
You cannot use it for conditional routing.
Usually it's used for logging.
Here you may read about nginx directives execution order and phases:
https://openresty.org/download/agentzh-nginx-tutorials-en.html
Related
I am not very familiar with Nginx URL redirect. But I have followed some suggestions from Google search and unfortunately none of them meet my expectation.
I need to redirect at least 100 old URLs to different new URLs. I already have another server.conf file under /etc/nginx/conf.d/ for some URL redirect and other settings. But I would like to create another nginx_redirect.txt file to store those 100 URLs redirect and keep away from server.conf. Furthermore, some of the old 100 URLs are also defined in server.conf file, but I was hoping the new nginx_rewrite.txt file can override the redirect URLs defined in server.conf file.
I use multiple "include" in the nginx.conf as below:
include /etc/nginx/conf.d/*.conf;
Server {
...
include /etc/nginx/conf.d/nginx_rewrite.txt;
...
}
The existing server.conf file for some URL redirect as below:
server {
...
location ~ ^/lp/old/ {
rewrite ^(.*)$ https://currenturl.com/ permanent;
}
}
I create new nginx_redirect.txt and hope to override the redirect URL in server.conf.
location ~ ^/lp/old/ {
rewrite ^(.*)$ https://newurl.com/ permanent;
}
I used below commands to ensure those .conf and .txt can be seen by Nginx.
nginx -T
nginx -s reload
However I found those old URLs defined in nginx_rewrite.txt didn't redirect to newurl.com/ but still to currenturl.com/. Even I set up some new URL in nginx_rewrite.txt, which is not defined in server.conf. Those new URL will show 404 instead of redirecting to other URL. Unless I defined those new URL in server.conf.
My questions:
Is my setting in nginx.conf, server.conf and nginx_rewrite.txt correct?
Is there not possible to override URL in permanent redirect of .conf?
Updated on 5/10 to share the result of nginx -T. Sorry I have remove some lines since it is not suitable to share with public.
sh-4.2$ sudo nginx -T
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
listen [::]:80;
server_name _;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
include /etc/nginx/conf.d/nginx_rewrite.txt;
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
}
# configuration file /etc/nginx/conf.d/server.conf:
upstream nginx-internal-sock {
server unix:/var/www/server/shared/tmp/unicorn.sock;
}
server {
listen 80;
server_name server.com;
location / {
root /var/www/server/current/public/;
}
}
server {
listen 80;
server_name stg.server.com;
real_ip_header X-Forwarded-For;
location / {
proxy_set_header Accept-Encoding "";
proxy_pass http://nginx-internal-sock/sales/;
}
location /sales {
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Accept-Encoding "";
proxy_pass http://nginx-internal-sock/sales;
}
location ~ ^/(assets)/ {
root /var/www/server/current/public;
add_header Cache-Control no-cache;
expires 7d;
# add_header Last-Modified "";
# add_header ETag "";
}
location ~ ^/lp/old/ {
rewrite ^(.*)$ https://currenturl.com/ permanent;
}
...
}
# configuration file /etc/nginx/conf.d/nginx_rewrite.txt:
location ~ ^/lp/old/ {
rewrite ^(.*)$ https://newurl.com/ permanent;
}
}
The problem
I have a website developed with NextJS, it is running on a server with Nginx. The website files are inside the public_html folder and running on port 3004, and i have a proxy_pass that redirect the requests to the NextJS website on port 3004.
But when I search for my domain or my site on google, it shows up in the results: Index of / (and the files inside)
I would like to remove this (and all the listing of files inside) to just put Home - Domain, for example.
Research and issue photos
My next.conf file
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 4096;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
listen [::]:80;
server_name _;
root /usr/share/nginx/html;
include /etc/nginx/default.d/*.conf;
error_page 404 /404.html;
location = /404.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
server {
listen 80;
server_name computadorsolidario.tec.br www.computadorsolidario.tec.br;
location / {
autoindex off;
proxy_pass http://localhost:3004;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
}
}
}
How can i solve this?
You can turn off the feature of nginx where it creates directory listings:
autoindex off;
If you want to replace "index if /" with an actual home page, you would need to create an index.html file in document root directory.
You should also add as a last location in your conf
location ~ /\. {
deny all;
}
to block file access to dot files .env file or other sensitive data
I'm trying to use Nginx as a reverse proxy in and centos 6.9_64 environment where clients connects to my server (http://www.51ti.vip).
Nginx will forward all requests to other backend server. The communication is working on port 80.
However, once proxy_set_header XXXXX is set, it will appear 403 when accessed.
There is no relevant error information in /var/log/nginx/error.log.
Where's the problem?
Page 403 Forbidden
You don't have permission to access the URL on this server.
Note:
OS System: CentOS 6.9_64
Nginx version 1.10.2
Config:
/etc/nginx/nginx.conf as follows:
user root;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
include /etc/nginx/conf.d/*.conf;
}
/etc/nginx/conf.d/default.conf as follows:
server {
listen 80 default_server;
server_name 47.75.249.199 "";
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
proxy_pass http://sq.otherserver.com;
#Proxy Settings
proxy_redirect off;
#proxy_set_header Host $host;
#proxy_set_header X-Real-IP $remote_addr;
#proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
The original problem was caused by "proxy_set_header Host $host",
there's no problem whith proxy_set_header X-Real-IP and proxy_set_header X-Forwarded-For.
But still don't understand why?
Nginx: when to use proxy_set_header Host $host vs $proxy_host
Module ngx_http_proxy_module
I have setup mkdocs and running on port 8000, Nginx is setup as reverse proxy with below configuration. However when accessing the site through reverse proxy browser stays "connecting..." for a long time approx 2 mins and page loads. Also if I stop with "X" with the browser, entire page shows up immediately. Could anyone help on this please?
server {
listen 80;
server_name docs.example.com;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:8000/;
proxy_redirect off;
proxy_buffering off;
}
}
And nginx.conf is
# For more information on configuration, see:
# * Official English Documentation: http://nginx.org/en/docs/
# * Official Russian Documentation: http://nginx.org/ru/docs/
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 1024;
}
http {
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
include /etc/nginx/conf.d/*.conf;
server {
listen 80 default_server;
listen [::]:80 default_server;
server_name _;
root /usr/share/nginx/html;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
}
# Settings for a TLS enabled server.
#
# server {
# listen 443 ssl http2 default_server;
# listen [::]:443 ssl http2 default_server;
# server_name _;
# root /usr/share/nginx/html;
#
# ssl_certificate "/etc/pki/nginx/server.crt";
# ssl_certificate_key "/etc/pki/nginx/private/server.key";
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 10m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
#
# # Load configuration files for the default server block.
# include /etc/nginx/default.d/*.conf;
#
# location / {
# }
#
# error_page 404 /404.html;
# location = /40x.html {
# }
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# }
# }
}
MkDocs is a static site generator.
The intended use case is that you "build" your pages as static web pages and then upload the already built HTML pages to your server where the server serves them up to your users. A major advantage is that as the server does not need to reprocess the Markdown and templates for each request, it is much faster.
While it is true that MkDocs does include a serve command, the included "server" is intended for development only. In other words, when writing your documents you can use the development server to see your changes live on your local machine. However, the server is not intended to serve anything to other machines or the outside world. It was never anticipated that the server would have multiple simultaneous connections.
So rather than having nginx listing on a port, you should point it at a directory of static files and copy a build of your MkDocs documents to that directory.
I need to hind port number from url. i am running odoo instance using --db-filter='^%d#', mydomain.com:8069 is works fine but mydomain.com is getting page not found. I have installed nginx and edited /etc/nginx/nginx.conf as below.
/etc/nginx/nginx.conf
#user nobody;
worker_processes 1;
events {
worker_connections 1024;
}
http {
include mime.types;
# anything written in /opt/nginx/conf/mime.types is interpreted as if written inside the http { } block
default_type application/octet-stream;
#
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
keepalive_timeout 65;
server {
# You would want to make a separate file with its own server block for each virtual domain
# on your server and then include them.
listen 8069;
listen 192.168.1.111:8080;
listen 192.168.1.111;
#tells Nginx the hostname and the TCP port where it should listen for HTTP connections.
# listen 80; is equivalent to listen *:80;
#server_name localhost;
server_name mydomain.com;
server_name www.mydomain.com;
# lets you doname-based virtual hosting
#charset koi8-r;
#access_log logs/host.access.log main;
location / {
#The location setting lets you configure how nginx responds to requests for resources within the server.
root html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
}
How can i do that? suggest any solutions..
Try the following server configuration. You can put it in a separate file and include it in the main nginx.conf if you like.
upstream odoo {
server 127.0.0.1:8080; # Or wherever your Odoo service is listening
}
server {
server_name mydomain.com;
listen 0.0.0.0:80;
root /var/www/html/odoo/;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ #odoo;
}
location #odoo {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
proxy_pass http://odoo;
}
}
In short, this defines an upstream server odoo for your odoo service. When a request is received (say mydomain.com/path/to/resource), nginx will try to process it by delivering the corresponding resource it is supposed to serve from the root dir. If that fails, it will retry, appending a slash to it. If that fails as well, it will send the path to the upstream server (odoo) for processing.