So, in my app, I want anything with root url ending with / to go to /pss
#user nobody;
worker_processes 1;
#error_log logs/error.log;
error_log logs/error.log debug;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
server_name_in_redirect off;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
# Enable Gzip
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_proxied any;
gzip_types
# text/html is always compressed by HttpGzipModule
text/css
text/javascript
text/xml
text/plain
text/x-component
application/javascript
application/json
application/xml
application/rss+xml
font/truetype
font/opentype
application/vnd.ms-fontobject
image/svg+xml;
gzip_static on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
gzip_vary on;
server {
listen 80;
server_name localhost;
#charset koi8-r;
rewrite_log on;
access_log logs/host.access.log main;
index index.html index.htm;
location ~ ^/pss/?(.*)$ {
root /opt/tech-ui;
rewrite ^/pss$ / break;
rewrite ^/pss/(.*)$ /$1 break;
}
location / {
root /opt/tech-ui;
}
location =/ {
rewrite ^/(.*)$ /pss/$1 break;
return 302;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
# HTTPS server
#server {
# listen 443 ssl;
# server_name localhost;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
# ssl_session_cache shared:SSL:1m;
# ssl_session_timeout 5m;
# ssl_ciphers HIGH:!aNULL:!MD5;
# ssl_prefer_server_ciphers on;
# location / {
# root html;
# index index.html index.htm;
# }
#}
}
daemon off;
So, whenever I out in localhost I get localhost//pss
I'm super confused, I've googled around, and I'm not sure what to do next, I know I'm missing something basic in nginx.
You can use rewrite rules bellow:
location = / {
rewrite ^ /pss&$args last;
}
or
location = / {
return 301 http://localhost/pss;
}
Related
I'm trying to add two endpoints in nginx.conf file. The main purpose is to be able to send a POST request to the first endpoint so i can log the body message to the console (stdout). The second endpoint is needed because i need to do a proxy_pass to another endpoint so i can send the body message to stdout (I'm following this tutorial https://matthias-kainer.de/blog/posts/logging-client-console-errors-with-nginx/).
The problem i'm facing is that the server name can be any, so i have the server_name directive as _. I have tried a lot of things but i always get some error: 502 - Bad Gateway or 400 - Bad Request or 400 - No required SSL certificate was sent.
My nginx.conf file (and my actual try) is this:
worker_processes 1;
error_log /dev/stdout warn;
events {
worker_connections 1024;
}
http {
resolver 127.0.0.11 valid=30s;
resolver_timeout 20s;
access_log stdout;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format error_trace '$remote_addr - $remote_user $request_time $upstream_response_time '
'[$time_local] "$request" $status $body_bytes_sent "Client Error: $request_body" "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /dev/stdout main;
error_log /dev/stdout debug;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
default_type application/octet-stream;
gzip on;
gzip_http_version 1.1;
gzip_vary on;
gzip_comp_level 6;
gzip_proxied any;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js;
gzip_buffers 16 8k;
gzip_disable "MSIE [1-6].(?!.*SV1)";
server {
listen 60000 ssl http2 default_server;
root /var/www/html;
server_name _;
server_tokens off;
client_body_buffer_size 1k;
client_header_buffer_size 1k;
client_max_body_size 1k;
large_client_header_buffers 4 16k;
ssl_certificate /some/path/some-file.pem;
ssl_certificate_key /some/path/some-file-key.key;
ssl_trusted_certificate /some/path/some-certificate.pem;
ssl_session_cache shared:SSL:50m;
ssl_session_timeout 180m;
ssl_session_tickets off;
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:ECDHE-RSA-AES128-GCM-SHA256:AES256+EECDH:DHE-RSA-AES128-GCM-SHA256:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";
ssl_stapling on;
ssl_stapling_verify on;
ssl_verify_client on;
ssl_verify_depth 10;
ssl_client_certificate /some/path/some-certificate.pem;
add_header Strict-Transport-Security "max-age=31536000" always;
add_header X-Frame-Options SAMEORIGIN;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
location = / {
try_files $uri$args $uri$args/ /index.html;
}
location = /client_error_trace {
access_log /dev/stdout error_trace;
proxy_pass https://127.0.0.1:60000/client_error_trace_proxy;
proxy_redirect off;
proxy_set_header Host $host;
}
location = /client_error_trace_proxy {
access_log off;
return 200 'Error logged';
}
error_page 404 /;
}
}
With this file, im getting an error 400 - Bad Request - No required SSL certificate was sent. Any hint or help would be very appreciated >_<
I have Implemented the Nginx cache with https reverse proxy in centos, My response time taking more than 1.5 seconds for each request. My nginx server configuration was 4 core, 8gb ram.
My configuration looks like below (nginx.config)
`user nginx;
worker_processes auto;
worker_rlimit_nofile 100000;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 80000;
use epoll;
multi_accept on;
}
http {
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format rt_cache '$remote_addr - $upstream_cache_status [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
# Below pattern will print
# Time stamp | Client IP | client Dev apps Name| Request | Status Returned| Time taken in ms| size Returned in bytes| Referer | hit or miss | User agent
log_format bf_log_format '[$time_local]|'
'$remote_addr|'
'$http_x_developer_username|$http_x_forwarded_for|'
'"$request"|'
'$status|$upstream_response_time|$body_bytes_sent|'
'"$http_referer"|'
'"$upstream_cache_status"|'
'"$http_user_agent"';
log_format json_log_format escape=json '{'
'"time": "$time_iso8601",'
'"trace_id": "$request_id",'
'"http": {'
'"body_bytes_sent": "$body_bytes_sent",'
'"x_developer_username": "$http_x_developer_username",'
'"remote_addr": "$remote_addr",'
'"method": "$request_method",'
'"request": "$request_uri",'
'"schema": "$scheme",'
'"request_time": "$request_time",'
'"host": "$host",'
'"uri": "$uri",'
'"user_agent": "$http_user_agent",'
'"status": "$status"'
'},'
'"proxy": {'
'"host": "$proxy_host"'
'},'
'"upstream": {'
'"response_time": "$upstream_response_time sec",'
'"cache_status": "$upstream_cache_status"'
'}'
'}';
# access_log /var/log/nginx/access.log main;
# access_log /var/log/nginx/access.log json_log_format;
access_log off;
sendfile on;
sendfile_max_chunk 512k;
# directio 4m;
# directio_alignment 512;
tcp_nopush on;
tcp_nodelay on;
reset_timedout_connection on;
keepalive_requests 100000;
types_hash_max_size 2048;
# reduce the data that needs to be sent over network -- for testing environment
gzip on;
# gzip_static on;
gzip_min_length 10240;
gzip_comp_level 1;
gzip_vary on;
gzip_disable msie6;
gzip_proxied expired no-cache no-store private auth;
gzip_types
text/css
text/javascript
text/xml
text/plain
text/x-component
application/javascript
application/x-javascript
application/json
application/xml
application/rss+xml
application/atom+xml
font/truetype
font/opentype
application/vnd.ms-fontobject
image/svg+xml;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
proxy_cache_path /opt/nginx/cache levels=1:2 keys_zone=api-cache:3000m max_size=100g inactive=43200m use_temp_path=off;
proxy_temp_path /opt/nginx/cache/other;
include /etc/nginx/conf.d/ssl.conf;
}`
My ssl.confg looks like below
server {
server_name _;
root /usr/share/nginx/html;
listen 443 ssl http2 default_server;
listen [::]:443 ssl;
ssl_certificate "/etc/private/ssl/cert.pem";
ssl_certificate_key "/etc/private/ssl/key.pem";
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
keepalive_timeout 100;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
location /health {
default_type application/json;
return 200 '{"status":"UP"}';
}
location /nginx-status {
stub_status;
}
location /trellotest {
proxy_cache_bypass $http_no_cache_purge $arg_nocache;
proxy_cache_methods GET POST;
add_header Cache-Control "public";
proxy_cache api-cache;
proxy_cache_valid 200 40320m;
add_header X-Cache $upstream_cache_status;
add_header X-Time $request_time;
proxy_ignore_headers X-Accel-Expires Expires Cache-Control;
proxy_pass https://mytrelloapp;
}
}
If possible, Anyone could you please advise me if we have anyway to improve the above configurations?
We have a problem with Nginx. We have a converter server it's convert MP4 video to MP3 file and 300 user online, so when they start download their MP3 files at the same time, server time response become so huge like if it is freezed even if %vCPU doesn't exceeds 10% when he start the conversion using mpeg library.
My server Configuration :
16 vCPU.
RAM:30G
Data transfert :5TB.
Nginx Configuration (nginx.conf)
user www-data;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
worker_rlimit_nofile 20240;
events {
worker_connections 4000;
multi_accept on;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log off;
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
client_header_timeout 10m;
client_body_timeout 10m;
send_timeout 10m;
client_max_body_size 700m;
connection_pool_size 256;
client_body_buffer_size 1024k;
client_header_buffer_size 8k;
keepalive_timeout 30;
keepalive_requests 100000;
reset_timedout_connection on;
open_file_cache max=200000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
#include /etc/nginx/conf.d/*.conf;
}
Web site nginx configuration:
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /var/www/html;
index index.php index.html index.htm;
client_max_body_size 700m;
connection_pool_size 256;
client_body_buffer_size 1024k;
client_header_buffer_size 8k;
limit_rate 125k;
limit_req zone=one burst=5;
# Make site accessible from http://localhost/
server_name localhost;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
}
Do you know where the problem may come ?
Trying to setup Laravel 4.1 installation on a nginx server (first time) and I'm given "not found" for every Laravel route instead of the view expected. The main page loads fine.
Please note, site can only be accessed by IP which is why I have the filler IP 123.123.123.123 for server_name.
etc/nginx/nginx.conf:
listen 80;
user nginx;
worker_processes 4;
worker_rlimit_nofile 200000;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 4000;
use epoll;
multi_accept on;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
etc/nginx/site-available/mysite.conf:
server {
listen 80;
server_name 123.123.123.123 "";
access_log /srv/www/mysite/logs/access.log;
error_log /srv/www/mysite/logs/error.log;
root /srv/www/mysite/public_html/public;
rewrite_log on;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log main buffer=16k;
gzip on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
gzip_http_version 1.1;
gzip_vary on;
gzip_proxied any;
#gzip_proxied expired no-cache no-store private auth;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js;
open_file_cache max=200000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 90;
keepalive_requests 100000;
reset_timedout_connection on;
client_body_timeout 30;
send_timeout 30;
# Remove trailing slash to please Laravel routing system.
if (!-d $request_filename) {
rewrite ^/(.+)/$ /$1 permanent;
}
location / {
index index.html index.htm index.php;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
}
# We don't need .ht files with nginx.
location ~ /\.ht {
deny all;
}
# Set header expirations.
location ~* \.(?:ico|css|js|jpe?g|JPG|png|svg|woff)$ {
expires 365d;
}
}
Maybe you should give this: http://daylerees.com/nginx-configuration-for-daylerees-dot-com a look. It might solve your problem.
I have the following nginx config:
location ~ ^/system/filedir/scripts {
autoindex on;
}
location ~ ^/filedir/scripts {
alias /system/filedir/scripts/;
}
When I visit http://myserver.com/system/filedir/scriptseverything works fine and I can see the list of files contained by the scripts directory.
But when I visit http://myserver.com/filedir/scripts I have the following error:
[error] 2083#0: *83335 "/system/filedir/index.html" is not found (2: No such file or directory), request: "GET /filedir/scripts/ HTTP/1.1"
I cannot get rid of the index.html addition and get the file listing.
The same is happening if I try
location ~ ^/filedir/scripts {
root /system/;
}
Here's my nginx.conf:
# daemon off;
# user nobody;
worker_processes 1;
error_log logs/error.log;
# error_log logs/error.log notice;
# error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
gzip on;
gzip_http_version 1.0;
gzip_proxied any;
gzip_min_length 500;
gzip_disable "MSIE [1-6]\.";
gzip_types text/plain
text/html
text/xml
text/css
text/comma-separated-values
text/javascript application/x-javascript
application/atom+xml
application/json
application/xml
application/rss+xml
image/svg+xml
application/vnd.ms-fontobject
application/x-font-ttf;
include my_sites/*;
}
You can use a rewrite:
server {
location ~ ^/system/filedir/scripts/ {
autoindex on;
}
location ~ ^/filedir/scripts/ {
rewrite ^/filedir/scripts/(.*)$ /system/filedir/scripts/$1 last;
}
Or a proxy_pass:
server {
resolver 8.8.8.8;
location ~ ^/system/filedir/scripts/ {
autoindex on;
}
location ~ ^/filedir/scripts/ {
proxy_pass http://$host/system/$uri;
}
I've tried combinations with alias, root, but they all failed.