Test upload

From mat999 at gmail.com Thu Sep 1 01:57:30 2011 From: mat999 at gmail.com (SplitIce) Date: Thu, 1 Sep 2011 11:57:30 +1000 Subject: upstream keepalive - call for testing In-Reply-To: <6a9ebe9133762e47eb7d9b732d7bcd9b.NginxMailingListEnglish@forum.nginx.org> References: <20110829014709.GT1137@mdounin.ru> <6a9ebe9133762e47eb7d9b732d7bcd9b.NginxMailingListEnglish@forum.nginx.org> Message-ID: I havent had any crashes on 3x10mbit servers (90% utilisation) or 2x100mbit servers (20% utilisation). Seems very stable. On Thu, Sep 1, 2011 at 6:04 AM, magicbear wrote: > OK, It works for 3 days with 40 million request haven't coredump. > Thanks. > > Maxim Dounin Wrote: > ------------------------------------------------------- > > Hello! > > > > On Sun, Aug 28, 2011 at 01:07:25PM -0400, > > magicbear wrote: > > > > > Hello, tested for 2 days, the segmentation > > failure frequence is > > > decreased, but sometime still will dead. > > > > > > Here is the coredump information. It seems > > appear too at official > > > without patch version. > > > > [...] > > > > > (gdb) bt > > > #0 0x000000000045bd99 in > > ngx_http_upstream_handler (ev=0x7f99438901e8) > > > at src/http/ngx_http_upstream.c:921 > > > #1 0x0000000000427839 in > > ngx_event_expire_timers () at > > > src/event/ngx_event_timer.c:149 > > > > Could you please test if the attached patch fixes > > things for you? > > > > You may also grab it from here: > > http://mdounin.ru/files/patch-nginx-ssl-shutdown.t > > xt > > > > Maxim Dounin > > # HG changeset patch > > # User Maxim Dounin > > # Date 1314581235 -14400 > > # Node ID 804454a04e22d32c064a3af8e7b24326c7fc2d63 > > # Parent 4b58ea791d9f09b0e2d019fcdea340c0a390af6c > > Handle quiet ssl shutdown. > > > > OpenSSL's SSL_shutdown() may still try to talk to > > network even if > > SSL_set_shutdown(SSL_RECEIVED_SHUTDOWN|SSL_SENT_SH > > UTDOWN) was used. > > This happens if there are some unsent alerts. > > > > Use SSL_set_quiet_shutdown() to actually shutdown > > quitely if we were asked > > to. Note that SSL_set_shutdown() is still > > required as not setting it will > > invalidate session. > > > > diff --git a/src/event/ngx_event_openssl.c > > b/src/event/ngx_event_openssl.c > > --- a/src/event/ngx_event_openssl.c > > +++ b/src/event/ngx_event_openssl.c > > @@ -1205,6 +1205,7 @@ > > ngx_ssl_shutdown(ngx_connection_t *c) > > > > if (c->timedout) { > > mode = > > SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN; > > + > > SSL_set_quiet_shutdown(c->ssl->connection, 1); > > > > } else { > > mode = > > SSL_get_shutdown(c->ssl->connection); > > @@ -1216,6 +1217,10 @@ > > ngx_ssl_shutdown(ngx_connection_t *c) > > if (c->ssl->no_send_shutdown) { > > mode |= SSL_SENT_SHUTDOWN; > > } > > + > > + if (c->ssl->no_wait_shutdown && > > c->ssl->no_send_shutdown) { > > + > > SSL_set_quiet_shutdown(c->ssl->connection, 1); > > + } > > } > > > > SSL_set_shutdown(c->ssl->connection, mode); > > _______________________________________________ > > nginx mailing list > > nginx at nginx.org > > http://mailman.nginx.org/mailman/listinfo/nginx > > Posted at Nginx Forum: > http://forum.nginx.org/read.php?2,213207,214602#msg-214602 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Thu Sep 1 03:16:42 2011 From: nginx-forum at nginx.us (speedfirst) Date: Wed, 31 Aug 2011 23:16:42 -0400 Subject: A bug when Host header contain IPv6 address In-Reply-To: <20110831090804.GO1137@mdounin.ru> References: <20110831090804.GO1137@mdounin.ru> Message-ID: <1b1e24f5621e0c7ada55750e10c9367d.NginxMailingListEnglish@forum.nginx.org> Thanks. the general idea of that patch is similar to mine but better. So I'll apply it. If you can tell me why you feel that patch is not enough, I can help to improve it. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214541,214605#msg-214605 From erik at erikwickstrom.com Thu Sep 1 05:48:54 2011 From: erik at erikwickstrom.com (Erik Wickstrom) Date: Wed, 31 Aug 2011 22:48:54 -0700 Subject: Serving stale items from cache Message-ID: I have a web application where the objects are expensive to generate, yet each individual object is accessed infrequently (a few times a week). The dataset in total is about 24 GB. Can Nginx be configured to cache these items for a short amount of time (say 20 minutes), but also have a relatively long (i.e. 7 days) stale setting so clients will always get a fast response (but at the same time will trigger an update of the cached item). proxy_cache_path /var/lib/nginx/cache levels=2:2:2 keys_zone=staticfilecache:512m inactive=7d max_size=25000m; # serve stale cache when the cache is updating, or there is a timeout or error. proxy_cache_use_stale timeout updating error invalid_header http_500 http_502 http_503 http_504; proxy_cache_valid 200 20m; My understanding is that the by setting proxy_cache_path to inactive=7d, cached items will be kept for 7 days and available to be served as stale objects. Basically any request that comes in after 20 minutes will get a stale object from the cache for up to 7 days (and at the same time refresh the cache with the latest version from the backend). However, in testing, it appears that stale objects are not returned, but instead a fresh request is made to my appservers. Here is some sample data from my logs (Notice the $upstream_cache_status and $request_time at the end of the log line) 71.111.3.11 - - [31/Aug/2011:19:44:26 +0000] "GET /?p=3093 HTTP/1.1" 200 3849 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.215 Safari/535.1" - EXPIRED 15.789 71.111.3.11 - - [31/Aug/2011:19:44:42 +0000] "GET /?p=3093 HTTP/1.1" 200 3849 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.215 Safari/535.1" - HIT 0.000 71.111.3.11 - - [31/Aug/2011:19:51:02 +0000] "GET /?p=3093 HTTP/1.1" 200 3849 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.215 Safari/535.1" - HIT 0.000 71.111.3.11 - - [31/Aug/2011:20:01:50 +0000] "GET /?p=3093 HTTP/1.1" 200 3849 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.215 Safari/535.1" - HIT 0.000 71.111.3.11 - - [31/Aug/2011:21:03:56 +0000] "GET /?p=3093 HTTP/1.1" 200 3851 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.218 Safari/535.1" - EXPIRED 0.725 71.111.3.11 - - [31/Aug/2011:21:14:55 +0000] "GET /?p=3093 HTTP/1.1" 200 3851 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.218 Safari/535.1" - HIT 0.000 71.111.3.11 - - [31/Aug/2011:21:54:18 +0000] "GET /?p=3093 HTTP/1.1" 200 3833 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.218 Safari/535.1" - EXPIRED 0.856 71.111.3.11 - - [31/Aug/2011:22:01:25 +0000] "GET /?p=3093 HTTP/1.1" 200 3833 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.218 Safari/535.1" - HIT 0.000 71.111.3.11 - - [01/Sep/2011:00:02:01 +0000] "GET /?p=3093 HTTP/1.1" 200 3847 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.218 Safari/535.1" - MISS 11.019 Basically I'm trying to keep my cache warm, without overwhelming my app servers. Is this doable? Thanks! Erik From nginx-forum at nginx.us Thu Sep 1 07:30:34 2011 From: nginx-forum at nginx.us (bigplum) Date: Thu, 01 Sep 2011 03:30:34 -0400 Subject: doubt with proxy busy buffer Message-ID: <8c559c7af61f18e50b47dd6f606bcca0.NginxMailingListEnglish@forum.nginx.org> Hi, I write a module for file download, but sometimes it will alert "the http output chain is empty while sending to client". And I check the code, it seems that if proxy busy buffer run out, write_filter will always return ngx error. Is that right? In function: ngx_event_pipe_write_to_downstream(ngx_event_pipe_t *p) line 540: out = NULL; if (bsize >= (size_t) p->busy_size) { flush = 1; goto flush; } //If busy size is larger than that value in ngix.conf, //out chain will be NULL and goto fulsh //and call output_filter with NULL out chain. line 617: flush: ............... rc = p->output_filter(p->output_ctx, out); //So get into ngx_http_write_filter(ngx_http_request_t *r, ngx_chain_t *in), //print the alert log and return error. line: 186 if (size == 0 && !(c->buffered & NGX_LOWLEVEL_BUFFERED)) { if (last) { r->out = NULL; c->buffered &= ~NGX_HTTP_WRITE_BUFFERED; return NGX_OK; } if (flush) { // flush will never be true, because of NULL in chain do { r->out = r->out->next; } while (r->out); c->buffered &= ~NGX_HTTP_WRITE_BUFFERED; return NGX_OK; } ngx_log_error(NGX_LOG_ALERT, c->log, 0, "the http output chain is empty"); ngx_debug_point(); return NGX_ERROR; -- Best Regard. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214608,214608#msg-214608 From mdounin at mdounin.ru Thu Sep 1 08:01:37 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Thu, 1 Sep 2011 12:01:37 +0400 Subject: doubt with proxy busy buffer In-Reply-To: <8c559c7af61f18e50b47dd6f606bcca0.NginxMailingListEnglish@forum.nginx.org> References: <8c559c7af61f18e50b47dd6f606bcca0.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110901080136.GC1137@mdounin.ru> Hello! On Thu, Sep 01, 2011 at 03:30:34AM -0400, bigplum wrote: > Hi, > > I write a module for file download, but sometimes it will alert > "the http output chain is empty while sending to client". > And I check the code, it seems that if proxy busy buffer run out, > write_filter will always return ngx error. > > Is that right? If ngx_http_write_filter() is called with NULL, r->out must not be empty. If it's empty - this means that buffer(s) to flush disappeared somewhere, and alert will warn you about this problem. Maxim Dounin From nginx-forum at nginx.us Thu Sep 1 08:17:28 2011 From: nginx-forum at nginx.us (bigplum) Date: Thu, 01 Sep 2011 04:17:28 -0400 Subject: doubt with proxy busy buffer In-Reply-To: <20110901080136.GC1137@mdounin.ru> References: <20110901080136.GC1137@mdounin.ru> Message-ID: <26c4f70c115aecb734dac57044c1eaa9.NginxMailingListEnglish@forum.nginx.org> Thanks to Maxim, I make a mistake that do not read the r->out statements. The r->out is NULL, so something goes wrong. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214608,214610#msg-214610 From john at bitfieldconsulting.com Thu Sep 1 08:38:58 2011 From: john at bitfieldconsulting.com (John Arundel) Date: Thu, 1 Sep 2011 09:38:58 +0100 Subject: Connections time out before proxy_connect_timeout In-Reply-To: <20110831170758.GA1137@mdounin.ru> References: <20110831170758.GA1137@mdounin.ru> Message-ID: On Wed, Aug 31, 2011 at 6:07 PM, Maxim Dounin wrote: > Connect timeout is limited by your OS's SYN retransmit count limit > and timeout. ?Under FreeBSD it's 75s by default (3 retransmits > with exponential backoff: 3s + 6s + 12s + 24s), under Linux it's > looks like something about 20s by default. ?Looks like you are > hitting this limit. > > The only way to enlarge this limit is to tune OS, e.g. on Linux > try adjusting net.ipv4.tcp_syn_retries sysctl. Yes, that fixed it. Thanks a lot! Regards, John -- Bitfield Consulting: we make software that makes things work http://bitfieldconsulting.com/ From toplek at polok.pl Thu Sep 1 08:42:43 2011 From: toplek at polok.pl (Piotr Polok) Date: Thu, 01 Sep 2011 10:42:43 +0200 Subject: upload file problem (500 Internal Server Error) Message-ID: <5d1a65521a0d9db8f54c1e9b4031e9e8@polok.pl> HI, I'm using version: 'nginx version: nginx/1.1.0' While uploading file I'm getting an error: '500 Internal Server Error' This is an nginx.log result: ------ 2011/09/01 10:39:49 [alert] 28764#0: accept() failed (24: Too many open files) 2011/09/01 10:39:49 [alert] 28764#0: accept() failed (24: Too many open files) 2011/09/01 10:39:49 [alert] 28764#0: accept() failed (24: Too many open files) 2011/09/01 10:39:49 [alert] 28764#0: accept() failed (24: Too many open files) 2011/09/01 10:39:49 [alert] 28764#0: *13013 socket() failed (24: Too many open files) while connecting to upstream, client: 127.0.0.1, server: 192.168.0.222, request: "POST /upload HTTP/1.0", upstream: "http://127.0.0.1:80/upload", host: "localhost", referrer: "http://192.168.0.222/CRM/upload4.html" 2011/09/01 10:39:49 [crit] 28764#0: *13013 open() "/var/www/50x.html" failed (24: Too many open files), client: 127.0.0.1, server: 192.168.0.222, request: "POST /upload HTTP/1.0", upstream: "http://127.0.0.1:80/upload", host: "localhost", referrer: "http://192.168.0.222/CRM/upload4.html" ------ The 'lsof -n | wc -l' command gives a result: '1980' value. The 'cat /proc/sys/fs/file-max' command gives a result: '203296'. So it is not a too many open files problem? The upload4.html containt: ----- Test upload

Select files to upload

----- Please help ;) -- best regards Piotr Polok From chinix at gmail.com Thu Sep 1 09:20:33 2011 From: chinix at gmail.com (chinix) Date: Thu, 01 Sep 2011 17:20:33 +0800 Subject: How to define multiple resolvers? Message-ID: <4e5f4e5e.6731440a.12df.fffff98f@mx.google.com> I want to define more than one resolver to failover if one server is down,how to do this? 2011-09-01 chinix -------------- next part -------------- An HTML attachment was scrubbed... URL: From zjay1987 at gmail.com Thu Sep 1 09:49:29 2011 From: zjay1987 at gmail.com (li zJay) Date: Thu, 1 Sep 2011 17:49:29 +0800 Subject: upload file problem (500 Internal Server Error) In-Reply-To: <5d1a65521a0d9db8f54c1e9b4031e9e8@polok.pl> References: <5d1a65521a0d9db8f54c1e9b4031e9e8@polok.pl> Message-ID: try this? > worker_rlimit_nofile 10000; > On Thu, Sep 1, 2011 at 4:42 PM, Piotr Polok wrote: > HI, > > I'm using version: 'nginx version: nginx/1.1.0' > > While uploading file I'm getting an error: '500 Internal Server Error' > > This is an nginx.log result: > > ------ > 2011/09/01 10:39:49 [alert] 28764#0: accept() failed (24: Too many open > files) > 2011/09/01 10:39:49 [alert] 28764#0: accept() failed (24: Too many open > files) > 2011/09/01 10:39:49 [alert] 28764#0: accept() failed (24: Too many open > files) > 2011/09/01 10:39:49 [alert] 28764#0: accept() failed (24: Too many open > files) > 2011/09/01 10:39:49 [alert] 28764#0: *13013 socket() failed (24: Too many > open files) while connecting to upstream, client: 127.0.0.1, server: > 192.168.0.222, request: "POST /upload HTTP/1.0", upstream: " > http://127.0.0.1:80/upload", host: "localhost", referrer: " > http://192.168.0.222/CRM/**upload4.html > " > 2011/09/01 10:39:49 [crit] 28764#0: *13013 open() "/var/www/50x.html" > failed (24: Too many open files), client: 127.0.0.1, server: 192.168.0.222, > request: "POST /upload HTTP/1.0", upstream: "http://127.0.0.1:80/upload", > host: "localhost", referrer: "http://192.168.0.222/CRM/**upload4.html > " > ------ > > The 'lsof -n | wc -l' command gives a result: '1980' value. > The 'cat /proc/sys/fs/file-max' command gives a result: '203296'. > > So it is not a too many open files problem? > > The upload4.html containt: > ----- > > > Test upload > > >

Select files to upload

> > > > ----- > > > Please help ;) > > -- > best regards > Piotr Polok > > ______________________________**_________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/**mailman/listinfo/nginx > -- ?? -------------- next part -------------- An HTML attachment was scrubbed... URL: From simone.fumagalli at contactlab.com Thu Sep 1 09:53:51 2011 From: simone.fumagalli at contactlab.com (Simone Fumagalli) Date: Thu, 1 Sep 2011 11:53:51 +0200 Subject: Wordpress Setup (Nginx + Apache) In-Reply-To: <1314803185467-6746900.post@n2.nabble.com> References: <1314803185467-6746900.post@n2.nabble.com> Message-ID: <4E5F562F.90407@contactlab.com> On 08/31/2011 05:06 PM, antituhan wrote: > Hello fellas, I've been setup wordpress blog using NginX as front end > and Apache as a backend. If you are using this setup you might be interested in this plugin http://wordpress.org/extend/plugins/nginx-manager/ In this way you can serve directly with Nginx static version of your pages and offload Apache Ciao -- Simone Fumagalli From zjay1987 at gmail.com Thu Sep 1 10:01:31 2011 From: zjay1987 at gmail.com (li zJay) Date: Thu, 1 Sep 2011 18:01:31 +0800 Subject: EmbeddedPerlModule question Message-ID: I want to access nginx $uri variable in perl, the following is my nginx.conf worker_processes 1; > > events { > worker_connections 1024; > } > > http { > perl_set $perlvar 'sub {return "ngx_uri:$uri";}'; > > server { > listen 80; > location / { > add_header "perlvar" $perlvar; > empty_gif; > } > } > }* > * but it doesn't work, nginx $uri variable is empty in perl, can somebody figure out what the problem is? Thanks! -------------- next part -------------- An HTML attachment was scrubbed... URL: From toplek at polok.pl Thu Sep 1 10:02:49 2011 From: toplek at polok.pl (Piotr Polok) Date: Thu, 01 Sep 2011 12:02:49 +0200 Subject: upload file problem (500 Internal Server Error) In-Reply-To: References: <5d1a65521a0d9db8f54c1e9b4031e9e8@polok.pl> Message-ID: <87bd7ee8ed3c1a8bc0f33206b4db4a37@polok.pl> On Thu, 1 Sep 2011 17:49:29 +0800, li zJay wrote: > try this? > >> worker_rlimit_nofile 10000; HI, Thank you, The 'worker_rlimit_nofile 10000' is not solving the problem. I have added a 'fastcgi_pass 127.0.0.1:9000' to a '/upload' location and now I'm getting the 'No input file specified.' error on html form and the '/var/log/nginx/error.log' is clear. This is my '/upload' configuration: ------ location /upload { #Pass altered request body to this location upload_pass @test; #Store files to this directory #The directory is hashed, subdirectories 0 1 2 3 4 5 6 7 8 9 should exist upload_store /var/www/upload; #Allow uploaded files to be read only by user #upload_store_access user:r; upload_store_access user:rw group:rw all:r; #Set specified fields in request body upload_set_form_field $upload_field_name.name "$upload_file_name"; upload_set_form_field $upload_field_name.content_type "$upload_content_type"; upload_set_form_field $upload_field_name.path "$upload_tmp_path"; #Inform backend about hash and size of a file upload_aggregate_form_field "$upload_field_name.md5" "$upload_file_md5"; upload_aggregate_form_field "$upload_field_name.size" "$upload_file_size"; upload_pass_form_field "^submit$|^description$"; upload_cleanup 400 404 499 500-505; fastcgi_pass 127.0.0.1:9000; } # Pass altered request body to a backend location @test { proxy_pass http://localhost:80; } ------ -- best regards Piotr Polok From igor at sysoev.ru Thu Sep 1 10:06:18 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Thu, 1 Sep 2011 14:06:18 +0400 Subject: EmbeddedPerlModule question In-Reply-To: References: Message-ID: <20110901100617.GB25615@nginx.com> On Thu, Sep 01, 2011 at 06:01:31PM +0800, li zJay wrote: > I want to access nginx $uri variable in perl, the following is my nginx.conf > > worker_processes 1; > > > > events { > > worker_connections 1024; > > } > > > > http { > > perl_set $perlvar 'sub {return "ngx_uri:$uri";}'; You should use $r->variable() method to get nginx variable: 'sub { my $r = shift; return $r->variable("uri"); }'; or special $r->uri() method for URI: 'sub { my $r = shift; return $r->uri; }'; > > server { > > listen 80; > > location / { > > add_header "perlvar" $perlvar; > > empty_gif; > > } > > } > > }* > > * > > > but it doesn't work, nginx $uri variable is empty in perl, can somebody > figure out what the problem is? > > Thanks! > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx -- Igor Sysoev From igor at sysoev.ru Thu Sep 1 10:14:56 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Thu, 1 Sep 2011 14:14:56 +0400 Subject: How to define multiple resolvers? In-Reply-To: <4e5f4e5e.6731440a.12df.fffff98f@mx.google.com> References: <4e5f4e5e.6731440a.12df.fffff98f@mx.google.com> Message-ID: <20110901101456.GC25615@nginx.com> On Thu, Sep 01, 2011 at 05:20:33PM +0800, chinix wrote: > I want to define more than one resolver to failover if one server is down,how to do this? Currently it's not possible. -- Igor Sysoev From zjay1987 at gmail.com Thu Sep 1 10:30:36 2011 From: zjay1987 at gmail.com (li zJay) Date: Thu, 1 Sep 2011 18:30:36 +0800 Subject: EmbeddedPerlModule question In-Reply-To: <20110901100617.GB25615@nginx.com> References: <20110901100617.GB25615@nginx.com> Message-ID: Thank you, it works! On Thu, Sep 1, 2011 at 6:06 PM, Igor Sysoev wrote: > On Thu, Sep 01, 2011 at 06:01:31PM +0800, li zJay wrote: > > I want to access nginx $uri variable in perl, the following is my > nginx.conf > > > > worker_processes 1; > > > > > > events { > > > worker_connections 1024; > > > } > > > > > > http { > > > perl_set $perlvar 'sub {return "ngx_uri:$uri";}'; > > You should use $r->variable() method to get nginx variable: > > 'sub { > my $r = shift; > return $r->variable("uri"); > }'; > > or special $r->uri() method for URI: > > 'sub { > my $r = shift; > return $r->uri; > }'; > > > > server { > > > listen 80; > > > location / { > > > add_header "perlvar" $perlvar; > > > empty_gif; > > > } > > > } > > > }* > > > * > > > > > > but it doesn't work, nginx $uri variable is empty in perl, can somebody > > figure out what the problem is? > > > > Thanks! > > > _______________________________________________ > > nginx mailing list > > nginx at nginx.org > > http://mailman.nginx.org/mailman/listinfo/nginx > > > -- > Igor Sysoev > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From jim at ohlste.in Thu Sep 1 12:00:04 2011 From: jim at ohlste.in (Jim Ohlstein) Date: Thu, 01 Sep 2011 08:00:04 -0400 Subject: nginx and Apache killer In-Reply-To: <20110827081104.GB47641@nginx.com> References: <20110827081104.GB47641@nginx.com> Message-ID: <4E5F73C4.2050100@ohlste.in> On 8/27/11 4:11 AM, Igor Sysoev wrote: > Following "Apache Killer" discussions and the advisory from 2011-08-24 > (Advisory: Range header DoS vulnerability Apache HTTPD 2.x CVE-2011-3192) > we'd like to clarify a couple of things in regards to nginx behavior > either in standalone or "combo" (nginx+apache) modes. > > First of all, nginx doesn't favor HEAD requests with compression, > so the exact mentioned attack doesn't work against a standalone > nginx installation. > > If you're using nginx in combination with proxying to apache backend, > please check your configuration to see if nginx actually passes range > requests to the backend: > > 1) If you're using proxying WITH caching then range requests are not > sent to backend and your apache should be safe. > > 2) If you're NOT using caching then you might be vulnerable to the attack. > > In order to mitigate this attack when your installation includes > apache behind nginx we recommend you the following: > > 1. Refer to the above mentioned security advisory CVE-2011-3192 for apache > and implement described measures accordingly. Apache 2.2.20 has been released to address this issue. Please see http://www.apache.org/dist/httpd/Announcement2.2.html. > > 2. Consider using nginx configuration below (in server{} section of > configuration). This particular example filters 5 and more ranges > in the request: > > if ($http_range ~ "(?:\d*\s*-\s*\d*\s*,\s*){5,}") { > return 416; > } > > We'd also like to notify you that for standalone nginx installations > we've produced the attached patch. This patch prevents handling > malicious range requests at all, instead outputting just the entire file > if the total size of all ranges is greater than the expected response. > > > > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx -- Jim Ohlstein From nginx-forum at nginx.us Thu Sep 1 13:38:00 2011 From: nginx-forum at nginx.us (magicbear) Date: Thu, 01 Sep 2011 09:38:00 -0400 Subject: upstream keepalive - call for testing In-Reply-To: References: Message-ID: I use at 2x100Mbps server (40% and 10% utilisation), when stable enought, then I will continue to test at 1000Mbps server. splitice Wrote: ------------------------------------------------------- > I havent had any crashes on 3x10mbit servers (90% > utilisation) or 2x100mbit > servers (20% utilisation). > > Seems very stable. > > On Thu, Sep 1, 2011 at 6:04 AM, magicbear > wrote: > > > OK, It works for 3 days with 40 million request > haven't coredump. > > Thanks. > > > > Maxim Dounin Wrote: > > > -------------------------------------------------- > ----- > > > Hello! > > > > > > On Sun, Aug 28, 2011 at 01:07:25PM -0400, > > > magicbear wrote: > > > > > > > Hello, tested for 2 days, the segmentation > > > failure frequence is > > > > decreased, but sometime still will dead. > > > > > > > > Here is the coredump information. It seems > > > appear too at official > > > > without patch version. > > > > > > [...] > > > > > > > (gdb) bt > > > > #0 0x000000000045bd99 in > > > ngx_http_upstream_handler (ev=0x7f99438901e8) > > > > at src/http/ngx_http_upstream.c:921 > > > > #1 0x0000000000427839 in > > > ngx_event_expire_timers () at > > > > src/event/ngx_event_timer.c:149 > > > > > > Could you please test if the attached patch > fixes > > > things for you? > > > > > > You may also grab it from here: > > > > http://mdounin.ru/files/patch-nginx-ssl-shutdown.t > > > xt > > > > > > Maxim Dounin > > > # HG changeset patch > > > # User Maxim Dounin > > > # Date 1314581235 -14400 > > > # Node ID > 804454a04e22d32c064a3af8e7b24326c7fc2d63 > > > # Parent > 4b58ea791d9f09b0e2d019fcdea340c0a390af6c > > > Handle quiet ssl shutdown. > > > > > > OpenSSL's SSL_shutdown() may still try to talk > to > > > network even if > > > > SSL_set_shutdown(SSL_RECEIVED_SHUTDOWN|SSL_SENT_SH > > > UTDOWN) was used. > > > This happens if there are some unsent alerts. > > > > > > Use SSL_set_quiet_shutdown() to actually > shutdown > > > quitely if we were asked > > > to. Note that SSL_set_shutdown() is still > > > required as not setting it will > > > invalidate session. > > > > > > diff --git a/src/event/ngx_event_openssl.c > > > b/src/event/ngx_event_openssl.c > > > --- a/src/event/ngx_event_openssl.c > > > +++ b/src/event/ngx_event_openssl.c > > > @@ -1205,6 +1205,7 @@ > > > ngx_ssl_shutdown(ngx_connection_t *c) > > > > > > if (c->timedout) { > > > mode = > > > SSL_RECEIVED_SHUTDOWN|SSL_SENT_SHUTDOWN; > > > + > > > SSL_set_quiet_shutdown(c->ssl->connection, 1); > > > > > > } else { > > > mode = > > > SSL_get_shutdown(c->ssl->connection); > > > @@ -1216,6 +1217,10 @@ > > > ngx_ssl_shutdown(ngx_connection_t *c) > > > if (c->ssl->no_send_shutdown) { > > > mode |= SSL_SENT_SHUTDOWN; > > > } > > > + > > > + if (c->ssl->no_wait_shutdown && > > > c->ssl->no_send_shutdown) { > > > + > > > SSL_set_quiet_shutdown(c->ssl->connection, 1); > > > + } > > > } > > > > > > SSL_set_shutdown(c->ssl->connection, > mode); > > > > _______________________________________________ > > > nginx mailing list > > > nginx at nginx.org > > > > http://mailman.nginx.org/mailman/listinfo/nginx > > > > Posted at Nginx Forum: > > > http://forum.nginx.org/read.php?2,213207,214602#ms > g-214602 > > > > _______________________________________________ > > nginx mailing list > > nginx at nginx.org > > http://mailman.nginx.org/mailman/listinfo/nginx > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx Posted at Nginx Forum: http://forum.nginx.org/read.php?2,213207,214622#msg-214622 From nginx-forum at nginx.us Thu Sep 1 14:19:57 2011 From: nginx-forum at nginx.us (ssaravalli) Date: Thu, 01 Sep 2011 10:19:57 -0400 Subject: Issue with NGINX as reverse proxy with basic auth in front of Apache with basic auth In-Reply-To: <20110831122554.GD1468@nginx.com> References: <20110831122554.GD1468@nginx.com> Message-ID: Igor Sysoev Wrote: > > You should > 1) use either the same user/password on both nginx > and Apache, It's not possible in my situation. NGINX uses basic auth based on a file, while Apache uses basic auth through LDAP. > 2) or enable authentication only on one host: on > nginx OR Apache, I can't because I need two layer of authentication. The first one on NGINX and the second one on the web apps with authentication based on our LDAP server. > 3) or enable authentication on nginx and go to > Apache as some > backend user: > > proxy_set_header Authorization > base64_encoding_of_"user:password"; > This is not my case. So, is there a way to tell NGINX to manage only the first authentication level and when the user provides username/password (LDAP) for the backend web app, these credentials must be managed by the backend web server? Another solution may be to keep on the backend the LDAP auth and on the frontend (NGINX) a form based authentication? Thanks, Simone Saravalli Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214550,214624#msg-214624 From mdounin at mdounin.ru Thu Sep 1 14:50:49 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Thu, 1 Sep 2011 18:50:49 +0400 Subject: Issue with NGINX as reverse proxy with basic auth in front of Apache with basic auth In-Reply-To: References: <20110831122554.GD1468@nginx.com> Message-ID: <20110901145049.GD1137@mdounin.ru> Hello! On Thu, Sep 01, 2011 at 10:19:57AM -0400, ssaravalli wrote: [...] > So, is there a way to tell NGINX to manage only the first authentication > level and when the user provides username/password (LDAP) for the > backend web app, these credentials must be managed by the backend web > server? There is no levels of authentication possible in HTTP authentication. More strictly, there are two levels: proxy and client. The proxy level is reserved to working with proxies, and it's not generally possible to use it anywhere else (additionally, I believe it's not supported by majority of software). Please refer to RFC 2616 and RFC 2617 for more details. > Another solution may be to keep on the backend the LDAP auth and on the > frontend (NGINX) a form based authentication? This should work. Maxim Dounin From lists at ruby-forum.com Thu Sep 1 16:13:47 2011 From: lists at ruby-forum.com (Hongli Lai) Date: Thu, 01 Sep 2011 18:13:47 +0200 Subject: Please open the Nginx SVN repository In-Reply-To: References: <2116ea892041ed6fae726223de1a154c@ruby-forum.com> Message-ID: The SVN repository seems to be down. $ svn list svn://svn.nginx.org svn: No repository found in 'svn://svn.nginx.org' -- Posted via http://www.ruby-forum.com/. From mdounin at mdounin.ru Thu Sep 1 16:16:36 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Thu, 1 Sep 2011 20:16:36 +0400 Subject: Please open the Nginx SVN repository In-Reply-To: References: <2116ea892041ed6fae726223de1a154c@ruby-forum.com>

Message-ID: <20110901161635.GE1137@mdounin.ru> Hello! On Thu, Sep 01, 2011 at 06:13:47PM +0200, Hongli Lai wrote: > The SVN repository seems to be down. > > $ svn list svn://svn.nginx.org > svn: No repository found in 'svn://svn.nginx.org' http://mailman.nginx.org/pipermail/nginx-devel/2011-August/001115.html Maxim Dounin From nginx-forum at nginx.us Thu Sep 1 23:17:06 2011 From: nginx-forum at nginx.us (magicbear) Date: Thu, 01 Sep 2011 19:17:06 -0400 Subject: upload file problem (500 Internal Server Error) In-Reply-To: <87bd7ee8ed3c1a8bc0f33206b4db4a37@polok.pl> References: <87bd7ee8ed3c1a8bc0f33206b4db4a37@polok.pl> Message-ID: you can try to add such line to /etc/security/limits.conf nginx soft nofile 131072 nginx hard nofile 1048576 and fastcgi_pass to run PHP you need to set SCRIPT_FILENAME, you may first include fastcgi_params at /etc/nginx (if you install nginx with binary), and then add such line before fastcgi_pass: fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; Piotr Polok Wrote: ------------------------------------------------------- > On Thu, 1 Sep 2011 17:49:29 +0800, li zJay wrote: > > try this? > > > >> worker_rlimit_nofile 10000; > > HI, > > Thank you, The 'worker_rlimit_nofile 10000' is not > solving the problem. > > I have added a 'fastcgi_pass 127.0.0.1:9000' to a > '/upload' location > and now I'm getting the 'No input file specified.' > error on html form > and the '/var/log/nginx/error.log' is clear. > > This is my '/upload' configuration: > > ------ > location /upload { > #Pass altered request body to this location > upload_pass @test; > > #Store files to this directory > #The directory is hashed, subdirectories 0 1 2 3 > 4 5 6 7 8 9 should > exist > upload_store /var/www/upload; > > #Allow uploaded files to be read only by user > #upload_store_access user:r; > upload_store_access user:rw group:rw all:r; > > #Set specified fields in request body > upload_set_form_field $upload_field_name.name > "$upload_file_name"; > upload_set_form_field > $upload_field_name.content_type > "$upload_content_type"; > upload_set_form_field $upload_field_name.path > "$upload_tmp_path"; > > #Inform backend about hash and size of a file > upload_aggregate_form_field > "$upload_field_name.md5" > "$upload_file_md5"; > upload_aggregate_form_field > "$upload_field_name.size" > "$upload_file_size"; > > upload_pass_form_field "^submit$|^description$"; > > upload_cleanup 400 404 499 500-505; > > fastcgi_pass 127.0.0.1:9000; > } > > # Pass altered request body to a backend > location @test { > proxy_pass http://localhost:80; > } > ------ > > -- > best regards > Piotr Polok > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214612,214639#msg-214639 From nginx-forum at nginx.us Fri Sep 2 06:03:03 2011 From: nginx-forum at nginx.us (James_Lee) Date: Fri, 02 Sep 2011 02:03:03 -0400 Subject: The patch of Nginx SSL: PEM pass phrase problem Message-ID: <8c1d65b918b52351b2382a2fa6c5d4ae.NginxMailingListEnglish@forum.nginx.org> Hi, If we configured SSL in Nginx and the Private Key files are encrypted, then the following dialog occurs at Nginx startup time: Enter PEM pass phrase: It maybe difficulty for management. Sometimes it's needed to avoid the interactive dialogue at startup time. So I develop the patch for Nginx ssl module. Wish it helpful! Directive: ssl_pass_phrase_dialog -------------------------------------------------------------------- Description: Type of pass phrase dialog for encrypted private keys Syntax: ssl_pass_phrase_dialog type Default: ssl_pass_phrase_dialog builtin Context: http, server Usage: -------------------------------------------------------------------- When Nginx starts up it has to read the various Certificate (see ssl_certificate) and Private Key (see ssl_certificate_key) files of the SSL-enabled virtual servers. Because for security reasons the Private Key files are usually encrypted, ngx_ssl module needs to query the administrator for a Pass Phrase in order to decrypt those files. This query can be done in two ways which can be configured by type: * builtin This is the default where an interactive terminal dialog occurs at startup time. Here the administrator has to manually enter the Pass Phrase for each encrypted Private Key file. * exec:/path/to/program Here an external program is configured which is called at startup for each encrypted Private Key file. Example: -------------------------------------------------------------------- (1) ssl_pass_phrase_dialog builtin; The "Enter PEM pass phrase:" will occurs at the Nginx startup time. (2) ssl_pass_phrase_dialog "exec:/home/ssl_files/ssl_pass_phrase.sh"; The code of ssl_pass_phrase.sh: #!/bin/sh echo "password" The relevant configuration in Apache is: http://httpd.apache.org/docs/2.0/mod/mod_ssl.html#sslpassphrasedialog If more information is needed, please refer to the Nginx HttpSslModule: http://wiki.nginx.org/HttpSslModule Patch? -------------------------------------------------------------------- This patch has been tested in nginx-0.8.54. The download url is : http://www.cx.com/dl/?sn=f3c7b79133b7 Author: -------------------------------------------------------------------- beagem#163.com (Here # is @ in fact) Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214641,214641#msg-214641 From nginx-forum at nginx.us Fri Sep 2 06:09:06 2011 From: nginx-forum at nginx.us (ssaravalli) Date: Fri, 02 Sep 2011 02:09:06 -0400 Subject: Issue with NGINX as reverse proxy with basic auth in front of Apache with basic auth In-Reply-To: <20110901145049.GD1137@mdounin.ru> References: <20110901145049.GD1137@mdounin.ru> Message-ID: <9ae4ed579af1b1731379d0ed94d15745.NginxMailingListEnglish@forum.nginx.org> Hello Maxim Maxim Dounin Wrote: ------------------------------------------------------- > Hello! > > On Thu, Sep 01, 2011 at 10:19:57AM -0400, > ssaravalli wrote: > > [...] > > > So, is there a way to tell NGINX to manage only > the first authentication > > level and when the user provides > username/password (LDAP) for the > > backend web app, these credentials must be > managed by the backend web > > server? > > There is no levels of authentication possible in > HTTP > authentication. > > More strictly, there are two levels: proxy and > client. The > proxy level is reserved to working with proxies, > and it's not > generally possible to use it anywhere else > (additionally, I > believe it's not supported by majority of > software). > > Please refer to RFC 2616 and RFC 2617 for more > details. ok, trank you > > Another solution may be to keep on the backend > the LDAP auth and on the > > frontend (NGINX) a form based authentication? > > This should work. > I'll try with this solution. Thank you for your reply! Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214550,214642#msg-214642 From zblut at cerego.com Fri Sep 2 07:27:08 2011 From: zblut at cerego.com (Zev Blut) Date: Fri, 2 Sep 2011 16:27:08 +0900 Subject: Is there a method to allow a particular user agent access to a server rule that uses the access and auth basic module? Message-ID: <4E60854C.3040001@cerego.com> Hello, I have a configuration in a server rule that typically only allows access by either an auth basic request or by certain ip addresses. Something along the lines of this: server { listen 80; charset off; server_name authsite; satisfy any; auth_basic "Auth Message"; auth_basic_user_file xyz.passwd; # Allow Internal Network allow 192.168.1.0/24; deny all; # many includes and location directives below } We have a use case were we need to allow an external agent to have access to this site. I'd rather not play whack-a-mole and keep adding ip addresses for this agent. At the same time I cannot give the agent an login and password, because we can't control the URLs. So I was wondering if there is a way to also allow access to this site based on the user agent? I tried using an if directive but that is not working. Thanks for any ideas -- Zev Blut Cerego Japan Inc Developer Development / Technology ?? ???? ???????????? ???? ??? Office : +81-3-3463-7266 Email : zblut at cerego.com Corporate website: http://www.cerego.com Core service website: http://iknow.jp From agentzh at gmail.com Fri Sep 2 08:24:50 2011 From: agentzh at gmail.com (agentzh) Date: Fri, 2 Sep 2011 16:24:50 +0800 Subject: [ANN] ngx_lua v0.3.0 released: new regex API, request args API, header filter hooks, and more In-Reply-To: References: Message-ID: Hello, folks! After two months' active development of our contributors, I'm happy to announce the v0.3.0 release of our ngx_lua module. You can get the release tarball from the download page: ??? https://github.com/chaoslawful/lua-nginx-module/downloads This release contains a new PCRE regex API for Lua, an API for retrieving parsed URI query arguments and POST query arguments, as well as the new hooks that allow you to define nginx header filters directly in Lua. Also, the special "ngx.ctx" table is implemented so that you can store arbitrary Lua values into this data which will have a lifetime identical to the current nginx request. There's many more new features and bug fixes that you can find out in the following complete change log for this release: ??? http://wiki.nginx.org/HttpLuaModule#v0.3.0 Special thanks go to our contributors and users, Liseen Wan, Lance, Ou Yuanning, Bertrand Mansion (golgote), James Hurst, Patrick Crosby, Bill Donahue, Jiang Dapao, and others. This module embeds the Lua interpreter or LuaJIT into the nginx core and integrates the powerful Lua threads (aka Lua coroutines) into the nginx event model by means of nginx subrequests. Unlike Apache's mod_lua and Lighttpd's mod_magnet, Lua code written atop this module can be 100% non-blocking on network traffic as long as you use the ngx.location.capture or ngx.location.capture_multi interfaces to let the nginx core do all your requests to mysql, postgresql, memcached, redis, upstream http web services, and etc etc etc. This module is also included and enabled by default in our ngx_openresty bundle: http://openresty.org/ You can find the complete documentation for this module on the following wiki page: ??? http://wiki.nginx.org/HttpLuaModule And you always get the latest source code from the git repository here: ??? https://github.com/chaoslawful/lua-nginx-module Have fun! -agentzh From mdounin at mdounin.ru Fri Sep 2 08:31:05 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Fri, 2 Sep 2011 12:31:05 +0400 Subject: Is there a method to allow a particular user agent access to a server rule that uses the access and auth basic module? In-Reply-To: <4E60854C.3040001@cerego.com> References: <4E60854C.3040001@cerego.com> Message-ID: <20110902083105.GH1137@mdounin.ru> Hello! On Fri, Sep 02, 2011 at 04:27:08PM +0900, Zev Blut wrote: > Hello, > > I have a configuration in a server rule that typically only allows > access by either an auth basic request or by certain ip addresses. > > Something along the lines of this: > > server { > listen 80; > > charset off; > server_name authsite; > > satisfy any; > > auth_basic "Auth Message"; > auth_basic_user_file xyz.passwd; > > # Allow Internal Network > allow 192.168.1.0/24; > deny all; > > # many includes and location directives below > } > > > We have a use case were we need to allow an external agent to have > access to this site. > I'd rather not play whack-a-mole and keep adding ip addresses for this > agent. > At the same time I cannot give the agent an login and password, because > we can't control the URLs. > > So I was wondering if there is a way to also allow access to this > site based on the user agent? > > I tried using an if directive but that is not working. Something like this should work: server { ... location / { error_page 418 = @allowed; if ($http_user_agent ~ something) { return 418; } satisfy any; allow ... auth_basic ... } location @allowed { # ... } } Alternatively, you may use auth request module[1] and write something like this: server { ... location / { satisfy any; allow ... auth_basic ... auth_request /auth; } location = /auth { if ($http_user_agent ~ something) { return 200; } return 403; } } [1] http://mdounin.ru/hg/ngx_http_auth_request_module/ Maxim Dounin From zblut at cerego.com Fri Sep 2 09:34:14 2011 From: zblut at cerego.com (Zev Blut) Date: Fri, 2 Sep 2011 18:34:14 +0900 Subject: Is there a method to allow a particular user agent access to a server rule that uses the access and auth basic module? In-Reply-To: <20110902083105.GH1137@mdounin.ru> References: <4E60854C.3040001@cerego.com> <20110902083105.GH1137@mdounin.ru> Message-ID: <4E60A316.4050701@cerego.com> Hello, On 09/02/2011 05:31 PM, Maxim Dounin wrote: > On Fri, Sep 02, 2011 at 04:27:08PM +0900, Zev Blut wrote: >> We have a use case were we need to allow an external agent to have >> access to this site. >> I'd rather not play whack-a-mole and keep adding ip addresses for this >> agent. >> At the same time I cannot give the agent an login and password, because >> we can't control the URLs. >> >> So I was wondering if there is a way to also allow access to this >> site based on the user agent? >> >> I tried using an if directive but that is not working. > Alternatively, you may use auth request module[1] and write something > like this: > > > server { > ... > > location / { > satisfy any; > > allow ... > auth_basic ... > auth_request /auth; > } > > location = /auth { > if ($http_user_agent ~ something) { > return 200; > } > return 403; > } > } > > [1] http://mdounin.ru/hg/ngx_http_auth_request_module/ Thanks for the link to the auth request module That might serve my purposes best without have to refactor and duplicate my configs as much as the extra location will. Thanks, Zev From nginx-forum at nginx.us Fri Sep 2 11:50:32 2011 From: nginx-forum at nginx.us (ykse) Date: Fri, 02 Sep 2011 07:50:32 -0400 Subject: nginx and php header + flush Message-ID: Hello guys, I've got strange problem with my webserver. I've got nginx and apache with php as backend www server, and now when I tryin to run this code -> ( it's on apache ) nginx returns something like this -> 8 sometext 0 As you can see it's returns some numbers, but why ? When I'm openning same script directly from apache it's returns only "sometext" without any numbers. Do you have any idea why nginx returns this numbers ? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214654,214654#msg-214654 From mdounin at mdounin.ru Fri Sep 2 11:57:16 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Fri, 2 Sep 2011 15:57:16 +0400 Subject: nginx and php header + flush In-Reply-To: References: Message-ID: <20110902115716.GL1137@mdounin.ru> Hello! On Fri, Sep 02, 2011 at 07:50:32AM -0400, ykse wrote: > Hello guys, > I've got strange problem with my webserver. I've got nginx and apache > with php as backend www server, and now when I tryin to run this code > -> > > > header('HTTP/1.x 404 Not Found'); > echo "sometext"; > flush(); > ?> > > ( it's on apache ) > > nginx returns something like this -> > > > 8 sometext 0 > > > As you can see it's returns some numbers, but why ? When I'm openning > same script directly from apache it's returns only "sometext" without > any numbers. > > > Do you have any idea why nginx returns this numbers ? These numbers are from chunked encoding incorrectly sent by apache to nginx. This behaviour is the result of a bug in apache's mod_php which forces HTTP/1.1 reply despite the fact client (nginx) uses HTTP/1.0 in request. To fix this, just change header('HTTP/1.1 ...'); to header('HTTP/1.0 ...'); in your php code, or use "SetEnv downgrade-1.0" in apache config as a workaround if changing code is problematic for some reason. See [1] for more information. [1] http://mailman.nginx.org/pipermail/nginx/2011-August/028508.html Maxim Dounin From nginx-forum at nginx.us Fri Sep 2 12:00:21 2011 From: nginx-forum at nginx.us (ykse) Date: Fri, 02 Sep 2011 08:00:21 -0400 Subject: nginx and php header + flush In-Reply-To: <20110902115716.GL1137@mdounin.ru> References: <20110902115716.GL1137@mdounin.ru> Message-ID: Maxim, now it's works fine! Thanks a lot! Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214654,214656#msg-214656 From andrew at nginx.com Fri Sep 2 15:59:50 2011 From: andrew at nginx.com (Andrew Alexeev) Date: Fri, 2 Sep 2011 19:59:50 +0400 Subject: Serving stale items from cache In-Reply-To: References: Message-ID: <4262924B-D501-46F1-95D8-C0DA85D975D3@nginx.com> Erik, That's not currently doable with nginx. Proxy_cache_use_stale directive works when you've got your backend down. What you want is more like doing a triggered update of the content in background and it's not possible at this time. Hope this helps On Sep 1, 2011, at 9:48 AM, Erik Wickstrom wrote: > I have a web application where the objects are expensive to generate, > yet each individual object is accessed infrequently (a few times a > week). The dataset in total is about 24 GB. > > Can Nginx be configured to cache these items for a short amount of > time (say 20 minutes), but also have a relatively long (i.e. 7 days) > stale setting so clients will always get a fast response (but at the > same time will trigger an update of the cached item). > > proxy_cache_path /var/lib/nginx/cache levels=2:2:2 > keys_zone=staticfilecache:512m inactive=7d max_size=25000m; > # serve stale cache when the cache is updating, or there is a timeout or error. > proxy_cache_use_stale timeout updating error invalid_header http_500 > http_502 http_503 http_504; > proxy_cache_valid 200 20m; > > My understanding is that the by setting proxy_cache_path to > inactive=7d, cached items will be kept for 7 days and available to be > served as stale objects. Basically any request that comes in after 20 > minutes will get a stale object from the cache for up to 7 days (and > at the same time refresh the cache with the latest version from the > backend). > > However, in testing, it appears that stale objects are not returned, > but instead a fresh request is made to my appservers. Here is some > sample data from my logs (Notice the $upstream_cache_status and > $request_time at the end of the log line) > > 71.111.3.11 - - [31/Aug/2011:19:44:26 +0000] "GET /?p=3093 HTTP/1.1" > 200 3849 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) > AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.215 > Safari/535.1" - EXPIRED 15.789 > 71.111.3.11 - - [31/Aug/2011:19:44:42 +0000] "GET /?p=3093 HTTP/1.1" > 200 3849 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) > AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.215 > Safari/535.1" - HIT 0.000 > 71.111.3.11 - - [31/Aug/2011:19:51:02 +0000] "GET /?p=3093 HTTP/1.1" > 200 3849 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) > AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.215 > Safari/535.1" - HIT 0.000 > 71.111.3.11 - - [31/Aug/2011:20:01:50 +0000] "GET /?p=3093 HTTP/1.1" > 200 3849 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) > AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.215 > Safari/535.1" - HIT 0.000 > 71.111.3.11 - - [31/Aug/2011:21:03:56 +0000] "GET /?p=3093 HTTP/1.1" > 200 3851 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) > AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.218 > Safari/535.1" - EXPIRED 0.725 > 71.111.3.11 - - [31/Aug/2011:21:14:55 +0000] "GET /?p=3093 HTTP/1.1" > 200 3851 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) > AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.218 > Safari/535.1" - HIT 0.000 > 71.111.3.11 - - [31/Aug/2011:21:54:18 +0000] "GET /?p=3093 HTTP/1.1" > 200 3833 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) > AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.218 > Safari/535.1" - EXPIRED 0.856 > 71.111.3.11 - - [31/Aug/2011:22:01:25 +0000] "GET /?p=3093 HTTP/1.1" > 200 3833 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) > AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.218 > Safari/535.1" - HIT 0.000 > 71.111.3.11 - - [01/Sep/2011:00:02:01 +0000] "GET /?p=3093 HTTP/1.1" > 200 3847 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_1) > AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.218 > Safari/535.1" - MISS 11.019 > > > Basically I'm trying to keep my cache warm, without overwhelming my > app servers. Is this doable? > > Thanks! > Erik > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > From nginx-forum at nginx.us Fri Sep 2 20:32:32 2011 From: nginx-forum at nginx.us (Xan) Date: Fri, 02 Sep 2011 16:32:32 -0400 Subject: Strange directory behaviour: rename causes 404 error Message-ID: <86f14be754becd175c07a61f1db101ba.NginxMailingListEnglish@forum.nginx.org> Hi, I have strange behaviour. I have a directory "@docencia". All is ok: 172.26.0.6 - - [02/Sep/2011:22:26:10 +0200] "GET /@docencia/ HTTP/1.1" 200 218 "https://172.26.0.3/" "Mozilla/5.0 (X11; Linux i686; rv:6.0.1) Gecko/20100101 Firefox/6.0.1" but when I rename to "docencia", I have: 172.26.0.6 - - [02/Sep/2011:22:27:59 +0200] "GET /docencia/ HTTP/1.1" 404 244 "https://172.26.0.3/" "Mozilla/5.0 (X11; Linux i686; rv:6.0.1) Gecko/20100101 Firefox/6.0.1" I don't know why. Any hint. Please, help me. Xan. My nginx.conf is: user www-data; worker_processes 1; pid /var/run/nginx.pid; events { worker_connections 1024; # multi_accept on; } http { include /etc/nginx/mime.types; # =logs: access_log|_/var/log/nginx/access.log; error_log /var/log/nginx/error.log; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; tcp_nodelay on; # =compressi?: gzip on; gzip_min_length 100; gzip_types text/plain text/css text/xml application/x-javascript application/atom+xml; # =inclusi? dels servidors virtuals include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } and /etc/nginx/sites-enabled/ only has default: # You may add here your # server { # ... # } # statements for each of your virtual hosts # Servidor pla (http). server { listen 80 default; server_name localhost; location / { rewrite ^(.*)$ https://$host$1 permanent; } # Per a qu? no me doni error si el navegador me demana favicon.ico i no el # tenc. De [http://wiki.nginx.org/Piwik] # location = /favicon.ico { # try_files /favicon.ico =204; #} # Seguint http://wiki.nginx.org/ThttpdCGI #location ~ \.pl$ { # #include proxy.conf; # proxy_intercept_errors on; # proxy_pass http://127.0.0.1:8082; # proxy_redirect off; # proxy_set_header X-Real-IP $remote_addr; # proxy_set_header Host $host; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # #proxy_redirect default; # #real_ip_header X-Real-IP; # #proxy_set_header Connection Close; # #proxy_intercept_errors on; #} #location ~ \.php$ { # #include proxy.conf; # proxy_intercept_errors on; # proxy_pass http://127.0.0.1:8082; #8082 --> lighttpd # proxy_redirect off; # proxy_set_header X-Real-IP $remote_addr; # proxy_set_header Host $host; # proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # #proxy_redirect default; # #real_ip_header X-Real-IP; # #proxy_set_header Connection Close; # #proxy_intercept_errors on; #} # Estat de les connexions del nginx. # De [http://kovyrin.net/2006/04/29/monitoring-nginx-with-rrdtool/] #location /status { # stub_status on; # access_log off; # allow 127.0.0.1; # allow 172.26.0.0/24; # deny all; #} # proxy the PHP scripts to Apache listening on 127.0.0.1:80 # #location ~ \.php$ { #proxy_pass http://127.0.0.1; #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 # #location ~ \.php$ { #fastcgi_pass 127.0.0.1:9000; #fastcgi_index index.php; #fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; #includefastcgi_params; #} # deny access to .htaccess files, if Apache's document root # concurs with nginx's one # #location ~ /\.ht { #deny all; #} } # Servidor SSL (https) server { server_name localhost; listen 443; ssl on; ssl_certificate /usr/local/nginx/conf/server.crt; ssl_certificate_key /usr/local/nginx/conf/server.key; location / { root /var/www; index index.html index.htm index.php; autoindex on; autoindex_exact_size off; } location /doc { root /usr/share; autoindex on; autoindex_exact_size off; allow 127.0.0.1; allow 172.26.0.0/24; deny all; } # 400 = Bad request error_page 400 /400.html; location = /400.html { root /var/www/code-pages; } # 401 = Unauthorized error_page 401 /401.html; location = /401.html { root /var/www/code-pages; } # 403 = Forbidden page error_page 403 /403.html; location = /403.html { root /var/www/code-pages; } # 404 = Not found error_page 404 /404.html; location = /404.html { root /var/www/code-pages; } # 500 = Internal Server Error # error_page 500 /500.html; location = /500.html { root /var/www/code-pages; } # 501 = Not Implemented # error_page 501 /501.html; location = /501.html { root /var/www/code-pages; } # 502 = Bad Gateway # error_page 502 /502.html; location = /502.html { root /var/www/code-pages; } # 503 = Service Unavaliable # error_page 503 /503.html; location = /503.html { root /var/www/code-pages; } # 504 = Gateway Timeout # error_page 504 /504.html; location = /504.html { root /var/www/code-pages; } # 505 = HTTP Version Not Supported # error_page 505 /505.html; location = /505.html { root /var/www/code-pages; } # Per a qu? no me doni error si el navegador me demana favicon.ico i no el # tenc. De [http://wiki.nginx.org/Piwik] location = /favicon.ico { try_files /favicon.ico =204; } # Execuci? de scripts de perl per proxy i lighttpd # Informaci? original http://wiki.nginx.org/ThttpdCGI location ~ \.pl$ { #include proxy.conf; proxy_intercept_errors on; proxy_pass http://127.0.0.1:8082; #En teoria 8443; per ser segur entre servidors proxy_redirect off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #proxy_redirect default; #real_ip_header X-Real-IP; #proxy_set_header Connection Close; #proxy_intercept_errors on; } # # Per executar php via fastcgi (php-fpm). # # NO descomentar. # location ~ \.php$ { # include /etc/nginx/fastcgi_params; # #fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock; # #fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; # fastcgi_pass 127.0.0.1:9000; # } # Execuci? de php per proxy a lighttpd location ~ \.php$ { #include proxy.conf; #proxy_intercept_errors on; proxy_pass http://127.0.0.1:8082; #8082 --> lighttpd ##proxy_set_header X-Forwarded-Host $host; ##proxy_set_header X-Forwarded-Server $host; ##proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; #proxy_redirect off; #proxy_buffering off; proxy_set_header X-Real-IP $remote_addr; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $remote_addr; #$proxy_add_x_forwarded_for; #proxy_set_header X-Forwarded-Ssl on; ##proxy_redirect default; ##real_ip_header X-Real-IP; ##proxy_set_header Connection Close; ##proxy_intercept_errors on; } location /segur/ { auth_basic "Zona restringida"; auth_basic_user_file conf.d/contrasenyes; root /var/www/; autoindex on; } # Estat de les connexions del nginx. # De [http://kovyrin.net/2006/04/29/monitoring-nginx-with-rrdtool/] location /status { stub_status on; access_log off; allow 127.0.0.1; allow 172.26.0.0/24; deny all; } } # another virtual host using mix of IP-, name-, and port-based configuration # #server { #listen 8000; #listen somename:8080; #server_name somename alias another.alias; #location / { #root html; #index index.html index.htm; #} #} # HTTPS server # #server { #listen 443; #server_name localhost; #ssl on; #ssl_certificate cert.pem; #ssl_certificate_key cert.key; #ssl_session_timeout 5m; #ssl_protocols SSLv2 SSLv3 TLSv1; #ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; #ssl_prefer_server_ciphers on; #location / { #root html; #index index.html index.htm; #} #} Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214663,214663#msg-214663 From nginx-forum at nginx.us Fri Sep 2 20:36:00 2011 From: nginx-forum at nginx.us (Xan) Date: Fri, 02 Sep 2011 16:36:00 -0400 Subject: SOLVED Strange directory behaviour: rename causes 404 error In-Reply-To: <86f14be754becd175c07a61f1db101ba.NginxMailingListEnglish@forum.nginx.org> References: <86f14be754becd175c07a61f1db101ba.NginxMailingListEnglish@forum.nginx.org> Message-ID: <43d7cb0d9aef0ebb36575cfad40c285c.NginxMailingListEnglish@forum.nginx.org> Solved: simply change: "location /doc" to "location /doc/" That's all. :-) Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214663,214664#msg-214664 From rami.essaid at gmail.com Fri Sep 2 20:42:39 2011 From: rami.essaid at gmail.com (Rami Essaid) Date: Fri, 2 Sep 2011 16:42:39 -0400 Subject: Storing URI in a cookie Message-ID: I dont know why I am struggling with this so much but I need a bit of help. I am trying to redirect users to a verification page and then back to their original requested URI but because of the rewrite I lose both the $uri and $request_uri variables. I figure the easiest way to solve this problem is to store the original URI in a cookie and read it from that after the verification page. I cant seem to store the cookie correctly and read it back. Can anyone provide some direction? Also, is there any risk that by doing this I disrupt other cookies being stored by my application? Thanks! Rami -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Sat Sep 3 00:36:31 2011 From: nginx-forum at nginx.us (allegro) Date: Fri, 02 Sep 2011 20:36:31 -0400 Subject: How to take full advantage system memory? Message-ID: <3ece42c4e2934ac2dd6110e6c3b00432.NginxMailingListEnglish@forum.nginx.org> Hi,All: My host have a very large physical memory, how to get nginx take full advantage of memory as the file system cache? Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214666,214666#msg-214666 From ianevans at digitalhit.com Sat Sep 3 00:51:11 2011 From: ianevans at digitalhit.com (Ian Evans) Date: Fri, 02 Sep 2011 20:51:11 -0400 Subject: SSL location keep redirecting to non-SSL Message-ID: <4E6179FF.7060209@digitalhit.com> Ok...my brain's been hurting on this one tonight. My site's been running fine on nginx for years. have SSL and non-SSL locations. PHP runs through .shtml files Working on a Facebook app and right now need to have it work with both the SSL and non-SSL URL. Testing the coding on my server right now. If I go to http://www.example.com/myappsname the page loads. If I go to https://www.example.com/myappsname/index.shtml the page loads. <-note https If I go to https://www.example.com/myappsname/ the page redirects to http://www.example.com/myappsname. <-note https on first URL Here are the relevant locations in the SSL server section: location / { root /usr/local/apache/htdocs; rewrite ^(.+) http://www.digitalhit.com$1 permanent; index index.shtml index.php; } location ~ \.(shtml|php|inc)$ { root /usr/local/apache/htdocs; include /usr/local/nginx/conf/fastcgi-php.conf; fastcgi_pass 127.0.0.1:10004; } location ^~ /myappsname/ { index index.shtml root /usr/local/apache/htdocs/; fastcgi_intercept_errors on; include /usr/local/nginx/conf/fastcgi-php.conf; fastcgi_pass 127.0.0.1:10004; fastcgi_param HTTPS on; } I'll probably smack my head when this is pointed out to me. All my other SSL locations work fine. Any idea why including the filename stays SSL but dropping it redirects? Thanks. From nginx-forum at nginx.us Sat Sep 3 01:21:33 2011 From: nginx-forum at nginx.us (signe) Date: Fri, 02 Sep 2011 21:21:33 -0400 Subject: URL decode rewrite handling: + vs. %20 Message-ID: <2f879159200e58c32a5b1eb6b3d01cef.NginxMailingListEnglish@forum.nginx.org> Ubuntu Natty nginx/0.8.54 PHP 5.3.5 / FPM / FastCGI I'm just beginning to work with nginx for the first time. Converting my home server (very few hits) as an experiment for possible broader-scale testing and implementation on work servers (billions of hits per month). Everything has gone beautifully... up until I begin working on an older app: Gallery 2. Some of the photos in my Gallery contain spaces, so they're being encoded in the old-but-still-accepted + format. However, when I make the requests in nginx, it's passing the pathinfo through to fastcgi as an escaped + (%2b) instead of a space (+ or %20). The path is something like this: http://www.example.com/gallery/foo+bar.jpg.html which gets rewritten to http://www.example.com/gallery/main.php?g2_path=foo+bar.jpg.html In a path, + should be handled literally per RFC. In a query string, it's supposed to be interpreted as a space per x-www-form-urlencoded. This is the disparity - what once was path is now query string. Because of the conversion, Apache translates the + from literal string to encoded space during rewrite. nginx simply encodes the literal string. I don't know if there's a solid answer as to which one is strictly "correct"... but what I do need to know is if there's a way to achieve the same behavior in nginx? This is an interesting edge case... Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214668,214668#msg-214668 From ianevans at digitalhit.com Sat Sep 3 08:17:27 2011 From: ianevans at digitalhit.com (Ian Evans) Date: Sat, 03 Sep 2011 04:17:27 -0400 Subject: SSL location keep redirecting to non-SSL In-Reply-To: <4E6179FF.7060209@digitalhit.com> References: <4E6179FF.7060209@digitalhit.com> Message-ID: <4E61E297.1070506@digitalhit.com> Been scratching my head on this one all night. Been working on it a bit and now if I go to: https://www.example.com/myfacebookapp/index.shtml the page loads but https://www.example.com/myfacebookapp is tossing a 404 I'm really boggled here because the other subdirs are woring and the only difference is they're password protected. Here's the full ssl server conf section: server { server_name www.example.com; listen 443; root /usr/local/apache/htdocs/; ssl on; ssl_certificate /usr/local/apache/conf/server.pem; ssl_certificate_key /usr/local/apache/conf/server.key; ssl_session_timeout 5m; error_page 404 /dhe404.shtml; location / { rewrite ^(.+) http://www.example.com$1 permanent; index index.shtml index.php; } location ~ \.(shtml|php|inc)$ { include /usr/local/nginx/conf/fastcgi-php.conf; fastcgi_pass 127.0.0.1:10004; } location ^~ /myfacebookapp/ { fastcgi_intercept_errors on; include /usr/local/nginx/conf/fastcgi-php.conf; fastcgi_pass 127.0.0.1:10004; fastcgi_param HTTPS on; } location ^~ /subdir2/ { index index.php; fastcgi_intercept_errors on; include /usr/local/nginx/conf/fastcgi-php.conf; fastcgi_pass 127.0.0.1:10004; fastcgi_index index.php; fastcgi_param HTTPS on; } location ^~ /subdir3/ { fastcgi_intercept_errors on; include /usr/local/nginx/conf/fastcgi-php.conf; fastcgi_pass 127.0.0.1:10004; fastcgi_param HTTPS on; auth_basic "example"; auth_basic_user_file /usr/local/apache/passwd/passwords; } location /subdir4/ { index index.shtml index.php index.html; auth_basic "example"; auth_basic_user_file /usr/local/apache/passwd/passwords; } location /subdir5/ { index index.html; auth_basic "example"; auth_basic_user_file /usr/local/apache/passwd/passwords; } location ~* ^.+\.(png|gif)$ { expires off; } # serve static files directly location ~* ^.+.(css|gif|jpe?g|bmp|js|png|ico)$ { expires 30d; } } From mdounin at mdounin.ru Sat Sep 3 08:44:45 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Sat, 3 Sep 2011 12:44:45 +0400 Subject: How to take full advantage system memory? In-Reply-To: <3ece42c4e2934ac2dd6110e6c3b00432.NginxMailingListEnglish@forum.nginx.org> References: <3ece42c4e2934ac2dd6110e6c3b00432.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110903084444.GN1137@mdounin.ru> Hello! On Fri, Sep 02, 2011 at 08:36:31PM -0400, allegro wrote: > Hi,All: > > My host have a very large physical memory, how to get nginx take > full advantage of memory as the file system cache? It's up to your OS to use memory as file system cache. Depending on your OS you may need to tune something, see your OS tuning guides for details. In nginx you may want to tune various buffer sizes if you have enough memory, e.g. output_buffers, proxy_buffers, fastcgi_buffers and so on. This is not about file system cache, but may reduce disk load if properly tuned for your typical use pattern. Maxim Dounin From nginx-forum at nginx.us Sat Sep 3 08:49:56 2011 From: nginx-forum at nginx.us (magicbear) Date: Sat, 03 Sep 2011 04:49:56 -0400 Subject: Storing URI in a cookie In-Reply-To: References: Message-ID: <212564c9ef34b2933c9f8d7c91b1bc83.NginxMailingListEnglish@forum.nginx.org> may try this: add_header Set-Cookie "uri=$uri; path=/"; Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214665,214675#msg-214675 From nginx-forum at nginx.us Sat Sep 3 09:02:39 2011 From: nginx-forum at nginx.us (Samael) Date: Sat, 03 Sep 2011 05:02:39 -0400 Subject: Strange directory behaviour: rename causes 404 error In-Reply-To: <86f14be754becd175c07a61f1db101ba.NginxMailingListEnglish@forum.nginx.org> References: <86f14be754becd175c07a61f1db101ba.NginxMailingListEnglish@forum.nginx.org> Message-ID: <6f364f206a797a344011329e8ca022fd.NginxMailingListEnglish@forum.nginx.org> Xan, I suggest you take a look at this link - https://nealpoole.com/blog/2011/04/setting-up-php-fastcgi-and-nginx-dont-trust-the-tutorials-check-your-configuration/ Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214663,214676#msg-214676 From calin.don at gmail.com Sat Sep 3 09:04:50 2011 From: calin.don at gmail.com (Calin Don) Date: Sat, 3 Sep 2011 12:04:50 +0300 Subject: Storing URI in a cookie In-Reply-To: References: Message-ID: A better way to redirect users is to store the uri in the redirection url. Storing it in a cookie causes problems if user opens two different tabs with two different uris for example. On Sep 2, 2011 11:42 PM, "Rami Essaid" wrote: > I dont know why I am struggling with this so much but I need a bit of help. > I am trying to redirect users to a verification page and then back to their > original requested URI but because of the rewrite I lose both the $uri and > $request_uri variables. I figure the easiest way to solve this problem is > to store the original URI in a cookie and read it from that after the > verification page. I cant seem to store the cookie correctly and read it > back. Can anyone provide some direction? Also, is there any risk that by > doing this I disrupt other cookies being stored by my application? > > Thanks! > > Rami -------------- next part -------------- An HTML attachment was scrubbed... URL: From ianevans at digitalhit.com Sat Sep 3 09:20:30 2011 From: ianevans at digitalhit.com (Ian Evans) Date: Sat, 03 Sep 2011 05:20:30 -0400 Subject: SSL location keep redirecting to non-SSL In-Reply-To: <4E61E297.1070506@digitalhit.com> References: <4E6179FF.7060209@digitalhit.com> <4E61E297.1070506@digitalhit.com> Message-ID: <4E61F15E.7040808@digitalhit.com> still expermineting...just looked at the debug log. Even if I change the location to location = /myfacebookapp a call to myfacebookapp still isn't matching the location. Really don't get what's happening here. Why are my other ssl locations working? From calin.don at gmail.com Sat Sep 3 09:23:57 2011 From: calin.don at gmail.com (Calin Don) Date: Sat, 3 Sep 2011 12:23:57 +0300 Subject: SSL location keep redirecting to non-SSL In-Reply-To: <4E61E297.1070506@digitalhit.com> References: <4E6179FF.7060209@digitalhit.com> <4E61E297.1070506@digitalhit.com> Message-ID: You should set a serverwide index directive. You should move index index.shtml index.php; from location / {} to server {} Also your rewrite rule rewrite ^(.+) http://www.example.com$1 permanent; sould be rewritten into rewrite ^ http://www.example.com$request_uri? permanent; Take a look at http://wiki.nginx.org/Pitfalls On Sat, Sep 3, 2011 at 11:17, Ian Evans wrote: > Been scratching my head on this one all night. > > Been working on it a bit and now if I go to: > https://www.example.com/**myfacebookapp/index.shtmlthe page loads but > https://www.example.com/**myfacebookappis tossing a 404 > > I'm really boggled here because the other subdirs are woring and the only > difference is they're password protected. > > Here's the full ssl server conf section: > > server { > server_name www.example.com; > listen 443; > root /usr/local/apache/htdocs/; > > ssl on; > ssl_certificate /usr/local/apache/conf/server.**pem; > ssl_certificate_key /usr/local/apache/conf/server.**key; > ssl_session_timeout 5m; > error_page 404 /dhe404.shtml; > > location / { > rewrite ^(.+) http://www.example.com$1 permanent; > > index index.shtml index.php; > } > > location ~ \.(shtml|php|inc)$ { > include /usr/local/nginx/conf/fastcgi-**php.conf; > fastcgi_pass 127.0.0.1:10004; > } > > location ^~ /myfacebookapp/ { > > fastcgi_intercept_errors on; > include /usr/local/nginx/conf/fastcgi-**php.conf; > fastcgi_pass 127.0.0.1:10004; > fastcgi_param HTTPS on; > } > > location ^~ /subdir2/ { > index index.php; > > fastcgi_intercept_errors on; > include /usr/local/nginx/conf/fastcgi-**php.conf; > fastcgi_pass 127.0.0.1:10004; > fastcgi_index index.php; > fastcgi_param HTTPS on; > } > > location ^~ /subdir3/ { > > fastcgi_intercept_errors on; > include /usr/local/nginx/conf/fastcgi-**php.conf; > fastcgi_pass 127.0.0.1:10004; > fastcgi_param HTTPS on; > auth_basic "example"; > auth_basic_user_file /usr/local/apache/passwd/**passwords; > } > > location /subdir4/ { > index index.shtml index.php index.html; > auth_basic "example"; > auth_basic_user_file /usr/local/apache/passwd/**passwords; > } > > location /subdir5/ { > index index.html; > auth_basic "example"; > auth_basic_user_file /usr/local/apache/passwd/**passwords; > } > > location ~* ^.+\.(png|gif)$ { > expires off; > } > > # serve static files directly > location ~* ^.+.(css|gif|jpe?g|bmp|js|png|**ico)$ { > expires 30d; > > } > > } > > > ______________________________**_________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/**mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From ianevans at digitalhit.com Sat Sep 3 09:34:57 2011 From: ianevans at digitalhit.com (Ian Evans) Date: Sat, 03 Sep 2011 05:34:57 -0400 Subject: SSL location keep redirecting to non-SSL In-Reply-To: References: <4E6179FF.7060209@digitalhit.com> <4E61E297.1070506@digitalhit.com> Message-ID: <4E61F4C1.6000103@digitalhit.com> On 03/09/2011 5:23 AM, Calin Don wrote: > You should set a serverwide index directive. You should move index > index.shtml index.php; from location / {} to server {} > > Also your rewrite rule rewrite ^(.+) http://www.example.com > $1 permanent; sould be rewritten into rewrite ^ > http://www.example.com $request_uri? permanent; Made your suggested changes. After doing so tested location = /myfacebookapp which redirected to http, not what I want and location ~ /myfacebookapp which tossed a 404...also not what I want. 5:34 am...argh. :-) From drdr.xp at gmail.com Sat Sep 3 09:46:39 2011 From: drdr.xp at gmail.com (dr-dr xp) Date: Sat, 3 Sep 2011 17:46:39 +0800 Subject: nginx 1.0.2 AIO problem with open_file_cache Message-ID: Hello everybody. I recently have had some problem with AIO support and need some help or advice on it. With AIO on, everything was OK. But when I enabled open_file_cache, nginx frequently closed client connection directly without sending back any data. My platform is linux 2.6.30. CentOS 5.4; The nginx server that has this issue serves static file at backend. Another nginx serves as proxy in front of it. Backend nginx config is like this: ... aio on; directio 512; output_buffers 1 128k; ... location /files { internal; alias /; open_file_cache max=50000 inactive=20s; open_file_cache_valid 30s; open_file_cache_min_uses 1; open_file_cache_errors on; With this config, on the frontend proxy server there are error logs like this: 2011/09/03 17:01:19 [error] 12498#0: *78679759 *upstream prematurely closed connection while reading response header from upstream*, client: 221.193.212.77, server: , request: "GET .......... HTTP/1.1", upstream: "http://**/file/871586e763bf4417bf8d475858deee2b/260110/0b47fc7f4d84e4bcb01a6d6d1fcacc94-3581749", host..... And I saw in tcpdump output the connection was closed very quickly by backend nginx: 22:02:22.892327 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: S 1788188296:1788188296(0) win 5840 22:02:22.895683 IP 172.16.228.63.irdmi > 172.16.113.32.58271: S 350810413:350810413(0) ack 1788188297 win 5792 172.16.228.63.irdmi: . ack 1 win 46 22:02:22.895703 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: P 1:181(180) ack 1 win 46 22:02:22.897680 IP 172.16.228.63.irdmi > 172.16.113.32.58271: . ack 181 win 54 22:02:22.898348 IP 172.16.228.63.irdmi > 172.16.113.32.58271: F 1:1(0) ack 181 win 54 22:02:22.898473 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: F 181:181(0) ack 2 win 46 22:02:22.899804 IP 172.16.228.63.irdmi > 172.16.113.32.58271: . ack 182 win 54 On the backend nginx, strace shows that io_getevents got an error *"-22" EINVAL*. [pid 5275] recvfrom(48, 0x7fffe4400ae7, 1, 2, 0, 0) = -1 EAGAIN (Resource temporarily unavailable) [pid 5275] epoll_wait(6, {{EPOLLIN|EPOLLOUT, {u32=2445415233, u64=139850875540289}}}, 512, 5672) = 1 [pid 5275] recvfrom(201, "\1\6\0\1\0\337\1\0Status: 301 Moved Perman"..., 4096, 0, NULL, NULL) = 256 [pid 5275] close(201) = 0 [pid 5275] stat("//data1/871586e763bf4417bf8d475858deee2b/g268315/252/995f20f76d0d3871fdb5d71bbc92956c-27769564", {st_mode=S_IFREG|0600, st_size=122507, ...< [pid 5275] io_submit(139850942226432, 1, {{0xf43718, 0, 0, 0, 40}}) = 1 [pid 5275] epoll_wait(6, {{EPOLLIN, {u32=7173248, u64=7173248}}}, 512, 5671) = 1 [pid 5275] read(7, "\1\0\0\0\0\0\0\0", 8) = 8 [pid 5275] *io_getevents(139850942226432, 1, 64, {{0xf43718, 0xf436d8, -22, 0}}, {0, 0}) = 1* [pid 5275] write(24, "172.16.164.30 - - 172.16.228.63:"..., 338) = 338 [pid 5275] close(48) And access.log shows that response length is ZERO: [03/Sep/2011:06:28:48 +0800] "GET /file/871586e763bf4417bf8d475858deee2b/260284/ed31933859d27e33b8398deaea1d2ade-3969549 HTTP/1.0" 206 0 0.001 "-" "-" "-" Range:bytes=27459105- After I removed those *open_file_cache* directives, No such error occurred. And the shorter *inactive* is, the more often I get such errors. Anybody has idea about avoiding this or fixing it? -- ???????????????? -------------- next part -------------- An HTML attachment was scrubbed... URL: From mdounin at mdounin.ru Sat Sep 3 10:03:36 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Sat, 3 Sep 2011 14:03:36 +0400 Subject: nginx 1.0.2 AIO problem with open_file_cache In-Reply-To: References: Message-ID: <20110903100335.GO1137@mdounin.ru> Hello! On Sat, Sep 03, 2011 at 05:46:39PM +0800, dr-dr xp wrote: > Hello everybody. I recently have had some problem with AIO support and need > some help or advice on it. > > With AIO on, everything was OK. But when I enabled open_file_cache, nginx > frequently closed client connection directly without sending back any data. > > > My platform is linux 2.6.30. CentOS 5.4; > > The nginx server that has this issue serves static file at backend. Another > nginx serves as proxy in front of it. > Backend nginx config is like this: > ... > aio on; > > > directio 512; > > > output_buffers 1 128k; > ... > location /files { > > > > internal; > > > alias /; > open_file_cache max=50000 inactive=20s; > > > open_file_cache_valid 30s; > > > open_file_cache_min_uses 1; > > > open_file_cache_errors on; > > > With this config, on the frontend proxy server there are error logs like > this: > > 2011/09/03 17:01:19 [error] 12498#0: *78679759 *upstream prematurely closed > connection while reading response header from upstream*, client: > 221.193.212.77, server: , request: "GET .......... HTTP/1.1", upstream: > "http://**/file/871586e763bf4417bf8d475858deee2b/260110/0b47fc7f4d84e4bcb01a6d6d1fcacc94-3581749", > host..... > > > And I saw in tcpdump output the connection was closed very quickly by > backend nginx: > > 22:02:22.892327 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: S > 1788188296:1788188296(0) win 5840 0,nop,wscale 7> > 22:02:22.895683 IP 172.16.228.63.irdmi > 172.16.113.32.58271: S > 350810413:350810413(0) ack 1788188297 win 5792 1948226601 66< > 22:02:22.895695 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: . ack 1 win 46 > > 22:02:22.895703 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: P 1:181(180) > ack 1 win 46 > 22:02:22.897680 IP 172.16.228.63.irdmi > 172.16.113.32.58271: . ack 181 win > 54 > 22:02:22.898348 IP 172.16.228.63.irdmi > 172.16.113.32.58271: F 1:1(0) ack > 181 win 54 > 22:02:22.898473 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: F 181:181(0) > ack 2 win 46 > 22:02:22.899804 IP 172.16.228.63.irdmi > 172.16.113.32.58271: . ack 182 win > 54 > > > On the backend nginx, strace shows that io_getevents got an error *"-22" > EINVAL*. > > [pid 5275] recvfrom(48, 0x7fffe4400ae7, 1, 2, 0, 0) = -1 EAGAIN (Resource > temporarily unavailable) > [pid 5275] epoll_wait(6, {{EPOLLIN|EPOLLOUT, {u32=2445415233, > u64=139850875540289}}}, 512, 5672) = 1 > [pid 5275] recvfrom(201, "\1\6\0\1\0\337\1\0Status: 301 Moved Perman"..., > 4096, 0, NULL, NULL) = 256 > [pid 5275] close(201) = 0 > [pid 5275] > stat("//data1/871586e763bf4417bf8d475858deee2b/g268315/252/995f20f76d0d3871fdb5d71bbc92956c-27769564", > {st_mode=S_IFREG|0600, st_size=122507, ...< > [pid 5275] io_submit(139850942226432, 1, {{0xf43718, 0, 0, 0, 40}}) = 1 > > > [pid 5275] epoll_wait(6, {{EPOLLIN, {u32=7173248, u64=7173248}}}, 512, > 5671) = 1 > > [pid 5275] read(7, "\1\0\0\0\0\0\0\0", 8) = 8 > [pid 5275] *io_getevents(139850942226432, 1, 64, {{0xf43718, 0xf436d8, > -22, 0}}, {0, 0}) = 1* > [pid 5275] write(24, "172.16.164.30 - - 172.16.228.63:"..., 338) = 338 > [pid 5275] close(48) > > And access.log shows that response length is ZERO: > > [03/Sep/2011:06:28:48 +0800] "GET > /file/871586e763bf4417bf8d475858deee2b/260284/ed31933859d27e33b8398deaea1d2ade-3969549 > HTTP/1.0" 206 0 0.001 "-" "-" "-" Range:bytes=27459105- > > > After I removed those *open_file_cache* directives, No such error occurred. > > And the shorter *inactive* is, the more often I get such errors. > > > Anybody has idea about avoiding this or fixing it? Could you please provide debug log? See http://wiki.nginx.org/Debugging for more information. Additionally, some more info about file requested might be helpful: how big it is? whether it changed on backend during requests? if yes, is it changed atomically? Maxim Dounin From stef at caunter.ca Sat Sep 3 10:14:07 2011 From: stef at caunter.ca (Stefan Caunter) Date: Sat, 3 Sep 2011 06:14:07 -0400 Subject: SSL location keep redirecting to non-SSL In-Reply-To: <4E61E297.1070506@digitalhit.com> References: <4E6179FF.7060209@digitalhit.com> <4E61E297.1070506@digitalhit.com> Message-ID: On Sat, Sep 3, 2011 at 4:17 AM, Ian Evans wrote: > Been scratching my head on this one all night. > > Been working on it a bit and now if I go to: > https://www.example.com/myfacebookapp/index.shtml the page loads but > https://www.example.com/myfacebookapp is tossing a 404 > > I'm really boggled here because the other subdirs are woring and the only > difference is they're password protected. > > Here's the full ssl server conf section: > > server { > server_name www.example.com; > listen 443; > root /usr/local/apache/htdocs/; > > ssl on; > ssl_certificate /usr/local/apache/conf/server.pem; > ssl_certificate_key /usr/local/apache/conf/server.key; > ssl_session_timeout 5m; > error_page 404 /dhe404.shtml; > > location / { > rewrite ^(.+) http://www.example.com$1 permanent; > index index.shtml index.php; > } This looks odd to me, I've never seen a rewrite in an ssl config. It will complicate things. Leave the index to the server config, and take out the location / rewrite. Simplify. Get the general app working, and then apply specialized rules for directories and urls. Remember, if you have told nginx to do something that it *can* do, the logs won't show much except that it's doing what it's been told. > > location ~ \.(shtml|php|inc)$ { > include /usr/local/nginx/conf/fastcgi-php.conf; > fastcgi_pass 127.0.0.1:10004; > } > > location ^~ /myfacebookapp/ { > fastcgi_intercept_errors on; > include /usr/local/nginx/conf/fastcgi-php.conf; > fastcgi_pass 127.0.0.1:10004; > fastcgi_param HTTPS on; > } > > location ^~ /subdir2/ { > index index.php; > fastcgi_intercept_errors on; > include /usr/local/nginx/conf/fastcgi-php.conf; > fastcgi_pass 127.0.0.1:10004; > fastcgi_index index.php; > fastcgi_param HTTPS on; > } > > location ^~ /subdir3/ { > fastcgi_intercept_errors on; > include /usr/local/nginx/conf/fastcgi-php.conf; > fastcgi_pass 127.0.0.1:10004; > fastcgi_param HTTPS on; > auth_basic "example"; > auth_basic_user_file /usr/local/apache/passwd/passwords; > } > > location /subdir4/ { > index index.shtml index.php index.html; > auth_basic "example"; > auth_basic_user_file /usr/local/apache/passwd/passwords; > } > > location /subdir5/ { > index index.html; > auth_basic "example"; > auth_basic_user_file /usr/local/apache/passwd/passwords; > } > > location ~* ^.+\.(png|gif)$ { > expires off; > } > > # serve static files directly > location ~* ^.+.(css|gif|jpe?g|bmp|js|png|ico)$ { > expires 30d; > } > > } > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > From ianevans at digitalhit.com Sat Sep 3 10:18:23 2011 From: ianevans at digitalhit.com (Ian Evans) Date: Sat, 03 Sep 2011 06:18:23 -0400 Subject: SSL location keep redirecting to non-SSL In-Reply-To: References: <4E6179FF.7060209@digitalhit.com> <4E61E297.1070506@digitalhit.com> Message-ID: <4E61FEEF.6020206@digitalhit.com> On 03/09/2011 5:23 AM, Calin Don wrote: > Also your rewrite rule rewrite ^(.+) http://www.example.com > $1 permanent; sould be rewritten into rewrite ^ > http://www.example.com $request_uri? permanent; Just wondering...instead of a blanket redirect and then location that try to overide it, would it be better to have a rewrite that says "if not subdir1|subdir2|myfacebookapp rewrite to http". Then locations for those subdirs if they require passwords, etc. How would I do the if not subdir1|subdir2|myfacebookapp rewrite to http check? From mat999 at gmail.com Sat Sep 3 10:22:06 2011 From: mat999 at gmail.com (SplitIce) Date: Sat, 3 Sep 2011 20:22:06 +1000 Subject: URL decode rewrite handling: + vs. %20 In-Reply-To: <2f879159200e58c32a5b1eb6b3d01cef.NginxMailingListEnglish@forum.nginx.org> References: <2f879159200e58c32a5b1eb6b3d01cef.NginxMailingListEnglish@forum.nginx.org> Message-ID: edit the php script to do something like this before the rest of the script $_GET['g2_path'] = urldecode($_GET['g2_path']) ? On Sat, Sep 3, 2011 at 11:21 AM, signe wrote: > Ubuntu Natty > nginx/0.8.54 > PHP 5.3.5 / FPM / FastCGI > > I'm just beginning to work with nginx for the first time. Converting my > home server (very few hits) as an experiment for possible broader-scale > testing and implementation on work servers (billions of hits per > month). > > Everything has gone beautifully... up until I begin working on an older > app: Gallery 2. Some of the photos in my Gallery contain spaces, so > they're being encoded in the old-but-still-accepted + format. However, > when I make the requests in nginx, it's passing the pathinfo through to > fastcgi as an escaped + (%2b) instead of a space (+ or %20). > > The path is something like this: > > http://www.example.com/gallery/foo+bar.jpg.html > which gets rewritten to > http://www.example.com/gallery/main.php?g2_path=foo+bar.jpg.html > > In a path, + should be handled literally per RFC. In a query string, > it's supposed to be interpreted as a space per x-www-form-urlencoded. > This is the disparity - what once was path is now query string. Because > of the conversion, Apache translates the + from literal string to > encoded space during rewrite. nginx simply encodes the literal string. > > I don't know if there's a solid answer as to which one is strictly > "correct"... but what I do need to know is if there's a way to achieve > the same behavior in nginx? > > This is an interesting edge case... > > Posted at Nginx Forum: > http://forum.nginx.org/read.php?2,214668,214668#msg-214668 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From ianevans at digitalhit.com Sat Sep 3 10:24:59 2011 From: ianevans at digitalhit.com (Ian Evans) Date: Sat, 03 Sep 2011 06:24:59 -0400 Subject: SSL location keep redirecting to non-SSL In-Reply-To: References: <4E6179FF.7060209@digitalhit.com> <4E61E297.1070506@digitalhit.com> Message-ID: <4E62007B.6010601@digitalhit.com> On 03/09/2011 6:14 AM, Stefan Caunter wrote: > > This looks odd to me, I've never seen a rewrite in an ssl config. It > will complicate things. > > Leave the index to the server config, and take out the location / rewrite. > > Simplify. Stefan, The only reason I had the rewrite in there (and I think it was recommended to me years ago) was to prevent people or bots from calling the non-ssl directories of the site with https and creating duplicates in Google, etc. e.g. calling http://www.example.com/ and https://www.example.com/ when my homepage doesn't need https. I only needs https calls on my phpMyAdmin, webmail, facebookapp and site admin subdirectories. I just wrote another email in the thread asking if I should only do a rewrite if it's NOT those directories. From nginx-forum at nginx.us Sat Sep 3 10:32:29 2011 From: nginx-forum at nginx.us (signe) Date: Sat, 03 Sep 2011 06:32:29 -0400 Subject: URL decode rewrite handling: + vs. %20 In-Reply-To: References: Message-ID: <5e2ad7736ec3f420b7f1992a428e6969.NginxMailingListEnglish@forum.nginx.org> splitice Wrote: ------------------------------------------------------- > edit the php script to do something like this > before the rest of the script > > $_GET['g2_path'] = urldecode($_GET['g2_path']) > > ? That's not the problem - query parameters are automatically decoded by PHP before processing even begins. nginx is turning a + (space) into a %2b (plus). Once it's handed off to the application, it can't tell the difference between a filename that actually had a +, and one that was converted by nginx. It needs to happen before it's handed off to fastcgi. I've already modified G2 to present URLs which are more accurately encoded, but that doesn't resolve the issue since these URLs have been published for years. They're in search engines, blog posts, etc. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214668,214687#msg-214687 From nginx-forum at nginx.us Sat Sep 3 14:10:10 2011 From: nginx-forum at nginx.us (Xan) Date: Sat, 03 Sep 2011 10:10:10 -0400 Subject: SOLVED Strange directory behaviour: rename causes 404 error In-Reply-To: <43d7cb0d9aef0ebb36575cfad40c285c.NginxMailingListEnglish@forum.nginx.org> References: <86f14be754becd175c07a61f1db101ba.NginxMailingListEnglish@forum.nginx.org> <43d7cb0d9aef0ebb36575cfad40c285c.NginxMailingListEnglish@forum.nginx.org> Message-ID: Report as bug [https://bugs.launchpad.net/ubuntu/+source/nginx/+bug/840358] in ubuntu. @ Samael: thanks. Xan. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214663,214688#msg-214688 From rami.essaid at gmail.com Sat Sep 3 14:43:03 2011 From: rami.essaid at gmail.com (Rami Essaid) Date: Sat, 3 Sep 2011 10:43:03 -0400 Subject: Storing URI in a cookie In-Reply-To: References: Message-ID: Thanks guys for the suggestions. @calin - I have tried doing that but it messes with the verification page and am not sure how to implement it correctly. @Magicbear - I have put that code in there before the rewrite but then after the rewrite when I try to access that cookie it is not there. I should have been a little more clear on what I have tried and my config. Here is the flow of the rewirte. location / { error_page 503 = @recaptcha; if ($verifyvariable) { return 503; } } location @recaptcha { add_header Set-Cookie "originrequest=$request_uri path=/ expires=2m"; secure_cookie $cookie_CAPTCHA_SESSION,$cookie_CAPTCHA_EXPIRES; rewrite ^ /captcha.html redirect; } location = /captcha.html { #this has a form that submits information and goes to /verify } location = /verify { eval_inherit_body on; eval_override_content_type 'text/plain'; eval $verify_content { proxy_method POST; proxy_set_header Accept-Encoding ""; proxy_set_body ; rewrite .* /recaptcha/api/verify break; proxy_pass 'http://www.google.com'; } if ($verify_content ~* ^true[\s\R]*(.*)) { set $error_code $1; rewrite .* /set_secure_cookie last; } } location = /set_secure_cookie { internal; ## SETTING rewrite ^ /$cookie_ originrequest redirect; } On Sat, Sep 3, 2011 at 5:04 AM, Calin Don wrote: > A better way to redirect users is to store the uri in the redirection url. > Storing it in a cookie causes problems if user opens two different tabs with > two different uris for example. > On Sep 2, 2011 11:42 PM, "Rami Essaid" wrote: > > I dont know why I am struggling with this so much but I need a bit of > help. > > I am trying to redirect users to a verification page and then back to > their > > original requested URI but because of the rewrite I lose both the $uri > and > > $request_uri variables. I figure the easiest way to solve this problem is > > to store the original URI in a cookie and read it from that after the > > verification page. I cant seem to store the cookie correctly and read it > > back. Can anyone provide some direction? Also, is there any risk that by > > doing this I disrupt other cookies being stored by my application? > > > > Thanks! > > > > Rami > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > > -------------- next part -------------- An HTML attachment was scrubbed... URL: From drdr.xp at gmail.com Sat Sep 3 15:06:24 2011 From: drdr.xp at gmail.com (dr-dr xp) Date: Sat, 3 Sep 2011 23:06:24 +0800 Subject: nginx 1.0.2 AIO problem with open_file_cache In-Reply-To: <20110903100335.GO1137@mdounin.ru> References: <20110903100335.GO1137@mdounin.ru> Message-ID: The attachment is the error.log with only the failed request. And stat output of this file: stat //data2/0d97e01d7fbc48e498897492f0863929/g260674/257/26fd3732cd9f92f2413d10206cd8b0c9-5157235 File: `//data2/0d97e01d7fbc48e498897492f0863929/g260674/257/26fd3732cd9f92f2413d10206cd8b0c9-5157235' Size: 51163499 Blocks: 100048 IO Block: 4096 regular file Device: 821h/2081d Inode: 464404482 Links: 1 Access: (0664/-rw-rw-r--) Uid: ( 1003/ www) Gid: ( 1003/ www) Access: 2011-09-03 22:31:22.000000000 +0800 Modify: 2011-07-30 01:45:56.000000000 +0800 Change: 2011-07-30 01:45:56.000000000 +0800 Such error occurs randomly on random file. The only relavent thing seems like to be open_file_cache directive. File sizes are almost 5M to 20M. Files had not been changed. I checked the modify time of the files involved in these errors. At first I had thought it was caused by a file change too. But not. In my cluster there are also some other similar nodes running with the same open_file_cache parameters but without aio enabled(sendfile is used). They have no such issue. On Sat, Sep 3, 2011 at 6:03 PM, Maxim Dounin wrote: > Hello! > > On Sat, Sep 03, 2011 at 05:46:39PM +0800, dr-dr xp wrote: > > > Hello everybody. I recently have had some problem with AIO support and > need > > some help or advice on it. > > > > With AIO on, everything was OK. But when I enabled open_file_cache, nginx > > frequently closed client connection directly without sending back any > data. > > > > > > My platform is linux 2.6.30. CentOS 5.4; > > > > The nginx server that has this issue serves static file at backend. > Another > > nginx serves as proxy in front of it. > > Backend nginx config is like this: > > ... > > aio on; > > > > > > directio 512; > > > > > > output_buffers 1 128k; > > ... > > location /files { > > > > > > > > internal; > > > > > > alias /; > > open_file_cache max=50000 inactive=20s; > > > > > > open_file_cache_valid 30s; > > > > > > open_file_cache_min_uses 1; > > > > > > open_file_cache_errors on; > > > > > > With this config, on the frontend proxy server there are error logs like > > this: > > > > 2011/09/03 17:01:19 [error] 12498#0: *78679759 *upstream prematurely > closed > > connection while reading response header from upstream*, client: > > 221.193.212.77, server: , request: "GET .......... HTTP/1.1", upstream: > > "http:// > **/file/871586e763bf4417bf8d475858deee2b/260110/0b47fc7f4d84e4bcb01a6d6d1fcacc94-3581749", > > host..... > > > > > > And I saw in tcpdump output the connection was closed very quickly by > > backend nginx: > > > > 22:02:22.892327 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: S > > 1788188296:1788188296(0) win 5840 > 0,nop,wscale 7> > > 22:02:22.895683 IP 172.16.228.63.irdmi > 172.16.113.32.58271: S > > 350810413:350810413(0) ack 1788188297 win 5792 > 1948226601 66< > > 22:02:22.895695 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: . ack 1 win > 46 > > > > 22:02:22.895703 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: P > 1:181(180) > > ack 1 win 46 > > 22:02:22.897680 IP 172.16.228.63.irdmi > 172.16.113.32.58271: . ack 181 > win > > 54 > > 22:02:22.898348 IP 172.16.228.63.irdmi > 172.16.113.32.58271: F 1:1(0) > ack > > 181 win 54 > > 22:02:22.898473 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: F > 181:181(0) > > ack 2 win 46 > > 22:02:22.899804 IP 172.16.228.63.irdmi > 172.16.113.32.58271: . ack 182 > win > > 54 > > > > > > On the backend nginx, strace shows that io_getevents got an error *"-22" > > EINVAL*. > > > > [pid 5275] recvfrom(48, 0x7fffe4400ae7, 1, 2, 0, 0) = -1 EAGAIN > (Resource > > temporarily unavailable) > > [pid 5275] epoll_wait(6, {{EPOLLIN|EPOLLOUT, {u32=2445415233, > > u64=139850875540289}}}, 512, 5672) = 1 > > [pid 5275] recvfrom(201, "\1\6\0\1\0\337\1\0Status: 301 Moved > Perman"..., > > 4096, 0, NULL, NULL) = 256 > > [pid 5275] close(201) = 0 > > [pid 5275] > > > stat("//data1/871586e763bf4417bf8d475858deee2b/g268315/252/995f20f76d0d3871fdb5d71bbc92956c-27769564", > > {st_mode=S_IFREG|0600, st_size=122507, ...< > > [pid 5275] io_submit(139850942226432, 1, {{0xf43718, 0, 0, 0, 40}}) = > 1 > > > > > > [pid 5275] epoll_wait(6, {{EPOLLIN, {u32=7173248, u64=7173248}}}, 512, > > 5671) = 1 > > > > [pid 5275] read(7, "\1\0\0\0\0\0\0\0", 8) = 8 > > [pid 5275] *io_getevents(139850942226432, 1, 64, {{0xf43718, 0xf436d8, > > -22, 0}}, {0, 0}) = 1* > > [pid 5275] write(24, "172.16.164.30 - - 172.16.228.63:"..., 338) = > 338 > > [pid 5275] close(48) > > > > And access.log shows that response length is ZERO: > > > > [03/Sep/2011:06:28:48 +0800] "GET > > > /file/871586e763bf4417bf8d475858deee2b/260284/ed31933859d27e33b8398deaea1d2ade-3969549 > > HTTP/1.0" 206 0 0.001 "-" "-" "-" Range:bytes=27459105- > > > > > > After I removed those *open_file_cache* directives, No such error > occurred. > > > > And the shorter *inactive* is, the more often I get such errors. > > > > > > Anybody has idea about avoiding this or fixing it? > > Could you please provide debug log? See > http://wiki.nginx.org/Debugging for more information. > > Additionally, some more info about file requested might be > helpful: how big it is? whether it changed on backend during > requests? if yes, is it changed atomically? > > Maxim Dounin > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -- ???????????????? -------------- next part -------------- An HTML attachment was scrubbed... URL: -------------- next part -------------- A non-text attachment was scrubbed... Name: error.log Type: application/octet-stream Size: 18946 bytes Desc: not available URL: From drdr.xp at gmail.com Sat Sep 3 15:10:03 2011 From: drdr.xp at gmail.com (dr-dr xp) Date: Sat, 3 Sep 2011 23:10:03 +0800 Subject: nginx 1.0.2 AIO problem with open_file_cache In-Reply-To: References: <20110903100335.GO1137@mdounin.ru> Message-ID: And this is the access log entry: 172.16.113.32 - - 172.16.228.63:8000 [03/Sep/2011:22:43:44 +0800] "GET /file/0d97e01d7fbc48e498897492f0863929/260674/26fd3732cd9f92f2413d10206cd8b0c9-5157235 HTTP/1.0" 206 0 0.002 "-" "-" "-" Range:bytes=1059980- usTime:0.001 us:unix:/tmp/storage_fcgi_sock RID:0000052a-1109-0322-4344-842b2b0c0467 ERR:- ReqLength:171 ReqBody:- COOKIE:"-" 0000052a is connection id in hex. 2011/9/3 dr-dr xp > The attachment is the error.log with only the failed request. And stat > output of this file: > > stat > //data2/0d97e01d7fbc48e498897492f0863929/g260674/257/26fd3732cd9f92f2413d10206cd8b0c9-5157235 > File: > `//data2/0d97e01d7fbc48e498897492f0863929/g260674/257/26fd3732cd9f92f2413d10206cd8b0c9-5157235' > Size: 51163499 Blocks: 100048 IO Block: 4096 regular file > Device: 821h/2081d Inode: 464404482 Links: 1 > Access: (0664/-rw-rw-r--) Uid: ( 1003/ www) Gid: ( 1003/ > www) > Access: 2011-09-03 22:31:22.000000000 +0800 > Modify: 2011-07-30 01:45:56.000000000 +0800 > Change: 2011-07-30 01:45:56.000000000 +0800 > > > Such error occurs randomly on random file. The only relavent thing seems > like to be open_file_cache directive. > File sizes are almost 5M to 20M. > Files had not been changed. I checked the modify time of the files involved > in these errors. At first I had thought it was caused by a file change too. > But not. > > In my cluster there are also some other similar nodes running with the same > open_file_cache parameters but without aio enabled(sendfile is used). They > have no such issue. > > > > > On Sat, Sep 3, 2011 at 6:03 PM, Maxim Dounin wrote: > >> Hello! >> >> On Sat, Sep 03, 2011 at 05:46:39PM +0800, dr-dr xp wrote: >> >> > Hello everybody. I recently have had some problem with AIO support and >> need >> > some help or advice on it. >> > >> > With AIO on, everything was OK. But when I enabled open_file_cache, >> nginx >> > frequently closed client connection directly without sending back any >> data. >> > >> > >> > My platform is linux 2.6.30. CentOS 5.4; >> > >> > The nginx server that has this issue serves static file at backend. >> Another >> > nginx serves as proxy in front of it. >> > Backend nginx config is like this: >> > ... >> > aio on; >> > >> > >> > directio 512; >> > >> > >> > output_buffers 1 128k; >> > ... >> > location /files { >> > >> > >> > >> > internal; >> > >> > >> > alias /; >> > open_file_cache max=50000 inactive=20s; >> > >> > >> > open_file_cache_valid 30s; >> > >> > >> > open_file_cache_min_uses 1; >> > >> > >> > open_file_cache_errors on; >> > >> > >> > With this config, on the frontend proxy server there are error logs like >> > this: >> > >> > 2011/09/03 17:01:19 [error] 12498#0: *78679759 *upstream prematurely >> closed >> > connection while reading response header from upstream*, client: >> > 221.193.212.77, server: , request: "GET .......... HTTP/1.1", upstream: >> > "http:// >> **/file/871586e763bf4417bf8d475858deee2b/260110/0b47fc7f4d84e4bcb01a6d6d1fcacc94-3581749", >> > host..... >> > >> > >> > And I saw in tcpdump output the connection was closed very quickly by >> > backend nginx: >> > >> > 22:02:22.892327 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: S >> > 1788188296:1788188296(0) win 5840 > > 0,nop,wscale 7> >> > 22:02:22.895683 IP 172.16.228.63.irdmi > 172.16.113.32.58271: S >> > 350810413:350810413(0) ack 1788188297 win 5792 > 1460,sackOK,timestamp >> > 1948226601 66< >> > 22:02:22.895695 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: . ack 1 >> win 46 >> > >> > 22:02:22.895703 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: P >> 1:181(180) >> > ack 1 win 46 >> > 22:02:22.897680 IP 172.16.228.63.irdmi > 172.16.113.32.58271: . ack 181 >> win >> > 54 >> > 22:02:22.898348 IP 172.16.228.63.irdmi > 172.16.113.32.58271: F 1:1(0) >> ack >> > 181 win 54 >> > 22:02:22.898473 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: F >> 181:181(0) >> > ack 2 win 46 >> > 22:02:22.899804 IP 172.16.228.63.irdmi > 172.16.113.32.58271: . ack 182 >> win >> > 54 >> > >> > >> > On the backend nginx, strace shows that io_getevents got an error *"-22" >> > EINVAL*. >> > >> > [pid 5275] recvfrom(48, 0x7fffe4400ae7, 1, 2, 0, 0) = -1 EAGAIN >> (Resource >> > temporarily unavailable) >> > [pid 5275] epoll_wait(6, {{EPOLLIN|EPOLLOUT, {u32=2445415233, >> > u64=139850875540289}}}, 512, 5672) = 1 >> > [pid 5275] recvfrom(201, "\1\6\0\1\0\337\1\0Status: 301 Moved >> Perman"..., >> > 4096, 0, NULL, NULL) = 256 >> > [pid 5275] close(201) = 0 >> > [pid 5275] >> > >> stat("//data1/871586e763bf4417bf8d475858deee2b/g268315/252/995f20f76d0d3871fdb5d71bbc92956c-27769564", >> > {st_mode=S_IFREG|0600, st_size=122507, ...< >> > [pid 5275] io_submit(139850942226432, 1, {{0xf43718, 0, 0, 0, 40}}) = >> 1 >> > >> > >> > [pid 5275] epoll_wait(6, {{EPOLLIN, {u32=7173248, u64=7173248}}}, >> 512, >> > 5671) = 1 >> > >> > [pid 5275] read(7, "\1\0\0\0\0\0\0\0", 8) = 8 >> > [pid 5275] *io_getevents(139850942226432, 1, 64, {{0xf43718, >> 0xf436d8, >> > -22, 0}}, {0, 0}) = 1* >> > [pid 5275] write(24, "172.16.164.30 - - 172.16.228.63:"..., 338) = >> 338 >> > [pid 5275] close(48) >> > >> > And access.log shows that response length is ZERO: >> > >> > [03/Sep/2011:06:28:48 +0800] "GET >> > >> /file/871586e763bf4417bf8d475858deee2b/260284/ed31933859d27e33b8398deaea1d2ade-3969549 >> > HTTP/1.0" 206 0 0.001 "-" "-" "-" Range:bytes=27459105- >> > >> > >> > After I removed those *open_file_cache* directives, No such error >> occurred. >> > >> > And the shorter *inactive* is, the more often I get such errors. >> > >> > >> > Anybody has idea about avoiding this or fixing it? >> >> Could you please provide debug log? See >> http://wiki.nginx.org/Debugging for more information. >> >> Additionally, some more info about file requested might be >> helpful: how big it is? whether it changed on backend during >> requests? if yes, is it changed atomically? >> >> Maxim Dounin >> >> _______________________________________________ >> nginx mailing list >> nginx at nginx.org >> http://mailman.nginx.org/mailman/listinfo/nginx >> > > > > -- > ???????????????? > -- ???????????????? -------------- next part -------------- An HTML attachment was scrubbed... URL: From calin at presslabs.com Sat Sep 3 14:11:07 2011 From: calin at presslabs.com (Calin Don) Date: Sat, 3 Sep 2011 17:11:07 +0300 Subject: Performance of map directive Message-ID: Hi, I understood that if you have only strings in a map directive the access time is O(1). What if you have the hostnames directive enabled and some of the items are in the format *.example.com? What about if you mix with regular expressions? Thanks, Calin -------------- next part -------------- An HTML attachment was scrubbed... URL: From igor at sysoev.ru Sat Sep 3 15:50:20 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Sat, 3 Sep 2011 19:50:20 +0400 Subject: Performance of map directive In-Reply-To: References: Message-ID: <20110903155020.GB86123@nginx.com> On Sat, Sep 03, 2011 at 05:11:07PM +0300, Calin Don wrote: > Hi, > > I understood that if you have only strings in a map directive the access > time is O(1). Yes. > What if you have the hostnames directive enabled and some of the items are > in the format *.example.com? nginx tests address by its parts, first "com", then "example". So access of the operation varies from O(1) to O(N) where N is number of parts of longest name. For example, if you test example.net only against *.example.com *.sub.domain.com then this will be O(1). If you test www.sub.domain.com, it will be O(3). > What about if you mix with regular expressions? The regular expressions tested sequentially. nginx tests map in the following order: 1) exact names, 2) *.names, 3) names.*, 4) regexes. The first match stops the tesing. -- Igor Sysoev From ianevans at digitalhit.com Sat Sep 3 19:51:00 2011 From: ianevans at digitalhit.com (Ian Evans) Date: Sat, 03 Sep 2011 15:51:00 -0400 Subject: SSL location keep redirecting to non-SSL In-Reply-To: <4E62007B.6010601@digitalhit.com> References: <4E6179FF.7060209@digitalhit.com> <4E61E297.1070506@digitalhit.com> <4E62007B.6010601@digitalhit.com> Message-ID: <4E628524.1070409@digitalhit.com> After a few hours sleep, it appears that the location was missing: fastcgi_index index.shtml; Seems to work now. From nginx at nginxuser.net Sat Sep 3 21:02:34 2011 From: nginx at nginxuser.net (Nginx User) Date: Sun, 4 Sep 2011 00:02:34 +0300 Subject: http_auth_request_module Instructions? Message-ID: Is the any documentation for the http_auth_request_module anywhere? Trying to find out what the configuration parameters are if any. Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: From mdounin at mdounin.ru Sat Sep 3 22:25:15 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Sun, 4 Sep 2011 02:25:15 +0400 Subject: http_auth_request_module Instructions? In-Reply-To: References: Message-ID: <20110903222515.GP1137@mdounin.ru> Hello! On Sun, Sep 04, 2011 at 12:02:34AM +0300, Nginx User wrote: > Is the any documentation for the http_auth_request_module anywhere? Trying > to find out what the configuration parameters are if any. Try README in the module tarball. Alternatively, you may find it here: http://mdounin.ru/hg/ngx_http_auth_request_module/file/tip/README Maxim Dounin From agentzh at gmail.com Sun Sep 4 05:22:24 2011 From: agentzh at gmail.com (agentzh) Date: Sun, 4 Sep 2011 13:22:24 +0800 Subject: [ANN] The lua-rds-parser Lua library and ngx_rds_csv nginx module In-Reply-To: References: Message-ID: Hello! Recently I wrote a Lua C library named lua-rds-parser for the ngx_openresty [1] world that we can now efficiently parse Resty DBD Stream (RDS) formatted data generated by ngx_drizzle [2] and ngx_postgres [3] into Lua data structures without using JSON as the intermediate data format. This can save both CPU time and memory for web applications running atop ngx_lua [4]. Here is the project homepage for this Lua library: ? ?https://github.com/agentzh/lua-rds-parser Also, there's a new Nginx filter module named ngx_rds_csv that can convert RDS output into the Comma-Separated Values (CSV) format in a streaming fashion: ??? https://github.com/agentzh/rds-csv-nginx-module Both of these two components have already been included and enabled by default in the latest ngx_openresty stable release [5] :) Enjoy! -agentzh [1] http://openresty.org [2] http://wiki.nginx.org/HttpDrizzleModule [3] http://github.com/FRiCKLE/ngx_postgres/ [4] http://wiki.nginx.org/HttpLuaModule [5] http://openresty.org/#Download From sy.meteor at msn.com Sun Sep 4 04:33:14 2011 From: sy.meteor at msn.com (Xin Liu) Date: Sun, 4 Sep 2011 12:33:14 +0800 Subject: php-fpm is very very slow... Message-ID: Hi all, After upgrade from php 5.3.6 to php 5.3.8, now php-fpm is very very slow. Even I tried to roll back to php 5.3.6, it still doen't work. And there are lots of errors in php-fpm.log, [04-Sep-2011 12:28:27] WARNING: [pool www] child 18793, script '/web/www/forum.php' (request: "GET /forum.php") executing too slow (60.073197 sec), logging [04-Sep-2011 12:28:27] WARNING: [pool www] child 18784, script '/web/www/forum.php' (request: "GET /forum.php") executing too slow (60.080807 sec), logging [04-Sep-2011 12:28:27] NOTICE: child 18793 stopped for tracing [04-Sep-2011 12:28:27] NOTICE: about to trace 18793 [04-Sep-2011 12:28:27] ERROR: ptrace(PT_IO) failed: Bad address (14) [04-Sep-2011 12:28:27] NOTICE: finished trace of 18793 [04-Sep-2011 12:28:27] NOTICE: child 18784 stopped for tracing [04-Sep-2011 12:28:27] NOTICE: about to trace 18784 [04-Sep-2011 12:28:27] ERROR: ptrace(PT_IO) failed: Bad address (14) [04-Sep-2011 12:28:27] NOTICE: finished trace of 18784 And in php-fpm.slow [04-Sep-2011 12:27:30] [pool www] pid 18622 script_filename = /web/www/forum.php [0x000000080455aaa8] mysql_query() /web/www/source/class/class_core.php:815 [0x000000080455a958] query() /web/www/source/class/class_core.php:1003 [0x000000080455a858] _execute() /web/www/source/class/class_core.php:977 [0x00000008045591a0] query() /web/www/source/module/forum/forum_viewthread.php:514 [0x0000000804559058] +++ dump failed And one can help me about this issue? My server is running Freebsd 8.1 + nginx + php 5.3.8 -------------- next part -------------- An HTML attachment was scrubbed... URL: From ben at benweblife.fr Sun Sep 4 09:32:56 2011 From: ben at benweblife.fr (Ben) Date: Sun, 04 Sep 2011 11:32:56 +0200 Subject: php-fpm is very very slow... In-Reply-To: References: Message-ID: <4E6345C8.7060800@benweblife.fr> Le 04/09/2011 06:33, Xin Liu a ?crit : > Hi all, Hi, > After upgrade from php 5.3.6 to php 5.3.8, now php-fpm is very very > slow. Even I tried to roll back to php 5.3.6, it still doen't work. > And one can help me about this issue? PHP (and PHP-FPM) is not part of nginx, you should post your issue on PHP lists. -------------- next part -------------- An HTML attachment was scrubbed... URL: From rainer at ultra-secure.de Sun Sep 4 11:37:06 2011 From: rainer at ultra-secure.de (Rainer Duffner) Date: Sun, 4 Sep 2011 13:37:06 +0200 Subject: php-fpm is very very slow... In-Reply-To: References: Message-ID: <20110904133706.31a42c4a@linux-0n9l.site.local> Am Sun, 4 Sep 2011 12:33:14 +0800 schrieb "Xin Liu" : > Hi all, > > After upgrade from php 5.3.6 to php 5.3.8, now php-fpm is very very > slow. Even I tried to roll back to php 5.3.6, it still doen't work. ... > And one can help me about this issue? > My server is running Freebsd 8.1 + nginx + php 5.3.8 Haven't had that one. If this is a test-server, upgrade to 8.2 and recompile everything. (make a pkg_info list, then pkg_delete everything, even /usr/local/lib/compat/, then install the pkgs again, as per your list.) If this is a production-server, maybe it's time to have a test-server.... But I agree - it's most likely not a problem with NGINX. Would still be slow with apache... From edho at myconan.net Sun Sep 4 12:23:28 2011 From: edho at myconan.net (Edho P Arief) Date: Sun, 4 Sep 2011 19:23:28 +0700 Subject: php-fpm is very very slow... In-Reply-To: References: Message-ID: 2011/9/4 Xin Liu : > Hi all, > > After upgrade from php 5.3.6 to php 5.3.8, now php-fpm is very very slow. > Even I tried to roll back to php 5.3.6, it still doen't work. > > [0x000000080455aaa8] mysql_query() /web/www/source/class/class_core.php:815 > [0x000000080455a958] query() /web/www/source/class/class_core.php:1003 > [0x000000080455a858] _execute() /web/www/source/class/class_core.php:977 > [0x00000008045591a0] query() > /web/www/source/module/forum/forum_viewthread.php:514 > [0x0000000804559058] +++ dump failed looks like db issue. Try turning on your db's slow query logging to see which query slowed the page down. From quan.nexthop at gmail.com Sun Sep 4 15:51:31 2011 From: quan.nexthop at gmail.com (Geoge.Q) Date: Sun, 4 Sep 2011 23:51:31 +0800 Subject: =?UTF-8?Q?upstream_configuration_is_changed=EF=BC=9FThe_keyword_=28weight/?= =?UTF-8?Q?max=5Ffail/fail=5Ftimeout=29_is_not_supported=3F?= Message-ID: Hi All? I met a configuation issue. the configuration is as following:?NGINX is V0.7.68) and upstream is enabled when compiled. I also test it in V1.0.5, the issue happens again. ---------------------------------------------------------------------------------------------------------------------------------------------- server { listen 80; server_name aaa.com; server_name 192.168.2.140; location / { proxy_pass http://haha; proxy_redirect off; proxy_buffering off; proxy_set_header Host $host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; client_max_body_size 1000m; client_body_buffer_size 256k; proxy_connect_timeout 600; proxy_temp_file_write_size 64k; } } upstream haha { server 1.1.1.2 max_fails=3 fail_timeout=30s; <---------max_fails/fail_timeouts/weight is not support ? server 1.1.1.1 weight=10; } ---------------------------------------------------------------------------------------------------------------------------------------------- When I run nginx, the error message print out as following: ./nginx Root# /etc/init.d/nginx restart [emerg]: invalid parameter "max_fails=3" in /var/log/nginx/conf/nginx.conf:19 ~ ~ ~ ~ -------------- next part -------------- An HTML attachment was scrubbed... URL: From quan.nexthop at gmail.com Sun Sep 4 15:52:39 2011 From: quan.nexthop at gmail.com (Geoge.Q) Date: Sun, 4 Sep 2011 23:52:39 +0800 Subject: [ANN] The lua-rds-parser Lua library and ngx_rds_csv nginx module In-Reply-To: References: Message-ID: Thanks your share with us. george On Sun, Sep 4, 2011 at 1:22 PM, agentzh wrote: > Hello! > > Recently I wrote a Lua C library named lua-rds-parser for the > ngx_openresty [1] world that we can now efficiently parse Resty DBD > Stream (RDS) formatted data generated by ngx_drizzle [2] and > ngx_postgres [3] into Lua data structures without using JSON as the > intermediate data format. This can save both CPU time and memory for > web applications running atop ngx_lua [4]. > > Here is the project homepage for this Lua library: > > https://github.com/agentzh/lua-rds-parser > > Also, there's a new Nginx filter module named ngx_rds_csv that can > convert RDS output into the Comma-Separated Values (CSV) format in a > streaming fashion: > > https://github.com/agentzh/rds-csv-nginx-module > > Both of these two components have already been included and enabled by > default in the latest ngx_openresty stable release [5] :) > > Enjoy! > -agentzh > > [1] http://openresty.org > [2] http://wiki.nginx.org/HttpDrizzleModule > [3] http://github.com/FRiCKLE/ngx_postgres/ > [4] http://wiki.nginx.org/HttpLuaModule > [5] http://openresty.org/#Download > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From mdounin at mdounin.ru Sun Sep 4 16:34:13 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Sun, 4 Sep 2011 20:34:13 +0400 Subject: nginx 1.0.2 AIO problem with open_file_cache In-Reply-To: References: <20110903100335.GO1137@mdounin.ru> Message-ID: <20110904163413.GR1137@mdounin.ru> Hello! On Sat, Sep 03, 2011 at 11:06:24PM +0800, dr-dr xp wrote: > The attachment is the error.log with only the failed request. And stat > output of this file: > > stat > //data2/0d97e01d7fbc48e498897492f0863929/g260674/257/26fd3732cd9f92f2413d10206cd8b0c9-5157235 > File: > `//data2/0d97e01d7fbc48e498897492f0863929/g260674/257/26fd3732cd9f92f2413d10206cd8b0c9-5157235' > Size: 51163499 Blocks: 100048 IO Block: 4096 regular file > Device: 821h/2081d Inode: 464404482 Links: 1 > Access: (0664/-rw-rw-r--) Uid: ( 1003/ www) Gid: ( 1003/ www) > Access: 2011-09-03 22:31:22.000000000 +0800 > Modify: 2011-07-30 01:45:56.000000000 +0800 > Change: 2011-07-30 01:45:56.000000000 +0800 > > > Such error occurs randomly on random file. The only relavent thing seems > like to be open_file_cache directive. > File sizes are almost 5M to 20M. > Files had not been changed. I checked the modify time of the files involved > in these errors. At first I had thought it was caused by a file change too. > But not. > > In my cluster there are also some other similar nodes running with the same > open_file_cache parameters but without aio enabled(sendfile is used). They > have no such issue. Please try the attached patch. Maxim Dounin > > > > > On Sat, Sep 3, 2011 at 6:03 PM, Maxim Dounin wrote: > > > Hello! > > > > On Sat, Sep 03, 2011 at 05:46:39PM +0800, dr-dr xp wrote: > > > > > Hello everybody. I recently have had some problem with AIO support and > > need > > > some help or advice on it. > > > > > > With AIO on, everything was OK. But when I enabled open_file_cache, nginx > > > frequently closed client connection directly without sending back any > > data. > > > > > > > > > My platform is linux 2.6.30. CentOS 5.4; > > > > > > The nginx server that has this issue serves static file at backend. > > Another > > > nginx serves as proxy in front of it. > > > Backend nginx config is like this: > > > ... > > > aio on; > > > > > > > > > directio 512; > > > > > > > > > output_buffers 1 128k; > > > ... > > > location /files { > > > > > > > > > > > > internal; > > > > > > > > > alias /; > > > open_file_cache max=50000 inactive=20s; > > > > > > > > > open_file_cache_valid 30s; > > > > > > > > > open_file_cache_min_uses 1; > > > > > > > > > open_file_cache_errors on; > > > > > > > > > With this config, on the frontend proxy server there are error logs like > > > this: > > > > > > 2011/09/03 17:01:19 [error] 12498#0: *78679759 *upstream prematurely > > closed > > > connection while reading response header from upstream*, client: > > > 221.193.212.77, server: , request: "GET .......... HTTP/1.1", upstream: > > > "http:// > > **/file/871586e763bf4417bf8d475858deee2b/260110/0b47fc7f4d84e4bcb01a6d6d1fcacc94-3581749", > > > host..... > > > > > > > > > And I saw in tcpdump output the connection was closed very quickly by > > > backend nginx: > > > > > > 22:02:22.892327 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: S > > > 1788188296:1788188296(0) win 5840 > > 0,nop,wscale 7> > > > 22:02:22.895683 IP 172.16.228.63.irdmi > 172.16.113.32.58271: S > > > 350810413:350810413(0) ack 1788188297 win 5792 > > 1948226601 66< > > > 22:02:22.895695 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: . ack 1 win > > 46 > > > > > > 22:02:22.895703 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: P > > 1:181(180) > > > ack 1 win 46 > > > 22:02:22.897680 IP 172.16.228.63.irdmi > 172.16.113.32.58271: . ack 181 > > win > > > 54 > > > 22:02:22.898348 IP 172.16.228.63.irdmi > 172.16.113.32.58271: F 1:1(0) > > ack > > > 181 win 54 > > > 22:02:22.898473 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: F > > 181:181(0) > > > ack 2 win 46 > > > 22:02:22.899804 IP 172.16.228.63.irdmi > 172.16.113.32.58271: . ack 182 > > win > > > 54 > > > > > > > > > On the backend nginx, strace shows that io_getevents got an error *"-22" > > > EINVAL*. > > > > > > [pid 5275] recvfrom(48, 0x7fffe4400ae7, 1, 2, 0, 0) = -1 EAGAIN > > (Resource > > > temporarily unavailable) > > > [pid 5275] epoll_wait(6, {{EPOLLIN|EPOLLOUT, {u32=2445415233, > > > u64=139850875540289}}}, 512, 5672) = 1 > > > [pid 5275] recvfrom(201, "\1\6\0\1\0\337\1\0Status: 301 Moved > > Perman"..., > > > 4096, 0, NULL, NULL) = 256 > > > [pid 5275] close(201) = 0 > > > [pid 5275] > > > > > stat("//data1/871586e763bf4417bf8d475858deee2b/g268315/252/995f20f76d0d3871fdb5d71bbc92956c-27769564", > > > {st_mode=S_IFREG|0600, st_size=122507, ...< > > > [pid 5275] io_submit(139850942226432, 1, {{0xf43718, 0, 0, 0, 40}}) = > > 1 > > > > > > > > > [pid 5275] epoll_wait(6, {{EPOLLIN, {u32=7173248, u64=7173248}}}, 512, > > > 5671) = 1 > > > > > > [pid 5275] read(7, "\1\0\0\0\0\0\0\0", 8) = 8 > > > [pid 5275] *io_getevents(139850942226432, 1, 64, {{0xf43718, 0xf436d8, > > > -22, 0}}, {0, 0}) = 1* > > > [pid 5275] write(24, "172.16.164.30 - - 172.16.228.63:"..., 338) = > > 338 > > > [pid 5275] close(48) > > > > > > And access.log shows that response length is ZERO: > > > > > > [03/Sep/2011:06:28:48 +0800] "GET > > > > > /file/871586e763bf4417bf8d475858deee2b/260284/ed31933859d27e33b8398deaea1d2ade-3969549 > > > HTTP/1.0" 206 0 0.001 "-" "-" "-" Range:bytes=27459105- > > > > > > > > > After I removed those *open_file_cache* directives, No such error > > occurred. > > > > > > And the shorter *inactive* is, the more often I get such errors. > > > > > > > > > Anybody has idea about avoiding this or fixing it? > > > > Could you please provide debug log? See > > http://wiki.nginx.org/Debugging for more information. > > > > Additionally, some more info about file requested might be > > helpful: how big it is? whether it changed on backend during > > requests? if yes, is it changed atomically? > > > > Maxim Dounin > > > > _______________________________________________ > > nginx mailing list > > nginx at nginx.org > > http://mailman.nginx.org/mailman/listinfo/nginx > > > > > > -- > ???????????????? > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx -------------- next part -------------- # HG changeset patch # User Maxim Dounin # Date 1315153882 0 # Node ID 16eaef9fbf7335a8ab02ce308799647b26bd11f9 # Parent 5d94f8b3e01d74ec6bd5bdcae176a8d3b998237d Bugfix: open_file_cache lost is_directio flag. On file retest open_file_cache lost is_directio if file wasn't changed. This caused unaligned operations under Linux to fail with EINVAL. It wasn't noticiable with AIO though, as errors wasn't properly logged. diff --git a/src/core/ngx_open_file_cache.c b/src/core/ngx_open_file_cache.c --- a/src/core/ngx_open_file_cache.c +++ b/src/core/ngx_open_file_cache.c @@ -290,6 +290,8 @@ ngx_open_cached_file(ngx_open_file_cache file->use_event = 1; } + of->is_directio = file->is_directio; + goto renew; } diff --git a/src/os/unix/ngx_file_aio_read.c b/src/os/unix/ngx_file_aio_read.c --- a/src/os/unix/ngx_file_aio_read.c +++ b/src/os/unix/ngx_file_aio_read.c @@ -86,6 +86,9 @@ ngx_file_aio_read(ngx_file_t *file, u_ch return aio->nbytes; } + ngx_log_error(NGX_LOG_CRIT, file->log, ngx_errno, + "aio read \"%s\" failed", file->name.data); + return NGX_ERROR; } diff --git a/src/os/unix/ngx_linux_aio_read.c b/src/os/unix/ngx_linux_aio_read.c --- a/src/os/unix/ngx_linux_aio_read.c +++ b/src/os/unix/ngx_linux_aio_read.c @@ -74,6 +74,10 @@ ngx_file_aio_read(ngx_file_t *file, u_ch } ngx_set_errno(-aio->res); + + ngx_log_error(NGX_LOG_CRIT, file->log, ngx_errno, + "aio read \"%s\" failed", file->name.data); + return NGX_ERROR; } From nginx at nginxuser.net Sun Sep 4 16:40:44 2011 From: nginx at nginxuser.net (Nginx User) Date: Sun, 4 Sep 2011 19:40:44 +0300 Subject: http_auth_request_module Instructions? In-Reply-To: <20110903222515.GP1137@mdounin.ru> References: <20110903222515.GP1137@mdounin.ru> Message-ID: On Sun, Sep 4, 2011 at 1:25 AM, Maxim Dounin wrote: > Hello! > > On Sun, Sep 04, 2011 at 12:02:34AM +0300, Nginx User wrote: > > > Is the any documentation for the http_auth_request_module anywhere? > Trying > > to find out what the configuration parameters are if any. > > Try README in the module tarball. Alternatively, you may find it > here: > Hi Thanks for that. To clarify, My understanding of how this works is that when a request from a client (I'll call this "Client Request") hits Nginx, the module handler will spin off a request (I'll call this "Module Request") to a location where I would have arranged for authentication to occur. This can be auth basic etc or my own custom process. Assuming my own custom process, I should arrange for it to return status code "200" to allow access, status code "403" to deny access or status code "401" to ask for username and password (responding by 200, 403 or 401 as required). When the module receives a "200" code for the Module Request, it will pass the Client Request on through to the next normal stage of Nginx processing. If a "403" code is received, The user is sent the same and processing stops. Four queries: 1. Is my understanding of the process correct? 2. When the README says "it is not currently possible to use proxy_cache/proxy_store (and fastcgi_cache/fastcgi_store) for requests initiated by auth request module", does this apply to the Module Request only as it suggests and that the Client Request will proceed as normal or is there a twist to it? 3. Does the module cover "post" requests as well 4. I notice "proxy_set_header X-Original-URI $request_uri;" in the README example. Is this a requirement? Thanks again -------------- next part -------------- An HTML attachment was scrubbed... URL: From mdounin at mdounin.ru Sun Sep 4 17:17:48 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Sun, 4 Sep 2011 21:17:48 +0400 Subject: =?UTF-8?Q?Re=3A_upstream_configuration_is_changed=EF=BC=9FThe_keyword_=28w?= =?UTF-8?Q?eight/max=5Ffail/fail=5Ftimeout=29_is_not_supported=3F?= In-Reply-To: References: Message-ID: <20110904171748.GU1137@mdounin.ru> Hello! On Sun, Sep 04, 2011 at 11:51:31PM +0800, Geoge.Q wrote: > Hi All? > > I met a configuation issue. the configuration is as following:?NGINX is > V0.7.68) and upstream is enabled when compiled. > I also test it in V1.0.5, the issue happens again. > > ---------------------------------------------------------------------------------------------------------------------------------------------- > server { > listen 80; > server_name aaa.com; > server_name 192.168.2.140; > location / { > proxy_pass http://haha; > proxy_redirect off; > proxy_buffering off; > proxy_set_header Host $host; > proxy_set_header X-Real-IP $remote_addr; > proxy_set_header X-Forwarded-For > $proxy_add_x_forwarded_for; > client_max_body_size 1000m; > client_body_buffer_size 256k; > proxy_connect_timeout 600; > proxy_temp_file_write_size 64k; > } > } > upstream haha { > server 1.1.1.2 max_fails=3 fail_timeout=30s; > <---------max_fails/fail_timeouts/weight is not support ? > server 1.1.1.1 weight=10; > } > ---------------------------------------------------------------------------------------------------------------------------------------------- > > When I run nginx, the error message print out as following: > ./nginx > > Root# /etc/init.d/nginx restart > [emerg]: invalid parameter "max_fails=3" in > /var/log/nginx/conf/nginx.conf:19 The problem is that you've tried to define upstream after it was already implicitly created by proxy_pass directive. Move upstream definition before it's first use. Maxim Dounin From nginx-forum at nginx.us Sun Sep 4 17:33:59 2011 From: nginx-forum at nginx.us (magicbear) Date: Sun, 04 Sep 2011 13:33:59 -0400 Subject: upstream keepalive - call for testing In-Reply-To: <20110801160725.GH1137@mdounin.ru> References: <20110801160725.GH1137@mdounin.ru> Message-ID: <0d5cc130a417bb62098701656fd44e42.NginxMailingListEnglish@forum.nginx.org> Hello , when run for 5 days, today have 2 segment failure. 2011/09/04 12:00:47 [alert] 32147#0: worker process 8496 exited on signal 11 (core dumped) 2011/09/04 12:17:32 [alert] 8497#0: ignore long locked inactive cache entry 57c7c6c612a651727b880a1c9a2c7d2d, count:1 2011/09/04 12:21:31 [alert] 32147#0: worker process 19185 exited on signal 11 (core dumped) Core was generated by `nginx:'. Program terminated with signal 11, Segmentation fault. #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at src/http/ngx_http_upstream.c:915 915 ctx->current_request = r; (gdb) bt #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at src/http/ngx_http_upstream.c:915 #1 0x0000000000419e95 in ngx_event_expire_timers () at src/event/ngx_event_timer.c:149 #2 0x0000000000419ac7 in ngx_process_events_and_timers (cycle=0x21f1990) at src/event/ngx_event.c:261 #3 0x000000000041f76e in ngx_worker_process_cycle (cycle=0x21f1990, data=) at src/os/unix/ngx_process_cycle.c:800 #4 0x000000000041e16b in ngx_spawn_process (cycle=0x21f1990, proc=0x41f69d , data=0x0, name=0x463f3d "worker process", respawn=7) at src/os/unix/ngx_process.c:196 #5 0x000000000042008d in ngx_reap_children (cycle=0x21f1990) at src/os/unix/ngx_process_cycle.c:617 #6 ngx_master_process_cycle (cycle=0x21f1990) at src/os/unix/ngx_process_cycle.c:180 #7 0x0000000000406061 in main (argc=, argv=) at src/core/nginx.c:405 (gdb) bt full #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at src/http/ngx_http_upstream.c:915 c = 0x23b4160 r = 0x22a2780 ctx = u = 0x0 #1 0x0000000000419e95 in ngx_event_expire_timers () at src/event/ngx_event_timer.c:149 ev = 0x7fc45735f8a8 root = 0x7fc4574ffa30 sentinel = 0x689560 #2 0x0000000000419ac7 in ngx_process_events_and_timers (cycle=0x21f1990) at src/event/ngx_event.c:261 flags = 1 timer = delta = 21 #3 0x000000000041f76e in ngx_worker_process_cycle (cycle=0x21f1990, data=) at src/os/unix/ngx_process_cycle.c:800 i = c = #4 0x000000000041e16b in ngx_spawn_process (cycle=0x21f1990, proc=0x41f69d , data=0x0, name=0x463f3d "worker process", respawn=7) at src/os/unix/ngx_process.c:196 on = 1 pid = 0 s = 7 #5 0x000000000042008d in ngx_reap_children (cycle=0x21f1990) at src/os/unix/ngx_process_cycle.c:617 i = live = n = ch = {command = 2, pid = 8496, slot = 7, fd = -1} ccf = #6 ngx_master_process_cycle (cycle=0x21f1990) at src/os/unix/ngx_process_cycle.c:180 title = p = size = i = n = sigio = 0 set = {__val = {0 }} itv = {it_interval = {tv_sec = 0, tv_usec = 35114632}, it_value = {tv_sec = 0, tv_usec = 32146}} live = delay = 0 ls = ccf = 0x21f2188 #7 0x0000000000406061 in main (argc=, argv=) at src/core/nginx.c:405 i = log = 0x687380 cycle = 0x217ce70 init_cycle = {conf_ctx = 0x0, pool = 0x217c240, log = 0x687380, new_log = {log_level = 0, file = 0x0, connection = 0, handler = 0, data = 0x0, action = 0x0}, files = 0x0, free_connections = 0x0, free_connection_n = 0, reusable_connections_queue = {prev = 0x0, next = 0x0}, listening = {elts = 0x0, nelts = 0, size = 0, nalloc = 0, pool = 0x0}, pathes = {elts = 0x0, nelts = 0, size = 0, nalloc = 0, pool = 0x0}, open_files = {last = 0x0, part = {elts = 0x0, nelts = 0, next = 0x0}, size = 0, nalloc = 0, pool = 0x0}, shared_memory = {last = 0x0, part = {elts = 0x0, nelts = 0, next = 0x0}, size = 0, nalloc = 0, pool = 0x0}, connection_n = 0, files_n = 0, connections = 0x0, read_events = 0x0, write_events = 0x0, old_cycle = 0x0, conf_file = {len = 21, data = 0x4606b6 "/etc/nginx/nginx.conf"}, conf_param = {len = 0, data = 0x0}, conf_prefix = {len = 11, data = 0x4606b6 "/etc/nginx/nginx.conf"}, prefix = {len = 17, data = 0x4606a4 "/usr/local/nginx/"}, lock_file = {len = 0, data = 0x0}, hostname = {len = 0, data = 0x0}} ---Type to continue, or q to quit--- ccf = Posted at Nginx Forum: http://forum.nginx.org/read.php?2,213207,214739#msg-214739 From nginx at nginxuser.net Sun Sep 4 17:38:04 2011 From: nginx at nginxuser.net (Nginx User) Date: Sun, 4 Sep 2011 20:38:04 +0300 Subject: OpenResty Queries Message-ID: Some quick queries about some things missing from available documentation about OpenResty 1. Notice current version is bundled with Nginx 1.0.4. Is it possible for an end user to upgrade Nginx? I.E. can I download OpenResty and slip in Nginx 1.0.6? 2. The bundled modules are awesome but what is the process wants an extra third party module? Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: From mdounin at mdounin.ru Sun Sep 4 18:00:43 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Sun, 4 Sep 2011 22:00:43 +0400 Subject: http_auth_request_module Instructions? In-Reply-To: References: <20110903222515.GP1137@mdounin.ru> Message-ID: <20110904180042.GV1137@mdounin.ru> Hello! On Sun, Sep 04, 2011 at 07:40:44PM +0300, Nginx User wrote: > On Sun, Sep 4, 2011 at 1:25 AM, Maxim Dounin wrote: > > > Hello! > > > > On Sun, Sep 04, 2011 at 12:02:34AM +0300, Nginx User wrote: > > > > > Is the any documentation for the http_auth_request_module anywhere? > > Trying > > > to find out what the configuration parameters are if any. > > > > Try README in the module tarball. Alternatively, you may find it > > here: > > > > > Hi Thanks for that. > > To clarify, My understanding of how this works is that when a request from a > client (I'll call this "Client Request") hits Nginx, the module handler will > spin off a request (I'll call this "Module Request") to a location where I > would have arranged for authentication to occur. This can be auth basic etc > or my own custom process. Assuming my own custom process, I should arrange > for it to return status code "200" to allow access, status code "403" to > deny access or status code "401" to ask for username and > password (responding by 200, 403 or 401 as required). When the module > receives a "200" code for the Module Request, it will pass the Client > Request on through to the next normal stage of Nginx processing. If a "403" > code is received, The user is sent the same and processing stops. > > Four queries: > > 1. Is my understanding of the process correct? Yes. > 2. When the README says "it is not currently possible to use > proxy_cache/proxy_store (and fastcgi_cache/fastcgi_store) for requests > initiated by auth request module", does this apply to the Module Request > only as it suggests and that the Client Request will proceed as normal or is > there a twist to it? It applies only to auth subrequests. Client requests will proceed as usual. > 3. Does the module cover "post" requests as well Yes. Note though, request body won't be read at auth_request (and won't be passed to auth subrequest). > 4. I notice "proxy_set_header X-Original-URI $request_uri;" in the README > example. Is this a requirement? It's just an example how to pass original request uri to your custom auth script. Note though, that proxy_pass_request_body off; proxy_set_header Content-Length ""; is actually required when proxy_pass'ing auth subrequests, as request body won't read (see above). Maxim Dounin From ggarron at alketech.com Sun Sep 4 18:01:50 2011 From: ggarron at alketech.com (Guillermo Garron) Date: Sun, 4 Sep 2011 14:01:50 -0400 Subject: Archives / or question Message-ID: <5B05EBB5-52E1-42EC-9AA6-EC754649A4F7@alketech.com> Hi, I'm new to the list, and I do not want to bother you, as I'm sure this has been posted in past please tell me where to find the archives. If for some reason someone has the answer here is my question: I've this setup. Gentoo Linux Nginx with this USE flags: www-servers/nginx http http-cache ipv6 pcre vim-syntax -aio -debug -libatomic -ssl nginx_modules_http_access nginx_modules_http_auth_basic anginx_modules_http_utoindex nginx_modules_http_browser nginx_modules_http_charset nginx_modules_http_empty_gif -nginx_modules_http_fastcgi nginx_modules_http_geo nginx_modules_http_gzip nginx_modules_http_limit_req nginx_modules_http_limit_zone map -nginx_modules_http_memcached nginx_modules_http_proxy nginx_modules_http_referer nginx_modules_http_rewrite -nginx_modules_http_scgi nginx_modules_http_split_clients -nginx_modules_http_ssi nginx_modules_http_upstream_ip_hash nginx_modules_http_userid nginx_modules_http_uwsgi -nginx_modules_http_addition -nginx_modules_http_cache_purge -nginx_modules_http_dav -nginx_modules_http_degradation -nginx_modules_http_ey_balancer -nginx_modules_http_flv -nginx_modules_http_geoip nginx_modules_http_gzip_static -nginx_modules_http_headers_more -nginx_modules_http_image_filter -nginx_modules_http_passenger -nginx_modules_http_perl -nginx_modules_http_push -nginx_modules_http_random_index -nginx_modules_http_realip -nginx_modules_http_secure_link -nginx_modules_http_slowfs_cache -nginx_modules_http_stub_status -nginx_modules_http_sub -nginx_modules_http_upload -nginx_modules_http_xslt -nginx_modules_mail_imap -nginx_modules_mail_pop3 -nginx_modules_mail_smtp Serving only static files (My blog is Jekyll generated, so only html/css/png files). Now I want to know how to achieve the best possible performance, leave my server as it is? or implement (on the same machine) Varnish in front of Nginx to serve from RAM instead of disk. I am using a Linode server with 512 Megs or RAM. thanks for your help, either answering me or pointing me in the right direction to find an answer. best regards. Guillermo Garron From mdounin at mdounin.ru Sun Sep 4 18:21:37 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Sun, 4 Sep 2011 22:21:37 +0400 Subject: upstream keepalive - call for testing In-Reply-To: <0d5cc130a417bb62098701656fd44e42.NginxMailingListEnglish@forum.nginx.org> References: <20110801160725.GH1137@mdounin.ru> <0d5cc130a417bb62098701656fd44e42.NginxMailingListEnglish@forum.nginx.org> Message-ID: <20110904182137.GW1137@mdounin.ru> Hello! On Sun, Sep 04, 2011 at 01:33:59PM -0400, magicbear wrote: > Hello , when run for 5 days, today have 2 segment failure. > > 2011/09/04 12:00:47 [alert] 32147#0: worker process 8496 exited on > signal 11 (core dumped) > 2011/09/04 12:17:32 [alert] 8497#0: ignore long locked inactive cache > entry 57c7c6c612a651727b880a1c9a2c7d2d, count:1 > 2011/09/04 12:21:31 [alert] 32147#0: worker process 19185 exited on > signal 11 (core dumped) > > > > > Core was generated by `nginx:'. > Program terminated with signal 11, Segmentation fault. > #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at > src/http/ngx_http_upstream.c:915 > 915 ctx->current_request = r; > (gdb) bt > #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at > src/http/ngx_http_upstream.c:915 > #1 0x0000000000419e95 in ngx_event_expire_timers () at > src/event/ngx_event_timer.c:149 > #2 0x0000000000419ac7 in ngx_process_events_and_timers > (cycle=0x21f1990) at src/event/ngx_event.c:261 Hm, this looks identical to one you've reported previously. Do you have patch from http://mailman.nginx.org/pipermail/nginx/2011-August/028809.html applied? > #3 0x000000000041f76e in ngx_worker_process_cycle (cycle=0x21f1990, > data=) at src/os/unix/ngx_process_cycle.c:800 > #4 0x000000000041e16b in ngx_spawn_process (cycle=0x21f1990, > proc=0x41f69d , data=0x0, name=0x463f3d > "worker process", respawn=7) at src/os/unix/ngx_process.c:196 > #5 0x000000000042008d in ngx_reap_children (cycle=0x21f1990) at > src/os/unix/ngx_process_cycle.c:617 > #6 ngx_master_process_cycle (cycle=0x21f1990) at > src/os/unix/ngx_process_cycle.c:180 > #7 0x0000000000406061 in main (argc=, argv= optimized out>) at src/core/nginx.c:405 > > > (gdb) bt full > #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at > src/http/ngx_http_upstream.c:915 > c = 0x23b4160 > r = 0x22a2780 > ctx = address 0x20)> > u = 0x0 Could you please show results of the following gdb commands: fr 0 p *ev p *((ngx_connection_t *) ev->data) Maxim Dounin From magicbearmo at gmail.com Sun Sep 4 18:31:54 2011 From: magicbearmo at gmail.com (MagicBear) Date: Mon, 5 Sep 2011 02:31:54 +0800 Subject: upstream keepalive - call for testing In-Reply-To: <20110904182137.GW1137@mdounin.ru> References: <20110801160725.GH1137@mdounin.ru> <0d5cc130a417bb62098701656fd44e42.NginxMailingListEnglish@forum.nginx.org> <20110904182137.GW1137@mdounin.ru> Message-ID: (gdb) fr 0 #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at src/http/ngx_http_upstream.c:915 915 ctx->current_request = r; (gdb) p *ev $1 = {data = 0x7fc4576aa750, write = 1, accept = 0, instance = 1, active = 1, disabled = 0, ready = 1, oneshot = 0, complete = 0, eof = 0, error = 0, timedout = 1, timer_set = 0, delayed = 0, read_discarded = 0, unexpected_eof = 0, deferred_accept = 0, pending_eof = 0, posted_ready = 0, available = 0, handler = 0x43bf9c , index = 3503345872, log = 0x21f1770, timer = {key = 0, left = 0x0, right = 0x0, parent = 0x0, color = 0 '\000', data = 0 '\000'}, closed = 0, channel = 0, resolver = 0, next = 0x0, prev = 0x0} (gdb) p *((ngx_connection_t *) ev->data) $2 = {data = 0x22a2780, read = 0x7fc4575008a8, write = 0x7fc45735f8a8, fd = 66, recv = 0x41cc50 , send = 0x41cf08 , recv_chain = 0x41cd00 , send_chain = 0x421050 , listening = 0x0, sent = 0, log = 0x21f1770, pool = 0x237ff70, sockaddr = 0x0, socklen = 0, addr_text = {len = 0, data = 0x0}, ssl = 0x0, local_sockaddr = 0x0, buffer = 0x0, queue = {prev = 0x0, next = 0x0}, number = 63713716, requests = 0, buffered = 0, log_error = 1, single_connection = 0, unexpected_eof = 0, timedout = 0, error = 0, destroyed = 0, idle = 0, reusable = 0, close = 0, sendfile = 1, sndlowat = 0, tcp_nodelay = 0, tcp_nopush = 0} 2011/9/5 Maxim Dounin > Hello! > > On Sun, Sep 04, 2011 at 01:33:59PM -0400, magicbear wrote: > > > Hello , when run for 5 days, today have 2 segment failure. > > > > 2011/09/04 12:00:47 [alert] 32147#0: worker process 8496 exited on > > signal 11 (core dumped) > > 2011/09/04 12:17:32 [alert] 8497#0: ignore long locked inactive cache > > entry 57c7c6c612a651727b880a1c9a2c7d2d, count:1 > > 2011/09/04 12:21:31 [alert] 32147#0: worker process 19185 exited on > > signal 11 (core dumped) > > > > > > > > > > Core was generated by `nginx:'. > > Program terminated with signal 11, Segmentation fault. > > #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at > > src/http/ngx_http_upstream.c:915 > > 915 ctx->current_request = r; > > (gdb) bt > > #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at > > src/http/ngx_http_upstream.c:915 > > #1 0x0000000000419e95 in ngx_event_expire_timers () at > > src/event/ngx_event_timer.c:149 > > #2 0x0000000000419ac7 in ngx_process_events_and_timers > > (cycle=0x21f1990) at src/event/ngx_event.c:261 > > Hm, this looks identical to one you've reported previously. Do > you have patch from > > http://mailman.nginx.org/pipermail/nginx/2011-August/028809.html > > applied? > > > #3 0x000000000041f76e in ngx_worker_process_cycle (cycle=0x21f1990, > > data=) at src/os/unix/ngx_process_cycle.c:800 > > #4 0x000000000041e16b in ngx_spawn_process (cycle=0x21f1990, > > proc=0x41f69d , data=0x0, name=0x463f3d > > "worker process", respawn=7) at src/os/unix/ngx_process.c:196 > > #5 0x000000000042008d in ngx_reap_children (cycle=0x21f1990) at > > src/os/unix/ngx_process_cycle.c:617 > > #6 ngx_master_process_cycle (cycle=0x21f1990) at > > src/os/unix/ngx_process_cycle.c:180 > > #7 0x0000000000406061 in main (argc=, argv= > optimized out>) at src/core/nginx.c:405 > > > > > > (gdb) bt full > > #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at > > src/http/ngx_http_upstream.c:915 > > c = 0x23b4160 > > r = 0x22a2780 > > ctx = > address 0x20)> > > u = 0x0 > > Could you please show results of the following gdb commands: > > fr 0 > p *ev > p *((ngx_connection_t *) ev->data) > > > Maxim Dounin > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Sun Sep 4 18:37:17 2011 From: nginx-forum at nginx.us (loganbest) Date: Sun, 04 Sep 2011 14:37:17 -0400 Subject: Can't fix "No input file specified." with php-fastcgi Message-ID: I've been trying to fix this pesky error for a couple days and no forums or anything is suggesting anything that is helping. I simply just need someone to login to my EC2 instance and figure out what's going on. I've tried reinstalling php to all the default configs and everything but nothing is working. I don't have any money to pay for this right now but you can invoice my paypal and I will get to it as soon as I have the money to give. My timeline for this is pretty quick as I have something that needs to be launched on tuesday. Please let me know if someone can fix this asap. Thanks in advance. Logan Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214746,214746#msg-214746 From ggarron at alketech.com Sun Sep 4 18:40:45 2011 From: ggarron at alketech.com (Guillermo Garron) Date: Sun, 4 Sep 2011 14:40:45 -0400 Subject: Can't fix "No input file specified." with php-fastcgi In-Reply-To: References: Message-ID: Do you really need it to be fastcgi now? I mean you can start with Apache behind nginx and switch to fastcgi later, after your launch. Regards Guillermo. On Sep 4, 2011 2:37 PM, "loganbest" wrote: I've been trying to fix this pesky error for a couple days and no forums or anything is suggesting anything that is helping. I simply just need someone to login to my EC2 instance and figure out what's going on. I've tried reinstalling php to all the default configs and everything but nothing is working. I don't have any money to pay for this right now but you can invoice my paypal and I will get to it as soon as I have the money to give. My timeline for this is pretty quick as I have something that needs to be launched on tuesday. Please let me know if someone can fix this asap. Thanks in advance. Logan Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214746,214746#msg-214746 _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Sun Sep 4 18:46:07 2011 From: nginx-forum at nginx.us (loganbest) Date: Sun, 04 Sep 2011 14:46:07 -0400 Subject: Can't fix "No input file specified." with php-fastcgi In-Reply-To: References: Message-ID: <83b7a11505d9b23a1afd7deff640edf1.NginxMailingListEnglish@forum.nginx.org> I'm not sure what the standard practices of nginx+php are. This is my first time working with nginx and I didn't install nginx, I just installed fastcgi based on an article I found at the top of google. I've seen php-fpm and php-fastcgi and I don't know the differences or pro/cons of each. I'm really just looking for some quick help to get this running. I'd also rather not have both nginx and apache running on the same server since this isn't a very large ec2 instance I can't take the memory footprint of apache. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214746,214748#msg-214748 From ggarron at alketech.com Sun Sep 4 19:03:29 2011 From: ggarron at alketech.com (Guillermo Garron) Date: Sun, 4 Sep 2011 15:03:29 -0400 Subject: Can't fix "No input file specified." with php-fastcgi In-Reply-To: References: <83b7a11505d9b23a1afd7deff640edf1.NginxMailingListEnglish@forum.nginx.org> Message-ID: Well I've only worked in the past with nginx serving static files and sending php to apache behind. If you decide to go that way or not find help in the current scenario, I can help you then. Let me know, I'll be checking my blackberry, in 5 hours I will be available On Sep 4, 2011 2:46 PM, "loganbest" wrote: I'm not sure what the standard practices of nginx+php are. This is my first time working with nginx and I didn't install nginx, I just installed fastcgi based on an article I found at the top of google. I've seen php-fpm and php-fastcgi and I don't know the differences or pro/cons of each. I'm really just looking for some quick help to get this running. I'd also rather not have both nginx and apache running on the same server since this isn't a very large ec2 instance I can't take the memory footprint of apache. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214746,214748#msg-214748 _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.n... -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx at nginxuser.net Sun Sep 4 19:08:30 2011 From: nginx at nginxuser.net (Nginx User) Date: Sun, 4 Sep 2011 22:08:30 +0300 Subject: http_auth_request_module Instructions? In-Reply-To: <20110904180042.GV1137@mdounin.ru> References: <20110903222515.GP1137@mdounin.ru> <20110904180042.GV1137@mdounin.ru> Message-ID: On Sun, Sep 4, 2011 at 9:00 PM, Maxim Dounin wrote: > Hello! > > On Sun, Sep 04, 2011 at 07:40:44PM +0300, Nginx User wrote: > > > On Sun, Sep 4, 2011 at 1:25 AM, Maxim Dounin wrote: > > > > > Hello! > > > > > > On Sun, Sep 04, 2011 at 12:02:34AM +0300, Nginx User wrote: > > > > > > > Is the any documentation for the http_auth_request_module anywhere? > > > Trying > > > > to find out what the configuration parameters are if any. > > > > > > Try README in the module tarball. Alternatively, you may find it > > > here: > > > > > > > > > Hi Thanks for that. > > > > To clarify, My understanding of how this works is that when a request > from a > > client (I'll call this "Client Request") hits Nginx, the module handler > will > > spin off a request (I'll call this "Module Request") to a location where > I > > would have arranged for authentication to occur. This can be auth basic > etc > > or my own custom process. Assuming my own custom process, I should > arrange > > for it to return status code "200" to allow access, status code "403" to > > deny access or status code "401" to ask for username and > > password (responding by 200, 403 or 401 as required). When the module > > receives a "200" code for the Module Request, it will pass the Client > > Request on through to the next normal stage of Nginx processing. If a > "403" > > code is received, The user is sent the same and processing stops. > > > > Four queries: > > > > 1. Is my understanding of the process correct? > > Yes. > > > 2. When the README says "it is not currently possible to use > > proxy_cache/proxy_store (and fastcgi_cache/fastcgi_store) for requests > > initiated by auth request module", does this apply to the Module Request > > only as it suggests and that the Client Request will proceed as normal or > is > > there a twist to it? > > It applies only to auth subrequests. Client requests will proceed > as usual. > > > 3. Does the module cover "post" requests as well > > Yes. Note though, request body won't be read at auth_request (and > won't be passed to auth subrequest). > > > 4. I notice "proxy_set_header X-Original-URI $request_uri;" in the README > > example. Is this a requirement? > > It's just an example how to pass original request uri to your > custom auth script. > > Note though, that > > proxy_pass_request_body off; > proxy_set_header Content-Length ""; > > is actually required when proxy_pass'ing auth subrequests, as > request body won't read (see above). Brilliant. I think a bigger deal should be made of this module as it makes a nonsense of the "lack of a WAF" concern about Nginx. I'll suggest pushing it to the core as many are not aware of it. I think the low profile is also because it is not documented on the wiki. I had clicked on the link in the early days but on being taken to the sparse website with a few log items, I beat a hurried retreat. Since you have Igor's ear, I'll suggest you whisper the following into it: "Hey ?????! ? ????? ??? ?? ?????? ??????? ???? ?????? ???????? ?? ?????????. ??? ??????? ????? ??? FUD ?????? Nginx ? ????? ?????? WAF ? ?????? ????? ????." On second thoughts, don't ... He might think you have had too much vodka since that is machine translated. Last query on this. The information on the "satisfy" directive in the wiki states that: * all - Both Access *and* Auth Basic directives must grant access to the context * any - Either Access *or* Auth Basic directives grant access to the context Is this miss leading? Should it be something like: * all - All access phase handlers must grant access to the context * any - Any access phase handler can grant access to the context Thanks -------------- next part -------------- An HTML attachment was scrubbed... URL: From ano at bestmx.ru Sun Sep 4 19:33:51 2011 From: ano at bestmx.ru (Andrey N. Oktyabrski) Date: Sun, 04 Sep 2011 23:33:51 +0400 Subject: http_auth_request_module Instructions? In-Reply-To: References: <20110903222515.GP1137@mdounin.ru> <20110904180042.GV1137@mdounin.ru> Message-ID: <4E63D29F.1030209@bestmx.ru> On 04.09.11 23:08, Nginx User wrote: > "Hey ?????! ? ????? ??? ?? ?????? ??????? ???? ?????? ???????? ?? > ?????????. ??? ??????? ????? ??? FUD ?????? Nginx ? ????? ?????? WAF ? > ?????? ????? ????." Excuse me, your english much better than russian, please use it :-) From nginx at nginxuser.net Sun Sep 4 19:50:04 2011 From: nginx at nginxuser.net (Nginx User) Date: Sun, 4 Sep 2011 22:50:04 +0300 Subject: http_auth_request_module Instructions? In-Reply-To: <4E63D29F.1030209@bestmx.ru> References: <20110903222515.GP1137@mdounin.ru> <20110904180042.GV1137@mdounin.ru> <4E63D29F.1030209@bestmx.ru> Message-ID: 2011/9/4 Andrey N. Oktyabrski > On 04.09.11 23:08, Nginx User wrote: > >> "Hey ?????! ? ????? ??? ?? ?????? ??????? ???? ?????? ???????? ?? >> ?????????. ??? ??????? ????? ??? FUD ?????? Nginx ? ????? ?????? WAF ? >> ?????? ????? ????." >> > Excuse me, your english much better than russian, please use it :-) You obviously type faster than you read since you managed to send your email before you finished reading the next line which says ... On second thoughts, don't ... He might think you have had too much vodka > since that is machine translated. You should learn to read a bit faster but we digress :-) -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Sun Sep 4 20:24:00 2011 From: nginx-forum at nginx.us (loganbest) Date: Sun, 04 Sep 2011 16:24:00 -0400 Subject: Can't fix "No input file specified." with php-fastcgi In-Reply-To: <83b7a11505d9b23a1afd7deff640edf1.NginxMailingListEnglish@forum.nginx.org> References: <83b7a11505d9b23a1afd7deff640edf1.NginxMailingListEnglish@forum.nginx.org> Message-ID: Somehow, between purging all php configs and packages and reinstalling them and altering the php location definition in the nginx.conf it now works as it did before.... I"m confused but I'm not going to touch it now. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214746,214754#msg-214754 From nginx-forum at nginx.us Sun Sep 4 21:14:27 2011 From: nginx-forum at nginx.us (loganbest) Date: Sun, 04 Sep 2011 17:14:27 -0400 Subject: Can't fix "No input file specified." with php-fastcgi In-Reply-To: References: Message-ID: <369c4c70e6b9f1a77e70a62ea93d8aa0.NginxMailingListEnglish@forum.nginx.org> I take that back.... it started again. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214746,214756#msg-214756 From ggarron at alketech.com Sun Sep 4 21:19:03 2011 From: ggarron at alketech.com (Guillermo Garron) Date: Sun, 4 Sep 2011 17:19:03 -0400 Subject: Can't fix "No input file specified." with php-fastcgi Message-ID: <2a1a1ceedd33352155268607634ce01f@mail.gmail.com> What aplication are you using? I mean with php? ------Original Message------ From: loganbest To: nginx at nginx.org ReplyTo: nginx at nginx.org Subject: Re: Can't fix "No input file specified." with php-fastcgi Sent: Sep 4, 2011 4:24 PM Somehow, between purging all php configs and packages and reinstalling them and altering the php location definition in the nginx.conf it now works as it did before.... I"m confused but I'm not going to touch it now. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214746,214754#msg-214754 _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx From nginx-forum at nginx.us Sun Sep 4 21:21:21 2011 From: nginx-forum at nginx.us (loganbest) Date: Sun, 04 Sep 2011 17:21:21 -0400 Subject: Can't fix "No input file specified." with php-fastcgi In-Reply-To: <2a1a1ceedd33352155268607634ce01f@mail.gmail.com> References: <2a1a1ceedd33352155268607634ce01f@mail.gmail.com> Message-ID: <110b6d83f8fc0d1ab9b8cd761506b946.NginxMailingListEnglish@forum.nginx.org> I only have 2 php files at this time because the rest of the server is using ruby. It's just standard php and not even very much php. Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214746,214758#msg-214758 From mdounin at mdounin.ru Sun Sep 4 22:01:25 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 5 Sep 2011 02:01:25 +0400 Subject: http_auth_request_module Instructions? In-Reply-To: References: <20110903222515.GP1137@mdounin.ru> <20110904180042.GV1137@mdounin.ru> Message-ID: <20110904220125.GX1137@mdounin.ru> Hello! On Sun, Sep 04, 2011 at 10:08:30PM +0300, Nginx User wrote: [...] > Last query on this. > > The information on the "satisfy" directive in the wiki states that: > > * all - Both Access *and* Auth Basic directives must grant access to the > context > * any - Either Access *or* Auth Basic directives grant access to the context > Is this miss leading? Should it be something like: > > * all - All access phase handlers must grant access to the context > * any - Any access phase handler can grant access to the context Both versions are right, though first one implicitly assumes you are using only standard access modules. Maxim Dounin From nginx at nginxuser.net Sun Sep 4 22:36:09 2011 From: nginx at nginxuser.net (Nginx User) Date: Mon, 5 Sep 2011 01:36:09 +0300 Subject: http_auth_request_module Instructions? In-Reply-To: <20110904220125.GX1137@mdounin.ru> References: <20110903222515.GP1137@mdounin.ru> <20110904180042.GV1137@mdounin.ru> <20110904220125.GX1137@mdounin.ru> Message-ID: On Mon, Sep 5, 2011 at 1:01 AM, Maxim Dounin wrote: > Hello! > > On Sun, Sep 04, 2011 at 10:08:30PM +0300, Nginx User wrote: > > [...] > > > Last query on this. > > > > The information on the "satisfy" directive in the wiki states that: > > > > * all - Both Access *and* Auth Basic directives must grant access to the > > context > > * any - Either Access *or* Auth Basic directives grant access to the > context > > Is this miss leading? Should it be something like: > > > > * all - All access phase handlers must grant access to the context > > * any - Any access phase handler can grant access to the context > > Both versions are right, though first one implicitly assumes you > are using only standard access modules. I'll say the first set is technically wrong as it *implies* the directive only applies to those two modules. The key is in the use of the words "both" and "either" which imply a sum total of two possibilities. I edited the wiki to read: Access policy if directives from multiple access phase handlers, such as the Access and Auth Basic modules, are defined in a context: * all - All access phase handlers must grant access to the context * any - Any access phase handler can grant access to the context Thanks! -------------- next part -------------- An HTML attachment was scrubbed... URL: From nginx-forum at nginx.us Sun Sep 4 22:46:18 2011 From: nginx-forum at nginx.us (Mickie D) Date: Sun, 04 Sep 2011 18:46:18 -0400 Subject: Help with rewrite Message-ID: <461adae45a9d3ba0d9d4ed211a89df13.NginxMailingListEnglish@forum.nginx.org> Hi everyone, I am using a plugin for my site called VBSEO They use the following code: -------------------------------------------------------- if ($request_filename ~ "\.php$" ) { rewrite ^/(.*)$ /vbseo.php break; } if (!-e $request_filename) { rewrite ^/(.*)$ /vbseo.php break; } -------------------------------------------------------- I read the article about IF IS EVIL and thought it would be better to make this code better. Could someone who knows about the rewrites and nginx coding please help me. I will post the results (if it's possible of course) to VBSEO so they can update there rules. Kind Regards Mick Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214761,214761#msg-214761 From ianevans at digitalhit.com Sun Sep 4 23:46:56 2011 From: ianevans at digitalhit.com (Ian Evans) Date: Sun, 04 Sep 2011 19:46:56 -0400 Subject: PositiveSSL certificate keeps giving the untrusted issuer warnings in browser Message-ID: <4E640DF0.1020000@digitalhit.com> Since I'm working on a Facebook app, the self-signed certificate I created for SSL access to my admin area is no longer useful. I grabbed a PositiveSSL cert from Comodo, but after following the instructions here ( http://kbeezie.com/view/free-ssl-with-nginx/2/ ) but still get the untrusted or self-signed warnings. This page (http://www.digicert.com/ssl-certificate-installation-nginx.htm) seems to suggest I have to concatenate several crt files together. This is what Comodo sent me: AddTrustExternalCARoot.crt PositiveSSLCA.crt UTNAddTrustServerCA.crt and www_example_com.crt Do I need to concatenate all of these? Also, just curious why do some example sites I've seen say Ngix needs a pem file and others say a crt? Thanks! From ianevans at digitalhit.com Mon Sep 5 00:04:30 2011 From: ianevans at digitalhit.com (Ian Evans) Date: Sun, 04 Sep 2011 20:04:30 -0400 Subject: PositiveSSL certificate keeps giving the untrusted issuer warnings in browser In-Reply-To: <4E640DF0.1020000@digitalhit.com> References: <4E640DF0.1020000@digitalhit.com> Message-ID: <4E64120E.3090304@digitalhit.com> On 04/09/2011 7:46 PM, Ian Evans wrote: > Since I'm working on a Facebook app, the self-signed certificate I > created for SSL access to my admin area is no longer useful. > > I grabbed a PositiveSSL cert from Comodo, but after following the > instructions here ( http://kbeezie.com/view/free-ssl-with-nginx/2/ ) but > still get the untrusted or self-signed warnings. Upon further testing I see that it's still using the old cert despite issuing a kill -HUP. How do I get nginx to start using the new cert? From quan.nexthop at gmail.com Mon Sep 5 00:35:58 2011 From: quan.nexthop at gmail.com (Geoge.Q) Date: Mon, 5 Sep 2011 08:35:58 +0800 Subject: =?UTF-8?Q?Re=3A_upstream_configuration_is_changed=EF=BC=9FThe_keyword_=28w?= =?UTF-8?Q?eight/max=5Ffail/fail=5Ftimeout=29_is_not_supported=3F?= In-Reply-To: <20110904171748.GU1137@mdounin.ru> References: <20110904171748.GU1137@mdounin.ru> Message-ID: Thanks Max, it works now. George On Mon, Sep 5, 2011 at 1:17 AM, Maxim Dounin wrote: > Hello! > > On Sun, Sep 04, 2011 at 11:51:31PM +0800, Geoge.Q wrote: > > > Hi All? > > > > I met a configuation issue. the configuration is as following:?NGINX is > > V0.7.68) and upstream is enabled when compiled. > > I also test it in V1.0.5, the issue happens again. > > > > > ---------------------------------------------------------------------------------------------------------------------------------------------- > > server { > > listen 80; > > server_name aaa.com; > > server_name 192.168.2.140; > > location / { > > proxy_pass http://haha; > > proxy_redirect off; > > proxy_buffering off; > > proxy_set_header Host $host; > > proxy_set_header X-Real-IP $remote_addr; > > proxy_set_header X-Forwarded-For > > $proxy_add_x_forwarded_for; > > client_max_body_size 1000m; > > client_body_buffer_size 256k; > > proxy_connect_timeout 600; > > proxy_temp_file_write_size 64k; > > } > > } > > upstream haha { > > server 1.1.1.2 max_fails=3 fail_timeout=30s; > > <---------max_fails/fail_timeouts/weight is not support ? > > server 1.1.1.1 weight=10; > > } > > > ---------------------------------------------------------------------------------------------------------------------------------------------- > > > > When I run nginx, the error message print out as following: > > ./nginx > > > > Root# /etc/init.d/nginx restart > > [emerg]: invalid parameter "max_fails=3" in > > /var/log/nginx/conf/nginx.conf:19 > > The problem is that you've tried to define upstream after it was > already implicitly created by proxy_pass directive. Move upstream > definition before it's first use. > > Maxim Dounin > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx -------------- next part -------------- An HTML attachment was scrubbed... URL: From ianevans at digitalhit.com Mon Sep 5 01:06:07 2011 From: ianevans at digitalhit.com (Ian Evans) Date: Sun, 04 Sep 2011 21:06:07 -0400 Subject: PositiveSSL certificate keeps giving the untrusted issuer warnings in browser In-Reply-To: <4E64120E.3090304@digitalhit.com> References: <4E640DF0.1020000@digitalhit.com> <4E64120E.3090304@digitalhit.com> Message-ID: <4E64207F.6040101@digitalhit.com> On 04/09/2011 8:04 PM, Ian Evans wrote: > Upon further testing I see that it's still using the old cert despite > issuing a kill -HUP. Sigh...okay, never mind. Seems I had one typo in the conf change so the kill -HUP was still using the old conf. So it's working okay now. Still curious why some examples use pem and others use crt. Also any best usage additions I should add to the ssl section? From sy.meteor at msn.com Mon Sep 5 02:41:45 2011 From: sy.meteor at msn.com (LiuXin) Date: Mon, 5 Sep 2011 10:41:45 +0800 Subject: php-fpm is very very slow... Message-ID: Hi all, After upgrade from php 5.3.6 to php 5.3.8, now php-fpm is very very slow. Even I tried to roll back to php 5.3.6, it still doen't work. And there are lots of errors in php-fpm.log, [04-Sep-2011 12:28:27] WARNING: [pool www] child 18793, script '/web/www/forum.php' (request: "GET /forum.php") executing too slow (60.073197 sec), logging [04-Sep-2011 12:28:27] WARNING: [pool www] child 18784, script '/web/www/forum.php' (request: "GET /forum.php") executing too slow (60.080807 sec), logging [04-Sep-2011 12:28:27] NOTICE: child 18793 stopped for tracing [04-Sep-2011 12:28:27] NOTICE: about to trace 18793 [04-Sep-2011 12:28:27] ERROR: ptrace(PT_IO) failed: Bad address (14) [04-Sep-2011 12:28:27] NOTICE: finished trace of 18793 [04-Sep-2011 12:28:27] NOTICE: child 18784 stopped for tracing [04-Sep-2011 12:28:27] NOTICE: about to trace 18784 [04-Sep-2011 12:28:27] ERROR: ptrace(PT_IO) failed: Bad address (14) [04-Sep-2011 12:28:27] NOTICE: finished trace of 18784 And in php-fpm.slow [04-Sep-2011 12:27:30] [pool www] pid 18622 script_filename = /web/www/forum.php [0x000000080455aaa8] mysql_query() /web/www/source/class/class_core.php:815 [0x000000080455a958] query() /web/www/source/class/class_core.php:1003 [0x000000080455a858] _execute() /web/www/source/class/class_core.php:977 [0x00000008045591a0] query() /web/www/source/module/forum/forum_viewthread.php:514 [0x0000000804559058] +++ dump failed And one can help me about this issue? My server is running Freebsd 8.1 + nginx + php 5.3.8 -------------- next part -------------- An HTML attachment was scrubbed... URL: From mat999 at gmail.com Mon Sep 5 02:55:53 2011 From: mat999 at gmail.com (SplitIce) Date: Mon, 5 Sep 2011 12:55:53 +1000 Subject: php-fpm is very very slow... In-Reply-To: References: Message-ID: a) not nginx related b) not even php-fpm related its a slow mysql query. 2011/9/5 LiuXin > Hi all, > After upgrade from php 5.3.6 to php 5.3.8, now php-fpm is very very slow. > Even I tried to roll back to php 5.3.6, it still doen't work. > And there are lots of errors in php-fpm.log, > > [04-Sep-2011 12:28:27] WARNING: [pool www] child 18793, script > '/web/www/forum.php' (request: "GET /forum.php") executing too slow > (60.073197 sec), logging > [04-Sep-2011 12:28:27] WARNING: [pool www] child 18784, script > '/web/www/forum.php' (request: "GET /forum.php") executing too slow > (60.080807 sec), logging > [04-Sep-2011 12:28:27] NOTICE: child 18793 stopped for tracing > [04-Sep-2011 12:28:27] NOTICE: about to trace 18793 > [04-Sep-2011 12:28:27] ERROR: ptrace(PT_IO) failed: Bad address (14) > [04-Sep-2011 12:28:27] NOTICE: finished trace of 18793 > [04-Sep-2011 12:28:27] NOTICE: child 18784 stopped for tracing > [04-Sep-2011 12:28:27] NOTICE: about to trace 18784 > [04-Sep-2011 12:28:27] ERROR: ptrace(PT_IO) failed: Bad address (14) > [04-Sep-2011 12:28:27] NOTICE: finished trace of 18784 > > And in php-fpm.slow > > [04-Sep-2011 12:27:30] [pool www] pid 18622 > script_filename = /web/www/forum.php > [0x000000080455aaa8] mysql_query() /web/www/source/class/class_core.php:815 > [0x000000080455a958] query() /web/www/source/class/class_core.php:1003 > [0x000000080455a858] _execute() /web/www/source/class/class_core.php:977 > [0x00000008045591a0] query() > /web/www/source/module/forum/forum_viewthread.php:514 > [0x0000000804559058] +++ dump failed > > And one can help me about this issue? > My server is running Freebsd 8.1 + nginx + php 5.3.8 > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From sy.meteor at msn.com Mon Sep 5 03:52:02 2011 From: sy.meteor at msn.com (LiuXin) Date: Mon, 5 Sep 2011 11:52:02 +0800 Subject: php-fpm is very very slow... In-Reply-To: References:

Message-ID: Hi SplitIce, Do you mean this problem is casued by mysql? Thanks [04-Sep-2011 12:28:27] ERROR: ptrace(PT_IO) failed: Bad address (14) From: SplitIce Sent: Monday, September 05, 2011 10:55 AM To: nginx at nginx.org Subject: Re: php-fpm is very very slow... a) not nginx related b) not even php-fpm related its a slow mysql query. 2011/9/5 LiuXin Hi all, After upgrade from php 5.3.6 to php 5.3.8, now php-fpm is very very slow. Even I tried to roll back to php 5.3.6, it still doen't work. And there are lots of errors in php-fpm.log, [04-Sep-2011 12:28:27] WARNING: [pool www] child 18793, script '/web/www/forum.php' (request: "GET /forum.php") executing too slow (60.073197 sec), logging [04-Sep-2011 12:28:27] WARNING: [pool www] child 18784, script '/web/www/forum.php' (request: "GET /forum.php") executing too slow (60.080807 sec), logging [04-Sep-2011 12:28:27] NOTICE: child 18793 stopped for tracing [04-Sep-2011 12:28:27] NOTICE: about to trace 18793 [04-Sep-2011 12:28:27] ERROR: ptrace(PT_IO) failed: Bad address (14) [04-Sep-2011 12:28:27] NOTICE: finished trace of 18793 [04-Sep-2011 12:28:27] NOTICE: child 18784 stopped for tracing [04-Sep-2011 12:28:27] NOTICE: about to trace 18784 [04-Sep-2011 12:28:27] ERROR: ptrace(PT_IO) failed: Bad address (14) [04-Sep-2011 12:28:27] NOTICE: finished trace of 18784 And in php-fpm.slow [04-Sep-2011 12:27:30] [pool www] pid 18622 script_filename = /web/www/forum.php [0x000000080455aaa8] mysql_query() /web/www/source/class/class_core.php:815 [0x000000080455a958] query() /web/www/source/class/class_core.php:1003 [0x000000080455a858] _execute() /web/www/source/class/class_core.php:977 [0x00000008045591a0] query() /web/www/source/module/forum/forum_viewthread.php:514 [0x0000000804559058] +++ dump failed And one can help me about this issue? My server is running Freebsd 8.1 + nginx + php 5.3.8 _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx -------------------------------------------------------------------------------- _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx -------------- next part -------------- An HTML attachment was scrubbed... URL: From edho at myconan.net Mon Sep 5 03:57:55 2011 From: edho at myconan.net (Edho P Arief) Date: Mon, 5 Sep 2011 10:57:55 +0700 Subject: php-fpm is very very slow... In-Reply-To: References:

Message-ID: On Mon, Sep 5, 2011 at 10:52 AM, LiuXin wrote: > Hi SplitIce, > > Do you mean this problem is casued by mysql? Thanks > [04-Sep-2011 12:27:30] [pool www] pid 18622 script_filename = /web/www/forum.php [0x000000080455aaa8] mysql_query() /web/www/source/class/class_core.php:815 [0x000000080455a958] query() /web/www/source/class/class_core.php:1003 [0x000000080455a858] _execute() /web/www/source/class/class_core.php:977 [0x00000008045591a0] query() /web/www/source/module/forum/forum_viewthread.php:514 From igor at sysoev.ru Mon Sep 5 04:55:16 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Mon, 5 Sep 2011 08:55:16 +0400 Subject: PositiveSSL certificate keeps giving the untrusted issuer warnings in browser In-Reply-To: <4E64207F.6040101@digitalhit.com> References: <4E640DF0.1020000@digitalhit.com> <4E64120E.3090304@digitalhit.com> <4E64207F.6040101@digitalhit.com> Message-ID: <20110905045516.GA25408@nginx.com> On Sun, Sep 04, 2011 at 09:06:07PM -0400, Ian Evans wrote: > On 04/09/2011 8:04 PM, Ian Evans wrote: > > Upon further testing I see that it's still using the old cert despite > > issuing a kill -HUP. > > Sigh...okay, never mind. Seems I had one typo in the conf change so the > kill -HUP was still using the old conf. So it's working okay now. > > Still curious why some examples use pem and others use crt. This is just a file extention. Both use the same PEM formay inside. > Also any best usage additions I should add to the ssl section? Please read this: http://nginx.org/en/docs/http/configuring_https_servers.html -- Igor Sysoev From dewanggaba at gmail.com Mon Sep 5 04:59:35 2011 From: dewanggaba at gmail.com (antituhan) Date: Sun, 4 Sep 2011 21:59:35 -0700 (PDT) Subject: Wordpress Setup (Nginx + Apache) In-Reply-To: <4E5F562F.90407@contactlab.com> References: <1314803185467-6746900.post@n2.nabble.com> <4E5F562F.90407@contactlab.com> Message-ID: <1315198775336-6759814.post@n2.nabble.com> Simone fumagalli wrote: > > On 08/31/2011 05:06 PM, antituhan wrote: >> Hello fellas, I've been setup wordpress blog using NginX as front end >> and Apache as a backend. > > If you are using this setup you might be interested in this plugin > http://wordpress.org/extend/plugins/nginx-manager/ > In this way you can serve directly with Nginx static version of your pages > and offload Apache > > Ciao > > -- > Simone Fumagalli > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > Ok, I'll try it ;) ----- [daemon at antituhan.com ~]# -- View this message in context: http://nginx.2469901.n2.nabble.com/Wordpress-Setup-Nginx-Apache-tp6746900p6759814.html Sent from the nginx mailing list archive at Nabble.com. From nginx-forum at nginx.us Mon Sep 5 05:33:41 2011 From: nginx-forum at nginx.us (magicbear) Date: Mon, 05 Sep 2011 01:33:41 -0400 Subject: php-fpm is very very slow... In-Reply-To: References: Message-ID: You can check iowait, Discuz when have many of data, suggest you using MySQL Cluster to process. MagicBear Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214766,214773#msg-214773 From nginx-forum at nginx.us Mon Sep 5 05:40:22 2011 From: nginx-forum at nginx.us (jeff14) Date: Mon, 05 Sep 2011 01:40:22 -0400 Subject: can i pass $time_local to backend server? Message-ID: <42a94fd4a531ed9786ef1c5ee73f1a87.NginxMailingListEnglish@forum.nginx.org> hi, i want set the variable $time_local in log to the header , and then the backend server can got it like: proxy_set_header MY_TIME $time_local but i got error : unknown "time_local" variable if i can set a variable about time to the header? many thanks! Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214774,214774#msg-214774 From toplek at polok.pl Mon Sep 5 06:28:22 2011 From: toplek at polok.pl (Piotr Polok) Date: Mon, 05 Sep 2011 08:28:22 +0200 Subject: upload file problem (500 Internal Server Error) In-Reply-To: References: <87bd7ee8ed3c1a8bc0f33206b4db4a37@polok.pl> Message-ID: <5fb9f62c9818d7337af57460493714f4@polok.pl> On Thu, 01 Sep 2011 19:17:06 -0400, magicbear wrote: > you can try to add such line to /etc/security/limits.conf > nginx soft nofile 131072 > nginx hard nofile 1048576 > > > and fastcgi_pass to run PHP > you need to set SCRIPT_FILENAME, you may first include fastcgi_params > at > /etc/nginx (if you install nginx with binary), and then add such line > before fastcgi_pass: fastcgi_param SCRIPT_FILENAME > $document_root$fastcgi_script_name; HI, Thanks, this is also not solving the problem. I will start from the beginning in new thread. -- best regards Piotr Polok --------------------------- POLOK WELDING 44-121 Gliwice ul. Sowi?skiego 3 NIP: 631-112-45-46 tel: (32) 725 77 77 fax: (32) 444 64 50 http://www.polok.pl From toplek at polok.pl Mon Sep 5 06:59:58 2011 From: toplek at polok.pl (Piotr Polok) Date: Mon, 05 Sep 2011 08:59:58 +0200 Subject: Nginx upload module (v 2.2.0) :: 502 Bad Gateway Message-ID: <8d3997b08745b16189742395b9544d85@polok.pl> HI, I have compiled newest version of nginx (nginx/1.1.1) with nginx upload module (v 2.2.0), also the example config (nginx.conf) was copied from https://github.com/vkholodkov/nginx-upload-module into nginx direcoty. The html form is also copied from this location. So the installation and configuration is oryginal now without any changes. I'm getting some errors while uploading the file; The html form: '502 Bad Gateway'; The nginx error.log (/usr/local/nginx/logs/error.log): ------ 2011/09/05 08:35:15 [error] 21161#0: *6 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.0.165, server: , request: "POST /upload HTTP/1.1", upstream: "http://127.0.0.1:8080/upload", host: "192.168.0.127", referrer: "http://192.168.0.127/http/upload.html" ------ Maybe it's a problem of my wrong understanding how does it works, I do not understand why in this example config the proxy_pass is going through local 8080 port but the server in this configuration is not listening on such port. Please help. -- best regards Piotr Polok From mdounin at mdounin.ru Mon Sep 5 07:08:13 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 5 Sep 2011 11:08:13 +0400 Subject: upstream keepalive - call for testing In-Reply-To: References: <20110801160725.GH1137@mdounin.ru> <0d5cc130a417bb62098701656fd44e42.NginxMailingListEnglish@forum.nginx.org> <20110904182137.GW1137@mdounin.ru> Message-ID: <20110905070813.GY1137@mdounin.ru> Hello! On Mon, Sep 05, 2011 at 02:31:54AM +0800, MagicBear wrote: > (gdb) fr 0 > #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) > at src/http/ngx_http_upstream.c:915 > 915 ctx->current_request = r; > (gdb) p *ev > $1 = {data = 0x7fc4576aa750, write = 1, accept = 0, instance = 1, active = > 1, > disabled = 0, ready = 1, oneshot = 0, complete = 0, eof = 0, error = 0, > timedout = 1, timer_set = 0, delayed = 0, read_discarded = 0, > unexpected_eof = 0, deferred_accept = 0, pending_eof = 0, posted_ready = > 0, > available = 0, handler = 0x43bf9c , > index = 3503345872, log = 0x21f1770, timer = {key = 0, left = 0x0, > right = 0x0, parent = 0x0, color = 0 '\000', data = 0 '\000'}, > closed = 0, channel = 0, resolver = 0, next = 0x0, prev = 0x0} > (gdb) p *((ngx_connection_t *) ev->data) > $2 = {data = 0x22a2780, read = 0x7fc4575008a8, write = 0x7fc45735f8a8, > fd = 66, recv = 0x41cc50 , send = 0x41cf08 > , > recv_chain = 0x41cd00 , > send_chain = 0x421050 , listening = 0x0, > sent = 0, log = 0x21f1770, pool = 0x237ff70, sockaddr = 0x0, socklen = 0, > addr_text = {len = 0, data = 0x0}, ssl = 0x0, local_sockaddr = 0x0, > buffer = 0x0, queue = {prev = 0x0, next = 0x0}, number = 63713716, > requests = 0, buffered = 0, log_error = 1, single_connection = 0, > unexpected_eof = 0, timedout = 0, error = 0, destroyed = 0, idle = 0, > reusable = 0, close = 0, sendfile = 1, sndlowat = 0, tcp_nodelay = 0, > tcp_nopush = 0} Could you please also show the following (in the same frame, i.e. after "fr 0"): p ngx_cycle->log p *r p *r->connection Maxim Dounin > > > 2011/9/5 Maxim Dounin > > > Hello! > > > > On Sun, Sep 04, 2011 at 01:33:59PM -0400, magicbear wrote: > > > > > Hello , when run for 5 days, today have 2 segment failure. > > > > > > 2011/09/04 12:00:47 [alert] 32147#0: worker process 8496 exited on > > > signal 11 (core dumped) > > > 2011/09/04 12:17:32 [alert] 8497#0: ignore long locked inactive cache > > > entry 57c7c6c612a651727b880a1c9a2c7d2d, count:1 > > > 2011/09/04 12:21:31 [alert] 32147#0: worker process 19185 exited on > > > signal 11 (core dumped) > > > > > > > > > > > > > > > Core was generated by `nginx:'. > > > Program terminated with signal 11, Segmentation fault. > > > #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at > > > src/http/ngx_http_upstream.c:915 > > > 915 ctx->current_request = r; > > > (gdb) bt > > > #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at > > > src/http/ngx_http_upstream.c:915 > > > #1 0x0000000000419e95 in ngx_event_expire_timers () at > > > src/event/ngx_event_timer.c:149 > > > #2 0x0000000000419ac7 in ngx_process_events_and_timers > > > (cycle=0x21f1990) at src/event/ngx_event.c:261 > > > > Hm, this looks identical to one you've reported previously. Do > > you have patch from > > > > http://mailman.nginx.org/pipermail/nginx/2011-August/028809.html > > > > applied? > > > > > #3 0x000000000041f76e in ngx_worker_process_cycle (cycle=0x21f1990, > > > data=) at src/os/unix/ngx_process_cycle.c:800 > > > #4 0x000000000041e16b in ngx_spawn_process (cycle=0x21f1990, > > > proc=0x41f69d , data=0x0, name=0x463f3d > > > "worker process", respawn=7) at src/os/unix/ngx_process.c:196 > > > #5 0x000000000042008d in ngx_reap_children (cycle=0x21f1990) at > > > src/os/unix/ngx_process_cycle.c:617 > > > #6 ngx_master_process_cycle (cycle=0x21f1990) at > > > src/os/unix/ngx_process_cycle.c:180 > > > #7 0x0000000000406061 in main (argc=, argv= > > optimized out>) at src/core/nginx.c:405 > > > > > > > > > (gdb) bt full > > > #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at > > > src/http/ngx_http_upstream.c:915 > > > c = 0x23b4160 > > > r = 0x22a2780 > > > ctx = > > address 0x20)> > > > u = 0x0 > > > > Could you please show results of the following gdb commands: > > > > fr 0 > > p *ev > > p *((ngx_connection_t *) ev->data) > > > > > > Maxim Dounin > > > > _______________________________________________ > > nginx mailing list > > nginx at nginx.org > > http://mailman.nginx.org/mailman/listinfo/nginx > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From agentzh at gmail.com Mon Sep 5 07:09:44 2011 From: agentzh at gmail.com (agentzh) Date: Mon, 5 Sep 2011 15:09:44 +0800 Subject: OpenResty Queries In-Reply-To: References: Message-ID: On Mon, Sep 5, 2011 at 1:38 AM, Nginx User wrote: > Some quick queries about some things missing from available documentation > about OpenResty > 1. Notice current version is bundled with Nginx 1.0.4. Is it possible for an > end user to upgrade Nginx? I.E. can I download OpenResty and slip in Nginx > 1.0.6? The current stable version of OpenResty is 1.0.5.1, which bundles the 1.0.5 Nginx core. The current devel release of OpenResty is 1.0.6.0rc2, which bundles the 1.0.6 core. Check out http://openresty.org/#Download Manually replacing the nginx core is possible, just replace the directory of OpenResty's bundle/nginx-1.0.5/ with your own, say, nginx-1.1.1/. OpenResty's configure script should be smart enough to pick up the new version of the Nginx core. But be careful with self replacing the Nginx core in OpenResty because forward compatibility is not guaranteed. A new untested Nginx core can break things, and that's all the point of bundling the Nginx core in the OpenResty bundle to ensure that it works well with *all* of the bundled components. > 2. The bundled modules are awesome but what is the process wants an > extra?third?party module? All of the nginx's configure options are inherited by OpenResty's configure script, so you can still add extra 3rd-party modules like this: ./configure --add-module=/path/to/your/other/module Regards, -agentzh From ggarron at alketech.com Mon Sep 5 08:04:48 2011 From: ggarron at alketech.com (Guillermo Garron) Date: Mon, 5 Sep 2011 04:04:48 -0400 Subject: Nginx upload module (v 2.2.0) :: 502 Bad Gateway Message-ID: Bad gateway is a proxy problem I have not used upload module. But try having something listen to that port, or modify the proxy directive to point to the right port. Guillermo ------Original Message------ From: Piotr Polok To: Nginx ReplyTo: nginx at nginx.org Subject: Nginx upload module (v 2.2.0) :: 502 Bad Gateway Sent: Sep 5, 2011 2:59 AM HI, I have compiled newest version of nginx (nginx/1.1.1) with nginx upload module (v 2.2.0), also the example config (nginx.conf) was copied from https://github.com/vkholodkov/nginx-upload-module into nginx direcoty. The html form is also copied from this location. So the installation and configuration is oryginal now without any changes. I'm getting some errors while uploading the file; The html form: '502 Bad Gateway'; The nginx error.log (/usr/local/nginx/logs/error.log): ------ 2011/09/05 08:35:15 [error] 21161#0: *6 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.0.165, server: , request: "POST /upload HTTP/1.1", upstream: "http://127.0.0.1:8080/upload", host: "192.168.0.127", referrer: "http://192.168.0.127/http/upload.html" ------ Maybe it's a problem of my wrong understanding how does it works, I do not understand why in this example config the proxy_pass is going through local 8080 port but the server in this configuration is not listening on such port. Please help. -- best regards Piotr Polok _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx From toplek at polok.pl Mon Sep 5 08:16:14 2011 From: toplek at polok.pl (Piotr Polok) Date: Mon, 05 Sep 2011 10:16:14 +0200 Subject: Nginx upload module (v 2.2.0) :: 502 Bad Gateway In-Reply-To: References: Message-ID: <881e6fdbefb126e2e272aeff53a4f205@polok.pl> On Mon, 5 Sep 2011 04:04:48 -0400, Guillermo Garron wrote: > Bad gateway is a proxy problem > I have not used upload module. But try having something listen to > that > port, or modify the proxy directive to point to the right port. HI, I do not use proxy. -- pozdrawiam Piotr Polok --------------------------- POLOK WELDING 44-121 Gliwice ul. Sowi?skiego 3 NIP: 631-112-45-46 tel: (32) 725 77 77 fax: (32) 444 64 50 http://www.polok.pl From ggarron at alketech.com Mon Sep 5 08:38:20 2011 From: ggarron at alketech.com (Guillermo Garron) Date: Mon, 5 Sep 2011 04:38:20 -0400 Subject: Nginx upload module (v 2.2.0) :: 502 Bad Gateway Message-ID: Your problem is that in your conf file /test location is going to some no existent back end Either deal with it inside nginx or have some back end listening to 8080. That is the directive causing the problem Guillermo Ps sorry for top posting (bb issue) ------Original Message------ From: Piotr Polok To: Nginx ReplyTo: nginx at nginx.org Subject: Nginx upload module (v 2.2.0) :: 502 Bad Gateway Sent: Sep 5, 2011 2:59 AM HI, I have compiled newest version of nginx (nginx/1.1.1) with nginx upload module (v 2.2.0), also the example config (nginx.conf) was copied from https://github.com/vkholodkov/nginx-upload-module into nginx direcoty. The html form is also copied from this location. So the installation and configuration is oryginal now without any changes. I'm getting some errors while uploading the file; The html form: '502 Bad Gateway'; The nginx error.log (/usr/local/nginx/logs/error.log): ------ 2011/09/05 08:35:15 [error] 21161#0: *6 connect() failed (111: Connection refused) while connecting to upstream, client: 192.168.0.165, server: , request: "POST /upload HTTP/1.1", upstream: "http://127.0.0.1:8080/upload", host: "192.168.0.127", referrer: "http://192.168.0.127/http/upload.html" ------ Maybe it's a problem of my wrong understanding how does it works, I do not understand why in this example config the proxy_pass is going through local 8080 port but the server in this configuration is not listening on such port. Please help. -- best regards Piotr Polok _______________________________________________ nginx mailing list nginx at nginx.org http://mailman.nginx.org/mailman/listinfo/nginx From toplek at polok.pl Mon Sep 5 08:54:12 2011 From: toplek at polok.pl (Piotr Polok) Date: Mon, 05 Sep 2011 10:54:12 +0200 Subject: Nginx upload module (v 2.2.0) :: 502 Bad Gateway In-Reply-To: References: Message-ID: <36cedc1c4584f3d39d3b4899232b7e9b@polok.pl> > Your problem is that in your conf file /test location is going to > some no > existent back end > > Either deal with it inside nginx or have some back end listening to > 8080. > > That is the directive causing the problem xserver:/usr/local/nginx/conf# tshark -i lo port 8080 Running as user "root" and group "root". This could be dangerous. Capturing on lo 0.000000 127.0.0.1 -> 127.0.0.1 TCP 50768 > http-alt [SYN] Seq=0 Win=32792 Len=0 MSS=16396 TSV=340033941 TSER=0 WS=7 0.000039 127.0.0.1 -> 127.0.0.1 TCP http-alt > 50768 [RST, ACK] Seq=1 Ack=1 Win=0 Len=0 There is no any service on this port. I'm not getting the idea what should happend on 'location @test'. Maybe in this place the file should be saved in the specyfic location? If yes, how this should be configured? -- best regards Piotr Polok From varia at e-healthexpert.org Mon Sep 5 09:11:17 2011 From: varia at e-healthexpert.org (Mark Alan) Date: Mon, 5 Sep 2011 10:11:17 +0100 Subject: Nginx upload module (v 2.2.0) :: 502 Bad Gateway In-Reply-To: <8d3997b08745b16189742395b9544d85@polok.pl> References: <8d3997b08745b16189742395b9544d85@polok.pl> Message-ID: <20110905101117.05d2416a@e-healthexpert.org> On Mon, 05 Sep 2011 08:59:58 +0200, Piotr Polok wrote: > I'm getting some errors while uploading the file; > The html form: '502 Bad Gateway'; > The nginx error.log (/usr/local/nginx/logs/error.log): > ------ > 2011/09/05 08:35:15 [error] 21161#0: *6 connect() failed (111: > Connection refused) while connecting to upstream, client: > 192.168.0.165, server: , request: "POST /upload HTTP/1.1", upstream: > "http://127.0.0.1:8080/upload", host: "192.168.0.127", referrer: > "http://192.168.0.127/http/upload.html" > ------ Your setup includes: client_max_body_size 100m; Do you also your php.ini configured to accommodate 100m files? Check: memory_limit (should be something able to cope with 100M files) post_max_size (should be >= 110M) file_uploads (should be On) upload_max_filesize (should be >= 100M) Regards, M. From toplek at polok.pl Mon Sep 5 09:33:26 2011 From: toplek at polok.pl (Piotr Polok) Date: Mon, 05 Sep 2011 11:33:26 +0200 Subject: Nginx upload module (v 2.2.0) :: 502 Bad Gateway In-Reply-To: <20110905101117.05d2416a@e-healthexpert.org> References: <8d3997b08745b16189742395b9544d85@polok.pl> <20110905101117.05d2416a@e-healthexpert.org> Message-ID: <95e66db4b6c311ca3b0987a55e9c2b30@polok.pl> > Your setup includes: > client_max_body_size 100m; > > Do you also your php.ini configured to accommodate 100m files? > Check: > memory_limit (should be something able to cope with 100M files) > post_max_size (should be >= 110M) > file_uploads (should be On) > upload_max_filesize (should be >= 100M) Thank you all for help! I found the solution on this thread: http://www.ruby-forum.com/topic/1432037 The problem was that I did not wrote the form handler script. This is my working configuration of nginx: /usr/local/nginx/conf/nginx.conf: ---- worker_processes 20; error_log logs/error.log notice; working_directory /usr/local/nginx/html; events { worker_connections 1024; } http { include mime.types; default_type application/octet-stream; server { listen 80; client_max_body_size 100m; # Upload form should be submitted to this location location /upload { # Pass altered request body to this location upload_pass /my-form-handler; # Store files to this directory # The directory is hashed, subdirectories 0 1 2 3 4 5 6 7 8 9 should exist upload_store /tmp 1; # Allow uploaded files to be read only by user upload_store_access user:r; # Set specified fields in request body upload_set_form_field "${upload_field_name}_name" $upload_file_name; upload_set_form_field "${upload_field_name}_content_type" $upload_content_type; upload_set_form_field "${upload_field_name}_path" $upload_tmp_path; # Inform backend about hash and size of a file upload_aggregate_form_field "${upload_field_name}_md5" $upload_file_md5; upload_aggregate_form_field "${upload_field_name}_size" $upload_file_size; upload_pass_form_field "^submit$|^description$"; } include fastcgi.conf; location = /my-form-handler { fastcgi_pass 127.0.0.1:9000; } } } ---- /usr/local/nginx/html/my-form-handler ---- ---- -- best regards Piotr Polok From nginx-forum at nginx.us Mon Sep 5 10:58:56 2011 From: nginx-forum at nginx.us (locojohn) Date: Mon, 05 Sep 2011 06:58:56 -0400 Subject: URL decode rewrite handling: + vs. %20 In-Reply-To: <5e2ad7736ec3f420b7f1992a428e6969.NginxMailingListEnglish@forum.nginx.org> References: <5e2ad7736ec3f420b7f1992a428e6969.NginxMailingListEnglish@forum.nginx.org> Message-ID: You can also use PCRE capturing inside virtual host configuration, to capture both SCRIPT_FILENAME and PATH_INFO without URL encoding: location ~ ^(?.+\.php)$ { include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$SCRIPT_FILENAME; fastcgi_pass ...; } location ~ ^(?.+\.php)(?.+)$ { include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$SCRIPT_FILENAME; fastcgi_param PATH_INFO $PATH_INFO; fastcgi_param PATH_TRANSLATED $document_root$PATH_INFO; fastcgi_pass phpfarm; } Posted at Nginx Forum: http://forum.nginx.org/read.php?2,214668,214792#msg-214792 From igor at sysoev.ru Mon Sep 5 13:19:50 2011 From: igor at sysoev.ru (Igor Sysoev) Date: Mon, 5 Sep 2011 17:19:50 +0400 Subject: nginx-1.1.2 Message-ID: <20110905131950.GG34606@nginx.com> Changes with nginx 1.1.2 05 Sep 2011 *) Change: now if total size of all ranges is greater than source response size, then nginx disables ranges and returns just the source response. *) Feature: the "max_ranges" directive. *) Bugfix: the "ssl_verify_client", "ssl_verify_depth", and "ssl_prefer_server_ciphers" directives might work incorrectly if SNI was used. *) Bugfix: in the "proxy/fastcgi/scgi/uwsgi_ignore_client_abort" directives. -- Igor Sysoev From wendal1985 at gmail.com Mon Sep 5 13:32:46 2011 From: wendal1985 at gmail.com (Wendal Chen) Date: Mon, 5 Sep 2011 21:32:46 +0800 Subject: nginx-1.1.2 In-Reply-To: <20110905131950.GG34606@nginx.com> References: <20110905131950.GG34606@nginx.com> Message-ID: Great!! 2011/9/5 Igor Sysoev > Changes with nginx 1.1.2 05 Sep > 2011 > > *) Change: now if total size of all ranges is greater than source > response size, then nginx disables ranges and returns just the source > response. > > *) Feature: the "max_ranges" directive. > > *) Bugfix: the "ssl_verify_client", "ssl_verify_depth", and > "ssl_prefer_server_ciphers" directives might work incorrectly if SNI > was used. > > *) Bugfix: in the "proxy/fastcgi/scgi/uwsgi_ignore_client_abort" > directives. > > > -- > Igor Sysoev > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -- Wendal Chen -------------- next part -------------- An HTML attachment was scrubbed... URL: From mdounin at mdounin.ru Mon Sep 5 15:16:18 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 5 Sep 2011 19:16:18 +0400 Subject: openssl-1.0.0d & proxy_buffering In-Reply-To: <4E64DDF0.4040202@bestmx.ru> References: <4E64B9AA.9050302@bestmx.ru> <20110905121224.GA34606@nginx.com> <4E64BFEE.6030502@bestmx.ru> <20110905122936.GC34606@nginx.com> <4E64C36B.6080701@bestmx.ru> <20110905140432.GC1137@mdounin.ru> <4E64DDF0.4040202@bestmx.ru> Message-ID: <20110905151618.GE1137@mdounin.ru> Hello! On Mon, Sep 05, 2011 at 06:34:24PM +0400, Andrey N. Oktyabrski wrote: > On 05.09.11 18:04, Maxim Dounin wrote: > >>>????? ?? ? > >>?? ?????????? ??????? dragonfly x86_64 (???? ???? ?????? ??? > >>?????????????), ?? ????????????? - centos-5.2 i386 ?? vps. > > > >? ?????: > > > >1. ????? ./configure ?????????. > >2. Debug log. > ??????? ? ????? ??? ??? ????? ? ?????? ??????. ???? ?? debug log'?, ?????? ?? ????????? ?????????? ????? ???????? ??????. ? ?????????? nginx ????????? ?????????? ?? ????????, ? ??? ?? ???????????? ??????? ?????? (if any) - ????????????. ????????? ??? ???? ?????? - ????????? ????? ?????????? ?????? ?? [1], ??? ?????? ?????????? Content-Length. ??? ??? ?????????? ???????? ??? SSL ?/??? ?? ?????? ??????? - ??? ???? ???????, ?????? ??? ?????? ????? ???? ?? ???????. [1] http://mailman.nginx.org/pipermail/nginx-devel/2011-September/001129.html Maxim Dounin From mdounin at mdounin.ru Mon Sep 5 15:18:06 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 5 Sep 2011 19:18:06 +0400 Subject: openssl-1.0.0d & proxy_buffering In-Reply-To: <20110905151618.GE1137@mdounin.ru> References: <4E64B9AA.9050302@bestmx.ru> <20110905121224.GA34606@nginx.com> <4E64BFEE.6030502@bestmx.ru> <20110905122936.GC34606@nginx.com> <4E64C36B.6080701@bestmx.ru> <20110905140432.GC1137@mdounin.ru> <4E64DDF0.4040202@bestmx.ru> <20110905151618.GE1137@mdounin.ru> Message-ID: <20110905151806.GF1137@mdounin.ru> Hello! On Mon, Sep 05, 2011 at 07:16:18PM +0400, Maxim Dounin wrote: > Hello! > > On Mon, Sep 05, 2011 at 06:34:24PM +0400, Andrey N. Oktyabrski wrote: > > > On 05.09.11 18:04, Maxim Dounin wrote: > > >>>????? ?? ? > > >>?? ?????????? ??????? dragonfly x86_64 (???? ???? ?????? ??? > > >>?????????????), ?? ????????????? - centos-5.2 i386 ?? vps. > > > > > >? ?????: > > > > > >1. ????? ./configure ?????????. > > >2. Debug log. > > ??????? ? ????? ??? ??? ????? ? ?????? ??????. > > ???? ?? debug log'?, ?????? ?? ????????? ?????????? ????? ???????? > ??????. ? ?????????? nginx ????????? ?????????? ?? ????????, ? > ??? ?? ???????????? ??????? ?????? (if any) - ????????????. > > ????????? ??? ???? ?????? - ????????? ????? ?????????? ?????? ?? > [1], ??? ?????? ?????????? Content-Length. ??? ??? ?????????? > ???????? ??? SSL ?/??? ?? ?????? ??????? - ??? ???? ???????, > ?????? ??? ?????? ????? ???? ?? ???????. > > [1] http://mailman.nginx.org/pipermail/nginx-devel/2011-September/001129.html Ooops, sorry, this was for nginx-ru at . Maxim Dounin From orz at loli.my Mon Sep 5 15:42:31 2011 From: orz at loli.my (=?UTF-8?B?44OT44Oq44OT44Oq4oWk?=) Date: Mon, 5 Sep 2011 23:42:31 +0800 Subject: upstream keepalive - call for testing In-Reply-To: <20110905070813.GY1137@mdounin.ru> References: <20110801160725.GH1137@mdounin.ru> <0d5cc130a417bb62098701656fd44e42.NginxMailingListEnglish@forum.nginx.org> <20110904182137.GW1137@mdounin.ru> <20110905070813.GY1137@mdounin.ru> Message-ID: (gdb) fr 0 #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at src/http/ngx_http_upstream.c:915 915 ctx->current_request = r; (gdb) p ngx_cycle->log $1 = (ngx_log_t *) 0x21f19a8 (gdb) p *r $2 = {signature = 51686928, connection = 0x23b4160, ctx = 0x0, main_conf = 0x0, srv_conf = 0x23e6dc8, loc_conf = 0x2216d58, read_event_handler = 0x42d5dd , write_event_handler = 0x42d2a6 , cache = 0x0, upstream = 0x0, upstream_states = 0x0, pool = 0x23e92d0, header_in = 0x2309ea0, headers_in = {headers = {last = 0x22a27f0, part = { elts = 0x23e9ae8, nelts = 5, next = 0x0}, size = 48, nalloc = 20, pool = 0x23e92d0}, host = 0x23e9b78, connection = 0x0, if_modified_since = 0x0, if_unmodified_since = 0x0, user_agent = 0x23e9b48, referer = 0x0, content_length = 0x0, content_type = 0x0, range = 0x0, if_range = 0x0, transfer_encoding = 0x0, expect = 0x0, accept_encoding = 0x0, via = 0x0, authorization = 0x0, keep_alive = 0x0, x_forwarded_for = 0x0, user = {len = 0, data = 0x0}, passwd = {len = 0, data = 0x0}, cookies = {elts = 0x23e9ea8, nelts = 0, size = 8, nalloc = 2, pool = 0x23e92d0}, server = {len = 14, data = 0x23e9edb "static.loli.myconnectioner-ag\360\324,\002"}, content_length_n = -1, keep_alive_n = -1, connection_type = 1, msie = 1, msie6 = 1, opera = 0, gecko = 0, chrome = 0, safari = 0, konqueror = 0}, headers_out = {headers = {last = 0x22a2920, part = {elts = 0x23e9320, nelts = 4, next = 0x0}, size = 48, nalloc = 20, pool = 0x23e92d0}, status = 200, status_line = {len = 0, data = 0x0}, server = 0x0, date = 0x0, content_length = 0x0, content_encoding = 0x0, location = 0x0, refresh = 0x0, last_modified = 0x0, content_range = 0x0, ---Type to continue, or q to quit--- accept_ranges = 0x23e93b0, www_authenticate = 0x0, expires = 0x23e9320, etag = 0x0, override_charset = 0x0, content_type_len = 24, content_type = { len = 24, data = 0x23e5bf0 "application/x-javascript"}, charset = { len = 0, data = 0x0}, content_type_lowcase = 0x23ea1e8 "application/x-javascripts\016>\002", content_type_hash = 15285649345721276481, cache_control = { elts = 0x23ea188, nelts = 1, size = 8, nalloc = 1, pool = 0x23e92d0}, content_length_n = 19773, date_time = 0, last_modified_time = 1313998502}, request_body = 0x0, lingering_time = 1315110106, start_sec = 1315110076, start_msec = 683, method = 2, http_version = 1001, request_line = {len = 0, data = 0x314ae20 "\360\f>\002"}, uri = {len = 15, data = 0x314ae24 ""}, args = {len = 0, data = 0x0}, exten = {len = 2, data = 0x314ae31 ""}, unparsed_uri = {len = 15, data = 0x314ae24 ""}, method_name = {len = 3, data = 0x314ae20 "\360\f>\002"}, http_protocol = {len = 8, data = 0x314ae34 ""}, out = 0x0, main = 0x22a2780, parent = 0x0, postponed = 0x0, post_subrequest = 0x0, posted_requests = 0x0, virtual_names = 0x2465c20, phase_handler = 11, content_handler = 0, access_code = 0, variables = 0x23e9808, ncaptures = 4, captures = 0x23e9ff0, captures_data = 0x314ae24 "", limit_rate = 0, header_size = 339, request_length = 183, err_status = 0, http_connection = 0x23b4228, log_handler = 0x42da14 , cleanup = 0x0, subrequests = 51, count = 0, blocked = 0, aio = 0, http_state = 2, complex_uri = 0, quoted_uri = 0, plus_in_uri = 0, space_in_uri = 0, ---Type to continue, or q to quit--- invalid_header = 0, add_uri_to_alias = 0, valid_location = 1, valid_unparsed_uri = 1, uri_changed = 0, uri_changes = 11, request_body_in_single_buf = 0, request_body_in_file_only = 0, request_body_in_persistent_file = 0, request_body_in_clean_file = 0, request_body_file_group_access = 0, request_body_file_log_level = 5, subrequest_in_memory = 0, waited = 0, cached = 0, gzip_tested = 1, gzip_ok = 0, gzip_vary = 1, proxy = 0, bypass_cache = 0, no_cache = 0, limit_zone_set = 0, limit_req_set = 0, pipeline = 0, plain_http = 0, chunked = 0, header_only = 0, keepalive = 0, lingering_close = 0, discard_body = 0, internal = 0, error_page = 0, ignore_content_encoding = 0, filter_finalize = 0, post_action = 0, request_complete = 1, request_output = 1, header_sent = 1, expect_tested = 0, root_tested = 1, done = 1, logged = 0, buffered = 0, main_filter_need_in_memory = 0, filter_need_in_memory = 0, filter_need_temporary = 0, allow_ranges = 1, stat_reading = 0, stat_writing = 1, state = 0, header_hash = 2715320498552542, lowcase_index = 10, lowcase_header = "connectionguage", '\000' , header_name_start = 0x314aed5 "\r\nible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; MALN; InfoPath.1; Media Center PC 6.0; Tablet PC 2.0; .NET4.0C; .NET4.0E)", header_name_end = 0x314aecc "", header_start = 0x314aece "close", header_end = 0x314aed5 "\r\nible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.0; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; MALN; Info---Type to continue, or q to quit--- Path.1; Media Center PC 6.0; Tablet PC 2.0; .NET4.0C; .NET4.0E)", uri_start = 0x314ae24 "", uri_end = 0x314ae33 "", uri_ext = 0x314ae31 "", args_start = 0x0, request_start = 0x314ae20 "\360\f>\002", request_end = 0x314ae3c "", method_end = 0x314ae22 ">\002", schema_start = 0x0, schema_end = 0x0, host_start = 0x0, host_end = 0x0, port_start = 0x0, port_end = 0x0, http_minor = 1264, http_major = 0} (gdb) p *r->connection $3 = {data = 0x30, read = 0x111, write = 0x22a2770, fd = 36740720, recv = 0x2309e80, send = 0, recv_chain = 0xb0, send_chain = 0x23b4170, listening = 0x0, sent = 36740848, log = 0x0, pool = 0x23b41d0, sockaddr = 0xf088e714b9a0002, socklen = 0, addr_text = {len = 4, data = 0x21f1c18 "S"}, ssl = 0x3cc35a0, local_sockaddr = 0x42d957, buffer = 0x23b4210, queue = {prev = 0x465bfc, next = 0x2e3234312e333131}, number = 3256446919138946616, requests = 140481256921360, buffered = 0, log_error = 0, single_connection = 0, unexpected_eof = 0, timedout = 0, error = 0, destroyed = 0, idle = 0, reusable = 0, close = 0, sendfile = 0, sndlowat = 0, tcp_nodelay = 0, tcp_nopush = 0} 2011/9/5 Maxim Dounin > Hello! > > On Mon, Sep 05, 2011 at 02:31:54AM +0800, MagicBear wrote: > > > (gdb) fr 0 > > #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) > > at src/http/ngx_http_upstream.c:915 > > 915 ctx->current_request = r; > > (gdb) p *ev > > $1 = {data = 0x7fc4576aa750, write = 1, accept = 0, instance = 1, active > = > > 1, > > disabled = 0, ready = 1, oneshot = 0, complete = 0, eof = 0, error = 0, > > timedout = 1, timer_set = 0, delayed = 0, read_discarded = 0, > > unexpected_eof = 0, deferred_accept = 0, pending_eof = 0, posted_ready > = > > 0, > > available = 0, handler = 0x43bf9c , > > index = 3503345872, log = 0x21f1770, timer = {key = 0, left = 0x0, > > right = 0x0, parent = 0x0, color = 0 '\000', data = 0 '\000'}, > > closed = 0, channel = 0, resolver = 0, next = 0x0, prev = 0x0} > > (gdb) p *((ngx_connection_t *) ev->data) > > $2 = {data = 0x22a2780, read = 0x7fc4575008a8, write = 0x7fc45735f8a8, > > fd = 66, recv = 0x41cc50 , send = 0x41cf08 > > , > > recv_chain = 0x41cd00 , > > send_chain = 0x421050 , listening = 0x0, > > sent = 0, log = 0x21f1770, pool = 0x237ff70, sockaddr = 0x0, socklen = > 0, > > addr_text = {len = 0, data = 0x0}, ssl = 0x0, local_sockaddr = 0x0, > > buffer = 0x0, queue = {prev = 0x0, next = 0x0}, number = 63713716, > > requests = 0, buffered = 0, log_error = 1, single_connection = 0, > > unexpected_eof = 0, timedout = 0, error = 0, destroyed = 0, idle = 0, > > reusable = 0, close = 0, sendfile = 1, sndlowat = 0, tcp_nodelay = 0, > > tcp_nopush = 0} > > Could you please also show the following (in the same frame, i.e. > after "fr 0"): > > p ngx_cycle->log > p *r > p *r->connection > > Maxim Dounin > > > > > > > 2011/9/5 Maxim Dounin > > > > > Hello! > > > > > > On Sun, Sep 04, 2011 at 01:33:59PM -0400, magicbear wrote: > > > > > > > Hello , when run for 5 days, today have 2 segment failure. > > > > > > > > 2011/09/04 12:00:47 [alert] 32147#0: worker process 8496 exited on > > > > signal 11 (core dumped) > > > > 2011/09/04 12:17:32 [alert] 8497#0: ignore long locked inactive cache > > > > entry 57c7c6c612a651727b880a1c9a2c7d2d, count:1 > > > > 2011/09/04 12:21:31 [alert] 32147#0: worker process 19185 exited on > > > > signal 11 (core dumped) > > > > > > > > > > > > > > > > > > > > Core was generated by `nginx:'. > > > > Program terminated with signal 11, Segmentation fault. > > > > #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at > > > > src/http/ngx_http_upstream.c:915 > > > > 915 ctx->current_request = r; > > > > (gdb) bt > > > > #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at > > > > src/http/ngx_http_upstream.c:915 > > > > #1 0x0000000000419e95 in ngx_event_expire_timers () at > > > > src/event/ngx_event_timer.c:149 > > > > #2 0x0000000000419ac7 in ngx_process_events_and_timers > > > > (cycle=0x21f1990) at src/event/ngx_event.c:261 > > > > > > Hm, this looks identical to one you've reported previously. Do > > > you have patch from > > > > > > http://mailman.nginx.org/pipermail/nginx/2011-August/028809.html > > > > > > applied? > > > > > > > #3 0x000000000041f76e in ngx_worker_process_cycle (cycle=0x21f1990, > > > > data=) at src/os/unix/ngx_process_cycle.c:800 > > > > #4 0x000000000041e16b in ngx_spawn_process (cycle=0x21f1990, > > > > proc=0x41f69d , data=0x0, name=0x463f3d > > > > "worker process", respawn=7) at src/os/unix/ngx_process.c:196 > > > > #5 0x000000000042008d in ngx_reap_children (cycle=0x21f1990) at > > > > src/os/unix/ngx_process_cycle.c:617 > > > > #6 ngx_master_process_cycle (cycle=0x21f1990) at > > > > src/os/unix/ngx_process_cycle.c:180 > > > > #7 0x0000000000406061 in main (argc=, > argv= > > > optimized out>) at src/core/nginx.c:405 > > > > > > > > > > > > (gdb) bt full > > > > #0 ngx_http_upstream_handler (ev=0x7fc45735f8a8) at > > > > src/http/ngx_http_upstream.c:915 > > > > c = 0x23b4160 > > > > r = 0x22a2780 > > > > ctx = > > > address 0x20)> > > > > u = 0x0 > > > > > > Could you please show results of the following gdb commands: > > > > > > fr 0 > > > p *ev > > > p *((ngx_connection_t *) ev->data) > > > > > > > > > Maxim Dounin > > > > > > _______________________________________________ > > > nginx mailing list > > > nginx at nginx.org > > > http://mailman.nginx.org/mailman/listinfo/nginx > > > > > > _______________________________________________ > > nginx mailing list > > nginx at nginx.org > > http://mailman.nginx.org/mailman/listinfo/nginx > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From drdr.xp at gmail.com Mon Sep 5 16:16:19 2011 From: drdr.xp at gmail.com (dr-dr xp) Date: Tue, 6 Sep 2011 00:16:19 +0800 Subject: nginx 1.0.2 AIO problem with open_file_cache In-Reply-To: <20110904163413.GR1137@mdounin.ru> References: <20110903100335.GO1137@mdounin.ru> <20110904163413.GR1137@mdounin.ru> Message-ID: Thank you very much Dounin. With the patch it works fine now. On Mon, Sep 5, 2011 at 12:34 AM, Maxim Dounin wrote: > Hello! > > On Sat, Sep 03, 2011 at 11:06:24PM +0800, dr-dr xp wrote: > > > The attachment is the error.log with only the failed request. And stat > > output of this file: > > > > stat > > > //data2/0d97e01d7fbc48e498897492f0863929/g260674/257/26fd3732cd9f92f2413d10206cd8b0c9-5157235 > > File: > > > `//data2/0d97e01d7fbc48e498897492f0863929/g260674/257/26fd3732cd9f92f2413d10206cd8b0c9-5157235' > > Size: 51163499 Blocks: 100048 IO Block: 4096 regular file > > Device: 821h/2081d Inode: 464404482 Links: 1 > > Access: (0664/-rw-rw-r--) Uid: ( 1003/ www) Gid: ( 1003/ > www) > > Access: 2011-09-03 22:31:22.000000000 +0800 > > Modify: 2011-07-30 01:45:56.000000000 +0800 > > Change: 2011-07-30 01:45:56.000000000 +0800 > > > > > > Such error occurs randomly on random file. The only relavent thing seems > > like to be open_file_cache directive. > > File sizes are almost 5M to 20M. > > Files had not been changed. I checked the modify time of the files > involved > > in these errors. At first I had thought it was caused by a file change > too. > > But not. > > > > In my cluster there are also some other similar nodes running with the > same > > open_file_cache parameters but without aio enabled(sendfile is used). > They > > have no such issue. > > Please try the attached patch. > > Maxim Dounin > > > > > > > > > > > On Sat, Sep 3, 2011 at 6:03 PM, Maxim Dounin wrote: > > > > > Hello! > > > > > > On Sat, Sep 03, 2011 at 05:46:39PM +0800, dr-dr xp wrote: > > > > > > > Hello everybody. I recently have had some problem with AIO support > and > > > need > > > > some help or advice on it. > > > > > > > > With AIO on, everything was OK. But when I enabled open_file_cache, > nginx > > > > frequently closed client connection directly without sending back any > > > data. > > > > > > > > > > > > My platform is linux 2.6.30. CentOS 5.4; > > > > > > > > The nginx server that has this issue serves static file at backend. > > > Another > > > > nginx serves as proxy in front of it. > > > > Backend nginx config is like this: > > > > ... > > > > aio on; > > > > > > > > > > > > directio 512; > > > > > > > > > > > > output_buffers 1 128k; > > > > ... > > > > location /files { > > > > > > > > > > > > > > > > internal; > > > > > > > > > > > > alias /; > > > > open_file_cache max=50000 inactive=20s; > > > > > > > > > > > > open_file_cache_valid 30s; > > > > > > > > > > > > open_file_cache_min_uses 1; > > > > > > > > > > > > open_file_cache_errors on; > > > > > > > > > > > > With this config, on the frontend proxy server there are error logs > like > > > > this: > > > > > > > > 2011/09/03 17:01:19 [error] 12498#0: *78679759 *upstream prematurely > > > closed > > > > connection while reading response header from upstream*, client: > > > > 221.193.212.77, server: , request: "GET .......... HTTP/1.1", > upstream: > > > > "http:// > > > > **/file/871586e763bf4417bf8d475858deee2b/260110/0b47fc7f4d84e4bcb01a6d6d1fcacc94-3581749", > > > > host..... > > > > > > > > > > > > And I saw in tcpdump output the connection was closed very quickly by > > > > backend nginx: > > > > > > > > 22:02:22.892327 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: S > > > > 1788188296:1788188296(0) win 5840 666482608 > > > > 0,nop,wscale 7> > > > > 22:02:22.895683 IP 172.16.228.63.irdmi > 172.16.113.32.58271: S > > > > 350810413:350810413(0) ack 1788188297 win 5792 1460,sackOK,timestamp > > > > 1948226601 66< > > > > 22:02:22.895695 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: . ack 1 > win > > > 46 > > > > > > > > 22:02:22.895703 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: P > > > 1:181(180) > > > > ack 1 win 46 > > > > 22:02:22.897680 IP 172.16.228.63.irdmi > 172.16.113.32.58271: . ack > 181 > > > win > > > > 54 > > > > 22:02:22.898348 IP 172.16.228.63.irdmi > 172.16.113.32.58271: F > 1:1(0) > > > ack > > > > 181 win 54 > > > > 22:02:22.898473 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: F > > > 181:181(0) > > > > ack 2 win 46 > > > > 22:02:22.899804 IP 172.16.228.63.irdmi > 172.16.113.32.58271: . ack > 182 > > > win > > > > 54 > > > > > > > > > > > > On the backend nginx, strace shows that io_getevents got an error > *"-22" > > > > EINVAL*. > > > > > > > > [pid 5275] recvfrom(48, 0x7fffe4400ae7, 1, 2, 0, 0) = -1 EAGAIN > > > (Resource > > > > temporarily unavailable) > > > > [pid 5275] epoll_wait(6, {{EPOLLIN|EPOLLOUT, {u32=2445415233, > > > > u64=139850875540289}}}, 512, 5672) = 1 > > > > [pid 5275] recvfrom(201, "\1\6\0\1\0\337\1\0Status: 301 Moved > > > Perman"..., > > > > 4096, 0, NULL, NULL) = 256 > > > > [pid 5275] close(201) = 0 > > > > [pid 5275] > > > > > > > > stat("//data1/871586e763bf4417bf8d475858deee2b/g268315/252/995f20f76d0d3871fdb5d71bbc92956c-27769564", > > > > {st_mode=S_IFREG|0600, st_size=122507, ...< > > > > [pid 5275] io_submit(139850942226432, 1, {{0xf43718, 0, 0, 0, > 40}}) = > > > 1 > > > > > > > > > > > > [pid 5275] epoll_wait(6, {{EPOLLIN, {u32=7173248, u64=7173248}}}, > 512, > > > > 5671) = 1 > > > > > > > > [pid 5275] read(7, "\1\0\0\0\0\0\0\0", 8) = 8 > > > > [pid 5275] *io_getevents(139850942226432, 1, 64, {{0xf43718, > 0xf436d8, > > > > -22, 0}}, {0, 0}) = 1* > > > > [pid 5275] write(24, "172.16.164.30 - - 172.16.228.63:"..., 338) > = > > > 338 > > > > [pid 5275] close(48) > > > > > > > > And access.log shows that response length is ZERO: > > > > > > > > [03/Sep/2011:06:28:48 +0800] "GET > > > > > > > > /file/871586e763bf4417bf8d475858deee2b/260284/ed31933859d27e33b8398deaea1d2ade-3969549 > > > > HTTP/1.0" 206 0 0.001 "-" "-" "-" Range:bytes=27459105- > > > > > > > > > > > > After I removed those *open_file_cache* directives, No such error > > > occurred. > > > > > > > > And the shorter *inactive* is, the more often I get such errors. > > > > > > > > > > > > Anybody has idea about avoiding this or fixing it? > > > > > > Could you please provide debug log? See > > > http://wiki.nginx.org/Debugging for more information. > > > > > > Additionally, some more info about file requested might be > > > helpful: how big it is? whether it changed on backend during > > > requests? if yes, is it changed atomically? > > > > > > Maxim Dounin > > > > > > _______________________________________________ > > > nginx mailing list > > > nginx at nginx.org > > > http://mailman.nginx.org/mailman/listinfo/nginx > > > > > > > > > > > -- > > ???????????????? > > > > _______________________________________________ > > nginx mailing list > > nginx at nginx.org > > http://mailman.nginx.org/mailman/listinfo/nginx > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx > -- ???????????????? -------------- next part -------------- An HTML attachment was scrubbed... URL: From mdounin at mdounin.ru Mon Sep 5 16:38:07 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 5 Sep 2011 20:38:07 +0400 Subject: nginx 1.0.2 AIO problem with open_file_cache In-Reply-To: References: <20110903100335.GO1137@mdounin.ru> <20110904163413.GR1137@mdounin.ru> Message-ID: <20110905163807.GI1137@mdounin.ru> Hello! On Tue, Sep 06, 2011 at 12:16:19AM +0800, dr-dr xp wrote: > Thank you very much Dounin. With the patch it works fine now. Thanks for testing, the patch was committed and will be included in next release. Maxim Dounin > > > > > On Mon, Sep 5, 2011 at 12:34 AM, Maxim Dounin wrote: > > > Hello! > > > > On Sat, Sep 03, 2011 at 11:06:24PM +0800, dr-dr xp wrote: > > > > > The attachment is the error.log with only the failed request. And stat > > > output of this file: > > > > > > stat > > > > > //data2/0d97e01d7fbc48e498897492f0863929/g260674/257/26fd3732cd9f92f2413d10206cd8b0c9-5157235 > > > File: > > > > > `//data2/0d97e01d7fbc48e498897492f0863929/g260674/257/26fd3732cd9f92f2413d10206cd8b0c9-5157235' > > > Size: 51163499 Blocks: 100048 IO Block: 4096 regular file > > > Device: 821h/2081d Inode: 464404482 Links: 1 > > > Access: (0664/-rw-rw-r--) Uid: ( 1003/ www) Gid: ( 1003/ > > www) > > > Access: 2011-09-03 22:31:22.000000000 +0800 > > > Modify: 2011-07-30 01:45:56.000000000 +0800 > > > Change: 2011-07-30 01:45:56.000000000 +0800 > > > > > > > > > Such error occurs randomly on random file. The only relavent thing seems > > > like to be open_file_cache directive. > > > File sizes are almost 5M to 20M. > > > Files had not been changed. I checked the modify time of the files > > involved > > > in these errors. At first I had thought it was caused by a file change > > too. > > > But not. > > > > > > In my cluster there are also some other similar nodes running with the > > same > > > open_file_cache parameters but without aio enabled(sendfile is used). > > They > > > have no such issue. > > > > Please try the attached patch. > > > > Maxim Dounin > > > > > > > > > > > > > > > > > On Sat, Sep 3, 2011 at 6:03 PM, Maxim Dounin wrote: > > > > > > > Hello! > > > > > > > > On Sat, Sep 03, 2011 at 05:46:39PM +0800, dr-dr xp wrote: > > > > > > > > > Hello everybody. I recently have had some problem with AIO support > > and > > > > need > > > > > some help or advice on it. > > > > > > > > > > With AIO on, everything was OK. But when I enabled open_file_cache, > > nginx > > > > > frequently closed client connection directly without sending back any > > > > data. > > > > > > > > > > > > > > > My platform is linux 2.6.30. CentOS 5.4; > > > > > > > > > > The nginx server that has this issue serves static file at backend. > > > > Another > > > > > nginx serves as proxy in front of it. > > > > > Backend nginx config is like this: > > > > > ... > > > > > aio on; > > > > > > > > > > > > > > > directio 512; > > > > > > > > > > > > > > > output_buffers 1 128k; > > > > > ... > > > > > location /files { > > > > > > > > > > > > > > > > > > > > internal; > > > > > > > > > > > > > > > alias /; > > > > > open_file_cache max=50000 inactive=20s; > > > > > > > > > > > > > > > open_file_cache_valid 30s; > > > > > > > > > > > > > > > open_file_cache_min_uses 1; > > > > > > > > > > > > > > > open_file_cache_errors on; > > > > > > > > > > > > > > > With this config, on the frontend proxy server there are error logs > > like > > > > > this: > > > > > > > > > > 2011/09/03 17:01:19 [error] 12498#0: *78679759 *upstream prematurely > > > > closed > > > > > connection while reading response header from upstream*, client: > > > > > 221.193.212.77, server: , request: "GET .......... HTTP/1.1", > > upstream: > > > > > "http:// > > > > > > **/file/871586e763bf4417bf8d475858deee2b/260110/0b47fc7f4d84e4bcb01a6d6d1fcacc94-3581749", > > > > > host..... > > > > > > > > > > > > > > > And I saw in tcpdump output the connection was closed very quickly by > > > > > backend nginx: > > > > > > > > > > 22:02:22.892327 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: S > > > > > 1788188296:1788188296(0) win 5840 > 666482608 > > > > > 0,nop,wscale 7> > > > > > 22:02:22.895683 IP 172.16.228.63.irdmi > 172.16.113.32.58271: S > > > > > 350810413:350810413(0) ack 1788188297 win 5792 > 1460,sackOK,timestamp > > > > > 1948226601 66< > > > > > 22:02:22.895695 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: . ack 1 > > win > > > > 46 > > > > > > > > > > 22:02:22.895703 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: P > > > > 1:181(180) > > > > > ack 1 win 46 > > > > > 22:02:22.897680 IP 172.16.228.63.irdmi > 172.16.113.32.58271: . ack > > 181 > > > > win > > > > > 54 > > > > > 22:02:22.898348 IP 172.16.228.63.irdmi > 172.16.113.32.58271: F > > 1:1(0) > > > > ack > > > > > 181 win 54 > > > > > 22:02:22.898473 IP 172.16.113.32.58271 > 172.16.228.63.irdmi: F > > > > 181:181(0) > > > > > ack 2 win 46 > > > > > 22:02:22.899804 IP 172.16.228.63.irdmi > 172.16.113.32.58271: . ack > > 182 > > > > win > > > > > 54 > > > > > > > > > > > > > > > On the backend nginx, strace shows that io_getevents got an error > > *"-22" > > > > > EINVAL*. > > > > > > > > > > [pid 5275] recvfrom(48, 0x7fffe4400ae7, 1, 2, 0, 0) = -1 EAGAIN > > > > (Resource > > > > > temporarily unavailable) > > > > > [pid 5275] epoll_wait(6, {{EPOLLIN|EPOLLOUT, {u32=2445415233, > > > > > u64=139850875540289}}}, 512, 5672) = 1 > > > > > [pid 5275] recvfrom(201, "\1\6\0\1\0\337\1\0Status: 301 Moved > > > > Perman"..., > > > > > 4096, 0, NULL, NULL) = 256 > > > > > [pid 5275] close(201) = 0 > > > > > [pid 5275] > > > > > > > > > > > stat("//data1/871586e763bf4417bf8d475858deee2b/g268315/252/995f20f76d0d3871fdb5d71bbc92956c-27769564", > > > > > {st_mode=S_IFREG|0600, st_size=122507, ...< > > > > > [pid 5275] io_submit(139850942226432, 1, {{0xf43718, 0, 0, 0, > > 40}}) = > > > > 1 > > > > > > > > > > > > > > > [pid 5275] epoll_wait(6, {{EPOLLIN, {u32=7173248, u64=7173248}}}, > > 512, > > > > > 5671) = 1 > > > > > > > > > > [pid 5275] read(7, "\1\0\0\0\0\0\0\0", 8) = 8 > > > > > [pid 5275] *io_getevents(139850942226432, 1, 64, {{0xf43718, > > 0xf436d8, > > > > > -22, 0}}, {0, 0}) = 1* > > > > > [pid 5275] write(24, "172.16.164.30 - - 172.16.228.63:"..., 338) > > = > > > > 338 > > > > > [pid 5275] close(48) > > > > > > > > > > And access.log shows that response length is ZERO: > > > > > > > > > > [03/Sep/2011:06:28:48 +0800] "GET > > > > > > > > > > > /file/871586e763bf4417bf8d475858deee2b/260284/ed31933859d27e33b8398deaea1d2ade-3969549 > > > > > HTTP/1.0" 206 0 0.001 "-" "-" "-" Range:bytes=27459105- > > > > > > > > > > > > > > > After I removed those *open_file_cache* directives, No such error > > > > occurred. > > > > > > > > > > And the shorter *inactive* is, the more often I get such errors. > > > > > > > > > > > > > > > Anybody has idea about avoiding this or fixing it? > > > > > > > > Could you please provide debug log? See > > > > http://wiki.nginx.org/Debugging for more information. > > > > > > > > Additionally, some more info about file requested might be > > > > helpful: how big it is? whether it changed on backend during > > > > requests? if yes, is it changed atomically? > > > > > > > > Maxim Dounin > > > > > > > > _______________________________________________ > > > > nginx mailing list > > > > nginx at nginx.org > > > > http://mailman.nginx.org/mailman/listinfo/nginx > > > > > > > > > > > > > > > > -- > > > ???????????????? > > > > > > > _______________________________________________ > > > nginx mailing list > > > nginx at nginx.org > > > http://mailman.nginx.org/mailman/listinfo/nginx > > > > > > _______________________________________________ > > nginx mailing list > > nginx at nginx.org > > http://mailman.nginx.org/mailman/listinfo/nginx > > > > > > -- > ???????????????? > _______________________________________________ > nginx mailing list > nginx at nginx.org > http://mailman.nginx.org/mailman/listinfo/nginx From mdounin at mdounin.ru Mon Sep 5 18:02:10 2011 From: mdounin at mdounin.ru (Maxim Dounin) Date: Mon, 5 Sep 2011 22:02:10 +0400 Subject: upstream keepalive - call for testing In-Reply-To: References: <20110801160725.GH1137@mdounin.ru> <0d5cc130a417bb62098701656fd44e42.NginxMailingListEnglish@forum.nginx.org> <20110904182137.GW1137@mdounin.ru> <20110905070813.GY1137@mdounin.ru>