From nginx-forum at nginx.us  Fri Jun  1 07:58:59 2012
From: nginx-forum at nginx.us (youzhengchuan)
Date: Fri, 1 Jun 2012 03:58:59 -0400 (EDT)
Subject: =?UTF-8?B?UmU6IE5naW54LVVwc3RyZWFtLXByb3h5IG5leHQgdXBzdHJlYW0t5oOK5aSp5aSn?=
	=?UTF-8?B?QnVn?=
In-Reply-To: <20120531151205.GB31671@mdounin.ru>
References: <20120531151205.GB31671@mdounin.ru>
Message-ID: <b4b9682d0773d4313f501de549838fbe.NginxMailingListEnglish@forum.nginx.org>

Accordance with the above configuration, When the domain
"flvstorage.ppserver.org.cn," nginx nslookup results is just a one IP
address, this backend upstream can't be used.

my apology for my bad english.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227075,227089#msg-227089


From brian at akins.org  Fri Jun  1 11:43:31 2012
From: brian at akins.org (Brian Akins)
Date: Fri, 1 Jun 2012 07:43:31 -0400
Subject: =?UTF-8?B?UmU6IE5naW54LVVwc3RyZWFtLXByb3h5IG5leHQgdXBzdHJlYW0t5oOK5aSp5aSn?=
	=?UTF-8?B?QnVn?=
In-Reply-To: <b4b9682d0773d4313f501de549838fbe.NginxMailingListEnglish@forum.nginx.org>
References: <20120531151205.GB31671@mdounin.ru>
	<b4b9682d0773d4313f501de549838fbe.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <26A7300E-17B7-4302-8708-B01F8E7FD61C@akins.org>


Do something like this:

you need to define a resolver:

resolver 8.8.8.8; # or your dns serevrs

location / {
    set $myupstream flvdownload.ppserver.org.cn;
    proxy_pass http://$myupstream;
}

if you need it to use multiple ip addresses.


From ganaiwali at gmail.com  Fri Jun  1 14:17:17 2012
From: ganaiwali at gmail.com (tariq wali)
Date: Fri, 1 Jun 2012 14:17:17 +0000
Subject: ssl/tls https with red cross
In-Reply-To: <CAGQjrKYsOtrN1DUgqvBj9PkNiPC=yWB4aoiS+KoYipqtEpxYug@mail.gmail.com>
References: <CAGQjrKYsOtrN1DUgqvBj9PkNiPC=yWB4aoiS+KoYipqtEpxYug@mail.gmail.com>
Message-ID: <CAGQjrKYd73Ey-Vr7Ykjqzu+omWmTNAm8dQjv_u5G9=GED3QJxQ@mail.gmail.com>

can anyone please tell why this error on my nginx instance with ssl/tls

 2012/06/01 10:06:12 [emerg] 20286#0:
SSL_CTX_use_PrivateKey_file("/usr/local/nginx/conf/login.jobsgulf.com.key")
failed (SSL: error:0906406D:PEM routines:PEM_def_callback:problems getting
password error:0906A068:PEM routines:PEM_do_header:bad password read
error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib)

2012/06/01 10:06:20 [emerg] 866#0:
SSL_CTX_use_PrivateKey_file("/usr/local/nginx/conf/login.jobsgulf.com.key")
failed (SSL: error:06065064:digital envelope
routines:EVP_DecryptFinal_ex:bad decrypt error:0906A065:PEM
routines:PEM_do_header:bad decrypt error:140B0009:SSL
routines:SSL_CTX_use_PrivateKey_file:PEM lib)




On Wed, May 30, 2012 at 3:44 PM, tariq wali <ganaiwali at gmail.com> wrote:

> Hi,
>
> Looking to get some help from the group .
>
> We are running nginx/0.7.62 and notice that https with red-cross (either
> the connection is not encrypted or the page has some non https content and
> in my case it is no encrypted connection ) this is how thw config looks
>
>
>  server {
>         listen       443;
>         server_name  login.jobsgulf.com;
>         access_log on;
>         ssl on;
>         ssl_certificate login.jobsgulf.com.crt;
>         ssl_certificate_key login.jobsgulf.com.key;
>         ssl_protocols        SSLv3 TLSv1 ;
> #        ssl_ciphers          HIGH:!aNULL:!MD5;
>         ssl_ciphers
>  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
>         keepalive_timeout    60;
>        ssl_session_cache    shared:SSL:10m;
>        ssl_session_timeout  10m;
>
> I want to know if we really have to explicitly specify ssl_protocols and
> ssl_ciphers in the config in order to be fully https for the said directive
> ??
>
> Also does it make sense to enable ssl/tls support on apache also ? in my
> case i have nginx in front of the apache .
>
>
>
>
> --
> *Tariq Wali.*
>
>


-- 
*Tariq Wali.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120601/2ca29c7a/attachment.html>

From ne at vbart.ru  Fri Jun  1 14:42:25 2012
From: ne at vbart.ru (Valentin V. Bartenev)
Date: Fri, 1 Jun 2012 18:42:25 +0400
Subject: ssl/tls https with red cross
In-Reply-To: <CAGQjrKYd73Ey-Vr7Ykjqzu+omWmTNAm8dQjv_u5G9=GED3QJxQ@mail.gmail.com>
References: <CAGQjrKYsOtrN1DUgqvBj9PkNiPC=yWB4aoiS+KoYipqtEpxYug@mail.gmail.com>
	<CAGQjrKYd73Ey-Vr7Ykjqzu+omWmTNAm8dQjv_u5G9=GED3QJxQ@mail.gmail.com>
Message-ID: <201206011842.25662.ne@vbart.ru>

On Friday 01 June 2012 18:17:17 tariq wali wrote:
> can anyone please tell why this error on my nginx instance with ssl/tls
> 
>  2012/06/01 10:06:12 [emerg] 20286#0:
> SSL_CTX_use_PrivateKey_file("/usr/local/nginx/conf/login.jobsgulf.com.key")
> failed (SSL: error:0906406D:PEM routines:PEM_def_callback:problems getting
> password error:0906A068:PEM routines:PEM_do_header:bad password read
> error:140B0009:SSL routines:SSL_CTX_use_PrivateKey_file:PEM lib)
> 
> 2012/06/01 10:06:20 [emerg] 866#0:
> SSL_CTX_use_PrivateKey_file("/usr/local/nginx/conf/login.jobsgulf.com.key")
> failed (SSL: error:06065064:digital envelope
> routines:EVP_DecryptFinal_ex:bad decrypt error:0906A065:PEM
> routines:PEM_do_header:bad decrypt error:140B0009:SSL
> routines:SSL_CTX_use_PrivateKey_file:PEM lib)
> 

Nginx doesn't know passphrase for your private key file. You need to remove it.

 wbr, Valentin V. Bartenev


From sammyraul1 at gmail.com  Mon Jun  4 02:01:34 2012
From: sammyraul1 at gmail.com (Sammy Raul)
Date: Mon, 4 Jun 2012 11:01:34 +0900
Subject: Video Streaming using non http backend, Ref ngx_drizzle
Message-ID: <CACdz455ay=aXadWMGm-Ghm474PYNFpqctG9Cix6sHc3pKD3M+w@mail.gmail.com>

Hi All,

I am trying to stream video it can be mp4, flv anything using nginx.

The video streams in the form of 1024 size will be available from the
backend non-http server.

For achieveing this I followed the ngx_http_drizzle source.

I wrote an upstream handler and followed most of the source code from
ngx_http_drizzle.

I have few questions or to be more precise I did not understood how the
output from drizzle is being streamed to the client.

1) In ngx_http_drizzle_output.c the function ngx_http_drizzle_submit_mem is
the place where it is setting the output filter, Is it also sending the
response i.e the stream to the client at this point, or it is some other
function?

2) What I need to do to send my video contents to the client, I followed
the drizzle example but setting output and sending stream to the client,
how I can achieve this. I have 1024B avaialble at one point and I want to
send this to the client till the backend server has no stream to send and
the client should be able to play the content.

3) Is it possible to send the video stream to the client with the browser.


Can someone who knows about this, please explain how it works. What changes
I need to make.
It would be highly appreciated if anyone explains this.

Thanks,
Raul
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120604/5f1d0b82/attachment.html>

From nginx-forum at nginx.us  Mon Jun  4 06:31:20 2012
From: nginx-forum at nginx.us (zestsh)
Date: Mon, 4 Jun 2012 02:31:20 -0400 (EDT)
Subject: Would like to implement WebSocket support
In-Reply-To: <CAGxuLK1_TtJhHZZ9eZeXeuwqOq4LuBD4o+-AzuAsUDGi_VtmtQ@mail.gmail.com>
References: <CAGxuLK1_TtJhHZZ9eZeXeuwqOq4LuBD4o+-AzuAsUDGi_VtmtQ@mail.gmail.com>
Message-ID: <a738d52328609cc622152e983ff71145.NginxMailingListEnglish@forum.nginx.org>

is there some discussing about the future websocket implementation?

from the roadmap, we couldn't get to know any new information.

Thank you.

??? Wrote:
-------------------------------------------------------
> This feature will be implement in the 1.3 branch,
> you can see the
> roadmap here: http://trac.nginx.org/nginx/roadmap
> 
> Or you can use my tcp proxy module as an
> alternative temporarily :
> https://github.com/yaoweibin/nginx_tcp_proxy_modul
> e
> 
> Thanks.
> 
> 2012/5/18 Alexandr Gomoliako <zzz at zzz.org.ua>:
> >> I want to use websockets in my appliaction
> server. My provider has
> >> always in front of the application server an
> nginx-server.
> >> And since nginx currently doesn't support
> websockets I have a problem.
> >> So I just wanted to ask, how is the progress
> about proxiing websocket
> >> communications?
> >> I would be very great and I could imagine that
> other users may ask for
> >> that, too in the near future.
> >
> > I've been playing with websockets for awhile now
> and I don't think it
> > can make a difference for your provider. Real
> time web application are
> > really expensive to handle, each frame costs
> almost as much as
> > keepalive request, but you don't usually expect
> hundreds of requests
> > from each client every second. It's like
> streaming video by 100 bytes
> > at a time.
> >
> > So, it has to be some kind of frame multiplexing
> over a single
> > connection with backend and even then it's still
> a lot to handle.
> >
> > _______________________________________________
> > nginx mailing list
> > nginx at nginx.org
> > http://mailman.nginx.org/mailman/listinfo/nginx
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,221884,227134#msg-227134


From sammyraul1 at gmail.com  Mon Jun  4 08:15:34 2012
From: sammyraul1 at gmail.com (sammy_raul)
Date: Mon, 4 Jun 2012 01:15:34 -0700 (PDT)
Subject: Video Streaming using non http backend, Ref ngx_drizzle
In-Reply-To: <CACdz455ay=aXadWMGm-Ghm474PYNFpqctG9Cix6sHc3pKD3M+w@mail.gmail.com>
References: <CACdz455ay=aXadWMGm-Ghm474PYNFpqctG9Cix6sHc3pKD3M+w@mail.gmail.com>
Message-ID: <1338797734133-7580237.post@n2.nabble.com>

Anything on this, just a small hint on how I can configure the output filter
would be highly appreciated.

Thanks,
Raul

--
View this message in context: http://nginx.2469901.n2.nabble.com/Video-Streaming-using-non-http-backend-Ref-ngx-drizzle-tp7580235p7580237.html
Sent from the nginx mailing list archive at Nabble.com.


From nginx-forum at nginx.us  Mon Jun  4 08:18:34 2012
From: nginx-forum at nginx.us (youzhengchuan)
Date: Mon, 4 Jun 2012 04:18:34 -0400 (EDT)
Subject: =?UTF-8?B?UmU6IE5naW54LVVwc3RyZWFtLXByb3h5IG5leHQgdXBzdHJlYW0t5oOK5aSp5aSn?=
	=?UTF-8?B?QnVn?=
In-Reply-To: <26A7300E-17B7-4302-8708-B01F8E7FD61C@akins.org>
References: <26A7300E-17B7-4302-8708-B01F8E7FD61C@akins.org>
Message-ID: <f343178b5c3a4d7ebff66a553edc51a5.NginxMailingListEnglish@forum.nginx.org>

thanks Brian

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227075,227139#msg-227139


From nginx-forum at nginx.us  Mon Jun  4 08:33:19 2012
From: nginx-forum at nginx.us (zestsh)
Date: Mon, 4 Jun 2012 04:33:19 -0400 (EDT)
Subject: Would like to implement WebSocket support
In-Reply-To: <CAGxuLK1_TtJhHZZ9eZeXeuwqOq4LuBD4o+-AzuAsUDGi_VtmtQ@mail.gmail.com>
References: <CAGxuLK1_TtJhHZZ9eZeXeuwqOq4LuBD4o+-AzuAsUDGi_VtmtQ@mail.gmail.com>
Message-ID: <dc80c29fcb21ef84d6de30fe20f902ed.NginxMailingListEnglish@forum.nginx.org>

will the websocket implementation in the nginx 1.3 branch work same with
the tcp_proxy_module?

if not, what will be it look like? I hope nginx developer geeks give
some clues
about functionality or related api provided.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,221884,227140#msg-227140


From agentzh at gmail.com  Mon Jun  4 14:13:14 2012
From: agentzh at gmail.com (agentzh)
Date: Mon, 4 Jun 2012 22:13:14 +0800
Subject: Video Streaming using non http backend, Ref ngx_drizzle
In-Reply-To: <CACdz455ay=aXadWMGm-Ghm474PYNFpqctG9Cix6sHc3pKD3M+w@mail.gmail.com>
References: <CACdz455ay=aXadWMGm-Ghm474PYNFpqctG9Cix6sHc3pKD3M+w@mail.gmail.com>
Message-ID: <CAB4Tn6MR22zN_uZoFYMHeVWvTaPnHdvwrQFs2M66rqvA1HUe7A@mail.gmail.com>

Hello!

On Mon, Jun 4, 2012 at 10:01 AM, Sammy Raul <sammyraul1 at gmail.com> wrote:
> I am trying to stream video it can be mp4, flv anything using nginx.
>
> The video streams in the form of 1024 size will be available from the
> backend non-http server.
>

I think this can be done trivially via ngx_lua module while still
achieving good performance. Here is a small example that demonstrates
how to meet your requirements with a little Lua:

    location /api {
        content_by_lua '
            local sock, err = ngx.socket.tcp()
            if not sock then
                ngx.log(ngx.ERR, "failed to get socket: ", err)
                ngx.exit(500)
            end

            sock:settimeout(1000)  -- 1 sec

            local ok, err = sock:connect("some.backend.host", 12345)
            if not ok then
                ngx.log(ngx.ERR, "failed to connect to upstream: ", err)
                ngx.exit(502)
            end

            local bytes, err = sock:send("some query")
            if not bytes then
                ngx.log(ngx.ERR, "failed to send query: ", err)
                ngx.exit(502)
            end

            while true do
                local data, err, partial = sock:receive(1024)
                if not data then
                    if err == "closed" then
                        if partial then
                            ngx.print(partial)
                            ngx.eof()
                            ngx.exit(ngx.OK)
                        end
                    else
                        ngx.log(ngx.ERR, "error reading data: ", err)
                        ngx.exit(502)
                    end
                else
                    ngx.print(data)
                    ngx.flush(true)
               end
            end
        ';
    }

See the documentation for details:

    http://wiki.nginx.org/HttpLuaModule

> For achieveing this I followed the ngx_http_drizzle source.
>
> I wrote an upstream handler and followed most of the source code from
> ngx_http_drizzle.
>

As the author of ngx_drizzle, I suggest you start from trying out
ngx_lua. Customizing ngx_drizzle for your needs requires a *lot* of
work. The C approach should only be attempted when Lua is indeed too
slow for your purpose, which is not very likely for many applications
though.

Also, please note that ngx_drizzle does not support strict
non-buffered data output. So, for downstream connections that are slow
to write, data will still accumulate in RAM without control. On the
other hand, the ngx_lua sample given above does not suffer from this
issue.

> I have few questions or to be more precise I did not understood how the
> output from drizzle is being streamed to the client.
>
> 1) In ngx_http_drizzle_output.c the function ngx_http_drizzle_submit_mem is
> the place where it is setting the output filter, Is it also sending the
> response i.e the stream to the client at this point, or it is some other
> function?
>

Nope. Sending output buffers to the output filter chain is done by the
ngx_http_drizzle_output_bufs function.

> 2) What I need to do to send my video contents to the client, I followed the
> drizzle example but setting output and sending stream to the client, how I
> can achieve this. I have 1024B avaialble at one point and I want to send
> this to the client till the backend server has no stream to send and the
> client should be able to play the content.
>

Basically, you can call the ngx_http_output_filter function, just as
other nginx upstream modules.

> 3) Is it possible to send the video stream to the client with the browser.
>

I do not quite follow this question.

Best regards,
-agentzh


From nginx-forum at nginx.us  Mon Jun  4 23:32:32 2012
From: nginx-forum at nginx.us (ptiseo)
Date: Mon, 4 Jun 2012 19:32:32 -0400 (EDT)
Subject: Upgrade From Fedora 15 to 17: nginx Doesn't Work
Message-ID: <58edd092bc513c870ea369bf566e0331.NginxMailingListEnglish@forum.nginx.org>

Had nginx 1.0.5 running on a Fedora 15 system just fine for months.
Upgraded the server from F15 to F17. At first, all seems well, but over
time, I keep getting 500 errors on proxied sites. Logs say: "socket()
failed (24: Too many open files) while connecting to upstream". Has
anyone else had this experience? If so, what's the root cause?

Had to revert server back to a backup to get sites functional.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227162,227162#msg-227162


From reallfqq-nginx at yahoo.fr  Tue Jun  5 00:15:07 2012
From: reallfqq-nginx at yahoo.fr (B.R.)
Date: Mon, 4 Jun 2012 20:15:07 -0400
Subject: Upgrade From Fedora 15 to 17: nginx Doesn't Work
In-Reply-To: <58edd092bc513c870ea369bf566e0331.NginxMailingListEnglish@forum.nginx.org>
References: <58edd092bc513c870ea369bf566e0331.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CALqce=0KEgvWKfknrTbkHhWO_QVEP+vD5tmtiJbmLQbEKCYv5A@mail.gmail.com>

Hmmm... Apparently there seem to be some official packages of Nginx in
Fedora repositories.
However, there have been some updates of the 1.0.x branch there. 1.0.5
seems to be far outdated.

For example the latest seems to be a 1.0.15-4 version of the package:
http://lists.fedoraproject.org/pipermail/package-announce/2012-May/081214.html

I can't check much, since I don't have Fedora. I just did little online
research on the Fedora-Announce
mailing-list<http://lists.fedoraproject.org/pipermail/package-announce/>
.

Hope my 2 cents helped,
---
*B. R.*


On Mon, Jun 4, 2012 at 7:32 PM, ptiseo <nginx-forum at nginx.us> wrote:

> Had nginx 1.0.5 running on a Fedora 15 system just fine for months.
> Upgraded the server from F15 to F17. At first, all seems well, but over
> time, I keep getting 500 errors on proxied sites. Logs say: "socket()
> failed (24: Too many open files) while connecting to upstream". Has
> anyone else had this experience? If so, what's the root cause?
>
> Had to revert server back to a backup to get sites functional.
>
> Posted at Nginx Forum:
> http://forum.nginx.org/read.php?2,227162,227162#msg-227162
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120604/2d64e2ed/attachment.html>

From steeeeeveee at gmx.net  Tue Jun  5 01:16:06 2012
From: steeeeeveee at gmx.net (Steve)
Date: Tue, 05 Jun 2012 03:16:06 +0200
Subject: Upgrade From Fedora 15 to 17: nginx Doesn't Work
In-Reply-To: <58edd092bc513c870ea369bf566e0331.NginxMailingListEnglish@forum.nginx.org>
References: <58edd092bc513c870ea369bf566e0331.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120605011606.192860@gmx.net>


-------- Original-Nachricht --------
> Datum: Mon, 4 Jun 2012 19:32:32 -0400 (EDT)
> Von: "ptiseo" <nginx-forum at nginx.us>
> An: nginx at nginx.org
> Betreff: Upgrade From Fedora 15 to 17: nginx Doesn\'t Work

> Had nginx 1.0.5 running on a Fedora 15 system just fine for months.
>
Months? MONTHS? So you are not a new *nix user?


> Upgraded the server from F15 to F17. At first, all seems well, but over
> time, I keep getting 500 errors on proxied sites. Logs say: "socket()
> failed (24: Too many open files) while connecting to upstream". Has
> anyone else had this experience? If so, what's the root cause?
> 
The root cause you ask? You must be joking. I mean... how hard is it to interpret "Too many open files"?


> Had to revert server back to a backup to get sites functional.
> 
Ohhh boy. All you need to do is increase the open file limit in /etc/sysctl.conf and /etc/security/limits.conf.

In my installation I currently have...

... in /etc/sysctl.conf:
fs.file-max = 5049800

... in /etc/security/limits.conf:
*               -       nofile          101062

I assume you used the same nginx.conf like in the old install? So no need for me to mention worker_rlimit_nofile. Right?

Setting/getting file limits is really basic linux system admin knowledge. I don't want to be harsh but not knowing that and going back from a fresh installed Fedora 17 to a backup of Fedora 15 because of the above error is crazy. You need to spend some time educating yourself in how to maintain a *nix system.

And while at it... please take your time to learn how to use Google:
http://www.google.com/search?q=Too+many+open+files&ie=utf-8&oe=utf-8&aq=t


If you don't find the solution in the first 10 or 20 links then I am going to eat xx xxxxx!
-- 
Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de


From nginx-forum at nginx.us  Tue Jun  5 01:45:36 2012
From: nginx-forum at nginx.us (ptiseo)
Date: Mon, 4 Jun 2012 21:45:36 -0400 (EDT)
Subject: Upgrade From Fedora 15 to 17: nginx Doesn't Work
In-Reply-To: <20120605011606.192860@gmx.net>
References: <20120605011606.192860@gmx.net>
Message-ID: <d1b0aeba132b027999fab49b4bf5e3dc.NginxMailingListEnglish@forum.nginx.org>

@steve: nginx seems to attract the hostile and malpadapted? I've seen
more arrogant a**es in this forum than most other places. You guys need
to relax; it's just software. No need for you to go nuts like that. It
just shows badly on you.

The reason I restore from backup is because I needed that proxy online
for development. And, I have used Linux for a while that can be counted
in more than months. Do you know what they say about "assume"?

I did Google. I saw that worked for some and not for others. I tried it,
it didn't work for me. My file-max setting was already some 200K.

So, let me ask this, why would I need to increase open file limit
anyways? This is a low traffic proxy.

@BR: Thanks for not being as bad as steve. I did notice that Fedora does
not have an up-to-date package. For now, I will stay with the backup and
spin up another virtual machine to see if I can test further.

If anyone has any other ideas than the first 20 Google hits, I'd love to
hear of them. Thx.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227162,227165#msg-227165


From steeeeeveee at gmx.net  Tue Jun  5 02:03:25 2012
From: steeeeeveee at gmx.net (Steve)
Date: Tue, 05 Jun 2012 04:03:25 +0200
Subject: Upgrade From Fedora 15 to 17: nginx Doesn't Work
In-Reply-To: <d1b0aeba132b027999fab49b4bf5e3dc.NginxMailingListEnglish@forum.nginx.org>
References: <20120605011606.192860@gmx.net>
	<d1b0aeba132b027999fab49b4bf5e3dc.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120605020325.192850@gmx.net>


-------- Original-Nachricht --------
> Datum: Mon, 4 Jun 2012 21:45:36 -0400 (EDT)
> Von: "ptiseo" <nginx-forum at nginx.us>
> An: nginx at nginx.org
> Betreff: Re: Upgrade From Fedora 15 to 17: nginx Doesn\'t Work

> @steve: nginx seems to attract the hostile and malpadapted? I've seen
> more arrogant a**es in this forum than most other places. You guys need
> to relax; it's just software. No need for you to go nuts like that. It
> just shows badly on you.
> 
LOL. It's almost 4am over here in Europe and I was sitting here reading stuff (fighting with sleep) and from time to time looking at the nginx mailing list and then saw your post and was falling almost off my chair. Could not resist and had to post. ;)


> The reason I restore from backup is because I needed that proxy online
> for development. And, I have used Linux for a while that can be counted
> in more than months. Do you know what they say about "assume"?
> 
> I did Google. I saw that worked for some and not for others. I tried it,
> it didn't work for me. My file-max setting was already some 200K.
> 
In sysctl.conf? Or /etc/security/limits.conf? Does your system use PAM?


> So, let me ask this, why would I need to increase open file limit
> anyways? This is a low traffic proxy.
> 
Well.... you have obviously the need else nginx would not complain about a low open file descriptor limit. Looks like you configured nginx to use a lot of descriptors. But how can I tell without having seen your nginx configuration (I left my crystal ball in the office)?

If you want real good help then post your nginx.conf, the output of "ulimit -a", the content of /etc/sysctl.conf, the content of /etc/security/limits.conf, the output of "ls -lah /etc/security/limits.d/*" and the content of files found in /etc/security/limits.d/


> @BR: Thanks for not being as bad as steve. I did notice that Fedora does
> not have an up-to-date package. For now, I will stay with the backup and
> spin up another virtual machine to see if I can test further.
> 
> If anyone has any other ideas than the first 20 Google hits, I'd love to
> hear of them. Thx.
> 

http://www.cyberciti.biz/faq/linux-unix-nginx-too-many-open-files/

http://blog.unixy.net/2010/11/nginx-accept-failed-24-too-many-open-files-while-accepting-new-connection/

http://forum.nginx.org/read.php?2,187416

http://forum.nginx.org/read.php?2,61252

http://forum.nginx.org/read.php?2,13111

etc...





> Posted at Nginx Forum:
> http://forum.nginx.org/read.php?2,227162,227165#msg-227165
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

-- 
NEU: FreePhone 3-fach-Flat mit kostenlosem Smartphone!                                  
Jetzt informieren: http://mobile.1und1.de/?ac=OM.PW.PW003K20328T7073a


From jim at ohlste.in  Tue Jun  5 02:08:14 2012
From: jim at ohlste.in (Jim Ohlstein)
Date: Mon, 4 Jun 2012 22:08:14 -0400
Subject: Upgrade From Fedora 15 to 17: nginx Doesn't Work
In-Reply-To: <d1b0aeba132b027999fab49b4bf5e3dc.NginxMailingListEnglish@forum.nginx.org>
References: <20120605011606.192860@gmx.net>
	<d1b0aeba132b027999fab49b4bf5e3dc.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CABxOBbR8bSu+LuO57xqev5Zudi+DfpD3o6bTU4PodA3RF+eYvA@mail.gmail.com>

On Jun 4, 2012 9:45 PM, "ptiseo" <nginx-forum at nginx.us> wrote:
>
> @steve: nginx seems to attract the hostile and malpadapted? I've seen
> more arrogant a**es in this forum than most other places. You guys need
> to relax; it's just software. No need for you to go nuts like that. It
> just shows badly on you.

Hardly the case. This is a pretty well mannered mailing list compared to
some to which I subscribe.

But, to be constructive, please do not top post. It's very confusing when
trying to follow a threaded discussion.

So, please answer the question asked -do you have an entry in your
nginx.conf for "worker_rlimit_nofile"?

Posting your full nginx.conf might help.

>
> The reason I restore from backup is because I needed that proxy online
> for development. And, I have used Linux for a while that can be counted
> in more than months. Do you know what they say about "assume"?
>
> I did Google. I saw that worked for some and not for others. I tried it,
> it didn't work for me. My file-max setting was already some 200K.

To which settings(s) are you referring?

>
> So, let me ask this, why would I need to increase open file limit
> anyways? This is a low traffic proxy.

Maybe an issue with how you've configured *your* system which has nothing
to do with nginx? Not to be one of those hostile, maladaped, arrogant
people to whom you referred, but this isn't a Fedora mailing list. Perhaps
you can find help there in determining what process(es) is/are using all of
those file descriptors.  Maybe one of them will hold your hand and not hurt
your feelings in the process. Calling people names is certainly *not* a
good way to get people to help you.

>
> @BR: Thanks for not being as bad as steve. I did notice that Fedora does
> not have an up-to-date package. For now, I will stay with the backup and
> spin up another virtual machine to see if I can test further.
>
> If anyone has any other ideas than the first 20 Google hits, I'd love to
> hear of them. Thx.
>

Jim Ohlstein
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120604/2b8c1082/attachment-0001.html>

From sammyraul1 at gmail.com  Tue Jun  5 04:06:23 2012
From: sammyraul1 at gmail.com (sammy_raul)
Date: Mon, 4 Jun 2012 21:06:23 -0700 (PDT)
Subject: Video Streaming using non http backend, Ref ngx_drizzle
In-Reply-To: <CAB4Tn6MR22zN_uZoFYMHeVWvTaPnHdvwrQFs2M66rqvA1HUe7A@mail.gmail.com>
References: <CACdz455ay=aXadWMGm-Ghm474PYNFpqctG9Cix6sHc3pKD3M+w@mail.gmail.com>
	<CAB4Tn6MR22zN_uZoFYMHeVWvTaPnHdvwrQFs2M66rqvA1HUe7A@mail.gmail.com>
Message-ID: <1338869183160-7580247.post@n2.nabble.com>

Thanks agentzh for explaining so well.

When I am connected to the backend server I am getting buffer which I am
sending to the client like this:

ngx_int_t
ngx_http_ccn_send_output_bufs(ngx_http_request_t *r,
        ngx_http_upstream_ccn_peer_data_t *dp, const unsigned char *data,
size_t data_size)
{
    ngx_http_upstream_t                    *u = r->upstream;
    ngx_int_t                                      rc;
    ngx_buf_t                                     *b;
    ngx_chain_t                                  out;

       /* allocate a buffer for your response body */
    b = ngx_pcalloc(r->pool, sizeof(ngx_buf_t));
    if (b == NULL) {
         return NGX_HTTP_INTERNAL_SERVER_ERROR;
       }

    /* attach this buffer to the buffer chain */
    out.buf = b;
    out.next = NULL;

    /* adjust the pointers of the buffer */
    b->pos = (u_char *) data;
    b->last = b->pos + data_size - 1;
    b->memory = 1;    /* this buffer is in memory */
    b->last_buf = 1;  /* this is the last buffer in the buffer chain */


    if ( ! u->header_sent ) {
    	fprintf(stdout, "ngx_http_ccn_send_output_bufs u->header_sent\n");
        r->headers_out.status = NGX_HTTP_OK;

        /* set the Content-Type header */

        r->headers_out.content_type.data =
        		(u_char *) "application/octet-stream";

        r->headers_out.content_type.len =
        		sizeof("application/octet-stream") - 1;

        r->headers_out.content_type_len =
        		sizeof("application/octet-stream") - 1;

        rc = ngx_http_send_header(r);

        if (rc == NGX_ERROR || rc >= NGX_HTTP_SPECIAL_RESPONSE) {
        	fprintf(stdout, "ngx_http_ccn_send_output_bufs header sent
error\n");
            return rc;
        }

        u->header_sent = 1;
        fprintf(stdout, "ngx_http_ccn_send_output_bufs
u->header_sent=%d\n",u->header_sent);
    }

    rc = ngx_http_output_filter(r, &out);

    if (rc == NGX_ERROR || rc >= NGX_HTTP_SPECIAL_RESPONSE) {
        return rc;
        }

this function I am calling everytime I am receiving data (1024) from the
backend
when it is end of stream I am calling
ngx_http_finalize_request(r, rc);

but it is not working as expected which is like playing the video file in
the browser

I didn't follow the lua module yet, but will look into it

Is there anything I am doing wrong while setting the output buffer, do I
need to change this line b->last_buf = 1; 
or something else.

Thanks,
Raul

--
View this message in context: http://nginx.2469901.n2.nabble.com/Video-Streaming-using-non-http-backend-Ref-ngx-drizzle-tp7580235p7580247.html
Sent from the nginx mailing list archive at Nabble.com.


From agentzh at gmail.com  Tue Jun  5 04:16:57 2012
From: agentzh at gmail.com (agentzh)
Date: Tue, 5 Jun 2012 12:16:57 +0800
Subject: Video Streaming using non http backend, Ref ngx_drizzle
In-Reply-To: <1338869183160-7580247.post@n2.nabble.com>
References: <CACdz455ay=aXadWMGm-Ghm474PYNFpqctG9Cix6sHc3pKD3M+w@mail.gmail.com>
	<CAB4Tn6MR22zN_uZoFYMHeVWvTaPnHdvwrQFs2M66rqvA1HUe7A@mail.gmail.com>
	<1338869183160-7580247.post@n2.nabble.com>
Message-ID: <CAB4Tn6PgNBW3yb07YFhKYzuAUv_-b2gF0AoqUrwQSZx_Ayv93A@mail.gmail.com>

Hello!

On Tue, Jun 5, 2012 at 12:06 PM, sammy_raul <sammyraul1 at gmail.com> wrote:
>
> ? ?/* adjust the pointers of the buffer */
> ? ?b->pos = (u_char *) data;
> ? ?b->last = b->pos + data_size - 1;
> ? ?b->memory = 1; ? ?/* this buffer is in memory */
> ? ?b->last_buf = 1; ?/* this is the last buffer in the buffer chain */
>

Setting b->last_buf to 1 means the current buf is the last buf in the
whole response body stream in this context (actually it is the
indicator for the end of the output data stream). So you must not set
this for every single buf.

Also, you should never set this flag in case you're in a subrequest or
things will break.

>
> this function I am calling everytime I am receiving data (1024) from the
> backend
> when it is end of stream I am calling
> ngx_http_finalize_request(r, rc);
>

Call ngx_http_send_header once and call ngx_http_output_filter
multiple times (as needed).

If you need strict non-buffered output behaivor, you have to *wait*
for the downstream to flush out *all* the data before continuing
reading data from upstream. You can check out how the
ngx_http_upstream (in non-buffered mode) and ngx_lua modules do this.

>
> I didn't follow the lua module yet, but will look into it
>

I strongly recommend it because it should save you a *lot* of time (I guess) :)

> Is there anything I am doing wrong while setting the output buffer, do I
> need to change this line b->last_buf = 1;
> or something else.
>

See above.

Regards,
-agentzh

P.S. C programming is hard; let's go scripting! :D


From nginx-forum at nginx.us  Tue Jun  5 07:33:24 2012
From: nginx-forum at nginx.us (speedfirst)
Date: Tue, 5 Jun 2012 03:33:24 -0400 (EDT)
Subject: Can't upload big files via nginx as reverse proxy
Message-ID: <30fe20f1fb79eb7d74ba300eac01c6c5.NginxMailingListEnglish@forum.nginx.org>

Hey.

In my env, the layout is:

client <--> nginx <--> jetty

In the client, there is a <input type=file> control. I tried to upload a
file with size of 3.7MB. In the client request, the content type is
"multipart/form-data", and there is an "Expect: 100-continue" header.

Through tcpdump, I could see nginx immediately return an "HTTP/1.1 100
Continue" response, and started to read data. After buffering the
uploaded data, nginx then started to send them to jetty. However in this
time, no "Expect: 100-continue" header was proxied because HTTP/1.0 is
used.

After sending part of data, nginx stopped continuing to proxy the rest
of data, but the connection is kept. After 30s, jetty reports time out
exception and returned an response. Nginx finally proxied this response
back to client.

I simply merged all the tcp segments which was sent from nginx to jetty,
and found only 400K bytes are proxied.


My nginx config is quite simple, just

server {
   listen 80;
   location / {
       proxy_pass http://upstream;
   }
}

All proxy buffer config was not explicitly set so the default values
were applied. I tried to "proxy_buffering off;" and re-do the experiment
above and find the result was same.

I also tried to observe the temp file written by nginx but it's
automatically removed when everything is done. Any way to keep it?


Therefore, I'm wondering is this expected? Did I make mistakes for
configuring proxy buffers? Do I have to use the third party "upload"
module (http://www.grid.net.ru/nginx/upload.en.html) to make it work?

Many thanks.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227175,227175#msg-227175


From nginx-forum at nginx.us  Tue Jun  5 07:39:09 2012
From: nginx-forum at nginx.us (speedfirst)
Date: Tue, 5 Jun 2012 03:39:09 -0400 (EDT)
Subject: Can't upload big files via nginx as reverse proxy
In-Reply-To: <30fe20f1fb79eb7d74ba300eac01c6c5.NginxMailingListEnglish@forum.nginx.org>
References: <30fe20f1fb79eb7d74ba300eac01c6c5.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <5dd8083cc275240e55cc760035b5d482.NginxMailingListEnglish@forum.nginx.org>

by the way, my client request is a POST request.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227175,227176#msg-227176


From mdounin at mdounin.ru  Tue Jun  5 07:54:17 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 5 Jun 2012 11:54:17 +0400
Subject: Can't upload big files via nginx as reverse proxy
In-Reply-To: <30fe20f1fb79eb7d74ba300eac01c6c5.NginxMailingListEnglish@forum.nginx.org>
References: <30fe20f1fb79eb7d74ba300eac01c6c5.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120605075416.GS31671@mdounin.ru>

Hello!

On Tue, Jun 05, 2012 at 03:33:24AM -0400, speedfirst wrote:

> Hey.
> 
> In my env, the layout is:
> 
> client <--> nginx <--> jetty
> 
> In the client, there is a <input type=file> control. I tried to upload a
> file with size of 3.7MB. In the client request, the content type is
> "multipart/form-data", and there is an "Expect: 100-continue" header.
> 
> Through tcpdump, I could see nginx immediately return an "HTTP/1.1 100
> Continue" response, and started to read data. After buffering the
> uploaded data, nginx then started to send them to jetty. However in this
> time, no "Expect: 100-continue" header was proxied because HTTP/1.0 is
> used.

So far this is expected behaviour.

> After sending part of data, nginx stopped continuing to proxy the rest
> of data, but the connection is kept. After 30s, jetty reports time out
> exception and returned an response. Nginx finally proxied this response
> back to client.
> 
> I simply merged all the tcp segments which was sent from nginx to jetty,
> and found only 400K bytes are proxied.

This is obviously not expected.

Anything in error log?  Could you please provide tcpdump and debug 
log?  It would be also cool to see which version of nginx you are 
using, i.e. please provide "nginx -V" output, and a full config.

> 
> 
> My nginx config is quite simple, just
> 
> server {
>    listen 80;
>    location / {
>        proxy_pass http://upstream;
>    }
> }

This misses at least "client_max_body_size" as by default 3.5MB 
upload will be just rejected.

> 
> All proxy buffer config was not explicitly set so the default values
> were applied. I tried to "proxy_buffering off;" and re-do the experiment
> above and find the result was same.

Proxy buffers, as well as proxy_buffering, doesn't matter, as it 
only affects sending response from an upstream to a client.

> I also tried to observe the temp file written by nginx but it's
> automatically removed when everything is done. Any way to keep it?

client_body_in_file_only on;

See here for details:
http://nginx.org/r/client_body_in_file_only

Maxim Dounin


From nginx-forum at nginx.us  Tue Jun  5 09:24:48 2012
From: nginx-forum at nginx.us (speedfirst)
Date: Tue, 5 Jun 2012 05:24:48 -0400 (EDT)
Subject: Can't upload big files via nginx as reverse proxy
In-Reply-To: <20120605075416.GS31671@mdounin.ru>
References: <20120605075416.GS31671@mdounin.ru>
Message-ID: <f93a853ec38eea2cec706aa22af2aaa8.NginxMailingListEnglish@forum.nginx.org>

Thanks for your quick response.

In my config, client_max_body_size is set to 0. Does it mean
"unlimited"?

I made this test in two version, 0.9.3 and 1.2.0. Both have the same
problem.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227175,227180#msg-227180


From nginx-forum at nginx.us  Tue Jun  5 10:08:30 2012
From: nginx-forum at nginx.us (speedfirst)
Date: Tue, 5 Jun 2012 06:08:30 -0400 (EDT)
Subject: Can't upload big files via nginx as reverse proxy
In-Reply-To: <f93a853ec38eea2cec706aa22af2aaa8.NginxMailingListEnglish@forum.nginx.org>
References: <20120605075416.GS31671@mdounin.ru>
	<f93a853ec38eea2cec706aa22af2aaa8.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <4cd2ded1222dfbb80b803d6cb9d3f801.NginxMailingListEnglish@forum.nginx.org>

retry the test while client_max_body_size=0;
The size of tmp file is as expected, about 3.7M :
root at zm-dev03:/opt/data/tmp/nginx/client# ll 0000000001 
-rw------- 1 speedfirst speedfirst 3914486 2012-06-06 01:27 0000000001

Here is the client script from curl:
curl -v -u admin at dev03.eng.test.com:test123 -F
"file=@test.tgz;filename=test.tgz;type=application/x-compressed-tar"
"http://dev03.eng.test.com/service/home/admin at dev03.eng.test.com/?fmt=tgz&resolve=reset"

Here is the debug_http nginx log.
2012/06/06 01:27:35 [debug] 15621#0: *5 http process request line
2012/06/06 01:27:35 [debug] 15621#0: *5 http request line: "POST
/service/home/admin at dev03.eng.test.com/?fmt=tgz&resolve=reset HTTP/1.1"
2012/06/06 01:27:35 [debug] 15621#0: *5 http uri:
"/service/home/admin at dev03.eng.test.com/"
2012/06/06 01:27:35 [debug] 15621#0: *5 http args:
"fmt=tgz&resolve=reset"
2012/06/06 01:27:35 [debug] 15621#0: *5 http exten: ""
2012/06/06 01:27:35 [debug] 15621#0: *5 http process request header
line
2012/06/06 01:27:35 [debug] 15621#0: *5 http header: "Authorization:
Basic YWRtaW5Aem0tZGV2MDMuZW5nLnZtd2FyZS5jb206dGVzdDEyMw=="
2012/06/06 01:27:35 [debug] 15621#0: *5 http header: "User-Agent:
curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1
zlib/1.2.3.4 libidn/1.23 librtmp/2.3"
2012/06/06 01:27:35 [debug] 15621#0: *5 http header: "Host:
dev03.eng.vmware.com"
2012/06/06 01:27:35 [debug] 15621#0: *5 http header: "Accept: */*"
2012/06/06 01:27:35 [debug] 15621#0: *5 http header: "Content-Length:
3914486"
2012/06/06 01:27:35 [debug] 15621#0: *5 http header: "Expect:
100-continue"
2012/06/06 01:27:35 [debug] 15621#0: *5 http header: "Content-Type:
multipart/form-data; boundary=----------------------------f9dbdf4f72b4"
2012/06/06 01:27:35 [debug] 15621#0: *5 http header done
2012/06/06 01:27:35 [debug] 15621#0: *5 rewrite phase: 0
2012/06/06 01:27:35 [debug] 15621#0: *5 test location: "/"
2012/06/06 01:27:35 [debug] 15621#0: *5 using configuration "/"
2012/06/06 01:27:35 [debug] 15621#0: *5 generic phase: 4
2012/06/06 01:27:35 [debug] 15621#0: *5 generic phase: 5
2012/06/06 01:27:35 [debug] 15621#0: *5 access phase: 6
2012/06/06 01:27:35 [debug] 15621#0: *5 access phase: 7
2012/06/06 01:27:35 [debug] 15621#0: *5 post access phase: 8
2012/06/06 01:27:35 [debug] 15621#0: *5 send 100 Continue
2012/06/06 01:27:35 [debug] 15621#0: *5 http read client request body
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
-2
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3914486
2012/06/06 01:27:35 [debug] 15621#0: *5 http finalize request: -4,
"/service/home/admin at dev03.eng.test.com/?fmt=tgz&resolve=reset" a:1,
c:2
2012/06/06 01:27:35 [debug] 15621#0: *5 http request count:2 blk:0
2012/06/06 01:27:35 [debug] 15621#0: *5 http run request:
"/service/home/admin at dev03.eng.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:27:35 [debug] 15621#0: *5 http read client request body
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
174
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3914312
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
-2
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3914312
2012/06/06 01:27:35 [debug] 15621#0: *5 http run request:
"/service/home/admin at dev03.eng.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:27:35 [debug] 15621#0: *5 http read client request body
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
1360
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3912952
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
-2
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3912952
2012/06/06 01:27:35 [debug] 15621#0: *5 http run request:
"/service/home/admin at dev03.eng.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:27:35 [debug] 15621#0: *5 http read client request body
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
1360
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3911592
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
1360
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3910232
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
-2
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3910232
2012/06/06 01:27:35 [debug] 15621#0: *5 http run request:
"/service/home/admin at dev03.eng.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:27:35 [debug] 15621#0: *5 http read client request body
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
1360
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3908872
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
-2
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3908872
2012/06/06 01:27:35 [debug] 15621#0: *5 http run request:
"/service/home/admin at dev03.eng.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:27:35 [debug] 15621#0: *5 http read client request body
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
1360
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3907512
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
-2
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3907512
2012/06/06 01:27:35 [debug] 15621#0: *5 http run request:
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:27:35 [debug] 15621#0: *5 http read client request body
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
1218
2012/06/06 01:27:35 [notice] 15621#0: *5 a client request body is
buffered to a temporary file
/opt/zimbra/data/tmp/nginx/client/0000000001, client: 10.112.117.117,
server: , request: "POST
/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset HTTP/1.1",
host: "dev03.test.com"
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
1502
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3904792
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
-2
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3904792
2012/06/06 01:27:35 [debug] 15621#0: *5 http run request:
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:27:35 [debug] 15621#0: *5 http read client request body
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
1360
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3903432
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body recv
-2
2012/06/06 01:27:35 [debug] 15621#0: *5 http client request body rest
3903432
2012/06/06 01:27:35 [debug] 15621#0: *5 http run request:
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
... ... ... <-- tens of similar log entries
2012/06/06 01:27:37 [debug] 15621#0: *5 http read client request body
2012/06/06 01:27:37 [debug] 15621#0: *5 http client request body recv
1360
2012/06/06 01:27:37 [debug] 15621#0: *5 http client request body rest
1528
2012/06/06 01:27:37 [debug] 15621#0: *5 http client request body recv
-2
2012/06/06 01:27:37 [debug] 15621#0: *5 http client request body rest
1528
2012/06/06 01:27:37 [debug] 15621#0: *5 http run request:
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:27:37 [debug] 15621#0: *5 http read client request body
2012/06/06 01:27:37 [debug] 15621#0: *5 http client request body recv
1528
2012/06/06 01:27:37 [debug] 15621#0: *5 http client request body rest 0
2012/06/06 01:27:37 [debug] 15621#0: *5 http init upstream, client
timer: 0
2012/06/06 01:27:37 [debug] 15621#0: *5 http script copy:
"X-Forwarded-For: "
2012/06/06 01:27:37 [debug] 15621#0: *5 http script var:
"10.112.117.117"
2012/06/06 01:27:37 [debug] 15621#0: *5 http script copy: "

"
2012/06/06 01:27:37 [debug] 15621#0: *5 http script copy: "Host: "
2012/06/06 01:27:37 [debug] 15621#0: *5 http script var:
"dev03.test.com"
2012/06/06 01:27:37 [debug] 15621#0: *5 http script copy: "

"
2012/06/06 01:27:37 [debug] 15621#0: *5 http script copy: "Connection:
close

"
2012/06/06 01:27:37 [debug] 15621#0: *5 http proxy header:
"Authorization: Basic
YWRtaW5Aem0tZGV2MDMuZW5nLnZtd2FyZS5jb206dGVzdDEyMw=="
2012/06/06 01:27:37 [debug] 15621#0: *5 http proxy header: "User-Agent:
curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0 OpenSSL/1.0.1
zlib/1.2.3.4 libidn/1.23 librtmp/2.3"
2012/06/06 01:27:37 [debug] 15621#0: *5 http proxy header: "Accept:
*/*"
2012/06/06 01:27:37 [debug] 15621#0: *5 http proxy header:
"Content-Length: 3914486"
2012/06/06 01:27:37 [debug] 15621#0: *5 http proxy header:
"Content-Type: multipart/form-data;
boundary=----------------------------f9dbdf4f72b4"
2012/06/06 01:27:37 [debug] 15621#0: *5 http proxy header:
"POST /service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset
HTTP/1.0

X-Forwarded-For: 10.112.117.117

Host: dev03.test.com

Connection: close

Authorization: Basic
YWRtaW5Aem0tZGV2MDMuZW5nLnZtd2FyZS5jb206dGVzdDEyMw==

User-Agent: curl/7.22.0 (x86_64-pc-linux-gnu) libcurl/7.22.0
OpenSSL/1.0.1 zlib/1.2.3.4 libidn/1.23 librtmp/2.3

Accept: */*

Content-Length: 3914486

Content-Type: multipart/form-data;
boundary=----------------------------f9dbdf4f72b4



"
2012/06/06 01:27:37 [debug] 15621#0: *5 http cleanup add:
0000000001D28F58
2012/06/06 01:27:37 [debug] 15621#0: *5 zmauth: prepare route for proxy
... ..<-- choose the upstream route
2012/06/06 01:27:37 [debug] 15621#0: *5 zmauth: prepare upstream
connection, try: 1
2012/06/06 01:27:37 [debug] 15621#0: *5 http upstream connect: -2
2012/06/06 01:27:37 [debug] 15621#0: *5 http upstream request:
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:27:37 [debug] 15621#0: *5 http upstream send request
handler
2012/06/06 01:27:37 [debug] 15621#0: *5 http upstream send request
2012/06/06 01:27:37 [debug] 15621#0: *5 http upstream request:
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:27:37 [debug] 15621#0: *5 http upstream send request
handler
2012/06/06 01:27:37 [debug] 15621#0: *5 http upstream send request
2012/06/06 01:27:40 [debug] 15621#0: *5 http upstream request:
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:27:40 [debug] 15621#0: *5 http upstream send request
handler
2012/06/06 01:27:40 [debug] 15621#0: *5 http upstream send request
2012/06/06 01:27:44 [debug] 15621#0: *5 http upstream request:
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
... ... <--- tens of similar log entires
2012/06/06 01:28:19 [debug] 15621#0: *5 http upstream send request
handler
2012/06/06 01:28:19 [debug] 15621#0: *5 http upstream send request
2012/06/06 01:28:22 [debug] 15621#0: *5 http upstream request:
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:28:22 [debug] 15621#0: *5 http upstream send request
handler
2012/06/06 01:28:22 [debug] 15621#0: *5 http upstream send request
2012/06/06 01:28:22 [debug] 15621#0: *5 http upstream request:
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:28:22 [debug] 15621#0: *5 http upstream process header
2012/06/06 01:28:22 [debug] 15621#0: *5 http proxy status 200 "200 OK"
2012/06/06 01:28:22 [debug] 15621#0: *5 http proxy header: "Date: Tue,
05 Jun 2012 17:27:37 GMT"
2012/06/06 01:28:22 [debug] 15621#0: *5 http proxy header:
"Content-Type: text/html; charset=utf-8"
2012/06/06 01:28:22 [debug] 15621#0: *5 http proxy header: "Connection:
close"
2012/06/06 01:28:22 [debug] 15621#0: *5 http proxy header done
2012/06/06 01:28:22 [debug] 15621#0: *5 HTTP/1.1 200 OK

Server: nginx

Date: Tue, 05 Jun 2012 17:28:22 GMT

Content-Type: text/html; charset=utf-8

Transfer-Encoding: chunked

Connection: keep-alive


2012/06/06 01:28:22 [debug] 15621#0: *5 http write filter: l:0 f:0
s:163
2012/06/06 01:28:22 [debug] 15621#0: *5 http cacheable: 0
2012/06/06 01:28:22 [debug] 15621#0: *5 http upstream process upstream
2012/06/06 01:28:23 [debug] 15621#0: *5 http upstream request:
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:28:23 [debug] 15621#0: *5 http upstream send request
handler
2012/06/06 01:28:57 [debug] 15621#0: *5 http upstream request:
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:28:57 [debug] 15621#0: *5 http upstream process upstream
2012/06/06 01:28:57 [debug] 15621#0: *5 http output filter
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:28:57 [debug] 15621#0: *5 http copy filter:
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:28:57 [debug] 15621#0: *5 http postpone filter
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
0000000001D2A388
2012/06/06 01:28:57 [debug] 15621#0: *5 http chunk: 22
2012/06/06 01:28:57 [debug] 15621#0: *5 http write filter: l:0 f:0
s:191
2012/06/06 01:28:57 [debug] 15621#0: *5 http copy filter: 0
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:28:57 [debug] 15621#0: *5 http upstream exit:
0000000000000000
2012/06/06 01:28:57 [debug] 15621#0: *5 finalize http upstream request:
0
2012/06/06 01:28:57 [debug] 15621#0: *5 finalize http proxy request
2012/06/06 01:28:57 [debug] 15621#0: *5 free rr peer 1 0
2012/06/06 01:28:57 [debug] 15621#0: *5 close http upstream connection:
20
2012/06/06 01:28:57 [debug] 15621#0: *5 http upstream temp fd: -1
2012/06/06 01:28:57 [debug] 15621#0: *5 http output filter
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:28:57 [debug] 15621#0: *5 http copy filter:
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:28:57 [debug] 15621#0: *5 http postpone filter
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
00007FFF51B162A0
2012/06/06 01:28:57 [debug] 15621#0: *5 http chunk: 0
2012/06/06 01:28:57 [debug] 15621#0: *5 http write filter: l:1 f:0
s:196
2012/06/06 01:28:57 [debug] 15621#0: *5 http write filter limit 0
2012/06/06 01:28:57 [debug] 15621#0: *5 http write filter
0000000000000000
2012/06/06 01:28:57 [debug] 15621#0: *5 http copy filter: 0
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
2012/06/06 01:28:57 [debug] 15621#0: *5 http finalize request: 0,
"/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset" a:1, c:1
2012/06/06 01:28:57 [debug] 15621#0: *5 set http keepalive handler
2012/06/06 01:28:57 [debug] 15621#0: *5 http close request
2012/06/06 01:28:57 [debug] 15621#0: *5 http log handler
2012/06/06 01:28:57 [debug] 15621#0: *5 hc free: 0000000000000000 0
2012/06/06 01:28:57 [debug] 15621#0: *5 hc busy: 0000000000000000 0
2012/06/06 01:28:57 [debug] 15621#0: *5 tcp_nodelay
2012/06/06 01:28:57 [debug] 15621#0: *5 http keepalive handler
2012/06/06 01:28:57 [debug] 15621#0: *5 http keepalive handler
2012/06/06 01:28:57 [info] 15621#0: *5 client 10.112.117.117 closed
keepalive connection
2012/06/06 01:28:57 [debug] 15621#0: *5 close http connection: 14

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227175,227182#msg-227182


From mdounin at mdounin.ru  Tue Jun  5 10:47:51 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 5 Jun 2012 14:47:51 +0400
Subject: Can't upload big files via nginx as reverse proxy
In-Reply-To: <4cd2ded1222dfbb80b803d6cb9d3f801.NginxMailingListEnglish@forum.nginx.org>
References: <20120605075416.GS31671@mdounin.ru>
	<f93a853ec38eea2cec706aa22af2aaa8.NginxMailingListEnglish@forum.nginx.org>
	<4cd2ded1222dfbb80b803d6cb9d3f801.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120605104751.GT31671@mdounin.ru>

Hello!

On Tue, Jun 05, 2012 at 06:08:30AM -0400, speedfirst wrote:

[...]

> 2012/06/06 01:27:37 [debug] 15621#0: *5 http read client request body
> 2012/06/06 01:27:37 [debug] 15621#0: *5 http client request body recv
> 1528
> 2012/06/06 01:27:37 [debug] 15621#0: *5 http client request body rest 0

Ok, so the request body is read from a client without any problems.

[...]

> 2012/06/06 01:27:37 [debug] 15621#0: *5 zmauth: prepare route for proxy
> ... ..<-- choose the upstream route
> 2012/06/06 01:27:37 [debug] 15621#0: *5 zmauth: prepare upstream
> connection, try: 1

Are you able to reproduce the problem without 3rd party 
modules/patches?  (Unlikely it's related in this particular case, 
but just to make sure.)

> 2012/06/06 01:27:37 [debug] 15621#0: *5 http upstream connect: -2
> 2012/06/06 01:27:37 [debug] 15621#0: *5 http upstream request:
> "/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
> 2012/06/06 01:27:37 [debug] 15621#0: *5 http upstream send request
> handler
> 2012/06/06 01:27:37 [debug] 15621#0: *5 http upstream send request
> 2012/06/06 01:27:37 [debug] 15621#0: *5 http upstream request:
> "/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
> 2012/06/06 01:27:37 [debug] 15621#0: *5 http upstream send request
> handler
> 2012/06/06 01:27:37 [debug] 15621#0: *5 http upstream send request
> 2012/06/06 01:27:40 [debug] 15621#0: *5 http upstream request:
> "/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
> 2012/06/06 01:27:40 [debug] 15621#0: *5 http upstream send request
> handler
> 2012/06/06 01:27:40 [debug] 15621#0: *5 http upstream send request
> 2012/06/06 01:27:44 [debug] 15621#0: *5 http upstream request:
> "/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
> ... ... <--- tens of similar log entires

It's sad you skipped them all, and only did debug_http log.  With 
full debug log it would be clearly visible sending request goes on 
(i.e. how many bytes are sent).

> 2012/06/06 01:28:19 [debug] 15621#0: *5 http upstream send request
> handler
> 2012/06/06 01:28:19 [debug] 15621#0: *5 http upstream send request
> 2012/06/06 01:28:22 [debug] 15621#0: *5 http upstream request:
> "/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
> 2012/06/06 01:28:22 [debug] 15621#0: *5 http upstream send request
> handler
> 2012/06/06 01:28:22 [debug] 15621#0: *5 http upstream send request
> 2012/06/06 01:28:22 [debug] 15621#0: *5 http upstream request:
> "/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
> 2012/06/06 01:28:22 [debug] 15621#0: *5 http upstream process header
> 2012/06/06 01:28:22 [debug] 15621#0: *5 http proxy status 200 "200 OK"

On the other hand, it looks like sending of the request is still 
in progress, and upstream server replies before the request was 
completely sent.  It might indicate it just doesn't wait long 
enough, and the problem is in the backend (and slow connectivity 
to the backend).

I don't see any pause in request sending you've claimed in your 
initial message.

(and see below)

> 2012/06/06 01:28:22 [debug] 15621#0: *5 http proxy header: "Date: Tue,
> 05 Jun 2012 17:27:37 GMT"
> 2012/06/06 01:28:22 [debug] 15621#0: *5 http proxy header:
> "Content-Type: text/html; charset=utf-8"
> 2012/06/06 01:28:22 [debug] 15621#0: *5 http proxy header: "Connection:
> close"
> 2012/06/06 01:28:22 [debug] 15621#0: *5 http proxy header done
> 2012/06/06 01:28:22 [debug] 15621#0: *5 HTTP/1.1 200 OK
> 
> Server: nginx
> 
> Date: Tue, 05 Jun 2012 17:28:22 GMT
> 
> Content-Type: text/html; charset=utf-8
> 
> Transfer-Encoding: chunked
> 
> Connection: keep-alive
> 
> 
> 2012/06/06 01:28:22 [debug] 15621#0: *5 http write filter: l:0 f:0
> s:163
> 2012/06/06 01:28:22 [debug] 15621#0: *5 http cacheable: 0
> 2012/06/06 01:28:22 [debug] 15621#0: *5 http upstream process upstream
> 2012/06/06 01:28:23 [debug] 15621#0: *5 http upstream request:
> "/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"
> 2012/06/06 01:28:23 [debug] 15621#0: *5 http upstream send request
> handler
> 2012/06/06 01:28:57 [debug] 15621#0: *5 http upstream request:
> "/service/home/admin at dev03.test.com/?fmt=tgz&resolve=reset"

On the other hand, here is ~ 30s pause you've probably talked 
about.  It might indicate that upstream tries to send headers 
before "receiving and interpreting a request message" (as per HTTP 
RFC2616 it should do it "after"), which confuses nginx and makes 
it to think further body bytes aren't needed.

You may want to dig further into what goes on on the backend to 
understand the real problem.

Maxim Dounin


From nginx-forum at nginx.us  Tue Jun  5 11:26:49 2012
From: nginx-forum at nginx.us (speedfirst)
Date: Tue, 5 Jun 2012 07:26:49 -0400 (EDT)
Subject: Can't upload big files via nginx as reverse proxy
In-Reply-To: <20120605104751.GT31671@mdounin.ru>
References: <20120605104751.GT31671@mdounin.ru>
Message-ID: <7e4b3f5fba2e91657ed3d6677632fc7c.NginxMailingListEnglish@forum.nginx.org>

>On the other hand, it looks like sending of the request is still
>in progress, and upstream server replies before the request was
>completely sent. It might indicate it just doesn't wait long
>enough, and the problem is in the backend (and slow connectivity
>to the backend).

>I don't see any pause in request sending you've claimed in your
>initial message.

>On the other hand, here is ~ 30s pause you've probably talked
>about. It might indicate that upstream tries to send headers
>before "receiving and interpreting a request message" (as per HTTP
>RFC2616 it should do it "after"), which confuses nginx and makes
>it to think further body bytes aren't needed.

>understand the real problem.


Yes, I agree and also notice where the real problem is. I just created a
fake backend (which simply receives the uploaded data and writes into
disk), nginx correctly pass all the data to it.

Let me hack the backend code to see what's wrong. Will update if I found
something new.

Thanks for your inspired comments :)

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227175,227190#msg-227190


From nginx-forum at nginx.us  Tue Jun  5 12:43:44 2012
From: nginx-forum at nginx.us (colorando)
Date: Tue, 5 Jun 2012 08:43:44 -0400 (EDT)
Subject: Setting up nginx as Visual Studio 2010 project
Message-ID: <1979d5146e9ab6c19013841c788b3bb1.NginxMailingListEnglish@forum.nginx.org>

Hi!

I'd like to make a Visual Studio project from the nginx source and then
build it. Has anyone already done this experience and can tell me how to
start?

Thanks!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227198,227198#msg-227198


From mdounin at mdounin.ru  Tue Jun  5 14:30:50 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 5 Jun 2012 18:30:50 +0400
Subject: nginx-1.3.1
Message-ID: <20120605143050.GW31671@mdounin.ru>

Changes with nginx 1.3.1                                         05 Jun 2012

    *) Security: now nginx/Windows ignores trailing dot in URI path
       component, and does not allow URIs with ":$" in it.
       Thanks to Vladimir Kochetkov, Positive Research Center.

    *) Feature: the "proxy_pass", "fastcgi_pass", "scgi_pass", "uwsgi_pass"
       directives, and the "server" directive inside the "upstream" block,
       now support IPv6 addresses.

    *) Feature: the "resolver" directive now support IPv6 addresses and an
       optional port specification.

    *) Feature: the "least_conn" directive inside the "upstream" block.

    *) Feature: it is now possible to specify a weight for servers while
       using the "ip_hash" directive.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "image_filter" directive was used; the bug had appeared in 1.3.0.

    *) Bugfix: nginx could not be built with ngx_cpp_test_module; the bug
       had appeared in 1.1.12.

    *) Bugfix: access to variables from SSI and embedded perl module might
       not work after reconfiguration.
       Thanks to Yichun Zhang.

    *) Bugfix: in the ngx_http_xslt_filter_module.
       Thanks to Kuramoto Eiji.

    *) Bugfix: memory leak if $geoip_org variable was used.
       Thanks to Denis F. Latypoff.

    *) Bugfix: in the "proxy_cookie_domain" and "proxy_cookie_path"
       directives.


Maxim Dounin


From mdounin at mdounin.ru  Tue Jun  5 14:31:21 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 5 Jun 2012 18:31:21 +0400
Subject: nginx-1.2.1
Message-ID: <20120605143121.GA31671@mdounin.ru>

Changes with nginx 1.2.1                                         05 Jun 2012

    *) Security: now nginx/Windows ignores trailing dot in URI path
       component, and does not allow URIs with ":$" in it.
       Thanks to Vladimir Kochetkov, Positive Research Center.

    *) Feature: the "debug_connection" directive now supports IPv6 addresses
       and the "unix:" parameter.

    *) Feature: the "set_real_ip_from" directive and the "proxy" parameter
       of the "geo" directive now support IPv6 addresses.

    *) Feature: the "real_ip_recursive", "geoip_proxy", and
       "geoip_proxy_recursive" directives.

    *) Feature: the "proxy_recursive" parameter of the "geo" directive.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "resolver" directive was used.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "fastcgi_pass", "scgi_pass", or "uwsgi_pass" directives were used and
       backend returned incorrect response.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "rewrite" directive was used and new request arguments in a
       replacement used variables.

    *) Bugfix: nginx might hog CPU if the open file resource limit was
       reached.

    *) Bugfix: nginx might loop infinitely over backends if the
       "proxy_next_upstream" directive with the "http_404" parameter was
       used and there were backup servers specified in an upstream block.

    *) Bugfix: adding the "down" parameter of the "server" directive might
       cause unneeded client redistribution among backend servers if the
       "ip_hash" directive was used.

    *) Bugfix: socket leak.
       Thanks to Yichun Zhang.

    *) Bugfix: in the ngx_http_fastcgi_module.


Maxim Dounin


From mdounin at mdounin.ru  Tue Jun  5 14:31:59 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 5 Jun 2012 18:31:59 +0400
Subject: security advisory
Message-ID: <20120605143159.GE31671@mdounin.ru>

Hello!

Vladimir Kochetkov, Positive Research Center, discovered a 
security problem in nginx/Windows, which might allow security 
restrictions bypass (CVE-2011-4963).

There are many ways to access the same file when working under 
Windows, and nginx failed to account for all of them.  As a 
result, it was possible to bypass security restrictions like

    location /directory/ {
        deny all;
    }

by requesting a file as "/directory::$index_allocation/file", or 
"/directory:$i30:$index_allocation/file", or "/directory./file". 

The problem is fixed in nginx/Windows 1.3.1, 1.2.1.

For older versions the following configuration can be used as a 
workaround:

    location ~ "(\./|:\$)" {
        deny all;
    }

Maxim Dounin


From reallfqq-nginx at yahoo.fr  Tue Jun  5 15:37:43 2012
From: reallfqq-nginx at yahoo.fr (B.R.)
Date: Tue, 5 Jun 2012 11:37:43 -0400
Subject: Upgrade From Fedora 15 to 17: nginx Doesn't Work
In-Reply-To: <CABxOBbR8bSu+LuO57xqev5Zudi+DfpD3o6bTU4PodA3RF+eYvA@mail.gmail.com>
References: <20120605011606.192860@gmx.net>
	<d1b0aeba132b027999fab49b4bf5e3dc.NginxMailingListEnglish@forum.nginx.org>
	<CABxOBbR8bSu+LuO57xqev5Zudi+DfpD3o6bTU4PodA3RF+eYvA@mail.gmail.com>
Message-ID: <CALqce=3r4zYC=_zhwxKpnWp+YSScfh+c23tfHFtc+0acm2TX6A@mail.gmail.com>

Hello,

> @BR: Thanks for not being as bad as steve.
'As bad'? I was really trying to help. To my opinion, it's always better to
have the least outdated version, so 1.0.15 is way better than 1.0.5.
If I appeared arrogant to you, well, nvm...

> Calling people names is certainly *not* a good way to get people to help
you.
I totally agree. I won't lose anymore time on your case.
---
*B. R.*


On Mon, Jun 4, 2012 at 10:08 PM, Jim Ohlstein <jim at ohlste.in> wrote:

> On Jun 4, 2012 9:45 PM, "ptiseo" <nginx-forum at nginx.us> wrote:
> >
> > @steve: nginx seems to attract the hostile and malpadapted? I've seen
> > more arrogant a**es in this forum than most other places. You guys need
> > to relax; it's just software. No need for you to go nuts like that. It
> > just shows badly on you.
>
> Hardly the case. This is a pretty well mannered mailing list compared to
> some to which I subscribe.
>
> But, to be constructive, please do not top post. It's very confusing when
> trying to follow a threaded discussion.
>
> So, please answer the question asked -do you have an entry in your
> nginx.conf for "worker_rlimit_nofile"?
>
> Posting your full nginx.conf might help.
>
> >
> > The reason I restore from backup is because I needed that proxy online
> > for development. And, I have used Linux for a while that can be counted
> > in more than months. Do you know what they say about "assume"?
> >
> > I did Google. I saw that worked for some and not for others. I tried it,
> > it didn't work for me. My file-max setting was already some 200K.
>
> To which settings(s) are you referring?
>
> >
> > So, let me ask this, why would I need to increase open file limit
> > anyways? This is a low traffic proxy.
>
> Maybe an issue with how you've configured *your* system which has nothing
> to do with nginx? Not to be one of those hostile, maladaped, arrogant
> people to whom you referred, but this isn't a Fedora mailing list. Perhaps
> you can find help there in determining what process(es) is/are using all of
> those file descriptors.  Maybe one of them will hold your hand and not hurt
> your feelings in the process. Calling people names is certainly *not* a
> good way to get people to help you.
>
> >
> > @BR: Thanks for not being as bad as steve. I did notice that Fedora does
> > not have an up-to-date package. For now, I will stay with the backup and
> > spin up another virtual machine to see if I can test further.
> >
> > If anyone has any other ideas than the first 20 Google hits, I'd love to
> > hear of them. Thx.
> >
>
> Jim Ohlstein
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120605/71b970e1/attachment.html>

From manens at grossac.org  Tue Jun  5 16:04:02 2012
From: manens at grossac.org (Florent Manens)
Date: Tue, 5 Jun 2012 18:04:02 +0200 (CEST)
Subject: Client Certificate verification for mail
In-Reply-To: <471353081.15980.1338911623663.JavaMail.root@grossac.org>
Message-ID: <60240686.15988.1338912242553.JavaMail.root@grossac.org>



Hi NGINX team, 


I can read here : 
http://mailman.nginx.org/pipermail/nginx/2007-March/000825.html 


and in this thread : 
http://mailman.nginx.org/pipermail/nginx-ru/2009-July/026304.html 


that the client certificate verification is not supported by NGINX (and that there is no RFE for it). 


We want to implement client certificate verification for IMAP and POP connection and we plan to rely on NGINX for scalability. 


I think that it is possible to implement client certificate verification in NGINX but I still need to know : 
* if it is a trivial task 
* if I can do it only with addons 
* why it isn't already in NGINX core ? 


I will apreciate if someone can give me directions on that subject. 


Best regards, 


Florent 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120605/2dba7d80/attachment.html>

From mdounin at mdounin.ru  Tue Jun  5 16:12:48 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 5 Jun 2012 20:12:48 +0400
Subject: Client Certificate verification for mail
In-Reply-To: <60240686.15988.1338912242553.JavaMail.root@grossac.org>
References: <471353081.15980.1338911623663.JavaMail.root@grossac.org>
	<60240686.15988.1338912242553.JavaMail.root@grossac.org>
Message-ID: <20120605161248.GK31671@mdounin.ru>

Hello!

On Tue, Jun 05, 2012 at 06:04:02PM +0200, Florent Manens wrote:

> 
> 
> Hi NGINX team, 
> 
> 
> I can read here : 
> http://mailman.nginx.org/pipermail/nginx/2007-March/000825.html 
> 
> 
> and in this thread : 
> http://mailman.nginx.org/pipermail/nginx-ru/2009-July/026304.html 
> 
> 
> that the client certificate verification is not supported by NGINX (and that there is no RFE for it). 
> 
> 
> We want to implement client certificate verification for IMAP and POP connection and we plan to rely on NGINX for scalability. 
> 
> 
> I think that it is possible to implement client certificate verification in NGINX but I still need to know : 
> * if it is a trivial task 

More or less.

> * if I can do it only with addons 

No.

> * why it isn't already in NGINX core ? 

The second link (or, rather, Igor's reply to it) explains the 
reason.  It's more or less useless for large scale installations 
where nginx mail proxy is generally used.

Maxim Dounin


From tdgh2323 at hotmail.com  Tue Jun  5 17:01:34 2012
From: tdgh2323 at hotmail.com (Joseph Cabezas)
Date: Tue, 5 Jun 2012 17:01:34 +0000
Subject: client_max_body_size for a location  {} ? Possible?
Message-ID: <BLU144-W211A568534CCDB0B8F9F82D00C0@phx.gbl>



Is it possible to specify a client_max_body_size and  client_body_buffer_size specifically for a location? If so how?


I need to allow higher buffers for a section that hosts an application.

Thanks

Joseph
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120605/77cbdbed/attachment-0001.html>

From tdgh2323 at hotmail.com  Tue Jun  5 17:26:09 2012
From: tdgh2323 at hotmail.com (Joseph Cabezas)
Date: Tue, 5 Jun 2012 17:26:09 +0000
Subject: Graph nginx by error codes and requests per second? Cacti? or some
	other?
Message-ID: <BLU144-W34DA1F4521F4904FFAC260D00C0@phx.gbl>


Does anybody have a monitoring system in place by nginx error code... 500, 200, 404, 444.... and did you do this with cacti or php4nagios?

Regards,
Joseph
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120605/32ff0475/attachment.html>

From tdgh2323 at hotmail.com  Tue Jun  5 17:31:25 2012
From: tdgh2323 at hotmail.com (Joseph Cabezas)
Date: Tue, 5 Jun 2012 17:31:25 +0000
Subject: client_max_body_size for a location  {} ? Possible?
In-Reply-To: <BLU144-W211A568534CCDB0B8F9F82D00C0@phx.gbl>
References: <BLU144-W211A568534CCDB0B8F9F82D00C0@phx.gbl>
Message-ID: <BLU144-W24D3DFC3515AB22FCBBCE6D00C0@phx.gbl>


Answering myself partially

   location /wordpress/wp-admin { client_max_body_size 1m;  }   <-- does that apply for evert sub directory  such as /wordpress/wp-admin/dir1 /wordpress/wp-admin/dir2/app.php etc


Joseph



From: tdgh2323 at hotmail.com
To: nginx at nginx.org
Subject: client_max_body_size for a location  {} ? Possible?
Date: Tue, 5 Jun 2012 17:01:34 +0000






Is it possible to specify a client_max_body_size and  client_body_buffer_size specifically for a location? If so how?


I need to allow higher buffers for a section that hosts an application.

Thanks

Joseph
 		 	   		  

_______________________________________________
nginx mailing list
nginx at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120605/9992fdd7/attachment.html>

From jim at ohlste.in  Tue Jun  5 17:57:17 2012
From: jim at ohlste.in (Jim Ohlstein)
Date: Tue, 05 Jun 2012 13:57:17 -0400
Subject: Netflix Open Connect Appliance Software
Message-ID: <4FCE487D.2090903@ohlste.in>

This is a cross posting from freebsd-stable. I thought it worth giving
Igor et al a shout out:

>From https://signup.netflix.com/openconnect/software :


Open Source Software


Open Connect Appliance Software

Netflix delivers streaming content using a combination of intelligent
clients, a central control system, and a network of Open Connect appliances.

When designing the Open Connect Appliance Software, we focused on these
fundamental design goals:

Use of Open Source software

Ability to efficiently read from disk and write to network sockets

High-performance HTTP delivery

Ability to gather routing information via BGP


Operating System

For the operating system, we use FreeBSD version 9.0. This was selected
for its balance of stability and features, a strong development
community and staff expertise. We will contribute changes we make as
part of our project to the community through the FreeBSD committers on
our team.


Web server

We use the nginx web server for its proven scalability and performance.
Netflix audio and video is served via HTTP.


Routing intelligence proxy

We use the BIRD Internet routing daemon to enable the transfer of
network topology from ISP networks to the Netflix control system that
directs clients to sources of content.


Acknowledgements

We would would like to express our thanks to the FreeBSD community, the
nginx community, and Ondrej and the BIRD team for providing excellent
open source software. We also work directly with Igor, Maxim, Andrew,
Sergey, Ruslan and the rest of the team at nginx.com, who provide superb
development support for our project.



Questions

Contact the Open Connect team at openconnectappliance at netflix.com.

If you are interested in joining the Content Delivery or another team at
Netflix, apply at www.netflix.com/jobs

-- 
Jim Ohlstein


From kworthington at gmail.com  Tue Jun  5 18:14:57 2012
From: kworthington at gmail.com (Kevin Worthington)
Date: Tue, 5 Jun 2012 14:14:57 -0400
Subject: nginx-1.3.1
In-Reply-To: <20120605143050.GW31671@mdounin.ru>
References: <20120605143050.GW31671@mdounin.ru>
Message-ID: <CAGo79UVb120-=hm=D9JYU8y=zDRBjn6yHup4fsFf4kceHTbpcA@mail.gmail.com>

Hello Nginx Users,

Now available: Nginx 1.3.1 For Windows http://goo.gl/Xvccu (32-bit and
64-bit versions)

These versions are to support legacy users who are already using
Cygwin based builds of Nginx. Officially supported native Windows
binaries are at nginx.org.

Thank you,
Kevin
--
Kevin Worthington
kworthington *@* (gmail]  [dot} {com)
http://kevinworthington.com/
http://twitter.com/kworthington


On Tue, Jun 5, 2012 at 10:30 AM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> Changes with nginx 1.3.1 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 05 Jun 2012
>
> ? ?*) Security: now nginx/Windows ignores trailing dot in URI path
> ? ? ? component, and does not allow URIs with ":$" in it.
> ? ? ? Thanks to Vladimir Kochetkov, Positive Research Center.
>
> ? ?*) Feature: the "proxy_pass", "fastcgi_pass", "scgi_pass", "uwsgi_pass"
> ? ? ? directives, and the "server" directive inside the "upstream" block,
> ? ? ? now support IPv6 addresses.
>
> ? ?*) Feature: the "resolver" directive now support IPv6 addresses and an
> ? ? ? optional port specification.
>
> ? ?*) Feature: the "least_conn" directive inside the "upstream" block.
>
> ? ?*) Feature: it is now possible to specify a weight for servers while
> ? ? ? using the "ip_hash" directive.
>
> ? ?*) Bugfix: a segmentation fault might occur in a worker process if the
> ? ? ? "image_filter" directive was used; the bug had appeared in 1.3.0.
>
> ? ?*) Bugfix: nginx could not be built with ngx_cpp_test_module; the bug
> ? ? ? had appeared in 1.1.12.
>
> ? ?*) Bugfix: access to variables from SSI and embedded perl module might
> ? ? ? not work after reconfiguration.
> ? ? ? Thanks to Yichun Zhang.
>
> ? ?*) Bugfix: in the ngx_http_xslt_filter_module.
> ? ? ? Thanks to Kuramoto Eiji.
>
> ? ?*) Bugfix: memory leak if $geoip_org variable was used.
> ? ? ? Thanks to Denis F. Latypoff.
>
> ? ?*) Bugfix: in the "proxy_cookie_domain" and "proxy_cookie_path"
> ? ? ? directives.
>
>
> Maxim Dounin
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From matthieu.tourne at gmail.com  Tue Jun  5 18:26:51 2012
From: matthieu.tourne at gmail.com (Matthieu Tourne)
Date: Tue, 5 Jun 2012 11:26:51 -0700
Subject: Graph nginx by error codes and requests per second? Cacti? or
	some other?
In-Reply-To: <BLU144-W34DA1F4521F4904FFAC260D00C0@phx.gbl>
References: <BLU144-W34DA1F4521F4904FFAC260D00C0@phx.gbl>
Message-ID: <CAAGYmFfq=GaSkOvrBwFK_w=LQeZN=tiBpFU1jwAmqnpfnP7iuA@mail.gmail.com>

On Tue, Jun 5, 2012 at 10:26 AM, Joseph Cabezas <tdgh2323 at hotmail.com> wrote:
> Does anybody have a monitoring system in place by nginx error code... 500,
> 200, 404, 444.... and did you do this with cacti or php4nagios?
>

Hi,

You can take a look at the nginx-lua module (on the logby branch) :
https://github.com/chaoslawful/lua-nginx-module/tree/logby

There is an example in the README :
https://github.com/chaoslawful/lua-nginx-module/blob/logby/README
Look for log_by_lua, and log_by_lua_file.

You can use it to aggregate values, and use another location to report
aggregated data (using content_by_lua) and feed it in your own system.

We use OpenTSDB (http://opentsdb.net/) to keep aggregating data in time series.

Hope that helps,

Matthieu.


From kworthington at gmail.com  Tue Jun  5 18:34:24 2012
From: kworthington at gmail.com (Kevin Worthington)
Date: Tue, 5 Jun 2012 14:34:24 -0400
Subject: nginx-1.2.1
In-Reply-To: <20120605143121.GA31671@mdounin.ru>
References: <20120605143121.GA31671@mdounin.ru>
Message-ID: <CAGo79UURicXXtCZOTSYJ7kiUkH81wJ6qf9JEgwhh=-BBDZXTAA@mail.gmail.com>

Hello Nginx Users,

Now available: Nginx 1.2.1 For Windows http://goo.gl/QlrVs (32-bit and
64-bit versions)

These versions are to support legacy users who are already using
Cygwin based builds of Nginx. Officially supported native Windows
binaries are at nginx.org.

Thank you,
Kevin
--
Kevin Worthington
kworthington *@* (gmail]  [dot} {com)
http://kevinworthington.com/
http://twitter.com/kworthington


On Tue, Jun 5, 2012 at 10:31 AM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> Changes with nginx 1.2.1 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 05 Jun 2012
>
> ? ?*) Security: now nginx/Windows ignores trailing dot in URI path
> ? ? ? component, and does not allow URIs with ":$" in it.
> ? ? ? Thanks to Vladimir Kochetkov, Positive Research Center.
>
> ? ?*) Feature: the "debug_connection" directive now supports IPv6 addresses
> ? ? ? and the "unix:" parameter.
>
> ? ?*) Feature: the "set_real_ip_from" directive and the "proxy" parameter
> ? ? ? of the "geo" directive now support IPv6 addresses.
>
> ? ?*) Feature: the "real_ip_recursive", "geoip_proxy", and
> ? ? ? "geoip_proxy_recursive" directives.
>
> ? ?*) Feature: the "proxy_recursive" parameter of the "geo" directive.
>
> ? ?*) Bugfix: a segmentation fault might occur in a worker process if the
> ? ? ? "resolver" directive was used.
>
> ? ?*) Bugfix: a segmentation fault might occur in a worker process if the
> ? ? ? "fastcgi_pass", "scgi_pass", or "uwsgi_pass" directives were used and
> ? ? ? backend returned incorrect response.
>
> ? ?*) Bugfix: a segmentation fault might occur in a worker process if the
> ? ? ? "rewrite" directive was used and new request arguments in a
> ? ? ? replacement used variables.
>
> ? ?*) Bugfix: nginx might hog CPU if the open file resource limit was
> ? ? ? reached.
>
> ? ?*) Bugfix: nginx might loop infinitely over backends if the
> ? ? ? "proxy_next_upstream" directive with the "http_404" parameter was
> ? ? ? used and there were backup servers specified in an upstream block.
>
> ? ?*) Bugfix: adding the "down" parameter of the "server" directive might
> ? ? ? cause unneeded client redistribution among backend servers if the
> ? ? ? "ip_hash" directive was used.
>
> ? ?*) Bugfix: socket leak.
> ? ? ? Thanks to Yichun Zhang.
>
> ? ?*) Bugfix: in the ngx_http_fastcgi_module.
>
>
> Maxim Dounin
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From mdounin at mdounin.ru  Tue Jun  5 18:40:55 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 5 Jun 2012 22:40:55 +0400
Subject: client_max_body_size for a location  {} ? Possible?
In-Reply-To: <BLU144-W24D3DFC3515AB22FCBBCE6D00C0@phx.gbl>
References: <BLU144-W211A568534CCDB0B8F9F82D00C0@phx.gbl>
	<BLU144-W24D3DFC3515AB22FCBBCE6D00C0@phx.gbl>
Message-ID: <20120605184055.GP31671@mdounin.ru>

Hello!

On Tue, Jun 05, 2012 at 05:31:25PM +0000, Joseph Cabezas wrote:

> 
> Answering myself partially
> 
>    location /wordpress/wp-admin { client_max_body_size 1m;  }   <-- does that apply for evert sub directory  such as /wordpress/wp-admin/dir1 /wordpress/wp-admin/dir2/app.php etc

See here for details explanation on how locations work:

http://nginx.org/r/location

And here for an answer to your original question:

http://nginx.org/r/client_max_body_size
http://nginx.org/r/client_body_buffer_size

The "context" in the directive description gives a list of places 
where the directive is allowed.

Maxim Dounin


From tdgh2323 at hotmail.com  Tue Jun  5 19:32:36 2012
From: tdgh2323 at hotmail.com (Joseph Cabezas)
Date: Tue, 5 Jun 2012 19:32:36 +0000
Subject: client_max_body_size for a location  {} ? Possible?
In-Reply-To: <20120605184055.GP31671@mdounin.ru>
References: <BLU144-W211A568534CCDB0B8F9F82D00C0@phx.gbl>,
	<BLU144-W24D3DFC3515AB22FCBBCE6D00C0@phx.gbl>,
	<20120605184055.GP31671@mdounin.ru>
Message-ID: <BLU144-W28D1B48D95804516A1BCF1D00C0@phx.gbl>


Hello Matt,

Thank you very much.  Is there anyway to match this location ONLY for a specific IP?

        location /wordpress {         
                          client_body_buffer_size 1M;
                              client_max_body_size 2M;
                           proxy_pass http://backend1; 
                         }

In other words I only one IP 1.1.1.1 to be able to use those special buffers for that URL.. everybody else should use the buffers stated at the httpd section.


Regards,
Joseph


> Date: Tue, 5 Jun 2012 22:40:55 +0400
> From: mdounin at mdounin.ru
> To: nginx at nginx.org
> Subject: Re: client_max_body_size for a location  {} ? Possible?
> 
> Hello!
> 
> On Tue, Jun 05, 2012 at 05:31:25PM +0000, Joseph Cabezas wrote:
> 
> > 
> > Answering myself partially
> > 
> >    location /wordpress/wp-admin { client_max_body_size 1m;  }   <-- does that apply for evert sub directory  such as /wordpress/wp-admin/dir1 /wordpress/wp-admin/dir2/app.php etc
> 
> See here for details explanation on how locations work:
> 
> http://nginx.org/r/location
> 
> And here for an answer to your original question:
> 
> http://nginx.org/r/client_max_body_size
> http://nginx.org/r/client_body_buffer_size
> 
> The "context" in the directive description gives a list of places 
> where the directive is allowed.
> 
> Maxim Dounin
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120605/576c309f/attachment-0001.html>

From tdgh2323 at hotmail.com  Tue Jun  5 20:30:26 2012
From: tdgh2323 at hotmail.com (Joseph Cabezas)
Date: Tue, 5 Jun 2012 20:30:26 +0000
Subject: Anyway to limit amount of requests to no more then 20 requests per
	hour for each file?
Message-ID: <BLU144-W238151DCD0F894960D1CF9D00C0@phx.gbl>


Hello,

Iam trying to avoid a seperate location {} for each file, instead just limit the amount of reqeusts per second based on each object.

Iam sure there must be a way.

Thanks

Joseph
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120605/eee9d9a3/attachment.html>

From tdgh2323 at hotmail.com  Tue Jun  5 20:51:46 2012
From: tdgh2323 at hotmail.com (Joseph Cabezas)
Date: Tue, 5 Jun 2012 20:51:46 +0000
Subject: Graph nginx by error codes and requests per second? Cacti? or
	some other?
In-Reply-To: <CAAGYmFfq=GaSkOvrBwFK_w=LQeZN=tiBpFU1jwAmqnpfnP7iuA@mail.gmail.com>
References: <BLU144-W34DA1F4521F4904FFAC260D00C0@phx.gbl>,
	<CAAGYmFfq=GaSkOvrBwFK_w=LQeZN=tiBpFU1jwAmqnpfnP7iuA@mail.gmail.com>
Message-ID: <BLU144-W2596345877BB784EF072D9D00C0@phx.gbl>


matthieu,

Thanks! If you are using it to graph nginx by error code.. would you have any screenshot example without any sensitive data that you can share of the final outcome of this? Iam no way familiar with the things you quoted.

Anybody know an alternative?

Regards,

Joseph

> From: matthieu.tourne at gmail.com
> Date: Tue, 5 Jun 2012 11:26:51 -0700
> Subject: Re: Graph nginx by error codes and requests per second? Cacti? or	some other?
> To: nginx at nginx.org
> CC: tsunanet at gmail.com
> 
> On Tue, Jun 5, 2012 at 10:26 AM, Joseph Cabezas <tdgh2323 at hotmail.com> wrote:
> > Does anybody have a monitoring system in place by nginx error code... 500,
> > 200, 404, 444.... and did you do this with cacti or php4nagios?
> >
> 
> Hi,
> 
> You can take a look at the nginx-lua module (on the logby branch) :
> https://github.com/chaoslawful/lua-nginx-module/tree/logby
> 
> There is an example in the README :
> https://github.com/chaoslawful/lua-nginx-module/blob/logby/README
> Look for log_by_lua, and log_by_lua_file.
> 
> You can use it to aggregate values, and use another location to report
> aggregated data (using content_by_lua) and feed it in your own system.
> 
> We use OpenTSDB (http://opentsdb.net/) to keep aggregating data in time series.
> 
> Hope that helps,
> 
> Matthieu.
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120605/ca541fe1/attachment.html>

From ne at vbart.ru  Tue Jun  5 20:54:48 2012
From: ne at vbart.ru (Valentin V. Bartenev)
Date: Wed, 6 Jun 2012 00:54:48 +0400
Subject: Anyway to limit amount of requests to no more then 20 requests
	per hour for each file?
In-Reply-To: <BLU144-W238151DCD0F894960D1CF9D00C0@phx.gbl>
References: <BLU144-W238151DCD0F894960D1CF9D00C0@phx.gbl>
Message-ID: <201206060054.48407.ne@vbart.ru>

On Wednesday 06 June 2012 00:30:26 Joseph Cabezas wrote:
> Hello,
> 
> Iam trying to avoid a seperate location {} for each file, instead just
> limit the amount of reqeusts per second based on each object.
> 

If you're happy with 60 requests per hour, then you can take advantage of
the http_limit_req module.

http://nginx.org/en/docs/http/ngx_http_limit_req_module.html

  limit_req_zone $uri zone=one:32m rate=1r/m;

 wbr, Valentin V. Bartenev


From tdgh2323 at hotmail.com  Tue Jun  5 22:18:46 2012
From: tdgh2323 at hotmail.com (Joseph Cabezas)
Date: Tue, 5 Jun 2012 22:18:46 +0000
Subject: Anyway to limit amount of requests to no more then 20 requests
	per hour for each file?
In-Reply-To: <201206060054.48407.ne@vbart.ru>
References: <BLU144-W238151DCD0F894960D1CF9D00C0@phx.gbl>,
	<201206060054.48407.ne@vbart.ru>
Message-ID: <BLU144-W19184A82A5E33EC3DA1273D00C0@phx.gbl>


Great....

So all I need is that single line in the httpd section, or server section?

limit_req_zone $uri zone=one:32m rate=1r/m;

Iam thinking I need some other line to actually apply the limit such as this?

location / {  limit_req   zone=one;  proxy_pass http://backend1; }


Or something like this?


Joseph



> From: ne at vbart.ru
> To: nginx at nginx.org
> Subject: Re: Anyway to limit amount of requests to no more then 20 requests	per hour for each file?
> Date: Wed, 6 Jun 2012 00:54:48 +0400
> 
> On Wednesday 06 June 2012 00:30:26 Joseph Cabezas wrote:
> > Hello,
> > 
> > Iam trying to avoid a seperate location {} for each file, instead just
> > limit the amount of reqeusts per second based on each object.
> > 
> 
> If you're happy with 60 requests per hour, then you can take advantage of
> the http_limit_req module.
> 
> http://nginx.org/en/docs/http/ngx_http_limit_req_module.html
> 
>   limit_req_zone $uri zone=one:32m rate=1r/m;
> 
>  wbr, Valentin V. Bartenev
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120605/7495b6a4/attachment.html>

From ne at vbart.ru  Tue Jun  5 22:24:41 2012
From: ne at vbart.ru (Valentin V. Bartenev)
Date: Wed, 6 Jun 2012 02:24:41 +0400
Subject: Anyway to limit amount of requests to no more then 20 requests
	per hour for each file?
In-Reply-To: <BLU144-W19184A82A5E33EC3DA1273D00C0@phx.gbl>
References: <BLU144-W238151DCD0F894960D1CF9D00C0@phx.gbl>
	<201206060054.48407.ne@vbart.ru>
	<BLU144-W19184A82A5E33EC3DA1273D00C0@phx.gbl>
Message-ID: <201206060224.41691.ne@vbart.ru>

On Wednesday 06 June 2012 02:18:46 Joseph Cabezas wrote:
[...]
> Iam thinking I need some other line to actually apply the limit such as
> this?
> 
> location / {  limit_req   zone=one;  proxy_pass http://backend1; }
> 
> 
> Or something like this?

Yes, that's right. You also need limit_req directive in the place where do you 
want to apply the limit.

 wbr, Valentin V. Bartenev


From tdgh2323 at hotmail.com  Tue Jun  5 22:33:09 2012
From: tdgh2323 at hotmail.com (Joseph Cabezas)
Date: Tue, 5 Jun 2012 22:33:09 +0000
Subject: How to limit_req depending if the requests has a REFERER or not.
Message-ID: <BLU144-W339CCA2AF6611966EB038D00C0@phx.gbl>


I have something like this... I need to be able to apply three different 
limit_req depending:

a.) If the referer to click.php is domain.com ... apply zone1
b.) If there is some other referer apply zone2 on click.php
c.) If there is no referer apply zone3 on click.php


  location /click.php { limit_req zone=one;  proxy_pass http://backend; }


Thanks guys
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120605/cd52c6d0/attachment.html>

From ne at vbart.ru  Tue Jun  5 23:31:03 2012
From: ne at vbart.ru (Valentin V. Bartenev)
Date: Wed, 6 Jun 2012 03:31:03 +0400
Subject: How to limit_req depending if the requests has a REFERER or not.
In-Reply-To: <BLU144-W339CCA2AF6611966EB038D00C0@phx.gbl>
References: <BLU144-W339CCA2AF6611966EB038D00C0@phx.gbl>
Message-ID: <201206060331.03636.ne@vbart.ru>

On Wednesday 06 June 2012 02:33:09 Joseph Cabezas wrote:
> I have something like this... I need to be able to apply three different
> limit_req depending:
> 
> a.) If the referer to click.php is domain.com ... apply zone1
> b.) If there is some other referer apply zone2 on click.php
> c.) If there is no referer apply zone3 on click.php
> 
> 
>   location /click.php { limit_req zone=one;  proxy_pass http://backend; }
> 

Probably, something like this will work:

 http {

     map $http_referer $is_referer {
         default  '';
         ~^.      1;
     }

     map $is_referer $no_referer {
         default  1;
         1        '';
     }

     map $invalid_referer $zone1 {
         0  1;
         1  '';
     }

     map $invalid_referer $zone2 {
         0  '';
         1  $is_referer;
     }

     map $invalid_referer $zone3 {
         0  '';
         1  $no_referer;
     }

     limit_req_zone $zone1 zone=zone1:128k rate=50r/s;
     limit_req_zone $zone2 zone=zone2:128k rate=10r/s;
     limit_req_zone $zone3 zone=zone3:128k rate=3r/s;

     server {
         valid_referers domain.com;

         location /click.php {
             limit_req zone=zone3 burst=12;
             limit_req zone=zone2 burst=10 nodelay;
             limit_req zone=zone1 burst=100 nodelay;
             ...

 wbr, Valentin V. Bartenev


From nginx-forum at nginx.us  Wed Jun  6 02:51:51 2012
From: nginx-forum at nginx.us (jessusniww)
Date: Tue, 5 Jun 2012 22:51:51 -0400 (EDT)
Subject: how to deploy multiple application in nginx?
Message-ID: <43428cf050601c546d4749d6ca60cd8c.NginxMailingListEnglish@forum.nginx.org>

hi:
  now,i want to use nginx to run php,but now ,i only run one php
application in nginx.For example,my web root is D:\PHPWeb\,in this
directory i have two php applications 'example1' and 'example2'
respectively.In each application there exists a .htaccess file,i don't
know how do i to run this two application? 

thank you

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227251,227251#msg-227251


From agentzh at gmail.com  Wed Jun  6 03:23:10 2012
From: agentzh at gmail.com (agentzh)
Date: Wed, 6 Jun 2012 11:23:10 +0800
Subject: Graph nginx by error codes and requests per second? Cacti? or
	some other?
In-Reply-To: <CAAGYmFfq=GaSkOvrBwFK_w=LQeZN=tiBpFU1jwAmqnpfnP7iuA@mail.gmail.com>
References: <BLU144-W34DA1F4521F4904FFAC260D00C0@phx.gbl>
	<CAAGYmFfq=GaSkOvrBwFK_w=LQeZN=tiBpFU1jwAmqnpfnP7iuA@mail.gmail.com>
Message-ID: <CAB4Tn6PP+J-CHcxV1YNcRzK1pjj459u+cycW8jW-EoYVVxLoZw@mail.gmail.com>

Hello!

On Wed, Jun 6, 2012 at 2:26 AM, Matthieu Tourne >
> You can take a look at the nginx-lua module (on the logby branch) :
> https://github.com/chaoslawful/lua-nginx-module/tree/logby
>

BTW, The "logby" branch is going to be merged into "master" in the
next few days or so (after more aggressive testing) :)

Special thanks go to Matthieu Tourne for the work on this branch :)

Best regards,
-agentzh


From omega13a at fedtrek.com  Wed Jun  6 03:26:34 2012
From: omega13a at fedtrek.com (Brandon Amaro)
Date: Tue, 05 Jun 2012 20:26:34 -0700
Subject: nginx 1.3.1 not PHP-FPM friendly
In-Reply-To: <20120605143050.GW31671@mdounin.ru>
References: <20120605143050.GW31671@mdounin.ru>
Message-ID: <4FCECDEA.8080607@fedtrek.com>

After I upgraded to nginx 1.3.1, I've been having a problem with 
PHP-FPM. It would work fine for a few minutes then I would start getting 
500 Internal Server Errors on all the pages that use PHP.  I have to 
keep restaring the PHP-FPM service in order to navigate my website. 
Everything was running smoothly before upgrading nginx and I've haven't 
made any recent changes in the config files for both nginx and anything 
PHP related. I'm running Fedora 14 (can't upgrade to anything more 
recent) and compiled nginx myself as I've always done in the past. Any 
help would be greatly appreciated.

-- 
omega13a
Owner and Founder of UFT
http://www.fedtrek.com


From reallfqq-nginx at yahoo.fr  Wed Jun  6 04:28:01 2012
From: reallfqq-nginx at yahoo.fr (B.R.)
Date: Wed, 6 Jun 2012 00:28:01 -0400
Subject: nginx 1.3.1 not PHP-FPM friendly
In-Reply-To: <4FCECDEA.8080607@fedtrek.com>
References: <20120605143050.GW31671@mdounin.ru> <4FCECDEA.8080607@fedtrek.com>
Message-ID: <CALqce=2+94R6fWE-MNiwDV6ZOWpdzof_TCSGPO=eRWx8OUk5DA@mail.gmail.com>

Wild guess: maybe some file openings limit reached?

Most important thing to start: what does the error log says?
---
*B. R.*


On Tue, Jun 5, 2012 at 11:26 PM, Brandon Amaro <omega13a at fedtrek.com> wrote:

> After I upgraded to nginx 1.3.1, I've been having a problem with PHP-FPM.
> It would work fine for a few minutes then I would start getting 500
> Internal Server Errors on all the pages that use PHP.  I have to keep
> restaring the PHP-FPM service in order to navigate my website. Everything
> was running smoothly before upgrading nginx and I've haven't made any
> recent changes in the config files for both nginx and anything PHP related.
> I'm running Fedora 14 (can't upgrade to anything more recent) and compiled
> nginx myself as I've always done in the past. Any help would be greatly
> appreciated.
>
> --
> omega13a
> Owner and Founder of UFT
> http://www.fedtrek.com
>
> ______________________________**_________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/**mailman/listinfo/nginx<http://mailman.nginx.org/mailman/listinfo/nginx>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120606/37864a3b/attachment.html>

From nginx-forum at nginx.us  Wed Jun  6 04:30:05 2012
From: nginx-forum at nginx.us (chenmin7249)
Date: Wed, 6 Jun 2012 00:30:05 -0400 (EDT)
Subject: nginx1.0.15 stable, cut off a 16k js static file into 2.03k
Message-ID: <100f32aa2c3af3dde56eb57106145bea.NginxMailingListEnglish@forum.nginx.org>

nginx version 1.0.15 stable
im running into a problem the a 16k static file was cut off into a 2.03k
incomplete file occasionally, 7 times of 10 will get the incomplete
file.
i use the nginx server for pure static file serving
 sendfile on,
 tcp_nopush on,
 tcp_nodelay on,
 keepalive timeout 0, 
 gzip off
 open_file_cache on
using epoll
no other configurations, what could be the problem? client body size?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227254,227254#msg-227254


From omega13a at fedtrek.com  Wed Jun  6 04:37:49 2012
From: omega13a at fedtrek.com (Brandon Amaro)
Date: Tue, 05 Jun 2012 21:37:49 -0700
Subject: nginx 1.3.1 not PHP-FPM friendly
In-Reply-To: <CALqce=2+94R6fWE-MNiwDV6ZOWpdzof_TCSGPO=eRWx8OUk5DA@mail.gmail.com>
References: <20120605143050.GW31671@mdounin.ru> <4FCECDEA.8080607@fedtrek.com>
	<CALqce=2+94R6fWE-MNiwDV6ZOWpdzof_TCSGPO=eRWx8OUk5DA@mail.gmail.com>
Message-ID: <4FCEDE9D.8080107@fedtrek.com>

I'm assuming this is the error as that the error long is filled with 
similar messages since around the time I upgraded:


2012/06/05 21:35:23 [error] 5976#0: *43558 connect() to 
unix:/var/lib/php5-fpm/web1.sock failed (11: Resource temporarily 
unavailable) while connecting to upstream, client: 72.253.115.223, 
server: fedtrek.com, request: "POST 
/Forums-file-ajax_online_update-mypage-minus200.html HTTP/1.1", 
upstream: "fastcgi://unix:/var/lib/php5-fpm/web1.sock:", host: 
"www.fedtrek.com", referrer: 
"http://www.fedtrek.com/Borg_Species_Designations.html"

On 06/05/2012 09:28 PM, B.R. wrote:
> Wild guess: maybe some file openings limit reached?
>
> Most important thing to start: what does the error log says?
> ---
> *B. R.*
>
>
> On Tue, Jun 5, 2012 at 11:26 PM, Brandon Amaro <omega13a at fedtrek.com 
> <mailto:omega13a at fedtrek.com>> wrote:
>
>     After I upgraded to nginx 1.3.1, I've been having a problem with
>     PHP-FPM. It would work fine for a few minutes then I would start
>     getting 500 Internal Server Errors on all the pages that use PHP.
>      I have to keep restaring the PHP-FPM service in order to navigate
>     my website. Everything was running smoothly before upgrading nginx
>     and I've haven't made any recent changes in the config files for
>     both nginx and anything PHP related. I'm running Fedora 14 (can't
>     upgrade to anything more recent) and compiled nginx myself as I've
>     always done in the past. Any help would be greatly appreciated.
>
>     -- 
>     omega13a
>     Owner and Founder of UFT
>     http://www.fedtrek.com
>
>     _______________________________________________
>     nginx mailing list
>     nginx at nginx.org <mailto:nginx at nginx.org>
>     http://mailman.nginx.org/mailman/listinfo/nginx
>
>
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


-- 
omega13a
Owner and Founder of UFT
http://www.fedtrek.com

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120605/40ddeccf/attachment.html>

From reallfqq-nginx at yahoo.fr  Wed Jun  6 04:44:16 2012
From: reallfqq-nginx at yahoo.fr (B.R.)
Date: Wed, 6 Jun 2012 00:44:16 -0400
Subject: nginx1.0.15 stable, cut off a 16k js static file into 2.03k
In-Reply-To: <100f32aa2c3af3dde56eb57106145bea.NginxMailingListEnglish@forum.nginx.org>
References: <100f32aa2c3af3dde56eb57106145bea.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CALqce=23Rt4GqiGNrbqhh82cJ9uYjNbMPUSm5ujDySYCkkhDFw@mail.gmail.com>

A few suggestions:
1?) tcp_nodelay on; is useless, as the default
value<http://wiki.nginx.org/HttpCoreModule#tcp_nodelay>is 'on' already
2?) Is tcp_nopush a really necessary option? Forcing things on packets is
non-natural (http://wiki.nginx.org/HttpCoreModule#tcp_nopush). Maybe
problems come from that
3?) I'd suggest to test with the latest stable (1.2.1 since today). Maybe
it won't solve the pb but the latest binary is always a good thing to have

Wild guesses, I am no expert :o\
---
*B. R.*


On Wed, Jun 6, 2012 at 12:30 AM, chenmin7249 <nginx-forum at nginx.us> wrote:

> nginx version 1.0.15 stable
> im running into a problem the a 16k static file was cut off into a 2.03k
> incomplete file occasionally, 7 times of 10 will get the incomplete
> file.
> i use the nginx server for pure static file serving
>  sendfile on,
>  tcp_nopush on,
>  tcp_nodelay on,
>  keepalive timeout 0,
>  gzip off
>  open_file_cache on
> using epoll
> no other configurations, what could be the problem? client body size?
>
> Posted at Nginx Forum:
> http://forum.nginx.org/read.php?2,227254,227254#msg-227254
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120606/4df99f97/attachment.html>

From nginx-forum at nginx.us  Wed Jun  6 04:55:23 2012
From: nginx-forum at nginx.us (chenmin7249)
Date: Wed, 6 Jun 2012 00:55:23 -0400 (EDT)
Subject: nginx1.0.15 stable, cut off a 16k js static file into 2.03k
In-Reply-To: <100f32aa2c3af3dde56eb57106145bea.NginxMailingListEnglish@forum.nginx.org>
References: <100f32aa2c3af3dde56eb57106145bea.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <ea24be3460003bf16af9465fd10ddfa8.NginxMailingListEnglish@forum.nginx.org>

thx B.R, i will try to put nopush off to verify the problem

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227254,227257#msg-227257


From nginx-forum at nginx.us  Wed Jun  6 05:01:27 2012
From: nginx-forum at nginx.us (chenmin7249)
Date: Wed, 6 Jun 2012 01:01:27 -0400 (EDT)
Subject: nginx1.0.15 stable, cut off a 16k js static file into 2.03k
In-Reply-To: <ea24be3460003bf16af9465fd10ddfa8.NginxMailingListEnglish@forum.nginx.org>
References: <100f32aa2c3af3dde56eb57106145bea.NginxMailingListEnglish@forum.nginx.org>
	<ea24be3460003bf16af9465fd10ddfa8.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <7f79640676de36a3dceaf32e6fb5496c.NginxMailingListEnglish@forum.nginx.org>

problem solved:
the problem is due to that a new file (16k) replaced the old one
(2.03k), and the cache only refreshed the file content, but not the file
size, so if the file cache is not expired, client may get the right file
but the wrong size, which cause the file to be truncated.
thx B.R, again

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227254,227258#msg-227258


From zhuzhaoyuan at gmail.com  Wed Jun  6 05:04:55 2012
From: zhuzhaoyuan at gmail.com (Joshua Zhu)
Date: Wed, 6 Jun 2012 13:04:55 +0800
Subject: nginx1.0.15 stable, cut off a 16k js static file into 2.03k
In-Reply-To: <100f32aa2c3af3dde56eb57106145bea.NginxMailingListEnglish@forum.nginx.org>
References: <100f32aa2c3af3dde56eb57106145bea.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAOKiq2DA0EtjhYjFcrH_-r92-kEy3k+W-4SEsma2M2Z0n8iLqw@mail.gmail.com>

Hi,

On Wed, Jun 6, 2012 at 12:30 PM, chenmin7249 <nginx-forum at nginx.us> wrote:

> nginx version 1.0.15 stable
> im running into a problem the a 16k static file was cut off into a 2.03k
> incomplete file occasionally, 7 times of 10 will get the incomplete
> file.
> i use the nginx server for pure static file serving
>  sendfile on,
>  tcp_nopush on,
>  tcp_nodelay on,
>  keepalive timeout 0,
>  gzip off
>  open_file_cache on
> using epoll
> no other configurations, what could be the problem? client body size?
>

You could try turning off the 'open_file_cache' directive. The file size
info might not be updated if the file is in file cache then being changed.

Regards,

-- 
Joshua Zhu
Senior Software Engineer
Server Platforms Team at Taobao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120606/0a737baf/attachment.html>

From ne at vbart.ru  Wed Jun  6 07:14:25 2012
From: ne at vbart.ru (Valentin V. Bartenev)
Date: Wed, 6 Jun 2012 11:14:25 +0400
Subject: How to limit_req depending if the requests has a REFERER or not.
In-Reply-To: <201206060331.03636.ne@vbart.ru>
References: <BLU144-W339CCA2AF6611966EB038D00C0@phx.gbl>
	<201206060331.03636.ne@vbart.ru>
Message-ID: <201206061114.25708.ne@vbart.ru>

On Wednesday 06 June 2012 03:31:03 Valentin V. Bartenev wrote:
> On Wednesday 06 June 2012 02:33:09 Joseph Cabezas wrote:
> > I have something like this... I need to be able to apply three different
> > limit_req depending:
> > 
> > a.) If the referer to click.php is domain.com ... apply zone1
> > b.) If there is some other referer apply zone2 on click.php
> > c.) If there is no referer apply zone3 on click.php
> > 
> >   location /click.php { limit_req zone=one;  proxy_pass http://backend; }
[...]
> 
>      map $invalid_referer $zone1 {
>          0  1;
>          1  '';
>      }
> 
>      map $invalid_referer $zone2 {
>          0  '';
>          1  $is_referer;
>      }
> 
>      map $invalid_referer $zone3 {
>          0  '';
>          1  $no_referer;
>      }
[...]

Oops, Ruslan Ermilov pointed out to me that the "false" value of 
$invalid_referer is an empty string, not "0".

http://nginx.org/r/valid_referers

Well, then the correct config example is as follows:

 http {

     map $http_referer $zone3 {
         default  1;
         ~^.      '';
     }

     map $zone3 $zone2 {
         default  $invalid_referer;
         1        '';
     }

     map $invalid_referer $zone1 {
         default  1;
         1        '';
     }

     limit_req_zone $zone1 zone=zone1:128k rate=50r/s;
     limit_req_zone $zone2 zone=zone2:128k rate=10r/s;
     limit_req_zone $zone3 zone=zone3:128k rate=3r/s;

     server {
         valid_referers domain.com;

         location /click.php {
             limit_req zone=zone3 burst=12;
             limit_req zone=zone2 burst=10 nodelay;
             limit_req zone=zone1 burst=100 nodelay;
             ...

 wbr, Valentin V. Bartenev


From nginx-forum at nginx.us  Wed Jun  6 08:46:23 2012
From: nginx-forum at nginx.us (jessusniww)
Date: Wed, 6 Jun 2012 04:46:23 -0400 (EDT)
Subject: how to deploy multiple application in nginx?
In-Reply-To: <43428cf050601c546d4749d6ca60cd8c.NginxMailingListEnglish@forum.nginx.org>
References: <43428cf050601c546d4749d6ca60cd8c.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <dac47e55e1212ee6e0f647ea2f94d2e9.NginxMailingListEnglish@forum.nginx.org>

This problem had been solved by Nginx rewrite.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227251,227266#msg-227266


From nginx-forum at nginx.us  Wed Jun  6 12:05:06 2012
From: nginx-forum at nginx.us (rohit)
Date: Wed, 6 Jun 2012 08:05:06 -0400 (EDT)
Subject: how configure httpd drizzle with nginx
Message-ID: <5fd1f43cda9d0ff2175e180c733fac4b.NginxMailingListEnglish@forum.nginx.org>

`i configure nginx 
download nginx.1.0.8
cd  /nginx.1.0.8

./configure --prefix=/etc/nginx
--add-module=/home/rohittyagi/Downloads/chaoslawful-drizzle-nginx-module-74682b1/
 --add-module=/home/rohittyagi/Downloads/agentzh-rds-json-nginx-module-74c21b3/
 
create virtual upstrem like 

upstream backend {
            drizzled_server 127.0.0.1:3306 dbname=vhost_dbi
                 password=root user=root protocol=mysql;
        }

its give error 
[emerg]: unknown directive "drizzled_server" in
/etc/nginx/nginx.conf:133
 can any one help me to configure HttpDrizzleModule with nginx`

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227274,227274#msg-227274


From nginx-forum at nginx.us  Wed Jun  6 12:08:19 2012
From: nginx-forum at nginx.us (rohit)
Date: Wed, 6 Jun 2012 08:08:19 -0400 (EDT)
Subject: how create mass dynamic virtual hosting in nginx with Mysql database
Message-ID: <a6e4c1e8888aef45f98cccb058025ca7.NginxMailingListEnglish@forum.nginx.org>

how make mass dynamic hosting like  mod_vhost_dbi in apachi 

how we can execute mysql query in nginx.conf  with out drizzle

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227275,227275#msg-227275


From christian.boenning at gmail.com  Wed Jun  6 12:20:06 2012
From: christian.boenning at gmail.com (=?ISO-8859-1?Q?Christian_B=F6nning?=)
Date: Wed, 6 Jun 2012 14:20:06 +0200
Subject: how configure httpd drizzle with nginx
In-Reply-To: <5fd1f43cda9d0ff2175e180c733fac4b.NginxMailingListEnglish@forum.nginx.org>
References: <5fd1f43cda9d0ff2175e180c733fac4b.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CABgTHyt1sjjJV0FWLO+sKLU4AT8ecm6A7q1HfqZjCAV=tyEX2g@mail.gmail.com>

Hi,

that 'unknown directive' says it all. You need to check your backend
definition. The drizzled_server key simply does not exist. See the
README of this module:
https://github.com/chaoslawful/drizzle-nginx-module#readme

That directive is called 'drizzle_server'. Should be working good good
once you've corrected that typo.

Regards,
Chris


2012/6/6 rohit <nginx-forum at nginx.us>:
> `i configure nginx
> download nginx.1.0.8
> cd ?/nginx.1.0.8
>
> ./configure --prefix=/etc/nginx
> --add-module=/home/rohittyagi/Downloads/chaoslawful-drizzle-nginx-module-74682b1/
> ?--add-module=/home/rohittyagi/Downloads/agentzh-rds-json-nginx-module-74c21b3/
>
> create virtual upstrem like
>
> upstream backend {
> ? ? ? ? ? ?drizzled_server 127.0.0.1:3306 dbname=vhost_dbi
> ? ? ? ? ? ? ? ? password=root user=root protocol=mysql;
> ? ? ? ?}
>
> its give error
> [emerg]: unknown directive "drizzled_server" in
> /etc/nginx/nginx.conf:133
> ?can any one help me to configure HttpDrizzleModule with nginx`
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227274,227274#msg-227274
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From markus.jelsma at openindex.io  Wed Jun  6 13:05:54 2012
From: markus.jelsma at openindex.io (=?utf-8?Q?Markus_Jelsma?=)
Date: Wed, 6 Jun 2012 13:05:54 +0000
Subject: healthcheck_nginx_upstreams patch fails for Nginx 1.2.1
Message-ID: <zarafa.4fcf55b2.1ebd.0719361e620ae004@mail.openindex.io>

Hello,

We tried to test the new Nginx 1.2.1 release but we're using the healthcheck_nginx_upstreams module [1]. With Nginx 1.1.x and 1.2.0 we could succesfully apply the Healthcheck module patch but hunks fail for Nginx 1.2.1. Any hints on what we can do about it?

# patch --dry-run -p1 < nginx.patch 
patching file src/http/ngx_http_upstream.c
Hunk #1 succeeded at 4403 (offset 110 lines).
patching file src/http/ngx_http_upstream.h
Hunk #1 succeeded at 110 (offset 1 line).
patching file src/http/ngx_http_upstream_round_robin.c
Hunk #1 succeeded at 5 (offset 1 line).
Hunk #2 FAILED at 14.
Hunk #3 succeeded at 35 (offset 1 line).
Hunk #4 succeeded at 77 (offset 8 lines).
Hunk #5 succeeded at 399 (offset 11 lines).
Hunk #6 FAILED at 434.
Hunk #7 FAILED at 495.
Hunk #8 FAILED at 600.
Hunk #9 FAILED at 625.
Hunk #10 FAILED at 645.
6 out of 10 hunks FAILED -- saving rejects to file src/http/ngx_http_upstream_round_robin.c.rej
patching file src/http/ngx_http_upstream_round_robin.h
Hunk #1 succeeded at 29 (offset 3 lines)

[1]: https://github.com/cep21/healthcheck_nginx_upstreams

Thanks,
Markus


From johannes_graumann at web.de  Wed Jun  6 13:18:10 2012
From: johannes_graumann at web.de (Johannes Graumann)
Date: Wed, 06 Jun 2012 16:18:10 +0300
Subject: Conversion of PHP single machine setup to nginx/php residing on
	different boxes
Message-ID: <jqnl96$557$1@dough.gmane.org>

Hello,

I am trying to implement http://www.howtoforge.com/installing-nginx-with-
php5-and-mysql-support-on-debian-squeeze , where the nginx server config 
looks like so:

> server {
>         listen   80; ## listen for ipv4
>         listen   [::]:80 default ipv6only=on; ## listen for ipv6
>         server_name  _;
>         access_log  /var/log/nginx/localhost.access.log;
>         location / {
>                 root   /var/www;
>                 index  index.php index.html index.htm;
>         }
>         location /doc {
>                 root   /usr/share;
>                 autoindex on;
>                 allow 127.0.0.1;
>                 deny all;
>         }
>         location /images {
>                 root   /usr/share;
>                 autoindex on;
>         }
>         #error_page  404  /404.html;
>         # redirect server error pages to the static page /50x.html
>         #
>         #error_page   500 502 503 504  /50x.html;
>         #location = /50x.html {
>         #       root   /var/www/nginx-default;
>         #}
>         # proxy the PHP scripts to Apache listening on 127.0.0.1:80
>         #
>         #location ~ \.php$ {
>                 #proxy_pass   http://127.0.0.1;
>         #}
>         # pass the PHP scripts to FastCGI server listening on 
127.0.0.1:9000
>         #
>         location ~ \.php$ {
>                 try_files $uri =404;
>                 fastcgi_pass   127.0.0.1:9000;
>                 fastcgi_index  index.php;
>                 fastcgi_param  SCRIPT_FILENAME 
/var/www$fastcgi_script_name;
>                 include         fastcgi_params;
>         }
>         # deny access to .htaccess files, if Apache's document root
>         # concurs with nginx's one
>         #
>         location ~ /\.ht {
>                 deny  all;
>         }
> }

My setup looks slightly different from the one used for that howto, as I 
have a host/firewall/nginx box that houses client applications in lxc-
containers. I am having trouble in setting up the ~ \.php$ bit in that 
context. My config lookis like this:

> server {
>         listen   443;
>         server_name  XXX;
>         client_max_body_size 40M;
>         # SSL is using CACert credentials
>         ssl  on;
>         ssl_certificate  /etc/ssl/private/cacert.XXX.org.pem;
>         ssl_certificate_key  
/etc/ssl/private/cacert.XXX.org_privatkey.pem;
>         ssl_session_timeout  5m;
>         ssl_protocols  SSLv3 TLSv1;
>         ssl_ciphers  ALL:!ADH:!EXPORT56:!LOW:RC4+RSA:+HIGH:+MEDIUM:+SSLv3:
+EXP;
>         ssl_prefer_server_ciphers   on;
>         # Proxy the "feng-container" lxc container
>         location / {
>                 proxy_pass http://10.10.10.3:80/;
>         }
>         location ~ \.php$ {
>                 try_files $uri =404;
>                 fastcgi_pass   10.10.10.3:9000;
>                 fastcgi_index  index.php;
>                 fastcgi_param  SCRIPT_FILENAME  
http://10.10.10.3:80/$fastcgi_script_name;
>                 include         fastcgi_params;
>         }
> }

The "/" bit works, but php location gives me "404" despite ports 80/9000 
being open ...

Can anyone nudge me into the right direction on how to proceed here?

Thanks, Joh



From nginx-forum at nginx.us  Wed Jun  6 13:22:50 2012
From: nginx-forum at nginx.us (torajx)
Date: Wed, 6 Jun 2012 09:22:50 -0400 (EDT)
Subject: block access to a file !!
Message-ID: <82732c268abadd4f9f4c2569849989eb.NginxMailingListEnglish@forum.nginx.org>

Hi,
it must be a piece of cake but i can not find a soloution...

the problem is " location admin.php". you can check it below...


i just want to allow access to admin.php to some ip address and deny
others.



if i remove allow line from it it deny all; but when I add allow line it
dont work ..
please help me...
I tried too many syntax but no success.
i even add root and index to this location but browser prompt to
download my php file..

please help



here 's my server section of config...very simple
server {
        listen       80;
        server_tokens off;
        server_name  www.mysite.com;
        access_log  /var/log/nginx/mysite.log;
        error_page  404              /404.html;
        error_page   500 502 503 504  /50x.html;


        location / {
           root /usr/share/nginx/www;
           index  index.php;
           client_max_body_size 8m;
           client_body_buffer_size 256k;
        }
       location = /50x.html {
           root /usr/share/nginx/html;
        }
        location = /404.html {
           root /usr/share/nginx/html;
        }
        location ~ /\.ht {
            deny  all;
        }
        location ~ \.php$ {
            root /usr/share/nginx/www;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME 
$document_root$fastcgi_script_name;
            include       fastcgi_params;
            set $ssl off;
            if ($ssl_protocol != "" ) {
               set $ssl on;
            }
            fastcgi_param   HTTPS                   $ssl;
        }

        location ~ admin.php {
             allow 217.66.196.193;
             deny all;
         }

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227281,227281#msg-227281


From francis at daoine.org  Wed Jun  6 13:34:24 2012
From: francis at daoine.org (Francis Daly)
Date: Wed, 6 Jun 2012 14:34:24 +0100
Subject: Conversion of PHP single machine setup to nginx/php residing on
	different boxes
In-Reply-To: <jqnl96$557$1@dough.gmane.org>
References: <jqnl96$557$1@dough.gmane.org>
Message-ID: <20120606133424.GE4719@craic.sysops.org>

On Wed, Jun 06, 2012 at 04:18:10PM +0300, Johannes Graumann wrote:

Hi there,

> >         location ~ \.php$ {
> >                 try_files $uri =404;

try_files refers to local files only. http://nginx.org/r/try_files

You probably don't want it here at all.

> >                 fastcgi_pass   10.10.10.3:9000;
> >                 fastcgi_index  index.php;
> >                 fastcgi_param  SCRIPT_FILENAME  
> http://10.10.10.3:80/$fastcgi_script_name;

SCRIPT_FILENAME is a parameter that the fastcgi server will read, and
it will expect it to refer to a file on its filesystem that it should
load and process.

So: if the client requests the url /one/two.php, what file on the
10.10.10.3 server do you want that to correspond to? (From the perspective
of the fasctcgi server, in case it is chroot'ed.)

Make SCRIPT_FILENAME be that filename.

All the best,

	f
-- 
Francis Daly        francis at daoine.org


From francis at daoine.org  Wed Jun  6 13:41:08 2012
From: francis at daoine.org (Francis Daly)
Date: Wed, 6 Jun 2012 14:41:08 +0100
Subject: block access to a file !!
In-Reply-To: <82732c268abadd4f9f4c2569849989eb.NginxMailingListEnglish@forum.nginx.org>
References: <82732c268abadd4f9f4c2569849989eb.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120606134108.GF4719@craic.sysops.org>

On Wed, Jun 06, 2012 at 09:22:50AM -0400, torajx wrote:

Hi there,

> it must be a piece of cake but i can not find a soloution...
> 
> the problem is " location admin.php". you can check it below...

No, the problem is "location ~ admin.php" coming after "location ~
\.php$". The exact characters matter.

http://nginx.org/r/location

> i just want to allow access to admin.php to some ip address and deny
> others.

Either use something like "location = /admin.php", or maybe reorder to
regex locations (with ~) so they match in the order you want.

You will (probably) want to repeat your fastcgi_pass and other fastcgi_*
config lines inside the new location block. One request is handled by
one location.

Good luck with it,

	f
-- 
Francis Daly        francis at daoine.org


From nginx-forum at nginx.us  Wed Jun  6 13:50:57 2012
From: nginx-forum at nginx.us (torajx)
Date: Wed, 6 Jun 2012 09:50:57 -0400 (EDT)
Subject: block access to a file !!
In-Reply-To: <82732c268abadd4f9f4c2569849989eb.NginxMailingListEnglish@forum.nginx.org>
References: <82732c268abadd4f9f4c2569849989eb.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <d2f6fc25a410b7348caba49394feddcc.NginxMailingListEnglish@forum.nginx.org>

thank you for reply..
i change it to "location = /admin.php "
and move it above the "location ~ \.php$ "
it blocks other IPs but give file not found error for allowed Ips..

the last time I added root to admin.php location the browser promot me
to download admin.php..

what can I do now ?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227281,227284#msg-227284


From francis at daoine.org  Wed Jun  6 14:31:53 2012
From: francis at daoine.org (Francis Daly)
Date: Wed, 6 Jun 2012 15:31:53 +0100
Subject: block access to a file !!
In-Reply-To: <d2f6fc25a410b7348caba49394feddcc.NginxMailingListEnglish@forum.nginx.org>
References: <82732c268abadd4f9f4c2569849989eb.NginxMailingListEnglish@forum.nginx.org>
	<d2f6fc25a410b7348caba49394feddcc.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120606143153.GG4719@craic.sysops.org>

On Wed, Jun 06, 2012 at 09:50:57AM -0400, torajx wrote:
> thank you for reply..
> i change it to "location = /admin.php "
> and move it above the "location ~ \.php$ "

"""
Either use something like "location = /admin.php", or maybe reorder to
regex locations (with ~) so they match in the order you want.
"""

You've done both. That's ok, but unnecessary.

> it blocks other IPs but give file not found error for allowed Ips..
> 
> the last time I added root to admin.php location the browser promot me
> to download admin.php..
> 
> what can I do now ?

"""
You will (probably) want to repeat your fastcgi_pass and other fastcgi_*
config lines inside the new location block. One request is handled by
one location.
"""

Do that.

	f
-- 
Francis Daly        francis at daoine.org


From christian.boenning at gmail.com  Wed Jun  6 15:00:35 2012
From: christian.boenning at gmail.com (=?ISO-8859-1?Q?Christian_B=F6nning?=)
Date: Wed, 6 Jun 2012 17:00:35 +0200
Subject: is 'try_files' or 'rewrite' aware of 'gzip_static'?
Message-ID: <CABgTHyvLTmEwyrU5mLUehXN0gA10VgSowf1N_9DaM339tEzL6w@mail.gmail.com>

Hi,

I'm running a quite huge TYPO3 installation on nginx (several other
installations to follow on that host). In this case I'm using (or want
to use) nc_staticfilecache as an extension to speed things up a
little. This extension writes the html document which is sent to the
client down to disk as a single uncompressed file and - depending on
its configuration - another one which is gzipped for static delivery
for subsequent requests to the same document.

Now the question is if my rewrite or try_files directives will try to
deliver the gzipped version of the page.

My try_files directive looks like this:
try_files /typo3temp/tx_ncstaticfilecache/cache/$host${request_uri}index.html
@fetch_from_typo3;

The index.html.gz within the same directory does exist and
'gzip_static' is set to 'on'.

Best,
Chris


From johannes_graumann at web.de  Wed Jun  6 20:10:37 2012
From: johannes_graumann at web.de (Johannes Graumann)
Date: Wed, 06 Jun 2012 23:10:37 +0300
Subject: Conversion of PHP single machine setup to nginx/php residing on
	different boxes
References: <jqnl96$557$1@dough.gmane.org>
	<20120606133424.GE4719@craic.sysops.org>
Message-ID: <jqoden$b36$1@dough.gmane.org>

Francis Daly wrote:

> On Wed, Jun 06, 2012 at 04:18:10PM +0300, Johannes Graumann wrote:
> 
> Hi there,
> 
>> >         location ~ \.php$ {
>> >                 try_files $uri =404;
> 
> try_files refers to local files only. http://nginx.org/r/try_files
> 
> You probably don't want it here at all.
> 
>> >                 fastcgi_pass   10.10.10.3:9000;
>> >                 fastcgi_index  index.php;
>> >                 fastcgi_param  SCRIPT_FILENAME
>> http://10.10.10.3:80/$fastcgi_script_name;
> 
> SCRIPT_FILENAME is a parameter that the fastcgi server will read, and
> it will expect it to refer to a file on its filesystem that it should
> load and process.
> 
> So: if the client requests the url /one/two.php, what file on the
> 10.10.10.3 server do you want that to correspond to? (From the perspective
> of the fasctcgi server, in case it is chroot'ed.)
> 
> Make SCRIPT_FILENAME be that filename.

Thanks a lot for your pointers, which nudged me in the right direction. 
After also finding http://nginxlibrary.com/resolving-no-input-file-
specified-error/ I came up with the following, which is working (a 
"info.php" script at the documentroot containing a call to "phpinfo()" is 
rendered properly and the output has "Server API:	CGI/FastCGI"):

> server {
> 	      listen   443;
> 	      server_name  XXX.org XXX;
> 	      client_max_body_size 40M;
> 	      # SSL is using CACert credentials
> 	      ssl  on;
> 	      ssl_certificate  /etc/ssl/private/cacert.XXX.org.pem;
> 	      ssl_certificate_key 
/etc/ssl/private/cacert.XXX.org_privatkey.pem;
> 	      ssl_session_timeout  5m;
> 	      ssl_protocols  SSLv3 TLSv1;
> 	      ssl_ciphers  ALL:!ADH:!EXPORT56:!LOW:RC4+RSA:+HIGH:+MEDIUM:
+SSLv3:+EXP;
> 	      ssl_prefer_server_ciphers   on;
> 	      # Proxy the "feng-container" lxc container
> 	      root    /var/www/;
> 	      location / {
> 		  proxy_pass      http://10.10.10.3:80/;
> 		  index           index.php index.html index.htm;
> 	      }
> 	      location ~ \.php$ {
> 		  fastcgi_pass   10.10.10.3:9000;
> 		  fastcgi_index  index.php;
> 		  fastcgi_param  SCRIPT_FILENAME  
$document_root$fastcgi_script_name;
> 		  include         fastcgi_params;
> 	      }
> 	    }

Thank you. Joh



From francis at daoine.org  Wed Jun  6 20:44:54 2012
From: francis at daoine.org (Francis Daly)
Date: Wed, 6 Jun 2012 21:44:54 +0100
Subject: is 'try_files' or 'rewrite' aware of 'gzip_static'?
In-Reply-To: <CABgTHyvLTmEwyrU5mLUehXN0gA10VgSowf1N_9DaM339tEzL6w@mail.gmail.com>
References: <CABgTHyvLTmEwyrU5mLUehXN0gA10VgSowf1N_9DaM339tEzL6w@mail.gmail.com>
Message-ID: <20120606204454.GH4719@craic.sysops.org>

On Wed, Jun 06, 2012 at 05:00:35PM +0200, Christian B?nning wrote:

Hi there,

> This extension writes the html document which is sent to the
> client down to disk as a single uncompressed file and - depending on
> its configuration - another one which is gzipped for static delivery
> for subsequent requests to the same document.
> 
> Now the question is if my rewrite or try_files directives will try to
> deliver the gzipped version of the page.

You've shown a "try_files" directive, but no rewrite directive.

Quick testing indicates that for try_files, the answer is "yes and no",
with a fuller explanation below.

> My try_files directive looks like this:
> try_files /typo3temp/tx_ncstaticfilecache/cache/$host${request_uri}index.html
> @fetch_from_typo3;

http://nginx.org/r/try_files indicates that it means "take these urls
in turn, convert them into filenames by prefixing the relevant 'alias'
or 'root' value, and for the first such file that exists, process the
corresponding url normally".

So with the above line, unless you have a "typo3temp" directory inside
/usr/local/nginx/html, it is going to fall back to the @location every
time.

Once that is fixed, then if the index.html file does not exist, try_files
will fall back to the @location (so "it does not heed gzip_static"). But
if index.html does exist, then processing continues of that url -- which
will serve index.html.gz if appropriate (so "it does heed gzip_static").

Overall: try_files is not aware of gzip_static; but nginx will still
honour it if both the non-gz and .gz files exist. This differs from
the "normal" gzip_static handling which will serve the .gz version if
appropriate, whether or not non-gz exists.

> The index.html.gz within the same directory does exist and
> 'gzip_static' is set to 'on'.

So long as both index.html and index.html.gz are there, try_files should
Just Work.

I tested this on a 1.2.0 build, in case that matters.

rewrite can be tested separately, if you have a sample directive.

	f
-- 
Francis Daly        francis at daoine.org


From contact at jpluscplusm.com  Wed Jun  6 22:39:30 2012
From: contact at jpluscplusm.com (Jonathan Matthews)
Date: Wed, 6 Jun 2012 23:39:30 +0100
Subject: Status of Nginx centralised logging
Message-ID: <CAKsTx7CLj46BchMWvkDw=UqtL3hZbtuwJazYB8-u9AYvUBOM-g@mail.gmail.com>

Hi all -

As many of us will have discovered over the course of our careers,
centralised/non-local logging is an important part of any non-trivial
infrastructure.

I'm aware of different patches that add syslogging capabilities to
different Nginx versions, but I've yet to see an official description
of how we should achieve non-local logging. Preferably syslog,
personally speaking, but anything scalable, supportable, debug-able
and sane would, I feel, be acceptable to the wider community.

I'm aware of at least the following options, but I feel they're all
lacking to some degree:

* log to local disk and syslog/logstash/rsync them off: undesirable
due to the management overhead of the additional logging process/logic
+ the wasted disk I/O when creating the per-request logs

* use post_action to hit a logging endpoint after each request: would
add overhead to both configuration and network traffic; post_action
has been described as "a bit of a hack", IIRC

* use syslog patches: not "official", hence troublesome to debug
on-list; rightly or wrongly, the usual response of "please replicate
problem without 3rd party patches" would cause problems when debugging
production systems

* use another 3rd-party logging protocol, e.g. statsd, redis: as
similarly unsupportable as syslog patches

I wonder if someone could officially comment on the potential for
resolving this gap in Nginx's feature set? Or perhaps I'm missing
something ... :-)

Many thanks, all
Jonathan
-- 
Jonathan Matthews
Oxford, London, UK
http://www.jpluscplusm.com/contact.html


From omega13a at fedtrek.com  Wed Jun  6 22:49:38 2012
From: omega13a at fedtrek.com (Brandon Amaro)
Date: Wed, 06 Jun 2012 15:49:38 -0700
Subject: nginx 1.3.1 not PHP-FPM friendly
In-Reply-To: <4FCEDE9D.8080107@fedtrek.com>
References: <20120605143050.GW31671@mdounin.ru> <4FCECDEA.8080607@fedtrek.com>
	<CALqce=2+94R6fWE-MNiwDV6ZOWpdzof_TCSGPO=eRWx8OUk5DA@mail.gmail.com>
	<4FCEDE9D.8080107@fedtrek.com>
Message-ID: <4FCFDE82.4030303@fedtrek.com>

I'm still having problems. I forgot to mention that I'm running PHP 5.4.3.

-- 
omega13a
Owner and Founder of UFT
http://www.fedtrek.com



On 06/05/2012 09:37 PM, Brandon Amaro wrote:
> I'm assuming this is the error as that the error long is filled with 
> similar messages since around the time I upgraded:
>
>
> 2012/06/05 21:35:23 [error] 5976#0: *43558 connect() to 
> unix:/var/lib/php5-fpm/web1.sock failed (11: Resource temporarily 
> unavailable) while connecting to upstream, client: 72.253.115.223, 
> server: fedtrek.com, request: "POST 
> /Forums-file-ajax_online_update-mypage-minus200.html HTTP/1.1", 
> upstream: "fastcgi://unix:/var/lib/php5-fpm/web1.sock:", host: 
> "www.fedtrek.com", referrer: 
> "http://www.fedtrek.com/Borg_Species_Designations.html"
>
> On 06/05/2012 09:28 PM, B.R. wrote:
>> Wild guess: maybe some file openings limit reached?
>>
>> Most important thing to start: what does the error log says?
>> ---
>> *B. R.*
>>
>>
>> On Tue, Jun 5, 2012 at 11:26 PM, Brandon Amaro <omega13a at fedtrek.com 
>> <mailto:omega13a at fedtrek.com>> wrote:
>>
>>     After I upgraded to nginx 1.3.1, I've been having a problem with
>>     PHP-FPM. It would work fine for a few minutes then I would start
>>     getting 500 Internal Server Errors on all the pages that use PHP.
>>      I have to keep restaring the PHP-FPM service in order to
>>     navigate my website. Everything was running smoothly before
>>     upgrading nginx and I've haven't made any recent changes in the
>>     config files for both nginx and anything PHP related. I'm running
>>     Fedora 14 (can't upgrade to anything more recent) and compiled
>>     nginx myself as I've always done in the past. Any help would be
>>     greatly appreciated.
>>
>>     -- 
>>     omega13a
>>     Owner and Founder of UFT
>>     http://www.fedtrek.com
>>
>>     _______________________________________________
>>     nginx mailing list
>>     nginx at nginx.org <mailto:nginx at nginx.org>
>>     http://mailman.nginx.org/mailman/listinfo/nginx
>>
>>
>>
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>
>
> -- 
> omega13a
> Owner and Founder of UFT
> http://www.fedtrek.com
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120606/cdc2ba6c/attachment.html>

From matthieu.tourne at gmail.com  Wed Jun  6 23:03:03 2012
From: matthieu.tourne at gmail.com (Matthieu Tourne)
Date: Wed, 6 Jun 2012 16:03:03 -0700
Subject: Status of Nginx centralised logging
In-Reply-To: <CAKsTx7CLj46BchMWvkDw=UqtL3hZbtuwJazYB8-u9AYvUBOM-g@mail.gmail.com>
References: <CAKsTx7CLj46BchMWvkDw=UqtL3hZbtuwJazYB8-u9AYvUBOM-g@mail.gmail.com>
Message-ID: <CAAGYmFe=kQg+fMC6t2F9SE7jMyjXO9smtc0_H3AVMzvE=cm2MA@mail.gmail.com>

On Wed, Jun 6, 2012 at 3:39 PM, Jonathan Matthews
<contact at jpluscplusm.com> wrote:
> Hi all -
>
> As many of us will have discovered over the course of our careers,
> centralised/non-local logging is an important part of any non-trivial
> infrastructure.
>
> I'm aware of different patches that add syslogging capabilities to
> different Nginx versions, but I've yet to see an official description
> of how we should achieve non-local logging. Preferably syslog,
> personally speaking, but anything scalable, supportable, debug-able
> and sane would, I feel, be acceptable to the wider community.
>
> I'm aware of at least the following options, but I feel they're all
> lacking to some degree:
>
> * log to local disk and syslog/logstash/rsync them off: undesirable
> due to the management overhead of the additional logging process/logic
> + the wasted disk I/O when creating the per-request logs
>
> * use post_action to hit a logging endpoint after each request: would
> add overhead to both configuration and network traffic; post_action
> has been described as "a bit of a hack", IIRC
>
> * use syslog patches: not "official", hence troublesome to debug
> on-list; rightly or wrongly, the usual response of "please replicate
> problem without 3rd party patches" would cause problems when debugging
> production systems
>
> * use another 3rd-party logging protocol, e.g. statsd, redis: as
> similarly unsupportable as syslog patches
>
> I wonder if someone could officially comment on the potential for
> resolving this gap in Nginx's feature set? Or perhaps I'm missing
> something ... :-)
>

Hi!

I think this thread from a few days ago might answer some of your questions :
http://forum.nginx.org/read.php?2,227234

We use log_by_lua to aggregate data, and then fetch the aggregated
data from another location.
In turns this feeds into a bigger centralized system (OpenTSDB).
This way we don't have to output one log line, or hit one logging
endpoint for each request that goes through.

One interesting thing we've noticed while developing this is that even
an error in our logging code really doesn't affect serving pages, so
this might be the safest use case for 3rd party modules you could
imagine.

Currently your only other official alternative to get data, besides
the access_log is the stub_status module :
http://wiki.nginx.org/HttpStubStatusModule

Hope this helps,
Matthieu


From contact at jpluscplusm.com  Wed Jun  6 23:40:20 2012
From: contact at jpluscplusm.com (Jonathan Matthews)
Date: Thu, 7 Jun 2012 00:40:20 +0100
Subject: Status of Nginx centralised logging
In-Reply-To: <CAAGYmFe=kQg+fMC6t2F9SE7jMyjXO9smtc0_H3AVMzvE=cm2MA@mail.gmail.com>
References: <CAKsTx7CLj46BchMWvkDw=UqtL3hZbtuwJazYB8-u9AYvUBOM-g@mail.gmail.com>
	<CAAGYmFe=kQg+fMC6t2F9SE7jMyjXO9smtc0_H3AVMzvE=cm2MA@mail.gmail.com>
Message-ID: <CAKsTx7CGfYsWWF39gvad+2i=gObpe8G-th6Uehej6+4j55TujQ@mail.gmail.com>

On 7 June 2012 00:03, Matthieu Tourne <matthieu.tourne at gmail.com> wrote:
> I think this thread from a few days ago might answer some of your questions :
> http://forum.nginx.org/read.php?2,227234

Yes, it was glancing over this thread that made me think I needed to
raise this issue kinda sorta formally, and ask for some official
recognition of this relatively important issue.

> We use log_by_lua to aggregate data, and then fetch the aggregated
> data from another location.
> In turns this feeds into a bigger centralized system (OpenTSDB).
> This way we don't have to output one log line, or hit one logging
> endpoint for each request that goes through.
>
> One interesting thing we've noticed while developing this is that even
> an error in our logging code really doesn't affect serving pages, so
> this might be the safest use case for 3rd party modules you could
> imagine.

Interesting, thank you. [ I've so far avoided enabling lua in my
production Nginx instances as it's almost /too/ powerful. If our
systems team (or devs!) get the idea we can do /anything/ we like in
the reverse proxy layer in front of our app servers, I'm concerned
we'll start to add too much logic in there that should actually live
in the apps :-) ]

I'll definitely take a look at log_by_lua, however I still think we
should get the centralised logging issue recognised officially as a
area where Nginx is deficient, along with suggestions for bringing it
up to spec. Nginx is a vital part of many people's infrastructures
now: it's a shame it's behind the (devops'y!) times in this area.

> Currently your only other official alternative to get data, besides
> the access_log is the stub_status module :
> http://wiki.nginx.org/HttpStubStatusModule

Appreciated but, not being per-request, it isn't really in the same
space as the other things we're discussing.

Cheers,
Jonathan
-- 
Jonathan Matthews
Oxford, London, UK
http://www.jpluscplusm.com/contact.html


From reallfqq-nginx at yahoo.fr  Wed Jun  6 23:50:32 2012
From: reallfqq-nginx at yahoo.fr (B.R.)
Date: Wed, 6 Jun 2012 19:50:32 -0400
Subject: nginx 1.3.1 not PHP-FPM friendly
In-Reply-To: <4FCFDE82.4030303@fedtrek.com>
References: <20120605143050.GW31671@mdounin.ru> <4FCECDEA.8080607@fedtrek.com>
	<CALqce=2+94R6fWE-MNiwDV6ZOWpdzof_TCSGPO=eRWx8OUk5DA@mail.gmail.com>
	<4FCEDE9D.8080107@fedtrek.com> <4FCFDE82.4030303@fedtrek.com>
Message-ID: <CALqce=3p1G0_R0b_2N-sc=hEJvQao2b0h3QGNAO3s13mx24S6w@mail.gmail.com>

Hello,

Well, you may:
1?) Search the ML
archive<http://forum.nginx.org/search.php?4,search=resource+temporarily+unavailable,author=,page=1,match_type=ALL,match_dates=365,match_forum=2,match_threads=0>to
see if anyone already encountered your problem

2?) Since you said problems started to appear after an upgrade:
Use the stable releases of Nginx (latest is 1.2.1) rather than development
version if you don't especially need it
*Or*
Revert to a previous development version to check if it could solve the
problem

3?) Use the Fedora Nginx package.
Other people seem to have problems with Nginx on Fedora. Package are made
for Fedora starting with v15, but maybe you can give it a try anyway?

4?) Check you system so see where the problem might come:
Too many files open, too many Nginx processes spawned, anything not normal.

Can't help much more, though...
---
*B. R.*


On Wed, Jun 6, 2012 at 6:49 PM, Brandon Amaro <omega13a at fedtrek.com> wrote:

>  I'm still having problems. I forgot to mention that I'm running PHP 5.4.3.
>
>
> --
> omega13a
> Owner and Founder of UFThttp://www.fedtrek.com
>
>
>
> On 06/05/2012 09:37 PM, Brandon Amaro wrote:
>
> I'm assuming this is the error as that the error long is filled with
> similar messages since around the time I upgraded:
>
>
> 2012/06/05 21:35:23 [error] 5976#0: *43558 connect() to
> unix:/var/lib/php5-fpm/web1.sock failed (11: Resource temporarily
> unavailable) while connecting to upstream, client: 72.253.115.223, server:
> fedtrek.com, request: "POST
> /Forums-file-ajax_online_update-mypage-minus200.html HTTP/1.1", upstream:
> "fastcgi://unix:/var/lib/php5-fpm/web1.sock:", host: "www.fedtrek.com",
> referrer: "http://www.fedtrek.com/Borg_Species_Designations.html"<http://www.fedtrek.com/Borg_Species_Designations.html>
>
> On 06/05/2012 09:28 PM, B.R. wrote:
>
> Wild guess: maybe some file openings limit reached?
>
> Most important thing to start: what does the error log says?
> ---
> *B. R.*
>
>
> On Tue, Jun 5, 2012 at 11:26 PM, Brandon Amaro <omega13a at fedtrek.com>wrote:
>
>> After I upgraded to nginx 1.3.1, I've been having a problem with PHP-FPM.
>> It would work fine for a few minutes then I would start getting 500
>> Internal Server Errors on all the pages that use PHP.  I have to keep
>> restaring the PHP-FPM service in order to navigate my website. Everything
>> was running smoothly before upgrading nginx and I've haven't made any
>> recent changes in the config files for both nginx and anything PHP related.
>> I'm running Fedora 14 (can't upgrade to anything more recent) and compiled
>> nginx myself as I've always done in the past. Any help would be greatly
>> appreciated.
>>
>> --
>> omega13a
>> Owner and Founder of UFT
>> http://www.fedtrek.com
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>
>
>
> _______________________________________________
> nginx mailing listnginx at nginx.orghttp://mailman.nginx.org/mailman/listinfo/nginx
>
>
>
> --
> omega13a
> Owner and Founder of UFThttp://www.fedtrek.com
>
>
>
> _______________________________________________
> nginx mailing listnginx at nginx.orghttp://mailman.nginx.org/mailman/listinfo/nginx
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120606/69eee006/attachment.html>

From moseleymark at gmail.com  Thu Jun  7 00:02:14 2012
From: moseleymark at gmail.com (Mark Moseley)
Date: Wed, 6 Jun 2012 17:02:14 -0700
Subject: Status of Nginx centralised logging
In-Reply-To: <CAKsTx7CLj46BchMWvkDw=UqtL3hZbtuwJazYB8-u9AYvUBOM-g@mail.gmail.com>
References: <CAKsTx7CLj46BchMWvkDw=UqtL3hZbtuwJazYB8-u9AYvUBOM-g@mail.gmail.com>
Message-ID: <CAOH1cHmr_K9J0+R5CzW0pV+ME+Xx4kJAwoMN+p3WW1PbZ6ZZ+A@mail.gmail.com>

<snip>
> * use another 3rd-party logging protocol, e.g. statsd, redis: as
> similarly unsupportable as syslog patches
</snip>

There's also the nginx sflow module,
http://code.google.com/p/nginx-sflow-module/

I realize that this is another 3rd party module, so falls into the
same 'not officially supported' category, but I figured I'd mention it
as something to add to the centralized logging bag of tricks. I've
used it and it's pretty nice, though obviously you need an sflow
server somewhere to send to.


From psi at y0ru.net  Thu Jun  7 02:48:27 2012
From: psi at y0ru.net (JD Harrington)
Date: Wed, 6 Jun 2012 22:48:27 -0400
Subject: exposing request start time as a variable to use in a custom header
Message-ID: <CABhwAQDO=nZrmSEzBpW0P-veqwpXREG99-bemXY_k4vUL5Uj7Q@mail.gmail.com>

Hi,

I'm using New Relic RPM for performance profiling and they have an
optional metric for time spent in request queueing. In order to
compute this metric, they require that the frontend server add an
X-QUEUE-START request header with a timestamp in microseconds before
handing the request off to the application. There are a couple of
patches floating around that add this ability to various versions of
nginx.

I'm wondering if this or something similar might be considered for
inclusion in a future official release of nginx.

Details about the New Relic feature:
https://newrelic.com/docs/features/tracking-front-end-time

The currently available patches:
https://gist.github.com/318681

Thanks!

JD


From tdgh2323 at hotmail.com  Thu Jun  7 06:15:46 2012
From: tdgh2323 at hotmail.com (Joseph Cabezas)
Date: Thu, 7 Jun 2012 06:15:46 +0000
Subject: Possible to limit_req based on requests coming from a Class C (/24
	subnet) instead of per IP (/32) ?
Message-ID: <BLU144-W9420437814E04527C7231D0F30@phx.gbl>


Hello,

Is it Possible to limit_req based on requests coming from a Class C (/24 subnet) instead of per IP (/32) ? If so can anybody please provide an example.

Regards,
Joseph
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120607/f8961877/attachment.html>

From francis at daoine.org  Thu Jun  7 08:33:47 2012
From: francis at daoine.org (Francis Daly)
Date: Thu, 7 Jun 2012 09:33:47 +0100
Subject: Possible to limit_req based on requests coming from a Class C
	(/24 subnet) instead of per IP (/32) ?
In-Reply-To: <BLU144-W9420437814E04527C7231D0F30@phx.gbl>
References: <BLU144-W9420437814E04527C7231D0F30@phx.gbl>
Message-ID: <20120607083347.GI4719@craic.sysops.org>

On Thu, Jun 07, 2012 at 06:15:46AM +0000, Joseph Cabezas wrote:

Hi there,

> Is it Possible to limit_req based on requests coming from a Class C (/24 subnet) instead of per IP (/32) ? If so can anybody please provide an example.

Totally untested, but:

Use exactly the same method as in the responses to your other limit_req
questions?

limit_req_zone (http://nginx.org/r/limit_req_zone) using a new variable
"$the_class_c".

limit_req (http://nginx.org/r/limit_req) to do the limiting.

map (http://nginx.org/r/map) to set the variable "$the_class_c" to
empty, or to some identifier for the class C that should be limited.

Note that those docs for "map" don't currently mention the "~ means regex
match" or the "you can refer back to matched parts from the pattern,
in the value", which are shown on http://wiki.nginx.org/HttpMapModule,
and which will likely be useful here.

In your map, you could test $remote_addr for "everything up to the
final .digits"; or possibly you could try taking "three bytes of
$binary_remote_addr".

Test it and see. Usually the debug log will include useful information
about what nginx thinks is going on, in case it is unclear.

Good luck with it,

	f
-- 
Francis Daly        francis at daoine.org


From steeeeeveee at gmx.net  Thu Jun  7 10:01:37 2012
From: steeeeeveee at gmx.net (Steve)
Date: Thu, 07 Jun 2012 12:01:37 +0200
Subject: nginx 1.3.1 not PHP-FPM friendly
In-Reply-To: <4FCFDE82.4030303@fedtrek.com>
References: <20120605143050.GW31671@mdounin.ru> <4FCECDEA.8080607@fedtrek.com>
	<CALqce=2+94R6fWE-MNiwDV6ZOWpdzof_TCSGPO=eRWx8OUk5DA@mail.gmail.com>
	<4FCEDE9D.8080107@fedtrek.com> <4FCFDE82.4030303@fedtrek.com>
Message-ID: <20120607100137.211840@gmx.net>


-------- Original-Nachricht --------
> Datum: Wed, 06 Jun 2012 15:49:38 -0700
> Von: Brandon Amaro <omega13a at fedtrek.com>
> An: nginx at nginx.org
> Betreff: Re: nginx 1.3.1 not PHP-FPM friendly

> I'm still having problems. I forgot to mention that I'm running PHP 5.4.3.
> 
I run nginx 1.3.1 and PHP 5.4.3 too and have no issues at all.


> -- 
> omega13a
> Owner and Founder of UFT
> http://www.fedtrek.com
> 
> 
> 
> On 06/05/2012 09:37 PM, Brandon Amaro wrote:
> > I'm assuming this is the error as that the error long is filled with 
> > similar messages since around the time I upgraded:
> >
> >
> > 2012/06/05 21:35:23 [error] 5976#0: *43558 connect() to 
> > unix:/var/lib/php5-fpm/web1.sock failed (11: Resource temporarily 
> > unavailable) while connecting to upstream, client: 72.253.115.223, 
> > server: fedtrek.com, request: "POST 
> > /Forums-file-ajax_online_update-mypage-minus200.html HTTP/1.1", 
> > upstream: "fastcgi://unix:/var/lib/php5-fpm/web1.sock:", host: 
> > "www.fedtrek.com", referrer: 
> > "http://www.fedtrek.com/Borg_Species_Designations.html"
> >
> > On 06/05/2012 09:28 PM, B.R. wrote:
> >> Wild guess: maybe some file openings limit reached?
> >>
> >> Most important thing to start: what does the error log says?
> >> ---
> >> *B. R.*
> >>
> >>
> >> On Tue, Jun 5, 2012 at 11:26 PM, Brandon Amaro <omega13a at fedtrek.com 
> >> <mailto:omega13a at fedtrek.com>> wrote:
> >>
> >>     After I upgraded to nginx 1.3.1, I've been having a problem with
> >>     PHP-FPM. It would work fine for a few minutes then I would start
> >>     getting 500 Internal Server Errors on all the pages that use PHP.
> >>      I have to keep restaring the PHP-FPM service in order to
> >>     navigate my website. Everything was running smoothly before
> >>     upgrading nginx and I've haven't made any recent changes in the
> >>     config files for both nginx and anything PHP related. I'm running
> >>     Fedora 14 (can't upgrade to anything more recent) and compiled
> >>     nginx myself as I've always done in the past. Any help would be
> >>     greatly appreciated.
> >>
> >>     -- 
> >>     omega13a
> >>     Owner and Founder of UFT
> >>     http://www.fedtrek.com
> >>
> >>     _______________________________________________
> >>     nginx mailing list
> >>     nginx at nginx.org <mailto:nginx at nginx.org>
> >>     http://mailman.nginx.org/mailman/listinfo/nginx
> >>
> >>
> >>
> >>
> >> _______________________________________________
> >> nginx mailing list
> >> nginx at nginx.org
> >> http://mailman.nginx.org/mailman/listinfo/nginx
> >
> >
> > -- 
> > omega13a
> > Owner and Founder of UFT
> > http://www.fedtrek.com
> >
> >
> > _______________________________________________
> > nginx mailing list
> > nginx at nginx.org
> > http://mailman.nginx.org/mailman/listinfo/nginx

-- 
Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de


From mdounin at mdounin.ru  Thu Jun  7 10:09:57 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 7 Jun 2012 14:09:57 +0400
Subject: Status of Nginx centralised logging
In-Reply-To: <CAKsTx7CLj46BchMWvkDw=UqtL3hZbtuwJazYB8-u9AYvUBOM-g@mail.gmail.com>
References: <CAKsTx7CLj46BchMWvkDw=UqtL3hZbtuwJazYB8-u9AYvUBOM-g@mail.gmail.com>
Message-ID: <20120607100957.GZ31671@mdounin.ru>

Hello!

On Wed, Jun 06, 2012 at 11:39:30PM +0100, Jonathan Matthews wrote:

> Hi all -
> 
> As many of us will have discovered over the course of our careers,
> centralised/non-local logging is an important part of any non-trivial
> infrastructure.
> 
> I'm aware of different patches that add syslogging capabilities to
> different Nginx versions, but I've yet to see an official description
> of how we should achieve non-local logging. Preferably syslog,
> personally speaking, but anything scalable, supportable, debug-able
> and sane would, I feel, be acceptable to the wider community.
> 
> I'm aware of at least the following options, but I feel they're all
> lacking to some degree:
> 
> * log to local disk and syslog/logstash/rsync them off: undesirable
> due to the management overhead of the additional logging process/logic
> + the wasted disk I/O when creating the per-request logs

This is, actually, recommended solution.  It's main advantage is 
that nginx will continue to serve requests even if something 
really bad will happen with your "non-trivial infrastructure".  
Basically it will work till the server is alive.

[...]

> * use another 3rd-party logging protocol, e.g. statsd, redis: as
> similarly unsupportable as syslog patches

You may also take a look at Valery Kholodkov's udplog module,
http://grid.net.ru/nginx/udplog.en.html

I haven't actually used it (as I prefer local logging solution, 
see above), but I tend to like the basic concept behind the 
module.  At least it resolves the main problem with usual syslog 
interfaces (i.e. blocking).

Maxim Dounin


From agentzh at gmail.com  Thu Jun  7 13:22:50 2012
From: agentzh at gmail.com (agentzh)
Date: Thu, 7 Jun 2012 21:22:50 +0800
Subject: [ANN] ngx_openresty devel version 1.0.15.9 released
In-Reply-To: <CAB4Tn6P_b38i2=p9vGiVZiZL0iKZ3RTGej0wMDJhuvUQ2UNd3A@mail.gmail.com>
References: <CAB4Tn6P_b38i2=p9vGiVZiZL0iKZ3RTGej0wMDJhuvUQ2UNd3A@mail.gmail.com>
Message-ID: <CAB4Tn6OjM_9oWuvduOEoWfc5NVb2VAs8FWHk2KyjjXrBM7X6ug@mail.gmail.com>

Hello!

After more than one week's active development, the new development
version of ngx_openresty, 1.0.15.9, is now released:

? ?http://openresty.org/#Download

Below is the change log for this release:

 *   upgraded LuaNginxModule to 0.5.0rc30.

     *   feature: new Lua API, ngx.sleep(), for doing non-blocking
         sleep in Lua. thanks jinglong for the patch.

     *   feature: ngx.log() now checks if the log level number is in
         the valid range (0 ~ 8). thanks Xiaoyu Chen (smallfish) for
         suggesting this improvement.

     *   bugfix: cosocket:receiveuntil could leak memory, especially
         for long pattern string arguments. this bug was caught by
         Test::Nginx::Socket when setting the environment
         "TEST_NGINX_CHECK_LEAK=1".

     *   bugfix: ngx.re.sub() could leak memory when the "replace"
         template argument string is not well-formed and the "o"
         regex option is also specified. this issue was caught by
         Test::Nginx::Socket when setting environment
         "TEST_NGINX_CHECK_LEAK=1".

     *   bugfix: ngx.re.gmatch leaked memory when the "o" option was
         not specified. this bug was caught by Test::Nginx::Socket
         when setting the environment "TEST_NGINX_CHECK_LEAK=1".

     *   bugfix: the Lua "_G" special table did not get cleared when
         lua_code_cache is turned off. thanks Moven for reporting
         this issue.

     *   bugfix: cosocket:connect() might hang on socket creation
         errors or segfault later due to left-over state flags.

     *   bugfix: refactored on-demand handler registration. the old
         approach rewrites to static (global) variables at
         config-time, which could have potential problems with nginx
         config reloading via the "HUP" signal.

     *   optimize: now we no longer call "ngx_http_post_request" to
         wake up the request associated with the current cosocket
         upstream from within the cosocket upstream event handlers,
         but rather call "r->write_event_handler" directly. this
         change can also make backtraces more meaningful because we
         preserve the original calling stack.

     *   docs: massive wording improvements from the Nginx Wiki site.
         thanks Dayo.

 *   upgraded RdsJsonNginxModule to 0.12rc10.

     *   bugfix: refactored on-demand handler registration. the old
         approach rewrites to static (global) variables at
         config-time, which could have potential problems with nginx
         config reloading via the "HUP" signal.

 *   bugfix: the (optional) no-pool patch might leak memory. now we
     have updated the no-pool patch to the latest version that is a
     thorough rewrite.

 *   bugfix: applied poll_del_event_at_exit patch that fixed a
     segmentation fault in the nginx core when the poll event type is
     used:
     <http://mailman.nginx.org/pipermail/nginx-devel/2012-June/002328.html>

 *   bugfix: applied the resolver_debug_log patch that fixed reads of
     uninitialized memory in the nginx core:
     <http://mailman.nginx.org/pipermail/nginx-devel/2012-June/002281.html>

Special thanks go to all our contributors and users for helping make
this happen :)

OpenResty (aka. ngx_openresty) is a full-fledged web application
server by bundling the standard Nginx core, lots of 3rd-party Nginx
modules, as well? as most of their external dependencies. See
OpenResty's homepage for more details:

? http://openresty.org/

Have fun!
-agentzh


From omega13a at fedtrek.com  Thu Jun  7 16:00:05 2012
From: omega13a at fedtrek.com (Brandon Amaro)
Date: Thu, 07 Jun 2012 09:00:05 -0700
Subject: nginx 1.3.1 not PHP-FPM friendly
In-Reply-To: <20120607100137.211840@gmx.net>
References: <20120605143050.GW31671@mdounin.ru> <4FCECDEA.8080607@fedtrek.com>
	<CALqce=2+94R6fWE-MNiwDV6ZOWpdzof_TCSGPO=eRWx8OUk5DA@mail.gmail.com>
	<4FCEDE9D.8080107@fedtrek.com> <4FCFDE82.4030303@fedtrek.com>
	<20120607100137.211840@gmx.net>
Message-ID: <4FD0D005.3010603@fedtrek.com>

My investigation of things on my server have just gotten a bit weirder. 
My server has ISPConfig installed and the web based control panel is not 
effected at all by this slowness. Yet everything on my site is taking an 
insane amount of time to load if it loads at all. Even a simple php file 
that contains only phpinfo(); takes forever... I'm completely baffled by 
this.

-- 
omega13a
Owner and Founder of UFT
http://www.fedtrek.com



On 06/07/2012 03:01 AM, Steve wrote:
> -------- Original-Nachricht --------
>> Datum: Wed, 06 Jun 2012 15:49:38 -0700
>> Von: Brandon Amaro<omega13a at fedtrek.com>
>> An: nginx at nginx.org
>> Betreff: Re: nginx 1.3.1 not PHP-FPM friendly
>> I'm still having problems. I forgot to mention that I'm running PHP 5.4.3.
>>
> I run nginx 1.3.1 and PHP 5.4.3 too and have no issues at all.
>
>
>> -- 
>> omega13a
>> Owner and Founder of UFT
>> http://www.fedtrek.com
>>
>>
>>
>> On 06/05/2012 09:37 PM, Brandon Amaro wrote:
>>> I'm assuming this is the error as that the error long is filled with
>>> similar messages since around the time I upgraded:
>>>
>>>
>>> 2012/06/05 21:35:23 [error] 5976#0: *43558 connect() to
>>> unix:/var/lib/php5-fpm/web1.sock failed (11: Resource temporarily
>>> unavailable) while connecting to upstream, client: 72.253.115.223,
>>> server: fedtrek.com, request: "POST
>>> /Forums-file-ajax_online_update-mypage-minus200.html HTTP/1.1",
>>> upstream: "fastcgi://unix:/var/lib/php5-fpm/web1.sock:", host:
>>> "www.fedtrek.com", referrer:
>>> "http://www.fedtrek.com/Borg_Species_Designations.html"
>>>
>>> On 06/05/2012 09:28 PM, B.R. wrote:
>>>> Wild guess: maybe some file openings limit reached?
>>>>
>>>> Most important thing to start: what does the error log says?
>>>> ---
>>>> *B. R.*
>>>>
>>>>
>>>> On Tue, Jun 5, 2012 at 11:26 PM, Brandon Amaro<omega13a at fedtrek.com
>>>> <mailto:omega13a at fedtrek.com>>  wrote:
>>>>
>>>>      After I upgraded to nginx 1.3.1, I've been having a problem with
>>>>      PHP-FPM. It would work fine for a few minutes then I would start
>>>>      getting 500 Internal Server Errors on all the pages that use PHP.
>>>>       I have to keep restaring the PHP-FPM service in order to
>>>>      navigate my website. Everything was running smoothly before
>>>>      upgrading nginx and I've haven't made any recent changes in the
>>>>      config files for both nginx and anything PHP related. I'm running
>>>>      Fedora 14 (can't upgrade to anything more recent) and compiled
>>>>      nginx myself as I've always done in the past. Any help would be
>>>>      greatly appreciated.
>>>>
>>>>      --
>>>>      omega13a
>>>>      Owner and Founder of UFT
>>>>      http://www.fedtrek.com
>>>>
>>>>      _______________________________________________
>>>>      nginx mailing list
>>>>      nginx at nginx.org<mailto:nginx at nginx.org>
>>>>      http://mailman.nginx.org/mailman/listinfo/nginx
>>>>
>>>>
>>>>
>>>>
>>>> _______________________________________________
>>>> nginx mailing list
>>>> nginx at nginx.org
>>>> http://mailman.nginx.org/mailman/listinfo/nginx
>>>
>>> -- 
>>> omega13a
>>> Owner and Founder of UFT
>>> http://www.fedtrek.com
>>>
>>>
>>> _______________________________________________
>>> nginx mailing list
>>> nginx at nginx.org
>>> http://mailman.nginx.org/mailman/listinfo/nginx


From lists at ruby-forum.com  Thu Jun  7 17:33:12 2012
From: lists at ruby-forum.com (Peter P.)
Date: Thu, 07 Jun 2012 19:33:12 +0200
Subject: Status of Nginx centralised logging
In-Reply-To: <CAOH1cHmr_K9J0+R5CzW0pV+ME+Xx4kJAwoMN+p3WW1PbZ6ZZ+A@mail.gmail.com>
References: <CAKsTx7CLj46BchMWvkDw=UqtL3hZbtuwJazYB8-u9AYvUBOM-g@mail.gmail.com>
	<CAOH1cHmr_K9J0+R5CzW0pV+ME+Xx4kJAwoMN+p3WW1PbZ6ZZ+A@mail.gmail.com>
Message-ID: <cf3e2204dcbc6637d142db31407348ca@ruby-forum.com>

I just wanted to add a couple of comments on using sFlow as the logging
protocol - there are also sFlow plugins for Apache and Tomcat, allowing
you to get the same data from all the HTTP server pools.

On the analyzer side, the HTTP sFlow export also includes performance
counters that can be trended with Graphite or Ganglia. You can also use
sflowtool to convert the binary sFlow datagrams to ASCII combined
logfile format that can be fed into any log analyzer.

http://blog.sflow.com/2011/04/nginx.html

Mark Moseley wrote in post #1063450:
> <snip>
>> * use another 3rd-party logging protocol, e.g. statsd, redis: as
>> similarly unsupportable as syslog patches
> </snip>
>
> There's also the nginx sflow module,
> http://code.google.com/p/nginx-sflow-module/
>
> I realize that this is another 3rd party module, so falls into the
> same 'not officially supported' category, but I figured I'd mention it
> as something to add to the centralized logging bag of tricks. I've
> used it and it's pretty nice, though obviously you need an sflow
> server somewhere to send to.

-- 
Posted via http://www.ruby-forum.com/.


From nginx-forum at nginx.us  Thu Jun  7 17:57:05 2012
From: nginx-forum at nginx.us (parttis)
Date: Thu, 7 Jun 2012 13:57:05 -0400 (EDT)
Subject: Code coverage on nginx using lcov (gcov)
Message-ID: <7c9e6c714adc2c44c6bcbb6a748af0f1.NginxMailingListEnglish@forum.nginx.org>

Hi

I am trying to measure code coverage on nginx with lcov (gcov) tool. So
far I am able to get code coverage results, but they are always the
same. Here is a short recap on what I've done.

Downloaded source code.

$ cd /opt
$ wget http://nginx.org/download/nginx-1.2.1.tar.gz
$ tar xzvf nginx-1.2.1.tar.gz
$ cd nginx-1.2.1
$ chmod -R 777 .

Compiled source code with following compiler and linker flags.

$ ./configure --with-cc-opt=--coverage --with-ld-opt=-lgcov
$ make
$ make install

I have done code coverage measurements in following order.

$ lcov --directory /opt/nginx-1.2.1 --zerocounters
$ /usr/local/nginx/sbin/nginx

Made an HTTP request to nginx server.
$ lynx http://localhost:80

$ /usr/local/nginx/sbin/nginx/nginx -s quit
$ lcov --directory /opt/nginx-1.2.1 --capture --output-file app.info
--base-directory /opt/nginx-1.2.1
$ genhtml -o /opt/report1 app.info

Here are the code coverage results.
  lines......: 15.1% (4159 of 27467 lines)
  functions..: 22.6% (262 of 1158 functions)
  branches...: 11.7% (2231 of 19121 branches)

My problem is that I get exactly the same code coverage result when I
don't even make the HTTP request. I think the code coverage in this case
should be smaller than when an HTTP request has been made.

And I get exactly the same code coverage result even if I use several
different request methods (GET, HEAD, PUT, DELETE, POST and TRACE). I
think the code coverage in this case should be bigger than when only one
HTTP request has been made.

Could someone please give an advice on this?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227329,227329#msg-227329


From reallfqq-nginx at yahoo.fr  Thu Jun  7 18:48:10 2012
From: reallfqq-nginx at yahoo.fr (B.R.)
Date: Thu, 7 Jun 2012 14:48:10 -0400
Subject: nginx 1.3.1 not PHP-FPM friendly
In-Reply-To: <4FD0D005.3010603@fedtrek.com>
References: <20120605143050.GW31671@mdounin.ru> <4FCECDEA.8080607@fedtrek.com>
	<CALqce=2+94R6fWE-MNiwDV6ZOWpdzof_TCSGPO=eRWx8OUk5DA@mail.gmail.com>
	<4FCEDE9D.8080107@fedtrek.com> <4FCFDE82.4030303@fedtrek.com>
	<20120607100137.211840@gmx.net> <4FD0D005.3010603@fedtrek.com>
Message-ID: <CALqce=11q7tX1N6BaWKt5jc3ntkctjtzraVnOWDcJr4HUhE9BQ@mail.gmail.com>

If ISPConfig is running without trouble, it seems the problem doesn't come
from Nginx or PHP-FPM themselves.
Check configuration, intermediates, conflicts, etc.

Maybe purge or start from scratch on a separate small installation of Nginx
+ PHP-FPM?
Try to clean-up things and remove unecessary features to get back to a very
basic service.

That's what I do when strange or apparently illogical problems arouse,
---
*B. R.*


On Thu, Jun 7, 2012 at 12:00 PM, Brandon Amaro <omega13a at fedtrek.com> wrote:

> My investigation of things on my server have just gotten a bit weirder. My
> server has ISPConfig installed and the web based control panel is not
> effected at all by this slowness. Yet everything on my site is taking an
> insane amount of time to load if it loads at all. Even a simple php file
> that contains only phpinfo(); takes forever... I'm completely baffled by
> this.
>
>
> --
> omega13a
> Owner and Founder of UFT
> http://www.fedtrek.com
>
>
>
> On 06/07/2012 03:01 AM, Steve wrote:
>
>> -------- Original-Nachricht --------
>>
>>> Datum: Wed, 06 Jun 2012 15:49:38 -0700
>>> Von: Brandon Amaro<omega13a at fedtrek.com>
>>> An: nginx at nginx.org
>>> Betreff: Re: nginx 1.3.1 not PHP-FPM friendly
>>> I'm still having problems. I forgot to mention that I'm running PHP
>>> 5.4.3.
>>>
>>>  I run nginx 1.3.1 and PHP 5.4.3 too and have no issues at all.
>>
>>
>>  --
>>> omega13a
>>> Owner and Founder of UFT
>>> http://www.fedtrek.com
>>>
>>>
>>>
>>> On 06/05/2012 09:37 PM, Brandon Amaro wrote:
>>>
>>>> I'm assuming this is the error as that the error long is filled with
>>>> similar messages since around the time I upgraded:
>>>>
>>>>
>>>> 2012/06/05 21:35:23 [error] 5976#0: *43558 connect() to
>>>> unix:/var/lib/php5-fpm/web1.**sock failed (11: Resource temporarily
>>>> unavailable) while connecting to upstream, client: 72.253.115.223,
>>>> server: fedtrek.com, request: "POST
>>>> /Forums-file-ajax_online_**update-mypage-minus200.html HTTP/1.1",
>>>> upstream: "fastcgi://unix:/var/lib/php5-**fpm/web1.sock:", host:
>>>> "www.fedtrek.com", referrer:
>>>> "http://www.fedtrek.com/Borg_**Species_Designations.html<http://www.fedtrek.com/Borg_Species_Designations.html>
>>>> "
>>>>
>>>> On 06/05/2012 09:28 PM, B.R. wrote:
>>>>
>>>>> Wild guess: maybe some file openings limit reached?
>>>>>
>>>>> Most important thing to start: what does the error log says?
>>>>> ---
>>>>> *B. R.*
>>>>>
>>>>>
>>>>> On Tue, Jun 5, 2012 at 11:26 PM, Brandon Amaro<omega13a at fedtrek.com
>>>>> <mailto:omega13a at fedtrek.com>>  wrote:
>>>>>
>>>>>     After I upgraded to nginx 1.3.1, I've been having a problem with
>>>>>     PHP-FPM. It would work fine for a few minutes then I would start
>>>>>     getting 500 Internal Server Errors on all the pages that use PHP.
>>>>>      I have to keep restaring the PHP-FPM service in order to
>>>>>     navigate my website. Everything was running smoothly before
>>>>>     upgrading nginx and I've haven't made any recent changes in the
>>>>>     config files for both nginx and anything PHP related. I'm running
>>>>>     Fedora 14 (can't upgrade to anything more recent) and compiled
>>>>>     nginx myself as I've always done in the past. Any help would be
>>>>>     greatly appreciated.
>>>>>
>>>>>     --
>>>>>     omega13a
>>>>>     Owner and Founder of UFT
>>>>>     http://www.fedtrek.com
>>>>>
>>>>>     ______________________________**_________________
>>>>>     nginx mailing list
>>>>>     nginx at nginx.org<mailto:nginx@**nginx.org <nginx at nginx.org>>
>>>>>     http://mailman.nginx.org/**mailman/listinfo/nginx<http://mailman.nginx.org/mailman/listinfo/nginx>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ______________________________**_________________
>>>>> nginx mailing list
>>>>> nginx at nginx.org
>>>>> http://mailman.nginx.org/**mailman/listinfo/nginx<http://mailman.nginx.org/mailman/listinfo/nginx>
>>>>>
>>>>
>>>> --
>>>> omega13a
>>>> Owner and Founder of UFT
>>>> http://www.fedtrek.com
>>>>
>>>>
>>>> ______________________________**_________________
>>>> nginx mailing list
>>>> nginx at nginx.org
>>>> http://mailman.nginx.org/**mailman/listinfo/nginx<http://mailman.nginx.org/mailman/listinfo/nginx>
>>>>
>>>
> ______________________________**_________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/**mailman/listinfo/nginx<http://mailman.nginx.org/mailman/listinfo/nginx>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120607/96eaa8df/attachment-0001.html>

From steeeeeveee at gmx.net  Thu Jun  7 20:24:09 2012
From: steeeeeveee at gmx.net (Steve)
Date: Thu, 07 Jun 2012 22:24:09 +0200
Subject: nginx 1.3.1 not PHP-FPM friendly
In-Reply-To: <4FD0D005.3010603@fedtrek.com>
References: <20120605143050.GW31671@mdounin.ru> <4FCECDEA.8080607@fedtrek.com>
	<CALqce=2+94R6fWE-MNiwDV6ZOWpdzof_TCSGPO=eRWx8OUk5DA@mail.gmail.com>
	<4FCEDE9D.8080107@fedtrek.com> <4FCFDE82.4030303@fedtrek.com>
	<20120607100137.211840@gmx.net> <4FD0D005.3010603@fedtrek.com>
Message-ID: <20120607202409.232830@gmx.net>


-------- Original-Nachricht --------
> Datum: Thu, 07 Jun 2012 09:00:05 -0700
> Von: Brandon Amaro <omega13a at fedtrek.com>
> An: nginx at nginx.org
> Betreff: Re: nginx 1.3.1 not PHP-FPM friendly

> My investigation of things on my server have just gotten a bit weirder. 
> My server has ISPConfig installed and the web based control panel is not 
> effected at all by this slowness. Yet everything on my site is taking an 
> insane amount of time to load if it loads at all. Even a simple php file 
> that contains only phpinfo(); takes forever... I'm completely baffled by 
> this.
> 
But all of this has nothing to do with nginx. Does it take the same amount of time if you call with php cli? Probably yes. Right?


> -- 
> omega13a
> Owner and Founder of UFT
> http://www.fedtrek.com
> 
> 
> 
> On 06/07/2012 03:01 AM, Steve wrote:
> > -------- Original-Nachricht --------
> >> Datum: Wed, 06 Jun 2012 15:49:38 -0700
> >> Von: Brandon Amaro<omega13a at fedtrek.com>
> >> An: nginx at nginx.org
> >> Betreff: Re: nginx 1.3.1 not PHP-FPM friendly
> >> I'm still having problems. I forgot to mention that I'm running PHP
> 5.4.3.
> >>
> > I run nginx 1.3.1 and PHP 5.4.3 too and have no issues at all.
> >
> >
> >> -- 
> >> omega13a
> >> Owner and Founder of UFT
> >> http://www.fedtrek.com
> >>
> >>
> >>
> >> On 06/05/2012 09:37 PM, Brandon Amaro wrote:
> >>> I'm assuming this is the error as that the error long is filled with
> >>> similar messages since around the time I upgraded:
> >>>
> >>>
> >>> 2012/06/05 21:35:23 [error] 5976#0: *43558 connect() to
> >>> unix:/var/lib/php5-fpm/web1.sock failed (11: Resource temporarily
> >>> unavailable) while connecting to upstream, client: 72.253.115.223,
> >>> server: fedtrek.com, request: "POST
> >>> /Forums-file-ajax_online_update-mypage-minus200.html HTTP/1.1",
> >>> upstream: "fastcgi://unix:/var/lib/php5-fpm/web1.sock:", host:
> >>> "www.fedtrek.com", referrer:
> >>> "http://www.fedtrek.com/Borg_Species_Designations.html"
> >>>
> >>> On 06/05/2012 09:28 PM, B.R. wrote:
> >>>> Wild guess: maybe some file openings limit reached?
> >>>>
> >>>> Most important thing to start: what does the error log says?
> >>>> ---
> >>>> *B. R.*
> >>>>
> >>>>
> >>>> On Tue, Jun 5, 2012 at 11:26 PM, Brandon Amaro<omega13a at fedtrek.com
> >>>> <mailto:omega13a at fedtrek.com>>  wrote:
> >>>>
> >>>>      After I upgraded to nginx 1.3.1, I've been having a problem with
> >>>>      PHP-FPM. It would work fine for a few minutes then I would start
> >>>>      getting 500 Internal Server Errors on all the pages that use
> PHP.
> >>>>       I have to keep restaring the PHP-FPM service in order to
> >>>>      navigate my website. Everything was running smoothly before
> >>>>      upgrading nginx and I've haven't made any recent changes in the
> >>>>      config files for both nginx and anything PHP related. I'm
> running
> >>>>      Fedora 14 (can't upgrade to anything more recent) and compiled
> >>>>      nginx myself as I've always done in the past. Any help would be
> >>>>      greatly appreciated.
> >>>>
> >>>>      --
> >>>>      omega13a
> >>>>      Owner and Founder of UFT
> >>>>      http://www.fedtrek.com
> >>>>
> >>>>      _______________________________________________
> >>>>      nginx mailing list
> >>>>      nginx at nginx.org<mailto:nginx at nginx.org>
> >>>>      http://mailman.nginx.org/mailman/listinfo/nginx
> >>>>
> >>>>
> >>>>
> >>>>
> >>>> _______________________________________________
> >>>> nginx mailing list
> >>>> nginx at nginx.org
> >>>> http://mailman.nginx.org/mailman/listinfo/nginx
> >>>
> >>> -- 
> >>> omega13a
> >>> Owner and Founder of UFT
> >>> http://www.fedtrek.com
> >>>
> >>>
> >>> _______________________________________________
> >>> nginx mailing list
> >>> nginx at nginx.org
> >>> http://mailman.nginx.org/mailman/listinfo/nginx
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

-- 
Empfehlen Sie GMX DSL Ihren Freunden und Bekannten und wir
belohnen Sie mit bis zu 50,- Euro! https://freundschaftswerbung.gmx.de


From ne at vbart.ru  Thu Jun  7 20:59:57 2012
From: ne at vbart.ru (Valentin V. Bartenev)
Date: Fri, 8 Jun 2012 00:59:57 +0400
Subject: Code coverage on nginx using lcov (gcov)
In-Reply-To: <7c9e6c714adc2c44c6bcbb6a748af0f1.NginxMailingListEnglish@forum.nginx.org>
References: <7c9e6c714adc2c44c6bcbb6a748af0f1.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <201206080059.57528.ne@vbart.ru>

On Thursday 07 June 2012 21:57:05 parttis wrote:
> Hi
> 
> I am trying to measure code coverage on nginx with lcov (gcov) tool. So
> far I am able to get code coverage results, but they are always the
> same. Here is a short recap on what I've done.
> 
> Downloaded source code.
> 
> $ cd /opt
> $ wget http://nginx.org/download/nginx-1.2.1.tar.gz
> $ tar xzvf nginx-1.2.1.tar.gz
> $ cd nginx-1.2.1
> $ chmod -R 777 .
> 
> Compiled source code with following compiler and linker flags.
> 
> $ ./configure --with-cc-opt=--coverage --with-ld-opt=-lgcov
> $ make
> $ make install
> 
> I have done code coverage measurements in following order.
> 
> $ lcov --directory /opt/nginx-1.2.1 --zerocounters
> $ /usr/local/nginx/sbin/nginx
> 
> Made an HTTP request to nginx server.
> $ lynx http://localhost:80
> 
> $ /usr/local/nginx/sbin/nginx/nginx -s quit
> $ lcov --directory /opt/nginx-1.2.1 --capture --output-file app.info
> --base-directory /opt/nginx-1.2.1
> $ genhtml -o /opt/report1 app.info
> 
> Here are the code coverage results.
>   lines......: 15.1% (4159 of 27467 lines)
>   functions..: 22.6% (262 of 1158 functions)
>   branches...: 11.7% (2231 of 19121 branches)
> 
> My problem is that I get exactly the same code coverage result when I
> don't even make the HTTP request. I think the code coverage in this case
> should be smaller than when an HTTP request has been made.
> 
> And I get exactly the same code coverage result even if I use several
> different request methods (GET, HEAD, PUT, DELETE, POST and TRACE). I
> think the code coverage in this case should be bigger than when only one
> HTTP request has been made.
> 
> Could someone please give an advice on this?
> 

Looks like it measures only the master process, which does not
process requests. I don't know much about gcov, probably it can
measure multi-process applications, but also you can set the
"master_process" directive to "off".

http://nginx.org/r/master_process

 wbr, Valentin V. Bartenev


From nginx-forum at nginx.us  Fri Jun  8 02:25:47 2012
From: nginx-forum at nginx.us (alyn)
Date: Thu, 7 Jun 2012 22:25:47 -0400 (EDT)
Subject: Converse Comme des Garcons Play Online
Message-ID: <64e37a70170f5de70713f17d29c85e17.NginxMailingListEnglish@forum.nginx.org>

Material used for the
[b][url=http://www.conversefeatured.com/converse-comme-des-garcons-play-c-128.html]Converse
Comme des Garcons Play Online[/url][/b] are mostly corduroy, canvas and
woolrich. This is not it! You can also pick various styles like
[b][url=http://www.conversefeatured.com/converse-comme-des-garcons-play-c-128.html]converse
comme des garcons play shoes[/url][/b] on's.We would like to share the
names of our best sellers in Converse shoes so you can all check out
this great collection.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227335,227335#msg-227335


From simohayha.bobo at gmail.com  Fri Jun  8 07:29:21 2012
From: simohayha.bobo at gmail.com (Simon Liu)
Date: Fri, 8 Jun 2012 15:29:21 +0800
Subject: nginx configure error when use zsh
Message-ID: <CAB6pCs9s+4=hPvQ__JESF7bY9e=xu+gwkvYfMrUcx91gp=MB1w@mail.gmail.com>

Hello.

nginx configure error when I use zsh.

This is my environment:

operating system:  Linux(3.3.7-1-ARCH)

zsh: 4.3.17 (i686-pc-linux-gnu)

Nginx:  1.3.1

This is configure message:

checking for OS
 + Linux 3.3.7-1-ARCH i686
checking for C compiler ... found
 + using GNU C compiler
 + gcc version: 4.7.0 20120505 (prerelease) (GCC)
.........................................................................
...............................................................
checking for Linux specific features
*auto/os/linux:154: parse error near `version=$((`uname -r...'*
...................................................................................................
*auto/modules:396: read-only variable: modules*
...................................................................................


Thanks!

-- 
do not fear to be eccentric in opinion, for every opinion now accepted was
once eccentric.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120608/b8a8ec51/attachment.html>

From nginx-forum at nginx.us  Fri Jun  8 07:56:00 2012
From: nginx-forum at nginx.us (lima)
Date: Fri, 8 Jun 2012 03:56:00 -0400 (EDT)
Subject: Error while connecting to apache from nginx running on same machine
Message-ID: <a80a98321eebf817e5f5c21eacf94014.NginxMailingListEnglish@forum.nginx.org>

Hi,

    I have an LB setup with nginx for an ssl enabled website. It will be
listening at 443 port. For some requests, i need to proxy them to apache
running at 7443 port in the same machine. but when i send the request,
it is trying to forward it to apache and is getting 500 error. I checked
the logs in apache, where there is nothing logged in ssl-error_log
(which logs all the errors happening while transferring https requests)
but the error_log (which logs all the errors happening while
transferring http requests) was showing the message like       [error]
Hello

But if I pass it to apache running in 7443 in some other machine, it is
working fine.


So, I think there is some problem while handshaking between nginx and
apache running on different ports in the same machine. Can some one
please assist me how to resolve this..Thanks in advance...

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227341,227341#msg-227341


From sb at waeme.net  Fri Jun  8 08:56:30 2012
From: sb at waeme.net (Sergey Budnevitch)
Date: Fri, 8 Jun 2012 12:56:30 +0400
Subject: nginx configure error when use zsh
In-Reply-To: <CAB6pCs9s+4=hPvQ__JESF7bY9e=xu+gwkvYfMrUcx91gp=MB1w@mail.gmail.com>
References: <CAB6pCs9s+4=hPvQ__JESF7bY9e=xu+gwkvYfMrUcx91gp=MB1w@mail.gmail.com>
Message-ID: <843A9285-0DA9-4475-BFA0-50DCDC43E945@waeme.net>


On 08.06.2012, at 11:29, Simon Liu wrote:

> Hello.
> 
> nginx configure error when I use zsh.

Please show me result of
ls -l `which sh`

> 
> This is my environment:
> 
> operating system:  Linux(3.3.7-1-ARCH)
> 
> zsh: 4.3.17 (i686-pc-linux-gnu)
> 
> Nginx:  1.3.1
> 
> This is configure message:
> 
> checking for OS
>  + Linux 3.3.7-1-ARCH i686
> checking for C compiler ... found
>  + using GNU C compiler
>  + gcc version: 4.7.0 20120505 (prerelease) (GCC) 
> .........................................................................
> ...............................................................
> checking for Linux specific features
> auto/os/linux:154: parse error near `version=$((`uname -r...'
> ...................................................................................................
> auto/modules:396: read-only variable: modules
> ...................................................................................
> 
> 
> Thanks!
> 
> -- 
> do not fear to be eccentric in opinion, for every opinion now accepted was once eccentric. 
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From mdounin at mdounin.ru  Fri Jun  8 11:55:11 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 8 Jun 2012 15:55:11 +0400
Subject: nginx configure error when use zsh
In-Reply-To: <CAB6pCs9s+4=hPvQ__JESF7bY9e=xu+gwkvYfMrUcx91gp=MB1w@mail.gmail.com>
References: <CAB6pCs9s+4=hPvQ__JESF7bY9e=xu+gwkvYfMrUcx91gp=MB1w@mail.gmail.com>
Message-ID: <20120608115511.GD31671@mdounin.ru>

Hello!

On Fri, Jun 08, 2012 at 03:29:21PM +0800, Simon Liu wrote:

> Hello.
> 
> nginx configure error when I use zsh.
> 
> This is my environment:
> 
> operating system:  Linux(3.3.7-1-ARCH)
> 
> zsh: 4.3.17 (i686-pc-linux-gnu)

You mean using zsh instead of POSIX-compliant shell for /bin/sh?  
Looks like bad idea.  Zsh docs at most promise it will "try to 
emulate sh", nothing more.

Maxim Dounin


From bruno.premont at restena.lu  Fri Jun  8 12:40:52 2012
From: bruno.premont at restena.lu (Bruno =?UTF-8?B?UHLDqW1vbnQ=?=)
Date: Fri, 8 Jun 2012 14:40:52 +0200
Subject: nginx worker segfault, NULL pool
Message-ID: <20120608144052.79d06009@pluto.restena.lu>

Hi,

Running nginx on ARM I'm having it segfault at about any request (those
known not to crash are /status/nginx and /status/php-fpm).
Attaching it with GDB I get the following trace:

Program received signal SIGSEGV, Segmentation fault.
ngx_alloc_chain_link (pool=0x0) at src/core/ngx_buf.c:52
52      src/core/ngx_buf.c: No such file or directory.
        in src/core/ngx_buf.c
(gdb) backtrace
#0  ngx_alloc_chain_link (pool=0x0) at src/core/ngx_buf.c:52
#1  0x00012290 in ngx_chain_writer (data=0x525b24, in=<optimized out>) at src/core/ngx_output_chain.c:626
#2  0x0001202c in ngx_output_chain (ctx=0x525ae4, in=0x5260a4) at src/core/ngx_output_chain.c:66
#3  0x0004a6d0 in ngx_http_upstream_send_request (r=0x524c18, u=0x525a9c) at src/http/ngx_http_upstream.c:1394
#4  0x0004aeec in ngx_http_upstream_init_request (r=0x524c18) at src/http/ngx_http_upstream.c:645
#5  ngx_http_upstream_init (r=0x524c18) at src/http/ngx_http_upstream.c:446
#6  0x000427a4 in ngx_http_read_client_request_body (r=0x524c18, post_handler=0x4ac80 <ngx_http_upstream_init>) at src/http/ngx_http_request_body.c:59
#7  0x000612e0 in ngx_http_fastcgi_handler (r=0x524c18) at src/http/modules/ngx_http_fastcgi_module.c:636
#8  0x00036d18 in ngx_http_core_content_phase (r=0x524c18, ph=0x54ce08) at src/http/ngx_http_core_module.c:1396
#9  0x00032458 in ngx_http_core_run_phases (r=0x524c18) at src/http/ngx_http_core_module.c:877
#10 0x00037848 in ngx_http_internal_redirect (r=0x524c18, uri=<optimized out>, args=<optimized out>) at src/http/ngx_http_core_module.c:2545
#11 0x0004dad0 in ngx_http_index_handler (r=0x524c18) at src/http/modules/ngx_http_index_module.c:277
#12 0x00036d38 in ngx_http_core_content_phase (r=0x524c18, ph=0x54ce08) at src/http/ngx_http_core_module.c:1403
#13 0x00032458 in ngx_http_core_run_phases (r=0x524c18) at src/http/ngx_http_core_module.c:877
#14 0x0003bccc in ngx_http_process_request (r=0x524c18) at src/http/ngx_http_request.c:1688
#15 0x0003c6e0 in ngx_http_process_request_line (rev=0x40a5b10c) at src/http/ngx_http_request.c:932
#16 0x000397b8 in ngx_http_init_request (rev=0x40a5b10c) at src/http/ngx_http_request.c:519
#17 0x0002bf70 in ngx_epoll_process_events (cycle=<optimized out>, timer=<optimized out>, flags=<optimized out>) at src/event/modules/ngx_epoll_module.c:679
#18 0x00023d0c in ngx_process_events_and_timers (cycle=0x51ec18) at src/event/ngx_event.c:247
#19 0x0002a278 in ngx_worker_process_cycle (cycle=<optimized out>, data=<optimized out>) at src/os/unix/ngx_process_cycle.c:806
#20 0x00028920 in ngx_spawn_process (cycle=0x51ec18, proc=0, data=0x40096918, name=0x69d00 "worker process", respawn=-3) at src/os/unix/ngx_process.c:198
#21 0x0002a6f0 in ngx_start_worker_processes (cycle=0x51ec18, n=1, type=-3) at src/os/unix/ngx_process_cycle.c:365
#22 0x0002acb0 in ngx_master_process_cycle (cycle=0x51ec18) at src/os/unix/ngx_process_cycle.c:137
#23 0x0000eb64 in main (argc=<optimized out>, argv=<optimized out>) at src/core/nginx.c:410


System is Gentoo on ARM (armv5tel), nginx -V (applied patch: forward-ported
ipv6-geoip support patch as attached):

nginx version: nginx/1.2.1
TLS SNI support enabled
configure arguments: --prefix=/usr --conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error_log --pid-path=/var/run/nginx.pid
--lock-path=/var/lock/nginx.lock --with-cc-opt=-I/usr/include
--with-ld-opt=-L/usr/lib --http-log-path=/var/log/nginx/access_log
--http-client-body-temp-path=/var/tmp/nginx/client
--http-proxy-temp-path=/var/tmp/nginx/proxy
--http-fastcgi-temp-path=/var/tmp/nginx/fastcgi
--http-scgi-temp-path=/var/tmp/nginx/scgi
--http-uwsgi-temp-path=/var/tmp/nginx/uwsgi --with-file-aio
--with-aio_module --with-ipv6 --with-pcre --without-http_browser_module
--without-http_charset_module --without-http_empty_gif_module
--without-http_memcached_module --without-http_proxy_module
--without-http_referer_module --without-http_scgi_module
--without-http_split_clients_module --without-http_userid_module
--without-http_uwsgi_module --with-http_geoip_module
--with-http_stub_status_module --with-http_xslt_module
--with-http_realip_module
--add-module=/var/tmp/portage/www-servers/nginx-1.2.1/work/agentzh-headers-more-nginx-module-3580526
--without-http-cache --with-http_ssl_module --without-mail_imap_module
--without-mail_pop3_module --without-mail_smtp_module --user=nginx
--group=nginx


Having a look at the code it means that
   ngx_http_upstream_t->output->filter_ctx->pool is NULL
but still being dereferenced...


I have seen equivalent crash behavior for nginx-1.2.0 (no analysed or check exact
cause with gdb and debug symbols) on the same host but have not seen crashes
on an x86 system with 1.2.0.
Note, config might help trigger the issue, quoted below:

############ nginx.conf ###############
user nginx nginx;
daemon off;
worker_processes 1;
worker_cpu_affinity 0001;
worker_rlimit_nofile 65535;

error_log /var/log/nginx/error_log info;

events {
        accept_mutex off;
        worker_connections 10240;
        use epoll;
}

http {
        include /etc/nginx/mime.types;
        #default_type application/octet-stream;
        server_names_hash_bucket_size 64;

        geoip_country  /usr/share/GeoIP/GeoIPv6.dat;

        log_format main
                '$remote_addr $host $remote_user [$time_local] '
                '"$request" $status $bytes_sent '
                '"$http_referer" "$http_user_agent" $request_time "$gzip_ratio" -';
        log_format main_ssl
                '$remote_addr $host $remote_user [$time_local] '
                '"$request" $status $bytes_sent '
                '"$http_referer" "$http_user_agent" $request_time "$gzip_ratio" $ssl_protocol';

        client_header_timeout 10m;
        client_body_timeout 10m;
        send_timeout 10m;

        connection_pool_size 256;
        client_header_buffer_size 1k;
        large_client_header_buffers 4 2k;
        request_pool_size 4k;

        gzip on;
        gzip_min_length 1100;
        gzip_buffers 4 8k;
        gzip_types text/plain application/xhtml+xml text/css application/javascript application/xml application/json;

        output_buffers 1 32k;
        postpone_output 1460;

        sendfile off;
        tcp_nopush on;
        tcp_nodelay on;

        keepalive_timeout 75 20;

        ignore_invalid_headers on;

        index index.html;

        # HTTP catch-all
        server {
		listen <local_addr-v4>:80 default_server;
		listen [<local_addr-v6]:80 default_server;

                access_log /var/log/nginx/access_log main;
                error_log /var/log/nginx/error_log info;
                rewrite_log off;

                return 410;
        }

        ########## include-1-start ###############
	server {
	        #
	        # HTTP access not wanted, redirect to HTTPS!
	        #
		listen <local_addr-v4>:80;
		listen [<local_addr-v6]:80;
	        include listen;
	        server_name armbox.tld;

	        access_log /var/log/nginx/sheeva.log main;
	        error_log /var/log/nginx/sheeva.elog info;
	        rewrite_log off;

	        ########## include-2-start ###############
                allow <subnet-v6>; # replaced subnet with placeholder
		allow <subnet-v6>;
		allow <subnet-v4>;
		allow <subnet-v4>;
		deny all;

		root /home/www/htdocs;
		index index.php index.html;

		error_page 400 /error400.php;
		error_page 403 /error403.php;
		error_page 404 /error404.php;
		error_page 500 /error500.php;
		error_page 502 /error502.php;
		error_page 503 /error503.php;

		rewrite ^/$     /status.html redirect;

		# Status monitoring pages
		location ~ ^/status/php-fpm$ {
		        include fastcgi_params;
		        fastcgi_buffer_size 8k;
		        fastcgi_buffers 16 4k;
		        fastcgi_param SCRIPT_FILENAME /dev/null;
		        fastcgi_param REDIRECT_STATUS 200;
		        fastcgi_pass unix:/run/php-fpm/fpm.socket;
		}
		location = /status/nginx {
		        stub_status on;
		}

		# Remaining pages
		location ~ ^/(?<page>.*)\.html$ {
		        # Rewrite non-html pages to php
		        if (-f $request_filename) { break; }
		        if (-f $document_root/$page.php ) { rewrite ^ /$page.php last; }
		}
		rewrite ^/rrdgraph.(png|svg|pdf|eps)$ /rrdgraph.php last;
		location ~ ^/(?<path>.*/)?error(?<ecode>[0-9]+)\.php$ {
		        # Handle error pages
		        if (!-f $document_root/$path/error.php) { rewrite ^ /error404.txt last; }
		        if ($ecode !~ [0-9]+) { set $ecode 200; }
		        include fastcgi_params;
		        fastcgi_buffer_size 8k;
		        fastcgi_buffers 16 4k;
		        fastcgi_param SCRIPT_FILENAME $document_root/$path/error.php;
		        fastcgi_param REDIRECT_STATUS $ecode;
		        fastcgi_pass unix:/var/run/php-fpm/fpm.socket;
		}
		location ~ \.php$ {
		        # Handle PHP pages
		        if (!-f $request_filename) { rewrite ^ /error404.php last; }
		        include fastcgi_params;
		        fastcgi_buffer_size 8k;
		        fastcgi_buffers 16 4k;
		        fastcgi_param SCRIPT_FILENAME $request_filename;
		        fastcgi_param REDIRECT_STATUS 200;
		        fastcgi_pass unix:/var/run/php-fpm/fpm.socket;
		}
		location /img/ {
		        expires 1h;
		}
		location /css/ {
		        expires 1h;
		}
		location /js/ {
		        expires 1h;
		}
	        ########## include-2-end   ###############
	}
        ########## include-1-end   ###############
}

-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginx-1.2.1-geoip-ipv6.patch
Type: text/x-patch
Size: 10076 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120608/8c2e37c5/attachment.bin>

From mdounin at mdounin.ru  Fri Jun  8 15:31:39 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 8 Jun 2012 19:31:39 +0400
Subject: nginx worker segfault, NULL pool
In-Reply-To: <20120608144052.79d06009@pluto.restena.lu>
References: <20120608144052.79d06009@pluto.restena.lu>
Message-ID: <20120608153139.GF31671@mdounin.ru>

Hello!

On Fri, Jun 08, 2012 at 02:40:52PM +0200, Bruno Pr?mont wrote:

> Running nginx on ARM I'm having it segfault at about any request (those
> known not to crash are /status/nginx and /status/php-fpm).
> Attaching it with GDB I get the following trace:

[...]

>         geoip_country  /usr/share/GeoIP/GeoIPv6.dat;

Is it works for you if you don't use GeoIP?

[...]

Maxim Dounin


From supairish at gmail.com  Fri Jun  8 15:48:44 2012
From: supairish at gmail.com (Chris Irish)
Date: Fri, 8 Jun 2012 08:48:44 -0700
Subject: Expires Headers under https
Message-ID: <CA+UzN+a=DHkWyxCSGW7qWu4W6eRTFpLb15ip-Q-n4DXncGP2JQ@mail.gmail.com>

Hey all,
   I'm having a Nginx problem with my Rails app.  When I try setting
Expires Headers for Static Assets in an https server block they 404.  I've
tried a couple different ways but can't seem to get it to work.  Here a
gist of what I've tried.  Any suggestions?

https://gist.github.com/2896294


Much appreciated





-- 
Chris Irish
Burst Software
Rails Web Development

w:  www.christopherirish.com
<http://www.christopherirish.com>e:  supairish at gmail.com
c:  623-523-2221
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120608/2eb4fd9f/attachment.html>

From mdounin at mdounin.ru  Fri Jun  8 16:39:49 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 8 Jun 2012 20:39:49 +0400
Subject: Expires Headers under https
In-Reply-To: <CA+UzN+a=DHkWyxCSGW7qWu4W6eRTFpLb15ip-Q-n4DXncGP2JQ@mail.gmail.com>
References: <CA+UzN+a=DHkWyxCSGW7qWu4W6eRTFpLb15ip-Q-n4DXncGP2JQ@mail.gmail.com>
Message-ID: <20120608163949.GI31671@mdounin.ru>

Hello!

On Fri, Jun 08, 2012 at 08:48:44AM -0700, Chris Irish wrote:

> Hey all,
>    I'm having a Nginx problem with my Rails app.  When I try setting
> Expires Headers for Static Assets in an https server block they 404.  I've
> tried a couple different ways but can't seem to get it to work.  Here a
> gist of what I've tried.  Any suggestions?
> 
> https://gist.github.com/2896294

Most likely you are hitting this "problem":

http://wiki.nginx.org/Pitfalls#Root_inside_Location_Block

Can't say for sure as you've "ommitted the non relevant config 
parts for clarity".

Maxim Dounin


From cordmacleod at gmail.com  Fri Jun  8 17:38:25 2012
From: cordmacleod at gmail.com (Cord MacLeod)
Date: Fri, 8 Jun 2012 10:38:25 -0700
Subject: filtering access logs
Message-ID: <4D535C8C-A5ED-4A39-8E3A-19A4F17FF36F@gmail.com>

I have an nginx server that terminates SSL and subsequently logs usernames and passwords send in the URL string in the logs.  There is a particular compliance regulation that required me to scrub these out with xxxx or some set of arbitrary characters  before they are written to disk.  Is there a facility or way of doing this with nginx or some add on?

From bruno.premont at restena.lu  Fri Jun  8 19:43:44 2012
From: bruno.premont at restena.lu (Bruno =?UTF-8?B?UHLDqW1vbnQ=?=)
Date: Fri, 8 Jun 2012 21:43:44 +0200
Subject: nginx worker segfault, NULL pool
In-Reply-To: <20120608153139.GF31671@mdounin.ru>
References: <20120608144052.79d06009@pluto.restena.lu>
	<20120608153139.GF31671@mdounin.ru>
Message-ID: <20120608214344.10a8a7a9@neptune.home>

Hello Maxim,

On Fri, 08 June 2012 Maxim Dounin <mdounin at mdounin.ru> wrote:
> On Fri, Jun 08, 2012 at 02:40:52PM +0200, Bruno Pr?mont wrote:
> > Running nginx on ARM I'm having it segfault at about any request (those
> > known not to crash are /status/nginx and /status/php-fpm).
> > Attaching it with GDB I get the following trace:
> 
> [...]
> 
> >         geoip_country  /usr/share/GeoIP/GeoIPv6.dat;
> 
> Is it works for you if you don't use GeoIP?

Just disabling it config side makes no difference.

I will try disabling it at configure time and see if it changes
anything, though I doubt it will.


Oh, and in case it is important, my fastcgi_params include
some extra options:

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  HTTPS              $https if_not_empty;
fastcgi_param  SSL_CIPHER          $ssl_cipher if_not_empty;
fastcgi_param  SSL_PROTOCOL        $ssl_protocol if_not_empty;
fastcgi_param  SSL_SESSION_ID      $ssl_session_id if_not_empty;
fastcgi_param  SSL_CLIENT_SERIAL   $ssl_client_serial if_not_empty;
fastcgi_param  SSL_CLIENT_S_DN     $ssl_client_s_dn if_not_empty;
fastcgi_param  SSL_CLIENT_I_DN     $ssl_client_i_dn if_not_empty;
fastcgi_param  SSL_CLIENT_CERT     $ssl_client_cert if_not_empty;
fastcgi_param  SSL_CLIENT_RAW_CERT $ssl_client_raw_cert if_not_empty;
fastcgi_param  SSL_CLIENT_VERIFY   $ssl_client_verify if_not_empty;

# disabled as requested
#fastcgi_param  GEOIP_COUNTRY_CODE $geoip_country_code;
#fastcgi_param  GEOIP_COUNTRY_NAME $geoip_country_name;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;


> [...]
> 
> Maxim Dounin

Bruno


From nginx-forum at nginx.us  Fri Jun  8 20:31:17 2012
From: nginx-forum at nginx.us (itpp2012)
Date: Fri, 8 Jun 2012 16:31:17 -0400 (EDT)
Subject: Error while connecting to apache from nginx running on same
	machine
In-Reply-To: <a80a98321eebf817e5f5c21eacf94014.NginxMailingListEnglish@forum.nginx.org>
References: <a80a98321eebf817e5f5c21eacf94014.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <7218c6792a667f92b837417745b7c8fe.NginxMailingListEnglish@forum.nginx.org>

Show us the relative config parts, we're just guessing without it.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227341,227371#msg-227371


From bruno.premont at restena.lu  Fri Jun  8 21:40:46 2012
From: bruno.premont at restena.lu (Bruno =?UTF-8?B?UHLDqW1vbnQ=?=)
Date: Fri, 8 Jun 2012 23:40:46 +0200
Subject: nginx worker segfault, NULL pool
In-Reply-To: <20120608214344.10a8a7a9@neptune.home>
References: <20120608144052.79d06009@pluto.restena.lu>
	<20120608153139.GF31671@mdounin.ru>
	<20120608214344.10a8a7a9@neptune.home>
Message-ID: <20120608234046.48857ccb@neptune.home>

Hello Maxim,

> On Fri, 08 June 2012 Maxim Dounin <mdounin at mdounin.ru> wrote:
> > On Fri, Jun 08, 2012 at 02:40:52PM +0200, Bruno Pr?mont wrote:
> > > Running nginx on ARM I'm having it segfault at about any request (those
> > > known not to crash are /status/nginx and /status/php-fpm).
> > > Attaching it with GDB I get the following trace:
> > 
> > [...]
> > 
> > >         geoip_country  /usr/share/GeoIP/GeoIPv6.dat;
> > 
> > Is it works for you if you don't use GeoIP?
> 
> Just disabling it config side makes no difference.
> 
> I will try disabling it at configure time and see if it changes
> anything, though I doubt it will.

Exact same result when geoip support is not built at all.


Looking more exactly at the URLs I tested, static file like images
don't crash the worker, just those that get handled by php-fpm upstream
do (e.g. /collectd/ which implies /collectd/index.php).

For the static files the result browser side looks the same, connection
closed before getting any content but that time around nginx logs something
to error log:
2012/06/08 23:30:42 [alert] 20638#0: *2 pread() read only 400 of 32768 from "/home/www/htdocs/collectd/add.png" while sending response to client, client: 123.123.123.123, server: arm.tld, request: "GET /collectd/add.png HTTP/1.1", host: "arm.tld"

Tough stat on that file returns:
  File: `/home/www/htdocs/collectd/add.png'
  Size: 400             Blocks: 8          IO Block: 4096   regular file
Device: b302h/45826d    Inode: 33          Links: 1
Access: (0644/-rw-r--r--)  Uid: (    0/    root)   Gid: (    0/    root)
Access: 2010-02-26 17:31:32.899120476 +0100
Modify: 2010-02-26 17:31:32.899120476 +0100
Change: 2011-05-07 01:19:21.440005750 +0200
 Birth: -

Toogling SendFile back to "on" seems to get file access to work again
(a few days ago with 1.2.0 turning it of made it work for a day or so)???

Bruno


From nginx-forum at nginx.us  Sat Jun  9 06:44:23 2012
From: nginx-forum at nginx.us (torajx)
Date: Sat, 9 Jun 2012 02:44:23 -0400 (EDT)
Subject: block access to a file !!
In-Reply-To: <20120606143153.GG4719@craic.sysops.org>
References: <20120606143153.GG4719@craic.sysops.org>
Message-ID: <af22c112abe287dda28df7ee2d49998e.NginxMailingListEnglish@forum.nginx.org>

thank you again; i will test and inform you here...

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227281,227376#msg-227376


From nginx-forum at nginx.us  Sat Jun  9 08:41:23 2012
From: nginx-forum at nginx.us (valinor)
Date: Sat, 9 Jun 2012 04:41:23 -0400 (EDT)
Subject: nginx default server not used
In-Reply-To: <a483f6c2a183201fff04cb43ce5414ff.NginxMailingListEnglish@forum.nginx.org>
References: <CAN=WzV3Q_J6-bj8RmWJgjQXuB+Xux8d1uagKSffxWwoddBt-qw@mail.gmail.com>
	<a483f6c2a183201fff04cb43ce5414ff.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <97221a02eacadcfdd878d65ba48ebf34.NginxMailingListEnglish@forum.nginx.org>

Hello

I have found another possible cause for nginx to ignore default server
I have encountered it just now, and it is not your case, but maybe it
would be helpful for someone

At example:

server {
  listen 80 default_server;
  server_name default.domain.dom;
................
}

server {
  listen <particular.ip>:80;
  server_name some.server.domain.dom;
..................
}

In this case, listening schema for the default server is _not_the_same_
as for another server.
Considering the fact that we have described a server with the particular
ip address, our default server for that ip (although it is listening on
all IPs) would be ignored, and all queries to that particular ip, even
with "Host: default.domain.dom", would be directed to
"some.server.domain.dom" as it becomes a default (first-described)
server for this listening schema.
We have to explicitly describe "listen <particular.ip>:80" on the
default server to enable it for this schema.

WBW, valinor

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,222679,227377#msg-227377


From nginx-forum at nginx.us  Sat Jun  9 10:25:55 2012
From: nginx-forum at nginx.us (zgen)
Date: Sat, 9 Jun 2012 06:25:55 -0400 (EDT)
Subject: Freebsd/jail: nginx ignores IP in listen directive
Message-ID: <ee827846f7f9a0f50b17b9930c7b00db.NginxMailingListEnglish@forum.nginx.org>

FreeBSD 8.3/amd64
nginx 1.2.1
jail

default config, but listen is:

server {
    listen       ip_addr_of_jail:80;
...
}

but 

$ telnet 127.0.0.1 80 
gets answer from nginx. If I remark this listen directive - nginx isn't
answer.

Why nginx listens localhost?

I found something similar to this here:

http://mailman.nginx.org/pipermail/nginx/2009-February/009947.html

but 
server {
      listen 80;
      allow         ip_addr_of_jail;
      deny   all;
...
}

isn't works too.

Thanks for help.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227381,227381#msg-227381


From siefke_listen at web.de  Sat Jun  9 10:58:14 2012
From: siefke_listen at web.de (Silvio Siefke)
Date: Sat, 9 Jun 2012 12:58:14 +0200
Subject: Unable to start php-fpm
In-Reply-To: <349b4899bb3c8449ab7f5b01e79b637f.NginxMailingListEnglish@forum.nginx.org>
References: <349b4899bb3c8449ab7f5b01e79b637f.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120609125814.8db62a67.siefke_listen@web.de>

Hello,

On Thu, 26 Apr 2012 03:23:30 -0400 (EDT) wrote rite2subodh:

> Unable to start php-fpm. 
> 
> [root at ip-10-28-197-14 html]# service php-fpm start
> Starting php-fpm:                                          [  OK  ]
> [26-Apr-2012 07:22:32] ERROR: [pool www] cannot get uid for user
> 'apache'
> [26-Apr-2012 07:22:32] ERROR: FPM initialization failed


is apache user present on system= 


Regards
Silvio


From mdounin at mdounin.ru  Sat Jun  9 13:48:03 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Sat, 9 Jun 2012 17:48:03 +0400
Subject: nginx worker segfault, NULL pool
In-Reply-To: <20120608234046.48857ccb@neptune.home>
References: <20120608144052.79d06009@pluto.restena.lu>
	<20120608153139.GF31671@mdounin.ru>
	<20120608214344.10a8a7a9@neptune.home>
	<20120608234046.48857ccb@neptune.home>
Message-ID: <20120609134803.GK31671@mdounin.ru>

Hello!

On Fri, Jun 08, 2012 at 11:40:46PM +0200, Bruno Pr?mont wrote:

> Hello Maxim,
> 
> > On Fri, 08 June 2012 Maxim Dounin <mdounin at mdounin.ru> wrote:
> > > On Fri, Jun 08, 2012 at 02:40:52PM +0200, Bruno Pr?mont wrote:
> > > > Running nginx on ARM I'm having it segfault at about any request (those
> > > > known not to crash are /status/nginx and /status/php-fpm).
> > > > Attaching it with GDB I get the following trace:
> > > 
> > > [...]
> > > 
> > > >         geoip_country  /usr/share/GeoIP/GeoIPv6.dat;
> > > 
> > > Is it works for you if you don't use GeoIP?
> > 
> > Just disabling it config side makes no difference.
> > 
> > I will try disabling it at configure time and see if it changes
> > anything, though I doubt it will.
> 
> Exact same result when geoip support is not built at all.
> 
> 
> Looking more exactly at the URLs I tested, static file like images
> don't crash the worker, just those that get handled by php-fpm upstream
> do (e.g. /collectd/ which implies /collectd/index.php).

You've claimed above "/status/php-fpm" works ok too.  Is it was 
mistake?

Anyway, please make sure you have aligment problems properly 
reported by a kernel.  It looks like the linux kernel has an 
unfortunate default to silently ignore alignment problems on arm, 
which results in data corruption on unaligned accesses instead of 
immediate exit on SIGBUS when unaligned access happens.  You may 
get proper behaviour with

echo 4 > /proc/cpu/alignment 

This should allow to trace a root of your problems.

See http://lecs.cs.ucla.edu/wiki/index.php/XScale_alignment for 
more details.

Maxim Dounin


From bruno.premont at restena.lu  Sat Jun  9 14:54:01 2012
From: bruno.premont at restena.lu (Bruno =?UTF-8?B?UHLDqW1vbnQ=?=)
Date: Sat, 9 Jun 2012 16:54:01 +0200
Subject: nginx worker segfault, NULL pool
In-Reply-To: <20120609134803.GK31671@mdounin.ru>
References: <20120608144052.79d06009@pluto.restena.lu>
	<20120608153139.GF31671@mdounin.ru>
	<20120608214344.10a8a7a9@neptune.home>
	<20120608234046.48857ccb@neptune.home>
	<20120609134803.GK31671@mdounin.ru>
Message-ID: <20120609165401.6a64e975@neptune.home>

Hallo Maxim,

On Sat, 09 June 2012 Maxim Dounin <mdounin at mdounin.ru> wrote:
> On Fri, Jun 08, 2012 at 11:40:46PM +0200, Bruno Pr?mont wrote:
> > > On Fri, 08 June 2012 Maxim Dounin <mdounin at mdounin.ru> wrote:
> > > > On Fri, Jun 08, 2012 at 02:40:52PM +0200, Bruno Pr?mont wrote:
> > > > > Running nginx on ARM I'm having it segfault at about any request (those
> > > > > known not to crash are /status/nginx and /status/php-fpm).
> > > > > Attaching it with GDB I get the following trace:
> > > > 
> > > > [...]
> > > > 
> > > > >         geoip_country  /usr/share/GeoIP/GeoIPv6.dat;
> > > > 
> > > > Is it works for you if you don't use GeoIP?
> > > 
> > > Just disabling it config side makes no difference.
> > > 
> > > I will try disabling it at configure time and see if it changes
> > > anything, though I doubt it will.
> > 
> > Exact same result when geoip support is not built at all.
> > 
> > 
> > Looking more exactly at the URLs I tested, static file like images
> > don't crash the worker, just those that get handled by php-fpm upstream
> > do (e.g. /collectd/ which implies /collectd/index.php).
> 
> You've claimed above "/status/php-fpm" works ok too.  Is it was 
> mistake?
> 
> Anyway, please make sure you have aligment problems properly 
> reported by a kernel.  It looks like the linux kernel has an 
> unfortunate default to silently ignore alignment problems on arm, 
> which results in data corruption on unaligned accesses instead of 
> immediate exit on SIGBUS when unaligned access happens.  You may 
> get proper behaviour with
> 
> echo 4 > /proc/cpu/alignment 
> 
> This should allow to trace a root of your problems.
> 
> See http://lecs.cs.ucla.edu/wiki/index.php/XScale_alignment for 
> more details.

Thanks for the pointer, will read trough it!

Seems to be that one, after echoing 4 to /proc/cpu/alignment nginx
does not even start anymore (and `nginx -t` fails as well), each time with
SIGBUS.

e.g. for `nginx -t` the first SIGBUS happens at

#0  0x0000d64c in ngx_set_cpu_affinity (cf=0xbe892358, cmd=<optimized out>, conf=<optimized out>) at src/core/nginx.c:1275
#1  0x0001cafc in ngx_conf_handler (last=13909340, cf=0xbe892358) at src/core/ngx_conf_file.c:394
#2  ngx_conf_parse (cf=0xbe892358, filename=0xd43d70) at src/core/ngx_conf_file.c:244
#3  0x0001aba4 in ngx_init_cycle (old_cycle=0xbe8923c0) at src/core/ngx_cycle.c:268
#4  0x0000e29c in main (argc=<optimized out>, argv=<optimized out>) at src/core/nginx.c:331

as backtraced with gdb.

Thanks,
Bruno


From mdounin at mdounin.ru  Sat Jun  9 15:19:33 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Sat, 9 Jun 2012 19:19:33 +0400
Subject: Freebsd/jail: nginx ignores IP in listen directive
In-Reply-To: <ee827846f7f9a0f50b17b9930c7b00db.NginxMailingListEnglish@forum.nginx.org>
References: <ee827846f7f9a0f50b17b9930c7b00db.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120609151933.GL31671@mdounin.ru>

Hello!

On Sat, Jun 09, 2012 at 06:25:55AM -0400, zgen wrote:

> FreeBSD 8.3/amd64
> nginx 1.2.1
> jail
> 
> default config, but listen is:
> 
> server {
>     listen       ip_addr_of_jail:80;
> ...
> }
> 
> but 
> 
> $ telnet 127.0.0.1 80 
> gets answer from nginx. If I remark this listen directive - nginx isn't
> answer.
> 
> Why nginx listens localhost?

Because there is no localhost in a jail, it's instead emulated by 
the kernel by using jail's ip instead of localhost.  This is how 
jails work, nothing to do with nginx.

> I found something similar to this here:
> 
> http://mailman.nginx.org/pipermail/nginx/2009-February/009947.html
> 
> but 
> server {
>       listen 80;
>       allow         ip_addr_of_jail;
>       deny   all;
> ...
> }
> 
> isn't works too.

This config is expected to resolve the opposite issue: as there is 
no localhost in a jail one can't listen on it as well (it will 
listen on jail's ip instead).  So to allow only local connections 
it's not enough to use "listen 127.0.0.1", the allow/deny 
directives are needed as an additional protection.

Maxim Dounin


From nginx-forum at nginx.us  Sat Jun  9 17:56:15 2012
From: nginx-forum at nginx.us (nfn)
Date: Sat, 9 Jun 2012 13:56:15 -0400 (EDT)
Subject: fastcgi_cache php5-fpm and ssi problem
Message-ID: <0c74899a93cd22f73d29c0bad7fe6d40.NginxMailingListEnglish@forum.nginx.org>

Hi,

I'm try to use ssi with fastcgi_cache (fpm) with but the ssi isn't
executed.
When I view the source, the include command is listed and nothing
appends:

<!--# include virtual="/ssi-data.php?id=1" -->

Is there any incompatibility about running ssi and fastcgi_cache?

Thanks

Nuno

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227393,227393#msg-227393


From nginx-forum at nginx.us  Sat Jun  9 18:04:05 2012
From: nginx-forum at nginx.us (nfn)
Date: Sat, 9 Jun 2012 14:04:05 -0400 (EDT)
Subject: fastcgi_cache php5-fpm and ssi problem
In-Reply-To: <0c74899a93cd22f73d29c0bad7fe6d40.NginxMailingListEnglish@forum.nginx.org>
References: <0c74899a93cd22f73d29c0bad7fe6d40.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <df93bb551657c21f238c868055faf061.NginxMailingListEnglish@forum.nginx.org>

Just a quick note.

I'm testing this with IPB and the request uri (/forum/topic/1-welcome/)
is redirect internally using try_files to /index.php:

2012/06/09 03:20:53 [debug] 2811#0: *1 http script var:
"/forum/topic/1-welcome/"
2012/06/09 03:20:53 [debug] 2811#0: *1 trying to use file:
"/forum/topic/1-welcome/" "/usr/share/nginx/www/forum/topic/1-welcome/"
2012/06/09 03:20:53 [debug] 2811#0: *1 http script var:
"/forum/topic/1-welcome/"
2012/06/09 03:20:53 [debug] 2811#0: *1 trying to use dir:
"/forum/topic/1-welcome/" "/usr/share/nginx/www/forum/topic/1-welcome/"
2012/06/09 03:20:53 [debug] 2811#0: *1 trying to use file:
"/forum/index.php" "/usr/share/nginx/www/forum/index.php"
2012/06/09 03:20:53 [debug] 2811#0: *1 internal redirect:
"/forum/index.php?"


In the logs, using debug I see a line like this referring ssi:


2012/06/09 03:20:53 [debug] 2811#0: *1 http ssi filter
"/forum/index.php?"


Thanks

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227393,227394#msg-227394


From mdounin at mdounin.ru  Sun Jun 10 00:03:18 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Sun, 10 Jun 2012 04:03:18 +0400
Subject: nginx worker segfault, NULL pool
In-Reply-To: <20120609165401.6a64e975@neptune.home>
References: <20120608144052.79d06009@pluto.restena.lu>
	<20120608153139.GF31671@mdounin.ru>
	<20120608214344.10a8a7a9@neptune.home>
	<20120608234046.48857ccb@neptune.home>
	<20120609134803.GK31671@mdounin.ru>
	<20120609165401.6a64e975@neptune.home>
Message-ID: <20120610000318.GM31671@mdounin.ru>

Hello!

On Sat, Jun 09, 2012 at 04:54:01PM +0200, Bruno Pr?mont wrote:

> Hallo Maxim,
> 
> On Sat, 09 June 2012 Maxim Dounin <mdounin at mdounin.ru> wrote:
> > On Fri, Jun 08, 2012 at 11:40:46PM +0200, Bruno Pr?mont wrote:
> > > > On Fri, 08 June 2012 Maxim Dounin <mdounin at mdounin.ru> wrote:
> > > > > On Fri, Jun 08, 2012 at 02:40:52PM +0200, Bruno Pr?mont wrote:
> > > > > > Running nginx on ARM I'm having it segfault at about any request (those
> > > > > > known not to crash are /status/nginx and /status/php-fpm).
> > > > > > Attaching it with GDB I get the following trace:
> > > > > 
> > > > > [...]
> > > > > 
> > > > > >         geoip_country  /usr/share/GeoIP/GeoIPv6.dat;
> > > > > 
> > > > > Is it works for you if you don't use GeoIP?
> > > > 
> > > > Just disabling it config side makes no difference.
> > > > 
> > > > I will try disabling it at configure time and see if it changes
> > > > anything, though I doubt it will.
> > > 
> > > Exact same result when geoip support is not built at all.
> > > 
> > > 
> > > Looking more exactly at the URLs I tested, static file like images
> > > don't crash the worker, just those that get handled by php-fpm upstream
> > > do (e.g. /collectd/ which implies /collectd/index.php).
> > 
> > You've claimed above "/status/php-fpm" works ok too.  Is it was 
> > mistake?
> > 
> > Anyway, please make sure you have aligment problems properly 
> > reported by a kernel.  It looks like the linux kernel has an 
> > unfortunate default to silently ignore alignment problems on arm, 
> > which results in data corruption on unaligned accesses instead of 
> > immediate exit on SIGBUS when unaligned access happens.  You may 
> > get proper behaviour with
> > 
> > echo 4 > /proc/cpu/alignment 
> > 
> > This should allow to trace a root of your problems.
> > 
> > See http://lecs.cs.ucla.edu/wiki/index.php/XScale_alignment for 
> > more details.
> 
> Thanks for the pointer, will read trough it!
> 
> Seems to be that one, after echoing 4 to /proc/cpu/alignment nginx
> does not even start anymore (and `nginx -t` fails as well), each time with
> SIGBUS.
> 
> e.g. for `nginx -t` the first SIGBUS happens at
> 
> #0  0x0000d64c in ngx_set_cpu_affinity (cf=0xbe892358, cmd=<optimized out>, conf=<optimized out>) at src/core/nginx.c:1275
> #1  0x0001cafc in ngx_conf_handler (last=13909340, cf=0xbe892358) at src/core/ngx_conf_file.c:394
> #2  ngx_conf_parse (cf=0xbe892358, filename=0xd43d70) at src/core/ngx_conf_file.c:244
> #3  0x0001aba4 in ngx_init_cycle (old_cycle=0xbe8923c0) at src/core/ngx_cycle.c:268
> #4  0x0000e29c in main (argc=<optimized out>, argv=<optimized out>) at src/core/nginx.c:331
> 
> as backtraced with gdb.

Ok, this looks sensisble.

Could you please provide ./configure output and test if the 
following patch fixes things for you?

diff --git a/auto/os/conf b/auto/os/conf
--- a/auto/os/conf
+++ b/auto/os/conf
@@ -93,6 +93,7 @@ case "$NGX_MACHINE" in
     ;;
 
     *)
+        have=NGX_ALIGNMENT value=16 . auto/define
         NGX_MACH_CACHE_LINE=32
     ;;
 


Maxim Dounin


From nginx-forum at nginx.us  Sun Jun 10 08:56:53 2012
From: nginx-forum at nginx.us (andytse)
Date: Sun, 10 Jun 2012 04:56:53 -0400 (EDT)
Subject: how can i rewrite this?
Message-ID: <de4a78d29cb4e6d7d90a061bf75a0ce3.NginxMailingListEnglish@forum.nginx.org>

i want to rewrite:

http://a.com/abcde.jpg
to
http://a.com/ab/cde.jpg

here is my nginx config:
rewrite "^/([a-z]{2})([a-z]{3})\.jpg$" /$1/$2.jpg last;

but it not works

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227397,227397#msg-227397


From bruno.premont at restena.lu  Sun Jun 10 10:49:36 2012
From: bruno.premont at restena.lu (Bruno =?UTF-8?B?UHLDqW1vbnQ=?=)
Date: Sun, 10 Jun 2012 12:49:36 +0200
Subject: nginx worker segfault, NULL pool
In-Reply-To: <20120610000318.GM31671@mdounin.ru>
References: <20120608144052.79d06009@pluto.restena.lu>
	<20120608153139.GF31671@mdounin.ru>
	<20120608214344.10a8a7a9@neptune.home>
	<20120608234046.48857ccb@neptune.home>
	<20120609134803.GK31671@mdounin.ru>
	<20120609165401.6a64e975@neptune.home>
	<20120610000318.GM31671@mdounin.ru>
Message-ID: <20120610124936.5f5310ba@neptune.home>

Hello Maxim,

On Sun, 10 June 2012 Maxim Dounin <mdounin at mdounin.ru> wrote:
> On Sat, Jun 09, 2012 at 04:54:01PM +0200, Bruno Pr?mont wrote:
> > On Sat, 09 June 2012 Maxim Dounin <mdounin at mdounin.ru> wrote:
> > > Anyway, please make sure you have aligment problems properly 
> > > reported by a kernel.  It looks like the linux kernel has an 
> > > unfortunate default to silently ignore alignment problems on arm, 
> > > which results in data corruption on unaligned accesses instead of 
> > > immediate exit on SIGBUS when unaligned access happens.  You may 
> > > get proper behaviour with
> > > 
> > > echo 4 > /proc/cpu/alignment 
> > > 
> > > This should allow to trace a root of your problems.
> > > 
> > > See http://lecs.cs.ucla.edu/wiki/index.php/XScale_alignment for 
> > > more details.
> > 
> > Thanks for the pointer, will read trough it!
> > 
> > Seems to be that one, after echoing 4 to /proc/cpu/alignment nginx
> > does not even start anymore (and `nginx -t` fails as well), each time with
> > SIGBUS.
> > 
> > e.g. for `nginx -t` the first SIGBUS happens at
> > 
> > #0  0x0000d64c in ngx_set_cpu_affinity (cf=0xbe892358, cmd=<optimized out>, conf=<optimized out>) at src/core/nginx.c:1275
> > #1  0x0001cafc in ngx_conf_handler (last=13909340, cf=0xbe892358) at src/core/ngx_conf_file.c:394
> > #2  ngx_conf_parse (cf=0xbe892358, filename=0xd43d70) at src/core/ngx_conf_file.c:244
> > #3  0x0001aba4 in ngx_init_cycle (old_cycle=0xbe8923c0) at src/core/ngx_cycle.c:268
> > #4  0x0000e29c in main (argc=<optimized out>, argv=<optimized out>) at src/core/nginx.c:331
> > 
> > as backtraced with gdb.
> 
> Ok, this looks sensisble.
> 
> Could you please provide ./configure output and test if the 
> following patch fixes things for you?
> 
> diff --git a/auto/os/conf b/auto/os/conf
> --- a/auto/os/conf
> +++ b/auto/os/conf
> @@ -93,6 +93,7 @@ case "$NGX_MACHINE" in
>      ;;
>  
>      *)
> +        have=NGX_ALIGNMENT value=16 . auto/define
>          NGX_MACH_CACHE_LINE=32
>      ;;
>  

The patch seems to fix things, `nginx -t` does not die on SIGBUS anymore,
it also runs properly for the requests that made it fail (
/proc/cpu/alignment does not account any new alignment traps).

Thanks!
Bruno



Full configure output (as well as first few lines of make which shows
used CFLAGS -- compiler does not generate any warnings):

checking for OS
 + Linux 2.6.37-00003-g924cf4c armv5tel
checking for C compiler ... found
 + using GNU C compiler
checking for --with-ld-opt="-L/usr/lib" ... found
checking for gcc builtin atomic operations ... found
checking for C99 variadic macros ... found
checking for gcc variadic macros ... found
checking for unistd.h ... found
checking for inttypes.h ... found
checking for limits.h ... found
checking for sys/filio.h ... not found
checking for sys/param.h ... found
checking for sys/mount.h ... found
checking for sys/statvfs.h ... found
checking for crypt.h ... found
checking for Linux specific features
checking for epoll ... found
checking for sendfile() ... found
checking for sendfile64() ... found
checking for sys/prctl.h ... found
checking for prctl(PR_SET_DUMPABLE) ... found
checking for sched_setaffinity() ... found
checking for crypt_r() ... found
checking for sys/vfs.h ... found
checking for poll() ... found
checking for /dev/poll ... not found
checking for kqueue ... not found
checking for crypt() ... not found
checking for crypt() in libcrypt ... found
checking for F_READAHEAD ... not found
checking for posix_fadvise() ... found
checking for O_DIRECT ... found
checking for F_NOCACHE ... not found
checking for directio() ... not found
checking for statfs() ... found
checking for statvfs() ... found
checking for dlopen() ... not found
checking for dlopen() in libdl ... found
checking for sched_yield() ... found
checking for SO_SETFIB ... not found
checking for SO_ACCEPTFILTER ... not found
checking for TCP_DEFER_ACCEPT ... found
checking for TCP_KEEPIDLE, TCP_KEEPINTVL, TCP_KEEPCNT ... found
checking for TCP_INFO ... found
checking for accept4() ... found
checking for kqueue AIO support ... not found
checking for Linux AIO support ... found
checking for int size ... 4 bytes
checking for long size ... 4 bytes
checking for long long size ... 8 bytes
checking for void * size ... 4 bytes
checking for uint64_t ... found
checking for sig_atomic_t ... found
checking for sig_atomic_t size ... 4 bytes
checking for socklen_t ... found
checking for in_addr_t ... found
checking for in_port_t ... found
checking for rlim_t ... found
checking for uintptr_t ... uintptr_t found
checking for system endianess ... little endianess
checking for size_t size ... 4 bytes
checking for off_t size ... 8 bytes
checking for time_t size ... 4 bytes
checking for AF_INET6 ... found
checking for setproctitle() ... not found
checking for pread() ... found
checking for pwrite() ... found
checking for sys_nerr ... found
checking for localtime_r() ... found
checking for posix_memalign() ... found
checking for memalign() ... found
checking for mmap(MAP_ANON|MAP_SHARED) ... found
checking for mmap("/dev/zero", MAP_SHARED) ... found
checking for System V shared memory ... found
checking for POSIX semaphores ... not found
checking for POSIX semaphores in libpthread ... found
checking for struct msghdr.msg_control ... found
checking for ioctl(FIONBIO) ... found
checking for struct tm.tm_gmtoff ... found
checking for struct dirent.d_namlen ... not found
checking for struct dirent.d_type ... found
checking for sysconf(_SC_NPROCESSORS_ONLN) ... found
checking for openat(), fstatat() ... found
configuring additional modules
adding module in /var/tmp/portage/www-servers/nginx-1.2.1/work/agentzh-headers-more-nginx-module-3580526
 + ngx_http_headers_more_filter_module was configured
checking for PCRE library ... found
checking for PCRE JIT support ... found
checking for OpenSSL library ... found
checking for zlib library ... found
checking for libxslt ... found
checking for libexslt ... found
creating objs/Makefile

Configuration summary
  + using system PCRE library
  + using system OpenSSL library
  + md5: using OpenSSL library
  + sha1: using OpenSSL library
  + using system zlib library

  nginx path prefix: "/usr"  
  nginx binary file: "/usr/sbin/nginx"
  nginx configuration prefix: "/etc/nginx"
  nginx configuration file: "/etc/nginx/nginx.conf"
  nginx pid file: "/var/run/nginx.pid"
  nginx error log file: "/var/log/nginx/error_log"
  nginx http access log file: "/var/log/nginx/access_log"
  nginx http client request body temporary files: "/var/tmp/nginx/client"
  nginx http fastcgi temporary files: "/var/tmp/nginx/fastcgi"




make -j2 'LINK=armv5tel-softfloat-linux-gnueabi-gcc -Wl,-O1 -Wl,--as-needed' 'OTHERLDFLAGS=-Wl,-O1 -Wl,--as-needed'
make -f objs/Makefile
make[1]: Entering directory `/var/tmp/portage/www-servers/nginx-1.2.1/work/nginx-1.2.1'
armv5tel-softfloat-linux-gnueabi-gcc -c -O2 -march=armv5te -mtune=xscale -pipe -Wall -ggdb -I/usr/include -I src/core -I src/event -I src/event/modules -I src/os/unix -I /usr/include/libxml2 -I objs \
        -o objs/src/core/nginx.o \
        src/core/nginx.c
...


From nginx-forum at nginx.us  Sun Jun 10 10:57:13 2012
From: nginx-forum at nginx.us (locojohn)
Date: Sun, 10 Jun 2012 06:57:13 -0400 (EDT)
Subject: how can i rewrite this?
In-Reply-To: <de4a78d29cb4e6d7d90a061bf75a0ce3.NginxMailingListEnglish@forum.nginx.org>
References: <de4a78d29cb4e6d7d90a061bf75a0ce3.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <72acf7b6506383c25ff1004e1849527c.NginxMailingListEnglish@forum.nginx.org>

Hi,

Avoid rewrite's:

location ~ ^/([a-z][a-z])([a-z][a-z][a-z])\.jpg$ {
      try_files /$1/$2.jpg $uri;
}

Andrejs

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227397,227399#msg-227399


From nginx-forum at nginx.us  Sun Jun 10 14:53:30 2012
From: nginx-forum at nginx.us (torajx)
Date: Sun, 10 Jun 2012 10:53:30 -0400 (EDT)
Subject: block access to a file !!
In-Reply-To: <20120606143153.GG4719@craic.sysops.org>
References: <20120606143153.GG4719@craic.sysops.org>
Message-ID: <2bb6fd5af48da44689e20486306bcfb7.NginxMailingListEnglish@forum.nginx.org>

Thank you ! it worked great...

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227281,227400#msg-227400


From nginx-forum at nginx.us  Sun Jun 10 17:40:12 2012
From: nginx-forum at nginx.us (karlseguin)
Date: Sun, 10 Jun 2012 13:40:12 -0400 (EDT)
Subject: http_log_module filter by status
Message-ID: <b649983a5a9059022e1272735d3dc21a.NginxMailingListEnglish@forum.nginx.org>

I was interested in having nginx log 404s to their own file.
Essentially, i _hate_ 404s, so I like to parse access logs find and
report all 404s. However, as-is, parsing large access logs can be quite
inefficient since 404s represent such a small % of the entire file. I
was thinking nginx could filter it out at write-time:

access_log  not_found.log  combined buffer=16K 404;


Apologies for the lameness of the code, but this is what I came up
with:
https://gist.github.com/2906701

I certainly don't recommend anyone uses it, I'm mostly just looking for
feedback. Is this better off in its own module? (there's so much code in
the http_log_module that I want to leverage though). There's much more
filtering that could go on that perhaps a new directive is a better
approach:

access_log_filter $status /(40\d)/
access_log_filter $method GET

(which is certainly beyond my capabilities).

Thoughts?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227401,227401#msg-227401


From nginx-forum at nginx.us  Mon Jun 11 02:19:26 2012
From: nginx-forum at nginx.us (xiaofen)
Date: Sun, 10 Jun 2012 22:19:26 -0400 (EDT)
Subject: What's the difference between fashion jeans and normal jeans?
Message-ID: <60f0df5c40fb5610d4283a19b961271f.NginxMailingListEnglish@forum.nginx.org>

Hey, I have a huge interest in clothes but I don't get why people spend
hundreds of pounds on jeans, when any good shop will have a pair that
fit and look decent.

I once when I was younger ignorantly bought some ?210 jeans from a
charity shop for ?5, and they lasted a lot shorter than any other pair
of jeans I bought, and tattered surprisingly quickly, (I also wonder
about people who by plainest clothes for fashion labels)

what's the difference between fashion jeans and normal jeans?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227407,227407#msg-227407


From reallfqq-nginx at yahoo.fr  Mon Jun 11 02:23:08 2012
From: reallfqq-nginx at yahoo.fr (B.R.)
Date: Sun, 10 Jun 2012 22:23:08 -0400
Subject: What's the difference between fashion jeans and normal jeans?
In-Reply-To: <60f0df5c40fb5610d4283a19b961271f.NginxMailingListEnglish@forum.nginx.org>
References: <60f0df5c40fb5610d4283a19b961271f.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CALqce=17QM1jj4a+NhPFJxX3S=Ac9aDjFKHzMmOWyYBCxLruyg@mail.gmail.com>

2 spam messages in a few days, both coming from the same email address...

Probably spoofed address, though. Couldn't the sending machine IP range be
blocked?

I won't stay on a spammed mailing-list.
---
*B. R.*


On Sun, Jun 10, 2012 at 10:19 PM, xiaofen <nginx-forum at nginx.us> wrote:

> Hey, I have a huge interest in clothes but I don't get why people spend
> hundreds of pounds on jeans, when any good shop will have a pair that
> fit and look decent.
>
> I once when I was younger ignorantly bought some ?210 jeans from a
> charity shop for ?5, and they lasted a lot shorter than any other pair
> of jeans I bought, and tattered surprisingly quickly, (I also wonder
> about people who by plainest clothes for fashion labels)
>
> what's the difference between fashion jeans and normal jeans?
>
> Posted at Nginx Forum:
> http://forum.nginx.org/read.php?2,227407,227407#msg-227407
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120610/65e3d6d5/attachment.html>

From simohayha.bobo at gmail.com  Mon Jun 11 02:24:40 2012
From: simohayha.bobo at gmail.com (Simon Liu)
Date: Mon, 11 Jun 2012 10:24:40 +0800
Subject: nginx configure error when use zsh
In-Reply-To: <20120608115511.GD31671@mdounin.ru>
References: <CAB6pCs9s+4=hPvQ__JESF7bY9e=xu+gwkvYfMrUcx91gp=MB1w@mail.gmail.com>
	<20120608115511.GD31671@mdounin.ru>
Message-ID: <CAB6pCs9y+R_x99DFssf=x7JopPrOiop28LwnHLtbx_YUbDp9sQ@mail.gmail.com>

Hello!

On Fri, Jun 8, 2012 at 7:55 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:

> Hello!
>
> On Fri, Jun 08, 2012 at 03:29:21PM +0800, Simon Liu wrote:
>
> > Hello.
> >
> > nginx configure error when I use zsh.
> >
> > This is my environment:
> >
> > operating system:  Linux(3.3.7-1-ARCH)
> >
> > zsh: 4.3.17 (i686-pc-linux-gnu)
>
> You mean using zsh instead of POSIX-compliant shell for /bin/sh?
> Looks like bad idea.  Zsh docs at most promise it will "try to
> emulate sh", nothing more.
>
> Maxim Dounin
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>


Yes, i use zsh instead of /bin/sh, and thanks for your reply.

-- 
do not fear to be eccentric in opinion, for every opinion now accepted was
once eccentric.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120611/19bc7b21/attachment.html>

From jim at ohlste.in  Mon Jun 11 02:34:57 2012
From: jim at ohlste.in (Jim Ohlstein)
Date: Sun, 10 Jun 2012 22:34:57 -0400
Subject: What's the difference between fashion jeans and normal jeans?
In-Reply-To: <CALqce=17QM1jj4a+NhPFJxX3S=Ac9aDjFKHzMmOWyYBCxLruyg@mail.gmail.com>
References: <60f0df5c40fb5610d4283a19b961271f.NginxMailingListEnglish@forum.nginx.org>
	<CALqce=17QM1jj4a+NhPFJxX3S=Ac9aDjFKHzMmOWyYBCxLruyg@mail.gmail.com>
Message-ID: <4FD55951.1040102@ohlste.in>


On 6/10/12 10:23 PM, B.R. wrote:
> 2 spam messages in a few days, both coming from the same email address...
> 
> Probably spoofed address, though. Couldn't the sending machine IP range
> be blocked?

Not at all. It's the "officially sanctioned" nginx forum - I say that
only because it uses a subdomain of nginx.org that Igor has graciously
provided and put it in quotes because I run it.

Unfortunately, determined human spammers will get through once in a
while. I have filters in place which block 2-3 messages per day, but one
or two a month get through. If that's such a bother to your
sensibilities, then take your threatened action.

> 
> I won't stay on a spammed mailing-list.

B'bye! See ya!

> ---
> *B. R.*


-- 
Jim Ohlstein


From jim at ohlste.in  Mon Jun 11 02:39:47 2012
From: jim at ohlste.in (Jim Ohlstein)
Date: Sun, 10 Jun 2012 22:39:47 -0400
Subject: What's the difference between fashion jeans and normal jeans?
In-Reply-To: <4FD55951.1040102@ohlste.in>
References: <60f0df5c40fb5610d4283a19b961271f.NginxMailingListEnglish@forum.nginx.org>
	<CALqce=17QM1jj4a+NhPFJxX3S=Ac9aDjFKHzMmOWyYBCxLruyg@mail.gmail.com>
	<4FD55951.1040102@ohlste.in>
Message-ID: <4FD55A73.5010801@ohlste.in>

On 6/10/12 10:34 PM, Jim Ohlstein wrote:
> 
> On 6/10/12 10:23 PM, B.R. wrote:
>> 2 spam messages in a few days, both coming from the same email address...
>>
>> Probably spoofed address, though. Couldn't the sending machine IP range
>> be blocked?
> 
> Not at all. It's the "officially sanctioned" nginx forum - I say that
> only because it uses a subdomain of nginx.org that Igor has graciously
> provided and put it in quotes because I run it.
> 
> Unfortunately, determined human spammers will get through once in a
> while. I have filters in place which block 2-3 messages per day, but one
> or two a month get through. If that's such a bother to your
> sensibilities, then take your threatened action.
> 
>>
>> I won't stay on a spammed mailing-list.
> 
> B'bye! See ya!
> 
>> ---
>> *B. R.*
> 

BTW, the system blocked his other entries which contained links. It
doesn't work real well for simple text without typical "spam words".
This same thing could happen in any mailing list. I see spam come
through with much greater frequency on FreeBSD lists. I guess the
difference is that there people have the good sense to ignore it.

Anyway, au revoir!

> 


-- 
Jim Ohlstein


From nginx-forum at nginx.us  Mon Jun 11 04:29:58 2012
From: nginx-forum at nginx.us (gigo1980)
Date: Mon, 11 Jun 2012 00:29:58 -0400 (EDT)
Subject: Is this Usecase posible?
Message-ID: <27f17326427128f1344a1551b769db07.NginxMailingListEnglish@forum.nginx.org>

Hi all,

i have the following use case.

I need an http/s Server that can do the following.

Parse GET Request from the client -> call an internal module that do
something (that have an response) -> use the response and modifie the
GET REQUEST -> than call an other webserver that should handle the
request -> output the response to the client.

regards

gigo

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227414,227414#msg-227414


From admin at yqed.com  Mon Jun 11 05:32:39 2012
From: admin at yqed.com (Floren Munteanu)
Date: Mon, 11 Jun 2012 01:32:39 -0400
Subject: PROPFIND and OPTIONS support in Nginx?
Message-ID: <jr3vti$eso$1@dough.gmane.org>

I was wondering why the Nginx devs do not add WebDAV support for 
PROPFIND and OPTIONS. There is a module available in Github but still, I 
would love to have this officially supported by Nginx:
https://github.com/arut/nginx-dav-ext-module

Are there any plans to have full WebDAV support implemented? This would 
be a nice addition into 1.3.0 branch.

Regards,

Floren Munteanu


From Richard.Kearsley at m247.com  Mon Jun 11 06:46:30 2012
From: Richard.Kearsley at m247.com (Richard Kearsley)
Date: Mon, 11 Jun 2012 06:46:30 +0000
Subject: disable logging for certain response
Message-ID: <EFC5A19DBF3A2E489904733B467D990B0AA8730C@office-server2.m247.local>

Hi
I am using nginx lua to return a 302 for certain requests - probably about 50% of total requests

e.g. (lua code)

        if (res.status == ngx.HTTP_MOVED_TEMPORARILY) then
                local loc = res.header["X-Location"]
                if (ngx.var.is_args == '?') then
                        loc = loc .. '?' .. ngx.var.args
                end
                return ngx.redirect(loc)

The other 50% are processed normally and a full reponse is returned

I do not need to log the 302 responses, and indeed it is causing a much waste of processor time when I come to analyse/process the logs (this is 100s of gigabytes of logs per day - so is a HUGE waste)

Is there any way to set a var prior to returning the 302 which will cause nginx not to log it?

Richard Kearsley
Systems Developer | M247 Limited
Internal Dial 2210 | Mobile +44 7970 621236

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120611/3ce61652/attachment.html>

From nginx-forum at nginx.us  Mon Jun 11 08:25:58 2012
From: nginx-forum at nginx.us (lima)
Date: Mon, 11 Jun 2012 04:25:58 -0400 (EDT)
Subject: Error while connecting to apache from nginx running on same
	machine
In-Reply-To: <a80a98321eebf817e5f5c21eacf94014.NginxMailingListEnglish@forum.nginx.org>
References: <a80a98321eebf817e5f5c21eacf94014.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <378a2333c87be2b9200d8c70b364a1c4.NginxMailingListEnglish@forum.nginx.org>

Hi,
This is our nginx configuration setup. 

--------------------------------------------------------------------------------------
http {
    include       mime.types;

    gzip  on;
    gzip_http_version   1.1;
    gzip_proxied     expired no-cache no-store private auth;
    gzip_types       text/plain application/xml text/css
application/x-javascript text/xml application/javascript
text/javascript;
    gzip_disable     "MSIE [1-6]\.";

    autoindex off;
    ssi off;
    server_tokens off;

    log_format  main  '$remote_addr [$time_local] - "$request" - '
                      '$status - $body_bytes_sent - "$http_referer"';

    log_format lb_log '$remote_addr [$time_local] - "$request" - $status
- '
                      'worker_addr $upstream_addr - '
                      'worker_status $upstream_status - '
                      'worker_response_time $upstream_response_time - '
                      'total_processing_time $request_time - '
                      'content_type $upstream_http_content_type';

    log_format doc_log '$remote_addr [$time_local] - "$request" -
$status - '
                      'worker_addr $upstream_addr - '
                      'worker_status $upstream_status - '
                      'worker_response_time $upstream_response_time - '
                      'total_processing_time $request_time - '
                      'content_type $upstream_http_content_type';


    access_log  logs/access.log  main;
    error_log logs/error.log;

    sendfile        on;
    keepalive_timeout  60;

    proxy_ssl_session_reuse on;

    upstream loadbalancer {
        server server1-ip:443  weight=1  max_fails=5 fail_timeout=3m;
        server server2-ip:443 weight=1  max_fails=5 fail_timeout=3m;
    }
    upstream docproxy {
        server 127.0.0.1:7443;
    }

    server {
        listen       443 ssl;
        server_name  lb.abcd.net;

        location ~ ^/documents/(.*)(jpg|jpeg|gif|png|txt|pdf|html|htm){
           root   /home;
           access_log logs/doc_access.log doc_log;
        }

        location ~* ^.+.(jpg|jpeg|gif|png|ico|css|txt|js)$ {
            expires 24h;
            add_header Cache-Control public;
            root   media;
        }

        ssl_certificate     
/root/Apache_New_SSL_Keys/lendingstream.co.uk.crt;
        ssl_certificate_key 
/root/Apache_New_SSL_Keys/lendingstream.key.nopass;
        ssl_session_timeout  3m;
        ssl_protocols  SSLv3;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers   on;

        proxy_redirect / /;
        proxy_set_header Host $host;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_read_timeout 360s;

        location ~ ^/documents/ {
           proxy_pass https://docproxy;
           access_log logs/doc_access.log doc_log;
        }
        location / {
           proxy_pass https://loadbalancer;
           access_log logs/lb_access.log lb_log;
        }

        error_page  403 /403.html;
        error_page  404 /404.html;
        error_page   500 502 503 504  /500.html;

        location ~ ^/(403.html|404.html|500.html)$ {
            root html;
        }
    }
}

--------------------------------------------------------------------------------------------

Here, we will forward all the requests except documents to LB, which in
turn send to either server1 or server2. The document related requests
will be proxy forwarded to apache running in the same machine at 7443
port. But, here comes the problem that when it is sending any request to
apache it is giving 500 error. In apache logs, it's been logged as
[error] Hello. The apache configurations are:

httpd.conf is,
------------------------------------------------------------------------------------------
ServerRoot "/usr/local/apache2"
PidFile logs/httpd.pid
Listen 80
ServerTokens ProductOnly
ServerSignature Off

###### Loaded all modules which are required
LoadModule *****.so
###### Loaded all modules which are required

<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>
    User USER
    Group GROUP
</IfModule>
</IfModule>

DocumentRoot "/usr/local/apache2/htdocs"

<Directory />
    Options -Indexes +FollowSymLinks
    AllowOverride None
    Order deny,allow
    Deny from all
</Directory>

<Directory "/usr/local/apache2/htdocs">
    Options -Indexes +FollowSymLinks
    AllowOverride None
    Order allow,deny
    Allow from all
</Directory>

ErrorLog "logs/error_log"
LogLevel notice

<IfModule ssl_module>
    SSLRandomSeed startup builtin
    SSLRandomSeed connect builtin
</IfModule>

<VirtualHost *:80>
    Alias /documents /home/documents
    <Directory /home/documents>
	Order deny,allow
	Allow from all
    </Directory>

    WSGIScriptAlias / apache/django.wsgi
    <Directory "apache">
	Order allow,deny
	Allow from all
    </Directory>
</VirtualHost>


---------------------------------------------------------------------------------
and the httpd-ssl.conf is,
---------------------------------------------------------------------------------

LoadModule ssl_module modules/mod_ssl.so
LoadModule wsgi_module modules/mod_wsgi.so

Listen 7443
AddType application/x-x509-ca-cert .crt
AddType application/x-pkcs7-crl    .crl

SSLPassPhraseDialog  builtin

SSLSessionCache       
"shmcb:/usr/local/apache2/logs/ssl_scache(512000)"
SSLSessionCacheTimeout  15
SSLMutex  "file:/usr/local/apache2/logs/ssl_mutex"


-------------------------------------------------------------------------------

Please help me in resolving this as this is very crucial and urgent for
us. Thanks for replying....

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227341,227420#msg-227420


From nginx-forum at nginx.us  Mon Jun 11 09:08:38 2012
From: nginx-forum at nginx.us (wwwyq2003)
Date: Mon, 11 Jun 2012 05:08:38 -0400 (EDT)
Subject: HP-UX (IA64) sendmsg() failed
Message-ID: <5865478c4f3d86dc67fb605b6227c946.NginxMailingListEnglish@forum.nginx.org>

nginx nginx-1.2.1
OS HP-UX B.11.23 U ia64
built by gcc 4.2.3

When I start the nginx server,it throws some errors.

The error.log contains
2012/06/11 16:46:07 [notice] 6820#0: using the "/dev/poll" event method
2012/06/11 16:46:07 [notice] 6820#0: nginx/1.2.1
2012/06/11 16:46:07 [notice] 6820#0: built by gcc 4.2.3
2012/06/11 16:46:07 [notice] 6820#0: getrlimit(RLIMIT_NOFILE):
10240:10240
2012/06/11 16:46:07 [notice] 6821#0: start worker processes
2012/06/11 16:46:07 [notice] 6821#0: start worker process 6822
2012/06/11 16:46:07 [notice] 6821#0: start worker process 6823
2012/06/11 16:46:07 [alert] 6821#0: sendmsg() failed (9: Bad file
number)
2012/06/11 16:46:07 [notice] 6821#0: start worker process 6824
2012/06/11 16:46:07 [alert] 6821#0: sendmsg() failed (9: Bad file
number)
2012/06/11 16:46:07 [alert] 6821#0: sendmsg() failed (9: Bad file
number)
2012/06/11 16:46:07 [notice] 6821#0: start worker process 6825
2012/06/11 16:46:07 [alert] 6821#0: sendmsg() failed (9: Bad file
number)
2012/06/11 16:46:07 [alert] 6821#0: sendmsg() failed (9: Bad file
number)
2012/06/11 16:46:07 [alert] 6821#0: sendmsg() failed (9: Bad file
number)


Someone help me.
Thank you very much!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227421,227421#msg-227421


From nginx-forum at nginx.us  Mon Jun 11 10:54:28 2012
From: nginx-forum at nginx.us (itpp2012)
Date: Mon, 11 Jun 2012 06:54:28 -0400 (EDT)
Subject: Is this Usecase posible?
In-Reply-To: <27f17326427128f1344a1551b769db07.NginxMailingListEnglish@forum.nginx.org>
References: <27f17326427128f1344a1551b769db07.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <e8c2b4a3140f76e8c4dcfee343cd9997.NginxMailingListEnglish@forum.nginx.org>

Get the source, add the code handling and compile.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227414,227423#msg-227423


From nginx-forum at nginx.us  Mon Jun 11 10:59:20 2012
From: nginx-forum at nginx.us (itpp2012)
Date: Mon, 11 Jun 2012 06:59:20 -0400 (EDT)
Subject: Error while connecting to apache from nginx running on same
	machine
In-Reply-To: <378a2333c87be2b9200d8c70b364a1c4.NginxMailingListEnglish@forum.nginx.org>
References: <a80a98321eebf817e5f5c21eacf94014.NginxMailingListEnglish@forum.nginx.org>
	<378a2333c87be2b9200d8c70b364a1c4.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <9f2e40966b997088dce7adc7d1f8c9d9.NginxMailingListEnglish@forum.nginx.org>

-- proxy_pass https://docproxy;
Points to 443,

Yet the upstream wants 7443...
-- upstream docproxy {
-- server 127.0.0.1:7443;
-- }

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227341,227424#msg-227424


From nginx-forum at nginx.us  Mon Jun 11 11:03:56 2012
From: nginx-forum at nginx.us (itpp2012)
Date: Mon, 11 Jun 2012 07:03:56 -0400 (EDT)
Subject: HP-UX (IA64) sendmsg() failed
In-Reply-To: <5865478c4f3d86dc67fb605b6227c946.NginxMailingListEnglish@forum.nginx.org>
References: <5865478c4f3d86dc67fb605b6227c946.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <a7f1e130e3fba665ce6a15125101d06a.NginxMailingListEnglish@forum.nginx.org>

Maybe this one:
http://mailman.nginx.org/pipermail/nginx/2007-January/000588.html

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227421,227425#msg-227425


From nginx-forum at nginx.us  Mon Jun 11 11:08:43 2012
From: nginx-forum at nginx.us (gigo1980)
Date: Mon, 11 Jun 2012 07:08:43 -0400 (EDT)
Subject: Is this Usecase posible?
In-Reply-To: <e8c2b4a3140f76e8c4dcfee343cd9997.NginxMailingListEnglish@forum.nginx.org>
References: <27f17326427128f1344a1551b769db07.NginxMailingListEnglish@forum.nginx.org>
	<e8c2b4a3140f76e8c4dcfee343cd9997.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <2c2d75996644705b710689f10990efca.NginxMailingListEnglish@forum.nginx.org>

http://tinypic.com/r/ezhf6v/6  <-- ok so i wll do this. but whith which
module should i handle the code ?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227414,227426#msg-227426


From nginx-forum at nginx.us  Mon Jun 11 11:27:39 2012
From: nginx-forum at nginx.us (itpp2012)
Date: Mon, 11 Jun 2012 07:27:39 -0400 (EDT)
Subject: Is this Usecase posible?
In-Reply-To: <2c2d75996644705b710689f10990efca.NginxMailingListEnglish@forum.nginx.org>
References: <27f17326427128f1344a1551b769db07.NginxMailingListEnglish@forum.nginx.org>
	<e8c2b4a3140f76e8c4dcfee343cd9997.NginxMailingListEnglish@forum.nginx.org>
	<2c2d75996644705b710689f10990efca.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <385a1b9c0a831a1cf84a521d4492653d.NginxMailingListEnglish@forum.nginx.org>

No idea, a developer should answer that one.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227414,227428#msg-227428


From nginx-forum at nginx.us  Mon Jun 11 12:59:38 2012
From: nginx-forum at nginx.us (dakrer)
Date: Mon, 11 Jun 2012 08:59:38 -0400 (EDT)
Subject: IPv6 fails for set_real_ip_from in 1.2.1
Message-ID: <1e450d9b4d59c035dd324d4ea742891a.NginxMailingListEnglish@forum.nginx.org>

I noticed in the 1.2.1 changelog that set_real_ip_from is supposed to
support IPv6 addresses. Unfortunaly I get a configuration error when I
try it.

This works fine:
set_real_ip_from 127.0.0.1;
real_ip_header X-Forwarded-For;

This fails:
set_real_ip_from 127.0.0.1;
set_real_ip_from ::1;
real_ip_header X-Forwarded-For;


$ nginx -t
nginx: [emerg] invalid parameter "::1" in nginx.conf:22
nginx: configuration file nginx.conf test failed

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227430,227430#msg-227430


From pinakee at vvidiacom.com  Mon Jun 11 13:34:12 2012
From: pinakee at vvidiacom.com (Biswas, Pinakee)
Date: Mon, 11 Jun 2012 19:04:12 +0530
Subject: Nginx and uwsgi
Message-ID: <000301cd47d6$ef99f430$cecddc90$@vvidiacom.com>

Hi,

 

We are building a Media Content Management and Delivery Platform based on
Python (and python based web framework like Pylons/Pyramid). We are planning
to use nginx as the web server.

 

We are new to nginx (have prior experience with Apache) and have downloaded
1.2.1. The OS is CentOS. 

 

We are not sure how uwsgi works with nginx:

1.       Do we have to start uwsgi as a separate process?

2.       There is no option/directives for loading modules in nginx (as it
is there in Apache).

3.       I couldn't find a good documentation on the uwsgi based directives.
The one in nginx wiki is confusing. 

 

Since nginx I think works as a reverse proxy where it forwards HTTP requests
to the uwsgi process, how about using something like Cherrypy or
PasteHTTPserver? Would there be any difference?

 

We would really appreciate your support regarding the above queries.

 

Looking forward to your response.

 

Thanks,

Pinakee Biswas

Director & CTO 

 

Description: Description: vvidialogo.jpg

Just watch it ! 

 

7E- Mail:  <mailto:pinakee at vvidiacom.com> pinakee at vvidiacom.com I 8Web:
<http://www.vvidiacom.com/> http://www.vvidiacom.com 



 

P Please don't print this e-mail unless you really need to, this will
preserve trees on planet earth. 

----------------------------Disclaimer--------------------------------------
----------------------------------------------------------------------------
----------------------------------------------------------------------------
---------

The information contained in this message (including any attachments) is
confidential and may be privileged. If you have received it by mistake
please notify the sender by return e-mail and permanently delete this
message and any attachments from your system. Please note that e-mails are
susceptible to change and malwares. VVIDIA COMMUNICATIONS PVT LTD.
(including its group companies) shall not be liable for the improper or
incomplete transmission of the information contained in this communication
nor for any delay in its receipt or damage to your system. 

----------------------------------------------------------------------------
---------------------------------------------Disclaimer---------------------
----------------------------------------------------------------------------
---------

 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120611/37706e13/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image001.jpg
Type: image/jpeg
Size: 1901 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120611/37706e13/attachment.jpg>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.png
Type: image/png
Size: 168 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120611/37706e13/attachment.png>

From roberto at unbit.it  Mon Jun 11 13:48:17 2012
From: roberto at unbit.it (Roberto De Ioris)
Date: Mon, 11 Jun 2012 15:48:17 +0200
Subject: Nginx and uwsgi
In-Reply-To: <000301cd47d6$ef99f430$cecddc90$@vvidiacom.com>
References: <000301cd47d6$ef99f430$cecddc90$@vvidiacom.com>
Message-ID: <1f66f279ed8918d0025d0fd3f93a7d78.squirrel@manage.unbit.it>


> Hi,
>
>
>
> We are building a Media Content Management and Delivery Platform based on
> Python (and python based web framework like Pylons/Pyramid). We are
> planning
> to use nginx as the web server.
>
>
>
> We are new to nginx (have prior experience with Apache) and have
> downloaded
> 1.2.1. The OS is CentOS.
>
>
>
> We are not sure how uwsgi works with nginx:
>
> 1.       Do we have to start uwsgi as a separate process?


Yes, but remember: uwsgi is a communication protocol (like http or
fastcgi), uWSGI is the application server.
You need to start uWSGI, and configure nginx to speak with it with the
protocol of choice (uwsgi, http or fastcgi)

>
> 2.       There is no option/directives for loading modules in nginx (as it
> is there in Apache).

nginx does not work in that way, but it should be not a problem for you as
upstream modules (http, fastcgi, scgi, uwsgi) are compiled in by default.


>
> 3.       I couldn't find a good documentation on the uwsgi based
> directives.
> The one in nginx wiki is confusing.

you need nothing particular:

include uwsgi_params;
uwsgi_pass <address>;

all the other options are for fine tuning.

I suggest you to start from here:

http://projects.unbit.it/uwsgi/wiki/Quickstart


>
> Since nginx I think works as a reverse proxy where it forwards HTTP
> requests
> to the uwsgi process, how about using something like Cherrypy or
> PasteHTTPserver? Would there be any difference?

you can proxy nginx to whatever you want/need if the backend speaks one of
the supported protocol (http, scgi, fastcgi, uwsgi)


-- 
Roberto De Ioris
http://unbit.it


From pinakee at vvidiacom.com  Mon Jun 11 14:01:26 2012
From: pinakee at vvidiacom.com (Biswas, Pinakee)
Date: Mon, 11 Jun 2012 19:31:26 +0530
Subject: Nginx and uwsgi
In-Reply-To: <1f66f279ed8918d0025d0fd3f93a7d78.squirrel@manage.unbit.it>
References: <000301cd47d6$ef99f430$cecddc90$@vvidiacom.com>
	<1f66f279ed8918d0025d0fd3f93a7d78.squirrel@manage.unbit.it>
Message-ID: <000f01cd47da$bb9e78a0$32db69e0$@vvidiacom.com>

Hi Roberto,

Thanks for the prompt response. That really helps.

Our major consideration for going with Nginx is performance. 
If we have another process running (a wsgi server with python application) and nginx working as a proxy translating HTTP requests to another protocol (uwsgi, http or fastcgi), won't that be an overhead? 
I was under the impression that the Python application can be embedded in Nginx using Wsgi. 

We would really appreciate your thoughts/suggestions on the above.

Looking forward to your response...

Thanks,
Pinakee Biswas
Director & CTO 


Just watch it ! 

FE- Mail: pinakee at vvidiacom.com I IWeb: http://www.vvidiacom.com 


? Please don't print this e-mail unless you really need to, this will preserve trees on planet earth. 
----------------------------Disclaimer-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
The information contained in this message (including any attachments) is confidential and may be privileged. If you have received it by mistake please notify the sender by return e-mail and permanently delete this message and any attachments from your system. Please note that e-mails are susceptible to change and malwares. VVIDIA COMMUNICATIONS PVT LTD. (including its group companies) shall not be liable for the improper or incomplete transmission of the information contained in this communication nor for any delay in its receipt or damage to your system. 
-------------------------------------------------------------------------------------------------------------------------Disclaimer----------------------------------------------------------------------------------------------------------

-----Original Message-----
From: nginx-bounces at nginx.org [mailto:nginx-bounces at nginx.org] On Behalf Of Roberto De Ioris
Sent: 11 June 2012 19:18
To: nginx at nginx.org
Subject: Re: Nginx and uwsgi


> Hi,
>
>
>
> We are building a Media Content Management and Delivery Platform based 
> on Python (and python based web framework like Pylons/Pyramid). We are 
> planning to use nginx as the web server.
>
>
>
> We are new to nginx (have prior experience with Apache) and have 
> downloaded 1.2.1. The OS is CentOS.
>
>
>
> We are not sure how uwsgi works with nginx:
>
> 1.       Do we have to start uwsgi as a separate process?


Yes, but remember: uwsgi is a communication protocol (like http or fastcgi), uWSGI is the application server.
You need to start uWSGI, and configure nginx to speak with it with the protocol of choice (uwsgi, http or fastcgi)

>
> 2.       There is no option/directives for loading modules in nginx (as it
> is there in Apache).

nginx does not work in that way, but it should be not a problem for you as upstream modules (http, fastcgi, scgi, uwsgi) are compiled in by default.


>
> 3.       I couldn't find a good documentation on the uwsgi based
> directives.
> The one in nginx wiki is confusing.

you need nothing particular:

include uwsgi_params;
uwsgi_pass <address>;

all the other options are for fine tuning.

I suggest you to start from here:

http://projects.unbit.it/uwsgi/wiki/Quickstart


>
> Since nginx I think works as a reverse proxy where it forwards HTTP 
> requests to the uwsgi process, how about using something like Cherrypy 
> or PasteHTTPserver? Would there be any difference?

you can proxy nginx to whatever you want/need if the backend speaks one of the supported protocol (http, scgi, fastcgi, uwsgi)


--
Roberto De Ioris
http://unbit.it

_______________________________________________
nginx mailing list
nginx at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx


From nginx-forum at nginx.us  Mon Jun 11 14:21:23 2012
From: nginx-forum at nginx.us (torajx)
Date: Mon, 11 Jun 2012 10:21:23 -0400 (EDT)
Subject: nginx + php-fpm and cookie
Message-ID: <82573a2a314199aeb5c00c0b899764af.NginxMailingListEnglish@forum.nginx.org>

HI,
I dont know if it is nginx related or not, but i give a try here.

we have a setup of nginx+php-fpm for cs cart shopping software.
everything is works fine but one big problem.
users can not login in all browsers except firefox.

and the problem is because of some cookies dont save in browsers.
the only browser that save cookie is firefox and other browsers dont
save needed cookie.

is there any thing related to nginx ?? or it is php-fpm problem ?

by the way we have cscart installed on IIS6 and also IIS7 and everything
is OK and works fine in all browsers.

regards

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227434,227434#msg-227434


From nginx-forum at nginx.us  Mon Jun 11 14:21:55 2012
From: nginx-forum at nginx.us (torajx)
Date: Mon, 11 Jun 2012 10:21:55 -0400 (EDT)
Subject: nginx + php-fpm and cookie
In-Reply-To: <82573a2a314199aeb5c00c0b899764af.NginxMailingListEnglish@forum.nginx.org>
References: <82573a2a314199aeb5c00c0b899764af.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <ecca15cbe8eb6090164fadd7522e039f.NginxMailingListEnglish@forum.nginx.org>

I can send any need configuration too...

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227434,227435#msg-227435


From soracchi at netbuilder.it  Mon Jun 11 14:23:15 2012
From: soracchi at netbuilder.it (Andrea Soracchi)
Date: Mon, 11 Jun 2012 16:23:15 +0200 (CEST)
Subject: Reverse proxy with Route Lookup Handler
In-Reply-To: <22298479.385.1339424100323.JavaMail.sorry@sorry>
Message-ID: <9095834.414.1339424915433.JavaMail.sorry@sorry>

Hi,

I need to configure Nginx as a reverse proxy. This is the scenario:

server1.example.com (webserver)
server2.example.com (webserver)
proxy.example.com (reverse proxy)


The connection from users whose data lives on server1.example.com will be proxied to server1.example.com by the proxy running on the proxy.example.com.
The connection from users whose data lives on server2.example.com will be proxied to server2.example.com by the proxy running on the proxy.example.com.

How can I set a Route Lookup Handler in proxy.example.com?

This is similar to Zimbra multiserver' scenario...

Can you help me?

Thanks in advanced,

Andrea


-- 
Andrea Soracchi - Netbuilder S.r.l. 
Multidialogo : La storia e' fatta da chi sa comunicare 
System Engineer // t. +39 0521 247791 // f. +39 0521 7431140 // www.netbuilder.it 



From nginx-forum at nginx.us  Mon Jun 11 14:35:38 2012
From: nginx-forum at nginx.us (lima)
Date: Mon, 11 Jun 2012 10:35:38 -0400 (EDT)
Subject: Error while connecting to apache from nginx running on same
	machine
In-Reply-To: <9f2e40966b997088dce7adc7d1f8c9d9.NginxMailingListEnglish@forum.nginx.org>
References: <a80a98321eebf817e5f5c21eacf94014.NginxMailingListEnglish@forum.nginx.org>
	<378a2333c87be2b9200d8c70b364a1c4.NginxMailingListEnglish@forum.nginx.org>
	<9f2e40966b997088dce7adc7d1f8c9d9.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <049816b1096625b0b1ffb254724fb0dc.NginxMailingListEnglish@forum.nginx.org>

Hey,I found the problem..anyway thank u very much...

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227341,227437#msg-227437


From roberto at unbit.it  Mon Jun 11 18:15:25 2012
From: roberto at unbit.it (Roberto De Ioris)
Date: Mon, 11 Jun 2012 20:15:25 +0200
Subject: Nginx and uwsgi
In-Reply-To: <000f01cd47da$bb9e78a0$32db69e0$@vvidiacom.com>
References: <000301cd47d6$ef99f430$cecddc90$@vvidiacom.com>
	<1f66f279ed8918d0025d0fd3f93a7d78.squirrel@manage.unbit.it>
	<000f01cd47da$bb9e78a0$32db69e0$@vvidiacom.com>
Message-ID: <ae0b120d97c4393d5f4d817cafb5aa5c.squirrel@manage.unbit.it>


> Hi Roberto,
>
> Thanks for the prompt response. That really helps.
>
> Our major consideration for going with Nginx is performance.
> If we have another process running (a wsgi server with python application)
> and nginx working as a proxy translating HTTP requests to another protocol
> (uwsgi, http or fastcgi), won't that be an overhead?


Yes, there is an overhead, but it is practically irrelevant in the big
scheme. Your bootleneck will hardly be the webserver or the application
server. Running custom/non-deterministic apps directly in the webserver is
a really old-style approach and afaik, only the php world still pushes
this kind of setups.

Take in account (as you came from apache), mod_wsgi preferred setup is in
daemon mode, that is a beatiful abstraction of a proxied setup.


> I was under the impression that the Python application can be embedded in
> Nginx using Wsgi.


the only third-party-module allowing you to do so, is Manlio Perillo's
mod_wsgi/mod_python for nginx. It is unmaintained, and its preferred usage
is in having another nginx in front of it proxying requests. Nginx is a
non-blocking server, putting blocking code in it (as 90% of the webapps
are), is the key to hell :)

If you have got experience with apache+mod_wsgi, you can simply use nginx
for serving static files and using apache+mod_wsgi (in embedded mode) as
your application server for python/wsgi. This is now a very common setup.

-- 
Roberto De Ioris
http://unbit.it


From nginx-forum at nginx.us  Mon Jun 11 18:26:12 2012
From: nginx-forum at nginx.us (s1r0n)
Date: Mon, 11 Jun 2012 14:26:12 -0400 (EDT)
Subject: display problem
Message-ID: <0421a41e194006bad275064426174626.NginxMailingListEnglish@forum.nginx.org>

Hi all, i have just recently installed nginx. it works great but
periodically the pages get all messed up. like now on this page

http://www.sociology.org

i posted an article and then tried to view but it's all messed up after
that. nginx seems to be working other than this weird display problem

can anybody help? i've tried everytying including rebooting

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227440,227440#msg-227440


From nginx-forum at nginx.us  Mon Jun 11 18:48:00 2012
From: nginx-forum at nginx.us (s1r0n)
Date: Mon, 11 Jun 2012 14:48:00 -0400 (EDT)
Subject: display problem
In-Reply-To: <0421a41e194006bad275064426174626.NginxMailingListEnglish@forum.nginx.org>
References: <0421a41e194006bad275064426174626.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <9feb5ba2ec5f082aacae9d052ea2a6aa.NginxMailingListEnglish@forum.nginx.org>

here is an update. I am getting this error in the rror log

2012/06/11 14:46:37 [error] 3554#0: *70 open()
"/home/httpd/sociology.org/wp-smooth/images/banner125.gif" failed (2: No
such file or directory), client: 87.151.182.62, server:
www.sociology.org, request: "GET
/wp-content/themes/wp-smooth/images/banner125.gif HTTP/1.1", host:
"www.sociology.org", referrer: "http://www.sociology.org/"


but the files that are in the path exist, and a readable. if i reload
apache the webspace displays just fine

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227440,227441#msg-227441


From nginx-forum at nginx.us  Mon Jun 11 18:57:00 2012
From: nginx-forum at nginx.us (s1r0n)
Date: Mon, 11 Jun 2012 14:57:00 -0400 (EDT)
Subject: display problem
In-Reply-To: <9feb5ba2ec5f082aacae9d052ea2a6aa.NginxMailingListEnglish@forum.nginx.org>
References: <0421a41e194006bad275064426174626.NginxMailingListEnglish@forum.nginx.org>
	<9feb5ba2ec5f082aacae9d052ea2a6aa.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <77b8b91912cb7e01fa7f0471e56ad6ff.NginxMailingListEnglish@forum.nginx.org>

Well, as it turns out the problem is this. I have the following 
rewrites for the server but these break the installation. 

  location ~*
^.+\.(html|jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js)$
    {
        rewrite
^/.*(/wp-.*/.*\.(html|jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js))$
$1 last;
        rewrite
^.*/files/(.*(html|jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|js))$
/wp-includes/ms-files.php?file=$1 last;
       
        expires max;
        add_header Pragma public;
        add_header Cache-Control "public, must-revalidate,
proxy-revalidate";
        break;
    }

can somebody tell me how to include these rewrites so wordpress images
work properly

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227440,227442#msg-227442


From ru at nginx.com  Mon Jun 11 19:30:02 2012
From: ru at nginx.com (Ruslan Ermilov)
Date: Mon, 11 Jun 2012 23:30:02 +0400
Subject: IPv6 fails for set_real_ip_from in 1.2.1
In-Reply-To: <1e450d9b4d59c035dd324d4ea742891a.NginxMailingListEnglish@forum.nginx.org>
References: <1e450d9b4d59c035dd324d4ea742891a.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120611193002.GA41437@lo0.su>

On Mon, Jun 11, 2012 at 08:59:38AM -0400, dakrer wrote:
> I noticed in the 1.2.1 changelog that set_real_ip_from is supposed to
> support IPv6 addresses. Unfortunaly I get a configuration error when I
> try it.
> 
> This works fine:
> set_real_ip_from 127.0.0.1;
> real_ip_header X-Forwarded-For;
> 
> This fails:
> set_real_ip_from 127.0.0.1;
> set_real_ip_from ::1;
> real_ip_header X-Forwarded-For;
> 
> 
> $ nginx -t
> nginx: [emerg] invalid parameter "::1" in nginx.conf:22
> nginx: configuration file nginx.conf test failed

For IPv6 to work, nginx should be built with --with-ipv6.


From nginx-forum at nginx.us  Tue Jun 12 04:02:13 2012
From: nginx-forum at nginx.us (Daniel15)
Date: Tue, 12 Jun 2012 00:02:13 -0400 (EDT)
Subject: Sharing config between two sites
Message-ID: <b7691250829f94a97c0c5f6df25a81c7.NginxMailingListEnglish@forum.nginx.org>

I've got two sites, example.com and beta.example.com. The configuration
for these two sites is almost identical, except for the root directory
(/var/www/sitename/live/public/ for the first domain, and
/var/www/sitename/beta/public/ for the second domain) and a few
environment variables (database name, etc.) used by the code. What's the
best way to share as much of the Nginx configuration as possible between
the two sites? Should I pull the common settings into an include file
and include it in both of the server blocks, or is there a better way?

Thanks!

 - Daniel

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227445,227445#msg-227445


From nginx-forum at nginx.us  Tue Jun 12 04:04:19 2012
From: nginx-forum at nginx.us (Daniel15)
Date: Tue, 12 Jun 2012 00:04:19 -0400 (EDT)
Subject: Setting up nginx as Visual Studio 2010 project
In-Reply-To: <1979d5146e9ab6c19013841c788b3bb1.NginxMailingListEnglish@forum.nginx.org>
References: <1979d5146e9ab6c19013841c788b3bb1.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <4956ca9e54ce22daff5fa933236d53ef.NginxMailingListEnglish@forum.nginx.org>

You should be able to just create a new project and add all the source
files from the Windows version of nginx
(http://nginx.org/en/docs/windows.html) - Although I'm not too sure if
it can actually be compiled with the Microsoft compiler or whether it
depends on MinGW. The Windows port of nginx looks very incomplete.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227198,227446#msg-227446


From sammyraul1 at gmail.com  Tue Jun 12 07:01:04 2012
From: sammyraul1 at gmail.com (sammy_raul)
Date: Tue, 12 Jun 2012 00:01:04 -0700 (PDT)
Subject: Video Streaming using non http backend, Ref ngx_drizzle
In-Reply-To: <CAB4Tn6MR22zN_uZoFYMHeVWvTaPnHdvwrQFs2M66rqvA1HUe7A@mail.gmail.com>
References: <CACdz455ay=aXadWMGm-Ghm474PYNFpqctG9Cix6sHc3pKD3M+w@mail.gmail.com>
	<CAB4Tn6MR22zN_uZoFYMHeVWvTaPnHdvwrQFs2M66rqvA1HUe7A@mail.gmail.com>
Message-ID: <1339484464485-7580380.post@n2.nabble.com>

Hi,

I am trying to understand lua module.
Using the above script in the conf file I am able to connect to my upstream.
I have few questions regarding the Lua module.

1)How I can send some data i.e I have to send a message to my backend
probably which is more than a simple string. I have to construct it and
encode it. Probably I need to add to the c function I can see
ngx_http_lua_socket_tcp_send is used to send data over Nginx Socket, but I
could not figure out how I can modify this function and which buffers I need
to put my own data.

2)Before sock:receive I need to decrypt the data before sending to the
client. I think I can decode in the print function in lua_output.c where I
receive the data from upstream. Is that correct.


Thanks,
Raul
 
Raul
 

--
View this message in context: http://nginx.2469901.n2.nabble.com/Video-Streaming-using-non-http-backend-Ref-ngx-drizzle-tp7580235p7580380.html
Sent from the nginx mailing list archive at Nabble.com.


From agentzh at gmail.com  Tue Jun 12 11:43:02 2012
From: agentzh at gmail.com (agentzh)
Date: Tue, 12 Jun 2012 19:43:02 +0800
Subject: Video Streaming using non http backend, Ref ngx_drizzle
In-Reply-To: <1339484464485-7580380.post@n2.nabble.com>
References: <CACdz455ay=aXadWMGm-Ghm474PYNFpqctG9Cix6sHc3pKD3M+w@mail.gmail.com>
	<CAB4Tn6MR22zN_uZoFYMHeVWvTaPnHdvwrQFs2M66rqvA1HUe7A@mail.gmail.com>
	<1339484464485-7580380.post@n2.nabble.com>
Message-ID: <CAB4Tn6P61tXscL1tPAeqTSGufWJAn9+03DE5-XMTY9LO9C7UMg@mail.gmail.com>

Hello!

On Tue, Jun 12, 2012 at 3:01 PM, sammy_raul <sammyraul1 at gmail.com> wrote:
> I am trying to understand lua module.
> Using the above script in the conf file I am able to connect to my upstream.
> I have few questions regarding the Lua module.
>
> 1)How I can send some data i.e I have to send a message to my backend
> probably which is more than a simple string. I have to construct it and
> encode it. Probably I need to add to the c function I can see
> ngx_http_lua_socket_tcp_send is used to send data over Nginx Socket, but I
> could not figure out how I can modify this function and which buffers I need
> to put my own data.
>
> 2)Before sock:receive I need to decrypt the data before sending to the
> client. I think I can decode in the print function in lua_output.c where I
> receive the data from upstream. Is that correct.
>

You can just try doing encrypting and decrypting on the Lua level.
It's a scripting language anyway and you're free to use the classic
Lua/C API or LuaJIT FFI to extend your Lua script with C code if
desired.

It's not recommended, however, to patch ngx_lua cosocket's C
implementation directly.

Regards,
-agentzh


From manlio.perillo at gmail.com  Tue Jun 12 13:18:24 2012
From: manlio.perillo at gmail.com (Manlio Perillo)
Date: Tue, 12 Jun 2012 15:18:24 +0200
Subject: Nginx and uwsgi
In-Reply-To: <ae0b120d97c4393d5f4d817cafb5aa5c.squirrel@manage.unbit.it>
References: <000301cd47d6$ef99f430$cecddc90$@vvidiacom.com>	<1f66f279ed8918d0025d0fd3f93a7d78.squirrel@manage.unbit.it>	<000f01cd47da$bb9e78a0$32db69e0$@vvidiacom.com>
	<ae0b120d97c4393d5f4d817cafb5aa5c.squirrel@manage.unbit.it>
Message-ID: <4FD741A0.3080801@gmail.com>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Il 11/06/2012 20:15, Roberto De Ioris ha scritto:
> [...]
> 
>> I was under the impression that the Python application can be embedded in
>> Nginx using Wsgi.
> 
> 
> the only third-party-module allowing you to do so, is Manlio Perillo's
> mod_wsgi/mod_python for nginx. It is unmaintained, 

Well, recently I have started to work on it again; at least now it works
with recent Nginx versions ;-).

I have not yet pushed the latest changes to the public repository at:
https://bitbucket.org/mperillo/ngx_http_wsgi_module.

As Roberto pointed out, ngx_http_wsgi_module is not a "general" Python
web application server; but it works rather well for "carefully" written
applications, and memory usare is low.


> [...]


Regards  Manlio Perillo
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iEYEARECAAYFAk/XQaAACgkQscQJ24LbaUR9dgCfQWI7IltdxyvI49QwT3EN+VGT
BMUAnRIvcNZohU59rDGszLI9Toupivq6
=tu4T
-----END PGP SIGNATURE-----


From nginx-forum at nginx.us  Tue Jun 12 13:57:20 2012
From: nginx-forum at nginx.us (oreaseca)
Date: Tue, 12 Jun 2012 09:57:20 -0400 (EDT)
Subject: duplicated directive on reverse proxy
Message-ID: <4cb8a881f7b98cf627558ca148faf00d.NginxMailingListEnglish@forum.nginx.org>

Hi, everyone,

I'm going through some trouble with a nginx reverse proxy, and I'm kinda
newbie to this tool.

Fact is, I used to have 2 reverse proxies for addressing requests from
Internet on port 80 to their respective servers on intranet, and one of
them crashed irreversibly, so I'm setting up a new one with similar
settings to the other one. 

My configuration consists on all subdomain configuration files contained
on /etc/nginx/sites-available and symbolically linked to sites-enabled,
and included on ngxin.conf. Subdomain files are like this:

error_log       /var/log/nginx/www.DOMAIN.gov.br-error.log;
server {
   listen  80;
   server_name www.DOMAIN.gov.br;
   access_log  /var/log/nginx/www.DOMAIN.gov.br-access.log;
   # Main location
   location / {
       proxy_pass         http://192.168.9.45/;
       proxy_redirect     off;
       proxy_set_header   Host             $host;
       proxy_set_header   X-Real-IP        $remote_addr;
       proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;
   }
}

My nginx.conf:

user www-data;
worker_processes  10;

error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

events {
    worker_connections  20000;
	use epoll;
}

worker_rlimit_nofile 25000;

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    access_log	/var/log/nginx/access.log;

    sendfile        on;
    tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;
    tcp_nodelay        on;

    gzip  on;

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}

But when I'm trying to set up such configs to the new server, when
starting up the service, it goes:

root at proxy01:/etc/init.d# /etc/init.d/nginx start
Starting nginx: [emerg]: "error_log" directive is duplicate in
/etc/nginx/sites-enabled/www.DOMAIN.gov.br:1
configuration file /etc/nginx/nginx.conf test failed

It only starts when just 1 domain is configured. If another one is set,
this error comes up. The other configured domain starts with "s", so
nginx reads it and goes to the next letter, then we get this.

Appreciate any help!

Cheers,

Silvio

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227462,227462#msg-227462


From nginx-forum at nginx.us  Tue Jun 12 14:47:10 2012
From: nginx-forum at nginx.us (caleboconnell)
Date: Tue, 12 Jun 2012 10:47:10 -0400 (EDT)
Subject: rewrite url segment staging site and live site
Message-ID: <eb917f1c0f33735d7d3a03255cdfce2e.NginxMailingListEnglish@forum.nginx.org>

I have a staging site that I test anything relating to the website
before we deploy.  I have an nginx config that I also test with for this
staging site.

I wanted to rewrite a uri segment where a section of the site changed
names.

example.com/old/page1
                    /old/page2

example.com/new/page1
                    /new/page2

I added the following rewrite, which works perfectly on the staging
site.

  location /old {
    rewrite ^/old/? /new/$1 permanent;
  }

when I added this to the live nginx config, the rewrite works, but only
sort of:

what I want:
example.com/old/page1  -->  example.com/new/page1

what I get:
example.com/old/page1 -->  example.com/new 

It's fine for now, but I don't know why the exact config would work
different.

The live nginx config is different than the staging, but only in that it
includes SSL info.  This may be the problem, but I'm not sure why.

Thank you in advance for any suggestions and/or answers.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227464,227464#msg-227464


From nginx-forum at nginx.us  Tue Jun 12 15:48:17 2012
From: nginx-forum at nginx.us (tcbarrett)
Date: Tue, 12 Jun 2012 11:48:17 -0400 (EDT)
Subject: WordPress multisite/network domain mapping with multiple server blocks
Message-ID: <f0848c731e3139d96d70f656be27a165.NginxMailingListEnglish@forum.nginx.org>

I'm thinking of setting up multiple server blocks with the same document
root (all one WP mutisite), rather than one server block with a long
list of aliases in the server_name.

Trivial set up would be that they are all identical, except for the
server_name directive.

Is this a bad idea? Does it matter?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227467,227467#msg-227467


From francis at daoine.org  Tue Jun 12 17:11:53 2012
From: francis at daoine.org (Francis Daly)
Date: Tue, 12 Jun 2012 18:11:53 +0100
Subject: duplicated directive on reverse proxy
In-Reply-To: <4cb8a881f7b98cf627558ca148faf00d.NginxMailingListEnglish@forum.nginx.org>
References: <4cb8a881f7b98cf627558ca148faf00d.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120612171153.GA6210@craic.sysops.org>

On Tue, Jun 12, 2012 at 09:57:20AM -0400, oreaseca wrote:

Hi there,

> error_log       /var/log/nginx/www.DOMAIN.gov.br-error.log;
> server {

Quite possibly, just swapping those two lines will make things do what
you want.

> root at proxy01:/etc/init.d# /etc/init.d/nginx start
> Starting nginx: [emerg]: "error_log" directive is duplicate in
> /etc/nginx/sites-enabled/www.DOMAIN.gov.br:1
> configuration file /etc/nginx/nginx.conf test failed

error_log only takes a single value at one level.

Your "include" is at http level, so that's where your error_log currently
is. As soon as you put a second error_log at http level, you'll see the
error message.

Put the error_log line at server level, and it should just Work.

	f
-- 
Francis Daly        francis at daoine.org


From francis at daoine.org  Tue Jun 12 17:23:16 2012
From: francis at daoine.org (Francis Daly)
Date: Tue, 12 Jun 2012 18:23:16 +0100
Subject: rewrite url segment staging site and live site
In-Reply-To: <eb917f1c0f33735d7d3a03255cdfce2e.NginxMailingListEnglish@forum.nginx.org>
References: <eb917f1c0f33735d7d3a03255cdfce2e.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120612172316.GB6210@craic.sysops.org>

On Tue, Jun 12, 2012 at 10:47:10AM -0400, caleboconnell wrote:

Hi there,

>   location /old {
>     rewrite ^/old/? /new/$1 permanent;
>   }

What do you think $1 is set to here?

(Usually, it is "the last thing matched". So usually, it is worth making
sure that you match something immediately before using it.)

> what I want:
> example.com/old/page1  -->  example.com/new/page1
> 
> what I get:
> example.com/old/page1 -->  example.com/new 

http://nginx.org/r/rewrite

"regex" can include things inside parentheses, which are then available
as ${number} in "replacement".

   location /old/ {
     rewrite ^/old/(.*) /new/$1 permanent;
   }

will probably do what you want; but read about the question mark, in
case it matters.

> It's fine for now, but I don't know why the exact config would work
> different.

Usually, the same config works the same way. If you've found a case where
that isn't the case, it may be worth investigating. But it is potentially
the *whole* config that matters here, where you use $1 without showing
where it is set.

	f
-- 
Francis Daly        francis at daoine.org


From mdounin at mdounin.ru  Tue Jun 12 20:08:44 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 13 Jun 2012 00:08:44 +0400
Subject: http_log_module filter by status
In-Reply-To: <b649983a5a9059022e1272735d3dc21a.NginxMailingListEnglish@forum.nginx.org>
References: <b649983a5a9059022e1272735d3dc21a.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120612200844.GO31671@mdounin.ru>

Hello!

On Sun, Jun 10, 2012 at 01:40:12PM -0400, karlseguin wrote:

> I was interested in having nginx log 404s to their own file.
> Essentially, i _hate_ 404s, so I like to parse access logs find and
> report all 404s. However, as-is, parsing large access logs can be quite
> inefficient since 404s represent such a small % of the entire file. I
> was thinking nginx could filter it out at write-time:
> 
> access_log  not_found.log  combined buffer=16K 404;
> 
> 
> Apologies for the lameness of the code, but this is what I came up
> with:
> https://gist.github.com/2906701
> 
> I certainly don't recommend anyone uses it, I'm mostly just looking for
> feedback. Is this better off in its own module? (there's so much code in
> the http_log_module that I want to leverage though). There's much more
> filtering that could go on that perhaps a new directive is a better
> approach:
> 
> access_log_filter $status /(40\d)/
> access_log_filter $method GET
> 
> (which is certainly beyond my capabilities).
> 
> Thoughts?

error_page 404 /404.html;

location = /404.html {
    access_log /path/to/log;
}

Maxim Dounin


From nginx-forum at nginx.us  Tue Jun 12 20:30:51 2012
From: nginx-forum at nginx.us (paphillon)
Date: Tue, 12 Jun 2012 16:30:51 -0400 (EDT)
Subject: Nginx proxy overhead with / out keep alive requests
Message-ID: <f19d14b0c3ed459de85629f2e4ca9235.NginxMailingListEnglish@forum.nginx.org>

I have a test setup to measure the nginx overhead when plugged in front
of a Jboss tomcat server.
In tomcat I have deployed a test.jsp and use ab to measure the
performance with the following scenarios 

With out keep alive ab option
ab --> <jboss tomcat URL> (ab -n 5000 -c 5
http://jboss.tomcat.url/test.jsp)
ab --> <nginx URL> --> <jboss tomcat URL>  (ab -n 5000 -c 5
http://nginx.proxy.url/test.jsp)

With keep alive ab option (-k)
ab  --> <jboss tomcat URL>  (ab -n 5000 -c 5 -k
http://jboss.tomcat.url/test.jsp)
ab  --> <nginx URL> --> <jboss tomcat URL>  (ab -n 5000 -c 5 -k
http://nginx.proxy.url/test.jsp)

The performance numbers WITHOUT keep alive is almost same BUT WITH keep
alive option the performance numbers are very different and nginx takes
about 5 secs more than the page accessed directly via tomcat. Tomcat
takes only 0.503430 on an average 

Why should there be so much of deviation with Keep alive? Is there
anything I am missing?

-------------Tomcat per result using ab keep alive (ab -n 5000 -c 5 -k
http://jboss.tomcat.url/test.jsp)-----------------------

Server Software:        Apache-Coyote/1.1
Server Hostname:      jboss.tomcat.host
Server Port:            9080

Document Path:          /test.jsp
Document Length:        301 bytes

Concurrency Level:      5
Time taken for tests:   0.503430 seconds
Complete requests:      5000
Failed requests:        0
Write errors:           0
Keep-Alive requests:    4952
Total transferred:      2944760 bytes
HTML transferred:       1505000 bytes
Requests per second:    9931.87 [#/sec] (mean)
Time per request:       0.503 [ms] (mean)
Time per request:       0.101 [ms] (mean, across all concurrent
requests)
Transfer rate:          5710.82 [Kbytes/sec] received

-------------Nginx perf result using ab keep alive (ab -n 5000 -c 5 -k
http://nginx.proxy.url/test.jsp) --------------------------

Server Software:        nginx
Server Hostname:      nginx.proxy.url
Server Port:            80

Document Path:          /test.jsp
Document Length:        301 bytes

Concurrency Level:      5
Time taken for tests:   5.440499 seconds
Complete requests:      5000
Failed requests:        0
Write errors:           0
Keep-Alive requests:    4952
Total transferred:      2654760 bytes
HTML transferred:       1505000 bytes
Requests per second:    919.03 [#/sec] (mean)
Time per request:       5.440 [ms] (mean)
Time per request:       1.088 [ms] (mean, across all concurrent
requests)
Transfer rate:          476.43 [Kbytes/sec] received

-------------Tomcat per result WITHOUT ab keep alive (ab -n 5000 -c 5
http://jboss.tomcat.url/test.jsp)-----------------------

Server Software:        Apache-Coyote/1.1
Server Hostname:      jboss.tomcat.host
Server Port:            9080

Document Path:          /test.jsp
Document Length:        301 bytes

Concurrency Level:      5
Time taken for tests:   4.658429 seconds
Complete requests:      5000
Failed requests:        0
Write errors:           0
Total transferred:      2920000 bytes
HTML transferred:       1505000 bytes
Requests per second:    1073.32 [#/sec] (mean)
Time per request:       4.658 [ms] (mean)
Time per request:       0.932 [ms] (mean, across all concurrent
requests)
Transfer rate:          612.01 [Kbytes/sec] received

-------------Nginx perf result WITHOUT ab keep alive (ab -n 5000 -c 5
http://nginx.proxy.url/test.jsp) --------------------------

Server Software:        nginx
Server Hostname:      nginx.proxy.url
Server Port:            80

Document Path:          /test.jsp
Document Length:        301 bytes

Concurrency Level:      5
Time taken for tests:   4.916966 seconds
Complete requests:      5000
Failed requests:        0
Write errors:           0
Total transferred:      2630000 bytes
HTML transferred:       1505000 bytes
Requests per second:    1016.89 [#/sec] (mean)
Time per request:       4.917 [ms] (mean)
Time per request:       0.983 [ms] (mean, across all concurrent
requests)
Transfer rate:          522.27 [Kbytes/sec] received

=========Configuration=================

Tomcat maxKeepAlive connector is set to 100

Nginx keepalive_requests 100;
worker_processes  4;
worker_connections  4098;
use epoll;
multi_accept on;

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227472,227472#msg-227472


From reallfqq-nginx at yahoo.fr  Tue Jun 12 22:08:28 2012
From: reallfqq-nginx at yahoo.fr (B.R.)
Date: Tue, 12 Jun 2012 18:08:28 -0400
Subject: http_log_module filter by status
In-Reply-To: <20120612200844.GO31671@mdounin.ru>
References: <b649983a5a9059022e1272735d3dc21a.NginxMailingListEnglish@forum.nginx.org>
	<20120612200844.GO31671@mdounin.ru>
Message-ID: <CALqce=0-BpF6qrFN4rMAXOWWnYsCVREsEWiKO3P8E9RUn54rvQ@mail.gmail.com>

The documentation <http://wiki.nginx.org/HttpCoreModule#error_page> also
says that if you don't want to redirect to another page, you can use a
named redirection :
location / {
  error_page 404 @404;
}

location @404 {
  access_log /path/to/log;
}

The wiki syntax seems to be wrong though, since it is using brackets and
not braces.
---
*B. R.*


On Tue, Jun 12, 2012 at 4:08 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:

> Hello!
>
> On Sun, Jun 10, 2012 at 01:40:12PM -0400, karlseguin wrote:
>
> > I was interested in having nginx log 404s to their own file.
> > Essentially, i _hate_ 404s, so I like to parse access logs find and
> > report all 404s. However, as-is, parsing large access logs can be quite
> > inefficient since 404s represent such a small % of the entire file. I
> > was thinking nginx could filter it out at write-time:
> >
> > access_log  not_found.log  combined buffer=16K 404;
> >
> >
> > Apologies for the lameness of the code, but this is what I came up
> > with:
> > https://gist.github.com/2906701
> >
> > I certainly don't recommend anyone uses it, I'm mostly just looking for
> > feedback. Is this better off in its own module? (there's so much code in
> > the http_log_module that I want to leverage though). There's much more
> > filtering that could go on that perhaps a new directive is a better
> > approach:
> >
> > access_log_filter $status /(40\d)/
> > access_log_filter $method GET
> >
> > (which is certainly beyond my capabilities).
> >
> > Thoughts?
>
> error_page 404 /404.html;
>
> location = /404.html {
>    access_log /path/to/log;
> }
>
> Maxim Dounin
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120612/540ef383/attachment-0001.html>

From nginx-forum at nginx.us  Wed Jun 13 00:34:03 2012
From: nginx-forum at nginx.us (karlseguin)
Date: Tue, 12 Jun 2012 20:34:03 -0400 (EDT)
Subject: http_log_module filter by status
In-Reply-To: <CALqce=0-BpF6qrFN4rMAXOWWnYsCVREsEWiKO3P8E9RUn54rvQ@mail.gmail.com>
References: <CALqce=0-BpF6qrFN4rMAXOWWnYsCVREsEWiKO3P8E9RUn54rvQ@mail.gmail.com>
Message-ID: <012f5fe8db69f72c4d45c9bec88e7573.NginxMailingListEnglish@forum.nginx.org>

heh, thanks :) much better!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227401,227474#msg-227474


From nginx-forum at nginx.us  Wed Jun 13 06:04:56 2012
From: nginx-forum at nginx.us (chenmin7249)
Date: Wed, 13 Jun 2012 02:04:56 -0400 (EDT)
Subject: nginx clear static file cache without restarting
Message-ID: <611c94f4afe2d70105155c2d98e8b1e8.NginxMailingListEnglish@forum.nginx.org>

i'm using nginx1.0.15 stable to serve static files, and with following
configurations:

    sendfile        on;
    tcp_nopush     on;
    tcp_nodelay    on;
    open_file_cache max=1048000 inactive=604800s;
    open_file_cache_min_uses 1;
    open_file_cache_valid 3600s;

here is my problem, how can i clear the static file cache without
restarting nginx without 'killall -HUP nginx'?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227476,227476#msg-227476


From ru at nginx.com  Wed Jun 13 06:12:45 2012
From: ru at nginx.com (Ruslan Ermilov)
Date: Wed, 13 Jun 2012 10:12:45 +0400
Subject: nginx default server not used
In-Reply-To: <97221a02eacadcfdd878d65ba48ebf34.NginxMailingListEnglish@forum.nginx.org>
References: <CAN=WzV3Q_J6-bj8RmWJgjQXuB+Xux8d1uagKSffxWwoddBt-qw@mail.gmail.com>
	<a483f6c2a183201fff04cb43ce5414ff.NginxMailingListEnglish@forum.nginx.org>
	<97221a02eacadcfdd878d65ba48ebf34.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120613061245.GA82810@lo0.su>

On Sat, Jun 09, 2012 at 04:41:23AM -0400, valinor wrote:
> Hello
> 
> I have found another possible cause for nginx to ignore default server
> I have encountered it just now, and it is not your case, but maybe it
> would be helpful for someone
> 
> At example:
> 
> server {
>   listen 80 default_server;
>   server_name default.domain.dom;
> ................
> }
> 
> server {
>   listen <particular.ip>:80;
>   server_name some.server.domain.dom;
> ..................
> }
> 
> In this case, listening schema for the default server is _not_the_same_
> as for another server.
> Considering the fact that we have described a server with the particular
> ip address, our default server for that ip (although it is listening on
> all IPs) would be ignored, and all queries to that particular ip, even
> with "Host: default.domain.dom", would be directed to
> "some.server.domain.dom" as it becomes a default (first-described)
> server for this listening schema.
> We have to explicitly describe "listen <particular.ip>:80" on the
> default server to enable it for this schema.
> 
> WBW, valinor

Here, you have two different listening addresses, 0.0.0.0:80 and
<particular.ip>:80.  Each of them may have its own "default server".
See here for details:
http://nginx.org/en/docs/http/request_processing.html#mixed_name_ip_based_servers


From mdounin at mdounin.ru  Wed Jun 13 07:36:56 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 13 Jun 2012 11:36:56 +0400
Subject: http_log_module filter by status
In-Reply-To: <CALqce=0-BpF6qrFN4rMAXOWWnYsCVREsEWiKO3P8E9RUn54rvQ@mail.gmail.com>
References: <b649983a5a9059022e1272735d3dc21a.NginxMailingListEnglish@forum.nginx.org>
	<20120612200844.GO31671@mdounin.ru>
	<CALqce=0-BpF6qrFN4rMAXOWWnYsCVREsEWiKO3P8E9RUn54rvQ@mail.gmail.com>
Message-ID: <20120613073656.GP31671@mdounin.ru>

Hello!

On Tue, Jun 12, 2012 at 06:08:28PM -0400, B.R. wrote:

> The documentation <http://wiki.nginx.org/HttpCoreModule#error_page> also
> says that if you don't want to redirect to another page, you can use a
> named redirection :
> location / {
>   error_page 404 @404;
> }
> 
> location @404 {
>   access_log /path/to/log;
> }

This will cause another 404 as written.

Note well that named location are really needed only if you don't 
want *internal* redirect to happen, i.e. want to preserve original 
uri (e.g. for an additional processing as in various fallback 
schemes) and/or really can't touch uri namespace for some reason.

Maxim Dounin

> 
> The wiki syntax seems to be wrong though, since it is using brackets and
> not braces.
> ---
> *B. R.*
> 
> 
> On Tue, Jun 12, 2012 at 4:08 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> 
> > Hello!
> >
> > On Sun, Jun 10, 2012 at 01:40:12PM -0400, karlseguin wrote:
> >
> > > I was interested in having nginx log 404s to their own file.
> > > Essentially, i _hate_ 404s, so I like to parse access logs find and
> > > report all 404s. However, as-is, parsing large access logs can be quite
> > > inefficient since 404s represent such a small % of the entire file. I
> > > was thinking nginx could filter it out at write-time:
> > >
> > > access_log  not_found.log  combined buffer=16K 404;
> > >
> > >
> > > Apologies for the lameness of the code, but this is what I came up
> > > with:
> > > https://gist.github.com/2906701
> > >
> > > I certainly don't recommend anyone uses it, I'm mostly just looking for
> > > feedback. Is this better off in its own module? (there's so much code in
> > > the http_log_module that I want to leverage though). There's much more
> > > filtering that could go on that perhaps a new directive is a better
> > > approach:
> > >
> > > access_log_filter $status /(40\d)/
> > > access_log_filter $method GET
> > >
> > > (which is certainly beyond my capabilities).
> > >
> > > Thoughts?
> >
> > error_page 404 /404.html;
> >
> > location = /404.html {
> >    access_log /path/to/log;
> > }
> >
> > Maxim Dounin
> >
> > _______________________________________________
> > nginx mailing list
> > nginx at nginx.org
> > http://mailman.nginx.org/mailman/listinfo/nginx
> >

> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From mdounin at mdounin.ru  Wed Jun 13 10:13:54 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 13 Jun 2012 14:13:54 +0400
Subject: Nginx proxy overhead with / out keep alive requests
In-Reply-To: <f19d14b0c3ed459de85629f2e4ca9235.NginxMailingListEnglish@forum.nginx.org>
References: <f19d14b0c3ed459de85629f2e4ca9235.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120613101354.GQ31671@mdounin.ru>

Hello!

On Tue, Jun 12, 2012 at 04:30:51PM -0400, paphillon wrote:

> I have a test setup to measure the nginx overhead when plugged in front
> of a Jboss tomcat server.
> In tomcat I have deployed a test.jsp and use ab to measure the
> performance with the following scenarios 
> 
> With out keep alive ab option
> ab --> <jboss tomcat URL> (ab -n 5000 -c 5
> http://jboss.tomcat.url/test.jsp)
> ab --> <nginx URL> --> <jboss tomcat URL>  (ab -n 5000 -c 5
> http://nginx.proxy.url/test.jsp)
> 
> With keep alive ab option (-k)
> ab  --> <jboss tomcat URL>  (ab -n 5000 -c 5 -k
> http://jboss.tomcat.url/test.jsp)
> ab  --> <nginx URL> --> <jboss tomcat URL>  (ab -n 5000 -c 5 -k
> http://nginx.proxy.url/test.jsp)
> 
> The performance numbers WITHOUT keep alive is almost same BUT WITH keep
> alive option the performance numbers are very different and nginx takes
> about 5 secs more than the page accessed directly via tomcat. Tomcat
> takes only 0.503430 on an average 
> 
> Why should there be so much of deviation with Keep alive? Is there
> anything I am missing?

Unless you've configured keepalive to upstreams (see 
http://nginx.org/r/keepalive) nginx will not use keepalive 
connections to tomcat.  And the expected result is: nginx is in 
par with tomcat used directly without keepalive.

Nnumbers extracted from your data for clarity:

tomcat + keepalive:   9931.87 r/s
tomcat w/o keepalive: 1073.32 r/s
nginx  + keepalive:    919.03 r/s
nginx  w/o keepalvie: 1016.89 r/s

All nginx numbers are about tomcat's one without keepalive, as 
expected (see above).

The limiting factor is clearly tomcat's connection establishment 
cost, which drops performance from 10k r/s to 1k r/s.  You may 
want to configure upstream keepalive to cope with it if it's really 
matters in you case (i.e. if real requests are as fast as test one 
you've used; usually real request processing takes much more than 
connection establishment).  See the link above for details.

Maxim Dounin


From mdounin at mdounin.ru  Wed Jun 13 10:37:14 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 13 Jun 2012 14:37:14 +0400
Subject: nginx clear static file cache without restarting
In-Reply-To: <611c94f4afe2d70105155c2d98e8b1e8.NginxMailingListEnglish@forum.nginx.org>
References: <611c94f4afe2d70105155c2d98e8b1e8.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120613103713.GS31671@mdounin.ru>

Hello!

On Wed, Jun 13, 2012 at 02:04:56AM -0400, chenmin7249 wrote:

> i'm using nginx1.0.15 stable to serve static files, and with following
> configurations:
> 
>     sendfile        on;
>     tcp_nopush     on;
>     tcp_nodelay    on;
>     open_file_cache max=1048000 inactive=604800s;
>     open_file_cache_min_uses 1;
>     open_file_cache_valid 3600s;
> 
> here is my problem, how can i clear the static file cache without
> restarting nginx without 'killall -HUP nginx'?

No, the only way to reset open file cache is to restart worker 
processes.  Sending SIGHUP to let nginx start new worker processes 
and gracefully shutdown old ones is the easiest way to do this.

And just to make sure it's clear: restarting worker processes via 
SIGHUP doesn't imply any downtime.  All connections will be 
accepted and all requests will be handled, no animals will be 
harmed and so on.

Maxim Dounin


From agentzh at gmail.com  Wed Jun 13 10:50:17 2012
From: agentzh at gmail.com (agentzh)
Date: Wed, 13 Jun 2012 18:50:17 +0800
Subject: [ANN] ngx_openresty stable version 1.0.15.10 released
Message-ID: <CAB4Tn6OOJUBb2iB6GygDFN450ANKQbVsqAofiq1C1rhabuhY2Q@mail.gmail.com>

Hello, folks!

I'm happy to announce that the new stable version of ngx_openresty,
1.0.15.10, has just been released:

? ?http://openresty.org/#Download

This release is essentially equivalent to the devel version 1.0.15.9
except excluding all the vim backup files *~ from the source code
distribution. thanks Xiaoyu Chen.

Components bundled:

  * LuaJIT-2.0.0-beta10
  * array-var-nginx-module-0.03rc1
  * auth-request-nginx-module-0.2
  * drizzle-nginx-module-0.1.2rc7
  * echo-nginx-module-0.38rc2
  * encrypted-session-nginx-module-0.02
  * form-input-nginx-module-0.07rc5
  * headers-more-nginx-module-0.17rc1
  * iconv-nginx-module-0.10rc7
  * lua-5.1.4
  * lua-cjson-1.0.3
  * lua-rds-parser-0.05
  * lua-redis-parser-0.09
  * lua-resty-memcached-0.07
  * lua-resty-mysql-0.07
  * lua-resty-redis-0.09
  * lua-resty-string-0.06
  * lua-resty-upload-0.03
  * memc-nginx-module-0.13rc3
  * nginx-1.0.15
  * ngx_coolkit-0.2rc1
  * ngx_devel_kit-0.2.17
  * ngx_lua-0.5.0rc30
  * ngx_postgres-0.9
  * rds-csv-nginx-module-0.05rc2
  * rds-json-nginx-module-0.12rc10
  * redis-nginx-module-0.3.6
  * redis2-nginx-module-0.08rc4
  * set-misc-nginx-module-0.22rc8
  * srcache-nginx-module-0.13rc8
  * upstream-keepalive-nginx-module-0.7
  * xss-nginx-module-0.03rc9

You can check out the complete change log here for comparison with the
last stable version 1.0.11.28:

??? http://openresty.org/#ChangeLog1000015

Special thanks go to all our contributors and users for making this
release happen :)

OpenResty (aka. ngx_openresty) is a full-fledged web application
server by bundling the standard Nginx core, lots of 3rd-party Nginx
modules, as well? as most of their external dependencies. See
OpenResty's homepage for more details:

? http://openresty.org/

Have fun!
-agentzh


From mdounin at mdounin.ru  Wed Jun 13 11:06:00 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 13 Jun 2012 15:06:00 +0400
Subject: PROPFIND and OPTIONS support in Nginx?
In-Reply-To: <jr3vti$eso$1@dough.gmane.org>
References: <jr3vti$eso$1@dough.gmane.org>
Message-ID: <20120613110559.GU31671@mdounin.ru>

Hello!

On Mon, Jun 11, 2012 at 01:32:39AM -0400, Floren Munteanu wrote:

> I was wondering why the Nginx devs do not add WebDAV support for
> PROPFIND and OPTIONS. There is a module available in Github but
> still, I would love to have this officially supported by Nginx:
> https://github.com/arut/nginx-dav-ext-module
> 
> Are there any plans to have full WebDAV support implemented? This
> would be a nice addition into 1.3.0 branch.

It's in our TODO, though no ETA yet.

Roman's implementation is likely ok if you can't wait, but it 
can't be imported as is due to number of reasons (the one recently 
reported on russian list: it doesn't compile on Windows).

Maxim Dounin


From gabor.farkas at gmail.com  Wed Jun 13 12:09:32 2012
From: gabor.farkas at gmail.com (=?ISO-8859-1?Q?G=E1bor_Farkas?=)
Date: Wed, 13 Jun 2012 14:09:32 +0200
Subject: proxy_next_upstream, only "connect" timeout?
Message-ID: <CAPiPmQkD3KCwmvcZM=nYxOUGnsdUnKqxuMhCEeoPdAU-RWT2kQ@mail.gmail.com>

hi,

is there any way to tell nginx to fallback to the next upstream in
case of timeout,
but only if the timeout occured during connection (for example because
the upstream's backlog is full),
and not when the upstream is already processing the request? basically
the case specified by the proxy_connect_timeout.

it seems if i do:
"proxy_next_upstream timeout", then this can happen:

1. nginx sends the request to upstream1
2. upstream1 begins processing the request, stores data in the db, etc
3. while upstream1 creates the response, the timeout happens, and
nginx sends the request to upstream2
4. upstream2 begins processing the request, stores data in the db, etc

at this point the request was processed twice, data were written in
the database twice etc. i would like to avoid it.

but, on the other hand, if i say "proxy_next_upstream off", then this
can happen:

1. nginx sends the request to upstream1
2. upstream1's socket-backlog is full, so nginx returns a http504 to
the user, even if there is upstream2, that theoretically could have
served the request.

any ideas how to handle this situation?

thanks,
gabor


From nginx-forum at nginx.us  Wed Jun 13 14:31:02 2012
From: nginx-forum at nginx.us (caleboconnell)
Date: Wed, 13 Jun 2012 10:31:02 -0400 (EDT)
Subject: rewrite url segment staging site and live site
In-Reply-To: <20120612172316.GB6210@craic.sysops.org>
References: <20120612172316.GB6210@craic.sysops.org>
Message-ID: <a4016ad59aa0a63751a92f1bced42b71.NginxMailingListEnglish@forum.nginx.org>

That's exactly what I thought, but when I used (.*) at the end and used
the $1 I kept getting 404.  When I made it the way it is now, it worked
on my staging site as  expected but not on my live site.

I can confirm that on neither site, the following does not work (404
error):

  location /old {
    rewrite ^/old/(.*)$ /new/$1 permanent;
  }

the following will redirect anything from old to the landing page for
the new section

  location /old {
    rewrite ^/old? /new permanent;
  }


here is the current config, with prior rewrites before this location
block:

location / {
    index index.php;
    try_files $uri $uri/ @ee;
  }

  location @ee {
    rewrite ^(.*) /index.php?/$1 last;
  }

  location /old {
    rewrite ^/old? /new permanent;
  }

I tired to use (.*) and $2 in hopes that the prior $1 wasn't breaking
it.  Still no luck.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227464,227496#msg-227496


From reallfqq-nginx at yahoo.fr  Wed Jun 13 16:00:21 2012
From: reallfqq-nginx at yahoo.fr (B.R.)
Date: Wed, 13 Jun 2012 12:00:21 -0400
Subject: rewrite url segment staging site and live site
In-Reply-To: <a4016ad59aa0a63751a92f1bced42b71.NginxMailingListEnglish@forum.nginx.org>
References: <20120612172316.GB6210@craic.sysops.org>
	<a4016ad59aa0a63751a92f1bced42b71.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CALqce=1ggvV49KPft41NnpBuMgbhPh2uR_7X1WQVyWu9mh2qGQ@mail.gmail.com>

Try to use your regex in the location path too.

location '/old' only catches '/old', not even '/old/' and of course nothing
lie '/old/....'
Then, inside, you rewrite only URI which start with '/old/', so *in fine*,
nothing will be ever redirected.

The machine does precisely what you asked it to do.
---
*B. R.*


On Wed, Jun 13, 2012 at 10:31 AM, caleboconnell <nginx-forum at nginx.us>wrote:

> That's exactly what I thought, but when I used (.*) at the end and used
> the $1 I kept getting 404.  When I made it the way it is now, it worked
> on my staging site as  expected but not on my live site.
>
> I can confirm that on neither site, the following does not work (404
> error):
>
>  location /old {
>    rewrite ^/old/(.*)$ /new/$1 permanent;
>  }
>
> the following will redirect anything from old to the landing page for
> the new section
>
>  location /old {
>    rewrite ^/old? /new permanent;
>  }
>
>
> here is the current config, with prior rewrites before this location
> block:
>
> location / {
>    index index.php;
>    try_files $uri $uri/ @ee;
>  }
>
>  location @ee {
>    rewrite ^(.*) /index.php?/$1 last;
>  }
>
>  location /old {
>    rewrite ^/old? /new permanent;
>  }
>
> I tired to use (.*) and $2 in hopes that the prior $1 wasn't breaking
> it.  Still no luck.
>
> Posted at Nginx Forum:
> http://forum.nginx.org/read.php?2,227464,227496#msg-227496
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120613/bdfc8d5f/attachment.html>

From nginx-forum at nginx.us  Wed Jun 13 16:31:35 2012
From: nginx-forum at nginx.us (caleboconnell)
Date: Wed, 13 Jun 2012 12:31:35 -0400 (EDT)
Subject: rewrite url segment staging site and live site
In-Reply-To: <eb917f1c0f33735d7d3a03255cdfce2e.NginxMailingListEnglish@forum.nginx.org>
References: <eb917f1c0f33735d7d3a03255cdfce2e.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <a8fb5e6951704350b83ad077c95a172a.NginxMailingListEnglish@forum.nginx.org>

The following worked.  Thanks for helping me with this.  Hopefully it
answers another newbie's question someday. 

 location ^~ /old {
    rewrite ^/old(.*)$ /new$1 permanent;
  }

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227464,227499#msg-227499


From nginx-forum at nginx.us  Wed Jun 13 17:52:32 2012
From: nginx-forum at nginx.us (paphillon)
Date: Wed, 13 Jun 2012 13:52:32 -0400 (EDT)
Subject: Nginx proxy overhead with / out keep alive requests
In-Reply-To: <20120613101354.GQ31671@mdounin.ru>
References: <20120613101354.GQ31671@mdounin.ru>
Message-ID: <5cf1ee2b092ea99b590a53fa9fe416d0.NginxMailingListEnglish@forum.nginx.org>

Hi Maxim,

Thanks for the insight! I had a hunch on the keepalive setting from
nginx to tomcat, but did not really find anything in the document about
that. I will give it a try and let you know the results. I am not sure
if I will be able to use this keepalive in production as it requires
upstream config and differs from the way we have architect Nginx
configuration. 

I am using nginx as a dynamic proxy which routes the clients calls
(primarily web service calls) to different servers depending on the key
the client passes via cookie or http headers. The url's are in a map in
the below form

     map $http_void $header_based_url{
        default "no_http_header";
        key1 server_instance_1_url;
        key2 server_instance_2_url;
        ......
    }

  location /xxx {
         proxy_pass $header_based_url;
  }
And to make it more simple to add / maintain the server url's, the URL's
are stored in a flat file 

I am not sure how I can use the keepalive over here other than the
upstream or how do I make this upstream config compatible.

Regards

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227472,227503#msg-227503


From nginx-forum at nginx.us  Wed Jun 13 18:29:23 2012
From: nginx-forum at nginx.us (parttis)
Date: Wed, 13 Jun 2012 14:29:23 -0400 (EDT)
Subject: Code coverage on nginx using lcov (gcov)
In-Reply-To: <201206080059.57528.ne@vbart.ru>
References: <201206080059.57528.ne@vbart.ru>
Message-ID: <a8ca24d91c291fffbd1f0d71c49a778e.NginxMailingListEnglish@forum.nginx.org>

Valentin V. Bartenev Wrote:
> Looks like it measures only the master process,
> which does not
> process requests. I don't know much about gcov,
> probably it can
> measure multi-process applications, but also you
> can set the
> "master_process" directive to "off".
> 
> http://nginx.org/r/master_process
> 
>  wbr, Valentin V. Bartenev


Thank you Valentin for your kind help.
Now I am able to do code coverage measurements.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227329,227504#msg-227504


From nginx-forum at nginx.us  Wed Jun 13 20:50:08 2012
From: nginx-forum at nginx.us (paphillon)
Date: Wed, 13 Jun 2012 16:50:08 -0400 (EDT)
Subject: Nginx proxy overhead with / out keep alive requests
In-Reply-To: <5cf1ee2b092ea99b590a53fa9fe416d0.NginxMailingListEnglish@forum.nginx.org>
References: <20120613101354.GQ31671@mdounin.ru>
	<5cf1ee2b092ea99b590a53fa9fe416d0.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <c4fa73e04fc40e15616cefd2c327d173.NginxMailingListEnglish@forum.nginx.org>

upstream with keepalive has the results almost comparable with tomcat,
so yes keepalive between nginx and tomcat really does the trick. :)

Unfortunately we cannot use the upstream as explained in my previous
post, unless upstream can offer something like below
 
    map $http_void $header_based_url{

       default "no_http_header";
       #These Key => URL's are currently stored in a flat file
       key1 server_instance_1_url_host;
       key2 server_instance_2_url_host;
        ......
     }

    upstream http_backend {

      server $header_based_url_host;

      keepalive 100;

    }


    location /xxx {
       proxy_pass http_backend;
    }

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227472,227506#msg-227506


From p at state-of-mind.de  Wed Jun 13 22:43:00 2012
From: p at state-of-mind.de (Patrick Ben Koetter)
Date: Thu, 14 Jun 2012 00:43:00 +0200
Subject: Running mailman within a domain
Message-ID: <20120613224300.GP18826@state-of-mind.de>

Greetings,

this is my first take at nginx. I try to add /cgi-bin/mailman/... to an
existing server instance (mail.sys4.de). At the moment I can call scripts
directly e.g. <https://mail.sys4.de/cgi-bin/mailman/listinfo> works.

What I fail to accieve is getting access to lists e.g.
<https://mail.sys4.de/cgi-bin/mailman/listinfo/users>. The Browser receives a
403 and the fast_cgi wrapper reports:

  Cannot chdir to script directory (/usr/lib/cgi-bin/mailman/listinfo)" while
  reading response header from upstream


What is it I am doing wrong?


This is my nginx configuration to include mailman into the website:

        location /cgi-bin/mailman {
               root /usr/lib/;
               fastcgi_split_path_info (^/cgi-bin/mailman/[^/]*)(.*)$;
               include /etc/nginx/fastcgi_params;
               fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
               fastcgi_param PATH_INFO $fastcgi_path_info;
               fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
               fastcgi_intercept_errors off;
               fastcgi_pass unix:/var/run/fcgiwrap.socket;
        }
        location /images/mailman {
               alias /usr/share/images/mailman;
        }
        location /pipermail {
               alias /var/lib/mailman/archives/public;
               autoindex on;
        }

/etc/nginx/fastcgi_params contains these settings:

fastcgi_param   QUERY_STRING            $query_string;
fastcgi_param   REQUEST_METHOD          $request_method;
fastcgi_param   CONTENT_TYPE            $content_type;
fastcgi_param   CONTENT_LENGTH          $content_length;

fastcgi_param   SCRIPT_FILENAME         $request_filename;
fastcgi_param   SCRIPT_NAME             $fastcgi_script_name;
fastcgi_param   REQUEST_URI             $request_uri;
fastcgi_param   DOCUMENT_URI            $document_uri;
fastcgi_param   DOCUMENT_ROOT           $document_root;
fastcgi_param   SERVER_PROTOCOL         $server_protocol;

fastcgi_param   GATEWAY_INTERFACE       CGI/1.1;
fastcgi_param   SERVER_SOFTWARE         nginx/$nginx_version;

fastcgi_param   REMOTE_ADDR             $remote_addr;
fastcgi_param   REMOTE_PORT             $remote_port;
fastcgi_param   SERVER_ADDR             $server_addr;
fastcgi_param   SERVER_PORT             $server_port;
fastcgi_param   SERVER_NAME             $server_name;

fastcgi_param   HTTPS                   $https;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param   REDIRECT_STATUS         200;



My error log gives this output:

2012/06/14 00:39:48 [debug] 27873#0: *13 post event 0000000002292AB0
2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A62C0
2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 00000000022A62C0
2012/06/14 00:39:48 [debug] 27873#0: *13 http empty handler
2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 0000000002292AB0
2012/06/14 00:39:48 [debug] 27873#0: *13 http keepalive handler
2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 00000000022C7AE0:1024
2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_read: 1
2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_read: 404
2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_read: -1
2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_get_error: 2
2012/06/14 00:39:48 [debug] 27873#0: *13 reusable connection: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 000000000224D310:1296
2012/06/14 00:39:48 [debug] 27873#0: *13 posix_memalign: 000000000228B240:4096 @16
2012/06/14 00:39:48 [debug] 27873#0: *13 http process request line
2012/06/14 00:39:48 [debug] 27873#0: *13 http request line: "GET /cgi-bin/mailman/listinfo/users HTTP/1.1"
2012/06/14 00:39:48 [debug] 27873#0: *13 http uri: "/cgi-bin/mailman/listinfo/users"
2012/06/14 00:39:48 [debug] 27873#0: *13 http args: ""
2012/06/14 00:39:48 [debug] 27873#0: *13 http exten: ""
2012/06/14 00:39:48 [debug] 27873#0: *13 http process request header line
2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Host: mail.sys4.de"
2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101 Firefox/13.0"
2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3"
2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Accept-Encoding: gzip, deflate"
2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "DNT: 1"
2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Connection: keep-alive"
2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Referer: https://mail.sys4.de/cgi-bin/mailman/listinfo"
2012/06/14 00:39:48 [debug] 27873#0: *13 http header done
2012/06/14 00:39:48 [debug] 27873#0: *13 event timer del: 10: 1339627243545
2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 rewrite phase: 1
2012/06/14 00:39:48 [debug] 27873#0: *13 http script regex: "^/$"
2012/06/14 00:39:48 [notice] 27873#0: *13 "^/$" does not match "/cgi-bin/mailman/listinfo/users", client: 178.27.33.0, server: mail.sys4.de, request: "GET /cgi-bin/mailman/listinfo/users HTTP/1.1", host: "mail.sys4.de", referrer: "https://mail.sys4.de/cgi-bin/mailman/listinfo"
2012/06/14 00:39:48 [debug] 27873#0: *13 test location: "/images/mailman"
2012/06/14 00:39:48 [debug] 27873#0: *13 test location: "/cgi-bin/mailman"
2012/06/14 00:39:48 [debug] 27873#0: *13 using configuration "/cgi-bin/mailman"
2012/06/14 00:39:48 [debug] 27873#0: *13 http cl:-1 max:1048576
2012/06/14 00:39:48 [debug] 27873#0: *13 rewrite phase: 3
2012/06/14 00:39:48 [debug] 27873#0: *13 post rewrite phase: 4
2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 5
2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 6
2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 7
2012/06/14 00:39:48 [debug] 27873#0: *13 access phase: 8
2012/06/14 00:39:48 [debug] 27873#0: *13 access phase: 9
2012/06/14 00:39:48 [debug] 27873#0: *13 access phase: 10
2012/06/14 00:39:48 [debug] 27873#0: *13 post access phase: 11
2012/06/14 00:39:48 [debug] 27873#0: *13 posix_memalign: 00000000022D15A0:4096 @16
2012/06/14 00:39:48 [debug] 27873#0: *13 http init upstream, client timer: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "QUERY_STRING"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "QUERY_STRING: "
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REQUEST_METHOD"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "GET"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REQUEST_METHOD: GET"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "CONTENT_TYPE"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "CONTENT_TYPE: "
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "CONTENT_LENGTH"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "CONTENT_LENGTH: "
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SCRIPT_FILENAME"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib/cgi-bin/mailman/listinfo/users"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SCRIPT_FILENAME: /usr/lib/cgi-bin/mailman/listinfo/users"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SCRIPT_NAME"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/cgi-bin/mailman/listinfo"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SCRIPT_NAME: /cgi-bin/mailman/listinfo"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REQUEST_URI"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/cgi-bin/mailman/listinfo/users"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REQUEST_URI: /cgi-bin/mailman/listinfo/users"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "DOCUMENT_URI"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/cgi-bin/mailman/listinfo/users"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "DOCUMENT_URI: /cgi-bin/mailman/listinfo/users"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "DOCUMENT_ROOT"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "DOCUMENT_ROOT: /usr/lib"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_PROTOCOL"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "HTTP/1.1"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_PROTOCOL: HTTP/1.1"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "GATEWAY_INTERFACE"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "CGI/1.1"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "GATEWAY_INTERFACE: CGI/1.1"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_SOFTWARE"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "nginx/"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "1.1.19"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_SOFTWARE: nginx/1.1.19"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REMOTE_ADDR"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "178.27.33.0"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REMOTE_ADDR: 178.27.33.0"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REMOTE_PORT"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "35670"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REMOTE_PORT: 35670"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_ADDR"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "194.126.158.57"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_ADDR: 194.126.158.57"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_PORT"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "443"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_PORT: 443"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_NAME"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "mail.sys4.de"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_NAME: mail.sys4.de"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "HTTPS"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "on"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTPS: on"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REDIRECT_STATUS"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "200"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REDIRECT_STATUS: 200"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SCRIPT_FILENAME"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/cgi-bin/mailman/listinfo"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SCRIPT_FILENAME: /usr/lib/cgi-bin/mailman/listinfo"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "PATH_INFO"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/users"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "PATH_INFO: /users"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "PATH_TRANSLATED"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/users"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "PATH_TRANSLATED: /usr/lib/users"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_HOST: mail.sys4.de"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_USER_AGENT: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101 Firefox/13.0"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_ACCEPT_LANGUAGE: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_ACCEPT_ENCODING: gzip, deflate"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_DNT: 1"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_CONNECTION: keep-alive"
2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_REFERER: https://mail.sys4.de/cgi-bin/mailman/listinfo"
2012/06/14 00:39:48 [debug] 27873#0: *13 http cleanup add: 00000000022D1C08
2012/06/14 00:39:48 [debug] 27873#0: *13 get rr peer, try: 1
2012/06/14 00:39:48 [debug] 27873#0: *13 socket 12
2012/06/14 00:39:48 [debug] 27873#0: *13 epoll add connection: fd:12 ev:80000005
2012/06/14 00:39:48 [debug] 27873#0: *13 connect to unix:/var/run/fcgiwrap.socket, fd:12 #15
2012/06/14 00:39:48 [debug] 27873#0: *13 connected
2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream connect: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 posix_memalign: 00000000022C7130:128 @16
2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream send request
2012/06/14 00:39:48 [debug] 27873#0: *13 chain writer buf fl:0 s:1008
2012/06/14 00:39:48 [debug] 27873#0: *13 chain writer in: 00000000022D1C40
2012/06/14 00:39:48 [debug] 27873#0: *13 writev: 1008
2012/06/14 00:39:48 [debug] 27873#0: *13 chain writer out: 0000000000000000
2012/06/14 00:39:48 [debug] 27873#0: *13 event timer add: 12: 60000:1339627248804
2012/06/14 00:39:48 [debug] 27873#0: *13 http finalize request: -4, "/cgi-bin/mailman/listinfo/users?" a:1, c:2
2012/06/14 00:39:48 [debug] 27873#0: *13 http request count:2 blk:0
2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A6328
2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 00000000022A6328
2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: "/cgi-bin/mailman/listinfo/users?"
2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream dummy handler
2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A6328
2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 00000000022A6328
2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: "/cgi-bin/mailman/listinfo/users?"
2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream dummy handler
2012/06/14 00:39:48 [debug] 27873#0: *13 post event 0000000002292B18
2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A6328
2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 00000000022A6328
2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: "/cgi-bin/mailman/listinfo/users?"
2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream dummy handler
2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 0000000002292B18
2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: "/cgi-bin/mailman/listinfo/users?"
2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream process header
2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 00000000022525C0:4096
2012/06/14 00:39:48 [debug] 27873#0: *13 recv: fd:12 176 of 4096
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 07
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 45
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 03
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 69
2012/06/14 00:39:48 [error] 27873#0: *13 FastCGI sent in stderr: "Cannot chdir to script directory (/usr/lib/cgi-bin/mailman/listinfo)" while reading response header from upstream, client: 178.27.33.0, server: mail.sys4.de, request: "GET /cgi-bin/mailman/listinfo/users HTTP/1.1", upstream: "fastcgi://unix:/var/run/fcgiwrap.socket:", host: "mail.sys4.de", referrer: "https://mail.sys4.de/cgi-bin/mailman/listinfo"
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 07
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 06
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 33
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 05
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 51
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi parser: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi header: "Status: 403 Forbidden"
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi parser: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi header: "Content-type: text/plain"
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi parser: 1
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi header done
2012/06/14 00:39:48 [debug] 27873#0: *13 xslt filter header
2012/06/14 00:39:48 [debug] 27873#0: *13 HTTP/1.1 403 Forbidden
Server: nginx/1.1.19
Date: Wed, 13 Jun 2012 22:39:48 GMT
Content-Type: text/plain
Transfer-Encoding: chunked
Connection: keep-alive

2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:1 f:0 00000000022D1E90, pos 00000000022D1E90, size: 163 file: 0, size: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter: l:0 f:0 s:163
2012/06/14 00:39:48 [debug] 27873#0: *13 http cacheable: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream process upstream
2012/06/14 00:39:48 [debug] 27873#0: *13 pipe read upstream: 1
2012/06/14 00:39:48 [debug] 27873#0: *13 pipe preread: 32
2012/06/14 00:39:48 [debug] 27873#0: *13 readv: 1:3920
2012/06/14 00:39:48 [debug] 27873#0: *13 pipe recv chain: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 pipe buf free s:0 t:1 f:0 00000000022525C0, pos 0000000002252650, size: 32 file: 0, size: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 pipe length: -1
2012/06/14 00:39:48 [debug] 27873#0: *13 input buf #0 0000000002252650
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 06
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi closed stdout
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 03
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 08
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 8
2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi sent end request
2012/06/14 00:39:48 [debug] 27873#0: *13 input buf 0000000002252650 3
2012/06/14 00:39:48 [debug] 27873#0: *13 pipe write downstream: 1
2012/06/14 00:39:48 [debug] 27873#0: *13 pipe write downstream flush in
2012/06/14 00:39:48 [debug] 27873#0: *13 http output filter "/cgi-bin/mailman/listinfo/users?"
2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: "/cgi-bin/mailman/listinfo/users?"
2012/06/14 00:39:48 [debug] 27873#0: *13 image filter
2012/06/14 00:39:48 [debug] 27873#0: *13 xslt filter body
2012/06/14 00:39:48 [debug] 27873#0: *13 http postpone filter "/cgi-bin/mailman/listinfo/users?" 00000000022D20A0
2012/06/14 00:39:48 [debug] 27873#0: *13 http chunk: 3
2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 00000000022D1E90, pos 00000000022D1E90, size: 163 file: 0, size: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:1 f:0 00000000022D2188, pos 00000000022D2188, size: 3 file: 0, size: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:1 f:0 00000000022525C0, pos 0000000002252650, size: 3 file: 0, size: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:0 f:0 0000000000000000, pos 000000000049DD7D, size: 2 file: 0, size: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter: l:0 f:0 s:171
2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: 0 "/cgi-bin/mailman/listinfo/users?"
2012/06/14 00:39:48 [debug] 27873#0: *13 pipe write downstream done
2012/06/14 00:39:48 [debug] 27873#0: *13 event timer: 12, old: 1339627248804, new: 1339627248805
2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream exit: 0000000000000000
2012/06/14 00:39:48 [debug] 27873#0: *13 finalize http upstream request: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 finalize http fastcgi request
2012/06/14 00:39:48 [debug] 27873#0: *13 free rr peer 1 0
2012/06/14 00:39:48 [debug] 27873#0: *13 close http upstream connection: 12
2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022C7130, unused: 48
2012/06/14 00:39:48 [debug] 27873#0: *13 event timer del: 12: 1339627248804
2012/06/14 00:39:48 [debug] 27873#0: *13 reusable connection: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream temp fd: -1
2012/06/14 00:39:48 [debug] 27873#0: *13 http output filter "/cgi-bin/mailman/listinfo/users?"
2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: "/cgi-bin/mailman/listinfo/users?"
2012/06/14 00:39:48 [debug] 27873#0: *13 image filter
2012/06/14 00:39:48 [debug] 27873#0: *13 xslt filter body
2012/06/14 00:39:48 [debug] 27873#0: *13 http postpone filter "/cgi-bin/mailman/listinfo/users?" 00007FFF43D71E70
2012/06/14 00:39:48 [debug] 27873#0: *13 http chunk: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 00000000022D1E90, pos 00000000022D1E90, size: 163 file: 0, size: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 00000000022D2188, pos 00000000022D2188, size: 3 file: 0, size: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 00000000022525C0, pos 0000000002252650, size: 3 file: 0, size: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:0 f:0 0000000000000000, pos 000000000049DD7D, size: 2 file: 0, size: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:0 f:0 0000000000000000, pos 000000000049DD7A, size: 5 file: 0, size: 0
2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter: l:1 f:0 s:176
2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter limit 0
2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 00000000022B9930:16384
2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 163
2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 3
2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 3
2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 2
2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 5
2012/06/14 00:39:48 [debug] 27873#0: *13 SSL to write: 176
2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_write: 176
2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter 0000000000000000
2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: 0 "/cgi-bin/mailman/listinfo/users?"
2012/06/14 00:39:48 [debug] 27873#0: *13 http finalize request: 0, "/cgi-bin/mailman/listinfo/users?" a:1, c:1
2012/06/14 00:39:48 [debug] 27873#0: *13 set http keepalive handler
2012/06/14 00:39:48 [debug] 27873#0: *13 http close request
2012/06/14 00:39:48 [debug] 27873#0: *13 http log handler
2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022525C0
2012/06/14 00:39:48 [debug] 27873#0: *13 free: 000000000228B240, unused: 6
2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022D15A0, unused: 444
2012/06/14 00:39:48 [debug] 27873#0: *13 event timer add: 10: 65000:1339627253805
2012/06/14 00:39:48 [debug] 27873#0: *13 free: 000000000224D310
2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022C7AE0
2012/06/14 00:39:48 [debug] 27873#0: *13 hc free: 0000000000000000 0
2012/06/14 00:39:48 [debug] 27873#0: *13 hc busy: 0000000000000000 0
2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022B9930
2012/06/14 00:39:48 [debug] 27873#0: *13 reusable connection: 1

Thanks

p at rick


-- 
state of mind ()

http://www.state-of-mind.de

Franziskanerstra?e 15      Telefon +49 89 3090 4664
81669 M?nchen              Telefax +49 89 3090 4666

Amtsgericht M?nchen        Partnerschaftsregister PR 563


From adrianhayter at gmail.com  Thu Jun 14 06:26:20 2012
From: adrianhayter at gmail.com (Adrian Hayter)
Date: Thu, 14 Jun 2012 07:26:20 +0100
Subject: 500 Internal Server Error only on wp-admin/ directory...
Message-ID: <4C382FFF-14C1-4431-8476-E8CFB921A49C@gmail.com>

I upgraded my Wordpress install (via svn) and now trying to access the wp-admin/ directory results in a 500 Internal Server Error, despite the fact my config hasn't changed at all.

The most annoying part is that no error messages seem to have been logged by either nginx or php-fpm. The front-end of the site appears to be working, which just adds to the strangeness.

I've looked at the permissions; they are all fine. nginx should have access, and like I said, the front-end works.

So my question(s): Does anyone know what might be causing this, and also, are there any helpful tutorials available for increasing the amount of information that nginx (and other applications like php, mysql, etc) outputs to error logs?

Cheers,

- Adrian

From al-nginx at none.at  Thu Jun 14 08:53:11 2012
From: al-nginx at none.at (Aleksandar Lazic)
Date: Thu, 14 Jun 2012 10:53:11 +0200
Subject: Running mailman within a domain
In-Reply-To: <20120613224300.GP18826@state-of-mind.de>
References: <20120613224300.GP18826@state-of-mind.de>
Message-ID: <fe75588e74857fe80e950cf5ef9f5dff@none.at>

Hi Patrick,

On 14-06-2012 00:43, Patrick Ben Koetter wrote:
> Greetings,
>
> this is my first take at nginx. I try to add /cgi-bin/mailman/... to 
> an
> existing server instance (mail.sys4.de). At the moment I can call 
> scripts
> directly e.g. <https://mail.sys4.de/cgi-bin/mailman/listinfo> works.
>
> What I fail to accieve is getting access to lists e.g.
> <https://mail.sys4.de/cgi-bin/mailman/listinfo/users>. The Browser 
> receives a
> 403 and the fast_cgi wrapper reports:
>
>   Cannot chdir to script directory 
> (/usr/lib/cgi-bin/mailman/listinfo)" while
>   reading response header from upstream
>
>
> What is it I am doing wrong?

I don't know too much about mailman, so I try to guess.

The

/usr/lib/cgi-bin/mailman

is the script which should be executed right?

The

/listinfo
&
/listinfo/users

should be the path info, right?

> This is my nginx configuration to include mailman into the website:
>
>         location /cgi-bin/mailman {
>                root /usr/lib/;

my suggestion:
-                fastcgi_split_path_info 
(^/cgi-bin/mailman/[^/]*)(.*)$;
+                fastcgi_split_path_info (^/cgi-bin/mailman)/(.*)$;
>                include /etc/nginx/fastcgi_params;
>                fastcgi_param SCRIPT_FILENAME
> $document_root$fastcgi_script_name;
>                fastcgi_param PATH_INFO $fastcgi_path_info;
>                fastcgi_param PATH_TRANSLATED
> $document_root$fastcgi_path_info;
>                fastcgi_intercept_errors off;
>                fastcgi_pass unix:/var/run/fcgiwrap.socket;
>         }
>         location /images/mailman {
>                alias /usr/share/images/mailman;
>         }
>         location /pipermail {
>                alias /var/lib/mailman/archives/public;
>                autoindex on;
>         }

output of pcretest

###
   re> |(^/cgi-bin/mailman)/(.*)$|
data> /cgi-bin/mailman/listinfo
  0: /cgi-bin/mailman/listinfo
  1: /cgi-bin/mailman
  2: listinfo
data> /cgi-bin/mailman/listinfo/users
  0: /cgi-bin/mailman/listinfo/users
  1: /cgi-bin/mailman
  2: listinfo/users
###

> /etc/nginx/fastcgi_params contains these settings:

[snipp]

> My error log gives this output:

[snipp]

> 2012/06/14 00:39:48 [debug] 27873#0: *13 http uri:
> "/cgi-bin/mailman/listinfo/users"

[snipp]

> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "SCRIPT_FILENAME"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var:
> "/usr/lib/cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> "SCRIPT_FILENAME: /usr/lib/cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "SCRIPT_NAME"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var:
> "/cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SCRIPT_NAME:
> /cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "REQUEST_URI"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var:
> "/cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REQUEST_URI:
> /cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "DOCUMENT_URI"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var:
> "/cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> "DOCUMENT_URI: /cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "DOCUMENT_ROOT"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> "DOCUMENT_ROOT: /usr/lib"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "SERVER_PROTOCOL"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "HTTP/1.1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> "SERVER_PROTOCOL: HTTP/1.1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy:
> "GATEWAY_INTERFACE"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "CGI/1.1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> "GATEWAY_INTERFACE: CGI/1.1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "SERVER_SOFTWARE"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "nginx/"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "1.1.19"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> "SERVER_SOFTWARE: nginx/1.1.19"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "REMOTE_ADDR"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: 
> "178.27.33.0"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REMOTE_ADDR:
> 178.27.33.0"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "REMOTE_PORT"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "35670"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REMOTE_PORT: 
> 35670"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "SERVER_ADDR"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: 
> "194.126.158.57"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_ADDR:
> 194.126.158.57"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "SERVER_PORT"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "443"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_PORT: 
> 443"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "SERVER_NAME"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: 
> "mail.sys4.de"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_NAME:
> mail.sys4.de"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "HTTPS"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "on"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTPS: on"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "REDIRECT_STATUS"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "200"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> "REDIRECT_STATUS: 200"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "SCRIPT_FILENAME"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var:
> "/cgi-bin/mailman/listinfo"



> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> "SCRIPT_FILENAME: /usr/lib/cgi-bin/mailman/listinfo"



> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "PATH_INFO"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "PATH_INFO: 
> /users"

[snipp]

> Thanks
>
> p at rick

I'am sure you have read this but I post it here as reminder ;-)

http://www.nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_split_path_info

Hth

Aleks


From ft at falkotimme.com  Thu Jun 14 09:16:57 2012
From: ft at falkotimme.com (Falko Timme)
Date: Thu, 14 Jun 2012 11:16:57 +0200
Subject: Running mailman within a domain
References: <20120613224300.GP18826@state-of-mind.de>
Message-ID: <C61AEFDB43C94BC4843CCCF99680DCD8@notebook>

Hi,

if you use Debian or Ubuntu, you can get nginx to work with Mailman as 
follows:

http://www.howtoforge.com/running-mailman-on-nginx-lemp-on-debian-squeeze-ubuntu-11.04-11.10

Best Regards,

Falko Timme

Ovelg?nner Weg 43
21335 L?neburg
Germany
Email: ft at falkotimme.com
URL: http://www.falkotimme.com

Projects:
Timme Hosting: https://timmehosting.de
ISPConfig: http://www.ispconfig.org
HowtoForge: http://www.howtoforge.com

----- Original Message ----- 
From: "Patrick Ben Koetter" <p at state-of-mind.de>
To: <nginx at nginx.org>
Sent: Thursday, June 14, 2012 12:43 AM
Subject: Running mailman within a domain


> Greetings,
>
> this is my first take at nginx. I try to add /cgi-bin/mailman/... to an
> existing server instance (mail.sys4.de). At the moment I can call scripts
> directly e.g. <https://mail.sys4.de/cgi-bin/mailman/listinfo> works.
>
> What I fail to accieve is getting access to lists e.g.
> <https://mail.sys4.de/cgi-bin/mailman/listinfo/users>. The Browser 
> receives a
> 403 and the fast_cgi wrapper reports:
>
>  Cannot chdir to script directory (/usr/lib/cgi-bin/mailman/listinfo)" 
> while
>  reading response header from upstream
>
>
> What is it I am doing wrong?
>
>
> This is my nginx configuration to include mailman into the website:
>
>        location /cgi-bin/mailman {
>               root /usr/lib/;
>               fastcgi_split_path_info (^/cgi-bin/mailman/[^/]*)(.*)$;
>               include /etc/nginx/fastcgi_params;
>               fastcgi_param SCRIPT_FILENAME 
> $document_root$fastcgi_script_name;
>               fastcgi_param PATH_INFO $fastcgi_path_info;
>               fastcgi_param PATH_TRANSLATED 
> $document_root$fastcgi_path_info;
>               fastcgi_intercept_errors off;
>               fastcgi_pass unix:/var/run/fcgiwrap.socket;
>        }
>        location /images/mailman {
>               alias /usr/share/images/mailman;
>        }
>        location /pipermail {
>               alias /var/lib/mailman/archives/public;
>               autoindex on;
>        }
>
> /etc/nginx/fastcgi_params contains these settings:
>
> fastcgi_param   QUERY_STRING            $query_string;
> fastcgi_param   REQUEST_METHOD          $request_method;
> fastcgi_param   CONTENT_TYPE            $content_type;
> fastcgi_param   CONTENT_LENGTH          $content_length;
>
> fastcgi_param   SCRIPT_FILENAME         $request_filename;
> fastcgi_param   SCRIPT_NAME             $fastcgi_script_name;
> fastcgi_param   REQUEST_URI             $request_uri;
> fastcgi_param   DOCUMENT_URI            $document_uri;
> fastcgi_param   DOCUMENT_ROOT           $document_root;
> fastcgi_param   SERVER_PROTOCOL         $server_protocol;
>
> fastcgi_param   GATEWAY_INTERFACE       CGI/1.1;
> fastcgi_param   SERVER_SOFTWARE         nginx/$nginx_version;
>
> fastcgi_param   REMOTE_ADDR             $remote_addr;
> fastcgi_param   REMOTE_PORT             $remote_port;
> fastcgi_param   SERVER_ADDR             $server_addr;
> fastcgi_param   SERVER_PORT             $server_port;
> fastcgi_param   SERVER_NAME             $server_name;
>
> fastcgi_param   HTTPS                   $https;
>
> # PHP only, required if PHP was built with --enable-force-cgi-redirect
> fastcgi_param   REDIRECT_STATUS         200;
>
>
>
> My error log gives this output:
>
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 0000000002292AB0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A62C0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 
> 00000000022A62C0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http empty handler
> 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 
> 0000000002292AB0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http keepalive handler
> 2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 00000000022C7AE0:1024
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_read: 1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_read: 404
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_read: -1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_get_error: 2
> 2012/06/14 00:39:48 [debug] 27873#0: *13 reusable connection: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 000000000224D310:1296
> 2012/06/14 00:39:48 [debug] 27873#0: *13 posix_memalign: 
> 000000000228B240:4096 @16
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http process request line
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http request line: "GET 
> /cgi-bin/mailman/listinfo/users HTTP/1.1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http uri: 
> "/cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http args: ""
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http exten: ""
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http process request header line
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Host: mail.sys4.de"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "User-Agent: 
> Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101 
> Firefox/13.0"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Accept: 
> text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Accept-Language: 
> de-de,de;q=0.8,en-us;q=0.5,en;q=0.3"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Accept-Encoding: 
> gzip, deflate"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "DNT: 1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Connection: 
> keep-alive"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Referer: 
> https://mail.sys4.de/cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header done
> 2012/06/14 00:39:48 [debug] 27873#0: *13 event timer del: 10: 
> 1339627243545
> 2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 rewrite phase: 1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script regex: "^/$"
> 2012/06/14 00:39:48 [notice] 27873#0: *13 "^/$" does not match 
> "/cgi-bin/mailman/listinfo/users", client: 178.27.33.0, server: 
> mail.sys4.de, request: "GET /cgi-bin/mailman/listinfo/users HTTP/1.1", 
> host: "mail.sys4.de", referrer: 
> "https://mail.sys4.de/cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 test location: "/images/mailman"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 test location: "/cgi-bin/mailman"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 using configuration 
> "/cgi-bin/mailman"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http cl:-1 max:1048576
> 2012/06/14 00:39:48 [debug] 27873#0: *13 rewrite phase: 3
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post rewrite phase: 4
> 2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 5
> 2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 6
> 2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 7
> 2012/06/14 00:39:48 [debug] 27873#0: *13 access phase: 8
> 2012/06/14 00:39:48 [debug] 27873#0: *13 access phase: 9
> 2012/06/14 00:39:48 [debug] 27873#0: *13 access phase: 10
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post access phase: 11
> 2012/06/14 00:39:48 [debug] 27873#0: *13 posix_memalign: 
> 00000000022D15A0:4096 @16
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http init upstream, client timer: 
> 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "QUERY_STRING"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "QUERY_STRING: "
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "REQUEST_METHOD"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "GET"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REQUEST_METHOD: 
> GET"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "CONTENT_TYPE"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "CONTENT_TYPE: "
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "CONTENT_LENGTH"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "CONTENT_LENGTH: "
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "SCRIPT_FILENAME"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: 
> "/usr/lib/cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SCRIPT_FILENAME: 
> /usr/lib/cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SCRIPT_NAME"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: 
> "/cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SCRIPT_NAME: 
> /cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REQUEST_URI"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: 
> "/cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REQUEST_URI: 
> /cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "DOCUMENT_URI"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: 
> "/cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "DOCUMENT_URI: 
> /cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "DOCUMENT_ROOT"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "DOCUMENT_ROOT: 
> /usr/lib"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "SERVER_PROTOCOL"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "HTTP/1.1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_PROTOCOL: 
> HTTP/1.1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "GATEWAY_INTERFACE"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "CGI/1.1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: 
> "GATEWAY_INTERFACE: CGI/1.1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "SERVER_SOFTWARE"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "nginx/"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "1.1.19"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_SOFTWARE: 
> nginx/1.1.19"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REMOTE_ADDR"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "178.27.33.0"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REMOTE_ADDR: 
> 178.27.33.0"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REMOTE_PORT"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "35670"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REMOTE_PORT: 
> 35670"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_ADDR"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "194.126.158.57"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_ADDR: 
> 194.126.158.57"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_PORT"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "443"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_PORT: 443"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_NAME"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "mail.sys4.de"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_NAME: 
> mail.sys4.de"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "HTTPS"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "on"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTPS: on"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "REDIRECT_STATUS"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "200"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REDIRECT_STATUS: 
> 200"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "SCRIPT_FILENAME"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: 
> "/cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SCRIPT_FILENAME: 
> /usr/lib/cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "PATH_INFO"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "PATH_INFO: 
> /users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: 
> "PATH_TRANSLATED"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "PATH_TRANSLATED: 
> /usr/lib/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_HOST: 
> mail.sys4.de"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_USER_AGENT: 
> Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101 
> Firefox/13.0"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_ACCEPT: 
> text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: 
> "HTTP_ACCEPT_LANGUAGE: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: 
> "HTTP_ACCEPT_ENCODING: gzip, deflate"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_DNT: 1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_CONNECTION: 
> keep-alive"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_REFERER: 
> https://mail.sys4.de/cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http cleanup add: 
> 00000000022D1C08
> 2012/06/14 00:39:48 [debug] 27873#0: *13 get rr peer, try: 1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 socket 12
> 2012/06/14 00:39:48 [debug] 27873#0: *13 epoll add connection: fd:12 
> ev:80000005
> 2012/06/14 00:39:48 [debug] 27873#0: *13 connect to 
> unix:/var/run/fcgiwrap.socket, fd:12 #15
> 2012/06/14 00:39:48 [debug] 27873#0: *13 connected
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream connect: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 posix_memalign: 
> 00000000022C7130:128 @16
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream send request
> 2012/06/14 00:39:48 [debug] 27873#0: *13 chain writer buf fl:0 s:1008
> 2012/06/14 00:39:48 [debug] 27873#0: *13 chain writer in: 00000000022D1C40
> 2012/06/14 00:39:48 [debug] 27873#0: *13 writev: 1008
> 2012/06/14 00:39:48 [debug] 27873#0: *13 chain writer out: 
> 0000000000000000
> 2012/06/14 00:39:48 [debug] 27873#0: *13 event timer add: 12: 
> 60000:1339627248804
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http finalize request: -4, 
> "/cgi-bin/mailman/listinfo/users?" a:1, c:2
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http request count:2 blk:0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A6328
> 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 
> 00000000022A6328
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: 
> "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream dummy handler
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A6328
> 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 
> 00000000022A6328
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: 
> "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream dummy handler
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 0000000002292B18
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A6328
> 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 
> 00000000022A6328
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: 
> "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream dummy handler
> 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 
> 0000000002292B18
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: 
> "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream process header
> 2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 00000000022525C0:4096
> 2012/06/14 00:39:48 [debug] 27873#0: *13 recv: fd:12 176 of 4096
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 07
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 45
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 03
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 69
> 2012/06/14 00:39:48 [error] 27873#0: *13 FastCGI sent in stderr: "Cannot 
> chdir to script directory (/usr/lib/cgi-bin/mailman/listinfo)" while 
> reading response header from upstream, client: 178.27.33.0, server: 
> mail.sys4.de, request: "GET /cgi-bin/mailman/listinfo/users HTTP/1.1", 
> upstream: "fastcgi://unix:/var/run/fcgiwrap.socket:", host: 
> "mail.sys4.de", referrer: "https://mail.sys4.de/cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 07
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 06
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 33
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 05
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 51
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi parser: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi header: "Status: 403 
> Forbidden"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi parser: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi header: 
> "Content-type: text/plain"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi parser: 1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi header done
> 2012/06/14 00:39:48 [debug] 27873#0: *13 xslt filter header
> 2012/06/14 00:39:48 [debug] 27873#0: *13 HTTP/1.1 403 Forbidden
> Server: nginx/1.1.19
> Date: Wed, 13 Jun 2012 22:39:48 GMT
> Content-Type: text/plain
> Transfer-Encoding: chunked
> Connection: keep-alive
>
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:1 f:0 
> 00000000022D1E90, pos 00000000022D1E90, size: 163 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter: l:0 f:0 s:163
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http cacheable: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream process upstream
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe read upstream: 1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe preread: 32
> 2012/06/14 00:39:48 [debug] 27873#0: *13 readv: 1:3920
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe recv chain: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe buf free s:0 t:1 f:0 
> 00000000022525C0, pos 0000000002252650, size: 32 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe length: -1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 input buf #0 0000000002252650
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 06
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi closed stdout
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 03
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 08
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 8
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi sent end request
> 2012/06/14 00:39:48 [debug] 27873#0: *13 input buf 0000000002252650 3
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe write downstream: 1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe write downstream flush in
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http output filter 
> "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: 
> "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 image filter
> 2012/06/14 00:39:48 [debug] 27873#0: *13 xslt filter body
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http postpone filter 
> "/cgi-bin/mailman/listinfo/users?" 00000000022D20A0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http chunk: 3
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 
> 00000000022D1E90, pos 00000000022D1E90, size: 163 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:1 f:0 
> 00000000022D2188, pos 00000000022D2188, size: 3 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:1 f:0 
> 00000000022525C0, pos 0000000002252650, size: 3 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:0 f:0 
> 0000000000000000, pos 000000000049DD7D, size: 2 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter: l:0 f:0 s:171
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: 0 
> "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe write downstream done
> 2012/06/14 00:39:48 [debug] 27873#0: *13 event timer: 12, old: 
> 1339627248804, new: 1339627248805
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream exit: 
> 0000000000000000
> 2012/06/14 00:39:48 [debug] 27873#0: *13 finalize http upstream request: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 finalize http fastcgi request
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free rr peer 1 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 close http upstream connection: 
> 12
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022C7130, unused: 
> 48
> 2012/06/14 00:39:48 [debug] 27873#0: *13 event timer del: 12: 
> 1339627248804
> 2012/06/14 00:39:48 [debug] 27873#0: *13 reusable connection: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream temp fd: -1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http output filter 
> "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: 
> "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 image filter
> 2012/06/14 00:39:48 [debug] 27873#0: *13 xslt filter body
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http postpone filter 
> "/cgi-bin/mailman/listinfo/users?" 00007FFF43D71E70
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http chunk: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 
> 00000000022D1E90, pos 00000000022D1E90, size: 163 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 
> 00000000022D2188, pos 00000000022D2188, size: 3 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 
> 00000000022525C0, pos 0000000002252650, size: 3 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:0 f:0 
> 0000000000000000, pos 000000000049DD7D, size: 2 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:0 f:0 
> 0000000000000000, pos 000000000049DD7A, size: 5 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter: l:1 f:0 s:176
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter limit 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 00000000022B9930:16384
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 163
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 3
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 3
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 2
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 5
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL to write: 176
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_write: 176
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter 
> 0000000000000000
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: 0 
> "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http finalize request: 0, 
> "/cgi-bin/mailman/listinfo/users?" a:1, c:1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 set http keepalive handler
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http close request
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http log handler
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022525C0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 000000000228B240, unused: 6
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022D15A0, unused: 
> 444
> 2012/06/14 00:39:48 [debug] 27873#0: *13 event timer add: 10: 
> 65000:1339627253805
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 000000000224D310
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022C7AE0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 hc free: 0000000000000000 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 hc busy: 0000000000000000 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022B9930
> 2012/06/14 00:39:48 [debug] 27873#0: *13 reusable connection: 1
>
> Thanks
>
> p at rick
>
>
> -- 
> state of mind ()
>
> http://www.state-of-mind.de
>
> Franziskanerstra?e 15      Telefon +49 89 3090 4664
> 81669 M?nchen              Telefax +49 89 3090 4666
>
> Amtsgericht M?nchen        Partnerschaftsregister PR 563
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx 


From p at state-of-mind.de  Thu Jun 14 10:45:34 2012
From: p at state-of-mind.de (Patrick Ben Koetter)
Date: Thu, 14 Jun 2012 12:45:34 +0200
Subject: Running mailman within a domain
In-Reply-To: <C61AEFDB43C94BC4843CCCF99680DCD8@notebook>
References: <20120613224300.GP18826@state-of-mind.de>
	<C61AEFDB43C94BC4843CCCF99680DCD8@notebook>
Message-ID: <20120614104533.GG2347@state-of-mind.de>

Hi Falko,

* Falko Timme <nginx at nginx.org>:
> if you use Debian or Ubuntu, you can get nginx to work with Mailman
> as follows:
> 
> http://www.howtoforge.com/running-mailman-on-nginx-lemp-on-debian-squeeze-ubuntu-11.04-11.10

I had already followed your HOWTO, but it doesn't seem to work for Ubuntu
12.04 LTS - at least not for me.

Any ideas how I could debug this better?

p at rick

> >this is my first take at nginx. I try to add /cgi-bin/mailman/... to an
> >existing server instance (mail.sys4.de). At the moment I can call scripts
> >directly e.g. <https://mail.sys4.de/cgi-bin/mailman/listinfo> works.
> >
> >What I fail to accieve is getting access to lists e.g.
> ><https://mail.sys4.de/cgi-bin/mailman/listinfo/users>. The Browser
> >receives a
> >403 and the fast_cgi wrapper reports:
> >
> > Cannot chdir to script directory
> >(/usr/lib/cgi-bin/mailman/listinfo)" while
> > reading response header from upstream
> >
> >
> >What is it I am doing wrong?
> >
> >
> >This is my nginx configuration to include mailman into the website:
> >
> >       location /cgi-bin/mailman {
> >              root /usr/lib/;
> >              fastcgi_split_path_info (^/cgi-bin/mailman/[^/]*)(.*)$;
> >              include /etc/nginx/fastcgi_params;
> >              fastcgi_param SCRIPT_FILENAME
> >$document_root$fastcgi_script_name;
> >              fastcgi_param PATH_INFO $fastcgi_path_info;
> >              fastcgi_param PATH_TRANSLATED
> >$document_root$fastcgi_path_info;
> >              fastcgi_intercept_errors off;
> >              fastcgi_pass unix:/var/run/fcgiwrap.socket;
> >       }
> >       location /images/mailman {
> >              alias /usr/share/images/mailman;
> >       }
> >       location /pipermail {
> >              alias /var/lib/mailman/archives/public;
> >              autoindex on;
> >       }
> >
> >/etc/nginx/fastcgi_params contains these settings:
> >
> >fastcgi_param   QUERY_STRING            $query_string;
> >fastcgi_param   REQUEST_METHOD          $request_method;
> >fastcgi_param   CONTENT_TYPE            $content_type;
> >fastcgi_param   CONTENT_LENGTH          $content_length;
> >
> >fastcgi_param   SCRIPT_FILENAME         $request_filename;
> >fastcgi_param   SCRIPT_NAME             $fastcgi_script_name;
> >fastcgi_param   REQUEST_URI             $request_uri;
> >fastcgi_param   DOCUMENT_URI            $document_uri;
> >fastcgi_param   DOCUMENT_ROOT           $document_root;
> >fastcgi_param   SERVER_PROTOCOL         $server_protocol;
> >
> >fastcgi_param   GATEWAY_INTERFACE       CGI/1.1;
> >fastcgi_param   SERVER_SOFTWARE         nginx/$nginx_version;
> >
> >fastcgi_param   REMOTE_ADDR             $remote_addr;
> >fastcgi_param   REMOTE_PORT             $remote_port;
> >fastcgi_param   SERVER_ADDR             $server_addr;
> >fastcgi_param   SERVER_PORT             $server_port;
> >fastcgi_param   SERVER_NAME             $server_name;
> >
> >fastcgi_param   HTTPS                   $https;
> >
> ># PHP only, required if PHP was built with --enable-force-cgi-redirect
> >fastcgi_param   REDIRECT_STATUS         200;
> >
> >
> >
> >My error log gives this output:
> >
> >2012/06/14 00:39:48 [debug] 27873#0: *13 post event 0000000002292AB0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A62C0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event
> >00000000022A62C0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http empty handler
> >2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event
> >0000000002292AB0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http keepalive handler
> >2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 00000000022C7AE0:1024
> >2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_read: 1
> >2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_read: 404
> >2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_read: -1
> >2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_get_error: 2
> >2012/06/14 00:39:48 [debug] 27873#0: *13 reusable connection: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 000000000224D310:1296
> >2012/06/14 00:39:48 [debug] 27873#0: *13 posix_memalign:
> >000000000228B240:4096 @16
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http process request line
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http request line: "GET
> >/cgi-bin/mailman/listinfo/users HTTP/1.1"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http uri:
> >"/cgi-bin/mailman/listinfo/users"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http args: ""
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http exten: ""
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http process request header line
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Host: mail.sys4.de"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "User-Agent:
> >Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101
> >Firefox/13.0"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Accept:
> >text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http header:
> >"Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http header:
> >"Accept-Encoding: gzip, deflate"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "DNT: 1"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Connection:
> >keep-alive"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Referer:
> >https://mail.sys4.de/cgi-bin/mailman/listinfo"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http header done
> >2012/06/14 00:39:48 [debug] 27873#0: *13 event timer del: 10:
> >1339627243545
> >2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 rewrite phase: 1
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script regex: "^/$"
> >2012/06/14 00:39:48 [notice] 27873#0: *13 "^/$" does not match
> >"/cgi-bin/mailman/listinfo/users", client: 178.27.33.0, server:
> >mail.sys4.de, request: "GET /cgi-bin/mailman/listinfo/users
> >HTTP/1.1", host: "mail.sys4.de", referrer:
> >"https://mail.sys4.de/cgi-bin/mailman/listinfo"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 test location: "/images/mailman"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 test location: "/cgi-bin/mailman"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 using configuration
> >"/cgi-bin/mailman"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http cl:-1 max:1048576
> >2012/06/14 00:39:48 [debug] 27873#0: *13 rewrite phase: 3
> >2012/06/14 00:39:48 [debug] 27873#0: *13 post rewrite phase: 4
> >2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 5
> >2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 6
> >2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 7
> >2012/06/14 00:39:48 [debug] 27873#0: *13 access phase: 8
> >2012/06/14 00:39:48 [debug] 27873#0: *13 access phase: 9
> >2012/06/14 00:39:48 [debug] 27873#0: *13 access phase: 10
> >2012/06/14 00:39:48 [debug] 27873#0: *13 post access phase: 11
> >2012/06/14 00:39:48 [debug] 27873#0: *13 posix_memalign:
> >00000000022D15A0:4096 @16
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http init upstream,
> >client timer: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "QUERY_STRING"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "QUERY_STRING: "
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy:
> >"REQUEST_METHOD"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "GET"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"REQUEST_METHOD: GET"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "CONTENT_TYPE"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "CONTENT_TYPE: "
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy:
> >"CONTENT_LENGTH"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "CONTENT_LENGTH: "
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy:
> >"SCRIPT_FILENAME"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var:
> >"/usr/lib/cgi-bin/mailman/listinfo/users"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"SCRIPT_FILENAME: /usr/lib/cgi-bin/mailman/listinfo/users"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SCRIPT_NAME"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var:
> >"/cgi-bin/mailman/listinfo"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"SCRIPT_NAME: /cgi-bin/mailman/listinfo"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REQUEST_URI"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var:
> >"/cgi-bin/mailman/listinfo/users"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"REQUEST_URI: /cgi-bin/mailman/listinfo/users"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "DOCUMENT_URI"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var:
> >"/cgi-bin/mailman/listinfo/users"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"DOCUMENT_URI: /cgi-bin/mailman/listinfo/users"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "DOCUMENT_ROOT"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"DOCUMENT_ROOT: /usr/lib"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy:
> >"SERVER_PROTOCOL"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "HTTP/1.1"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"SERVER_PROTOCOL: HTTP/1.1"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy:
> >"GATEWAY_INTERFACE"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "CGI/1.1"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"GATEWAY_INTERFACE: CGI/1.1"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy:
> >"SERVER_SOFTWARE"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "nginx/"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "1.1.19"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"SERVER_SOFTWARE: nginx/1.1.19"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REMOTE_ADDR"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "178.27.33.0"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"REMOTE_ADDR: 178.27.33.0"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REMOTE_PORT"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "35670"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"REMOTE_PORT: 35670"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_ADDR"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "194.126.158.57"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"SERVER_ADDR: 194.126.158.57"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_PORT"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "443"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_PORT: 443"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_NAME"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "mail.sys4.de"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"SERVER_NAME: mail.sys4.de"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "HTTPS"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "on"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTPS: on"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy:
> >"REDIRECT_STATUS"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "200"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"REDIRECT_STATUS: 200"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy:
> >"SCRIPT_FILENAME"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var:
> >"/cgi-bin/mailman/listinfo"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"SCRIPT_FILENAME: /usr/lib/cgi-bin/mailman/listinfo"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "PATH_INFO"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/users"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"PATH_INFO: /users"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy:
> >"PATH_TRANSLATED"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/users"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"PATH_TRANSLATED: /usr/lib/users"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"HTTP_HOST: mail.sys4.de"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"HTTP_USER_AGENT: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0)
> >Gecko/20100101 Firefox/13.0"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"HTTP_ACCEPT:
> >text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"HTTP_ACCEPT_LANGUAGE: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"HTTP_ACCEPT_ENCODING: gzip, deflate"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_DNT: 1"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"HTTP_CONNECTION: keep-alive"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param:
> >"HTTP_REFERER: https://mail.sys4.de/cgi-bin/mailman/listinfo"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http cleanup add:
> >00000000022D1C08
> >2012/06/14 00:39:48 [debug] 27873#0: *13 get rr peer, try: 1
> >2012/06/14 00:39:48 [debug] 27873#0: *13 socket 12
> >2012/06/14 00:39:48 [debug] 27873#0: *13 epoll add connection:
> >fd:12 ev:80000005
> >2012/06/14 00:39:48 [debug] 27873#0: *13 connect to
> >unix:/var/run/fcgiwrap.socket, fd:12 #15
> >2012/06/14 00:39:48 [debug] 27873#0: *13 connected
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream connect: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 posix_memalign:
> >00000000022C7130:128 @16
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream send request
> >2012/06/14 00:39:48 [debug] 27873#0: *13 chain writer buf fl:0 s:1008
> >2012/06/14 00:39:48 [debug] 27873#0: *13 chain writer in: 00000000022D1C40
> >2012/06/14 00:39:48 [debug] 27873#0: *13 writev: 1008
> >2012/06/14 00:39:48 [debug] 27873#0: *13 chain writer out:
> >0000000000000000
> >2012/06/14 00:39:48 [debug] 27873#0: *13 event timer add: 12:
> >60000:1339627248804
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http finalize request:
> >-4, "/cgi-bin/mailman/listinfo/users?" a:1, c:2
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http request count:2 blk:0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A6328
> >2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event
> >00000000022A6328
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request:
> >"/cgi-bin/mailman/listinfo/users?"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream dummy handler
> >2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A6328
> >2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event
> >00000000022A6328
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request:
> >"/cgi-bin/mailman/listinfo/users?"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream dummy handler
> >2012/06/14 00:39:48 [debug] 27873#0: *13 post event 0000000002292B18
> >2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A6328
> >2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event
> >00000000022A6328
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request:
> >"/cgi-bin/mailman/listinfo/users?"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream dummy handler
> >2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event
> >0000000002292B18
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request:
> >"/cgi-bin/mailman/listinfo/users?"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream process header
> >2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 00000000022525C0:4096
> >2012/06/14 00:39:48 [debug] 27873#0: *13 recv: fd:12 176 of 4096
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 07
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 45
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 03
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 69
> >2012/06/14 00:39:48 [error] 27873#0: *13 FastCGI sent in stderr:
> >"Cannot chdir to script directory
> >(/usr/lib/cgi-bin/mailman/listinfo)" while reading response header
> >from upstream, client: 178.27.33.0, server: mail.sys4.de, request:
> >"GET /cgi-bin/mailman/listinfo/users HTTP/1.1", upstream:
> >"fastcgi://unix:/var/run/fcgiwrap.socket:", host: "mail.sys4.de",
> >referrer: "https://mail.sys4.de/cgi-bin/mailman/listinfo"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 07
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 06
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 33
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 05
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 51
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi parser: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi header:
> >"Status: 403 Forbidden"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi parser: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi header:
> >"Content-type: text/plain"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi parser: 1
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi header done
> >2012/06/14 00:39:48 [debug] 27873#0: *13 xslt filter header
> >2012/06/14 00:39:48 [debug] 27873#0: *13 HTTP/1.1 403 Forbidden
> >Server: nginx/1.1.19
> >Date: Wed, 13 Jun 2012 22:39:48 GMT
> >Content-Type: text/plain
> >Transfer-Encoding: chunked
> >Connection: keep-alive
> >
> >2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:1 f:0
> >00000000022D1E90, pos 00000000022D1E90, size: 163 file: 0, size: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter: l:0 f:0 s:163
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http cacheable: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream process upstream
> >2012/06/14 00:39:48 [debug] 27873#0: *13 pipe read upstream: 1
> >2012/06/14 00:39:48 [debug] 27873#0: *13 pipe preread: 32
> >2012/06/14 00:39:48 [debug] 27873#0: *13 readv: 1:3920
> >2012/06/14 00:39:48 [debug] 27873#0: *13 pipe recv chain: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 pipe buf free s:0 t:1 f:0
> >00000000022525C0, pos 0000000002252650, size: 32 file: 0, size: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 pipe length: -1
> >2012/06/14 00:39:48 [debug] 27873#0: *13 input buf #0 0000000002252650
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 06
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi closed stdout
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 03
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 08
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 8
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi sent end request
> >2012/06/14 00:39:48 [debug] 27873#0: *13 input buf 0000000002252650 3
> >2012/06/14 00:39:48 [debug] 27873#0: *13 pipe write downstream: 1
> >2012/06/14 00:39:48 [debug] 27873#0: *13 pipe write downstream flush in
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http output filter
> >"/cgi-bin/mailman/listinfo/users?"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter:
> >"/cgi-bin/mailman/listinfo/users?"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 image filter
> >2012/06/14 00:39:48 [debug] 27873#0: *13 xslt filter body
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http postpone filter
> >"/cgi-bin/mailman/listinfo/users?" 00000000022D20A0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http chunk: 3
> >2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0
> >00000000022D1E90, pos 00000000022D1E90, size: 163 file: 0, size: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:1 f:0
> >00000000022D2188, pos 00000000022D2188, size: 3 file: 0, size: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:1 f:0
> >00000000022525C0, pos 0000000002252650, size: 3 file: 0, size: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:0 f:0
> >0000000000000000, pos 000000000049DD7D, size: 2 file: 0, size: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter: l:0 f:0 s:171
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: 0
> >"/cgi-bin/mailman/listinfo/users?"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 pipe write downstream done
> >2012/06/14 00:39:48 [debug] 27873#0: *13 event timer: 12, old:
> >1339627248804, new: 1339627248805
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream exit:
> >0000000000000000
> >2012/06/14 00:39:48 [debug] 27873#0: *13 finalize http upstream request: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 finalize http fastcgi request
> >2012/06/14 00:39:48 [debug] 27873#0: *13 free rr peer 1 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 close http upstream
> >connection: 12
> >2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022C7130,
> >unused: 48
> >2012/06/14 00:39:48 [debug] 27873#0: *13 event timer del: 12:
> >1339627248804
> >2012/06/14 00:39:48 [debug] 27873#0: *13 reusable connection: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream temp fd: -1
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http output filter
> >"/cgi-bin/mailman/listinfo/users?"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter:
> >"/cgi-bin/mailman/listinfo/users?"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 image filter
> >2012/06/14 00:39:48 [debug] 27873#0: *13 xslt filter body
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http postpone filter
> >"/cgi-bin/mailman/listinfo/users?" 00007FFF43D71E70
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http chunk: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0
> >00000000022D1E90, pos 00000000022D1E90, size: 163 file: 0, size: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0
> >00000000022D2188, pos 00000000022D2188, size: 3 file: 0, size: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0
> >00000000022525C0, pos 0000000002252650, size: 3 file: 0, size: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:0 f:0
> >0000000000000000, pos 000000000049DD7D, size: 2 file: 0, size: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:0 f:0
> >0000000000000000, pos 000000000049DD7A, size: 5 file: 0, size: 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter: l:1 f:0 s:176
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter limit 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 00000000022B9930:16384
> >2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 163
> >2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 3
> >2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 3
> >2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 2
> >2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 5
> >2012/06/14 00:39:48 [debug] 27873#0: *13 SSL to write: 176
> >2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_write: 176
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter
> >0000000000000000
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: 0
> >"/cgi-bin/mailman/listinfo/users?"
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http finalize request: 0,
> >"/cgi-bin/mailman/listinfo/users?" a:1, c:1
> >2012/06/14 00:39:48 [debug] 27873#0: *13 set http keepalive handler
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http close request
> >2012/06/14 00:39:48 [debug] 27873#0: *13 http log handler
> >2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022525C0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 free: 000000000228B240, unused: 6
> >2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022D15A0,
> >unused: 444
> >2012/06/14 00:39:48 [debug] 27873#0: *13 event timer add: 10:
> >65000:1339627253805
> >2012/06/14 00:39:48 [debug] 27873#0: *13 free: 000000000224D310
> >2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022C7AE0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 hc free: 0000000000000000 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 hc busy: 0000000000000000 0
> >2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022B9930
> >2012/06/14 00:39:48 [debug] 27873#0: *13 reusable connection: 1
> >
> >Thanks
> >
> >p at rick
> >
> >
> >-- 
> >state of mind ()
> >
> >http://www.state-of-mind.de
> >
> >Franziskanerstra?e 15      Telefon +49 89 3090 4664
> >81669 M?nchen              Telefax +49 89 3090 4666
> >
> >Amtsgericht M?nchen        Partnerschaftsregister PR 563
> >
> >_______________________________________________
> >nginx mailing list
> >nginx at nginx.org
> >http://mailman.nginx.org/mailman/listinfo/nginx
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

-- 
state of mind ()

http://www.state-of-mind.de

Franziskanerstra?e 15      Telefon +49 89 3090 4664
81669 M?nchen              Telefax +49 89 3090 4666

Amtsgericht M?nchen        Partnerschaftsregister PR 563


From p at state-of-mind.de  Thu Jun 14 11:18:05 2012
From: p at state-of-mind.de (Patrick Ben Koetter)
Date: Thu, 14 Jun 2012 13:18:05 +0200
Subject: Running mailman within a domain
In-Reply-To: <fe75588e74857fe80e950cf5ef9f5dff@none.at>
References: <20120613224300.GP18826@state-of-mind.de>
	<fe75588e74857fe80e950cf5ef9f5dff@none.at>
Message-ID: <20120614111805.GI2347@state-of-mind.de>

Hi Aleksandar,

* Aleksandar Lazic <nginx at nginx.org>:
> Hi Patrick,

we seem to meet on the same lists, do we? :)


> On 14-06-2012 00:43, Patrick Ben Koetter wrote:
> >this is my first take at nginx. I try to add /cgi-bin/mailman/... to an
> >existing server instance (mail.sys4.de). At the moment I can call scripts
> >directly e.g. <https://mail.sys4.de/cgi-bin/mailman/listinfo> works.
> >
> >What I fail to accieve is getting access to lists e.g.
> ><https://mail.sys4.de/cgi-bin/mailman/listinfo/users>. The Browser receives
> >a 403 and the fast_cgi wrapper reports:
> >
> >  Cannot chdir to script directory
> >(/usr/lib/cgi-bin/mailman/listinfo)" while reading response header from
> >upstream
> >
> >
> >What is it I am doing wrong?
> 
> I don't know too much about mailman, so I try to guess.
> 
> The
> 
> /usr/lib/cgi-bin/mailman
> 
> is the script which should be executed right?

Nope. It would be this:

/usr/lib/cgi-bin/mailman/<script>/<mailinglist>


> /listinfo
> &
> /listinfo/users
> 
> should be the path info, right?

I'd say it should be 'users' only.


> >This is my nginx configuration to include mailman into the website:
> >
> >        location /cgi-bin/mailman {
> >               root /usr/lib/;
> 
> my suggestion:
> -                fastcgi_split_path_info
> (^/cgi-bin/mailman/[^/]*)(.*)$;
> +                fastcgi_split_path_info (^/cgi-bin/mailman)/(.*)$;
> >               include /etc/nginx/fastcgi_params;
> >               fastcgi_param SCRIPT_FILENAME
> >$document_root$fastcgi_script_name;
> >               fastcgi_param PATH_INFO $fastcgi_path_info;
> >               fastcgi_param PATH_TRANSLATED
> >$document_root$fastcgi_path_info;
> >               fastcgi_intercept_errors off;
> >               fastcgi_pass unix:/var/run/fcgiwrap.socket;
> >        }
> >        location /images/mailman {
> >               alias /usr/share/images/mailman;
> >        }
> >        location /pipermail {
> >               alias /var/lib/mailman/archives/public;
> >               autoindex on;
> >        }
> 
> output of pcretest
> 
> ###
>   re> |(^/cgi-bin/mailman)/(.*)$|
> data> /cgi-bin/mailman/listinfo
>  0: /cgi-bin/mailman/listinfo
>  1: /cgi-bin/mailman
>  2: listinfo
> data> /cgi-bin/mailman/listinfo/users
>  0: /cgi-bin/mailman/listinfo/users
>  1: /cgi-bin/mailman
>  2: listinfo/users
> ###


pcretest 
PCRE version 7.8 2008-09-05

  re> |(^/cgi-bin/mailman/[^/]*)(.*)$|
data> /cgi-bin/mailman/listinfo
 0: /cgi-bin/mailman/listinfo
 1: /cgi-bin/mailman/listinfo
 2: 
data> /cgi-bin/mailman/listinfo/users
 0: /cgi-bin/mailman/listinfo/users
 1: /cgi-bin/mailman/listinfo
 2: /users

Looks to me as if the leading / at users was wrong.


> I'am sure you have read this but I post it here as reminder ;-)
> 
> http://www.nginx.org/en/docs/http/ngx_http_fastcgi_module.html#fastcgi_split_path_info

Thx. Read it now.

p@

-- 
state of mind ()

http://www.state-of-mind.de

Franziskanerstra?e 15      Telefon +49 89 3090 4664
81669 M?nchen              Telefax +49 89 3090 4666

Amtsgericht M?nchen        Partnerschaftsregister PR 563


From sb at waeme.net  Thu Jun 14 13:27:09 2012
From: sb at waeme.net (Sergey Budnevitch)
Date: Thu, 14 Jun 2012 17:27:09 +0400
Subject: Running mailman within a domain
In-Reply-To: <20120613224300.GP18826@state-of-mind.de>
References: <20120613224300.GP18826@state-of-mind.de>
Message-ID: <BA30F8FD-0DBA-4176-BAC8-E59C8C7FD77F@waeme.net>


On 14.06.2012, at 2:43, Patrick Ben Koetter wrote:

> Greetings,
> 
> this is my first take at nginx. I try to add /cgi-bin/mailman/... to an
> existing server instance (mail.sys4.de). At the moment I can call scripts
> directly e.g. <https://mail.sys4.de/cgi-bin/mailman/listinfo> works.
> 
> What I fail to accieve is getting access to lists e.g.
> <https://mail.sys4.de/cgi-bin/mailman/listinfo/users>. The Browser receives a
> 403 and the fast_cgi wrapper reports:
> 
>  Cannot chdir to script directory (/usr/lib/cgi-bin/mailman/listinfo)" while
>  reading response header from upstream

Could you create /usr/lib/cgi-bin/mailman/printenv script with the following content:

#!/usr/bin/perl
print "Content-type: text/plain\n\n";
foreach $var (sort(keys(%ENV))) {
    $val = $ENV{$var};
    print "${var}=\"${val}\"\n";
}

Then run chmod +x /usr/lib/cgi-bin/mailman/printenv
and send result of the query http://mail.sys4.de/cgi-bin/mailman/printenv/blah-blah-blah.
If your config is correct, there should be
SCRIPT_FILENAME="/usr/lib/cgi-bin/mailman/printenv"
PATH_INFO="/blah-blah-blah"

BTW PATH_TRANSLATED in your config is unnecessary and erroneous.


> 
> 
> What is it I am doing wrong?
> 
> 
> This is my nginx configuration to include mailman into the website:
> 
>        location /cgi-bin/mailman {
>               root /usr/lib/;
>               fastcgi_split_path_info (^/cgi-bin/mailman/[^/]*)(.*)$;
>               include /etc/nginx/fastcgi_params;
>               fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
>               fastcgi_param PATH_INFO $fastcgi_path_info;
>               fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
>               fastcgi_intercept_errors off;
>               fastcgi_pass unix:/var/run/fcgiwrap.socket;
>        }
>        location /images/mailman {
>               alias /usr/share/images/mailman;
>        }
>        location /pipermail {
>               alias /var/lib/mailman/archives/public;
>               autoindex on;
>        }
> 
> /etc/nginx/fastcgi_params contains these settings:
> 
> fastcgi_param   QUERY_STRING            $query_string;
> fastcgi_param   REQUEST_METHOD          $request_method;
> fastcgi_param   CONTENT_TYPE            $content_type;
> fastcgi_param   CONTENT_LENGTH          $content_length;
> 
> fastcgi_param   SCRIPT_FILENAME         $request_filename;
> fastcgi_param   SCRIPT_NAME             $fastcgi_script_name;
> fastcgi_param   REQUEST_URI             $request_uri;
> fastcgi_param   DOCUMENT_URI            $document_uri;
> fastcgi_param   DOCUMENT_ROOT           $document_root;
> fastcgi_param   SERVER_PROTOCOL         $server_protocol;
> 
> fastcgi_param   GATEWAY_INTERFACE       CGI/1.1;
> fastcgi_param   SERVER_SOFTWARE         nginx/$nginx_version;
> 
> fastcgi_param   REMOTE_ADDR             $remote_addr;
> fastcgi_param   REMOTE_PORT             $remote_port;
> fastcgi_param   SERVER_ADDR             $server_addr;
> fastcgi_param   SERVER_PORT             $server_port;
> fastcgi_param   SERVER_NAME             $server_name;
> 
> fastcgi_param   HTTPS                   $https;
> 
> # PHP only, required if PHP was built with --enable-force-cgi-redirect
> fastcgi_param   REDIRECT_STATUS         200;
> 
> 
> 
> My error log gives this output:
> 
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 0000000002292AB0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A62C0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 00000000022A62C0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http empty handler
> 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 0000000002292AB0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http keepalive handler
> 2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 00000000022C7AE0:1024
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_read: 1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_read: 404
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_read: -1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_get_error: 2
> 2012/06/14 00:39:48 [debug] 27873#0: *13 reusable connection: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 000000000224D310:1296
> 2012/06/14 00:39:48 [debug] 27873#0: *13 posix_memalign: 000000000228B240:4096 @16
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http process request line
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http request line: "GET /cgi-bin/mailman/listinfo/users HTTP/1.1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http uri: "/cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http args: ""
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http exten: ""
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http process request header line
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Host: mail.sys4.de"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101 Firefox/13.0"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Accept-Encoding: gzip, deflate"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "DNT: 1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Connection: keep-alive"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Referer: https://mail.sys4.de/cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http header done
> 2012/06/14 00:39:48 [debug] 27873#0: *13 event timer del: 10: 1339627243545
> 2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 rewrite phase: 1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script regex: "^/$"
> 2012/06/14 00:39:48 [notice] 27873#0: *13 "^/$" does not match "/cgi-bin/mailman/listinfo/users", client: 178.27.33.0, server: mail.sys4.de, request: "GET /cgi-bin/mailman/listinfo/users HTTP/1.1", host: "mail.sys4.de", referrer: "https://mail.sys4.de/cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 test location: "/images/mailman"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 test location: "/cgi-bin/mailman"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 using configuration "/cgi-bin/mailman"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http cl:-1 max:1048576
> 2012/06/14 00:39:48 [debug] 27873#0: *13 rewrite phase: 3
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post rewrite phase: 4
> 2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 5
> 2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 6
> 2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 7
> 2012/06/14 00:39:48 [debug] 27873#0: *13 access phase: 8
> 2012/06/14 00:39:48 [debug] 27873#0: *13 access phase: 9
> 2012/06/14 00:39:48 [debug] 27873#0: *13 access phase: 10
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post access phase: 11
> 2012/06/14 00:39:48 [debug] 27873#0: *13 posix_memalign: 00000000022D15A0:4096 @16
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http init upstream, client timer: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "QUERY_STRING"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "QUERY_STRING: "
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REQUEST_METHOD"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "GET"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REQUEST_METHOD: GET"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "CONTENT_TYPE"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "CONTENT_TYPE: "
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "CONTENT_LENGTH"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "CONTENT_LENGTH: "
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SCRIPT_FILENAME"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib/cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SCRIPT_FILENAME: /usr/lib/cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SCRIPT_NAME"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SCRIPT_NAME: /cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REQUEST_URI"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REQUEST_URI: /cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "DOCUMENT_URI"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "DOCUMENT_URI: /cgi-bin/mailman/listinfo/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "DOCUMENT_ROOT"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "DOCUMENT_ROOT: /usr/lib"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_PROTOCOL"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "HTTP/1.1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_PROTOCOL: HTTP/1.1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "GATEWAY_INTERFACE"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "CGI/1.1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "GATEWAY_INTERFACE: CGI/1.1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_SOFTWARE"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "nginx/"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "1.1.19"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_SOFTWARE: nginx/1.1.19"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REMOTE_ADDR"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "178.27.33.0"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REMOTE_ADDR: 178.27.33.0"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REMOTE_PORT"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "35670"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REMOTE_PORT: 35670"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_ADDR"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "194.126.158.57"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_ADDR: 194.126.158.57"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_PORT"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "443"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_PORT: 443"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_NAME"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "mail.sys4.de"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_NAME: mail.sys4.de"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "HTTPS"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "on"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTPS: on"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REDIRECT_STATUS"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "200"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REDIRECT_STATUS: 200"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SCRIPT_FILENAME"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SCRIPT_FILENAME: /usr/lib/cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "PATH_INFO"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "PATH_INFO: /users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "PATH_TRANSLATED"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "PATH_TRANSLATED: /usr/lib/users"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_HOST: mail.sys4.de"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_USER_AGENT: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101 Firefox/13.0"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_ACCEPT_LANGUAGE: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_ACCEPT_ENCODING: gzip, deflate"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_DNT: 1"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_CONNECTION: keep-alive"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_REFERER: https://mail.sys4.de/cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http cleanup add: 00000000022D1C08
> 2012/06/14 00:39:48 [debug] 27873#0: *13 get rr peer, try: 1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 socket 12
> 2012/06/14 00:39:48 [debug] 27873#0: *13 epoll add connection: fd:12 ev:80000005
> 2012/06/14 00:39:48 [debug] 27873#0: *13 connect to unix:/var/run/fcgiwrap.socket, fd:12 #15
> 2012/06/14 00:39:48 [debug] 27873#0: *13 connected
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream connect: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 posix_memalign: 00000000022C7130:128 @16
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream send request
> 2012/06/14 00:39:48 [debug] 27873#0: *13 chain writer buf fl:0 s:1008
> 2012/06/14 00:39:48 [debug] 27873#0: *13 chain writer in: 00000000022D1C40
> 2012/06/14 00:39:48 [debug] 27873#0: *13 writev: 1008
> 2012/06/14 00:39:48 [debug] 27873#0: *13 chain writer out: 0000000000000000
> 2012/06/14 00:39:48 [debug] 27873#0: *13 event timer add: 12: 60000:1339627248804
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http finalize request: -4, "/cgi-bin/mailman/listinfo/users?" a:1, c:2
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http request count:2 blk:0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A6328
> 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 00000000022A6328
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream dummy handler
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A6328
> 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 00000000022A6328
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream dummy handler
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 0000000002292B18
> 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A6328
> 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 00000000022A6328
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream dummy handler
> 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 0000000002292B18
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream process header
> 2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 00000000022525C0:4096
> 2012/06/14 00:39:48 [debug] 27873#0: *13 recv: fd:12 176 of 4096
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 07
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 45
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 03
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 69
> 2012/06/14 00:39:48 [error] 27873#0: *13 FastCGI sent in stderr: "Cannot chdir to script directory (/usr/lib/cgi-bin/mailman/listinfo)" while reading response header from upstream, client: 178.27.33.0, server: mail.sys4.de, request: "GET /cgi-bin/mailman/listinfo/users HTTP/1.1", upstream: "fastcgi://unix:/var/run/fcgiwrap.socket:", host: "mail.sys4.de", referrer: "https://mail.sys4.de/cgi-bin/mailman/listinfo"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 07
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 06
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 33
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 05
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 51
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi parser: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi header: "Status: 403 Forbidden"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi parser: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi header: "Content-type: text/plain"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi parser: 1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi header done
> 2012/06/14 00:39:48 [debug] 27873#0: *13 xslt filter header
> 2012/06/14 00:39:48 [debug] 27873#0: *13 HTTP/1.1 403 Forbidden
> Server: nginx/1.1.19
> Date: Wed, 13 Jun 2012 22:39:48 GMT
> Content-Type: text/plain
> Transfer-Encoding: chunked
> Connection: keep-alive
> 
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:1 f:0 00000000022D1E90, pos 00000000022D1E90, size: 163 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter: l:0 f:0 s:163
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http cacheable: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream process upstream
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe read upstream: 1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe preread: 32
> 2012/06/14 00:39:48 [debug] 27873#0: *13 readv: 1:3920
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe recv chain: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe buf free s:0 t:1 f:0 00000000022525C0, pos 0000000002252650, size: 32 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe length: -1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 input buf #0 0000000002252650
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 06
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi closed stdout
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 03
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 08
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 8
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi sent end request
> 2012/06/14 00:39:48 [debug] 27873#0: *13 input buf 0000000002252650 3
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe write downstream: 1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe write downstream flush in
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http output filter "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 image filter
> 2012/06/14 00:39:48 [debug] 27873#0: *13 xslt filter body
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http postpone filter "/cgi-bin/mailman/listinfo/users?" 00000000022D20A0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http chunk: 3
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 00000000022D1E90, pos 00000000022D1E90, size: 163 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:1 f:0 00000000022D2188, pos 00000000022D2188, size: 3 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:1 f:0 00000000022525C0, pos 0000000002252650, size: 3 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:0 f:0 0000000000000000, pos 000000000049DD7D, size: 2 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter: l:0 f:0 s:171
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: 0 "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe write downstream done
> 2012/06/14 00:39:48 [debug] 27873#0: *13 event timer: 12, old: 1339627248804, new: 1339627248805
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream exit: 0000000000000000
> 2012/06/14 00:39:48 [debug] 27873#0: *13 finalize http upstream request: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 finalize http fastcgi request
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free rr peer 1 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 close http upstream connection: 12
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022C7130, unused: 48
> 2012/06/14 00:39:48 [debug] 27873#0: *13 event timer del: 12: 1339627248804
> 2012/06/14 00:39:48 [debug] 27873#0: *13 reusable connection: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream temp fd: -1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http output filter "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 image filter
> 2012/06/14 00:39:48 [debug] 27873#0: *13 xslt filter body
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http postpone filter "/cgi-bin/mailman/listinfo/users?" 00007FFF43D71E70
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http chunk: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 00000000022D1E90, pos 00000000022D1E90, size: 163 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 00000000022D2188, pos 00000000022D2188, size: 3 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 00000000022525C0, pos 0000000002252650, size: 3 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:0 f:0 0000000000000000, pos 000000000049DD7D, size: 2 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:0 f:0 0000000000000000, pos 000000000049DD7A, size: 5 file: 0, size: 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter: l:1 f:0 s:176
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter limit 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 00000000022B9930:16384
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 163
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 3
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 3
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 2
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 5
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL to write: 176
> 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_write: 176
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter 0000000000000000
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: 0 "/cgi-bin/mailman/listinfo/users?"
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http finalize request: 0, "/cgi-bin/mailman/listinfo/users?" a:1, c:1
> 2012/06/14 00:39:48 [debug] 27873#0: *13 set http keepalive handler
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http close request
> 2012/06/14 00:39:48 [debug] 27873#0: *13 http log handler
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022525C0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 000000000228B240, unused: 6
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022D15A0, unused: 444
> 2012/06/14 00:39:48 [debug] 27873#0: *13 event timer add: 10: 65000:1339627253805
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 000000000224D310
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022C7AE0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 hc free: 0000000000000000 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 hc busy: 0000000000000000 0
> 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022B9930
> 2012/06/14 00:39:48 [debug] 27873#0: *13 reusable connection: 1
> 
> Thanks
> 
> p at rick
> 
> 
> -- 
> state of mind ()
> 
> http://www.state-of-mind.de
> 
> Franziskanerstra?e 15      Telefon +49 89 3090 4664
> 81669 M?nchen              Telefax +49 89 3090 4666
> 
> Amtsgericht M?nchen        Partnerschaftsregister PR 563
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From p at state-of-mind.de  Thu Jun 14 13:29:04 2012
From: p at state-of-mind.de (Patrick Ben Koetter)
Date: Thu, 14 Jun 2012 15:29:04 +0200
Subject: Running mailman within a domain
In-Reply-To: <BA30F8FD-0DBA-4176-BAC8-E59C8C7FD77F@waeme.net>
References: <20120613224300.GP18826@state-of-mind.de>
	<BA30F8FD-0DBA-4176-BAC8-E59C8C7FD77F@waeme.net>
Message-ID: <20120614132903.GT2347@state-of-mind.de>

* Sergey Budnevitch <nginx at nginx.org>:
> 
> On 14.06.2012, at 2:43, Patrick Ben Koetter wrote:
> 
> > Greetings,
> > 
> > this is my first take at nginx. I try to add /cgi-bin/mailman/... to an
> > existing server instance (mail.sys4.de). At the moment I can call scripts
> > directly e.g. <https://mail.sys4.de/cgi-bin/mailman/listinfo> works.
> > 
> > What I fail to accieve is getting access to lists e.g.
> > <https://mail.sys4.de/cgi-bin/mailman/listinfo/users>. The Browser receives a
> > 403 and the fast_cgi wrapper reports:
> > 
> >  Cannot chdir to script directory (/usr/lib/cgi-bin/mailman/listinfo)" while
> >  reading response header from upstream
> 
> Could you create /usr/lib/cgi-bin/mailman/printenv script with the following content:
> 
> #!/usr/bin/perl
> print "Content-type: text/plain\n\n";
> foreach $var (sort(keys(%ENV))) {
>     $val = $ENV{$var};
>     print "${var}=\"${val}\"\n";
> }

Give this output: <https://mail.sys4.de/cgi-bin/mailman/printenv>


> Then run chmod +x /usr/lib/cgi-bin/mailman/printenv
> and send result of the query http://mail.sys4.de/cgi-bin/mailman/printenv/blah-blah-blah.
> If your config is correct, there should be
> SCRIPT_FILENAME="/usr/lib/cgi-bin/mailman/printenv"
> PATH_INFO="/blah-blah-blah"

Gives a temp error: 403
<https://mail.sys4.de/cgi-bin/mailman/printenv/blah-blah-blah>

> BTW PATH_TRANSLATED in your config is unnecessary and erroneous.

Okay. I'll drop it.

p at rick



> 
> 
> > 
> > 
> > What is it I am doing wrong?
> > 
> > 
> > This is my nginx configuration to include mailman into the website:
> > 
> >        location /cgi-bin/mailman {
> >               root /usr/lib/;
> >               fastcgi_split_path_info (^/cgi-bin/mailman/[^/]*)(.*)$;
> >               include /etc/nginx/fastcgi_params;
> >               fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
> >               fastcgi_param PATH_INFO $fastcgi_path_info;
> >               fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
> >               fastcgi_intercept_errors off;
> >               fastcgi_pass unix:/var/run/fcgiwrap.socket;
> >        }
> >        location /images/mailman {
> >               alias /usr/share/images/mailman;
> >        }
> >        location /pipermail {
> >               alias /var/lib/mailman/archives/public;
> >               autoindex on;
> >        }
> > 
> > /etc/nginx/fastcgi_params contains these settings:
> > 
> > fastcgi_param   QUERY_STRING            $query_string;
> > fastcgi_param   REQUEST_METHOD          $request_method;
> > fastcgi_param   CONTENT_TYPE            $content_type;
> > fastcgi_param   CONTENT_LENGTH          $content_length;
> > 
> > fastcgi_param   SCRIPT_FILENAME         $request_filename;
> > fastcgi_param   SCRIPT_NAME             $fastcgi_script_name;
> > fastcgi_param   REQUEST_URI             $request_uri;
> > fastcgi_param   DOCUMENT_URI            $document_uri;
> > fastcgi_param   DOCUMENT_ROOT           $document_root;
> > fastcgi_param   SERVER_PROTOCOL         $server_protocol;
> > 
> > fastcgi_param   GATEWAY_INTERFACE       CGI/1.1;
> > fastcgi_param   SERVER_SOFTWARE         nginx/$nginx_version;
> > 
> > fastcgi_param   REMOTE_ADDR             $remote_addr;
> > fastcgi_param   REMOTE_PORT             $remote_port;
> > fastcgi_param   SERVER_ADDR             $server_addr;
> > fastcgi_param   SERVER_PORT             $server_port;
> > fastcgi_param   SERVER_NAME             $server_name;
> > 
> > fastcgi_param   HTTPS                   $https;
> > 
> > # PHP only, required if PHP was built with --enable-force-cgi-redirect
> > fastcgi_param   REDIRECT_STATUS         200;
> > 
> > 
> > 
> > My error log gives this output:
> > 
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 0000000002292AB0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A62C0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 00000000022A62C0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http empty handler
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 0000000002292AB0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http keepalive handler
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 00000000022C7AE0:1024
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_read: 1
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_read: 404
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_read: -1
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_get_error: 2
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 reusable connection: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 000000000224D310:1296
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 posix_memalign: 000000000228B240:4096 @16
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http process request line
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http request line: "GET /cgi-bin/mailman/listinfo/users HTTP/1.1"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http uri: "/cgi-bin/mailman/listinfo/users"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http args: ""
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http exten: ""
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http process request header line
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Host: mail.sys4.de"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101 Firefox/13.0"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Accept-Language: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Accept-Encoding: gzip, deflate"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "DNT: 1"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Connection: keep-alive"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http header: "Referer: https://mail.sys4.de/cgi-bin/mailman/listinfo"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http header done
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 event timer del: 10: 1339627243545
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 rewrite phase: 1
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script regex: "^/$"
> > 2012/06/14 00:39:48 [notice] 27873#0: *13 "^/$" does not match "/cgi-bin/mailman/listinfo/users", client: 178.27.33.0, server: mail.sys4.de, request: "GET /cgi-bin/mailman/listinfo/users HTTP/1.1", host: "mail.sys4.de", referrer: "https://mail.sys4.de/cgi-bin/mailman/listinfo"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 test location: "/images/mailman"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 test location: "/cgi-bin/mailman"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 using configuration "/cgi-bin/mailman"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http cl:-1 max:1048576
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 rewrite phase: 3
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 post rewrite phase: 4
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 5
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 6
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 generic phase: 7
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 access phase: 8
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 access phase: 9
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 access phase: 10
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 post access phase: 11
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 posix_memalign: 00000000022D15A0:4096 @16
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http init upstream, client timer: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "QUERY_STRING"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "QUERY_STRING: "
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REQUEST_METHOD"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "GET"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REQUEST_METHOD: GET"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "CONTENT_TYPE"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "CONTENT_TYPE: "
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "CONTENT_LENGTH"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "CONTENT_LENGTH: "
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SCRIPT_FILENAME"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib/cgi-bin/mailman/listinfo/users"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SCRIPT_FILENAME: /usr/lib/cgi-bin/mailman/listinfo/users"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SCRIPT_NAME"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/cgi-bin/mailman/listinfo"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SCRIPT_NAME: /cgi-bin/mailman/listinfo"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REQUEST_URI"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/cgi-bin/mailman/listinfo/users"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REQUEST_URI: /cgi-bin/mailman/listinfo/users"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "DOCUMENT_URI"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/cgi-bin/mailman/listinfo/users"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "DOCUMENT_URI: /cgi-bin/mailman/listinfo/users"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "DOCUMENT_ROOT"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "DOCUMENT_ROOT: /usr/lib"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_PROTOCOL"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "HTTP/1.1"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_PROTOCOL: HTTP/1.1"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "GATEWAY_INTERFACE"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "CGI/1.1"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "GATEWAY_INTERFACE: CGI/1.1"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_SOFTWARE"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "nginx/"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "1.1.19"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_SOFTWARE: nginx/1.1.19"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REMOTE_ADDR"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "178.27.33.0"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REMOTE_ADDR: 178.27.33.0"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REMOTE_PORT"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "35670"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REMOTE_PORT: 35670"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_ADDR"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "194.126.158.57"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_ADDR: 194.126.158.57"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_PORT"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "443"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_PORT: 443"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SERVER_NAME"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "mail.sys4.de"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SERVER_NAME: mail.sys4.de"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "HTTPS"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "on"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTPS: on"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "REDIRECT_STATUS"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "200"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "REDIRECT_STATUS: 200"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "SCRIPT_FILENAME"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/cgi-bin/mailman/listinfo"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "SCRIPT_FILENAME: /usr/lib/cgi-bin/mailman/listinfo"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "PATH_INFO"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/users"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "PATH_INFO: /users"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script copy: "PATH_TRANSLATED"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/usr/lib"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http script var: "/users"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "PATH_TRANSLATED: /usr/lib/users"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_HOST: mail.sys4.de"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_USER_AGENT: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:13.0) Gecko/20100101 Firefox/13.0"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_ACCEPT: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_ACCEPT_LANGUAGE: de-de,de;q=0.8,en-us;q=0.5,en;q=0.3"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_ACCEPT_ENCODING: gzip, deflate"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_DNT: 1"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_CONNECTION: keep-alive"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 fastcgi param: "HTTP_REFERER: https://mail.sys4.de/cgi-bin/mailman/listinfo"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http cleanup add: 00000000022D1C08
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 get rr peer, try: 1
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 socket 12
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 epoll add connection: fd:12 ev:80000005
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 connect to unix:/var/run/fcgiwrap.socket, fd:12 #15
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 connected
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream connect: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 posix_memalign: 00000000022C7130:128 @16
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream send request
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 chain writer buf fl:0 s:1008
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 chain writer in: 00000000022D1C40
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 writev: 1008
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 chain writer out: 0000000000000000
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 event timer add: 12: 60000:1339627248804
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http finalize request: -4, "/cgi-bin/mailman/listinfo/users?" a:1, c:2
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http request count:2 blk:0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A6328
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 00000000022A6328
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: "/cgi-bin/mailman/listinfo/users?"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream dummy handler
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A6328
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 00000000022A6328
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: "/cgi-bin/mailman/listinfo/users?"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream dummy handler
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 0000000002292B18
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 post event 00000000022A6328
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 00000000022A6328
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: "/cgi-bin/mailman/listinfo/users?"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream dummy handler
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 delete posted event 0000000002292B18
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream request: "/cgi-bin/mailman/listinfo/users?"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream process header
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 00000000022525C0:4096
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 recv: fd:12 176 of 4096
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 07
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 45
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 03
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 69
> > 2012/06/14 00:39:48 [error] 27873#0: *13 FastCGI sent in stderr: "Cannot chdir to script directory (/usr/lib/cgi-bin/mailman/listinfo)" while reading response header from upstream, client: 178.27.33.0, server: mail.sys4.de, request: "GET /cgi-bin/mailman/listinfo/users HTTP/1.1", upstream: "fastcgi://unix:/var/run/fcgiwrap.socket:", host: "mail.sys4.de", referrer: "https://mail.sys4.de/cgi-bin/mailman/listinfo"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 07
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 06
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 33
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 05
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 51
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi parser: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi header: "Status: 403 Forbidden"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi parser: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi header: "Content-type: text/plain"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi parser: 1
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi header done
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 xslt filter header
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 HTTP/1.1 403 Forbidden
> > Server: nginx/1.1.19
> > Date: Wed, 13 Jun 2012 22:39:48 GMT
> > Content-Type: text/plain
> > Transfer-Encoding: chunked
> > Connection: keep-alive
> > 
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:1 f:0 00000000022D1E90, pos 00000000022D1E90, size: 163 file: 0, size: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter: l:0 f:0 s:163
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http cacheable: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream process upstream
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe read upstream: 1
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe preread: 32
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 readv: 1:3920
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe recv chain: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe buf free s:0 t:1 f:0 00000000022525C0, pos 0000000002252650, size: 32 file: 0, size: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe length: -1
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 input buf #0 0000000002252650
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 06
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi closed stdout
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 03
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 01
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 08
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record byte: 00
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi record length: 8
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http fastcgi sent end request
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 input buf 0000000002252650 3
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe write downstream: 1
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe write downstream flush in
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http output filter "/cgi-bin/mailman/listinfo/users?"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: "/cgi-bin/mailman/listinfo/users?"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 image filter
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 xslt filter body
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http postpone filter "/cgi-bin/mailman/listinfo/users?" 00000000022D20A0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http chunk: 3
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 00000000022D1E90, pos 00000000022D1E90, size: 163 file: 0, size: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:1 f:0 00000000022D2188, pos 00000000022D2188, size: 3 file: 0, size: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:1 f:0 00000000022525C0, pos 0000000002252650, size: 3 file: 0, size: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:0 f:0 0000000000000000, pos 000000000049DD7D, size: 2 file: 0, size: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter: l:0 f:0 s:171
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: 0 "/cgi-bin/mailman/listinfo/users?"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 pipe write downstream done
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 event timer: 12, old: 1339627248804, new: 1339627248805
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream exit: 0000000000000000
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 finalize http upstream request: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 finalize http fastcgi request
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 free rr peer 1 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 close http upstream connection: 12
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022C7130, unused: 48
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 event timer del: 12: 1339627248804
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 reusable connection: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http upstream temp fd: -1
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http output filter "/cgi-bin/mailman/listinfo/users?"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: "/cgi-bin/mailman/listinfo/users?"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 image filter
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 xslt filter body
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http postpone filter "/cgi-bin/mailman/listinfo/users?" 00007FFF43D71E70
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http chunk: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 00000000022D1E90, pos 00000000022D1E90, size: 163 file: 0, size: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 00000000022D2188, pos 00000000022D2188, size: 3 file: 0, size: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:1 f:0 00000000022525C0, pos 0000000002252650, size: 3 file: 0, size: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 write old buf t:0 f:0 0000000000000000, pos 000000000049DD7D, size: 2 file: 0, size: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 write new buf t:0 f:0 0000000000000000, pos 000000000049DD7A, size: 5 file: 0, size: 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter: l:1 f:0 s:176
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter limit 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 malloc: 00000000022B9930:16384
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 163
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 3
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 3
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 2
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL buf copy: 5
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL to write: 176
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 SSL_write: 176
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http write filter 0000000000000000
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http copy filter: 0 "/cgi-bin/mailman/listinfo/users?"
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http finalize request: 0, "/cgi-bin/mailman/listinfo/users?" a:1, c:1
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 set http keepalive handler
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http close request
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 http log handler
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022525C0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 000000000228B240, unused: 6
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022D15A0, unused: 444
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 event timer add: 10: 65000:1339627253805
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 000000000224D310
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022C7AE0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 hc free: 0000000000000000 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 hc busy: 0000000000000000 0
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 free: 00000000022B9930
> > 2012/06/14 00:39:48 [debug] 27873#0: *13 reusable connection: 1
> > 
> > Thanks
> > 
> > p at rick
> > 
> > 
> > -- 
> > state of mind ()
> > 
> > http://www.state-of-mind.de
> > 
> > Franziskanerstra?e 15      Telefon +49 89 3090 4664
> > 81669 M?nchen              Telefax +49 89 3090 4666
> > 
> > Amtsgericht M?nchen        Partnerschaftsregister PR 563
> > 
> > _______________________________________________
> > nginx mailing list
> > nginx at nginx.org
> > http://mailman.nginx.org/mailman/listinfo/nginx
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

-- 
state of mind ()

http://www.state-of-mind.de

Franziskanerstra?e 15      Telefon +49 89 3090 4664
81669 M?nchen              Telefax +49 89 3090 4666

Amtsgericht M?nchen        Partnerschaftsregister PR 563


From sb at waeme.net  Thu Jun 14 14:46:29 2012
From: sb at waeme.net (Sergey Budnevitch)
Date: Thu, 14 Jun 2012 18:46:29 +0400
Subject: Running mailman within a domain
In-Reply-To: <20120614132903.GT2347@state-of-mind.de>
References: <20120613224300.GP18826@state-of-mind.de>
	<BA30F8FD-0DBA-4176-BAC8-E59C8C7FD77F@waeme.net>
	<20120614132903.GT2347@state-of-mind.de>
Message-ID: <07AE16A3-6A17-4497-9900-2305031ABECB@waeme.net>


On 14.06.2012, at 17:29, Patrick Ben Koetter wrote:

>> 
>> Could you create /usr/lib/cgi-bin/mailman/printenv script with the following content:
>> 
>> #!/usr/bin/perl
>> print "Content-type: text/plain\n\n";
>> foreach $var (sort(keys(%ENV))) {
>>    $val = $ENV{$var};
>>    print "${var}=\"${val}\"\n";
>> }
> 
> Give this output: <https://mail.sys4.de/cgi-bin/mailman/printenv>
> 
> 
>> Then run chmod +x /usr/lib/cgi-bin/mailman/printenv
>> and send result of the query http://mail.sys4.de/cgi-bin/mailman/printenv/blah-blah-blah.
>> If your config is correct, there should be
>> SCRIPT_FILENAME="/usr/lib/cgi-bin/mailman/printenv"
>> PATH_INFO="/blah-blah-blah"
> 
> Gives a temp error: 403
> <https://mail.sys4.de/cgi-bin/mailman/printenv/blah-blah-blah>

Please comment string
fastcgi_param   SCRIPT_FILENAME         $request_filename;

in /etc/nginx/fastcgi_params and reload nginx



From r at roze.lv  Thu Jun 14 15:06:59 2012
From: r at roze.lv (Reinis Rozitis)
Date: Thu, 14 Jun 2012 18:06:59 +0300
Subject: Running mailman within a domain
In-Reply-To: <07AE16A3-6A17-4497-9900-2305031ABECB@waeme.net>
References: <20120613224300.GP18826@state-of-mind.de><BA30F8FD-0DBA-4176-BAC8-E59C8C7FD77F@waeme.net><20120614132903.GT2347@state-of-mind.de>
	<07AE16A3-6A17-4497-9900-2305031ABECB@waeme.net>
Message-ID: <DF103F28029A4ACFAB806374B039EA04@MezhRoze>

Hello,
I have found out that running MailMan behind nginx is so much easier with 
thttpd in between (and proxy_pass) rather than all kinds of cgi wrappers.
It takes like a minute to set up and works flawlesly - 
http://wiki.list.org/display/DOC/Mailman+and+nginx

my 2 cents.


rr 


From p at state-of-mind.de  Thu Jun 14 15:14:26 2012
From: p at state-of-mind.de (Patrick Ben Koetter)
Date: Thu, 14 Jun 2012 17:14:26 +0200
Subject: SOLVED: Re: Running mailman within a domain
In-Reply-To: <07AE16A3-6A17-4497-9900-2305031ABECB@waeme.net>
References: <20120613224300.GP18826@state-of-mind.de>
	<BA30F8FD-0DBA-4176-BAC8-E59C8C7FD77F@waeme.net>
	<20120614132903.GT2347@state-of-mind.de>
	<07AE16A3-6A17-4497-9900-2305031ABECB@waeme.net>
Message-ID: <20120614151425.GE4754@state-of-mind.de>

* Sergey Budnevitch <nginx at nginx.org>:
> >> Then run chmod +x /usr/lib/cgi-bin/mailman/printenv
> >> and send result of the query http://mail.sys4.de/cgi-bin/mailman/printenv/blah-blah-blah.
> >> If your config is correct, there should be
> >> SCRIPT_FILENAME="/usr/lib/cgi-bin/mailman/printenv"
> >> PATH_INFO="/blah-blah-blah"
> > 
> > Gives a temp error: 403
> > <https://mail.sys4.de/cgi-bin/mailman/printenv/blah-blah-blah>
> 
> Please comment string
> fastcgi_param   SCRIPT_FILENAME         $request_filename;
> 
> in /etc/nginx/fastcgi_params and reload nginx

Sergey, you just made my day. Thank you! Everything works now as expected.

p at rick


-- 
state of mind ()

http://www.state-of-mind.de

Franziskanerstra?e 15      Telefon +49 89 3090 4664
81669 M?nchen              Telefax +49 89 3090 4666

Amtsgericht M?nchen        Partnerschaftsregister PR 563


From cmfileds at gmail.com  Thu Jun 14 20:10:12 2012
From: cmfileds at gmail.com (CM Fields)
Date: Thu, 14 Jun 2012 16:10:12 -0400
Subject: external authentication using a custom script
Message-ID: <CAHxQ+Co1Mg5P8UNZqAEWxOCZU+BmGAH17yNk2CO6pooGw3UDJg@mail.gmail.com>

I would like to authenticate HTTP and HTTPS clients using an external script
through Nginx.

All the authentication scripts are already made and I will modify them in any
way necessary to work with Nginx. The scripts query completely custom database
servers and XML based authenticators so an external script is needed to work,
for example, with the current implementation of Apache.


Basically, I am looking for similar functionality of mod_authnz_external from
Apache in Nginx. ?http://code.google.com/p/mod-auth-external/

For example, when the client connects to a certain "location" specified in the
nginx.conf, the Nginx server should ask them for their username and password
using the standard pop-up box; just like when auth_basic is used. But, instead
of checking a local file Nginx supplies the username and password to an
external script. The external script will authenticate the user/pass pair and
give a proper response back to Nginx to allow or deny. As long as the HTTP
client is connected Nginx will know they are authenticated just like
auth_basic.


At this point I was hoping for some opinions if I am on the right track to get
Nginx do what I need.

>From what I could find, the "auth_http" directive looks like a possibility,
but I wonder if it only works with POP3 and IMAP clients. Nginx will connect
to a remote http server with the username and pass in the headers. I take those
headers into my script and return with a OK or Invalid header response. I can
write a small HTTP deamon responder to be my authenticator if "auth_http" is
the right method.


Any other suggestions, ideas or opinions are very welcome. If anyone needs more
information or if a point was unclear, I would be happy to respond to the list
with more information. When I get external authentication working with Nginx I
would be happy to share the complete setup with the list.


From mdounin at mdounin.ru  Thu Jun 14 20:18:27 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 15 Jun 2012 00:18:27 +0400
Subject: external authentication using a custom script
In-Reply-To: <CAHxQ+Co1Mg5P8UNZqAEWxOCZU+BmGAH17yNk2CO6pooGw3UDJg@mail.gmail.com>
References: <CAHxQ+Co1Mg5P8UNZqAEWxOCZU+BmGAH17yNk2CO6pooGw3UDJg@mail.gmail.com>
Message-ID: <20120614201826.GK31671@mdounin.ru>

Hello!

On Thu, Jun 14, 2012 at 04:10:12PM -0400, CM Fields wrote:

> I would like to authenticate HTTP and HTTPS clients using an external script
> through Nginx.

[...]

http://mdounin.ru/hg/ngx_http_auth_request_module/

Maxim Dounin


From cmfileds at gmail.com  Thu Jun 14 20:32:20 2012
From: cmfileds at gmail.com (CM Fields)
Date: Thu, 14 Jun 2012 16:32:20 -0400
Subject: external authentication using a custom script
In-Reply-To: <20120614201826.GK31671@mdounin.ru>
References: <CAHxQ+Co1Mg5P8UNZqAEWxOCZU+BmGAH17yNk2CO6pooGw3UDJg@mail.gmail.com>
	<20120614201826.GK31671@mdounin.ru>
Message-ID: <CAHxQ+CowWOWpVC-qRtQu2hkqF3RSkVZ5FmDYRVjFvHx1FM4MFQ@mail.gmail.com>

Maxim,

Thanks for pointing me in the right direction. I was able to build Nginx with
http_auth_request and will start looking at the configuration options.

Are you aware of any more configuration examples other then what you
have supplied in the README?

On Thu, Jun 14, 2012 at 4:18 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> Hello!
>
> On Thu, Jun 14, 2012 at 04:10:12PM -0400, CM Fields wrote:
>
>> I would like to authenticate HTTP and HTTPS clients using an external script
>> through Nginx.
>
> [...]
>
> http://mdounin.ru/hg/ngx_http_auth_request_module/
>
> Maxim Dounin
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From nginx-forum at nginx.us  Thu Jun 14 20:58:39 2012
From: nginx-forum at nginx.us (schlag)
Date: Thu, 14 Jun 2012 16:58:39 -0400 (EDT)
Subject: Nginx Log Parser
In-Reply-To: <2d45aecf46d295ed13e5614afdf3476f.NginxMailingListEnglish@forum.nginx.org>
References: <2d45aecf46d295ed13e5614afdf3476f.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <7f9577b4cb43e1c6fc18d288d04de63c.NginxMailingListEnglish@forum.nginx.org>

I implemented cache stats in Zabbix by parsing the access logs using
logtail with an offset file every minute, and submitting value counts
for $upstream_cache_status to the zabbix server trapper via
zabbix_sender.  our rps is 50 or less, so processing this log every
minute isn't really a big deal yet.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,138438,227541#msg-227541


From mdounin at mdounin.ru  Thu Jun 14 21:10:50 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 15 Jun 2012 01:10:50 +0400
Subject: external authentication using a custom script
In-Reply-To: <CAHxQ+CowWOWpVC-qRtQu2hkqF3RSkVZ5FmDYRVjFvHx1FM4MFQ@mail.gmail.com>
References: <CAHxQ+Co1Mg5P8UNZqAEWxOCZU+BmGAH17yNk2CO6pooGw3UDJg@mail.gmail.com>
	<20120614201826.GK31671@mdounin.ru>
	<CAHxQ+CowWOWpVC-qRtQu2hkqF3RSkVZ5FmDYRVjFvHx1FM4MFQ@mail.gmail.com>
Message-ID: <20120614211050.GM31671@mdounin.ru>

Hello!

On Thu, Jun 14, 2012 at 04:32:20PM -0400, CM Fields wrote:

> Maxim,
> 
> Thanks for pointing me in the right direction. I was able to build Nginx with
> http_auth_request and will start looking at the configuration options.
> 
> Are you aware of any more configuration examples other then what you
> have supplied in the README?

Some additional examples can be found in tests under the t/ 
directory.  See here:

http://mdounin.ru/hg/ngx_http_auth_request_module/file/tip/t

Maxim Dounin


From francis at daoine.org  Thu Jun 14 21:16:42 2012
From: francis at daoine.org (Francis Daly)
Date: Thu, 14 Jun 2012 22:16:42 +0100
Subject: rewrite url segment staging site and live site
In-Reply-To: <a4016ad59aa0a63751a92f1bced42b71.NginxMailingListEnglish@forum.nginx.org>
References: <20120612172316.GB6210@craic.sysops.org>
	<a4016ad59aa0a63751a92f1bced42b71.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120614211642.GC6210@craic.sysops.org>

On Wed, Jun 13, 2012 at 10:31:02AM -0400, caleboconnell wrote:

Hi there,

you have a working set up now, so all is good.

But still, I am very surprised that

>   location /old {
>     rewrite ^/old/(.*)$ /new/$1 permanent;
>   }

will not cause a redirection for any request that starts /old/, when
replacing that location with

>   location /old {
>     rewrite ^/old? /new permanent;
>   }

will lead to the expected redirection.

The solution you found was to change the location definition to avoid
trying any regex locations. That suggests that you had other regex
locations which were being matched instead of the ones above. But
independent of that, the above two locations should redirect almost all
of the same requests (all bar exactly "/old") -- so if the rest of the
configuration didn't change in between the two tests, you have found
something odd.

> here is the current config, with prior rewrites before this location
> block:

For information: because one request is handled by one location, the
order of location blocks within the config file is not relevant (apart
from regex ones).

Which just means that "the most recent match" may not be from the location
block a few lines earlier in the config file.

All the best,

	f
-- 
Francis Daly        francis at daoine.org


From cmfileds at gmail.com  Thu Jun 14 21:19:49 2012
From: cmfileds at gmail.com (CM Fields)
Date: Thu, 14 Jun 2012 17:19:49 -0400
Subject: external authentication using a custom script
In-Reply-To: <20120614211050.GM31671@mdounin.ru>
References: <CAHxQ+Co1Mg5P8UNZqAEWxOCZU+BmGAH17yNk2CO6pooGw3UDJg@mail.gmail.com>
	<20120614201826.GK31671@mdounin.ru>
	<CAHxQ+CowWOWpVC-qRtQu2hkqF3RSkVZ5FmDYRVjFvHx1FM4MFQ@mail.gmail.com>
	<20120614211050.GM31671@mdounin.ru>
Message-ID: <CAHxQ+Cp-PGkUe8_HLC65Fbx+-zqX93hMuK3Mh=aSFJ3yrPdzig@mail.gmail.com>

Perfect. Thank you very much.

On Thu, Jun 14, 2012 at 5:10 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> Hello!
>
> On Thu, Jun 14, 2012 at 04:32:20PM -0400, CM Fields wrote:
>
>> Maxim,
>>
>> Thanks for pointing me in the right direction. I was able to build Nginx with
>> http_auth_request and will start looking at the configuration options.
>>
>> Are you aware of any more configuration examples other then what you
>> have supplied in the README?
>
> Some additional examples can be found in tests under the t/
> directory. ?See here:
>
> http://mdounin.ru/hg/ngx_http_auth_request_module/file/tip/t
>
> Maxim Dounin
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From cmfileds at gmail.com  Thu Jun 14 21:27:06 2012
From: cmfileds at gmail.com (CM Fields)
Date: Thu, 14 Jun 2012 17:27:06 -0400
Subject: external authentication using a custom script
In-Reply-To: <CAHxQ+Cp-PGkUe8_HLC65Fbx+-zqX93hMuK3Mh=aSFJ3yrPdzig@mail.gmail.com>
References: <CAHxQ+Co1Mg5P8UNZqAEWxOCZU+BmGAH17yNk2CO6pooGw3UDJg@mail.gmail.com>
	<20120614201826.GK31671@mdounin.ru>
	<CAHxQ+CowWOWpVC-qRtQu2hkqF3RSkVZ5FmDYRVjFvHx1FM4MFQ@mail.gmail.com>
	<20120614211050.GM31671@mdounin.ru>
	<CAHxQ+Cp-PGkUe8_HLC65Fbx+-zqX93hMuK3Mh=aSFJ3yrPdzig@mail.gmail.com>
Message-ID: <CAHxQ+CoyzktPveYKN6EAiadZLOA0qOD2qYHfpZ6nz7Zag-g7nQ@mail.gmail.com>

Maxim,

The external authentication with your module works great. I will do some
stress testing this week.

BTW, the examples in the README file are fine. I just did not
understand the context
without looking at the testing examples.


On Thu, Jun 14, 2012 at 5:19 PM, CM Fields <cmfileds at gmail.com> wrote:
> Perfect. Thank you very much.
>
> On Thu, Jun 14, 2012 at 5:10 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
>> Hello!
>>
>> On Thu, Jun 14, 2012 at 04:32:20PM -0400, CM Fields wrote:
>>
>>> Maxim,
>>>
>>> Thanks for pointing me in the right direction. I was able to build Nginx with
>>> http_auth_request and will start looking at the configuration options.
>>>
>>> Are you aware of any more configuration examples other then what you
>>> have supplied in the README?
>>
>> Some additional examples can be found in tests under the t/
>> directory. ?See here:
>>
>> http://mdounin.ru/hg/ngx_http_auth_request_module/file/tip/t
>>
>> Maxim Dounin
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx


From francis at daoine.org  Thu Jun 14 21:59:28 2012
From: francis at daoine.org (Francis Daly)
Date: Thu, 14 Jun 2012 22:59:28 +0100
Subject: SOLVED: Re: Running mailman within a domain
In-Reply-To: <20120614151425.GE4754@state-of-mind.de>
References: <20120613224300.GP18826@state-of-mind.de>
	<BA30F8FD-0DBA-4176-BAC8-E59C8C7FD77F@waeme.net>
	<20120614132903.GT2347@state-of-mind.de>
	<07AE16A3-6A17-4497-9900-2305031ABECB@waeme.net>
	<20120614151425.GE4754@state-of-mind.de>
Message-ID: <20120614215928.GD6210@craic.sysops.org>

On Thu, Jun 14, 2012 at 05:14:26PM +0200, Patrick Ben Koetter wrote:
> * Sergey Budnevitch <nginx at nginx.org>:

Hi there,

> > Please comment string
> > fastcgi_param   SCRIPT_FILENAME         $request_filename;
> > 
> > in /etc/nginx/fastcgi_params and reload nginx
> 
> Sergey, you just made my day. Thank you! Everything works now as expected.

If I read it right, that suggests that your fastcgi server pays attention
to the first SCRIPT_FILENAME parameter it gets, in contrast to the php
built-in fastcgi server which pays attention to the last one it gets.

So an alternative config could have been to use the original
fastcgi_params file; but to add your own SCRIPT_FILENAME line above,
rather than below, the include line.

What you have now, sending exactly one fastcgi SCRIPT_FILENAME parameter,
is best because it should work for any fastcgi server.

(Your original config might have worked if you used a different fastcgi
server.)

All the best,

	f
-- 
Francis Daly        francis at daoine.org


From nginx-forum at nginx.us  Fri Jun 15 03:24:12 2012
From: nginx-forum at nginx.us (Daniel15)
Date: Thu, 14 Jun 2012 23:24:12 -0400 (EDT)
Subject: Route non-existant .php requests through try_files?
Message-ID: <077e2cab603bee393577491abb3b4da4.NginxMailingListEnglish@forum.nginx.org>

Hi everyone,
 I'm investigating moving one of my sites from another web server to
Nginx. The app is a PHP app that uses the "front controller" pattern
(everything routes via index.php), and the app takes care of URL routing
and handling 404 errors.

My nginx site configuration looks something like this:
=====
server {
	listen 8080;
	server_name example.com;
	root /var/www/example/live/public/;
	index index.htm index.php;

	location / {
		try_files $uri /index.php;
	}

	location /assets/cache/ {
		expires max;
	}

	location ~ \.php$ {
		include fastcgi_params;
		fastcgi_pass php;
		fastcgi_param FUEL_ENV production;
	}
}

upstream php {
	server unix:/var/run/php5-fpm/www.sock;
}
=====

This works mostly as expected - Going to the root of the site hits the
app's homepage, and the sub pages work (so example.com/about loads
file). However if I go to a non-existent PHP file (like
example.com/about.php), I get a white page that says "File not found."
There's some legacy links that have ".php" at the end and routing these
to the correct location is handled in the app itself. Because of my
try_files setting, I expected this to go through index.php, like the
URLs without extensions. However this doesn't seem to be the case.
Anyone know how to configure it so it works this way?

tl;dr: How do I get requests to non-existent .php files to route via my
index.php file?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227550,227550#msg-227550


From david.kostal at gmail.com  Fri Jun 15 05:56:09 2012
From: david.kostal at gmail.com (David Kostal)
Date: Fri, 15 Jun 2012 07:56:09 +0200
Subject: nginx and TPROXY
Message-ID: <CANqGZ1vZV2VkKhNghxhYqdhwEB4KCAteWHQUbp3ZioBNvghV9g@mail.gmail.com>

Hi all,
I just run into the need to have nginx support the Linux TPROXY
feature: there is not REDIRECT target for IPv6. As there is no support
for TPROXY in nginx I created a small patch for core & http modules
against 1.2.1. It's enabled by recompiling nginx with --with-tproxy
and activating it by adding "tproxy" as an additional argument to
listen.

Unfortunately it is not possible to enable/disable tproxy behavior for
existing sockets during reload, only on startup or when reload adds
new listening sockets. This is due to fact that the setsockopt() call
must be done before bind().

Please have a look, so far it works for me but I did not do yet any
heavy testing and it's not production yet:)

david.kostal at gmail.com
----+
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginx-tproxy.patch
Type: application/octet-stream
Size: 5618 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120615/c0c31a4f/attachment.obj>

From gabor.farkas at gmail.com  Fri Jun 15 07:36:39 2012
From: gabor.farkas at gmail.com (=?ISO-8859-1?Q?G=E1bor_Farkas?=)
Date: Fri, 15 Jun 2012 09:36:39 +0200
Subject: proxy_next_upstream, only "connect" timeout?, try 2
Message-ID: <CAPiPmQkgsqTgL6QsLPYU+jUBd8mn=wAmOv-6ShvikFeuQrsUow@mail.gmail.com>

regarding my original email:
http://article.gmane.org/gmane.comp.web.nginx.english/34175

i assume the silence means there is no such way.

would it be hard to implement it? i can try it, but i'd need to know
if it's at least possible or not,
if there are the necessary 'hooks' in place and such...

thanks,
gabor


From francis at daoine.org  Fri Jun 15 07:54:46 2012
From: francis at daoine.org (Francis Daly)
Date: Fri, 15 Jun 2012 08:54:46 +0100
Subject: Route non-existant .php requests through try_files?
In-Reply-To: <077e2cab603bee393577491abb3b4da4.NginxMailingListEnglish@forum.nginx.org>
References: <077e2cab603bee393577491abb3b4da4.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120615075446.GF6210@craic.sysops.org>

On Thu, Jun 14, 2012 at 11:24:12PM -0400, Daniel15 wrote:

Hi there,

> 	location / {

> 	location /assets/cache/ {

> 	location ~ \.php$ {

> However if I go to a non-existent PHP file (like
> example.com/about.php), I get a white page that says "File not found."
> There's some legacy links that have ".php" at the end and routing these
> to the correct location is handled in the app itself. Because of my
> try_files setting, I expected this to go through index.php,

No.

One request is handled by one location. The request for /about.php
will be handled by the "php" regex location, which doesn't (currently)
include try_files.

http://nginx.org/r/location

Untested, but probably either:

copy the try_files line into the "php" regex location; or

move the "php" regex location to be within the "location /" block

should do what you want in most cases.

("most" because: what do you want to happen when the request is for
"/assets/cache/absent.php", or for "/assets/cache/present.php"? The two
options above will do different things.)

Good luck with it,

	f
-- 
Francis Daly        francis at daoine.org


From mdounin at mdounin.ru  Fri Jun 15 08:02:50 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 15 Jun 2012 12:02:50 +0400
Subject: proxy_next_upstream, only "connect" timeout?, try 2
In-Reply-To: <CAPiPmQkgsqTgL6QsLPYU+jUBd8mn=wAmOv-6ShvikFeuQrsUow@mail.gmail.com>
References: <CAPiPmQkgsqTgL6QsLPYU+jUBd8mn=wAmOv-6ShvikFeuQrsUow@mail.gmail.com>
Message-ID: <20120615080250.GN31671@mdounin.ru>

Hello!

On Fri, Jun 15, 2012 at 09:36:39AM +0200, G?bor Farkas wrote:

> regarding my original email:
> http://article.gmane.org/gmane.comp.web.nginx.english/34175
> 
> i assume the silence means there is no such way.
> 
> would it be hard to implement it? i can try it, but i'd need to know
> if it's at least possible or not,
> if there are the necessary 'hooks' in place and such...

We probably need something more generic, i.e. some distinction 
between idempotent and non-idempotent cases in 
proxy_next_upstream.  This should allow to retry GET/HEAD at any 
point, while keeping POSTs safe.

Maxim Dounin


From gabor.farkas at gmail.com  Fri Jun 15 08:07:35 2012
From: gabor.farkas at gmail.com (=?ISO-8859-1?Q?G=E1bor_Farkas?=)
Date: Fri, 15 Jun 2012 10:07:35 +0200
Subject: proxy_next_upstream, only "connect" timeout?, try 2
In-Reply-To: <20120615080250.GN31671@mdounin.ru>
References: <CAPiPmQkgsqTgL6QsLPYU+jUBd8mn=wAmOv-6ShvikFeuQrsUow@mail.gmail.com>
	<20120615080250.GN31671@mdounin.ru>
Message-ID: <CAPiPmQkmvZ7_2t1e79SF6ytZa7jiUnzu6OPo93BEdqg3Fz=xJg@mail.gmail.com>

On Fri, Jun 15, 2012 at 10:02 AM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> Hello!
>
> On Fri, Jun 15, 2012 at 09:36:39AM +0200, G?bor Farkas wrote:
>
>> regarding my original email:
>> http://article.gmane.org/gmane.comp.web.nginx.english/34175
>>
>> i assume the silence means there is no such way.
>>
>> would it be hard to implement it? i can try it, but i'd need to know
>> if it's at least possible or not,
>> if there are the necessary 'hooks' in place and such...
>
> We probably need something more generic, i.e. some distinction
> between idempotent and non-idempotent cases in
> proxy_next_upstream. ?This should allow to retry GET/HEAD at any
> point, while keeping POSTs safe.

i agree, but i would still prefer to be able to specify the
on-connect-timeout-only too,
there are some cases where i do not want to repeat even a GET request,
and generally it is a safer bet for me to not-repeat anything that
already 'reached'
the upstream.

you see, my specific problem is that i have multiple upstreams, and i want nginx
to go to the next upstream when an upstream's socket-backlog is full.
and currently
i am unable to do this...

gabor


From mdounin at mdounin.ru  Fri Jun 15 10:29:35 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 15 Jun 2012 14:29:35 +0400
Subject: proxy_next_upstream, only "connect" timeout?, try 2
In-Reply-To: <CAPiPmQkmvZ7_2t1e79SF6ytZa7jiUnzu6OPo93BEdqg3Fz=xJg@mail.gmail.com>
References: <CAPiPmQkgsqTgL6QsLPYU+jUBd8mn=wAmOv-6ShvikFeuQrsUow@mail.gmail.com>
	<20120615080250.GN31671@mdounin.ru>
	<CAPiPmQkmvZ7_2t1e79SF6ytZa7jiUnzu6OPo93BEdqg3Fz=xJg@mail.gmail.com>
Message-ID: <20120615102935.GP31671@mdounin.ru>

Hello!

On Fri, Jun 15, 2012 at 10:07:35AM +0200, G?bor Farkas wrote:

> On Fri, Jun 15, 2012 at 10:02 AM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> > Hello!
> >
> > On Fri, Jun 15, 2012 at 09:36:39AM +0200, G?bor Farkas wrote:
> >
> >> regarding my original email:
> >> http://article.gmane.org/gmane.comp.web.nginx.english/34175
> >>
> >> i assume the silence means there is no such way.
> >>
> >> would it be hard to implement it? i can try it, but i'd need to know
> >> if it's at least possible or not,
> >> if there are the necessary 'hooks' in place and such...
> >
> > We probably need something more generic, i.e. some distinction
> > between idempotent and non-idempotent cases in
> > proxy_next_upstream. ?This should allow to retry GET/HEAD at any
> > point, while keeping POSTs safe.
> 
> i agree, but i would still prefer to be able to specify the
> on-connect-timeout-only too,
> there are some cases where i do not want to repeat even a GET request,
> and generally it is a safer bet for me to not-repeat anything that
> already 'reached'
> the upstream.

Sure, this needs some configuration for a things which should be 
considered idempotent, as http methods are often misused.

> you see, my specific problem is that i have multiple upstreams, and i want nginx
> to go to the next upstream when an upstream's socket-backlog is full.
> and currently
> i am unable to do this...

Practical solution for the specific problem of full listen queue 
is to instruct your OS to return RST in this case (this 
is usually the default behaviour, but Linux seems to be an 
exception), and use "proxy_next_upstream error".  You may also try 
small proxy_connect_timeout vs. long proxy_read_timeout and 
proxy_send_timeout.

This still has a theoretical problem though, as error might occur 
for some reason during sending request to an upstream, and this 
will trigger use of next upstream server.

Maxim Dounin


From nginx-forum at nginx.us  Fri Jun 15 10:41:57 2012
From: nginx-forum at nginx.us (nfn)
Date: Fri, 15 Jun 2012 06:41:57 -0400 (EDT)
Subject: Different cache_valid per location
Message-ID: <b9c3611db008ba154b2060bc0947d320.NginxMailingListEnglish@forum.nginx.org>

Hi,

I'm trying to find the correct way to have different cache times per
location.
The problem I have is that all locations are redirected using try_files
to the same file and then to fastcgi.

I was thinking about something like this, but it doesn't work:

fastcgi_cache_path   /var/cache/nginx/one levels=1:2
keys_zone=one:500m;										 

server {

    location /a {
      fastcgi_cache_valid 200 15m;
      try_files $uri $uri/ /index.php;
    }
	
    location /b {
      fastcgi_cache_valid 200 60m;
      try_files $uri $uri/ /index.php;
    }
 
  ## PHP
  location ~ \.php$ {
    ...
    fastcgi_cache one;
    fastcgi_cache_use_stale error  timeout invalid_header http_500;
    ...
  }
}

How can I archive this?

Thanks

NN

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227557,227557#msg-227557


From maxim at nginx.com  Fri Jun 15 12:46:11 2012
From: maxim at nginx.com (Maxim Konovalov)
Date: Fri, 15 Jun 2012 16:46:11 +0400
Subject: Fwd: Announcing SPDY draft 2 implementation in nginx
In-Reply-To: <201206151640.57505.ne@vbart.ru>
References: <201206151640.57505.ne@vbart.ru>
Message-ID: <4FDB2E93.5060408@nginx.com>

For those who don't read -devel but still want to try the patch:

http://nginx.org/patches/spdy/

-------- Original Message --------
Subject: Announcing SPDY draft 2 implementation in nginx
Date: Fri, 15 Jun 2012 16:40:57 +0400
From: Valentin V. Bartenev <ne at vbart.ru>
Reply-To: nginx-devel at nginx.org
To: nginx-devel at nginx.org

We are pleased to announce the first beta version of SPDY draft 2
module for nginx.

It is currently distributed as a patch for nginx 1.3.x development
version.

For more information about SPDY protocol specification please check
http://www.chromium.org/spdy/spdy-protocol

Known problems and limitations of this revision:

 - server push is not supported;

 - post_action directive is not supported for SPDY connections;

 - rate limiting is not supported for SPDY connections;

 - SSL buffer is switched off.

We will be working on improving SPDY support during the next few
months with the goal of eventually integrating it fully into the
main nginx code.  Expect frequent updates about this development,
and please report your experiences, and send the feedback to nginx
development mailing list nginx-devel at nginx.org (check
http://mailman.nginx.org/mailman/listinfo/nginx-devel).

Configuration and installation instructions are below.

How to build nginx/spdy binary:

  1. Install OpenSSL 1.0.1, it's required because SPDY module uses
     Next Protocol Negotiation TLS extension.

  2. Download nginx 1.3.x tar-gzip package (check
     http://nginx.org/en/download.html)

     $ wget http://nginx.org/download/nginx-1.3.1.tar.gz

  3. Unpack nginx-1.3

     $ tar xvfz nginx-1.3.1.tar.gz
     $ cd nginx-1.3.1

  4. Download and apply SPDY module patch

     $ wget http://nginx.org/patches/spdy/patch.spdy-34.txt
     $ patch -p0 < patch.spdy-34.txt

  5. Configure nginx build

     $ ./configure --with-http_ssl_module

     Use --with-openssl=/path/to/openssl-1.0.1, when building OpenSSL
     separately and statically linking.

     Use --with-cc-opt and --with-ld-opt accordingly, if OpenSSL is
     installed as an optional library, e.g. on Mac OS X

     $ ./configure --with-http_ssl_module \
                   --with-cc-opt="-I/opt/local/include" \
                   --with-ld-opt="-L/opt/local/lib"

  6. Build nginx

     $ make


To enable SPDY in nginx configuration, just add "spdy" and "ssl"
parameters to the listen directive:

  server {
      listen 443 ssl spdy default_server;

      ssl_certificate      server.crt;
      ssl_certificate_key  server.key;

      ...
  }

Optional SPDY configuration directives:

 - spdy_recv_buffer_size - specifies the size of input buffer (per
   worker), 1MB by default;

 - spdy_max_concurrent_streams - maximum number of concurrent SPDY
   streams in a single connection, 100 by default;

 - spdy_streams_index_size - size of SPDY stream ID index, should
   be power of 2, default is 32;

 - spdy_recv_timeout - timeout when expecting more data from the
   client, default is 30s;

 - spdy_keepalive_timeout - inactivity timeout after which connection
   is closed, default is 3m;

 - spdy_headers_comp - header compression level (0 = no comp, 9 =
   max comp), default is 1;

 - spdy_headers_comp_window - size of LZ77 compression window,
   default is 4KB.

The default values are more or less optimized for generic use,
there's normally no need to tweak them.

SPDY variables:

 - $spdy - version of SPDY protocol if the request came via SPDY
   (currently "2"), or empty value;

 - $spdy_request_priority - priority of the stream, if the request
   came via SPDY.


Disclaimer: use this code at your own risk, it is distributed under
the 2-clause BSD-like license, and at nginx we are not responsible
for any negative impact or effects that the usage of this code might
cause.


-- 
NGINX, Inc., http://nginx.com

_______________________________________________
nginx-devel mailing list
nginx-devel at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel


-- 
Maxim Konovalov
+7 (910) 4293178
http://nginx.com/


From simohayha.bobo at gmail.com  Fri Jun 15 13:40:06 2012
From: simohayha.bobo at gmail.com (Simon Liu)
Date: Fri, 15 Jun 2012 21:40:06 +0800
Subject: Announcing SPDY draft 2 implementation in nginx
In-Reply-To: <4FDB2E93.5060408@nginx.com>
References: <201206151640.57505.ne@vbart.ru> <4FDB2E93.5060408@nginx.com>
Message-ID: <CAB6pCs9hc1gfPNcReKYnhNYCPh=_BwxmgVpdZqZ+Lr5fhPPszg@mail.gmail.com>

Thanks for your job.

by the way why not push this mail to spdy maillist?

On Fri, Jun 15, 2012 at 8:46 PM, Maxim Konovalov <maxim at nginx.com> wrote:

> For those who don't read -devel but still want to try the patch:
>
> http://nginx.org/patches/spdy/
>
> -------- Original Message --------
> Subject: Announcing SPDY draft 2 implementation in nginx
> Date: Fri, 15 Jun 2012 16:40:57 +0400
> From: Valentin V. Bartenev <ne at vbart.ru>
> Reply-To: nginx-devel at nginx.org
> To: nginx-devel at nginx.org
>
> We are pleased to announce the first beta version of SPDY draft 2
> module for nginx.
>
> It is currently distributed as a patch for nginx 1.3.x development
> version.
>
> For more information about SPDY protocol specification please check
> http://www.chromium.org/spdy/spdy-protocol
>
> Known problems and limitations of this revision:
>
>  - server push is not supported;
>
>  - post_action directive is not supported for SPDY connections;
>
>  - rate limiting is not supported for SPDY connections;
>
>  - SSL buffer is switched off.
>
> We will be working on improving SPDY support during the next few
> months with the goal of eventually integrating it fully into the
> main nginx code.  Expect frequent updates about this development,
> and please report your experiences, and send the feedback to nginx
> development mailing list nginx-devel at nginx.org (check
> http://mailman.nginx.org/mailman/listinfo/nginx-devel).
>
> Configuration and installation instructions are below.
>
> How to build nginx/spdy binary:
>
>  1. Install OpenSSL 1.0.1, it's required because SPDY module uses
>     Next Protocol Negotiation TLS extension.
>
>  2. Download nginx 1.3.x tar-gzip package (check
>     http://nginx.org/en/download.html)
>
>     $ wget http://nginx.org/download/nginx-1.3.1.tar.gz
>
>  3. Unpack nginx-1.3
>
>     $ tar xvfz nginx-1.3.1.tar.gz
>     $ cd nginx-1.3.1
>
>  4. Download and apply SPDY module patch
>
>     $ wget http://nginx.org/patches/spdy/patch.spdy-34.txt
>     $ patch -p0 < patch.spdy-34.txt
>
>  5. Configure nginx build
>
>     $ ./configure --with-http_ssl_module
>
>     Use --with-openssl=/path/to/openssl-1.0.1, when building OpenSSL
>     separately and statically linking.
>
>     Use --with-cc-opt and --with-ld-opt accordingly, if OpenSSL is
>     installed as an optional library, e.g. on Mac OS X
>
>     $ ./configure --with-http_ssl_module \
>                   --with-cc-opt="-I/opt/local/include" \
>                   --with-ld-opt="-L/opt/local/lib"
>
>  6. Build nginx
>
>     $ make
>
>
> To enable SPDY in nginx configuration, just add "spdy" and "ssl"
> parameters to the listen directive:
>
>  server {
>      listen 443 ssl spdy default_server;
>
>      ssl_certificate      server.crt;
>      ssl_certificate_key  server.key;
>
>      ...
>  }
>
> Optional SPDY configuration directives:
>
>  - spdy_recv_buffer_size - specifies the size of input buffer (per
>   worker), 1MB by default;
>
>  - spdy_max_concurrent_streams - maximum number of concurrent SPDY
>   streams in a single connection, 100 by default;
>
>  - spdy_streams_index_size - size of SPDY stream ID index, should
>   be power of 2, default is 32;
>
>  - spdy_recv_timeout - timeout when expecting more data from the
>   client, default is 30s;
>
>  - spdy_keepalive_timeout - inactivity timeout after which connection
>   is closed, default is 3m;
>
>  - spdy_headers_comp - header compression level (0 = no comp, 9 =
>   max comp), default is 1;
>
>  - spdy_headers_comp_window - size of LZ77 compression window,
>   default is 4KB.
>
> The default values are more or less optimized for generic use,
> there's normally no need to tweak them.
>
> SPDY variables:
>
>  - $spdy - version of SPDY protocol if the request came via SPDY
>   (currently "2"), or empty value;
>
>  - $spdy_request_priority - priority of the stream, if the request
>   came via SPDY.
>
>
> Disclaimer: use this code at your own risk, it is distributed under
> the 2-clause BSD-like license, and at nginx we are not responsible
> for any negative impact or effects that the usage of this code might
> cause.
>
>
> --
> NGINX, Inc., http://nginx.com
>
> _______________________________________________
> nginx-devel mailing list
> nginx-devel at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx-devel
>
>
> --
> Maxim Konovalov
> +7 (910) 4293178
> http://nginx.com/
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>



-- 
do not fear to be eccentric in opinion, for every opinion now accepted was
once eccentric.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120615/ce95b984/attachment.html>

From monitor.xoyo at gmail.com  Fri Jun 15 13:49:57 2012
From: monitor.xoyo at gmail.com (Xiangong Yang)
Date: Fri, 15 Jun 2012 21:49:57 +0800
Subject: an unexpected newline appears when use memc and echo_location_async,
	how to delete the newline ?
Message-ID: <CAKxrJ_eZg2=sw8avN-p0AT5osK0B2s6RiwA+eNtZayOReLTEeA@mail.gmail.com>

I use the agenzh's two modules
http://wiki.nginx.org/HttpMemcModule
http://wiki.nginx.org/HttpEchoModule

**
*nginx configuration:*


    location ~ "^/property/([0-9]+)" {
        charset utf-8;
        default_type 'text/javascript';
        echo -n "$arg_callback({\"property_$1\":\"";
        echo_location_async /statistic/operator
"cmd=incr&key=property_$1&value=1";
        echo -n "\")";
    }

    # GET /statistic/operator?cmd=incr&key=property_23214&value=2
    # GET /statistic/operator?cmd=decr&key=property_23214&value=1
    location /statistic/operator {
        internal;
        set $memc_cmd $arg_cmd;
        set $memc_key $arg_key;
        set $memc_value $arg_value;
        memc_pass statistics_server_pool;
        memc_cmds_allowed incr decr set get delete add;
        add_header X-Memc-Flags 'Statistic Crement';
    }


*Request URL:*

http://domain.net/property/23458?hi=231231&callback=himycallback201203455


*The Unexpect  incorrect Output: (Current Configuration)*

 himycallback201203455({"property_23458":24
})


The new line after 24 is unexpected. and how can l delete the new line ?

*I expected the correct Output: ( how to configuration the nginx ? )*

himycallback201203455({"property_23458":24})
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120615/d8d34b60/attachment.html>

From monitor.xoyo at gmail.com  Fri Jun 15 13:56:17 2012
From: monitor.xoyo at gmail.com (Xiangong Yang)
Date: Fri, 15 Jun 2012 21:56:17 +0800
Subject: =?UTF-8?Q?an_unexpected_newline_appears_when_use_memc_and_echo=5Flocat?=
	=?UTF-8?Q?=E2=80=8Bion=5Fasync=2C_how_to_delete_the_newline_=3F?=
Message-ID: <CAKxrJ_dap_pDmx-Qa3x9e1ziD0yfsdeVDVJh+Cp-95UMiex-1Q@mail.gmail.com>

I use the agenzh's two modules
http://wiki.nginx.org/HttpMemcModule
http://wiki.nginx.org/HttpEchoModule


*nginx configuration:
*
    location ~ "^/property/([0-9]+)" {
        charset utf-8;
        default_type 'text/javascript';
        echo -n "$arg_callback({\"property_$1\":\"";
        echo_location_async /statistic/operator
"cmd=incr&key=property_$1&value=1";
        echo -n "\")";
    }

    # GET /statistic/operator?cmd=incr&key=property_23214&value=2
    # GET /statistic/operator?cmd=decr&key=property_23214&value=1
    location /statistic/operator {
        internal;
        set $memc_cmd $arg_cmd;
        set $memc_key $arg_key;
        set $memc_value $arg_value;
        memc_pass statistics_server_pool;
        memc_cmds_allowed incr decr set get delete add;
        add_header X-Memc-Flags 'Statistic Crement';
    }


*Request URL:
*
http://domain.net/property/23458?hi=231231&callback=himycallback201203455


The Unexpected  incorrect Output: (Current Configuration)

 himycallback201203455({"property_23458":24
})


The new line after 24 is unexpected. and how can l delete the new line ?

I expected the correct Output: ( how to configuration the nginx ? )

himycallback201203455({"property_23458":24})
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120615/7b26d462/attachment-0001.html>

From nginx-forum at nginx.us  Fri Jun 15 14:46:10 2012
From: nginx-forum at nginx.us (clemclem)
Date: Fri, 15 Jun 2012 10:46:10 -0400 (EDT)
Subject: Joomla multilingual subdomain redirect/rewrite
Message-ID: <c80dd9f04a234b2a0e35004ea728c817.NginxMailingListEnglish@forum.nginx.org>

Hi all,

I have a multilingual Joomla website, whose URL currently look like the
following :
http://www.example.com/fr/test/test.html (note the FR posision after the
server name)

In order to achieve some SEO, I'd like my URLs to look like this :
http://fr.example.com/test/test.html
Ie: the langage code is now part of the subdomain, and removed from the
request_uri

I configured my DNS (fr.example.com and www.example) as A reccord
pointing to the same IP address.

I tried the following rule, that match the fr langage code and display
the correct URL, but I still have a 404 error because the server could
not find  the new rewritten page :

if ($request_uri ~* ^/(?<lang>fr)/(?<rest>.*)$ {
   rewrite ^ http://$lang.example.com/$rest? permanent;
}

Now, I'm looking for a way to tell the server to serve the page
/fr/test/test.html when the URL is http://fr.example.com/test/test.html
Should I add a location @lang {} directive ? or use proxy pass ?

I'm quite new to Nginx, and I'm lost :(

Moreover, I have several country codes such as: de, fr, cn, it... In
this post i'm focusing on the fr one, but i'm looking for a generic
solution.

Thanks !

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227568,227568#msg-227568


From reallfqq-nginx at yahoo.fr  Fri Jun 15 16:07:25 2012
From: reallfqq-nginx at yahoo.fr (B.R.)
Date: Fri, 15 Jun 2012 12:07:25 -0400
Subject: SEO language URI redirection + existing directories
Message-ID: <CALqce=3q_NrG6aBmR34C0=DSfekpr=ndtKDQBP3AyfTqoxc28w@mail.gmail.com>

Hello,

I currently have URI built to have URI like
website.my/en
made to send the content from 'website.my' in the en language.

My Ngingx conf is as follows:
location ~* "^/[a-z]{2}(/.*)?$" {
    rewrite "^/([a-z]{2})/?$" /index.php?lang=$1 last;
    rewrite "^/([a-z]{2})(/[^\.]+)$" $2/index.php?lang=$1 last;
    rewrite "^/([a-z]{2})(/.+)$" $2 last;
}

I also have some 2-letters top-level directories which I want to send with
the highest priority.

I would like that
website.my/ab
checks if /ab directory (or file) exists and:
- process its content as usual if it's the case
- redirects through the language rules if it's not

Is there a way to make some conditional rewrite based on the try_files
directive?

Thanks,
---
*B. R.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120615/729b55cf/attachment.html>

From mdounin at mdounin.ru  Sat Jun 16 01:14:06 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Sat, 16 Jun 2012 05:14:06 +0400
Subject: HP-UX (IA64) sendmsg() failed
In-Reply-To: <5865478c4f3d86dc67fb605b6227c946.NginxMailingListEnglish@forum.nginx.org>
References: <5865478c4f3d86dc67fb605b6227c946.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120616011406.GU31671@mdounin.ru>

Hello!

On Mon, Jun 11, 2012 at 05:08:38AM -0400, wwwyq2003 wrote:

> nginx nginx-1.2.1
> OS HP-UX B.11.23 U ia64
> built by gcc 4.2.3
> 
> When I start the nginx server,it throws some errors.
> 
> The error.log contains
> 2012/06/11 16:46:07 [notice] 6820#0: using the "/dev/poll" event method
> 2012/06/11 16:46:07 [notice] 6820#0: nginx/1.2.1
> 2012/06/11 16:46:07 [notice] 6820#0: built by gcc 4.2.3
> 2012/06/11 16:46:07 [notice] 6820#0: getrlimit(RLIMIT_NOFILE):
> 10240:10240
> 2012/06/11 16:46:07 [notice] 6821#0: start worker processes
> 2012/06/11 16:46:07 [notice] 6821#0: start worker process 6822
> 2012/06/11 16:46:07 [notice] 6821#0: start worker process 6823
> 2012/06/11 16:46:07 [alert] 6821#0: sendmsg() failed (9: Bad file
> number)
> 2012/06/11 16:46:07 [notice] 6821#0: start worker process 6824
> 2012/06/11 16:46:07 [alert] 6821#0: sendmsg() failed (9: Bad file
> number)
> 2012/06/11 16:46:07 [alert] 6821#0: sendmsg() failed (9: Bad file
> number)
> 2012/06/11 16:46:07 [notice] 6821#0: start worker process 6825
> 2012/06/11 16:46:07 [alert] 6821#0: sendmsg() failed (9: Bad file
> number)
> 2012/06/11 16:46:07 [alert] 6821#0: sendmsg() failed (9: Bad file
> number)
> 2012/06/11 16:46:07 [alert] 6821#0: sendmsg() failed (9: Bad file
> number)
> 
> 
> Someone help me.
> Thank you very much!

The following patch should help:

# HG changeset patch
# User Maxim Dounin <mdounin at mdounin.ru>
# Date 1339809190 -14400
# Node ID 94e0eb86b0d0743f8ddbe946f142b35d6a606e2e
# Parent  87049097aab36ec42513ccb8f015c3ce59edeff3
Fixed "sendmsg() failed" alerts on HP-UX.

HP-UX needs _HPUX_ALT_XOPEN_SOCKET_API to be defined to be able to
use various POSIX versions of networking functions.  Notably sendmsg()
resulted in "sendmsg() failed (9: Bad file number)" alerts without it.

See xopen_networking(7) for more details.

diff --git a/auto/os/conf b/auto/os/conf
--- a/auto/os/conf
+++ b/auto/os/conf
@@ -48,6 +48,7 @@ case "$NGX_PLATFORM" in
         CORE_DEPS="$UNIX_DEPS $POSIX_DEPS"
         CORE_SRCS="$UNIX_SRCS"
         CC_AUX_FLAGS="$CC_AUX_FLAGS -D_XOPEN_SOURCE -D_XOPEN_SOURCE_EXTENDED=1"
+        CC_AUX_FLAGS="$CC_AUX_FLAGS -D_HPUX_ALT_XOPEN_SOCKET_API"
     ;;
 
     OSF1:*)
diff --git a/src/os/unix/ngx_posix_config.h b/src/os/unix/ngx_posix_config.h
--- a/src/os/unix/ngx_posix_config.h
+++ b/src/os/unix/ngx_posix_config.h
@@ -12,6 +12,7 @@
 #if (NGX_HPUX)
 #define _XOPEN_SOURCE
 #define _XOPEN_SOURCE_EXTENDED  1
+#define _HPUX_ALT_XOPEN_SOCKET_API
 #endif
 
 

Maxim Dounin


From agentzh at gmail.com  Sat Jun 16 02:08:09 2012
From: agentzh at gmail.com (agentzh)
Date: Sat, 16 Jun 2012 10:08:09 +0800
Subject: an unexpected newline appears when use memc and
	echo_location_async, how to delete the newline ?
In-Reply-To: <CAKxrJ_eZg2=sw8avN-p0AT5osK0B2s6RiwA+eNtZayOReLTEeA@mail.gmail.com>
References: <CAKxrJ_eZg2=sw8avN-p0AT5osK0B2s6RiwA+eNtZayOReLTEeA@mail.gmail.com>
Message-ID: <CAB4Tn6M1j+GgMFLgW2YqU4mDWwK9yiPhz4Vf=uxfX9j0Dcz9xw@mail.gmail.com>

Hello!

On Fri, Jun 15, 2012 at 9:49 PM, Xiangong Yang <monitor.xoyo at gmail.com> wrote:
> The Unexpect? incorrect Output: (Current Configuration)
>
> ?himycallback201203455({"property_23458":24
> })
> The new line after 24 is unexpected. and how can l delete the new line ?
>

Please ensure that the value you inserted into memcached does not have
the trailing new line by using telnet to access your memcached, like
this:

    $ telnet <your-memcached-host> <your-memcached-port>
    get property_23458

If the original value in your memcached server contains a trailing
newline, then neither ngx_memc nor ngx_echo will automatically strip
it for you.

Also, to do JSONP padding in nginx, you're recommended to use the
ngx_xss module which is more efficient and more secure:

    https://github.com/agentzh/xss-nginx-module

Best regards,
-agentzh


From agentzh at gmail.com  Sat Jun 16 02:34:35 2012
From: agentzh at gmail.com (agentzh)
Date: Sat, 16 Jun 2012 10:34:35 +0800
Subject: an unexpected newline appears when use memc and
	echo_location_async, how to delete the newline ?
In-Reply-To: <CAB4Tn6M1j+GgMFLgW2YqU4mDWwK9yiPhz4Vf=uxfX9j0Dcz9xw@mail.gmail.com>
References: <CAKxrJ_eZg2=sw8avN-p0AT5osK0B2s6RiwA+eNtZayOReLTEeA@mail.gmail.com>
	<CAB4Tn6M1j+GgMFLgW2YqU4mDWwK9yiPhz4Vf=uxfX9j0Dcz9xw@mail.gmail.com>
Message-ID: <CAB4Tn6NCwbeSzR5ni9HbLWKbAJPOUzPrJZ75_-z7Zz+y0MHDxw@mail.gmail.com>

Hello!

On Sat, Jun 16, 2012 at 10:08 AM, agentzh <agentzh at gmail.com> wrote:
> Please ensure that the value you inserted into memcached does not have
> the trailing new line by using telnet to access your memcached, like
> this:
>

Sorry, I was reading too fast. For the memcached commands other than
"get", ngx_memc will return the raw memcached responses, and in your
case, for the "incr" command, the response is ended by a CR LF
sequence.

If it bothers you, then you're recommended to use ngx_lua with
lua-resty-memcached instead, for example:

  # the following line is not required if the ngx_openresty bundle is used.
  lua_package_path "/path/to/lua-resty-memcached/lib/?.lua;;";

  server {
    listen 8080;

    location ~ "^/property/([0-9]+)" {
        charset utf-8;
        default_type 'application/json';

        xss_callback_arg callback;
        xss_get on;

        content_by_lua '
            local memcached = require "resty.memcached"
            local memc = memcached:new()

            memc:set_timeout(500) -- 500 ms

            local ok, err = memc:connect("127.0.0.1", 11211)
            if not ok then
                ngx.log(ngx.ERR, "failed to connect to memcached: ", err)
                return ngx.exit(500)
            end

            local key = "property_" .. ngx.var[1]
            local newval, err = memc:incr(key, 1)
            if not newval then
                ngx.log(ngx.ERR, "failed to incr the key in memcached: ", err)
                return ngx.exit(500)
            end

            -- the connection pool capacity is set to 1024 connections
            memc:set_keepalive(0, 1024)

            ngx.print([[{"]], key, [[":"]], newval, [["}]])
        ';
    }
  }

Then we can get:

    $ curl -i localhost:8080/property/23458?callback=himycallback201203455
    HTTP/1.1 200 OK
    Server: nginx/1.0.15
    Date: Sat, 16 Jun 2012 02:31:57 GMT
    Content-Type: application/x-javascript; charset=utf-8
    Transfer-Encoding: chunked
    Connection: keep-alive

    himycallback201203455({"property_23458":"30"});

And when the callback argument is not given:

    $ curl -i localhost:8080/property/23458
    HTTP/1.1 200 OK
    Server: nginx/1.0.15
    Date: Sat, 16 Jun 2012 02:32:51 GMT
    Content-Type: application/json
    Transfer-Encoding: chunked
    Connection: keep-alive

    {"property_23458":"31"}

The example above utilizes the following components:

    http://wiki.nginx.org/HttpLuaModule
    https://github.com/agentzh/lua-resty-memcached
    https://github.com/agentzh/xss-nginx-module

If you're too lazy to download and install all these dependencies, you
can try out the ngx_openresty bundle instead:

    http://openresty.org/#Download

Best regards,
-agentzh


From monitor.xoyo at gmail.com  Sat Jun 16 03:36:28 2012
From: monitor.xoyo at gmail.com (Xiangong Yang)
Date: Sat, 16 Jun 2012 11:36:28 +0800
Subject: an unexpected newline appears when use memc and
	echo_location_async, how to delete the newline ?
In-Reply-To: <CAB4Tn6NCwbeSzR5ni9HbLWKbAJPOUzPrJZ75_-z7Zz+y0MHDxw@mail.gmail.com>
References: <CAKxrJ_eZg2=sw8avN-p0AT5osK0B2s6RiwA+eNtZayOReLTEeA@mail.gmail.com>
	<CAB4Tn6M1j+GgMFLgW2YqU4mDWwK9yiPhz4Vf=uxfX9j0Dcz9xw@mail.gmail.com>
	<CAB4Tn6NCwbeSzR5ni9HbLWKbAJPOUzPrJZ75_-z7Zz+y0MHDxw@mail.gmail.com>
Message-ID: <CAKxrJ_cCEFix+LckdcMyV5uXfbPgFvnq=aOFjfsXDgPQno2J4A@mail.gmail.com>

Thank you very much, agentzh!
I'll immediately try the xss-nginx-module module in your guide.




2012/6/16 agentzh <agentzh at gmail.com>

> Hello!
>
> On Sat, Jun 16, 2012 at 10:08 AM, agentzh <agentzh at gmail.com> wrote:
> Sorry, I was reading too fast. For the memcached commands other than
> "get", ngx_memc will return the raw memcached responses, and in your
> case, for the "incr" command, the response is ended by a CR LF
> sequence.
>
> If it bothers you, then you're recommended to use ngx_lua with
> lua-resty-memcached instead, for example:
>
>  # the following line is not required if the ngx_openresty bundle is used.
>  lua_package_path "/path/to/lua-resty-memcached/lib/?.lua;;";
>
>  server {
>    listen 8080;
>
>    location ~ "^/property/([0-9]+)" {
>        charset utf-8;
>        default_type 'application/json';
>
>        xss_callback_arg callback;
>        xss_get on;
>
>        content_by_lua '
>            local memcached = require "resty.memcached"
>            local memc = memcached:new()
>
>            memc:set_timeout(500) -- 500 ms
>
>            local ok, err = memc:connect("127.0.0.1", 11211)
>            if not ok then
>                ngx.log(ngx.ERR, "failed to connect to memcached: ", err)
>                return ngx.exit(500)
>            end
>
>            local key = "property_" .. ngx.var[1]
>            local newval, err = memc:incr(key, 1)
>            if not newval then
>                ngx.log(ngx.ERR, "failed to incr the key in memcached: ",
> err)
>                return ngx.exit(500)
>            end
>
>            -- the connection pool capacity is set to 1024 connections
>            memc:set_keepalive(0, 1024)
>
>            ngx.print([[{"]], key, [[":"]], newval, [["}]])
>        ';
>    }
>  }
>
> The example above utilizes the following components:
>
>    http://wiki.nginx.org/HttpLuaModule
>    https://github.com/agentzh/lua-resty-memcached
>    https://github.com/agentzh/xss-nginx-module
>
> If you're too lazy to download and install all these dependencies, you
> can try out the ngx_openresty bundle instead:
>
>    http://openresty.org/#Download
>
> Best regards,
> -agentzh
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120616/20b81316/attachment.html>

From agentzh at gmail.com  Sat Jun 16 03:49:50 2012
From: agentzh at gmail.com (agentzh)
Date: Sat, 16 Jun 2012 11:49:50 +0800
Subject: [ANN] ngx_openresty devel version 1.0.15.11 released
In-Reply-To: <CAB4Tn6PES=Anq0mGGk8L+5V3znnq55LJ=iV7pX12GPppwt0yUQ@mail.gmail.com>
References: <CAB4Tn6PES=Anq0mGGk8L+5V3znnq55LJ=iV7pX12GPppwt0yUQ@mail.gmail.com>
Message-ID: <CAB4Tn6MNWv3=s1rLPtvM7=6aYPQW9m4M68hkj+Z8TQvZhjOcTQ@mail.gmail.com>

Hi, folks!

After more than one week's active development, I'm happy to announce
that the new development version of ngx_openresty, 1.0.15.11, is now
released:

? http://openresty.org/#Download

Below is the change log for this release, as compared to the last release,
1.0.15.10:

 *   upgraded LuaNginxModule to 0.5.0rc32.

     *   bugfix: header_filter_by_lua and its friend would leak
         memory when it is the only directive of LuaNginxModule
         configured in a location and the ngx.ctx API is also used
         there.

     *   bugfix: Lua global variables was dangerously shared by all
         the concurrent requests if the special "_G" table was used
         in all those *_by_lua and *_by_lua_file directives. thanks
         chaoslawful for the patches. but please also note that "_G"
         is still shared among all the requests if used in the
         context of Lua modules, just like all those Lua module level
         variables.

     *   bugfix: the ngx.arg API was not usable within external Lua
         module files in set_by_lua or set_by_lua_file.

     *   bugfix: unexpected values on the Lua stack might be
         concatenated when generating tracebacks for Lua errors and
         the Lua VM would crash when there happened to be values on
         the Lua stack that could not be concatenated (like "nil").

     *   bugfix: the Lua main thread stack might leak when
         header_filter_by_lua or header_filter_by_lua_file are used.

     *   bugfix: the Lua VM might crash when calling the cosocket
         methods with a bad-typed "self" argument.

     *   bufix: fixed the directive context for set_by_lua and
         set_by_lua_file. they really work in the contexts "server",
         "server if", "location", and "location if". thanks Liu
         Taihua.

     *   feature: added new directives log_by_lua and log_by_lua_file
         to support user Lua code running at the "log" request
         processing phase. thanks Matthieu Tourne for the patches.

     *   feature: added new directives body_filter_by_lua and
         body_filter_by_lua_file to allow the user implement nginx
         output body filters in pure Lua.

     *   feature: added support for loading Lua/LuaJIT raw bytecode
         files automatically in all those *_by_lua_file config
         directives. thanks jinglong and chaoslawful for the patches.
         benchmark results have shown that, for very big Lua-based
         web applications, bytecode loading gives an order of
         magnitude speedup at first requests that trigger the Lua
         code loading.

     *   feature: added new directive
         lua_transform_underscores_in_response_headers. thanks Kindy
         Lin.

     *   optimize: now we no longer register the "ndk" and "ngx" API
         for set_by_lua* and header_filter_by_lua* at config time
         rather than request time. this makes these directives 200+%
         faster.

     *   optimize: eliminated unnecessary string concatenations when
         generating tracebacks for Lua errors.

     *   optimize: now we store the metatables for ngx.req.socket()
         and ngx.socket.tcp() objects into the Lua registry.

     *   optimize: changed the string keys to light userdata for
         various tracking tables (coroutines table, regex cache
         table, cosocket connection pool table, ngx.ctx table, and
         etc). This gives minor performance improvement from
         eliminating key hashing and etc. thanks Dirk Feytons.

     *   diagnosis: now we issue user-friendly error messages when
         the Nginx Lua APIs are used in the wrong configure directive
         contexts (e.g., using ngx.location.capture in set_by_lua).

     *   docs: fixed a typo: ngx.now returns time of the resolution
         of milliseconds, rather than microseconds. thanks Wang Xi.

     *   docs: added a note for installation with Lua 5.1 on ubuntu
         11.10. thanks Dan Sosedoff.

 *   updated nginx-1.0.15-poll_del_event_at_exit.patch. thanks Maxim
     Dounin.

The HTML version of the change log with lots of useful hyper-links can
be browsed here:

    http://openresty.org/#ChangeLog1000015

Special thanks go to all our contributors and users for helping make this
happen :)

OpenResty (aka. ngx_openresty) is a full-fledged web application server by
bundling the standard Nginx core, lots of 3rd-party Nginx modules, as well
as most of their external dependencies. See OpenResty's homepage for more
details:

? http://openresty.org/

Enjoy!
-agentzh


From nginx-forum at nginx.us  Sat Jun 16 03:58:28 2012
From: nginx-forum at nginx.us (Daniel15)
Date: Fri, 15 Jun 2012 23:58:28 -0400 (EDT)
Subject: Route non-existant .php requests through try_files?
In-Reply-To: <20120615075446.GF6210@craic.sysops.org>
References: <20120615075446.GF6210@craic.sysops.org>
Message-ID: <56b86c65d9f59952f3ce2f9b27401023.NginxMailingListEnglish@forum.nginx.org>

Thanks for your reply. Adding the try_files setting into the PHP
location block made it behave as expected

Thanks! :)

Francis Daly Wrote:
-------------------------------------------------------
> On Thu, Jun 14, 2012 at 11:24:12PM -0400, Daniel15
> wrote:
> 
> Hi there,
> 
> > 	location / {
> 
> > 	location /assets/cache/ {
> 
> > 	location ~ \.php$ {
> 
> > However if I go to a non-existent PHP file (like
> > example.com/about.php), I get a white page that
> says "File not found."
> > There's some legacy links that have ".php" at
> the end and routing these
> > to the correct location is handled in the app
> itself. Because of my
> > try_files setting, I expected this to go through
> index.php,
> 
> No.
> 
> One request is handled by one location. The
> request for /about.php
> will be handled by the "php" regex location, which
> doesn't (currently)
> include try_files.
> 
> http://nginx.org/r/location
> 
> Untested, but probably either:
> 
> copy the try_files line into the "php" regex
> location; or
> 
> move the "php" regex location to be within the
> "location /" block
> 
> should do what you want in most cases.
> 
> ("most" because: what do you want to happen when
> the request is for
> "/assets/cache/absent.php", or for
> "/assets/cache/present.php"? The two
> options above will do different things.)
> 
> Good luck with it,
> 
> 	f
> -- 
> Francis Daly        francis at daoine.org
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227550,227587#msg-227587


From monitor.xoyo at gmail.com  Sat Jun 16 06:44:38 2012
From: monitor.xoyo at gmail.com (Xiangong Yang)
Date: Sat, 16 Jun 2012 14:44:38 +0800
Subject: why return HTTP 500 when use the require "resty.memcached" in
	HttpLuaModule module?
Message-ID: <CAKxrJ_c+QvNqc2aNgZS8PQGrg+0iceqgGvTDYQt6FD7sy_unWA@mail.gmail.com>

i use agentzh's three modules.
http://wiki.nginx.org/HttpLuaModule
https://github.com/agentzh/xss-nginx-module
https://github.com/agentzh/lua-resty-memcached


CentOS 5.5 x86_64

nginx version is 1.3.1

LUA version:
[root at db2 conf]# *lua -v
*Lua 5.1.5  Copyright (C) 1994-2012 Lua.org, PUC-Rio
[root at db2 conf]# *luac -v
*Lua 5.1.5  Copyright (C) 1994-2012 Lua.org, PUC-Rio


*the lua-resty-memcached is installed.*

[root at db2 conf]# *ll /usr/local/lib/lua/resty/
*total 12
-rwxr-xr-x 1 root root 11778 Jun 16 16:27 memcached.lua


*nginx configuration*

# set search paths for pure Lua external libraries (';;' is the default
path):
lua_package_path
"/usr/lib/?.lua;/usr/local/lib/?.lua;/usr/local/lib/lua/5.1/?.lua;/usr/share/lua/5.1/?.lua;/usr/share/lua/5.1/?/?.lua
;/usr/local/lib/lua/resty/?.lua;;";
# set search paths for Lua external libraries written in C (can also use
'/bar/baz/?.so;/blah/blah/?.so;;'):
lua_package_cpath '/usr/lib64/lua/5.1/?.so;/usr/lib64/lua/5.1/?/?.so;;';

server {
..................
    location ~ "^/property/([0-9]+)" {
        charset utf-8;
        default_type 'text/plain';
        xss_callback_arg callback;
        xss_get on;
        #content_by_lua "ngx.say('Hello,world!')";
        content_by_lua '
            local memcached = require "resty.memcached"
        ';
    }
..................
}



the *require "resty.memcached"* code leads the nginx retrun *HTTP 500 (500
Internal Server Error)*


 why the nginx return HTTP 500 when i use the *require "resty.memcached"* ?

Are there some lua dependencies that i've not installed?

best regards.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120616/6a2256c5/attachment.html>

From agentzh at gmail.com  Sat Jun 16 08:22:35 2012
From: agentzh at gmail.com (agentzh)
Date: Sat, 16 Jun 2012 16:22:35 +0800
Subject: why return HTTP 500 when use the require "resty.memcached" in
	HttpLuaModule module?
In-Reply-To: <CAKxrJ_c+QvNqc2aNgZS8PQGrg+0iceqgGvTDYQt6FD7sy_unWA@mail.gmail.com>
References: <CAKxrJ_c+QvNqc2aNgZS8PQGrg+0iceqgGvTDYQt6FD7sy_unWA@mail.gmail.com>
Message-ID: <CAB4Tn6PYWhpJvGux3jHyEF+KwdO7oDi0S7Oh_9ZMgGVT6Boa0A@mail.gmail.com>

Hello!

On Sat, Jun 16, 2012 at 2:44 PM, Xiangong Yang <monitor.xoyo at gmail.com> wrote:
> # set search paths for pure Lua external libraries (';;' is the default
> path):
> lua_package_path
> "/usr/lib/?.lua;/usr/local/lib/?.lua;/usr/local/lib/lua/5.1/?.lua;/usr/share/lua/5.1/?.lua;/usr/share/lua/5.1/?/?.lua;/usr/local/lib/lua/resty/?.lua;;";
> # set search paths for Lua external libraries written in C (can also use
> '/bar/baz/?.so;/blah/blah/?.so;;'):

This is really a FAQ for Lua beginners, not specific to ngx_lua. In
short, you should really use "/usr/local/lib/lua/?.lua" in your
lua_package_path here instead of "/usr/local/lib/lua/resty/?.lua"
because you're requiring "resty.memcached" below in your Lua code,
which will make the Lua VM substitute the "?" part in your search path
with the string "resty/memcached" rather than "memcached".

I suggest you just use the ngx_openresty bundle directly. It has all
the components and search paths properly pre-configured for you :) But
there's nothing that can stop you from doing all these configurations
yourself :)

> the require "resty.memcached" code leads the nginx retrun HTTP 500 (500
> Internal Server Error)
>

When you see 500 or empty reply from the server, you should always
check out your nginx's error.log file for detailed error messages. If
you do, you'll see from error.log that lua fails to find
resty.memcached in your search paths.

BTW, you're recommended to use LuaJIT 2.0 instead of the standard Lua
5.1 interpreter with ngx_lua, see:

    http://luajit.org/download.html

Because LuaJIT 2.0 is usually much faster and smaller (in terms of
memory footprint) and has many less limitations in terms of
functionalities as compared to the standard Lua 5.1 interpreter.

Best regards,
-agentzh


From mp3geek at gmail.com  Sat Jun 16 10:28:47 2012
From: mp3geek at gmail.com (Ryan Brown)
Date: Sat, 16 Jun 2012 22:28:47 +1200
Subject: correct commands to enable nonssl, ssl, ipv6, spdy
Message-ID: <CAG_yTXxuxCE=5r90r_MnhKzn7=uxFKubo-s6AT8fO2AxC4Ccdg@mail.gmail.com>

Wanting to enable ssl+spdy+ipv6 on port 443, and ipv6 on port 80.

    server {
        server_name secure.domain.com;
        #
        listen [::]80;
        listen [::]:443 ssl spdy default ipv6only=on;
        #listen       [::]:443;
        #listen [::]:443 ssl default_server=on;
        #listen        [::]:443 spdy default ipv6only=on;
       [...]
      }

I've tried various methods, but the https isn't working.. whats the
correct command to enable all such options?


From chtpatil at gmail.com  Sat Jun 16 13:08:53 2012
From: chtpatil at gmail.com (Chetan Patil)
Date: Sat, 16 Jun 2012 18:38:53 +0530
Subject: Nginx Server : Desired Domain Name on Local Host
Message-ID: <CAF0dY_vjj1OJksoaM_YuJ=r9BkHNSMxGAAfE6NxrWDtsnO2LVA@mail.gmail.com>

Hi,

I'm on Fedora 16 with nginx installed using yum.

1) /etc/nginx/conf.d    contains : default.conf  ssl.conf  virtual.conf
2) /etc/init.d/                contains : nginx  (to start,stop etc server)
3) /usr/share/nginx     contains the default html files.
4) /etc/nginx/nginx.conf contaings main config file which is calling
default.conf

I am trying to understand how nginx will receive desired domain request and
how it
will display the html pages.

For that I edited /etc/nginx/conf.d/default.conf and wrote *server_name
test;*
and then I restarted nginx server.

In browser when I type : test:80 , it shows webpage not available, instead
of
showing nginx default test page.

Before moving to a real server I want to understand exactly how nginx gets
request
from desired domain name (example.com) and then shows the relevant data.

I have understood the concept of fetching files from proper folder as per
the configuration file,
but not able to set desired domain name as a test on localhost.

May anyone let me know what would be the correct configuration ?

-- 
Thank You and Warm Regards,

Chetan Arvind Patil,
www.chetanpatil.info
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120616/07d9b5fd/attachment.html>

From monitor.xoyo at gmail.com  Sat Jun 16 13:46:37 2012
From: monitor.xoyo at gmail.com (Xiangong Yang)
Date: Sat, 16 Jun 2012 21:46:37 +0800
Subject: why return HTTP 500 when use the require "resty.memcached" in
	HttpLuaModule module?
In-Reply-To: <CAB4Tn6PYWhpJvGux3jHyEF+KwdO7oDi0S7Oh_9ZMgGVT6Boa0A@mail.gmail.com>
References: <CAKxrJ_c+QvNqc2aNgZS8PQGrg+0iceqgGvTDYQt6FD7sy_unWA@mail.gmail.com>
	<CAB4Tn6PYWhpJvGux3jHyEF+KwdO7oDi0S7Oh_9ZMgGVT6Boa0A@mail.gmail.com>
Message-ID: <CAKxrJ_egOaY3XTym6f7X5EnxWowWbCbWVYZ_Mjn+dKiwPWks-Q@mail.gmail.com>

Thank you very much! agentzh.

I use the OpenResty successfully now.
How *powerfully* it is!

and thank you for your sugguestion about LuaJIT.

But i've two problem:
1, how to upgrate the nginx to the latest version, eg: nginx 1.3.1 ?
2, how to add the other third module, eg: nginx_concat_module and
substitutions4nginx ?

2012/6/16 agentzh <agentzh at gmail.com>

> Hello!
>
> On Sat, Jun 16, 2012 at 2:44 PM, Xiangong Yang <monitor.xoyo at gmail.com>
> wrote:
>
> This is really a FAQ for Lua beginners, not specific to ngx_lua. In
> short, you should really use "/usr/local/lib/lua/?.lua" in your
> lua_package_path here instead of "/usr/local/lib/lua/resty/?.lua"
> because you're requiring "resty.memcached" below in your Lua code,
> which will make the Lua VM substitute the "?" part in your search path
> with the string "resty/memcached" rather than "memcached".
>
> I suggest you just use the ngx_openresty bundle directly. It has all
> the components and search paths properly pre-configured for you :) But
> there's nothing that can stop you from doing all these configurations
> yourself :)
>
> When you see 500 or empty reply from the server, you should always
> check out your nginx's error.log file for detailed error messages. If
> you do, you'll see from error.log that lua fails to find
> resty.memcached in your search paths.
>
> BTW, you're recommended to use LuaJIT 2.0 instead of the standard Lua
> 5.1 interpreter with ngx_lua, see:
>
>    http://luajit.org/download.html
>
> Because LuaJIT 2.0 is usually much faster and smaller (in terms of
> memory footprint) and has many less limitations in terms of
> functionalities as compared to the standard Lua 5.1 interpreter.
>
> Best regards,
> -agentzh
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120616/d9a8491d/attachment.html>

From francis at daoine.org  Sat Jun 16 13:49:55 2012
From: francis at daoine.org (Francis Daly)
Date: Sat, 16 Jun 2012 14:49:55 +0100
Subject: Nginx Server : Desired Domain Name on Local Host
In-Reply-To: <CAF0dY_vjj1OJksoaM_YuJ=r9BkHNSMxGAAfE6NxrWDtsnO2LVA@mail.gmail.com>
References: <CAF0dY_vjj1OJksoaM_YuJ=r9BkHNSMxGAAfE6NxrWDtsnO2LVA@mail.gmail.com>
Message-ID: <20120616134955.GG6210@craic.sysops.org>

On Sat, Jun 16, 2012 at 06:38:53PM +0530, Chetan Patil wrote:

Hi there,

> I am trying to understand how nginx will receive desired domain request and
> how it will display the html pages.

<snip>

> Before moving to a real server I want to understand exactly how nginx gets
> request
> from desired domain name (example.com) and then shows the relevant data.

http://nginx.org/en/docs/http/request_processing.html

In short: the connection comes in on an ip:port, and includes an indication
of the server name requested (usually in the http request Host: header).

For every server{} defined, nginx checks for the ones with a "listen"
directive that is the best-match for the ip:port; for each of those
servers, nginx finds the one with the best-match "server_name" directive,
or else uses the default one.

After that, the server-level config or the best-match location{} is used
to decide how to respond to the request.

But all of that can only happen after the request gets to nginx.

> In browser when I type : test:80 , it shows webpage not available, instead
> of showing nginx default test page.

Browsers tend to hide the actual error message behind a "friendly" one.

What does

  curl -i http://test:80/

show?

I suspect it will be something along the lines of

  Couldn't resolve host 'test'

In that case, your browser never actually sent the request to nginx,
so nginx could do nothing about it.

One way to direct the request you want at the localhost web server is

  curl -i -H 'Host: test' http://localhost/

The best way is to set up name resolution such that your browser knows
that the name "test" corresponds to your nginx server. In the common case,
adding a line

  127.0.0.1  test

to /etc/hosts will make it all Just Work for all browsers on the system.

(If you're not in the common case, then other things may be needed. But
that's all outside of nginx.)

All the best,

	f
-- 
Francis Daly        francis at daoine.org


From chtpatil at gmail.com  Sat Jun 16 15:24:00 2012
From: chtpatil at gmail.com (Chetan Patil)
Date: Sat, 16 Jun 2012 20:54:00 +0530
Subject: Nginx Server : Desired Domain Name on Local Host
In-Reply-To: <20120616134955.GG6210@craic.sysops.org>
References: <CAF0dY_vjj1OJksoaM_YuJ=r9BkHNSMxGAAfE6NxrWDtsnO2LVA@mail.gmail.com>
	<20120616134955.GG6210@craic.sysops.org>
Message-ID: <CAF0dY_syWsHh3sfFjQTRdg=6RGyoMC7K9BHsCCaKoEB90mU-9w@mail.gmail.com>

Hi,

On Sat, Jun 16, 2012 at 7:19 PM, Francis Daly <francis at daoine.org> wrote:

> Browsers tend to hide the actual error message behind a "friendly" one.
>
> What does
>
>  curl -i http://test:80/
>
> show?
>
> I suspect it will be something along the lines of
>
>  Couldn't resolve host 'test'
>

Yes.


> The best way is to set up name resolution such that your browser knows
> that the name "test" corresponds to your nginx server. In the common case,
> adding a line
>
>  127.0.0.1  test
>
> to /etc/hosts will make it all Just Work for all browsers on the system.
>

It worked. Thanks.

So, same configuration has to be done while moving to Linux hosted server ?


-- 
Thank You and Warm Regards,

Chetan Arvind Patil,
www.chetanpatil.info
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120616/1a98490e/attachment.html>

From agentzh at gmail.com  Sat Jun 16 15:33:28 2012
From: agentzh at gmail.com (agentzh)
Date: Sat, 16 Jun 2012 23:33:28 +0800
Subject: why return HTTP 500 when use the require "resty.memcached" in
	HttpLuaModule module?
In-Reply-To: <CAKxrJ_egOaY3XTym6f7X5EnxWowWbCbWVYZ_Mjn+dKiwPWks-Q@mail.gmail.com>
References: <CAKxrJ_c+QvNqc2aNgZS8PQGrg+0iceqgGvTDYQt6FD7sy_unWA@mail.gmail.com>
	<CAB4Tn6PYWhpJvGux3jHyEF+KwdO7oDi0S7Oh_9ZMgGVT6Boa0A@mail.gmail.com>
	<CAKxrJ_egOaY3XTym6f7X5EnxWowWbCbWVYZ_Mjn+dKiwPWks-Q@mail.gmail.com>
Message-ID: <CAB4Tn6Pjk0VjNypqNOJsD3pPw3RrwK67WLsy3M3G4g6ZY44new@mail.gmail.com>

Hello!

On Sat, Jun 16, 2012 at 9:46 PM, Xiangong Yang <monitor.xoyo at gmail.com> wrote:
> Thank you very much! agentzh.
>
> I use the OpenResty successfully now.
> How powerfully it is!
>

Glad you like it :)

> and thank you for your sugguestion about LuaJIT.
>

You're welcome :)

> But i've?two problem:
> 1, how to upgrate the nginx to the latest version, eg: nginx 1.3.1 ?

One of the main points of the ngx_openresty bundle is to ensure that
all the bundled components play well with the standard nginx core
bundled. New releases of the Nginx core might break existing 3rd-party
modules. It happens from time to time. Because we're still testing
compatibility of all the modules with nginx 1.2.x, we're not ready to
release an ngx_openresty version based on nginx 1.2.x or even 1.3.x.

But you can always replace the bundle/nginx-1.0.15/ directory in
ngx_openresty's source tree with your own verison of nginx source
tree, like nginx 1.3.1's, and the ./configure script will just pick it
up. You're at your own risk though but we're still very willing to
hear about any problems that you have :)

> 2, how to add the other third module, eg: nginx_concat_module and
> substitutions4nginx ?
>

The ./configure script provided by ngx_openresty supports all the
options of the standard nginx's ./configure options. Just use the
--add-module=PATH option to add your own 3rd-party modules as usual :)

See ./configure --help for a list of all the options that you can use.

Best regards,
-agentzh


From nginx-forum at nginx.us  Sat Jun 16 16:08:35 2012
From: nginx-forum at nginx.us (HosipLan)
Date: Sat, 16 Jun 2012 12:08:35 -0400 (EDT)
Subject: try_files acting weird, maybe affected by IF ?
Message-ID: <c6ad00f05291e979022349af79432118.NginxMailingListEnglish@forum.nginx.org>

Hi,
I've been trying to force nginx to dynamically handle hosts. This is my
configuration file

        server {
                listen          127.0.0.1:80;
                server_name    
~^(:?(?<second>.+)\.)?(?<domain>[^.]+\.[^.]+)$;
                index           index.php index.html;

                location / {
                        set             $try_dir $domain;
                        if (-d /var/www/hosts/$second.$domain) { 
                                set     $try_dir $second.$domain;
                        }

                        root            /var/www/hosts/$try_dir;
                        try_files       $uri $uri/ /index.php;
                }

                # pass the PHP scripts to FastCGI server listening on
127.0.0.1:9000
                location ~ \.php$ {
                        set             $try_dir $domain;
                        if (-d /var/www/hosts/$second.$domain) {
                                set     $try_dir $second.$domain;
                        }

                        root            /var/www/hosts/$try_dir;
                        include         fastcgi_params;
                        fastcgi_param   SERVER_NAME     $try_dir;
                        fastcgi_pass    127.0.0.1:9000;
                        fastcgi_index   index.php;

                        fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
                        fastcgi_param   PATH_INFO $fastcgi_path_info;
                        fastcgi_param   PATH_TRANSLATED
$document_root$fastcgi_path_info;

                        fastcgi_param   SCRIPT_FILENAME
$document_root$fastcgi_script_name;

                        try_files $uri =404;
                }
        }


It receives request, checks if exists corresponding subdirectory, if
not, passes to "main" directory.
I know I shouldn't be using the IF statement, but I've tried many, but
havent figured this out without the if.

So let's have a request  

        $ curl http://hosiplan.l/rewrite

The directory /var/www/hosts/hosiplan.l exists, there is index.php file
and no "rewrite" file. This should be handled by the index.php

        ...
        [debug]: *1 using configuration "/"
        ...
        [debug]: *1 http script file op 0000000000000002
"/var/www/hosts/.hosiplan.l"
        [debug]: *1 http script file op false
        [debug]: *1 http script if
        [debug]: *1 http script if: false
        ...
        [debug]: *1 try files phase: 11
        ...
        [debug]: *1 try to use file: "/rewrite"
"/var/www/hosts/hohosiplan.l/rewrite"
        ...
        [debug]: *1 try to use dir: "/rewrite"
"/var/www/hosts/hohosiplan.l/rewrite"
        ...
        [debug]: *1 try to use file: "/index.php"
"/var/www/hosts/hohosiplan.l/index.php"
        [debug]: *1 internal redirect: "/index.php?"
        ...

This works like a charm. Pure perfection. But when I use a subdomain 

        $ curl http://blaphp.hosiplan.l/rewrite

The directory /var/www/hosts/blaphp.hosiplan.l exists, there is
index.php file and no "rewrite" file. This should be handled by the
index.php

        ... 
        [debug]: *3 using configuration "/"
        ... 
        [debug]: *3 http script file op 0000000000000002
"/var/www/hosts/blaphp.hosiplan.l"
        [debug]: *3 http script if
        ...
        [debug]: *3 try files phase: 11
        ...
        [debug]: *3 http filename:
"/var/www/hosts/blaphp.hosiplan.l/rewrite"
        2012/06/16 17:05:45 [error] 2604#0: *3 open()
"/var/www/hosts/blaphp.hosiplan.l/rewrite" failed (2: No such file or
directory), client: 127.0.0.1, server:
~^(:?(?<second>.+)\.)?(?<domain>[^.]+\.[^.]+)$, request: "GET /rewrite
HTTP/1.1", host: "blaphp.hosiplan.l"

And that's where I'm stuck. Any kind of input would be really
appreciated.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227602,227602#msg-227602


From francis at daoine.org  Sat Jun 16 17:31:58 2012
From: francis at daoine.org (Francis Daly)
Date: Sat, 16 Jun 2012 18:31:58 +0100
Subject: Nginx Server : Desired Domain Name on Local Host
In-Reply-To: <CAF0dY_syWsHh3sfFjQTRdg=6RGyoMC7K9BHsCCaKoEB90mU-9w@mail.gmail.com>
References: <CAF0dY_vjj1OJksoaM_YuJ=r9BkHNSMxGAAfE6NxrWDtsnO2LVA@mail.gmail.com>
	<20120616134955.GG6210@craic.sysops.org>
	<CAF0dY_syWsHh3sfFjQTRdg=6RGyoMC7K9BHsCCaKoEB90mU-9w@mail.gmail.com>
Message-ID: <20120616173158.GH6210@craic.sysops.org>

On Sat, Jun 16, 2012 at 08:54:00PM +0530, Chetan Patil wrote:
> On Sat, Jun 16, 2012 at 7:19 PM, Francis Daly <francis at daoine.org> wrote:

Hi there,

> > adding a line
> >
> >  127.0.0.1  test
> >
> > to /etc/hosts will make it all Just Work for all browsers on the system.

> It worked. Thanks.
> 
> So, same configuration has to be done while moving to Linux hosted server ?

Probably not. This is a *client* configuration, not an nginx one.

You will need that all clients (= browsers) know how to turn whatever
server name you want to use, into whatever IP address your server has.

Usually DNS takes care of this.

/etc/hosts is a useful temporary local setting until DNS records are
set up properly.

	f
-- 
Francis Daly        francis at daoine.org


From tech at futurecourse.com  Sat Jun 16 21:00:48 2012
From: tech at futurecourse.com (Terry)
Date: Sat, 16 Jun 2012 14:00:48 -0700
Subject: Events module documentation
Message-ID: <4FDCF400.7020202@futurecourse.com>

Hello,

I can find documentation for the events module on the wiki but cannot 
find it on nginx.org.  I must be missing something.  Would someone 
please direct me to the events module documentation on nginx.org?

Also, my understanding is that the documentation on nginx.org is more up 
to date than the documentation on the wiki.  Is that correct?

Thanks.

-- 
Terry


From mdounin at mdounin.ru  Sat Jun 16 21:57:26 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Sun, 17 Jun 2012 01:57:26 +0400
Subject: try_files acting weird, maybe affected by IF ?
In-Reply-To: <c6ad00f05291e979022349af79432118.NginxMailingListEnglish@forum.nginx.org>
References: <c6ad00f05291e979022349af79432118.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120616215726.GX31671@mdounin.ru>

Hello!

On Sat, Jun 16, 2012 at 12:08:35PM -0400, HosipLan wrote:

> Hi,
> I've been trying to force nginx to dynamically handle hosts. This is my
> configuration file
> 
>         server {
>                 listen          127.0.0.1:80;
>                 server_name    
> ~^(:?(?<second>.+)\.)?(?<domain>[^.]+\.[^.]+)$;
>                 index           index.php index.html;
> 
>                 location / {
>                         set             $try_dir $domain;
>                         if (-d /var/www/hosts/$second.$domain) { 
>                                 set     $try_dir $second.$domain;
>                         }
> 
>                         root            /var/www/hosts/$try_dir;
>                         try_files       $uri $uri/ /index.php;
>                 }
> 
>                 # pass the PHP scripts to FastCGI server listening on
> 127.0.0.1:9000
>                 location ~ \.php$ {
>                         set             $try_dir $domain;
>                         if (-d /var/www/hosts/$second.$domain) {
>                                 set     $try_dir $second.$domain;
>                         }
> 
>                         root            /var/www/hosts/$try_dir;
>                         include         fastcgi_params;
>                         fastcgi_param   SERVER_NAME     $try_dir;
>                         fastcgi_pass    127.0.0.1:9000;
>                         fastcgi_index   index.php;
> 
>                         fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
>                         fastcgi_param   PATH_INFO $fastcgi_path_info;
>                         fastcgi_param   PATH_TRANSLATED
> $document_root$fastcgi_path_info;
> 
>                         fastcgi_param   SCRIPT_FILENAME
> $document_root$fastcgi_script_name;
> 
>                         try_files $uri =404;
>                 }
>         }
> 
> 
> It receives request, checks if exists corresponding subdirectory, if
> not, passes to "main" directory.
> I know I shouldn't be using the IF statement, but I've tried many, but
> havent figured this out without the if.
> 
> So let's have a request  
> 
>         $ curl http://hosiplan.l/rewrite
> 
> The directory /var/www/hosts/hosiplan.l exists, there is index.php file
> and no "rewrite" file. This should be handled by the index.php
> 
>         ...
>         [debug]: *1 using configuration "/"
>         ...
>         [debug]: *1 http script file op 0000000000000002
> "/var/www/hosts/.hosiplan.l"
>         [debug]: *1 http script file op false
>         [debug]: *1 http script if
>         [debug]: *1 http script if: false
>         ...
>         [debug]: *1 try files phase: 11
>         ...
>         [debug]: *1 try to use file: "/rewrite"
> "/var/www/hosts/hohosiplan.l/rewrite"
>         ...
>         [debug]: *1 try to use dir: "/rewrite"
> "/var/www/hosts/hohosiplan.l/rewrite"
>         ...
>         [debug]: *1 try to use file: "/index.php"
> "/var/www/hosts/hohosiplan.l/index.php"
>         [debug]: *1 internal redirect: "/index.php?"
>         ...
> 
> This works like a charm. Pure perfection. But when I use a subdomain 
> 
>         $ curl http://blaphp.hosiplan.l/rewrite
> 
> The directory /var/www/hosts/blaphp.hosiplan.l exists, there is
> index.php file and no "rewrite" file. This should be handled by the
> index.php
> 
>         ... 
>         [debug]: *3 using configuration "/"
>         ... 
>         [debug]: *3 http script file op 0000000000000002
> "/var/www/hosts/blaphp.hosiplan.l"
>         [debug]: *3 http script if
>         ...
>         [debug]: *3 try files phase: 11
>         ...
>         [debug]: *3 http filename:
> "/var/www/hosts/blaphp.hosiplan.l/rewrite"
>         2012/06/16 17:05:45 [error] 2604#0: *3 open()
> "/var/www/hosts/blaphp.hosiplan.l/rewrite" failed (2: No such file or
> directory), client: 127.0.0.1, server:
> ~^(:?(?<second>.+)\.)?(?<domain>[^.]+\.[^.]+)$, request: "GET /rewrite
> HTTP/1.1", host: "blaphp.hosiplan.l"
> 
> And that's where I'm stuck. Any kind of input would be really
> appreciated.

In the second case the "if (-d ...)" is matched, and you are 
hitting "try_files won't work due to if" example from here:

http://wiki.nginx.org/IfIsEvil#Examples

Trivial solution in this case is to move your ifs to server 
level.

Maxim Dounin


From nginx-forum at nginx.us  Sat Jun 16 22:11:18 2012
From: nginx-forum at nginx.us (amodpandey)
Date: Sat, 16 Jun 2012 18:11:18 -0400 (EDT)
Subject: How to set html files into memcache
Message-ID: <1b73dc6497f07a7dc3df130a6e67cf58.NginxMailingListEnglish@forum.nginx.org>

Using HttpMemcachedModule I could easily integrate memcache with nginx.

I wanted to know how do I set the missing htmls into memcache. Like
this

If $uri in memchache
  serve from memcache
else
  set into memcache
  server from proxy

Please suggest

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227610,227610#msg-227610


From nginx-forum at nginx.us  Sun Jun 17 00:43:46 2012
From: nginx-forum at nginx.us (adamchal)
Date: Sat, 16 Jun 2012 20:43:46 -0400 (EDT)
Subject: Adding $request_path Variable
Message-ID: <377bd7646bc5cefee46251b16f8b5104.NginxMailingListEnglish@forum.nginx.org>

It would be very nice if someone would add the following variable to
Nginx:

$request_path

Right now, we have $request_uri which includes the query string of the
original request.  We also have the $uri which is the path portion of
the $request_uri, but it is the path AFTER the rewrites.  What would be
very useful is the $request_path, which would be the original path
portion of the $request_uri.

I use a very efficient TSV access log that can be imported and parsed
VERY quickly by our analytics software.  The problem with logging the
$uri is that for requests that generate a 500 error, we lose the
original request path since the error_page directed rewrites the $uri.

Thoughts?

Adam

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227612,227612#msg-227612


From monitor.xoyo at gmail.com  Sun Jun 17 02:40:08 2012
From: monitor.xoyo at gmail.com (Xiangong Yang)
Date: Sun, 17 Jun 2012 10:40:08 +0800
Subject: why return HTTP 500 when use the require "resty.memcached" in
	HttpLuaModule module?
In-Reply-To: <CAB4Tn6Pjk0VjNypqNOJsD3pPw3RrwK67WLsy3M3G4g6ZY44new@mail.gmail.com>
References: <CAKxrJ_c+QvNqc2aNgZS8PQGrg+0iceqgGvTDYQt6FD7sy_unWA@mail.gmail.com>
	<CAB4Tn6PYWhpJvGux3jHyEF+KwdO7oDi0S7Oh_9ZMgGVT6Boa0A@mail.gmail.com>
	<CAKxrJ_egOaY3XTym6f7X5EnxWowWbCbWVYZ_Mjn+dKiwPWks-Q@mail.gmail.com>
	<CAB4Tn6Pjk0VjNypqNOJsD3pPw3RrwK67WLsy3M3G4g6ZY44new@mail.gmail.com>
Message-ID: <CAKxrJ_e2bGM9otHS-mw2dj9YjFqTp3bV7RqG3+XQw_dQtfSdsQ@mail.gmail.com>

Thank you very much! agentzh.
You're always awesome for your friendly and .and your great contribitons.

now i accepted the two suggustion to upgrate my nginx version and add the
other 3rd-party modules.
It's very happy  work.

Thank you again.



2012/6/16 agentzh <agentzh at gmail.com>

> > But i've two problem:
> > 1, how to upgrate the nginx to the latest version, eg: nginx 1.3.1 ?
>
> One of the main points of the ngx_openresty bundle is to ensure that
> all the bundled components play well with the standard nginx core
> bundled. New releases of the Nginx core might break existing 3rd-party
> modules. It happens from time to time. Because we're still testing
> compatibility of all the modules with nginx 1.2.x, we're not ready to
> release an ngx_openresty version based on nginx 1.2.x or even 1.3.x.
>
> But you can always replace the bundle/nginx-1.0.15/ directory in
> ngx_openresty's source tree with your own verison of nginx source
> tree, like nginx 1.3.1's, and the ./configure script will just pick it
> up. You're at your own risk though but we're still very willing to
> hear about any problems that you have :)
>
> > 2, how to add the other third module, eg: nginx_concat_module and
> > substitutions4nginx ?
> >
>
> The ./configure script provided by ngx_openresty supports all the
> options of the standard nginx's ./configure options. Just use the
> --add-module=PATH option to add your own 3rd-party modules as usual :)
>
> See ./configure --help for a list of all the options that you can use.
>
> Best regards,
> -agentzh
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120617/3833afca/attachment.html>

From agentzh at gmail.com  Sun Jun 17 07:03:34 2012
From: agentzh at gmail.com (agentzh)
Date: Sun, 17 Jun 2012 15:03:34 +0800
Subject: How to set html files into memcache
In-Reply-To: <1b73dc6497f07a7dc3df130a6e67cf58.NginxMailingListEnglish@forum.nginx.org>
References: <1b73dc6497f07a7dc3df130a6e67cf58.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAB4Tn6OuSCQZFbsW1Up0e+QL=w3L+hXiARTEZGp_wmW6SxCXnw@mail.gmail.com>

Hello!

On Sun, Jun 17, 2012 at 6:11 AM, amodpandey <nginx-forum at nginx.us> wrote:
> Using HttpMemcachedModule I could easily integrate memcache with nginx.
>
> I wanted to know how do I set the missing htmls into memcache. Like
> this
>

Take a look at my ngx_srcache and ngx_memc modules:

    http://wiki.nginx.org/HttpSRCacheModule
    http://wiki.nginx.org/HttpMemcModule

The former provides a generic and transparent response cache layer
based on the Nginx subrequests while the latter provides a memcached
client that implements most of the memcached TCP ASCII protocol and
these two can work together.

Best regards,
-agentzh


From nginx-forum at nginx.us  Sun Jun 17 08:46:42 2012
From: nginx-forum at nginx.us (HosipLan)
Date: Sun, 17 Jun 2012 04:46:42 -0400 (EDT)
Subject: try_files acting weird, maybe affected by IF ?
In-Reply-To: <20120616215726.GX31671@mdounin.ru>
References: <20120616215726.GX31671@mdounin.ru>
Message-ID: <9903775bfd042b5178f6d9255c05770c.NginxMailingListEnglish@forum.nginx.org>

You've saved my day! Thank you wery much!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227602,227618#msg-227618


From mdounin at mdounin.ru  Sun Jun 17 08:56:36 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Sun, 17 Jun 2012 12:56:36 +0400
Subject: Events module documentation
In-Reply-To: <4FDCF400.7020202@futurecourse.com>
References: <4FDCF400.7020202@futurecourse.com>
Message-ID: <20120617085636.GY31671@mdounin.ru>

Hello!

On Sat, Jun 16, 2012 at 02:00:48PM -0700, Terry wrote:

> Hello,
> 
> I can find documentation for the events module on the wiki but
> cannot find it on nginx.org.  I must be missing something.  Would
> someone please direct me to the events module documentation on
> nginx.org?

Existing documentation is here:
http://nginx.org/en/docs/ngx_core_module.html

> Also, my understanding is that the documentation on nginx.org is
> more up to date than the documentation on the wiki.  Is that
> correct?

Generally yes, but there are still some parts which are missing 
from official docs and wiki might be better.  And obviously C 
language documentation always wins. :)

Maxim Dounin


From nginx-forum at nginx.us  Sun Jun 17 12:06:43 2012
From: nginx-forum at nginx.us (amodpandey)
Date: Sun, 17 Jun 2012 08:06:43 -0400 (EDT)
Subject: How to set html files into memcache
In-Reply-To: <CAB4Tn6OuSCQZFbsW1Up0e+QL=w3L+hXiARTEZGp_wmW6SxCXnw@mail.gmail.com>
References: <CAB4Tn6OuSCQZFbsW1Up0e+QL=w3L+hXiARTEZGp_wmW6SxCXnw@mail.gmail.com>
Message-ID: <5301b0017be879e2ecfc6882ad1aaa1d.NginxMailingListEnglish@forum.nginx.org>

Thank you Agentzh.

I will look into that.

I have an associated question. I have a memcache cluster (multiple
nodes). So I defined an 

upstream memcached_pass_stream {
  server node1:11211;
  server node2:11211; 
  server node3:11211;
  server node4:11211;
}

And I pass it
memcached_pass $scheme://memcached_pass_stream/;

I am using memcached cluster (AWS ElastiCache)

Q1 I hope this is the right way to integrate with multiple nodes.

Q2 If yes, what logic nginx follows to pick the nodes? I should use
similar logic to set data else there might be many misses.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227610,227622#msg-227622


From agentzh at gmail.com  Sun Jun 17 14:11:25 2012
From: agentzh at gmail.com (agentzh)
Date: Sun, 17 Jun 2012 22:11:25 +0800
Subject: How to set html files into memcache
In-Reply-To: <5301b0017be879e2ecfc6882ad1aaa1d.NginxMailingListEnglish@forum.nginx.org>
References: <CAB4Tn6OuSCQZFbsW1Up0e+QL=w3L+hXiARTEZGp_wmW6SxCXnw@mail.gmail.com>
	<5301b0017be879e2ecfc6882ad1aaa1d.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAB4Tn6MNLTdmeneQMVB7NhgxWrWMP8yrVVP9-STghTgqwnT-Dg@mail.gmail.com>

Hello!

On Sun, Jun 17, 2012 at 8:06 PM, amodpandey <nginx-forum at nginx.us> wrote:
> I have a memcache cluster (multiple
> nodes). So I defined an
>
> upstream memcached_pass_stream {
> ?server node1:11211;
> ?server node2:11211;
> ?server node3:11211;
> ?server node4:11211;
> }
>
> And I pass it
> memcached_pass $scheme://memcached_pass_stream/;
>
> I am using memcached cluster (AWS ElastiCache)
>
> Q1 I hope this is the right way to integrate with multiple nodes.
>

No, unless all your memcached nodes are read-only and contain exactly
the same data copy.

> Q2 If yes, what logic nginx follows to pick the nodes? I should use
> similar logic to set data else there might be many misses.
>

By default, round-robin is used to pick up nodes. You can do key
modulo hashing by means of the set_hashed_upstream directive provided
by the ngx_set_misc module:

    http://wiki.nginx.org/HttpSetMiscModule#set_hashed_upstream

Alternatively, you can just use some Lua code to calculate the backend
upstream name in arbitrary way that you like for each individual
request. See ngx_lua for details. And here's an example that
determines a backend for proxy_pass on-the-fly by querying a redis
backend via a little Lua code:

    http://openresty.org/#DynamicRoutingBasedOnRedis

The basic idea is essentially the same.

Regards,
-agentzh


From nginx-forum at nginx.us  Sun Jun 17 18:15:27 2012
From: nginx-forum at nginx.us (clemclem)
Date: Sun, 17 Jun 2012 14:15:27 -0400 (EDT)
Subject: Joomla multilingual subdomain redirect/rewrite
In-Reply-To: <c80dd9f04a234b2a0e35004ea728c817.NginxMailingListEnglish@forum.nginx.org>
References: <c80dd9f04a234b2a0e35004ea728c817.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <9a3fe79f9c0b3149662d2633765f506a.NginxMailingListEnglish@forum.nginx.org>

Hi all, 

In fact, I was looking for a transparent redirect. Here is what I finaly
did :

server {
  server_name ~^(?<lang>.+)\.example\.com$;
  location / {
    rewrite /(.*)$ /$lang/$1 break;
    proxy_pass http://www.example.com;
    proxy_redirect http://www.example.com
http://$lang.example.com/$request_uri;
  }
}

server {
  listen 80;
  server_name www.example.com;
...
}

One more question though :  is there a way for Nginx to rewrite all the
URLs in the generated page so they are all SEF ? ie:
http://fr.example.com instead of http://www.example.com/fr ?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227568,227628#msg-227628


From nginx-forum at nginx.us  Sun Jun 17 22:20:10 2012
From: nginx-forum at nginx.us (amodpandey)
Date: Sun, 17 Jun 2012 18:20:10 -0400 (EDT)
Subject: How to set html files into memcache
In-Reply-To: <1b73dc6497f07a7dc3df130a6e67cf58.NginxMailingListEnglish@forum.nginx.org>
References: <1b73dc6497f07a7dc3df130a6e67cf58.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <c561e739187efa0c6a0e1937f3d91343.NginxMailingListEnglish@forum.nginx.org>

Thank you Agentzh.

I did a test with a simple set up. Amazon large machine with nginx
sering a file from disk and in another set-up serving teh same file from
a local memcached. To my surprise I do not see any difference in the
performance. They were equal. So given the complexity of memcache in
between I see not having memcache is better.

How could be this possible? I did test to 100, 300 and 500 concurrent
users with 89kb of html file for 1 minute using sieze.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227610,227630#msg-227630


From agentzh at gmail.com  Mon Jun 18 03:42:27 2012
From: agentzh at gmail.com (agentzh)
Date: Mon, 18 Jun 2012 11:42:27 +0800
Subject: How to set html files into memcache
In-Reply-To: <c561e739187efa0c6a0e1937f3d91343.NginxMailingListEnglish@forum.nginx.org>
References: <1b73dc6497f07a7dc3df130a6e67cf58.NginxMailingListEnglish@forum.nginx.org>
	<c561e739187efa0c6a0e1937f3d91343.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAB4Tn6MpqzM-J9AKXrinpb_tfcp=6a2tyygy8MUakY_7sbTamQ@mail.gmail.com>

Hello!

On Mon, Jun 18, 2012 at 6:20 AM, amodpandey <nginx-forum at nginx.us> wrote:
> Thank you Agentzh.
>

Please do not capitalize my nick. Thank you.

> I did a test with a simple set up. Amazon large machine with nginx
> sering a file from disk and in another set-up serving teh same file from
> a local memcached. To my surprise I do not see any difference in the
> performance. They were equal. So given the complexity of memcache in
> between I see not having memcache is better.
>

It's very likely that your cache does not work at all :) Please ensure
that the cache hit rate on your side is not zero :)

The following slide shows how ngx_srcache + ngx_memc performs on
Amazon EC2's standard *Small* instance for caching small resultsets (a
single-line resultset) from a MySQL custom cluster:

    http://agentzh.org/misc/slides/libdrizzle-lua-nginx/#84

And below is the result for caching big resultsets (100KB) in exactly
the same setup:

    http://agentzh.org/misc/slides/libdrizzle-lua-nginx/#85

You can walk through all the remaining slides in the same place to
learn more about ngx_srcache and ngx_memc in your web browser by using
the pagedown/pageup keys on your keyboard.

Regards,
-agentzh


From tech at futurecourse.com  Mon Jun 18 07:17:23 2012
From: tech at futurecourse.com (Terry)
Date: Mon, 18 Jun 2012 00:17:23 -0700
Subject: Events module documentation
In-Reply-To: <20120617085636.GY31671@mdounin.ru>
References: <4FDCF400.7020202@futurecourse.com>
	<20120617085636.GY31671@mdounin.ru>
Message-ID: <4FDED603.5010508@futurecourse.com>

Hi Maxim,

On 17/06/2012 01:56, Maxim Dounin wrote:
> Hello!
>
> Existing documentation is here:
> http://nginx.org/en/docs/ngx_core_module.html

Found that and have been reading.

>> Also, my understanding is that the documentation on nginx.org is
>> more up to date than the documentation on the wiki.  Is that
>> correct?
>
> Generally yes, but there are still some parts which are missing
> from official docs and wiki might be better.  And obviously C
> language documentation always wins. :)

Thanks for the info.  Thought I was going crazy there for a minute when 
I couldn't find some things. :)

-- 
Terry



From ne at vbart.ru  Mon Jun 18 10:47:23 2012
From: ne at vbart.ru (Valentin V. Bartenev)
Date: Mon, 18 Jun 2012 14:47:23 +0400
Subject: correct commands to enable nonssl, ssl, ipv6, spdy
In-Reply-To: <CAG_yTXxuxCE=5r90r_MnhKzn7=uxFKubo-s6AT8fO2AxC4Ccdg@mail.gmail.com>
References: <CAG_yTXxuxCE=5r90r_MnhKzn7=uxFKubo-s6AT8fO2AxC4Ccdg@mail.gmail.com>
Message-ID: <201206181447.23788.ne@vbart.ru>

On Saturday 16 June 2012 14:28:47 Ryan Brown wrote:
> Wanting to enable ssl+spdy+ipv6 on port 443, and ipv6 on port 80.
> 
>     server {
>         server_name secure.domain.com;
>         #
>         listen [::]80;

  listen [::]:80;

>         listen [::]:443 ssl spdy default ipv6only=on;
>         #listen       [::]:443;
>         #listen [::]:443 ssl default_server=on;
>         #listen        [::]:443 spdy default ipv6only=on;
>        [...]
>       }
> 
> I've tried various methods, but the https isn't working.. whats the
> correct command to enable all such options?
> 

  listen [::]:443 ssl spdy default_server ipv6only=on; 
 
Should work. And don't forget to configure certificate.

http://nginx.org/r/listen
http://nginx.org/en/docs/http/ngx_http_ssl_module.html

 wbr, Valentin V. Bartenev


From nginx-forum at nginx.us  Mon Jun 18 11:14:12 2012
From: nginx-forum at nginx.us (LexxTheFox)
Date: Mon, 18 Jun 2012 07:14:12 -0400 (EDT)
Subject: Different limit_req rules for different user agents
Message-ID: <08e9926a181e1a2a15a417def93d1677.NginxMailingListEnglish@forum.nginx.org>

Hello.

I need to check client's user agent and apply different limit_req rules
for different UAs.
I've been trying to do it this way:

http {
limit_req_zone $binary_remote_addr zone=bots:10m rate=1r/m;
server {
...
location / {
if ($http_user_agent ~* (google|bing|yandex|msnbot) )
{
limit_req zone=bots burst=5 nodelay;
}
include balancer.conf;
}}}

But apparently I'm missing something as nginx -t says '[emerg]:
"limit_req" directive is not allowed here'. Most likely due to poor
understanding of configfile syntax. Please advice me on how to achieve
my goal.

Thanks in advance.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227641,227641#msg-227641


From ne at vbart.ru  Mon Jun 18 13:06:31 2012
From: ne at vbart.ru (Valentin V. Bartenev)
Date: Mon, 18 Jun 2012 17:06:31 +0400
Subject: Different limit_req rules for different user agents
In-Reply-To: <08e9926a181e1a2a15a417def93d1677.NginxMailingListEnglish@forum.nginx.org>
References: <08e9926a181e1a2a15a417def93d1677.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <201206181706.31576.ne@vbart.ru>

On Monday 18 June 2012 15:14:12 LexxTheFox wrote:
> Hello.
> 
> I need to check client's user agent and apply different limit_req rules
> for different UAs.
> I've been trying to do it this way:
> 
> http {
> limit_req_zone $binary_remote_addr zone=bots:10m rate=1r/m;
> server {
> ...
> location / {
> if ($http_user_agent ~* (google|bing|yandex|msnbot) )
> {
> limit_req zone=bots burst=5 nodelay;
> }
> include balancer.conf;
> }}}

  http {

      map $http_user_agent $limit_bots {
          default '';
          ~*(google|bing|yandex|msnbot) $binary_remote_addr;
      }

      limit_req_zone $limit_bots zone=bots:10m rate=1r/m;

      server {
          location / {
              limit_req zone=bots burst=5 nodelay;
          }
      }
  }

> But apparently I'm missing something as nginx -t says '[emerg]:
> "limit_req" directive is not allowed here'. Most likely due to poor
> understanding of configfile syntax.

http://nginx.org/r/limit_req
context: 	http, server, location

 wbr, Valentin V. Bartenev


From nginx-forum at nginx.us  Mon Jun 18 19:47:21 2012
From: nginx-forum at nginx.us (dparshin)
Date: Mon, 18 Jun 2012 15:47:21 -0400 (EDT)
Subject: Memory consumption in case of huge number of configs
Message-ID: <be87e339550349a953ed5457123b8e59.NginxMailingListEnglish@forum.nginx.org>

Hello,

I noticed following behavior of nginx recently, everything I describe
here is related to the case when we have huge number of configuration
files(> 1000). Once nginx is started it occupies more than 100MB of
memory, memory is not freed on fork. That is expected behavior but the
weird thing happens on configuration reload, once HUP signal is sent,
master process doubles occupied memory size, if reload is repeated
memory consumption stays the same, so it looks like memory is not reused
in process of reload, instead new pool is created, which leads to the
waste of memory.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227668,227668#msg-227668


From appa at perusio.net  Mon Jun 18 08:23:37 2012
From: appa at perusio.net (=?UTF-8?B?QW50w7NuaW8=?= P. P. Almeida)
Date: Mon, 18 Jun 2012 10:23:37 +0200
Subject: Adding $request_path Variable
In-Reply-To: <377bd7646bc5cefee46251b16f8b5104.NginxMailingListEnglish@forum.nginx.org>
References: <377bd7646bc5cefee46251b16f8b5104.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <8762apf2pi.wl%appa@perusio.net>

On 17 Jun 2012 02h43 CEST, nginx-forum at nginx.us wrote:

> It would be very nice if someone would add the following variable to
> Nginx:
>
> $request_path
>
> Right now, we have $request_uri which includes the query string of
> the original request.  We also have the $uri which is the path
> portion of the $request_uri, but it is the path AFTER the rewrites.
> What would be very useful is the $request_path, which would be the
> original path portion of the $request_uri.

If I understand your problem you want to keep the original URI in a
variable to log it later.

Try setting a variable at the server level. Note that both set and
rewrite happen at the rewrite phase. So if you have server level
rewrites, make sure the variable is set *before* the rewrites appear.

server { #...

set $orig_uri $uri; # $orig_uri is the variable having the 

# Rewrites can happen below here

#... log $orig_uri

}

--- appa


From jabberuser at gmail.com  Mon Jun 18 19:51:31 2012
From: jabberuser at gmail.com (Piotr Karbowski)
Date: Mon, 18 Jun 2012 21:51:31 +0200
Subject: [BUG?] Nginx hangs when you use try_files, map,
	request_uri and long url.
Message-ID: <4FDF86C3.508@gmail.com>

Hi,

For some reason, when I use long key with Map Module the whole nginx 
seems to hang.

Some background:
I have two backends, say old_app and new_app. both have own named 
locations, @new_app and old_app. In order to redirect urls I tried to use:

	map $request_uri $map_apps {
		default @new_app;
		/asd @old_app;
	}
	try_files /not_exist $map_apps;

And it was working, then I added another key, 70 chars long, with 
commas, - and numbers, like "/foo-bar,123,asd-qwe-asdasdasd"

since the keyword have 70 chars I had to change default 64 value of 
map_hash_bucket_size, I changed it to 128.

Now, if I access the '/foo-bar,123,asd-qwe-asdasdasd' url, nginx just 
hangs, firefox return 'connection reset', wget seems to retry every 3s 
with message 'no data'. I cant access any vhost, I cant even stop nginx, 
the workers ignore master, when I nginx -s stop, the workers are still 
alive, when I kill master with sigTERM, the workers are still alive, 
eventualy, after few minutes they starts working and support requests or 
just die.

The underlaying system is debian6, nginx version 1.1.19 (from 
squeeze-backports), 64bit.

even if I have only default entry in map, and then access the long url, 
the nginx hangs, but when I hash-out the map and try_files lines, I can 
access the url and see 404 error.

fwiw I tried to use map since I have about 100 URLs that I want to 
proxy_pass to old_app, rest have to be handled by new_app.

-- Piotr.


From mdounin at mdounin.ru  Mon Jun 18 20:02:32 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 19 Jun 2012 00:02:32 +0400
Subject: [BUG?] Nginx hangs when you use try_files, map,
	request_uri and long url.
In-Reply-To: <4FDF86C3.508@gmail.com>
References: <4FDF86C3.508@gmail.com>
Message-ID: <20120618200232.GN31671@mdounin.ru>

Hello!

On Mon, Jun 18, 2012 at 09:51:31PM +0200, Piotr Karbowski wrote:

> Hi,
> 
> For some reason, when I use long key with Map Module the whole nginx
> seems to hang.
> 
> Some background:
> I have two backends, say old_app and new_app. both have own named
> locations, @new_app and old_app. In order to redirect urls I tried
> to use:
> 
> 	map $request_uri $map_apps {
> 		default @new_app;
> 		/asd @old_app;
> 	}
> 	try_files /not_exist $map_apps;
> 
> And it was working, then I added another key, 70 chars long, with
> commas, - and numbers, like "/foo-bar,123,asd-qwe-asdasdasd"
> 
> since the keyword have 70 chars I had to change default 64 value of
> map_hash_bucket_size, I changed it to 128.
> 
> Now, if I access the '/foo-bar,123,asd-qwe-asdasdasd' url, nginx
> just hangs, firefox return 'connection reset', wget seems to retry
> every 3s with message 'no data'. I cant access any vhost, I cant
> even stop nginx, the workers ignore master, when I nginx -s stop,
> the workers are still alive, when I kill master with sigTERM, the
> workers are still alive, eventualy, after few minutes they starts
> working and support requests or just die.
> 
> The underlaying system is debian6, nginx version 1.1.19 (from
> squeeze-backports), 64bit.
> 
> even if I have only default entry in map, and then access the long
> url, the nginx hangs, but when I hash-out the map and try_files
> lines, I can access the url and see 404 error.
> 
> fwiw I tried to use map since I have about 100 URLs that I want to
> proxy_pass to old_app, rest have to be handled by new_app.

The problem isn't map, the problem is try_files which is broken in 
1.1.19.  Please upgrade to 1.2.0 at least, or apply the following 
patch:

http://trac.nginx.org/nginx/changeset/4601/nginx

Changes with nginx 1.2.0:

    *) Bugfix: a segmentation fault might occur in a worker process if the
       "try_files" directive was used; the bug had appeared in 1.1.19.

Maxim Dounin


From ne at vbart.ru  Mon Jun 18 23:13:43 2012
From: ne at vbart.ru (Valentin V. Bartenev)
Date: Tue, 19 Jun 2012 03:13:43 +0400
Subject: Memory consumption in case of huge number of configs
In-Reply-To: <be87e339550349a953ed5457123b8e59.NginxMailingListEnglish@forum.nginx.org>
References: <be87e339550349a953ed5457123b8e59.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <201206190313.43792.ne@vbart.ru>

On Monday 18 June 2012 23:47:21 dparshin wrote:
> I noticed following behavior of nginx recently, everything I describe
> here is related to the case when we have huge number of configuration
> files(> 1000). Once nginx is started it occupies more than 100MB of
> memory, memory is not freed on fork. That is expected behavior but the
> weird thing happens on configuration reload, once HUP signal is sent,
> master process doubles occupied memory size, if reload is repeated
> memory consumption stays the same, so it looks like memory is not reused
> in process of reload, instead new pool is created, which leads to the
> waste of memory.
> 

Of course it creates a new pool. Nginx must continue to work and handle 
requests, even if it fails to load the new configuration.

 wbr, Valentin V. Bartenev


From mrwzl at yahoo.com  Mon Jun 18 23:26:45 2012
From: mrwzl at yahoo.com (jeff thomas)
Date: Mon, 18 Jun 2012 16:26:45 -0700 (PDT)
Subject: nginx keeps passing the same http_cookie to uwsgi
Message-ID: <1340062005.35680.YahooMailNeo@web125502.mail.ne1.yahoo.com>

I have a small python app running via uwsgi with requests served by nginx.?

I'm printing the environment variables... and it looks like after a couple of ok requests, nginx is sending the same HTTP_COOKIE param for unrelated requests:

For example:
{'UWSGI_CHDIR': '/ebs/py', 'HTTP_COOKIE': 'ge_t_c=4fcee8450c3bee709800920c', 'UWSGI_SCRIPT': 'server', 'uwsgi.version': '1.1.2', 'REQUEST_METHOD': 'GET', 'PATH_INFO': '/redirect/ebebaf3b-475a-4010-9a72-96eeff797f1e', 'SERVER_PROTOCOL': 'HTTP/1.1', 'QUERY_STRING': '', 'x-wsgiorg.fdevent.readable': <built-in function uwsgi_eventfd_read>, 'CONTENT_LENGTH': '', 'uwsgi.ready_fd': None, 'HTTP_USER_AGENT': 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)', 'HTTP_CONNECTION': 'close', 'HTTP_REFERER': 'http://www.facebook.com/', 'SERVER_NAME': 'pixel.domain.com', 'REMOTE_ADDR': '10.load.bal.ip', 'wsgi.url_scheme': 'http', 'SERVER_PORT': '80', 'wsgi.multiprocess': True, 'uwsgi.node': 'py.domain.com', 'DOCUMENT_ROOT': '/etc/nginx/html', 'UWSGI_PYHOME': '/ebs/py', 'uwsgi.core': 127, 'HTTP_X_FORWARDED_PROTO': 'http', 'x-wsgiorg.fdevent.writable': <built-in function uwsgi_eventfd_write>, 'wsgi.input':
 <newrelic.api.web_transaction.WSGIInputWrapper object at 0x1809b90>, 'HTTP_HOST': 'track.domain.com', 'wsgi.multithread': False, 'REQUEST_URI': '/redirect/ebebaf3b-475a-4010-9a72-96eeff797f1e', 'HTTP_ACCEPT': 'text/html, application/xhtml+xml, */*', 'wsgi.version': (1, 0), 'x-wsgiorg.fdevent.timeout': None, 'HTTP_X_FORWARDED_FOR': '10.load.bal.ip', 'wsgi.errors': <open file 'wsgi_errors', mode 'w' at 0x1995390>, 'REMOTE_PORT': '36462', 'HTTP_ACCEPT_LANGUAGE': 'en-US', 'wsgi.run_once': False, 'HTTP_X_FORWARDED_PORT': '80', 'CONTENT_TYPE': '', 'wsgi.file_wrapper': <built-in function uwsgi_sendfile>, 'HTTP_ACCEPT_ENCODING': 'gzip, deflate'}



and

?{'UWSGI_CHDIR': '/ebs/py', 'HTTP_COOKIE':?'ge_t_c=4fcee8450c3bee709800920c', 'UWSGI_SCRIPT': 'server',?'uwsgi.version': '1.1.2','REQUEST_METHOD': 'GET', 'PATH_INFO':?'/redirect/2391e658-95ef-4300-80f5-83dbb1a0e526', 'SERVER_PROTOCOL':?'HTTP/1.1', 'QUERY_STRING': '', 'x-wsgiorg.fdevent.readable':?<built-in function uwsgi_eventfd_read>, 'CONTENT_LENGTH': '',?'uwsgi.ready_fd': None, 'HTTP_USER_AGENT': 'Mozilla/5.0 (iPad; CPU OS?5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko)?Version/5.1 Mobile/9B206 Safari/7534.48.3', 'HTTP_CONNECTION':
?'close', 'HTTP_REFERER': 'http://www.facebook.com/', 'SERVER_NAME':?'pixel.domain.com', 'REMOTE_ADDR': '10.load.balancer.ip',
?'wsgi.url_scheme': 'http', 'SERVER_PORT': '80', 'wsgi.multiprocess':?True, 'uwsgi.node': 'py.domain.com', 'DOCUMENT_ROOT':
?'/etc/nginx/html', 'UWSGI_PYHOME': '/ebs/py', 'uwsgi.core': 127,?'HTTP_X_FORWARDED_PROTO': 'http', 'x-wsgiorg.fdevent.writable':
?<built-in function uwsgi_eventfd_write>, 'wsgi.input':?<newrelic.api.web_transaction.WSGIInputWrapper object at 0x18f3850>,?'HTTP_HOST': 'fire.domain.com', 'wsgi.multithread': False,?'REQUEST_URI': '/redirect/2391e658-95ef-4300-80f5-83dbb1a0e526',
?'HTTP_ACCEPT':?'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',?'wsgi.version': (1, 0), 'x-wsgiorg.fdevent.timeout': None,
?'HTTP_X_FORWARDED_FOR': '10.load.bal.ip', 'wsgi.errors': <open file?'wsgi_errors', mode 'w' at 0x1796e40>, 'REMOTE_PORT': '39498',
?'HTTP_ACCEPT_LANGUAGE': 'en-us', 'wsgi.run_once': False,?'HTTP_X_FORWARDED_PORT': '80', 'CONTENT_TYPE': '',?'wsgi.file_wrapper': <built-in function uwsgi_sendfile>,?'HTTP_ACCEPT_ENCODING': 'gzip, deflate'}

These are 2 distinct clients. I opened an incognito session, confirmed that no cookie was sent in the headers, and the uwsgi log shows that it received the same HTTP_COOKIE.

How can I make sure that nginx only passes the proper information for the current request, without regard to other requests?


From mrwzl at yahoo.com  Mon Jun 18 23:33:52 2012
From: mrwzl at yahoo.com (jeff thomas)
Date: Mon, 18 Jun 2012 16:33:52 -0700 (PDT)
Subject: nginx keeps passing the same http_cookie to uwsgi
In-Reply-To: <1340062005.35680.YahooMailNeo@web125502.mail.ne1.yahoo.com>
References: <1340062005.35680.YahooMailNeo@web125502.mail.ne1.yahoo.com>
Message-ID: <1340062432.54268.YahooMailNeo@web125503.mail.ne1.yahoo.com>

Another request in a completely fresh browser:

Request Headers:
Accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset:ISO-8859-1,utf-8;q=0.7,*;q=0.3
Accept-Encoding:gzip,deflate,sdch
Accept-Language:en-US,en;q=0.8
Connection:keep-alive
Host:fire.domain.com
User-Agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5


uwsgi output of the environment:
{'UWSGI_CHDIR': '/ebs/py', 'HTTP_X_WAP_PROFILE': 'http://uaprof.vtext.com/mot/a956/a956.xml', 'HTTP_REFERER': 'http://www.facebook.com/', 'UWSGI_SCRIPT': 'server', 'uwsgi.version': '1.1.2', 'REQUEST_METHOD': 'GET', 'PATH_INFO': '/redirect/8ddcc113-092e-46ce-845b-462b825ea792', 'SERVER_PROTOCOL': 'HTTP/1.1', 'QUERY_STRING': '', 'x-wsgiorg.fdevent.readable': <built-in function uwsgi_eventfd_read>, 'CONTENT_LENGTH': '', 'uwsgi.ready_fd': None, 'HTTP_USER_AGENT': 'Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_4) AppleWebKit/536.5 (KHTML, like Gecko) Chrome/19.0.1084.56 Safari/536.5', 'HTTP_CONNECTION': 'close', 'HTTP_COOKIE': 'ge_t_c=4fcee8450c3bee709800920c', 'SERVER_NAME': 'pixel.domain.com', 'REMOTE_ADDR': '10.load.bal.ip', 'HTTP_X_BLUECOAT_VIA': '442C08A7416C4033', 'wsgi.url_scheme': 'http', 'SERVER_PORT': '80', 'wsgi.multiprocess': True, 'uwsgi.node': 'pyfire-1.domain.com', 'DOCUMENT_ROOT': '/etc/nginx/html', 'UWSGI_PYHOME': '/ebs/py',
 'HTTP_ACCEPT_CHARSET': 'ISO-8859-1,utf-8;q=0.7,*;q=0.3', 'uwsgi.core': 127, 'HTTP_X_FORWARDED_PROTO': 'http', 'x-wsgiorg.fdevent.writable': <built-in function uwsgi_eventfd_write>, 'wsgi.input': <newrelic.api.web_transaction.WSGIInputWrapper object at 0x17df650>, 'HTTP_HOST': 'fire.domain.com', 'wsgi.multithread': False, 'HTTP_UA_CPU': 'AMD64', 'HTTP_CACHE_CONTROL': 'max-stale=0', 'REQUEST_URI': '/redirect/8ddcc113-092e-46ce-845b-462b825ea792', 'HTTP_ACCEPT': 'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8', 'wsgi.version': (1, 0), 'x-wsgiorg.fdevent.timeout': None, 'HTTP_X_FORWARDED_FOR': '10.load.bal.ip', 'wsgi.errors': <open file 'wsgi_errors', mode 'w' at 0x19955d0>, 'REMOTE_PORT': '51791', 'HTTP_ACCEPT_LANGUAGE': 'en-US,en;q=0.8', 'wsgi.run_once': False, 'HTTP_X_FORWARDED_PORT': '80', 'CONTENT_TYPE': '', 'wsgi.file_wrapper': <built-in function uwsgi_sendfile>, 'HTTP_ACCEPT_ENCODING': 'gzip,deflate,sdch'}

----- Original Message -----
From: jeff thomas <mrwzl at yahoo.com>
To: "nginx at nginx.org" <nginx at nginx.org>
Cc: 
Sent: Monday, June 18, 2012 4:26 PM
Subject: nginx keeps passing the same http_cookie to uwsgi

I have a small python app running via uwsgi with requests served by nginx.?

I'm printing the environment variables... and it looks like after a couple of ok requests, nginx is sending the same HTTP_COOKIE param for unrelated requests:

For example:
{'UWSGI_CHDIR': '/ebs/py', 'HTTP_COOKIE': 'ge_t_c=4fcee8450c3bee709800920c', 'UWSGI_SCRIPT': 'server', 'uwsgi.version': '1.1.2', 'REQUEST_METHOD': 'GET', 'PATH_INFO': '/redirect/ebebaf3b-475a-4010-9a72-96eeff797f1e', 'SERVER_PROTOCOL': 'HTTP/1.1', 'QUERY_STRING': '', 'x-wsgiorg.fdevent.readable': <built-in function uwsgi_eventfd_read>, 'CONTENT_LENGTH': '', 'uwsgi.ready_fd': None, 'HTTP_USER_AGENT': 'Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)', 'HTTP_CONNECTION': 'close', 'HTTP_REFERER': 'http://www.facebook.com/', 'SERVER_NAME': 'pixel.domain.com', 'REMOTE_ADDR': '10.load.bal.ip', 'wsgi.url_scheme': 'http', 'SERVER_PORT': '80', 'wsgi.multiprocess': True, 'uwsgi.node': 'py.domain.com', 'DOCUMENT_ROOT': '/etc/nginx/html', 'UWSGI_PYHOME': '/ebs/py', 'uwsgi.core': 127, 'HTTP_X_FORWARDED_PROTO': 'http', 'x-wsgiorg.fdevent.writable': <built-in function uwsgi_eventfd_write>, 'wsgi.input':
<newrelic.api.web_transaction.WSGIInputWrapper object at 0x1809b90>, 'HTTP_HOST': 'track.domain.com', 'wsgi.multithread': False, 'REQUEST_URI': '/redirect/ebebaf3b-475a-4010-9a72-96eeff797f1e', 'HTTP_ACCEPT': 'text/html, application/xhtml+xml, */*', 'wsgi.version': (1, 0), 'x-wsgiorg.fdevent.timeout': None, 'HTTP_X_FORWARDED_FOR': '10.load.bal.ip', 'wsgi.errors': <open file 'wsgi_errors', mode 'w' at 0x1995390>, 'REMOTE_PORT': '36462', 'HTTP_ACCEPT_LANGUAGE': 'en-US', 'wsgi.run_once': False, 'HTTP_X_FORWARDED_PORT': '80', 'CONTENT_TYPE': '', 'wsgi.file_wrapper': <built-in function uwsgi_sendfile>, 'HTTP_ACCEPT_ENCODING': 'gzip, deflate'}



and

?{'UWSGI_CHDIR': '/ebs/py', 'HTTP_COOKIE':?'ge_t_c=4fcee8450c3bee709800920c', 'UWSGI_SCRIPT': 'server',?'uwsgi.version': '1.1.2','REQUEST_METHOD': 'GET', 'PATH_INFO':?'/redirect/2391e658-95ef-4300-80f5-83dbb1a0e526', 'SERVER_PROTOCOL':?'HTTP/1.1', 'QUERY_STRING': '', 'x-wsgiorg.fdevent.readable':?<built-in function uwsgi_eventfd_read>, 'CONTENT_LENGTH': '',?'uwsgi.ready_fd': None, 'HTTP_USER_AGENT': 'Mozilla/5.0 (iPad; CPU OS?5_1_1 like Mac OS X) AppleWebKit/534.46 (KHTML, like Gecko)?Version/5.1 Mobile/9B206 Safari/7534.48.3', 'HTTP_CONNECTION':
?'close', 'HTTP_REFERER': 'http://www.facebook.com/', 'SERVER_NAME':?'pixel.domain.com', 'REMOTE_ADDR': '10.load.balancer.ip',
?'wsgi.url_scheme': 'http', 'SERVER_PORT': '80', 'wsgi.multiprocess':?True, 'uwsgi.node': 'py.domain.com', 'DOCUMENT_ROOT':
?'/etc/nginx/html', 'UWSGI_PYHOME': '/ebs/py', 'uwsgi.core': 127,?'HTTP_X_FORWARDED_PROTO': 'http', 'x-wsgiorg.fdevent.writable':
?<built-in function uwsgi_eventfd_write>, 'wsgi.input':?<newrelic.api.web_transaction.WSGIInputWrapper object at 0x18f3850>,?'HTTP_HOST': 'fire.domain.com', 'wsgi.multithread': False,?'REQUEST_URI': '/redirect/2391e658-95ef-4300-80f5-83dbb1a0e526',
?'HTTP_ACCEPT':?'text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8',?'wsgi.version': (1, 0), 'x-wsgiorg.fdevent.timeout': None,
?'HTTP_X_FORWARDED_FOR': '10.load.bal.ip', 'wsgi.errors': <open file?'wsgi_errors', mode 'w' at 0x1796e40>, 'REMOTE_PORT': '39498',
?'HTTP_ACCEPT_LANGUAGE': 'en-us', 'wsgi.run_once': False,?'HTTP_X_FORWARDED_PORT': '80', 'CONTENT_TYPE': '',?'wsgi.file_wrapper': <built-in function uwsgi_sendfile>,?'HTTP_ACCEPT_ENCODING': 'gzip, deflate'}

These are 2 distinct clients. I opened an incognito session, confirmed that no cookie was sent in the headers, and the uwsgi log shows that it received the same HTTP_COOKIE.

How can I make sure that nginx only passes the proper information for the current request, without regard to other requests?

_______________________________________________
nginx mailing list
nginx at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx



From nginx-forum at nginx.us  Tue Jun 19 05:02:09 2012
From: nginx-forum at nginx.us (paphillon)
Date: Tue, 19 Jun 2012 01:02:09 -0400 (EDT)
Subject: Best approach for Dynamic routing
Message-ID: <bfba5527643aa027eeae76ab4e2931dd.NginxMailingListEnglish@forum.nginx.org>

Hi All,

What is the best approach for implementing Dynamic routing for the below
use case

-Route web service calls to a separate server (location based)
-Route user UI Web requests to a separate server (location based)
-A single server URL for multiple implementations and provide a
mechanism to route to different web service server and UI server based
on customers
e.g.-------------------      Nginx Proxy
                                       
  c 1 proxy.abc.com --->     |  --> Web service server S 1
-------------------------------         |  --> UI server S 1
                                       
  c 2 proxy.abc.com --->     |  --> Web service server S 2
-------------------------------         |  --> UI Server S 2
                                       
  c n proxy.abc.com --->     |  --> Web service server S n
-------------------------------         |  --> UI Server S n
                                       

- Ability to add web service server and UI server dynamically 
- Ease to maintain and possibly have a central repository for the
mapping and Web service server and UI server backend URLs
- Minimum proxy overhead

-paphillon

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227678,227678#msg-227678


From jabberuser at gmail.com  Tue Jun 19 10:51:46 2012
From: jabberuser at gmail.com (Piotr Karbowski)
Date: Tue, 19 Jun 2012 12:51:46 +0200
Subject: [BUG?] Nginx hangs when you use try_files, map,
	request_uri and long url.
In-Reply-To: <20120618200232.GN31671@mdounin.ru>
References: <4FDF86C3.508@gmail.com> <20120618200232.GN31671@mdounin.ru>
Message-ID: <4FE059C2.9090806@gmail.com>

Hello.

On 06/18/2012 10:02 PM, Maxim Dounin wrote:
> The problem isn't map, the problem is try_files which is broken in
> 1.1.19.  Please upgrade to 1.2.0 at least, or apply the following
> patch:
>
> http://trac.nginx.org/nginx/changeset/4601/nginx
>
> Changes with nginx 1.2.0:
>
>      *) Bugfix: a segmentation fault might occur in a worker process if the
>         "try_files" directive was used; the bug had appeared in 1.1.19.

Thank you very much Maxim, the patch works. ;-)

-- Piotr.


From mdounin at mdounin.ru  Tue Jun 19 13:41:07 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 19 Jun 2012 17:41:07 +0400
Subject: nginx keeps passing the same http_cookie to uwsgi
In-Reply-To: <1340062005.35680.YahooMailNeo@web125502.mail.ne1.yahoo.com>
References: <1340062005.35680.YahooMailNeo@web125502.mail.ne1.yahoo.com>
Message-ID: <20120619134107.GT31671@mdounin.ru>

Hello!

On Mon, Jun 18, 2012 at 04:26:45PM -0700, jeff thomas wrote:

> I have a small python app running via uwsgi with requests served 
> by nginx.?
> 
> I'm printing the environment variables... and it looks like 
> after a couple of ok requests, nginx is sending the same 
> HTTP_COOKIE param for unrelated requests:

[...]

> These are 2 distinct clients. I opened an incognito session, 
> confirmed that no cookie was sent in the headers, and the uwsgi 
> log shows that it received the same HTTP_COOKIE.
> 
> How can I make sure that nginx only passes the proper 
> information for the current request, without regard to other 
> requests?

Try tcpdump to see what actually happens on the wire between nginx 
and your uwsgi backend.  Unless you see unrelated cookie there - 
the problem isn't in nginx.

Maxim Dounin


From brian at akins.org  Tue Jun 19 14:18:51 2012
From: brian at akins.org (Brian Akins)
Date: Tue, 19 Jun 2012 10:18:51 -0400
Subject: Best approach for Dynamic routing
In-Reply-To: <bfba5527643aa027eeae76ab4e2931dd.NginxMailingListEnglish@forum.nginx.org>
References: <bfba5527643aa027eeae76ab4e2931dd.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAO3qTJV0RGBZ2H123zyFuspm-0YjhU1_Yq15-BRaVe1V4Vp1ew@mail.gmail.com>

I've been tinkering with some Lua that uses redis that does something
similar.  In my "day job" we have a json file per site for a service
and chef generates nginx configs from that. No UI or anything, but it
gets it done.


From ml-nginx at zu-con.org  Tue Jun 19 14:23:50 2012
From: ml-nginx at zu-con.org (Matthias Rieber)
Date: Tue, 19 Jun 2012 16:23:50 +0200
Subject: ngx.location.capture_multi  multiple posts
Message-ID: <4FE08B76.2020904@zu-con.org>

Hello,

I try to use ngx.location.capture_multi to send multiple post requests:

  upstream _server1 {
    server server1:80;
  }

  upstream _server2 {
    server server2:80;
  }

  server {
    listen 10.0.0.254:80;
    server_name server.internal;

    location / {
      content_by_lua '
        upstream_servers = {{"/server1", {copy_all_vars = true, method =
ngx.HTTP_POST}},
                            {"/server2", {copy_all_vars = true, method =
ngx.HTTP_POST}},
                            }
        for i, v in ipairs(upstream_servers) do
          upstream_servers[i][1] = upstream_servers[i][1] ..
ngx.var.request_uri
        end
        results = {ngx.location.capture_multi(upstream_servers)}
        status = 200
        output = ""
        for i, result in ipairs(results) do
          output = output .. result.body
          if status < result.status then
            status = result.status

          end
        end
        ngx.say({output})
        ngx.exit(status)
      ';
    }

    location /server1 {
      rewrite ^/[^/]*/(.*) /$1 break;
      proxy_pass http://_server1;
      proxy_set_header X-Forwarded-For $remote_addr;
    }

    location /server2 {
      rewrite ^/[^/]*/(.*) /$1 break;
      proxy_pass http://_server2;
      proxy_set_header X-Forwarded-For $remote_addr;
    }
  }

The post will be send to server1, but the second one won't be send to
server2. Afer I while the request terminates with the timeout error 408.
When I switch the servers in the table uptream_servers, the request will
be passed to server2, but not to server1. Again, a timeout occurs. When
I replace ngx.HTTP_POST with ngx.HTTP_GET, both requests will be send.

Is it not possible to use ngx.location.capture_multi like that?

matthias


From nginx-forum at nginx.us  Tue Jun 19 15:42:14 2012
From: nginx-forum at nginx.us (dparshin)
Date: Tue, 19 Jun 2012 11:42:14 -0400 (EDT)
Subject: Memory consumption in case of huge number of configs
In-Reply-To: <201206190313.43792.ne@vbart.ru>
References: <201206190313.43792.ne@vbart.ru>
Message-ID: <e0cec55d807ac662b61a1aa64f42bf6c.NginxMailingListEnglish@forum.nginx.org>

Valentin V. Bartenev Wrote:
-------------------------------------------------------
> On Monday 18 June 2012 23:47:21 dparshin wrote:
> > I noticed following behavior of nginx recently,
> everything I describe
> > here is related to the case when we have huge
> number of configuration
> > files(> 1000). Once nginx is started it occupies
> more than 100MB of
> > memory, memory is not freed on fork. That is
> expected behavior but the
> > weird thing happens on configuration reload,
> once HUP signal is sent,
> > master process doubles occupied memory size, if
> reload is repeated
> > memory consumption stays the same, so it looks
> like memory is not reused
> > in process of reload, instead new pool is
> created, which leads to the
> > waste of memory.
> > 
> 
> Of course it creates a new pool. Nginx must
> continue to work and handle 
> requests, even if it fails to load the new
> configuration.

Sounds reasonable, but unused pool(after reload process successfully
finished) is not destroyed, and after fork the amount of unused memory
is multiplied by the number of workers. I mean that we have two pools in
every worker and in the master process - pool with active configuration
and unused pool used for reload purposes.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227668,227689#msg-227689


From cmfileds at gmail.com  Tue Jun 19 15:46:32 2012
From: cmfileds at gmail.com (CM Fields)
Date: Tue, 19 Jun 2012 11:46:32 -0400
Subject: location regular expression not filtering some characters
Message-ID: <CAHxQ+CoAfPvds86M_TJ_ibC5K7rq16G6tEqk1jhSJPR0VX0d4g@mail.gmail.com>

I am looking to filter all characters other then those specified in the
"location" regular expression. For example, [\w.]+$ should only allow one or
more letters, numbers, underscore and period just like [a-zA-Z0-9_.]

location ~* ^/data/[\w.]+$  {...}

When I test the url with wget I find the pound (#) and question mark (?) are
allowed through. For example...

This URL is valid and is allowed through
   wget "http://example.com/data/1234.txt"

This URL with the additional "#" should not be allowed thorugh, but it is.
   wget "http://example.com/data/12#34.txt"

Adding a question mark also gets through when it is supposed to be blocked like
the pound "#" above.
   wget "http://example.com/data/12?34.txt"


Are pound (#) and questions mark (?) matches being overridden in Nginx and thus
getting past my regular expression?

Does anyone know of a way to block the "#" or "?" that I am missing?


Just for clarity, I have no need for the "#" or "?" in my script and I can do
checks in the script to exclude these characters if necessary.


From cmfileds at gmail.com  Tue Jun 19 17:07:17 2012
From: cmfileds at gmail.com (CM Fields)
Date: Tue, 19 Jun 2012 13:07:17 -0400
Subject: location regular expression not filtering some characters
In-Reply-To: <CAHxQ+CoAfPvds86M_TJ_ibC5K7rq16G6tEqk1jhSJPR0VX0d4g@mail.gmail.com>
References: <CAHxQ+CoAfPvds86M_TJ_ibC5K7rq16G6tEqk1jhSJPR0VX0d4g@mail.gmail.com>
Message-ID: <CAHxQ+CrziagRHO+eu6YJuWwU+_yV+gf3p64eUzVrEhVKU20gBw@mail.gmail.com>

I believe this was a mistake on my side. While testing I noticed that
the (#) and (?)
were allowed through but the URL result was not what I was expecting.

When the pound (#) is used nginx converts the URI from

   http://example.com/data/12#34.txt
          and cuts off the pound sign and anything after it to this....
   http://example.com/data/12

before my regular expression is ever used. The pound (#) is a location specific
tag so this expected and fine.

The question mark (?) is still passed to my regular expression and
allowed through.

   http://example.com/data/12?34.txt
       get passed through the regular expression unchanged
   http://example.com/data/12?34.txt

Not sure why the question mark is special yet.


On Tue, Jun 19, 2012 at 11:46 AM, CM Fields <cmfileds at gmail.com> wrote:
> I am looking to filter all characters other then those specified in the
> "location" regular expression. For example, [\w.]+$ should only allow one or
> more letters, numbers, underscore and period just like [a-zA-Z0-9_.]
>
> location ~* ^/data/[\w.]+$ ?{...}
>
> When I test the url with wget I find the pound (#) and question mark (?) are
> allowed through. For example...
>
> This URL is valid and is allowed through
> ? wget "http://example.com/data/1234.txt"
>
> This URL with the additional "#" should not be allowed thorugh, but it is.
> ? wget "http://example.com/data/12#34.txt"
>
> Adding a question mark also gets through when it is supposed to be blocked like
> the pound "#" above.
> ? wget "http://example.com/data/12?34.txt"
>
>
> Are pound (#) and questions mark (?) matches being overridden in Nginx and thus
> getting past my regular expression?
>
> Does anyone know of a way to block the "#" or "?" that I am missing?
>
>
> Just for clarity, I have no need for the "#" or "?" in my script and I can do
> checks in the script to exclude these characters if necessary.


From mdounin at mdounin.ru  Tue Jun 19 18:01:16 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 19 Jun 2012 22:01:16 +0400
Subject: location regular expression not filtering some characters
In-Reply-To: <CAHxQ+CoAfPvds86M_TJ_ibC5K7rq16G6tEqk1jhSJPR0VX0d4g@mail.gmail.com>
References: <CAHxQ+CoAfPvds86M_TJ_ibC5K7rq16G6tEqk1jhSJPR0VX0d4g@mail.gmail.com>
Message-ID: <20120619180116.GV31671@mdounin.ru>

Hello!

On Tue, Jun 19, 2012 at 11:46:32AM -0400, CM Fields wrote:

> I am looking to filter all characters other then those specified in the
> "location" regular expression. For example, [\w.]+$ should only allow one or
> more letters, numbers, underscore and period just like [a-zA-Z0-9_.]
> 
> location ~* ^/data/[\w.]+$  {...}
> 
> When I test the url with wget I find the pound (#) and question mark (?) are
> allowed through. For example...
> 
> This URL is valid and is allowed through
>    wget "http://example.com/data/1234.txt"
> 
> This URL with the additional "#" should not be allowed thorugh, but it is.
>    wget "http://example.com/data/12#34.txt"
> 
> Adding a question mark also gets through when it is supposed to be blocked like
> the pound "#" above.
>    wget "http://example.com/data/12?34.txt"
> 
> 
> Are pound (#) and questions mark (?) matches being overridden in Nginx and thus
> getting past my regular expression?

They aren't part of data matched by locations.  The "#" character 
denotes frament identifier (and normally not sent to a http server 
at all), and the "?" character denotes query string start.

The "#" and "?" characters will be only seen by location matching 
if they are sent escaped, i.e. as a part of uri path component, 
not as a syntax construct.

> Does anyone know of a way to block the "#" or "?" that I am missing?

It's not clear what you are trying to block.  If you want to 
reject all requests with fragments and query strings, you probably 
want to use the "if" directive instead.

Maxim Dounin


From cmfileds at gmail.com  Tue Jun 19 18:05:10 2012
From: cmfileds at gmail.com (CM Fields)
Date: Tue, 19 Jun 2012 14:05:10 -0400
Subject: location regular expression not filtering some characters
In-Reply-To: <CAHxQ+CrziagRHO+eu6YJuWwU+_yV+gf3p64eUzVrEhVKU20gBw@mail.gmail.com>
References: <CAHxQ+CoAfPvds86M_TJ_ibC5K7rq16G6tEqk1jhSJPR0VX0d4g@mail.gmail.com>
	<CAHxQ+CrziagRHO+eu6YJuWwU+_yV+gf3p64eUzVrEhVKU20gBw@mail.gmail.com>
Message-ID: <CAHxQ+Crtu=GrvMzBP6HcbecBJyUCYc185Mc4DOG3CVhA0bCRcA@mail.gmail.com>

For those interested and to close this loop the question mark (?) is the query
string. I am not able to filter it, but you can use a rewrite rule to
clear it in nginx.

Another oddity is you can put a bunch of illegal characters behind the
question mark
and nginx will happily pass those to your back end server even though the
regex is in place. So, if you do not expect a "$" or "%" or any other
special character
in your back end you may be surprised.

I am still using this location regex
   location ~* ^/data/[\w.]+$ ?{...}

If we take this valid url
   http://example.com/data/1234.txt

We can add a question mark and anything we want to after that and it will be
passed to your back end or script.
  http://example.com/data/1234.txt?some_text../../../%del table%

I am interested if this is an expected result. My concern is that the regex
I specified is being silently ignored. Should Nginx respect the user
configuration
and deny access to the URL with the question mark in it?

In most case I imagine the question mark and following text would be fine as the
link might contain helpful information. As far as I can tell most
resources online
say this is the expect behavior and it is up to the script to validate
the data.

I agree the script should check all input, but then why even bother with a
location regex to validate the url before it gets passed to a back end server?

On Tue, Jun 19, 2012 at 1:07 PM, CM Fields <cmfileds at gmail.com> wrote:
> I believe this was a mistake on my side. While testing I noticed that
> the (#) and (?)
> were allowed through but the URL result was not what I was expecting.
>
> When the pound (#) is used nginx converts the URI from
>
> ? http://example.com/data/12#34.txt
> ? ? ? ? ?and cuts off the pound sign and anything after it to this....
> ? http://example.com/data/12
>
> before my regular expression is ever used. The pound (#) is a location specific
> tag so this expected and fine.
>
> The question mark (?) is still passed to my regular expression and
> allowed through.
>
> ? http://example.com/data/12?34.txt
> ? ? ? get passed through the regular expression unchanged
> ? http://example.com/data/12?34.txt
>
> Not sure why the question mark is special yet.
>
>
> On Tue, Jun 19, 2012 at 11:46 AM, CM Fields <cmfileds at gmail.com> wrote:
>> I am looking to filter all characters other then those specified in the
>> "location" regular expression. For example, [\w.]+$ should only allow one or
>> more letters, numbers, underscore and period just like [a-zA-Z0-9_.]
>>
>> location ~* ^/data/[\w.]+$ ?{...}
>>
>> When I test the url with wget I find the pound (#) and question mark (?) are
>> allowed through. For example...
>>
>> This URL is valid and is allowed through
>> ? wget "http://example.com/data/1234.txt"
>>
>> This URL with the additional "#" should not be allowed thorugh, but it is.
>> ? wget "http://example.com/data/12#34.txt"
>>
>> Adding a question mark also gets through when it is supposed to be blocked like
>> the pound "#" above.
>> ? wget "http://example.com/data/12?34.txt"
>>
>>
>> Are pound (#) and questions mark (?) matches being overridden in Nginx and thus
>> getting past my regular expression?
>>
>> Does anyone know of a way to block the "#" or "?" that I am missing?
>>
>>
>> Just for clarity, I have no need for the "#" or "?" in my script and I can do
>> checks in the script to exclude these characters if necessary.


From cmfileds at gmail.com  Tue Jun 19 18:07:49 2012
From: cmfileds at gmail.com (CM Fields)
Date: Tue, 19 Jun 2012 14:07:49 -0400
Subject: location regular expression not filtering some characters
In-Reply-To: <20120619180116.GV31671@mdounin.ru>
References: <CAHxQ+CoAfPvds86M_TJ_ibC5K7rq16G6tEqk1jhSJPR0VX0d4g@mail.gmail.com>
	<20120619180116.GV31671@mdounin.ru>
Message-ID: <CAHxQ+CpjScPZgYQtnpg9ifU3QC=QfS+BURBA1iJ7f6=xg4KWhg@mail.gmail.com>

On Tue, Jun 19, 2012 at 2:01 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> Hello!
>
> On Tue, Jun 19, 2012 at 11:46:32AM -0400, CM Fields wrote:
>
>> I am looking to filter all characters other then those specified in the
>> "location" regular expression. For example, [\w.]+$ should only allow one or
>> more letters, numbers, underscore and period just like [a-zA-Z0-9_.]
>>
>> location ~* ^/data/[\w.]+$ ?{...}
>>
>> When I test the url with wget I find the pound (#) and question mark (?) are
>> allowed through. For example...
>>
>> This URL is valid and is allowed through
>> ? ?wget "http://example.com/data/1234.txt"
>>
>> This URL with the additional "#" should not be allowed thorugh, but it is.
>> ? ?wget "http://example.com/data/12#34.txt"
>>
>> Adding a question mark also gets through when it is supposed to be blocked like
>> the pound "#" above.
>> ? ?wget "http://example.com/data/12?34.txt"
>>
>>
>> Are pound (#) and questions mark (?) matches being overridden in Nginx and thus
>> getting past my regular expression?
>
> They aren't part of data matched by locations. ?The "#" character
> denotes frament identifier (and normally not sent to a http server
> at all), and the "?" character denotes query string start.
>
> The "#" and "?" characters will be only seen by location matching
> if they are sent escaped, i.e. as a part of uri path component,
> not as a syntax construct.
>
>> Does anyone know of a way to block the "#" or "?" that I am missing?
>
> It's not clear what you are trying to block. ?If you want to
> reject all requests with fragments and query strings, you probably
> want to use the "if" directive instead.
>
> Maxim Dounin
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

Maxim,

Thanks for the response. I completely agree with your statement. I was
looking to
filter the URI with the location directive, but using an If {} was the
proper method.

Thanks again.


From francis at daoine.org  Tue Jun 19 18:13:10 2012
From: francis at daoine.org (Francis Daly)
Date: Tue, 19 Jun 2012 19:13:10 +0100
Subject: location regular expression not filtering some characters
In-Reply-To: <CAHxQ+CrziagRHO+eu6YJuWwU+_yV+gf3p64eUzVrEhVKU20gBw@mail.gmail.com>
References: <CAHxQ+CoAfPvds86M_TJ_ibC5K7rq16G6tEqk1jhSJPR0VX0d4g@mail.gmail.com>
	<CAHxQ+CrziagRHO+eu6YJuWwU+_yV+gf3p64eUzVrEhVKU20gBw@mail.gmail.com>
Message-ID: <20120619181310.GI6210@craic.sysops.org>

On Tue, Jun 19, 2012 at 01:07:17PM -0400, CM Fields wrote:

Hi there,

>    http://example.com/data/12#34.txt
>           and cuts off the pound sign and anything after it to this....
>    http://example.com/data/12

The client probably should not send the # or anything after it, as it
is the local "fragment" part of the url. nginx is right to ignore it,
if it present. If you want a # in a url, it must be %-encoded.

>    http://example.com/data/12?34.txt
>        get passed through the regular expression unchanged
>    http://example.com/data/12?34.txt
> 
> Not sure why the question mark is special yet.

The ? marks the start of the query_string part of the url. If you want
a literal ? in a url, it must be %-encoded.

In practice, the query_string is usually an unordered set of key/value
pairs. The choice nginx makes is not to consider the query_string when
determining which location{} is the best fit.

You can test variables with names that include "arg" if you want to see
what query_string was provided -- but you can't do it as part of the
location directive.

http://nginx.org/en/docs/http/ngx_http_core_module.html#variables

	f
-- 
Francis Daly        francis at daoine.org


From mdounin at mdounin.ru  Tue Jun 19 18:22:13 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 19 Jun 2012 22:22:13 +0400
Subject: Memory consumption in case of huge number of configs
In-Reply-To: <e0cec55d807ac662b61a1aa64f42bf6c.NginxMailingListEnglish@forum.nginx.org>
References: <201206190313.43792.ne@vbart.ru>
	<e0cec55d807ac662b61a1aa64f42bf6c.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120619182213.GW31671@mdounin.ru>

Hello!

On Tue, Jun 19, 2012 at 11:42:14AM -0400, dparshin wrote:

> Valentin V. Bartenev Wrote:
> -------------------------------------------------------
> > On Monday 18 June 2012 23:47:21 dparshin wrote:
> > > I noticed following behavior of nginx recently,
> > everything I describe
> > > here is related to the case when we have huge
> > number of configuration
> > > files(> 1000). Once nginx is started it occupies
> > more than 100MB of
> > > memory, memory is not freed on fork. That is
> > expected behavior but the
> > > weird thing happens on configuration reload,
> > once HUP signal is sent,
> > > master process doubles occupied memory size, if
> > reload is repeated
> > > memory consumption stays the same, so it looks
> > like memory is not reused
> > > in process of reload, instead new pool is
> > created, which leads to the
> > > waste of memory.
> > > 
> > 
> > Of course it creates a new pool. Nginx must
> > continue to work and handle 
> > requests, even if it fails to load the new
> > configuration.
> 
> Sounds reasonable, but unused pool(after reload process successfully
> finished) is not destroyed,

It is destroyed, but you don't see it as your system allocator 
doesn't return the freed memory to the system.

> and after fork the amount of unused memory
> is multiplied by the number of workers.

And this isn't true even for really leaked memory, as fork() uses 
copy on write.  See http://en.wikipedia.org/wiki/Copy_on_write.

> I mean that we have two pools in
> every worker and in the master process - pool with active configuration
> and unused pool used for reload purposes.

This is not true, see above.

Maxim Dounin


From francis at daoine.org  Tue Jun 19 18:32:55 2012
From: francis at daoine.org (Francis Daly)
Date: Tue, 19 Jun 2012 19:32:55 +0100
Subject: location regular expression not filtering some characters
In-Reply-To: <CAHxQ+Crtu=GrvMzBP6HcbecBJyUCYc185Mc4DOG3CVhA0bCRcA@mail.gmail.com>
References: <CAHxQ+CoAfPvds86M_TJ_ibC5K7rq16G6tEqk1jhSJPR0VX0d4g@mail.gmail.com>
	<CAHxQ+CrziagRHO+eu6YJuWwU+_yV+gf3p64eUzVrEhVKU20gBw@mail.gmail.com>
	<CAHxQ+Crtu=GrvMzBP6HcbecBJyUCYc185Mc4DOG3CVhA0bCRcA@mail.gmail.com>
Message-ID: <20120619183255.GJ6210@craic.sysops.org>

On Tue, Jun 19, 2012 at 02:05:10PM -0400, CM Fields wrote:

Hi there,

> We can add a question mark and anything we want to after that and it will be
> passed to your back end or script.
>   http://example.com/data/1234.txt?some_text../../../%del table%

By default, yes; because that's (presumably) the usual case.

But you decide, in nginx.conf, exactly what gets passed to your back
end or script.

Presumably you use proxy_pass or fastcgi_pass or some similar directive
to send data to your back end. It should be possible to configure that
directive to send what you want, and not to send what you don't want.

$uri and $request_uri are different variables; possibly you can use one
of those to achieve what you want.

> I am interested if this is an expected result. My concern is that the regex
> I specified is being silently ignored. Should Nginx respect the user
> configuration
> and deny access to the URL with the question mark in it?

I suspect this is just down to a different understanding of what the nginx
config is doing. The "location" directive only tries to match from the
first / after the hostname, to just before the first ? or #. (Within that
range, it matches the unescaped url.)

If you care about anything after that, you have to handle it separately.

All the best,

	f
-- 
Francis Daly        francis at daoine.org


From ne at vbart.ru  Tue Jun 19 18:46:52 2012
From: ne at vbart.ru (Valentin V. Bartenev)
Date: Tue, 19 Jun 2012 22:46:52 +0400
Subject: Memory consumption in case of huge number of configs
In-Reply-To: <e0cec55d807ac662b61a1aa64f42bf6c.NginxMailingListEnglish@forum.nginx.org>
References: <201206190313.43792.ne@vbart.ru>
	<e0cec55d807ac662b61a1aa64f42bf6c.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <201206192246.52521.ne@vbart.ru>

On Tuesday 19 June 2012 19:42:14 dparshin wrote:
[...]
> > 
> > Of course it creates a new pool. Nginx must
> > continue to work and handle
> > requests, even if it fails to load the new
> > configuration.
> 
> Sounds reasonable, but unused pool(after reload process successfully
> finished) is not destroyed,

Actually it is destroyed. But only after all old workers have finished
servicing their clients.

> and after fork the amount of unused memory
> is multiplied by the number of workers.

The memory used for configuration pool isn't multiplied by the number
of workers because of COW.

 wbr, Valentin V. Bartenev


From nginx-forum at nginx.us  Wed Jun 20 02:00:42 2012
From: nginx-forum at nginx.us (amodpandey)
Date: Tue, 19 Jun 2012 22:00:42 -0400 (EDT)
Subject: How to set html files into memcache
In-Reply-To: <c561e739187efa0c6a0e1937f3d91343.NginxMailingListEnglish@forum.nginx.org>
References: <1b73dc6497f07a7dc3df130a6e67cf58.NginxMailingListEnglish@forum.nginx.org>
	<c561e739187efa0c6a0e1937f3d91343.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <43802bab51c1e65e62f2beec5229217d.NginxMailingListEnglish@forum.nginx.org>

Thank you agentzh.

I is hitting memcache and I have rechecked it.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227610,227704#msg-227704


From mauro.stettler at gmail.com  Wed Jun 20 02:52:36 2012
From: mauro.stettler at gmail.com (Mauro Stettler)
Date: Wed, 20 Jun 2012 10:52:36 +0800
Subject: Dropped connections on our Nginx
In-Reply-To: <CAP-8hjp3jwabGyaFCT0ASBfD56CSpgSQctj8zaxXe=8MP9UHKA@mail.gmail.com>
References: <CAP-8hjp3jwabGyaFCT0ASBfD56CSpgSQctj8zaxXe=8MP9UHKA@mail.gmail.com>
Message-ID: <CAP-8hjrsqwzWhh3ZXG0LEw1AC=sUzhcUocA+mknB7A5s1YhkOQ@mail.gmail.com>

Hi list

I have a problem with dropped connections on an Nginx cluster that has
up to 100k requests per minute per Nginx instance. It seems that in
around 1 of 10`000 requests that are sent to our Nginx, the TCP
connection just gets reset by the server. At first I was guessing that
some values in the /etc/sysctl.conf are maybe causing this problem,
because we have modified multiple TCP related values there. But after
resetting all of them to the default, the connection resets still kept
happening.

I am guessing the problem must be related to Nginx and not to a kernel
setting because in our traffic only around 25% of all requests are
POSTs and the rest are GETs, but more than 90% of the requests where
the problem appears are POSTs. I don't think that the kernel can be
aware if a request is POST or GET.

The problem happens on many different URLs, mostly ones where we POST
to, so it does not seem to be related to any rewrite rules.

I have tcpdumped the problem and I can see that the request was sent
correctly by the client. But after the request was received by the
Nginx, it only sends back a packet with the ACK and FIN flags set. So
the connection gets killed and most of the browsers display some empty
pages or "zero sized reply" errors. The fact that the FIN is sent by
the server makes me assume that the problem cannot be related to
network hardware. Also we have this problem on all Nginx instances
inside that cluster, so I don't think its related to broken networking
hardware.

When the problem happens, i see statements like this one in the access
log. As you can see the Nginx says HTTP status code and length both
are 0:
<ip> - - [20/Jun/2012:04:13:23 +0200] "POST
/userProfile/rateResult?userId=<id>&_csrf_token=7e23ef60c67800c4765d32b0536fc536&rate=5
HTTP/1.1" 0 0 "<referer>" "Mozilla/5.0 (X11; U; Linux x86_64; en-US;
rv:1.9.1.6) Gecko/20091216 Mandriva Linux/1.9.1.6-0.1mdv2010.0
(2010.0) Firefox/3.5.6"

What i also find very interesting is that the problem can happen at
any time, so it does not seem to be related to the load or number of
requests on the Nginx. In the morning hours we have less than 5% of
the traffic of the evening hours, and still I sometimes see this
problem appearing in the morning.

My Nginx config is very long, so its too long to post it here. So I
only post the parts which i think might be important, without all the
rewrite rules:

user wwwrun www;
worker_processes 64;
worker_rlimit_nofile 524288;

events {
? ?worker_connections 32768;
? ?use epoll;
? ?multi_accept on;
}

http {
? ?sendfile on;
? ?tcp_nopush on;
? ?keepalive_requests 0;
? ?recursive_error_pages on;
? ?large_client_header_buffers 4 16k;

What I also found via tcpdump is that on the requests where this
problem appears, the Nginx receives the incoming request and then
sends the correct request to the FastCGI backend and also receives the
correct answer from the backend, but before the answer from the
backend comes back (less than 300ms), it already resets the client's
connection.

Just in case this matters anyhow, this is my sysctl.conf:

net.ipv4.icmp_echo_ignore_broadcasts = 1
net.ipv4.conf.all.rp_filter = 1
fs.inotify.max_user_watches = 65536
net.ipv4.conf.default.promote_secondaries = 1
net.ipv4.conf.all.promote_secondaries = 1
net.ipv4.ip_forward = 0
net.ipv4.conf.lo.arp_ignore = 1
net.ipv4.conf.lo.arp_announce = 2
net.ipv4.conf.all.arp_ignore = 1
net.ipv4.conf.all.arp_announce = 2
net.netfilter.nf_conntrack_max = 262144
net.nf_conntrack_max = 262144
net.ipv4.tcp_max_syn_backlog = 30000
net.ipv4.tcp_max_tw_buckets = 2000000
net.core.netdev_max_backlog = 50000
net.ipv4.tcp_tw_reuse = 0
net.ipv4.tcp_tw_recycle = 1
net.ipv4.tcp_fin_timeout = 3
net.ipv4.tcp_keepalive_time = 120
net.core.wmem_max = 8388608
net.core.rmem_max = 8388608
net.ipv4.tcp_rmem = 4096 87380 8388608
net.ipv4.tcp_wmem = 4096 87380 8388608
net.core.somaxconn = 1024
kernel.pid_max = 65536
net.ipv4.conf.all.log_martians = 0
net.ipv4.conf.default.log_martians = 0
net.ipv4.conf.lo.log_martians = 0
net.ipv4.conf.eth0.log_martians = 0
net.ipv4.conf.eth1.log_martians = 0

Our operating system is SuSE Linux Enterprise 11.0. The Nginx
configure params are the following:

nginx version: nginx/1.2.1
built by gcc 4.3.2 [gcc-4_3-branch revision 141291] (SUSE Linux)
configure arguments: --prefix=/usr/local/nginx-1.2.1
--error-log-path=/var/log/nginx/error.log
--http-log-path=/var/log/nginx/access.log
--with-http_stub_status_module --without-http_autoindex_module
--without-http_geo_module --without-http_map_module
--without-http_referer_module --without-http_limit_conn_module
--without-http_empty_gif_module --without-mail_pop3_module
--without-mail_imap_module --without-mail_smtp_module
--with-http_geoip_module --with-pcre=/usr/local/src/nginx/pcre-8.30
--add-module=3rd/agentzh-nginx-eval-module-4eb2a02
--add-module=3rd/ngx_http_log_request_speed
--add-module=3rd/replay-ngx_http_generate_secure_download_links-4c1a46a
--add-module=3rd/agentzh-memc-nginx-module-8befc56
--add-module=3rd/agentzh-echo-nginx-module-080c0a1
--add-module=3rd/replay-ngx_http_php_memcache_standard_balancer-4f7dcba
--add-module=3rd/masterzen-nginx-upload-progress-module-a788dea
--add-module=3rd/replay-ngx_http_php_session-30f69b3
--add-module=3rd/simpl-ngx_devel_kit-24202b4
--add-module=3rd/chaoslawful-lua-nginx-module-c5be5ff
--add-module=3rd/replay-ngx_http_lower_upper_case-44958e0
--add-module=3rd/gnosek-nginx-upstream-fair-a18b409

In the dmesg I cannot see anything suspicious, there are no segfaults
or related networking messages.

I have already tried setting the Nginx error log to some high log
level, but I didn't see anything related to my problem, even at times
when I saw that the problem is happening.

Now I don't really know what else to check anymore... I would be
really glad if somebody had some ideas?

Thanks for help,

Mauro


From pchychi at gmail.com  Wed Jun 20 04:54:59 2012
From: pchychi at gmail.com (Payam Chychi)
Date: Tue, 19 Jun 2012 23:54:59 -0500
Subject: Dropped connections on our Nginx
In-Reply-To: <CAP-8hjrsqwzWhh3ZXG0LEw1AC=sUzhcUocA+mknB7A5s1YhkOQ@mail.gmail.com>
References: <CAP-8hjp3jwabGyaFCT0ASBfD56CSpgSQctj8zaxXe=8MP9UHKA@mail.gmail.com>
	<CAP-8hjrsqwzWhh3ZXG0LEw1AC=sUzhcUocA+mknB7A5s1YhkOQ@mail.gmail.com>
Message-ID: <930051EB-0303-47CA-988E-BB604431CB72@gmail.com>

whats ur fs ulimit set to?


Sent from my iPhone

On 2012-06-19, at 9:52 PM, Mauro Stettler <mauro.stettler at gmail.com> wrote:

> Hi list
> 
> I have a problem with dropped connections on an Nginx cluster that has
> up to 100k requests per minute per Nginx instance. It seems that in
> around 1 of 10`000 requests that are sent to our Nginx, the TCP
> connection just gets reset by the server. At first I was guessing that
> some values in the /etc/sysctl.conf are maybe causing this problem,
> because we have modified multiple TCP related values there. But after
> resetting all of them to the default, the connection resets still kept
> happening.
> 
> I am guessing the problem must be related to Nginx and not to a kernel
> setting because in our traffic only around 25% of all requests are
> POSTs and the rest are GETs, but more than 90% of the requests where
> the problem appears are POSTs. I don't think that the kernel can be
> aware if a request is POST or GET.
> 
> The problem happens on many different URLs, mostly ones where we POST
> to, so it does not seem to be related to any rewrite rules.
> 
> I have tcpdumped the problem and I can see that the request was sent
> correctly by the client. But after the request was received by the
> Nginx, it only sends back a packet with the ACK and FIN flags set. So
> the connection gets killed and most of the browsers display some empty
> pages or "zero sized reply" errors. The fact that the FIN is sent by
> the server makes me assume that the problem cannot be related to
> network hardware. Also we have this problem on all Nginx instances
> inside that cluster, so I don't think its related to broken networking
> hardware.
> 
> When the problem happens, i see statements like this one in the access
> log. As you can see the Nginx says HTTP status code and length both
> are 0:
> <ip> - - [20/Jun/2012:04:13:23 +0200] "POST
> /userProfile/rateResult?userId=<id>&_csrf_token=7e23ef60c67800c4765d32b0536fc536&rate=5
> HTTP/1.1" 0 0 "<referer>" "Mozilla/5.0 (X11; U; Linux x86_64; en-US;
> rv:1.9.1.6) Gecko/20091216 Mandriva Linux/1.9.1.6-0.1mdv2010.0
> (2010.0) Firefox/3.5.6"
> 
> What i also find very interesting is that the problem can happen at
> any time, so it does not seem to be related to the load or number of
> requests on the Nginx. In the morning hours we have less than 5% of
> the traffic of the evening hours, and still I sometimes see this
> problem appearing in the morning.
> 
> My Nginx config is very long, so its too long to post it here. So I
> only post the parts which i think might be important, without all the
> rewrite rules:
> 
> user wwwrun www;
> worker_processes 64;
> worker_rlimit_nofile 524288;
> 
> events {
>    worker_connections 32768;
>    use epoll;
>    multi_accept on;
> }
> 
> http {
>    sendfile on;
>    tcp_nopush on;
>    keepalive_requests 0;
>    recursive_error_pages on;
>    large_client_header_buffers 4 16k;
> 
> What I also found via tcpdump is that on the requests where this
> problem appears, the Nginx receives the incoming request and then
> sends the correct request to the FastCGI backend and also receives the
> correct answer from the backend, but before the answer from the
> backend comes back (less than 300ms), it already resets the client's
> connection.
> 
> Just in case this matters anyhow, this is my sysctl.conf:
> 
> net.ipv4.icmp_echo_ignore_broadcasts = 1
> net.ipv4.conf.all.rp_filter = 1
> fs.inotify.max_user_watches = 65536
> net.ipv4.conf.default.promote_secondaries = 1
> net.ipv4.conf.all.promote_secondaries = 1
> net.ipv4.ip_forward = 0
> net.ipv4.conf.lo.arp_ignore = 1
> net.ipv4.conf.lo.arp_announce = 2
> net.ipv4.conf.all.arp_ignore = 1
> net.ipv4.conf.all.arp_announce = 2
> net.netfilter.nf_conntrack_max = 262144
> net.nf_conntrack_max = 262144
> net.ipv4.tcp_max_syn_backlog = 30000
> net.ipv4.tcp_max_tw_buckets = 2000000
> net.core.netdev_max_backlog = 50000
> net.ipv4.tcp_tw_reuse = 0
> net.ipv4.tcp_tw_recycle = 1
> net.ipv4.tcp_fin_timeout = 3
> net.ipv4.tcp_keepalive_time = 120
> net.core.wmem_max = 8388608
> net.core.rmem_max = 8388608
> net.ipv4.tcp_rmem = 4096 87380 8388608
> net.ipv4.tcp_wmem = 4096 87380 8388608
> net.core.somaxconn = 1024
> kernel.pid_max = 65536
> net.ipv4.conf.all.log_martians = 0
> net.ipv4.conf.default.log_martians = 0
> net.ipv4.conf.lo.log_martians = 0
> net.ipv4.conf.eth0.log_martians = 0
> net.ipv4.conf.eth1.log_martians = 0
> 
> Our operating system is SuSE Linux Enterprise 11.0. The Nginx
> configure params are the following:
> 
> nginx version: nginx/1.2.1
> built by gcc 4.3.2 [gcc-4_3-branch revision 141291] (SUSE Linux)
> configure arguments: --prefix=/usr/local/nginx-1.2.1
> --error-log-path=/var/log/nginx/error.log
> --http-log-path=/var/log/nginx/access.log
> --with-http_stub_status_module --without-http_autoindex_module
> --without-http_geo_module --without-http_map_module
> --without-http_referer_module --without-http_limit_conn_module
> --without-http_empty_gif_module --without-mail_pop3_module
> --without-mail_imap_module --without-mail_smtp_module
> --with-http_geoip_module --with-pcre=/usr/local/src/nginx/pcre-8.30
> --add-module=3rd/agentzh-nginx-eval-module-4eb2a02
> --add-module=3rd/ngx_http_log_request_speed
> --add-module=3rd/replay-ngx_http_generate_secure_download_links-4c1a46a
> --add-module=3rd/agentzh-memc-nginx-module-8befc56
> --add-module=3rd/agentzh-echo-nginx-module-080c0a1
> --add-module=3rd/replay-ngx_http_php_memcache_standard_balancer-4f7dcba
> --add-module=3rd/masterzen-nginx-upload-progress-module-a788dea
> --add-module=3rd/replay-ngx_http_php_session-30f69b3
> --add-module=3rd/simpl-ngx_devel_kit-24202b4
> --add-module=3rd/chaoslawful-lua-nginx-module-c5be5ff
> --add-module=3rd/replay-ngx_http_lower_upper_case-44958e0
> --add-module=3rd/gnosek-nginx-upstream-fair-a18b409
> 
> In the dmesg I cannot see anything suspicious, there are no segfaults
> or related networking messages.
> 
> I have already tried setting the Nginx error log to some high log
> level, but I didn't see anything related to my problem, even at times
> when I saw that the problem is happening.
> 
> Now I don't really know what else to check anymore... I would be
> really glad if somebody had some ideas?
> 
> Thanks for help,
> 
> Mauro
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From mauro.stettler at gmail.com  Wed Jun 20 05:08:31 2012
From: mauro.stettler at gmail.com (Mauro Stettler)
Date: Wed, 20 Jun 2012 13:08:31 +0800
Subject: Dropped connections on our Nginx
In-Reply-To: <930051EB-0303-47CA-988E-BB604431CB72@gmail.com>
References: <CAP-8hjp3jwabGyaFCT0ASBfD56CSpgSQctj8zaxXe=8MP9UHKA@mail.gmail.com>
	<CAP-8hjrsqwzWhh3ZXG0LEw1AC=sUzhcUocA+mknB7A5s1YhkOQ@mail.gmail.com>
	<930051EB-0303-47CA-988E-BB604431CB72@gmail.com>
Message-ID: <CAP-8hjp9gQzVy3inPYFhVTb2_=D_znKXdYJhE+Sf1ZAUkSEbXg@mail.gmail.com>

its set to a high value:

rsid-a-57:/etc/nginx # ulimit -n
524288

i think if the problem would be the fs ulimit, i should see some error
related to that no more files can be opened. but there is no such
error.



On Wed, Jun 20, 2012 at 12:54 PM, Payam Chychi <pchychi at gmail.com> wrote:
> whats ur fs ulimit set to?
>
>
> Sent from my iPhone
>
> On 2012-06-19, at 9:52 PM, Mauro Stettler <mauro.stettler at gmail.com> wrote:
>
>> Hi list
>>
>> I have a problem with dropped connections on an Nginx cluster that has
>> up to 100k requests per minute per Nginx instance. It seems that in
>> around 1 of 10`000 requests that are sent to our Nginx, the TCP
>> connection just gets reset by the server. At first I was guessing that
>> some values in the /etc/sysctl.conf are maybe causing this problem,
>> because we have modified multiple TCP related values there. But after
>> resetting all of them to the default, the connection resets still kept
>> happening.
>>
>> I am guessing the problem must be related to Nginx and not to a kernel
>> setting because in our traffic only around 25% of all requests are
>> POSTs and the rest are GETs, but more than 90% of the requests where
>> the problem appears are POSTs. I don't think that the kernel can be
>> aware if a request is POST or GET.
>>
>> The problem happens on many different URLs, mostly ones where we POST
>> to, so it does not seem to be related to any rewrite rules.
>>
>> I have tcpdumped the problem and I can see that the request was sent
>> correctly by the client. But after the request was received by the
>> Nginx, it only sends back a packet with the ACK and FIN flags set. So
>> the connection gets killed and most of the browsers display some empty
>> pages or "zero sized reply" errors. The fact that the FIN is sent by
>> the server makes me assume that the problem cannot be related to
>> network hardware. Also we have this problem on all Nginx instances
>> inside that cluster, so I don't think its related to broken networking
>> hardware.
>>
>> When the problem happens, i see statements like this one in the access
>> log. As you can see the Nginx says HTTP status code and length both
>> are 0:
>> <ip> - - [20/Jun/2012:04:13:23 +0200] "POST
>> /userProfile/rateResult?userId=<id>&_csrf_token=7e23ef60c67800c4765d32b0536fc536&rate=5
>> HTTP/1.1" 0 0 "<referer>" "Mozilla/5.0 (X11; U; Linux x86_64; en-US;
>> rv:1.9.1.6) Gecko/20091216 Mandriva Linux/1.9.1.6-0.1mdv2010.0
>> (2010.0) Firefox/3.5.6"
>>
>> What i also find very interesting is that the problem can happen at
>> any time, so it does not seem to be related to the load or number of
>> requests on the Nginx. In the morning hours we have less than 5% of
>> the traffic of the evening hours, and still I sometimes see this
>> problem appearing in the morning.
>>
>> My Nginx config is very long, so its too long to post it here. So I
>> only post the parts which i think might be important, without all the
>> rewrite rules:
>>
>> user wwwrun www;
>> worker_processes 64;
>> worker_rlimit_nofile 524288;
>>
>> events {
>> ? ?worker_connections 32768;
>> ? ?use epoll;
>> ? ?multi_accept on;
>> }
>>
>> http {
>> ? ?sendfile on;
>> ? ?tcp_nopush on;
>> ? ?keepalive_requests 0;
>> ? ?recursive_error_pages on;
>> ? ?large_client_header_buffers 4 16k;
>>
>> What I also found via tcpdump is that on the requests where this
>> problem appears, the Nginx receives the incoming request and then
>> sends the correct request to the FastCGI backend and also receives the
>> correct answer from the backend, but before the answer from the
>> backend comes back (less than 300ms), it already resets the client's
>> connection.
>>
>> Just in case this matters anyhow, this is my sysctl.conf:
>>
>> net.ipv4.icmp_echo_ignore_broadcasts = 1
>> net.ipv4.conf.all.rp_filter = 1
>> fs.inotify.max_user_watches = 65536
>> net.ipv4.conf.default.promote_secondaries = 1
>> net.ipv4.conf.all.promote_secondaries = 1
>> net.ipv4.ip_forward = 0
>> net.ipv4.conf.lo.arp_ignore = 1
>> net.ipv4.conf.lo.arp_announce = 2
>> net.ipv4.conf.all.arp_ignore = 1
>> net.ipv4.conf.all.arp_announce = 2
>> net.netfilter.nf_conntrack_max = 262144
>> net.nf_conntrack_max = 262144
>> net.ipv4.tcp_max_syn_backlog = 30000
>> net.ipv4.tcp_max_tw_buckets = 2000000
>> net.core.netdev_max_backlog = 50000
>> net.ipv4.tcp_tw_reuse = 0
>> net.ipv4.tcp_tw_recycle = 1
>> net.ipv4.tcp_fin_timeout = 3
>> net.ipv4.tcp_keepalive_time = 120
>> net.core.wmem_max = 8388608
>> net.core.rmem_max = 8388608
>> net.ipv4.tcp_rmem = 4096 87380 8388608
>> net.ipv4.tcp_wmem = 4096 87380 8388608
>> net.core.somaxconn = 1024
>> kernel.pid_max = 65536
>> net.ipv4.conf.all.log_martians = 0
>> net.ipv4.conf.default.log_martians = 0
>> net.ipv4.conf.lo.log_martians = 0
>> net.ipv4.conf.eth0.log_martians = 0
>> net.ipv4.conf.eth1.log_martians = 0
>>
>> Our operating system is SuSE Linux Enterprise 11.0. The Nginx
>> configure params are the following:
>>
>> nginx version: nginx/1.2.1
>> built by gcc 4.3.2 [gcc-4_3-branch revision 141291] (SUSE Linux)
>> configure arguments: --prefix=/usr/local/nginx-1.2.1
>> --error-log-path=/var/log/nginx/error.log
>> --http-log-path=/var/log/nginx/access.log
>> --with-http_stub_status_module --without-http_autoindex_module
>> --without-http_geo_module --without-http_map_module
>> --without-http_referer_module --without-http_limit_conn_module
>> --without-http_empty_gif_module --without-mail_pop3_module
>> --without-mail_imap_module --without-mail_smtp_module
>> --with-http_geoip_module --with-pcre=/usr/local/src/nginx/pcre-8.30
>> --add-module=3rd/agentzh-nginx-eval-module-4eb2a02
>> --add-module=3rd/ngx_http_log_request_speed
>> --add-module=3rd/replay-ngx_http_generate_secure_download_links-4c1a46a
>> --add-module=3rd/agentzh-memc-nginx-module-8befc56
>> --add-module=3rd/agentzh-echo-nginx-module-080c0a1
>> --add-module=3rd/replay-ngx_http_php_memcache_standard_balancer-4f7dcba
>> --add-module=3rd/masterzen-nginx-upload-progress-module-a788dea
>> --add-module=3rd/replay-ngx_http_php_session-30f69b3
>> --add-module=3rd/simpl-ngx_devel_kit-24202b4
>> --add-module=3rd/chaoslawful-lua-nginx-module-c5be5ff
>> --add-module=3rd/replay-ngx_http_lower_upper_case-44958e0
>> --add-module=3rd/gnosek-nginx-upstream-fair-a18b409
>>
>> In the dmesg I cannot see anything suspicious, there are no segfaults
>> or related networking messages.
>>
>> I have already tried setting the Nginx error log to some high log
>> level, but I didn't see anything related to my problem, even at times
>> when I saw that the problem is happening.
>>
>> Now I don't really know what else to check anymore... I would be
>> really glad if somebody had some ideas?
>>
>> Thanks for help,
>>
>> Mauro
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From mdounin at mdounin.ru  Wed Jun 20 05:42:55 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 20 Jun 2012 09:42:55 +0400
Subject: Memory consumption in case of huge number of configs
In-Reply-To: <201206192246.52521.ne@vbart.ru>
References: <201206190313.43792.ne@vbart.ru>
	<e0cec55d807ac662b61a1aa64f42bf6c.NginxMailingListEnglish@forum.nginx.org>
	<201206192246.52521.ne@vbart.ru>
Message-ID: <20120620054255.GY31671@mdounin.ru>

Hello!

On Tue, Jun 19, 2012 at 10:46:52PM +0400, Valentin V. Bartenev wrote:

> On Tuesday 19 June 2012 19:42:14 dparshin wrote:
> [...]
> > > 
> > > Of course it creates a new pool. Nginx must
> > > continue to work and handle
> > > requests, even if it fails to load the new
> > > configuration.
> > 
> > Sounds reasonable, but unused pool(after reload process successfully
> > finished) is not destroyed,
> 
> Actually it is destroyed. But only after all old workers have finished
> servicing their clients.

No, old cycle's pool is destroyed right after new configuration 
reading, at ngx_init_cycle() end.

(Note that this applies to normal mode of operation with master 
process.  Without master process there are some shims to delay old 
cycle's pool destruction as it might be needed.  This is for 
debugging only though.)

Maxim Dounin


From agentzh at gmail.com  Wed Jun 20 06:25:42 2012
From: agentzh at gmail.com (agentzh)
Date: Wed, 20 Jun 2012 14:25:42 +0800
Subject: How to set html files into memcache
In-Reply-To: <43802bab51c1e65e62f2beec5229217d.NginxMailingListEnglish@forum.nginx.org>
References: <1b73dc6497f07a7dc3df130a6e67cf58.NginxMailingListEnglish@forum.nginx.org>
	<c561e739187efa0c6a0e1937f3d91343.NginxMailingListEnglish@forum.nginx.org>
	<43802bab51c1e65e62f2beec5229217d.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAB4Tn6NZA0ekf8OFrLByF_R8kDN03uCM_RXH3=oiNdmdhxE3Rw@mail.gmail.com>

Hello!

On Wed, Jun 20, 2012 at 10:00 AM, amodpandey <nginx-forum at nginx.us> wrote:
> Thank you agentzh.
>
> I is hitting memcache and I have rechecked it.
>

Also, ensure that you've configured the memcached connection pool and
if you're using local memcached, you'd better use the unix domain
socket to talk to memcached. Setting worker_cpu_affinity usually helps
as well.

If you're benchmarking ngx_srcache + ngx_memc with nginx's ngx_static
module with a single or just a few URLs, then there'll little
difference because the static file requests will hit the operating
system's page cache any way.

Best regards,
-agentzh


From agentzh at gmail.com  Wed Jun 20 06:32:31 2012
From: agentzh at gmail.com (agentzh)
Date: Wed, 20 Jun 2012 14:32:31 +0800
Subject: ngx.location.capture_multi multiple posts
In-Reply-To: <4FE08B76.2020904@zu-con.org>
References: <4FE08B76.2020904@zu-con.org>
Message-ID: <CAB4Tn6MOrPFm5oxVkHURTpa__z_MUd1G2v8X5uOqRh6jj1VDHw@mail.gmail.com>

Hello!

On Tue, Jun 19, 2012 at 10:23 PM, Matthias Rieber <ml-nginx at zu-con.org> wrote:
> I try to use ngx.location.capture_multi to send multiple post requests:
>
[...]
> ? ? ?content_by_lua '
> ? ? ? ?upstream_servers = {{"/server1", {copy_all_vars = true, method =
> ngx.HTTP_POST}},
> ? ? ? ? ? ? ? ? ? ? ? ? ? ?{"/server2", {copy_all_vars = true, method =
> ngx.HTTP_POST}},
> ? ? ? ? ? ? ? ? ? ? ? ? ? ?}

Here, you let the subrequests all inherit the request body of the
current request but one gotcha here is that the current request's body
can be consumed only once. So you have the following options:

1. Read the entire request body into memory or your custom file using
ngx_lua's ngx.req.get_body_data or ngx.req.get_body_file API, and then
feed that to your subrequest by specifying the "body" option value.

2. Read the request body in a streaming fashion by means of the
"downstream cosocket" object returned by ngx.req.socket(), and send
the data chunk received to multiple backend HTTP connections at the
same time by means of the "upstream cosocket" returned by
ngx.socket.tcp(). In this approach, you'll no longer use ngx_proxy.

Best regards,
-agentzh


From mauro.stettler at gmail.com  Wed Jun 20 11:57:13 2012
From: mauro.stettler at gmail.com (Mauro Stettler)
Date: Wed, 20 Jun 2012 19:57:13 +0800
Subject: Dropped connections on our Nginx
In-Reply-To: <CAP-8hjp9gQzVy3inPYFhVTb2_=D_znKXdYJhE+Sf1ZAUkSEbXg@mail.gmail.com>
References: <CAP-8hjp3jwabGyaFCT0ASBfD56CSpgSQctj8zaxXe=8MP9UHKA@mail.gmail.com>
	<CAP-8hjrsqwzWhh3ZXG0LEw1AC=sUzhcUocA+mknB7A5s1YhkOQ@mail.gmail.com>
	<930051EB-0303-47CA-988E-BB604431CB72@gmail.com>
	<CAP-8hjp9gQzVy3inPYFhVTb2_=D_znKXdYJhE+Sf1ZAUkSEbXg@mail.gmail.com>
Message-ID: <CAP-8hjrbzQZeTxnG0acs1PsH7m=c072K+x5JarNcFwW=1_CUCA@mail.gmail.com>

In the meantime I found that there is a log entry when this problem happens:

2012/06/20 13:14:33 [alert] 4340#0: *23199 http request count is zero
while sending to client, client: <ip>, server: <server>, request:
"POST /userProfile/updateVisitCountAndVisitHistory/user_id/<id>/gender/w/nickname/geilpopperrin/membership/normal/hash/bb7e2305b293458dc8e9043486a6a455
HTTP/1.1", upstream: "fastcgi://10.20.0.159:9000", host: "<host>",
referrer: "<referrer>"

If I understand that error right, it means that when Nginx tried to
build the reply to the client, it somehow lost the context to which
request this is associated to? As far as I see the error is outputted
from this part of the source:

src/http/ngx_http_request.c:
2983     if (r->count == 0) {
2984         ngx_log_error(NGX_LOG_ALERT, c->log, 0, "http request
count is zero");
2985     }

What would be a possible reason why the r->count is 0? Do I have to
assume that there is a bug in one of the 3th party modules which are
used?

Mauro



On Wed, Jun 20, 2012 at 1:08 PM, Mauro Stettler
<mauro.stettler at gmail.com> wrote:
> its set to a high value:
>
> rsid-a-57:/etc/nginx # ulimit -n
> 524288
>
> i think if the problem would be the fs ulimit, i should see some error
> related to that no more files can be opened. but there is no such
> error.
>
>
>
> On Wed, Jun 20, 2012 at 12:54 PM, Payam Chychi <pchychi at gmail.com> wrote:
>> whats ur fs ulimit set to?
>>
>>
>> Sent from my iPhone
>>
>> On 2012-06-19, at 9:52 PM, Mauro Stettler <mauro.stettler at gmail.com> wrote:
>>
>>> Hi list
>>>
>>> I have a problem with dropped connections on an Nginx cluster that has
>>> up to 100k requests per minute per Nginx instance. It seems that in
>>> around 1 of 10`000 requests that are sent to our Nginx, the TCP
>>> connection just gets reset by the server. At first I was guessing that
>>> some values in the /etc/sysctl.conf are maybe causing this problem,
>>> because we have modified multiple TCP related values there. But after
>>> resetting all of them to the default, the connection resets still kept
>>> happening.
>>>
>>> I am guessing the problem must be related to Nginx and not to a kernel
>>> setting because in our traffic only around 25% of all requests are
>>> POSTs and the rest are GETs, but more than 90% of the requests where
>>> the problem appears are POSTs. I don't think that the kernel can be
>>> aware if a request is POST or GET.
>>>
>>> The problem happens on many different URLs, mostly ones where we POST
>>> to, so it does not seem to be related to any rewrite rules.
>>>
>>> I have tcpdumped the problem and I can see that the request was sent
>>> correctly by the client. But after the request was received by the
>>> Nginx, it only sends back a packet with the ACK and FIN flags set. So
>>> the connection gets killed and most of the browsers display some empty
>>> pages or "zero sized reply" errors. The fact that the FIN is sent by
>>> the server makes me assume that the problem cannot be related to
>>> network hardware. Also we have this problem on all Nginx instances
>>> inside that cluster, so I don't think its related to broken networking
>>> hardware.
>>>
>>> When the problem happens, i see statements like this one in the access
>>> log. As you can see the Nginx says HTTP status code and length both
>>> are 0:
>>> <ip> - - [20/Jun/2012:04:13:23 +0200] "POST
>>> /userProfile/rateResult?userId=<id>&_csrf_token=7e23ef60c67800c4765d32b0536fc536&rate=5
>>> HTTP/1.1" 0 0 "<referer>" "Mozilla/5.0 (X11; U; Linux x86_64; en-US;
>>> rv:1.9.1.6) Gecko/20091216 Mandriva Linux/1.9.1.6-0.1mdv2010.0
>>> (2010.0) Firefox/3.5.6"
>>>
>>> What i also find very interesting is that the problem can happen at
>>> any time, so it does not seem to be related to the load or number of
>>> requests on the Nginx. In the morning hours we have less than 5% of
>>> the traffic of the evening hours, and still I sometimes see this
>>> problem appearing in the morning.
>>>
>>> My Nginx config is very long, so its too long to post it here. So I
>>> only post the parts which i think might be important, without all the
>>> rewrite rules:
>>>
>>> user wwwrun www;
>>> worker_processes 64;
>>> worker_rlimit_nofile 524288;
>>>
>>> events {
>>> ? ?worker_connections 32768;
>>> ? ?use epoll;
>>> ? ?multi_accept on;
>>> }
>>>
>>> http {
>>> ? ?sendfile on;
>>> ? ?tcp_nopush on;
>>> ? ?keepalive_requests 0;
>>> ? ?recursive_error_pages on;
>>> ? ?large_client_header_buffers 4 16k;
>>>
>>> What I also found via tcpdump is that on the requests where this
>>> problem appears, the Nginx receives the incoming request and then
>>> sends the correct request to the FastCGI backend and also receives the
>>> correct answer from the backend, but before the answer from the
>>> backend comes back (less than 300ms), it already resets the client's
>>> connection.
>>>
>>> Just in case this matters anyhow, this is my sysctl.conf:
>>>
>>> net.ipv4.icmp_echo_ignore_broadcasts = 1
>>> net.ipv4.conf.all.rp_filter = 1
>>> fs.inotify.max_user_watches = 65536
>>> net.ipv4.conf.default.promote_secondaries = 1
>>> net.ipv4.conf.all.promote_secondaries = 1
>>> net.ipv4.ip_forward = 0
>>> net.ipv4.conf.lo.arp_ignore = 1
>>> net.ipv4.conf.lo.arp_announce = 2
>>> net.ipv4.conf.all.arp_ignore = 1
>>> net.ipv4.conf.all.arp_announce = 2
>>> net.netfilter.nf_conntrack_max = 262144
>>> net.nf_conntrack_max = 262144
>>> net.ipv4.tcp_max_syn_backlog = 30000
>>> net.ipv4.tcp_max_tw_buckets = 2000000
>>> net.core.netdev_max_backlog = 50000
>>> net.ipv4.tcp_tw_reuse = 0
>>> net.ipv4.tcp_tw_recycle = 1
>>> net.ipv4.tcp_fin_timeout = 3
>>> net.ipv4.tcp_keepalive_time = 120
>>> net.core.wmem_max = 8388608
>>> net.core.rmem_max = 8388608
>>> net.ipv4.tcp_rmem = 4096 87380 8388608
>>> net.ipv4.tcp_wmem = 4096 87380 8388608
>>> net.core.somaxconn = 1024
>>> kernel.pid_max = 65536
>>> net.ipv4.conf.all.log_martians = 0
>>> net.ipv4.conf.default.log_martians = 0
>>> net.ipv4.conf.lo.log_martians = 0
>>> net.ipv4.conf.eth0.log_martians = 0
>>> net.ipv4.conf.eth1.log_martians = 0
>>>
>>> Our operating system is SuSE Linux Enterprise 11.0. The Nginx
>>> configure params are the following:
>>>
>>> nginx version: nginx/1.2.1
>>> built by gcc 4.3.2 [gcc-4_3-branch revision 141291] (SUSE Linux)
>>> configure arguments: --prefix=/usr/local/nginx-1.2.1
>>> --error-log-path=/var/log/nginx/error.log
>>> --http-log-path=/var/log/nginx/access.log
>>> --with-http_stub_status_module --without-http_autoindex_module
>>> --without-http_geo_module --without-http_map_module
>>> --without-http_referer_module --without-http_limit_conn_module
>>> --without-http_empty_gif_module --without-mail_pop3_module
>>> --without-mail_imap_module --without-mail_smtp_module
>>> --with-http_geoip_module --with-pcre=/usr/local/src/nginx/pcre-8.30
>>> --add-module=3rd/agentzh-nginx-eval-module-4eb2a02
>>> --add-module=3rd/ngx_http_log_request_speed
>>> --add-module=3rd/replay-ngx_http_generate_secure_download_links-4c1a46a
>>> --add-module=3rd/agentzh-memc-nginx-module-8befc56
>>> --add-module=3rd/agentzh-echo-nginx-module-080c0a1
>>> --add-module=3rd/replay-ngx_http_php_memcache_standard_balancer-4f7dcba
>>> --add-module=3rd/masterzen-nginx-upload-progress-module-a788dea
>>> --add-module=3rd/replay-ngx_http_php_session-30f69b3
>>> --add-module=3rd/simpl-ngx_devel_kit-24202b4
>>> --add-module=3rd/chaoslawful-lua-nginx-module-c5be5ff
>>> --add-module=3rd/replay-ngx_http_lower_upper_case-44958e0
>>> --add-module=3rd/gnosek-nginx-upstream-fair-a18b409
>>>
>>> In the dmesg I cannot see anything suspicious, there are no segfaults
>>> or related networking messages.
>>>
>>> I have already tried setting the Nginx error log to some high log
>>> level, but I didn't see anything related to my problem, even at times
>>> when I saw that the problem is happening.
>>>
>>> Now I don't really know what else to check anymore... I would be
>>> really glad if somebody had some ideas?
>>>
>>> Thanks for help,
>>>
>>> Mauro
>>>
>>> _______________________________________________
>>> nginx mailing list
>>> nginx at nginx.org
>>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx


From mdounin at mdounin.ru  Wed Jun 20 12:48:10 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 20 Jun 2012 16:48:10 +0400
Subject: Dropped connections on our Nginx
In-Reply-To: <CAP-8hjrsqwzWhh3ZXG0LEw1AC=sUzhcUocA+mknB7A5s1YhkOQ@mail.gmail.com>
References: <CAP-8hjp3jwabGyaFCT0ASBfD56CSpgSQctj8zaxXe=8MP9UHKA@mail.gmail.com>
	<CAP-8hjrsqwzWhh3ZXG0LEw1AC=sUzhcUocA+mknB7A5s1YhkOQ@mail.gmail.com>
Message-ID: <20120620124810.GD31671@mdounin.ru>

Hello!

On Wed, Jun 20, 2012 at 10:52:36AM +0800, Mauro Stettler wrote:

[...]

> When the problem happens, i see statements like this one in the access
> log. As you can see the Nginx says HTTP status code and length both
> are 0:
> <ip> - - [20/Jun/2012:04:13:23 +0200] "POST
> /userProfile/rateResult?userId=<id>&_csrf_token=7e23ef60c67800c4765d32b0536fc536&rate=5
> HTTP/1.1" 0 0 "<referer>" "Mozilla/5.0 (X11; U; Linux x86_64; en-US;
> rv:1.9.1.6) Gecko/20091216 Mandriva Linux/1.9.1.6-0.1mdv2010.0
> (2010.0) Firefox/3.5.6"

The status 0 suggests there is a major problem which caused 
request to be terminated abnormally before status was set.  This 
might happen if there is lack of some resources (e.g. no memory) - 
this should have an entry in error log though.

Alternatively, this might happen due to some bug, which doesn't 
seems unrealistic specially given the number of 3rd party modules 
you use.

[...]

> Now I don't really know what else to check anymore... I would be
> really glad if somebody had some ideas?

I would recommend to:

1. Try to reproduce the problem without 3rd party modules/patches.

2. Try to obtain debug log of a problematic request.

See here for more details:
http://wiki.nginx.org/Debugging

Maxim Dounin


From mdounin at mdounin.ru  Wed Jun 20 12:55:39 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 20 Jun 2012 16:55:39 +0400
Subject: Dropped connections on our Nginx
In-Reply-To: <CAP-8hjrbzQZeTxnG0acs1PsH7m=c072K+x5JarNcFwW=1_CUCA@mail.gmail.com>
References: <CAP-8hjp3jwabGyaFCT0ASBfD56CSpgSQctj8zaxXe=8MP9UHKA@mail.gmail.com>
	<CAP-8hjrsqwzWhh3ZXG0LEw1AC=sUzhcUocA+mknB7A5s1YhkOQ@mail.gmail.com>
	<930051EB-0303-47CA-988E-BB604431CB72@gmail.com>
	<CAP-8hjp9gQzVy3inPYFhVTb2_=D_znKXdYJhE+Sf1ZAUkSEbXg@mail.gmail.com>
	<CAP-8hjrbzQZeTxnG0acs1PsH7m=c072K+x5JarNcFwW=1_CUCA@mail.gmail.com>
Message-ID: <20120620125539.GE31671@mdounin.ru>

Hello!

On Wed, Jun 20, 2012 at 07:57:13PM +0800, Mauro Stettler wrote:

> In the meantime I found that there is a log entry when this problem happens:
> 
> 2012/06/20 13:14:33 [alert] 4340#0: *23199 http request count is zero
> while sending to client, client: <ip>, server: <server>, request:
> "POST /userProfile/updateVisitCountAndVisitHistory/user_id/<id>/gender/w/nickname/geilpopperrin/membership/normal/hash/bb7e2305b293458dc8e9043486a6a455
> HTTP/1.1", upstream: "fastcgi://10.20.0.159:9000", host: "<host>",
> referrer: "<referrer>"
> 
> If I understand that error right, it means that when Nginx tried to
> build the reply to the client, it somehow lost the context to which
> request this is associated to? As far as I see the error is outputted
> from this part of the source:
> 
> src/http/ngx_http_request.c:
> 2983     if (r->count == 0) {
> 2984         ngx_log_error(NGX_LOG_ALERT, c->log, 0, "http request
> count is zero");
> 2985     }
> 
> What would be a possible reason why the r->count is 0?

The message means that nginx detected request reference count 
being incorrect.  This in turn means there is a bug somewhere.

> Do I have to assume that there is a bug in one of the 3th party 
> modules which are used?

Likely yes.

Maxim Dounin


From i.hailperin at heinlein-support.de  Wed Jun 20 15:02:29 2012
From: i.hailperin at heinlein-support.de (Isaac Hailperin)
Date: Wed, 20 Jun 2012 17:02:29 +0200
Subject: reverse proxy shopping system
Message-ID: <4FE1E605.5020907@heinlein-support.de>

Hi,

I have several shopping systems running on apache that I would like to 
proxy with nginx. In general it works fine, but in some shops I have the 
problem that when I add items to the shopping cart and then proceed to 
view the shopping cart, the cart seems empty. Without the proxy it works 
just fine.

So I was wondering how I could debug this. Any hints on how to takle 
this so I have a clue on how I could configure nginx so that it works 
would be apreciated.

Isaac


From nginx-forum at nginx.us  Wed Jun 20 17:23:06 2012
From: nginx-forum at nginx.us (munkhabi)
Date: Wed, 20 Jun 2012 13:23:06 -0400 (EDT)
Subject: Need help with writing module
Message-ID: <47bc9cdaaf3cccc9ab3151edec41b4b9.NginxMailingListEnglish@forum.nginx.org>

I am new to nginx. This going to be my first module. What would be best
way to write it? When there is specific http requeset, module should
open file and read the tex from it, and write some text to the file. It
should write it after specific text that is why it needs to read text
from file. I could not find any info on how to use files in modules.

Thank you very much.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227728,227728#msg-227728


From dustinwenz at ebureau.com  Wed Jun 20 17:26:51 2012
From: dustinwenz at ebureau.com (Dustin Wenz)
Date: Wed, 20 Jun 2012 12:26:51 -0500
Subject: Error handling of "Connection refused" conditions
Message-ID: <A7CB0F92-3075-47BF-98F4-510F33D9B9A3@ebureau.com>

I am using nginx to distribute http load across three upstream application servers. It actually works really well in normal usage, but when we restart one of the upstream servers for maintenance (such as for an OS update), nginx tends to hang incoming requests for some time (30 seconds or more). When a node is brought offline, the nginx error logs show a few messages like this:

	upstream prematurely closed connection while reading response header from upstream

Followed by many messages like this (these last basically as long as the node is offline):

	kevent() reported that connect() failed (61: Connection refused) while connecting to upstream

This seems ok to me, since the upstream server did go away. What should I expect to see of incoming http requests when this happens? Shouldn't nginx route requests to the remaining application servers, making the outage invisible to users? If it's expected to hang some requests when this happens, what timeout could be adjusted to minimize that duration?

Thanks,

	- .Dustin

From nginx-forum at nginx.us  Wed Jun 20 17:37:27 2012
From: nginx-forum at nginx.us (munkhabi)
Date: Wed, 20 Jun 2012 13:37:27 -0400 (EDT)
Subject: Need help with writing module
In-Reply-To: <47bc9cdaaf3cccc9ab3151edec41b4b9.NginxMailingListEnglish@forum.nginx.org>
References: <47bc9cdaaf3cccc9ab3151edec41b4b9.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <db6ec2db8df7e9e1b5508bea080e0d82.NginxMailingListEnglish@forum.nginx.org>

Forgot to add. I do not want to use FastCGI or anything like it.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227728,227730#msg-227730


From nginx-forum at nginx.us  Wed Jun 20 17:42:23 2012
From: nginx-forum at nginx.us (amodpandey)
Date: Wed, 20 Jun 2012 13:42:23 -0400 (EDT)
Subject: HttpProxyModule vs HttpFastcgiModule
Message-ID: <f61434edaa599ff4e6a5735e8a52242f.NginxMailingListEnglish@forum.nginx.org>

1. As I understand, we have to use HttpFastcgiModule for fastcgi call
caching and HttpProxyModule for static files. Could someone please
explain the reasons for why we have this distinction. In most of the
cases I observed that there are similar directives only varying in the
prefix, fastcgi_ vs proxy_.

2. I have a nginx server that has php-fpm. There I used the fastcgi_
cache and I could see the caching. Now I have a proxy server where I
want to achieve the caching. Now, should I be using fastcgi_ cahe or
proxy_ cache? Most likely it should be proxy_ cache!! But please help me
understand. And if it proxy_ cache then having fastcgi_ cache at the
first level is meaningless. We should have been fine with proxy_ and
fastcgi_ should not have been there.

3. Clould someone also help me understand the flow of fastcgi caching.
Static caching is somewhat clear.

4. I observed that the fastcgi response is cached as HTTP response (i.e.
with HEADERS) unlike the static cache (files as sent to the client). I
hope this is right. Why is this difference as compared to static
caching.

5. Why is the temp location requied (How is spooling helpful here) ?

6. fastcgi_cache_use_stale error  timeout invalid_header http_500; -
When is this directive helpful?
 
I have gone through the nginx documentation. But I could not get these
answers. It would be helpful if someone explains it.

Thank you.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227731,227731#msg-227731


From francis at daoine.org  Wed Jun 20 18:37:59 2012
From: francis at daoine.org (Francis Daly)
Date: Wed, 20 Jun 2012 19:37:59 +0100
Subject: HttpProxyModule vs HttpFastcgiModule
In-Reply-To: <f61434edaa599ff4e6a5735e8a52242f.NginxMailingListEnglish@forum.nginx.org>
References: <f61434edaa599ff4e6a5735e8a52242f.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120620183759.GK6210@craic.sysops.org>

On Wed, Jun 20, 2012 at 01:42:23PM -0400, amodpandey wrote:

Hi there,

> 1. As I understand, we have to use HttpFastcgiModule for fastcgi call
> caching and HttpProxyModule for static files.

Not quite.

HttpFastcgiModule is for when you want nginx to talk to a fastcgi server.

HttpProxyModule is for when you want nginx to talk to a http (or https)
server.

They speak different protocols, they use different modules.

(There are other modules for when you want nginx to talk to a server
using yet another protocol.)

The http server you talk to using the proxy module can be as dynamic as
you want -- all nginx cares about is that it communicates using http.

> In most of the
> cases I observed that there are similar directives only varying in the
> prefix, fastcgi_ vs proxy_.

The user-facing parts are deliberately kept broadly similar among all
of the "use a specific protocol to talk to an external server" modules.

> 2. I have a nginx server that has php-fpm.

You have an nginx server; and you have a php-fpm server, which is a
fastcgi server and uses the fastcgi protocol.

Therefore you use the fastcgi module to allow nginx to speak fastcgi to
the fastcgi server.

> There I used the fastcgi_
> cache and I could see the caching. Now I have a proxy server where I
> want to achieve the caching. Now, should I be using fastcgi_ cahe or
> proxy_ cache? Most likely it should be proxy_ cache!! But please help me
> understand.

Now you have a http server, and you want nginx to speak http to it? Use
the proxy module.

fastcgi_cache can be used to cache what is returned from a fastcgi_pass
directive.

proxy_cache can be used to cache what is returned from a proxy_pass
directive.

> 3. Clould someone also help me understand the flow of fastcgi caching.
> Static caching is somewhat clear.

I'm not sure what you are asking.

"static caching" is based on the http response from a http
server. "fastcgi caching" is based on the fastcgi response from a fastcgi
server, which (deliberately) includes content very similar to that of
a http response.

Which part is unclear?

>From the user point of view, you probably don't care about the
difference. Request comes in; response goes out. Maybe the response came
from the cache; maybe the response came from the back-end server. As
the admin, you want to make sure it uses the cache where possible. As
the user, you don't care (unless it is using the cache where it really
shouldn't).

> 4. I observed that the fastcgi response is cached as HTTP response (i.e.
> with HEADERS) unlike the static cache (files as sent to the client). I
> hope this is right. Why is this difference as compared to static
> caching.

That doesn't match what I observe with the result of a proxy_cache
directive.

> 5. Why is the temp location requied (How is spooling helpful here) ?

Atomicity.

If there is a file with the right name in the cache, then it is known
to be correct.

If instead you wrote that file a bit at a time, then a concurrent request
could return a broken partial response.

So write to a temp file, then move to the final place when it is correct.

> 6. fastcgi_cache_use_stale error  timeout invalid_header http_500; -
> When is this directive helpful?

http://nginx.org/r/fastcgi_cache_use_stale

Which part is unclear?

All the best,

	f
-- 
Francis Daly        francis at daoine.org


From r at roze.lv  Wed Jun 20 18:45:05 2012
From: r at roze.lv (Reinis Rozitis)
Date: Wed, 20 Jun 2012 21:45:05 +0300
Subject: Need help with writing module
In-Reply-To: <47bc9cdaaf3cccc9ab3151edec41b4b9.NginxMailingListEnglish@forum.nginx.org>
References: <47bc9cdaaf3cccc9ab3151edec41b4b9.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <ED173FCF1F6F48AFB53A58AB76020B49@NeiRoze>

> I am new to nginx. This going to be my first module. What would be best
> way to write it? When there is specific http requeset, module should
> open file and read the tex from it, and write some text to the file. It
> should write it after specific text that is why it needs to read text
> from file. I could not find any info on how to use files in modules.


Unless there are some specific reasons it seems it would be more simple for 
you to add such feature via the embedded perl ( 
http://wiki.nginx.org/HttpPerlModule ) or lua module ( 
http://wiki.nginx.org/HttpLuaModule ).

rr 


From r at roze.lv  Wed Jun 20 19:04:15 2012
From: r at roze.lv (Reinis Rozitis)
Date: Wed, 20 Jun 2012 22:04:15 +0300
Subject: Error handling of "Connection refused" conditions
In-Reply-To: <A7CB0F92-3075-47BF-98F4-510F33D9B9A3@ebureau.com>
References: <A7CB0F92-3075-47BF-98F4-510F33D9B9A3@ebureau.com>
Message-ID: <55015A718919406C976BAFF693F7D6A6@NeiRoze>

> I am using nginx to distribute http load across three upstream application 
> servers. It actually works really well in normal usage, but when we 
> restart one of the upstream servers for maintenance (such as for an OS 
> update), nginx tends to hang incoming requests for some time (30 seconds 
> or more). When a node is brought offline, the nginx error logs show a few 
> messages like this:


You should probably post the relevant parts of your configuration since 
there are quite few parameters to tune nginx for a better responsiveness.

To name a few: proxy_connect_timeout, proxy_read_timeout, proxy_send_timeout 
which by default are 60 seconds (what could explain your "hanging" 
requests), lowering those allows 'proxy_next_upstream' (by default - timeout 
and error) kick in sooner so the backend changes/restarts are seemless and 
don't really affect the end-users so much.

rr 


From dustinwenz at ebureau.com  Wed Jun 20 19:40:52 2012
From: dustinwenz at ebureau.com (Dustin Wenz)
Date: Wed, 20 Jun 2012 14:40:52 -0500
Subject: Error handling of "Connection refused" conditions
In-Reply-To: <55015A718919406C976BAFF693F7D6A6@NeiRoze>
References: <A7CB0F92-3075-47BF-98F4-510F33D9B9A3@ebureau.com>
	<55015A718919406C976BAFF693F7D6A6@NeiRoze>
Message-ID: <2AEC219D-4DFA-4DA5-BD6D-670FE9B5690F@ebureau.com>

This is how an affected service is configured. We have our proxy_read_timeout set high, because some requests can legitimately take that long to return. Any other timeouts would be the default; presumably 60 seconds.

	upstream pool012 {
	    server 172.16.1.223:80;
	    server 172.16.1.224:80;
	    server 172.16.1.225:80;
	    server 172.16.1.226:80;
	    server 172.16.1.227:80;
	 }

	keepalive_timeout  65;

	server {
	    listen       172.16.6.103:80;
	    server_name  application012.domain.com;

	    error_log       logs/application012.error.log ;

	    location / {
	        proxy_pass  http://pool012;
	        proxy_next_upstream error timeout invalid_header http_500 http_502 http_503;
	        proxy_redirect     off;
		proxy_read_timeout 930s;
	    }
	}


Is it considered good practice to reduce proxy_connect_timeout to some small value if responsiveness during an outage is desired?

	- .Dustin

On Jun 20, 2012, at 2:04 PM, Reinis Rozitis wrote:

>> I am using nginx to distribute http load across three upstream application servers. It actually works really well in normal usage, but when we restart one of the upstream servers for maintenance (such as for an OS update), nginx tends to hang incoming requests for some time (30 seconds or more). When a node is brought offline, the nginx error logs show a few messages like this:
> 
> 
> You should probably post the relevant parts of your configuration since there are quite few parameters to tune nginx for a better responsiveness.
> 
> To name a few: proxy_connect_timeout, proxy_read_timeout, proxy_send_timeout which by default are 60 seconds (what could explain your "hanging" requests), lowering those allows 'proxy_next_upstream' (by default - timeout and error) kick in sooner so the backend changes/restarts are seemless and don't really affect the end-users so much.
> 
> rr 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From r at roze.lv  Wed Jun 20 20:58:11 2012
From: r at roze.lv (Reinis Rozitis)
Date: Wed, 20 Jun 2012 23:58:11 +0300
Subject: Error handling of "Connection refused" conditions
In-Reply-To: <2AEC219D-4DFA-4DA5-BD6D-670FE9B5690F@ebureau.com>
References: <A7CB0F92-3075-47BF-98F4-510F33D9B9A3@ebureau.com><55015A718919406C976BAFF693F7D6A6@NeiRoze>
	<2AEC219D-4DFA-4DA5-BD6D-670FE9B5690F@ebureau.com>
Message-ID: <7A6B3E5116FB48B08290BC01C9BA9C02@NeiRoze>

> Is it considered good practice to reduce proxy_connect_timeout to some 
> small value if responsiveness during an outage is desired?

It depends on the nature of the (backend) software and the network 
infrastucture/latency -  the closer the servers (network-wise) and the 
higher throughput of the application the lower you can/should set it.

There is also a general observation/standard or apdex (Application 
Performance Index) that average web-user starts to become "unsatisfied" if 
the request takes more than 1-2 seconds so using the default 60 seconds (in 
case of some backend failure) to deliver the content makes no sense - the 
user will sooner hit refresh / just close the browsers (go to another site) 
or fall in panic than wait for anything to load.


On the other hand making nginx immideatly close and switch to another 
backend isnt always the (best) solution - especially if the backends do some 
long running computations and/or accept only limited number of connections. 
This way quickly cycling through all backends won't serve a good response at 
all what matters if you have an extra caching layer above (to fetch a valid 
object (html/image etc)) or some sort of transactions (like payment systems) 
which just take time and each request is important.


I usually set it to 2-3 seconds.
That way I can also indicate if the backends perform well enough and react 
if a new bottleneck arises - the application code, underlaying 
DBs/filesystems start to get too slow.


rr 


From nginx-forum at nginx.us  Thu Jun 21 01:34:49 2012
From: nginx-forum at nginx.us (tonny.young)
Date: Wed, 20 Jun 2012 21:34:49 -0400 (EDT)
Subject: custom Nginx module memleaks problem
Message-ID: <78f54fbd0a9354974ecb2433162b3847.NginxMailingListEnglish@forum.nginx.org>

Hi all,


Recently I write a simple Nginx module ,but when I deploy it on the
product environment it will make the Nginx service crash as it takes too
many memory.The main handler code is here  

http://codepad.org/2H9We02C 


I've checked the code from time to time but still cannot solve the
problem.And I hope someone offer me some suggestions about it.

regards

Tonny

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227746,227746#msg-227746


From zhuzhaoyuan at gmail.com  Thu Jun 21 02:55:41 2012
From: zhuzhaoyuan at gmail.com (Joshua Zhu)
Date: Thu, 21 Jun 2012 10:55:41 +0800
Subject: custom Nginx module memleaks problem
In-Reply-To: <78f54fbd0a9354974ecb2433162b3847.NginxMailingListEnglish@forum.nginx.org>
References: <78f54fbd0a9354974ecb2433162b3847.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAOKiq2AjH-0Wf_9-VUZPx-aTMvb_bSX-+JwwnQ+YdKWiB5XJPA@mail.gmail.com>

Hi,

On Thu, Jun 21, 2012 at 9:34 AM, tonny.young <nginx-forum at nginx.us> wrote:

> Hi all,
>
>
> Recently I write a simple Nginx module ,but when I deploy it on the
> product environment it will make the Nginx service crash as it takes too
> many memory.The main handler code is here
>
> http://codepad.org/2H9We02C
>
>
> I've checked the code from time to time but still cannot solve the
> problem.And I hope someone offer me some suggestions about it.
>

Why not use the standard memcache module or agentzh's memc module?
They will not block as your module does and I believe there will be no
memory leak either.

Regards,

-- 
Joshua Zhu
Senior Software Engineer
Server Platforms Team at Taobao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120621/14ea226e/attachment.html>

From nginx-forum at nginx.us  Thu Jun 21 07:10:39 2012
From: nginx-forum at nginx.us (atrus)
Date: Thu, 21 Jun 2012 03:10:39 -0400 (EDT)
Subject: Catch success download file event.
In-Reply-To: <029a6fbe4ced7a4dafcb989c6954501b.NginxMailingListEnglish@forum.nginx.org>
References: <029a6fbe4ced7a4dafcb989c6954501b.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <04be9de949c04363695d300d418b0de1.NginxMailingListEnglish@forum.nginx.org>

Found this :

http://www.linuxbyexamples.net/linux/nginx/nginx-post-action-to-trigger-successfully-download

Thanks.

Atrus@

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,223870,227753#msg-227753


From i.hailperin at heinlein-support.de  Thu Jun 21 09:08:39 2012
From: i.hailperin at heinlein-support.de (Isaac Hailperin)
Date: Thu, 21 Jun 2012 11:08:39 +0200
Subject: reverse proxy shopping system
In-Reply-To: <4FE1E605.5020907@heinlein-support.de>
References: <4FE1E605.5020907@heinlein-support.de>
Message-ID: <4FE2E497.9010102@heinlein-support.de>

I found out that the proxied version of the websites misses a certain 
cookie, which is present in the unproxied versions. Of course its not 
clear that his is the root of the problem, but at least a hint.

The proxy module defines two parameters related to cookies, 
proxy_cookie_domain and proxy_cookie_path. As far as I understand, these 
parameters are not suitable for solving my problem. Please correct me.

Any hint?

Isaac

On 06/20/2012 05:02 PM, Isaac Hailperin wrote:
> Hi,
>
> I have several shopping systems running on apache that I would like to
> proxy with nginx. In general it works fine, but in some shops I have the
> problem that when I add items to the shopping cart and then proceed to
> view the shopping cart, the cart seems empty. Without the proxy it works
> just fine.
>
> So I was wondering how I could debug this. Any hints on how to takle
> this so I have a clue on how I could configure nginx so that it works
> would be apreciated.
>
> Isaac
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From i.hailperin at heinlein-support.de  Thu Jun 21 09:22:01 2012
From: i.hailperin at heinlein-support.de (Isaac Hailperin)
Date: Thu, 21 Jun 2012 11:22:01 +0200
Subject: reverse proxy shopping system
In-Reply-To: <4FE1E605.5020907@heinlein-support.de>
References: <4FE1E605.5020907@heinlein-support.de>
Message-ID: <4FE2E7B9.5080006@heinlein-support.de>

ok, adding the nginx repo to my debian 6 replaced the historic version 
that ships with debian (0.7) with version 1.2, which solved the problem.

Sorry for bothering you.

Isaac

On 06/20/2012 05:02 PM, Isaac Hailperin wrote:
> Hi,
>
> I have several shopping systems running on apache that I would like to
> proxy with nginx. In general it works fine, but in some shops I have the
> problem that when I add items to the shopping cart and then proceed to
> view the shopping cart, the cart seems empty. Without the proxy it works
> just fine.
>
> So I was wondering how I could debug this. Any hints on how to takle
> this so I have a clue on how I could configure nginx so that it works
> would be apreciated.
>
> Isaac
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From nginx-forum at nginx.us  Thu Jun 21 11:46:12 2012
From: nginx-forum at nginx.us (LexxTheFox)
Date: Thu, 21 Jun 2012 07:46:12 -0400 (EDT)
Subject: Different limit_req rules for different user agents
In-Reply-To: <201206181706.31576.ne@vbart.ru>
References: <201206181706.31576.ne@vbart.ru>
Message-ID: <aae5a1a8d8bde80a01a8982567d9aa3b.NginxMailingListEnglish@forum.nginx.org>

Valentin V. Bartenev Wrote:
-------------------------------------------------------

>   http {
> 
>       map $http_user_agent $limit_bots {
>           default '';
>           ~*(google|bing|yandex|msnbot)
> $binary_remote_addr;
>       }
> 
>       limit_req_zone $limit_bots zone=bots:10m
> rate=1r/m;
> 
>       server {
>           location / {
>               limit_req zone=bots burst=5 nodelay;
>           }
>       }
>   }
>
>  wbr, Valentin V. Bartenev

Hello.

I still don't really get the 'map' magic. This example does not work for
me - bots still connect as often as they please. But your example gave
me an idea. After some reading and fiddling I managed to solve the
riddle this way:

http {
limit_req_zone $limit_bots zone=bots:10m rate=1r/m;
       server {
          location / {
            set $bot '';
            if ($http_user_agent ~* (google|bing|yandex|msnbot) ) {set
$limit_bots $binary_remote_addr;}
            limit_req zone=bots burst=5 nodelay;
           }
       }
   }

I will continue reading docs and hope to figure everything out
eventually. By now it works for me.

Thank you for your help!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227641,227759#msg-227759


From hoffman_brian at bah.com  Thu Jun 21 13:36:27 2012
From: hoffman_brian at bah.com (Hoffman, Brian [USA])
Date: Thu, 21 Jun 2012 13:36:27 +0000
Subject: nginx 1.2.1 won't start with large CRL
Message-ID: <CC089BCE.24206%hoffman_brian@bah.com>


I have a CRL loaded into ssl_crl variable in the config file that's about 256MB in size and nginx won't start. I get the following error:

nginx: [emerg] fork() failed (12: Cannot allocate memory)

I believe this is due to nginx trying to load the file into memory and it's bombing. It maxes out my server's RAM and then just crashes.


- Brian
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120621/72220cc2/attachment.html>

From nginx-forum at nginx.us  Thu Jun 21 13:51:10 2012
From: nginx-forum at nginx.us (umar)
Date: Thu, 21 Jun 2012 09:51:10 -0400 (EDT)
Subject: json files download
Message-ID: <6e6372aec1d04a75a563db22d7507220.NginxMailingListEnglish@forum.nginx.org>

Hi,

I have moved from apache to NGINX+PHP-FPM, now there some problem with
.json file, In apache whenver I access .json file the output shows on
browser page. But in NGINX its try to download.

Would you please help me who to solve this issue?

Best Regards,

Umar

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227766,227766#msg-227766


From r at roze.lv  Thu Jun 21 13:59:49 2012
From: r at roze.lv (Reinis Rozitis)
Date: Thu, 21 Jun 2012 16:59:49 +0300
Subject: json files download
In-Reply-To: <6e6372aec1d04a75a563db22d7507220.NginxMailingListEnglish@forum.nginx.org>
References: <6e6372aec1d04a75a563db22d7507220.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <6DB96359FCE24B2E8FEF3704724E724E@DD21>

You have to add .json to your mime.types file (the default for unknown file extensions is default_type  application/octet-stream; 
which usually all browsers download).

Egg open conf/mime.types find the line:

text/plain                            txt;

add json there:

text/plain                            txt json;


.. and reload or restart nginx (clear browser cache to be sure).


rr


-----Original Message----- 
From: umar
Sent: Thursday, June 21, 2012 4:51 PM
To: nginx at nginx.org
Subject: json files download

Hi,

I have moved from apache to NGINX+PHP-FPM, now there some problem with
.json file, In apache whenver I access .json file the output shows on
browser page. But in NGINX its try to download.

Would you please help me who to solve this issue?

Best Regards,

Umar

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227766,227766#msg-227766

_______________________________________________
nginx mailing list
nginx at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx 


From ne at vbart.ru  Thu Jun 21 14:00:40 2012
From: ne at vbart.ru (Valentin V. Bartenev)
Date: Thu, 21 Jun 2012 18:00:40 +0400
Subject: json files download
In-Reply-To: <6e6372aec1d04a75a563db22d7507220.NginxMailingListEnglish@forum.nginx.org>
References: <6e6372aec1d04a75a563db22d7507220.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <201206211800.40516.ne@vbart.ru>

On Thursday 21 June 2012 17:51:10 umar wrote:
> Hi,
> 
> I have moved from apache to NGINX+PHP-FPM, now there some problem with
> .json file, In apache whenver I access .json file the output shows on
> browser page. But in NGINX its try to download.
> 
> Would you please help me who to solve this issue?

http://nginx.org/r/types

You should set "application/json" for .json files.

 wbr, Valentin V. Bartenev


From fernando at funciton.com  Thu Jun 21 14:13:13 2012
From: fernando at funciton.com (=?utf-8?Q?Fernando_Fl=C3=B3rez?=)
Date: Thu, 21 Jun 2012 09:13:13 -0500
Subject: cache and mobile video playback
Message-ID: <EDF712D1448C42C48E0D73AC54A803C5@funciton.com>

Hello,

We are using nginx as a load balancer for mp4 videos. Everything works perfectly but we started having issues with mobile video playback.

Somehow the video, after it's stored on the nginx cache, can't be played back on mobiles. Has anyone come across this?

Any hints would be much appreciated.

thanks.

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120621/7332a7c6/attachment.html>

From nginx-forum at nginx.us  Thu Jun 21 14:17:53 2012
From: nginx-forum at nginx.us (umar)
Date: Thu, 21 Jun 2012 10:17:53 -0400 (EDT)
Subject: json files download
In-Reply-To: <6DB96359FCE24B2E8FEF3704724E724E@DD21>
References: <6DB96359FCE24B2E8FEF3704724E724E@DD21>
Message-ID: <a85af3271eca368cdeb53b5fb1281134.NginxMailingListEnglish@forum.nginx.org>

Hi guys,

thanks alot its fixed,

Best Regards,

Umar

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227766,227771#msg-227771


From mdounin at mdounin.ru  Thu Jun 21 14:18:01 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 21 Jun 2012 18:18:01 +0400
Subject: nginx 1.2.1 won't start with large CRL
In-Reply-To: <CC089BCE.24206%hoffman_brian@bah.com>
References: <CC089BCE.24206%hoffman_brian@bah.com>
Message-ID: <20120621141801.GL31671@mdounin.ru>

Hello!

On Thu, Jun 21, 2012 at 01:36:27PM +0000, Hoffman, Brian [USA] wrote:

> 
> I have a CRL loaded into ssl_crl variable in the config file that's about 256MB in size and nginx won't start. I get the following error:
> 
> nginx: [emerg] fork() failed (12: Cannot allocate memory)
> 
> I believe this is due to nginx trying to load the file into memory and it's bombing. It maxes out my server's RAM and then just crashes.

I would rather rewrite the subject as "nginx won't start if there 
isn't enough memory".  It won't.  Try adding more memory and/or 
find a way to keep your CRL small.

Maxim Dounin


From markus.jelsma at openindex.io  Thu Jun 21 15:24:50 2012
From: markus.jelsma at openindex.io (=?utf-8?Q?Markus_Jelsma?=)
Date: Thu, 21 Jun 2012 15:24:50 +0000
Subject: geo-ip latency, or lazy load variables
Message-ID: <zarafa.4fe33cc2.2272.7d82b89743601066@mail.openindex.io>

Hi,

We are testing the Geo-IP module with the city and country databases and noticed a decrease in performance for all locations on the server. It seems that whenever the geoip_country and geoip_city directives are specified the module looks up the geo variables for the IP address even if the variables are not used inside the location. We did the simplest test with Apache Bench against two identical servers on a location that doesn't use the geo variables. One server has the geo databases loaded and the other has them commented out.

We did several tests, here are the averages for a few thousand HTTP requests with concurrency level 30:

Without geo databases loaded:
Time per request:       12.260 [ms]
Requests per second:    2446.91 [#/sec]

With geo databases loaded:
Time per request:       35.352 [ms]
Requests per second:    848.60 [#/sec]

Is it possible to lazy lookup the values for the geo variables when they are requested? 

Thanks,
Markus


From pchychi at gmail.com  Thu Jun 21 15:27:19 2012
From: pchychi at gmail.com (Payam Chychi)
Date: Thu, 21 Jun 2012 10:27:19 -0500
Subject: geo-ip latency, or lazy load variables
In-Reply-To: <zarafa.4fe33cc2.2272.7d82b89743601066@mail.openindex.io>
References: <zarafa.4fe33cc2.2272.7d82b89743601066@mail.openindex.io>
Message-ID: <4FE33D57.80403@gmail.com>

Hey Markus,

How does your config look like? I recall the geoip module costing more 
depending on how the configuration is designed

Thanks,
Payam




On 12-06-21 10:24 AM, Markus Jelsma wrote:
> Hi,
>
> We are testing the Geo-IP module with the city and country databases and noticed a decrease in performance for all locations on the server. It seems that whenever the geoip_country and geoip_city directives are specified the module looks up the geo variables for the IP address even if the variables are not used inside the location. We did the simplest test with Apache Bench against two identical servers on a location that doesn't use the geo variables. One server has the geo databases loaded and the other has them commented out.
>
> We did several tests, here are the averages for a few thousand HTTP requests with concurrency level 30:
>
> Without geo databases loaded:
> Time per request:       12.260 [ms]
> Requests per second:    2446.91 [#/sec]
>
> With geo databases loaded:
> Time per request:       35.352 [ms]
> Requests per second:    848.60 [#/sec]
>
> Is it possible to lazy lookup the values for the geo variables when they are requested?
>
> Thanks,
> Markus
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From markus.jelsma at openindex.io  Thu Jun 21 15:35:11 2012
From: markus.jelsma at openindex.io (=?utf-8?Q?Markus_Jelsma?=)
Date: Thu, 21 Jun 2012 15:35:11 +0000
Subject: geo-ip latency, or lazy load variables
In-Reply-To: <4FE33D57.80403@gmail.com>
References: <4FE33D57.80403@gmail.com>
Message-ID: <zarafa.4fe33f2f.2727.2da6bb320bd9a574@mail.openindex.io>

Hello Payam,

Our configuration is quitelarge and consists of several includes for servers and maps. Could you perhaps be more specific so i can confirm whether our config is designed so the module is more costly? And do you happen to know a work-around or solution for this case?

We have the following modules enabled and disabled:

--with-http_stub_status_module \
--with-http_geoip_module \
--with-http_ssl_module \
--without-http_autoindex_module \
--without-http_browser_module \
--without-http_uwsgi_module \
--without-http_userid_module \
--without-http_upstream_ip_hash_module \
--without-http_split_clients_module \
--without-http_scgi_module \
--without-http_empty_gif_module \
--without-http_geo_module \
--without-http_memcached_module \
--add-module=../modules/agentzh-chunkin-nginx-module-85eca98 \
--add-module=../modules/agentzh-headers-more-nginx-module-3580526 \
--add-module=../modules/simpl-ngx_devel_kit-24202b4 \
--add-module=../modules/agentzh-set-misc-nginx-module-e6a54ab \
--add-module=../modules/gnosek-nginx-upstream-fair-5f6a3b7 \
--add-module=../modules/cep21-healthcheck_nginx_upstreams-16d6ae7 \
--add-module=../modules/agentzh-echo-nginx-module-080c0a1

Thanks,
Markus

 
 
-----Original message-----
> From:Payam Chychi <pchychi at gmail.com>
> Sent: Thu 21-Jun-2012 17:28
> To: nginx at nginx.org
> Subject: Re: geo-ip latency, or lazy load variables
> 
> Hey Markus,
> 
> How does your config look like? I recall the geoip module costing more 
> depending on how the configuration is designed
> 
> Thanks,
> Payam
> 
> 
> 
> 
> On 12-06-21 10:24 AM, Markus Jelsma wrote:
> > Hi,
> >
> > We are testing the Geo-IP module with the city and country databases and noticed a decrease in performance for all locations on the server. It seems that whenever the geoip_country and geoip_city directives are specified the module looks up the geo variables for the IP address even if the variables are not used inside the location. We did the simplest test with Apache Bench against two identical servers on a location that doesn't use the geo variables. One server has the geo databases loaded and the other has them commented out.
> >
> > We did several tests, here are the averages for a few thousand HTTP requests with concurrency level 30:
> >
> > Without geo databases loaded:
> > Time per request:       12.260 [ms]
> > Requests per second:    2446.91 [#/sec]
> >
> > With geo databases loaded:
> > Time per request:       35.352 [ms]
> > Requests per second:    848.60 [#/sec]
> >
> > Is it possible to lazy lookup the values for the geo variables when they are requested?
> >
> > Thanks,
> > Markus
> >
> > _______________________________________________
> > nginx mailing list
> > nginx at nginx.org
> > http://mailman.nginx.org/mailman/listinfo/nginx
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
> 


From mdounin at mdounin.ru  Thu Jun 21 15:58:56 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 21 Jun 2012 19:58:56 +0400
Subject: geo-ip latency, or lazy load variables
In-Reply-To: <zarafa.4fe33cc2.2272.7d82b89743601066@mail.openindex.io>
References: <zarafa.4fe33cc2.2272.7d82b89743601066@mail.openindex.io>
Message-ID: <20120621155856.GM31671@mdounin.ru>

Hello!

On Thu, Jun 21, 2012 at 03:24:50PM +0000, Markus Jelsma wrote:

> Hi,
> 
> We are testing the Geo-IP module with the city and country databases and noticed a decrease in performance for all locations on the server. It seems that whenever the geoip_country and geoip_city directives are specified the module looks up the geo variables for the IP address even if the variables are not used inside the location. We did the simplest test with Apache Bench against two identical servers on a location that doesn't use the geo variables. One server has the geo databases loaded and the other has them commented out.
> 
> We did several tests, here are the averages for a few thousand HTTP requests with concurrency level 30:
> 
> Without geo databases loaded:
> Time per request:       12.260 [ms]
> Requests per second:    2446.91 [#/sec]
> 
> With geo databases loaded:
> Time per request:       35.352 [ms]
> Requests per second:    848.60 [#/sec]
> 
> Is it possible to lazy lookup the values for the geo variables when they are requested? 

Geoip module variables are looked up in a database only when 
actually used.

Maxim Dounin


From markus.jelsma at openindex.io  Thu Jun 21 16:50:14 2012
From: markus.jelsma at openindex.io (=?utf-8?Q?Markus_Jelsma?=)
Date: Thu, 21 Jun 2012 16:50:14 +0000
Subject: geo-ip latency, or lazy load variables
In-Reply-To: <20120621155856.GM31671@mdounin.ru>
References: <20120621155856.GM31671@mdounin.ru>
Message-ID: <zarafa.4fe350c6.3e5f.222a86af5cd7f16d@mail.openindex.io>

Maxim,

After i read your e-mail i tested again and there was a clear difference in performance but more repeated tests showed no difference in performance at all.  Something else must be acting up.

Thanks,
Markus
 
 
-----Original message-----
> From:Maxim Dounin <mdounin at mdounin.ru>
> Sent: Thu 21-Jun-2012 17:59
> To: nginx at nginx.org
> Subject: Re: geo-ip latency, or lazy load variables
> 
> Hello!
> 
> On Thu, Jun 21, 2012 at 03:24:50PM +0000, Markus Jelsma wrote:
> 
> > Hi,
> > 
> > We are testing the Geo-IP module with the city and country databases and noticed a decrease in performance for all locations on the server. It seems that whenever the geoip_country and geoip_city directives are specified the module looks up the geo variables for the IP address even if the variables are not used inside the location. We did the simplest test with Apache Bench against two identical servers on a location that doesn't use the geo variables. One server has the geo databases loaded and the other has them commented out.
> > 
> > We did several tests, here are the averages for a few thousand HTTP requests with concurrency level 30:
> > 
> > Without geo databases loaded:
> > Time per request:       12.260 [ms]
> > Requests per second:    2446.91 [#/sec]
> > 
> > With geo databases loaded:
> > Time per request:       35.352 [ms]
> > Requests per second:    848.60 [#/sec]
> > 
> > Is it possible to lazy lookup the values for the geo variables when they are requested? 
> 
> Geoip module variables are looked up in a database only when 
> actually used.
> 
> Maxim Dounin
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
> 


From nginx-forum at nginx.us  Thu Jun 21 17:06:42 2012
From: nginx-forum at nginx.us (masterkain)
Date: Thu, 21 Jun 2012 13:06:42 -0400 (EDT)
Subject: proxy_pass destination set by request custom header
Message-ID: <726169c19f535895c338878e91713b29.NginxMailingListEnglish@forum.nginx.org>

Hello,

  location ~ ^/api/v(\d)/foo/bar/(.*) {
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
    proxy_redirect   off;
    proxy_max_temp_file_size 0;
    proxy_pass
http://$http_x_destination_host:$http_x_destination_port/$uri;
  }

What I'm looking for is to have X-Destination-Host and
X-Destination-Port contaning the exact host where to proxy_pass.
Since currently it doesn't seem to get picked up I would like to ask if
is this appear correct (not counting security implications).

Thanks.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227781,227781#msg-227781


From nginx-forum at nginx.us  Thu Jun 21 18:19:16 2012
From: nginx-forum at nginx.us (chrislovecnm)
Date: Thu, 21 Jun 2012 14:19:16 -0400 (EDT)
Subject: intermittent proxy_pass error - body shows headers
Message-ID: <fe98fd5da4746c7969d944f522362cab.NginxMailingListEnglish@forum.nginx.org>

Hi all

First kudos to all of the maintainers of modules and the nginx team. 
Great product guys!!

I am getting an intermittent error where the headers of a 302 redirect
are being shown as the body in the browser.  The connect sits for a long
time and then this is show in the browser

0

HTTP/1.1 302 Moved Temporarily
Server: nginx/1.2.1
Date: Thu, 21 Jun 2012 18:09:04 GMT
Content-Length: 0
Connection: keep-alive
Keep-Alive: timeout=20
Location: https://www.myurlthatworls.com/someotherstuff?params

Ideas? config:

location /mylocation {
                        proxy_pass         https://localhost:9191;
                        proxy_redirect     off;

                        proxy_set_header   Host             $host;
                        proxy_set_header   X-Real-IP       
$remote_addr;
                        proxy_set_header   X-Forwarded-For 
$proxy_add_x_forwarded_for;
                        proxy_pass_request_headers on;

                        client_max_body_size       10m;
                        client_body_buffer_size    128k;

                        proxy_connect_timeout      90;
                        proxy_send_timeout         90;
                        proxy_read_timeout         90;

                        proxy_buffer_size          4k;
                        proxy_buffers              4 32k;
                        proxy_busy_buffers_size    64k;
                        proxy_temp_file_write_size 64k;
}


Thanks

Chris

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227783,227783#msg-227783


From nginx-forum at nginx.us  Thu Jun 21 19:25:42 2012
From: nginx-forum at nginx.us (chrislovecnm)
Date: Thu, 21 Jun 2012 15:25:42 -0400 (EDT)
Subject: intermittent proxy_pass error - body shows headers
In-Reply-To: <fe98fd5da4746c7969d944f522362cab.NginxMailingListEnglish@forum.nginx.org>
References: <fe98fd5da4746c7969d944f522362cab.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <04db7796757be3e7c0c74c467a746a4f.NginxMailingListEnglish@forum.nginx.org>

Also the 302 is being reported in the browser as a 200.

I have compiled nginx with debug and I am getting:


2012/06/21 19:16:48 [debug] 6674#0: *3 http proxy status 302 "302 Moved
Temporarily"
2012/06/21 19:16:48 [debug] 6674#0: *3 http proxy header: "Server:
Apache-Coyote/1.1"
2012/06/21 19:16:48 [debug] 6674#0: *3 http proxy header: "Location:
https://localhostthatworks/foo?bar=2818fe22-51f9-4c68-87e7-7e8dca210293"
2012/06/21 19:16:48 [debug] 6674#0: *3 http proxy header:
"Content-Length: 0"
2012/06/21 19:16:48 [debug] 6674#0: *3 http proxy header: "Date: Thu, 21
Jun 2012 19:16:48 GMT"
2012/06/21 19:16:48 [debug] 6674#0: *3 http proxy header: "Connection:
close"
2012/06/21 19:16:48 [debug] 6674#0: *3 http proxy header done
2012/06/21 19:16:48 [debug] 6674#0: *3 HTTP/1.1 302 Moved Temporarily^M
Server: nginx/1.2.1^M
Date: Thu, 21 Jun 2012 19:16:48 GMT^M
Content-Length: 0^M
Connection: keep-alive^M
Keep-Alive: timeout=20^M
Location:
https://myurlsthatworks.com/foo?bar=2818fe22-51f9-4c68-87e7-7e8dca210293^M

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227783,227784#msg-227784


From nginx-forum at nginx.us  Thu Jun 21 19:58:51 2012
From: nginx-forum at nginx.us (chrislovecnm)
Date: Thu, 21 Jun 2012 15:58:51 -0400 (EDT)
Subject: intermittent proxy_pass error - body shows headers
In-Reply-To: <fe98fd5da4746c7969d944f522362cab.NginxMailingListEnglish@forum.nginx.org>
References: <fe98fd5da4746c7969d944f522362cab.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <f9fcfaeacec5fdb347431981ef20ed0f.NginxMailingListEnglish@forum.nginx.org>

kolbyjack on irc helped me figure this out.  The preceding call did not
return any data correctly, and thus a 0\ was stuck in the buffer. Fixed
the call before the post and voila!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227783,227785#msg-227785


From cmfileds at gmail.com  Thu Jun 21 21:55:48 2012
From: cmfileds at gmail.com (CM Fields)
Date: Thu, 21 Jun 2012 17:55:48 -0400
Subject: limit_req_zone to sleep instead of an error 504 or 404
Message-ID: <CAHxQ+CrzAbcyLB=gixzSBVX8NDDAs3dA7FQ7ZUanAhLmJALtxg@mail.gmail.com>

I would like to propose to replace the error code "limit_req_zone" sends back
to a user with a simple sleep statement instead.


I am using limit_req_zone on some production servers to limit the amount of
downloads each ip can execute over time. "fastcgi_param" is used to execute
an external fastcgi script to deliver the data to the client from a
back end cluster.

Users are accessing the nginx front end using automated scripts and accessing
data without problem as long as they stay below our limit_req_zone value of 200
requests per 60 seconds.

When they hit the limit_req_zone value the clients are being limited correctly
and being delayed until their requests per minute goes below the
specified value.

My issue is when a user hits the limit an error 503 (for local files) or an
error 404 (for fastcgi scripts) is sent back to the user. The error
503 is documented
on the nginx site and expected as "service unavailable". The error 404
for fastcgi is
not mentioned and took some trial and error to figure out why it was
in the logs.

For those interested, here is a sanitized copy of the error.log. The
client does a
head request and has exceeded 200 req/min by 0.094 req/min. At this
point I would
imagine a 503 would be sent back to the client. Instead, the second error line
shows nginx trying to look for the URI on the local file system. The problem is
file.bz2 is the file the fastcgi script would serve out and is _not_ a
local file in
htdocs. The script is really located at /disk/web/cgi/getter .

Here is the nginx.conf for getting a file through the fast cgi method:

limit_req_zone  $binary_remote_addr  zone=one:10m   rate=30r/m;

root /disk/web/htdocs;
limit_req   zone=one  burst=100 nodelay;

     location ~* ^/script/[\w.-]+$ {
             gzip off;
             fastcgi_max_temp_file_size 0;
             fastcgi_split_path_info ^((?U).+script)(/?.+)$;
             fastcgi_intercept_errors on; #<--------
             fastcgi_pass unix:/var/run/fcgiwrap.socket;
             include /usr/local/nginx/conf/fastcgi_params;
             fastcgi_param DOCUMENT_ROOT $document_root;
             fastcgi_param PATH_INFO $fastcgi_path_info;
             fastcgi_param SCRIPT_NAME /cgi/getter;
             fastcgi_param SCRIPT_FILENAME /disk/web/cgi/getter;
     }

2012/06/21 15:04:43 [error] 19685#0: *11354 limiting requests, excess:
200.094 by zone "one", client: 128.x.x.x, server: ourserver, request:
"HEAD /cgi/getter/file.bz2 HTTP/1.1", host: "ourserver"

2012/06/21 15:04:53 [error] 19685#0: *11354 open()
"/disk/web/htdocs/cgi/getter/file.bz2" failed (2: No such file or
directory), client: 128.x.x.x, server: ourserver, request: "HEAD
/cgi/getter/file.bz2 HTTP/1.1", host: "ourserver"

Sending back an error 404 (File not found) for a file that does exist through
an external script causes a lot of confusion to the user. This is may be just
a unforeseen coding issue though.

I propose a better situation is to limit users, but when they hit the predefined
limit_req_zone value have the options to sleep for a few seconds, check if
they are under the request limit and then complete the original request. A
simple delay in responding to the client, similar to Maxim's ngx_http_delay,
would be invaluable.

Perhaps adding an option to the limit_req_zone directive would be good.

limit_req_zone  $binary_remote_addr  zone=one:10m   rate=30r/m; error=2sec
 (or if you want to send an error)
limit_req_zone  $binary_remote_addr  zone=one:10m   rate=30r/m; error=504

Another idea is for limit_req_zone to trigger an unused error code (12345) and
allow the nginx config to trap it. This way the admin could delay the response
or even send back an error.

error_page 12345 @abuse
   location /abuse {
            delay 5s;
   }

I am going to look in the nginx source for where nginx is sending the 504 for
limit_req_zone from. If anyone has any other ideas I would be happy to hear
them and very open to suggestions.


From nginx-forum at nginx.us  Thu Jun 21 22:45:32 2012
From: nginx-forum at nginx.us (amodpandey)
Date: Thu, 21 Jun 2012 18:45:32 -0400 (EDT)
Subject: proxy_cache not working for me
Message-ID: <6710686ae1763a0d618b69d9aa1be552.NginxMailingListEnglish@forum.nginx.org>

http {

  proxy_cache_path        /dev/shm/cache/nginx/ levels=1:2
keys_zone=cache:30m inactive=1d  max_size=500M;
  proxy_temp_path         /dev/shm/cache/nginx/tmp 1 2;
  proxy_cache_key         "$scheme$request_method$request_uri";

server {
 ..

   location /  {
      add_header X-Cache-Status $upstream_cache_status;
      proxy_pass            $scheme://default;
      proxy_cache           cache;
      proxy_cache_valid     200      30m;
      proxy_cache_min_uses  1;
      proxy_ignore_headers  "Expires" "Cache-Control";
      proxy_cache_use_stale error  timeout invalid_header http_500;
    }

----

I am always getting a MISS. nginx 1.2.1

Response Header

Cache-Control:no-store, no-cache, must-revalidate, post-check=0,
pre-check=0
Connection:keep-alive
Content-Encoding:gzip
Content-Type:application/json
Date:Thu, 21 Jun 2012 22:37:26 GMT
Expires:Mon, 26 Jul 1997 05:00:00 GMT
Pragma:no-cache
Server:nginx
Transfer-Encoding:chunked
Vary:Accept-Encoding, Accept-Encoding
X-Cache-Status:MISS
X-Powered-By:PHP/5.3.6

Similar setting has worked for me on another set up! Could someone helpe
me with some pointers.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227796,227796#msg-227796


From nginx-forum at nginx.us  Thu Jun 21 23:49:15 2012
From: nginx-forum at nginx.us (munkhabi)
Date: Thu, 21 Jun 2012 19:49:15 -0400 (EDT)
Subject: Module which adds new upstream host and port
Message-ID: <a592eed932f4262655b6a1f5b6056938.NginxMailingListEnglish@forum.nginx.org>

Module which adds new upstream host and port to pool. How it should be
done?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227797,227797#msg-227797


From nginx-forum at nginx.us  Thu Jun 21 23:51:14 2012
From: nginx-forum at nginx.us (amodpandey)
Date: Thu, 21 Jun 2012 19:51:14 -0400 (EDT)
Subject: CLOSED proxy_cache not working for me
In-Reply-To: <6710686ae1763a0d618b69d9aa1be552.NginxMailingListEnglish@forum.nginx.org>
References: <6710686ae1763a0d618b69d9aa1be552.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <fbc2e369bf01ea8825a5fe8acf61490a.NginxMailingListEnglish@forum.nginx.org>

Somewhere in the configuration there was 

proxy_buffering         off

:)

I commented it and it started working.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227796,227798#msg-227798


From cmfileds at gmail.com  Fri Jun 22 00:55:02 2012
From: cmfileds at gmail.com (CM Fields)
Date: Thu, 21 Jun 2012 20:55:02 -0400
Subject: limit_req_zone to sleep instead of an error 504 or 404
In-Reply-To: <CAHxQ+CrzAbcyLB=gixzSBVX8NDDAs3dA7FQ7ZUanAhLmJALtxg@mail.gmail.com>
References: <CAHxQ+CrzAbcyLB=gixzSBVX8NDDAs3dA7FQ7ZUanAhLmJALtxg@mail.gmail.com>
Message-ID: <CAHxQ+CoBTGC-OZN9LHukTG6WxBfB1m5Xc9MJVuU3wH=-gM1YzA@mail.gmail.com>

Please disregard my previous email.

The issue was on my side when I setup error_page with a delay, but
then forgot to setup the proper error response.

On Thu, Jun 21, 2012 at 5:55 PM, CM Fields <cmfileds at gmail.com> wrote:
> I would like to propose to replace the error code "limit_req_zone" sends back
> to a user with a simple sleep statement instead.
>
>
> I am using limit_req_zone on some production servers to limit the amount of
> downloads each ip can execute over time. "fastcgi_param" is used to execute
> an external fastcgi script to deliver the data to the client from a
> back end cluster.
>
> Users are accessing the nginx front end using automated scripts and accessing
> data without problem as long as they stay below our limit_req_zone value of 200
> requests per 60 seconds.
>
> When they hit the limit_req_zone value the clients are being limited correctly
> and being delayed until their requests per minute goes below the
> specified value.
>
> My issue is when a user hits the limit an error 503 (for local files) or an
> error 404 (for fastcgi scripts) is sent back to the user. The error
> 503 is documented
> on the nginx site and expected as "service unavailable". The error 404
> for fastcgi is
> not mentioned and took some trial and error to figure out why it was
> in the logs.
>
> For those interested, here is a sanitized copy of the error.log. The
> client does a
> head request and has exceeded 200 req/min by 0.094 req/min. At this
> point I would
> imagine a 503 would be sent back to the client. Instead, the second error line
> shows nginx trying to look for the URI on the local file system. The problem is
> file.bz2 is the file the fastcgi script would serve out and is _not_ a
> local file in
> htdocs. The script is really located at /disk/web/cgi/getter .
>
> Here is the nginx.conf for getting a file through the fast cgi method:
>
> limit_req_zone ?$binary_remote_addr ?zone=one:10m ? rate=30r/m;
>
> root /disk/web/htdocs;
> limit_req ? zone=one ?burst=100 nodelay;
>
> ? ? location ~* ^/script/[\w.-]+$ {
> ? ? ? ? ? ? gzip off;
> ? ? ? ? ? ? fastcgi_max_temp_file_size 0;
> ? ? ? ? ? ? fastcgi_split_path_info ^((?U).+script)(/?.+)$;
> ? ? ? ? ? ? fastcgi_intercept_errors on; #<--------
> ? ? ? ? ? ? fastcgi_pass unix:/var/run/fcgiwrap.socket;
> ? ? ? ? ? ? include /usr/local/nginx/conf/fastcgi_params;
> ? ? ? ? ? ? fastcgi_param DOCUMENT_ROOT $document_root;
> ? ? ? ? ? ? fastcgi_param PATH_INFO $fastcgi_path_info;
> ? ? ? ? ? ? fastcgi_param SCRIPT_NAME /cgi/getter;
> ? ? ? ? ? ? fastcgi_param SCRIPT_FILENAME /disk/web/cgi/getter;
> ? ? }
>
> 2012/06/21 15:04:43 [error] 19685#0: *11354 limiting requests, excess:
> 200.094 by zone "one", client: 128.x.x.x, server: ourserver, request:
> "HEAD /cgi/getter/file.bz2 HTTP/1.1", host: "ourserver"
>
> 2012/06/21 15:04:53 [error] 19685#0: *11354 open()
> "/disk/web/htdocs/cgi/getter/file.bz2" failed (2: No such file or
> directory), client: 128.x.x.x, server: ourserver, request: "HEAD
> /cgi/getter/file.bz2 HTTP/1.1", host: "ourserver"
>
> Sending back an error 404 (File not found) for a file that does exist through
> an external script causes a lot of confusion to the user. This is may be just
> a unforeseen coding issue though.
>
> I propose a better situation is to limit users, but when they hit the predefined
> limit_req_zone value have the options to sleep for a few seconds, check if
> they are under the request limit and then complete the original request. A
> simple delay in responding to the client, similar to Maxim's ngx_http_delay,
> would be invaluable.
>
> Perhaps adding an option to the limit_req_zone directive would be good.
>
> limit_req_zone ?$binary_remote_addr ?zone=one:10m ? rate=30r/m; error=2sec
> ?(or if you want to send an error)
> limit_req_zone ?$binary_remote_addr ?zone=one:10m ? rate=30r/m; error=504
>
> Another idea is for limit_req_zone to trigger an unused error code (12345) and
> allow the nginx config to trap it. This way the admin could delay the response
> or even send back an error.
>
> error_page 12345 @abuse
> ? location /abuse {
> ? ? ? ? ? ?delay 5s;
> ? }
>
> I am going to look in the nginx source for where nginx is sending the 504 for
> limit_req_zone from. If anyone has any other ideas I would be happy to hear
> them and very open to suggestions.


From nginx-forum at nginx.us  Fri Jun 22 09:51:46 2012
From: nginx-forum at nginx.us (andreabenini)
Date: Fri, 22 Jun 2012 05:51:46 -0400 (EDT)
Subject: TCP Socket TIME_WAIT problem
Message-ID: <329236eb2d21a176954caa2ef679e639.NginxMailingListEnglish@forum.nginx.org>

Hi folks,
I'm deeply testing NGINX to understand boundaries and limits because I'd
like to create a webservice for an high performance application in our
LAN. I'm currently running NGINX 1.2.1 on Linux and I'm just serving a
static webpage ("<html><body>Hello World</body></html>") to see
performances. This website is accessed on localhost from a dummy bash
script:
#!/bin/bash
for i in {0..50000}; do
    echo $i
    wget http://127.0.0.1/test.html  -q -O - >> /dev/null
done

In other terminals I'm monitoring sockets and their status ( netstat -an
|grep WAIT|wc -l )
When I run the bash script I can see no troubles until I reach 28233
TIME_WAIT connections, then it freezes for a while until some TIME_WAIT
connections are closed. Performances are ok until I reach this limit,
then everything is frozen for a while until TCP time_wait connections
are disposed
After few researches with google I've found these info:
http://developerweb.net/viewtopic.php?id=2941
http://developerweb.net/viewtopic.php?id=2982

I'm running tests on a pretty fast machine: Intel core i7 with 8Gb RAM
and a Gentoo Linux OS with kernel 3.12, is there a way to get a rid of
this limit ? I'll post here my nginx.conf but please let me know if you
need more info or config files

user nginx nginx;
worker_processes 1;
error_log /var/log/nginx/error_log info;
events {
	worker_connections 1024;
	use epoll;
}
http {
	include /etc/nginx/mime.types;
	default_type application/octet-stream;
	log_format main
		'$remote_addr - $remote_user [$time_local] '
		'"$request" $status $bytes_sent '
		'"$http_referer" "$http_user_agent" '
		'"$gzip_ratio"';
	client_header_timeout 10m;
	client_body_timeout 10m;
	send_timeout 10m;
	connection_pool_size 256;
	client_header_buffer_size 1k;
	large_client_header_buffers 4 2k;
	request_pool_size 4k;
	gzip on;
	gzip_min_length 1100;
	gzip_buffers 4 8k;
	gzip_types text/plain;
	output_buffers 1 32k;
	postpone_output 1460;
	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 75 20;
	ignore_invalid_headers on;
	index index.php index.html;
	server {
		listen 127.0.0.1;
		server_name localhost;
		root /var/www/localhost/htdocs;
                location ~ .*.php$ {
                    include /etc/nginx/fastcgi.conf;
                    fastcgi_pass  127.0.0.1:1234;
                    fastcgi_index index.php;
                }
	}
}

Thanks in advance for your reply
Ben

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227804,227804#msg-227804


From mdounin at mdounin.ru  Fri Jun 22 11:15:20 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 22 Jun 2012 15:15:20 +0400
Subject: TCP Socket TIME_WAIT problem
In-Reply-To: <329236eb2d21a176954caa2ef679e639.NginxMailingListEnglish@forum.nginx.org>
References: <329236eb2d21a176954caa2ef679e639.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120622111520.GT31671@mdounin.ru>

Hello!

On Fri, Jun 22, 2012 at 05:51:46AM -0400, andreabenini wrote:

> Hi folks,
> I'm deeply testing NGINX to understand boundaries and limits because I'd
> like to create a webservice for an high performance application in our
> LAN. I'm currently running NGINX 1.2.1 on Linux and I'm just serving a
> static webpage ("<html><body>Hello World</body></html>") to see
> performances. This website is accessed on localhost from a dummy bash
> script:
> #!/bin/bash
> for i in {0..50000}; do
>     echo $i
>     wget http://127.0.0.1/test.html  -q -O - >> /dev/null
> done
> 
> In other terminals I'm monitoring sockets and their status ( netstat -an
> |grep WAIT|wc -l )
> When I run the bash script I can see no troubles until I reach 28233
> TIME_WAIT connections, then it freezes for a while until some TIME_WAIT
> connections are closed. Performances are ok until I reach this limit,
> then everything is frozen for a while until TCP time_wait connections
> are disposed
> After few researches with google I've found these info:
> http://developerweb.net/viewtopic.php?id=2941
> http://developerweb.net/viewtopic.php?id=2982
> 
> I'm running tests on a pretty fast machine: Intel core i7 with 8Gb RAM
> and a Gentoo Linux OS with kernel 3.12, is there a way to get a rid of
> this limit ? I'll post here my nginx.conf but please let me know if you
> need more info or config files

The problem you've hit is local port exhaustion on client side due 
sockets in TIME_WAIT state.  Possible solutions are:

1) Add more client local ports.  Trivial way to do so is to add 
more clients (or, rather, client IPs).  You may also tune 
single client to use wider local port range 
(/proc/sys/net/ipv4/ip_local_port_range on linux), though it's 
limited to 64k anyway.

2) Configure your system to reuse/recycle timewait sockets 
(tcp_tw_reuse, tcp_tw_recycle in the same /proc/ directory on 
Linux).

3) Reduce MSL as used on your system (no idea if it's tunable on 
Linux), this will cause TIME_WAIT sockets to expire faster.

Maxim Dounin


From agentzh at gmail.com  Fri Jun 22 15:17:33 2012
From: agentzh at gmail.com (agentzh)
Date: Fri, 22 Jun 2012 23:17:33 +0800
Subject: [ANN] ngx_openresty devel version 1.2.1.1 released
In-Reply-To: <CAB4Tn6PBFi0zjXBxC9xaC4QRbH3b-t_q5KcMpxT5CCaViWDjuA@mail.gmail.com>
References: <CAB4Tn6PBFi0zjXBxC9xaC4QRbH3b-t_q5KcMpxT5CCaViWDjuA@mail.gmail.com>
Message-ID: <CAB4Tn6MAqw9GD4CWjA_Qi84kGSM9rWkKWxgmVB99AcfjKmrQjg@mail.gmail.com>

Hello!

After about one week's active development, the new development version of
ngx_openresty, 1.2.1.1, is now released:

??? http://openresty.org/#Download

Below is the change log for this release, as compared to the last release,
1.0.15.11:

 *   upgraded the Nginx core to 1.2.1.

     *   see the change log: <http://nginx.org/en/CHANGES-1.2>

 *   upgraded LuaNginxModule to 0.5.2.

     *   bugfix: header_filter_by_lua* did not run at all when
         body_filter_by_lua* is defined at the same time. thanks
         Tzury Bar Yochay for reporting this issue.

     *   feature: added the "inclusive" option to the
         cosocket:receiveuntil method to include the delimiter
         pattern string in the resulting data read. thanks Matthieu
         Tourne for the patch.

     *   optimize: merged two successive Nginx pool allocations in
         "ngx_http_lua_socket_resolve_handler" to reduce overhead.

 *   upgraded EchoNginxModule to 0.39.

     *   bugfix: EchoNginxModule's configure directives was not
         inherited automatically by "location if" inner blocks.

     *   bugfix: the old HTTP 1.0 protocol handling was wrong. we
         should leave that to the Nginx core and just output
         responses without a "Content-Length" response header.

     *   bugfix: reading the $echo_it variable outside of the
         echo_foreach_split loop resulted in memory invalid reads and
         hence segfaults; now it is evaluates to the special "not
         found" value. thanks baqs for reporting this.

 *   upgraded PostgresNginxModule to 1.0rc1.

     *   bugfix: memory leak might happen if nginx 1.1.14+ is used
         and (at least) "libpq" fails to connect to the remote
         database.

 *   upgraded the (optional) no-pool patch to the latest version,
     "642ae25".

     *   bugfix: we should postpone freeing the "elts" storage for
         "ngx_array_t" to "ngx_array_destroy" when resizing the array
         because at least the "ngx_rewrite" module stores external
         references to the array elements.

The HTML version of the change log with lots of helpful hyper-links can
be browsed here:

    http://openresty.org/#ChangeLog1002001

Special thanks go to all our contributors and users for helping make this
happen :)

OpenResty (aka. ngx_openresty) is a full-fledged web application server by
bundling the standard Nginx core, lots of 3rd-party Nginx modules, as well
as most of their external dependencies. See OpenResty's homepage for more
details:

??? http://openresty.org/

Enjoy!
-agentzh


From antoine.bonavita at gmail.com  Fri Jun 22 16:34:35 2012
From: antoine.bonavita at gmail.com (Antoine Bonavita)
Date: Fri, 22 Jun 2012 18:34:35 +0200
Subject: cache and mobile video playback
In-Reply-To: <EDF712D1448C42C48E0D73AC54A803C5@funciton.com>
References: <EDF712D1448C42C48E0D73AC54A803C5@funciton.com>
Message-ID: <CA+FsSoJp2n+c-CxxdoqFAwLb=bmq+ZqOM=8ZLkLy5eaD8LCgjg@mail.gmail.com>

Hello,

I don't know if it applies to your situation but I ran into a similar
problem. Details (and patch from Maxim) here:
http://forum.nginx.org/read.php?2,225815

Hope this helps,

Antoine.

On Thu, Jun 21, 2012 at 4:13 PM, Fernando Fl?rez <fernando at funciton.com> wrote:
> Hello,
>
> We are using nginx as a load balancer for mp4 videos. Everything works
> perfectly but we started having issues with mobile video playback.
>
> Somehow the video, after it's stored on the nginx cache, can't be played
> back on mobiles. Has anyone come across this?
>
> Any hints would be much appreciated.
>
> thanks.
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From cmfileds at gmail.com  Fri Jun 22 18:09:06 2012
From: cmfileds at gmail.com (CM Fields)
Date: Fri, 22 Jun 2012 14:09:06 -0400
Subject: delay error 503 code with ngx_http_delay
Message-ID: <CAHxQ+Cr_mcH4kCm-ePGK=MeUmE=Za4zObNxNMX3_KG81wmCEsA@mail.gmail.com>

I would like to add a small delay to error 503 responses back to the
client. Error code 503 is triggered when a client hits the
"limit_req_zone" of 200 requests per minute.

Maxim's ngx_http_delay looks like the right tool but I think my
configuration, or my understand is wrong. I am using the latest
version of Nginx and have built it from source adding in the
ngx_http_delay from the git repo. The build finished without error and
Nginx daemon starts fine.

I am using the following syntax. My understanding is error 503 will be
trapped and sent to the "abuse503" location. In "location @abuse503"
we sleep for 2 seconds and then return a error code 503 to the client.

As a test I execute "wget http://myserver/.test"

# Test -- deny hidden files
location ~ /\. { error_page 404 503 @abuse503; }

error_page 503 @abuse503;
    location @abuse503 {
         delay 2s;
         return 503;
    }

Do I have the syntax correct? Oddly, what I am seeing is a 404 being
returned immediately and not delayed if the file does NOT exist on the
file system.

192.168.0.1 myserver - [22/Jun/2012:13:26:50 -0400] "GET /.test
HTTP/1.1" 404 831 "-" "Wget/1.13.4 (linux-gnu)"
2012/06/22 13:26:50 [error] 4227#0: *60 open()
"/disk/web/htdocs/.test" failed (2: No such file or directory),
client: 192.168.0.1, server: myserver, request: "GET /.test HTTP/1.1",
host: "myserver"

If the file DOES exist a 503 is sent, but no delay.

Thanks for your time.


From nginx-forum at nginx.us  Fri Jun 22 20:59:11 2012
From: nginx-forum at nginx.us (thecrow)
Date: Fri, 22 Jun 2012 16:59:11 -0400 (EDT)
Subject: limit zone nor working
Message-ID: <4ed67bda496165195c18b9136ec18e80.NginxMailingListEnglish@forum.nginx.org>

limit_conn_zone $remote_user zone=peruser:10m; 


limit_conn peruser 1 ;

Not working why?

Thank you

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227812,227812#msg-227812


From liulantao at gmail.com  Sat Jun 23 14:18:41 2012
From: liulantao at gmail.com (Liu Lantao)
Date: Sat, 23 Jun 2012 22:18:41 +0800
Subject: delay error 503 code with ngx_http_delay
In-Reply-To: <CAHxQ+Cr_mcH4kCm-ePGK=MeUmE=Za4zObNxNMX3_KG81wmCEsA@mail.gmail.com>
References: <CAHxQ+Cr_mcH4kCm-ePGK=MeUmE=Za4zObNxNMX3_KG81wmCEsA@mail.gmail.com>
Message-ID: <CAO5q5UK+5t=rnsi9qFFxR7WfiVYkmmCTQWnDU6e=+Tozurag+w@mail.gmail.com>

Maybe the location should be changed, like this:

  location ~ /\/.

Be careful about the slash before the dot(.)

On Saturday, June 23, 2012, CM Fields wrote:

> I would like to add a small delay to error 503 responses back to the
> client. Error code 503 is triggered when a client hits the
> "limit_req_zone" of 200 requests per minute.
>
> Maxim's ngx_http_delay looks like the right tool but I think my
> configuration, or my understand is wrong. I am using the latest
> version of Nginx and have built it from source adding in the
> ngx_http_delay from the git repo. The build finished without error and
> Nginx daemon starts fine.
>
> I am using the following syntax. My understanding is error 503 will be
> trapped and sent to the "abuse503" location. In "location @abuse503"
> we sleep for 2 seconds and then return a error code 503 to the client.
>
> As a test I execute "wget http://myserver/.test"
>
> # Test -- deny hidden files
> location ~ /\. { error_page 404 503 @abuse503; }
>
> error_page 503 @abuse503;
>    location @abuse503 {
>         delay 2s;
>         return 503;
>    }
>
> Do I have the syntax correct? Oddly, what I am seeing is a 404 being
> returned immediately and not delayed if the file does NOT exist on the
> file system.
>
> 192.168.0.1 myserver - [22/Jun/2012:13:26:50 -0400] "GET /.test
> HTTP/1.1" 404 831 "-" "Wget/1.13.4 (linux-gnu)"
> 2012/06/22 13:26:50 [error] 4227#0: *60 open()
> "/disk/web/htdocs/.test" failed (2: No such file or directory),
> client: 192.168.0.1, server: myserver, request: "GET /.test HTTP/1.1",
> host: "myserver"
>
> If the file DOES exist a 503 is sent, but no delay.
>
> Thanks for your time.
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org <javascript:;>
> http://mailman.nginx.org/mailman/listinfo/nginx
>


-- 
Liu Lantao
EMAIL: liulantao ( at ) gmail ( dot ) com ;
WEBSITE: http://www.liulantao.com/portal .
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120623/72df56c4/attachment.html>

From quintinpar at gmail.com  Sat Jun 23 16:10:10 2012
From: quintinpar at gmail.com (Quintin Par)
Date: Sat, 23 Jun 2012 09:10:10 -0700
Subject: Nginx 404 showing when I configured for a custom 404 page
In-Reply-To: <CACW9FdMt60YzHvNzMFfqW=h_vCdPRJUxjtzx8FVwXsF2Ys8H+A@mail.gmail.com>
References: <CACW9FdOEboS=6+OT=Ut7KcArkbO6eZ8kkAN3hDj0iTmh7v=U+A@mail.gmail.com>
	<20120518094827.GZ31671@mdounin.ru>
	<CACW9FdMt60YzHvNzMFfqW=h_vCdPRJUxjtzx8FVwXsF2Ys8H+A@mail.gmail.com>
Message-ID: <CACW9FdMt-dCt1Wu1zG2Pg9quCtPOeg+Ygbq_Pbsgz5fDzvT=EQ@mail.gmail.com>

Bumping up and old thread.

How can I ensure I don?t set rate limiting for my 404 pages with the
scenario that maxim explained?

My rate limiting is set to the whole site at /
- Quintin


On Thu, May 31, 2012 at 4:16 PM, Quintin Par <quintinpar at gmail.com> wrote:

> Thanks Maxim.
>
> Is there a way I can debug this?
>
> This is for 404 and since there are no errors for 404?s from my hunch this
> should be working. I use static for 500's
>
> Also how do I exclude error pages form limits? Is there a standard
> pattern?  I do rate limiting like this
>
>    limit_req_zone $binary_remote_addr zone=pw:30m rate=20r/m;
>
>         location / {
>
>                     if (-f /var/www/statichtmls/build.html) {
>
>                 return 503;
>
>             }
>
>                     limit_req zone=pw burst=5 nodelay;
>
> for the whole site.
> - Quintin
>
>
>
> On Fri, May 18, 2012 at 2:48 AM, Maxim Dounin <mdounin at mdounin.ru> wrote:
>
>> Hello!
>>
>> On Thu, May 17, 2012 at 04:34:14PM -0700, Quintin Par wrote:
>>
>> > Hi all,
>> >
>> > I have a 404 custom page set like this
>> >
>> >         error_page  404        = @errorpages;
>> >         error_page  500        = @errorpages;
>> >
>> >         location @errorpages {
>> >                     root /var/www/;
>> >                     internal;
>> >                     proxy_pass http://localhost:82;
>>
>> [...]
>>
>> >         }
>> >
>> > But every now and then I am hitting the nginx vanilla 404 pages,
>> especially
>> > when hitting rate limiting.
>> >
>> > How do I close the gaps to ensure I am showing only the custom 404?s ?
>>
>> Most likely you are see double errors with 404 being the last
>> one.  By default nginx returns builtin error page in such cases,
>> unless recursive_error_pages is set.  (And it's not really good
>> idea to change the default unless you understand what are you
>> doing and sure it won't create loops.)
>>
>> I would recommend to
>>
>> a) use static files for error pages;
>>
>> b) make sure no limits are applied to error pages location.
>>
>> Maxim Dounin
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120623/fe173f81/attachment.html>

From nginx-forum at nginx.us  Sun Jun 24 00:23:34 2012
From: nginx-forum at nginx.us (bp1000)
Date: Sat, 23 Jun 2012 20:23:34 -0400 (EDT)
Subject: Help me test and verify my config
Message-ID: <cccb7dbe83f94b3ee98ae4b79e066fc3.NginxMailingListEnglish@forum.nginx.org>

Nginx community, i've recently switched to this awesome software which
has performed admirably under load testing. 

I host a php/mysql driven site that with each page view serves results
from multiple external xml feeds in realtime. Once we have the XML data
we cache results to reduce load. 

I run nginx / php5-fpm / memcache and APC. Site gets > 100,000 searches
per day. Each query takes between 1 and 4 seconds depending on the
search. So as you can imagine the processes don't open and close as
quickly as some more basic php sites. Server load is around 3 average
for a quad core box. So OK... 

But i wanted your expert opinion on how to check, test and verify my
config params for nginx and php5-fpm. I want to be 100% sure i haven't
allocated too many processes. So without pasting my entire config, i
will show just the bits i'm concerned i wish to check with you guys. 


php5-fpm tweaks
Concerns - is max_children / start servers too high? Would they take up
CPU processes wasting resources? 
pm = dynamic
pm.max_children = 30
pm.start_servers = 15
pm.min_spare_servers = 5
pm.max_spare_servers = 30
pm.max_requests = 511
listen.backlog = 1024


Worker_processes 4 
worker_connections 8192


fastcgi_params
Concerns - is my fastcgi_buffers too much? The reason why i set them
high is that each XML result can contain a lot of data. 
fastcgi_connect_timeout 60;
fastcgi_send_timeout 180;
fastcgi_read_timeout 180;
fastcgi_buffer_size 128k;
fastcgi_buffers 256 16k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;


Even under load, memory usage only reaches about 45% so perhaps i'm
wasting an opportunity to cache more things in memory.


Thank you

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227820,227820#msg-227820


From jamesmikedupont at googlemail.com  Sun Jun 24 06:49:11 2012
From: jamesmikedupont at googlemail.com (Mike Dupont)
Date: Sun, 24 Jun 2012 06:49:11 +0000
Subject: Help me test and verify my config
In-Reply-To: <cccb7dbe83f94b3ee98ae4b79e066fc3.NginxMailingListEnglish@forum.nginx.org>
References: <cccb7dbe83f94b3ee98ae4b79e066fc3.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAF0qKV0EnvnE3XcD--yGS0C1Adw12qEpYV+06G-iHUO9Siap6Q@mail.gmail.com>

Ok,
so what is your question?
thanks,
mike

On Sun, Jun 24, 2012 at 12:23 AM, bp1000 <nginx-forum at nginx.us> wrote:
> Nginx community, i've recently switched to this awesome software which
> has performed admirably under load testing.
>
> I host a php/mysql driven site that with each page view serves results
> from multiple external xml feeds in realtime. Once we have the XML data
> we cache results to reduce load.
>
> I run nginx / php5-fpm / memcache and APC. Site gets > 100,000 searches
> per day. Each query takes between 1 and 4 seconds depending on the
> search. So as you can imagine the processes don't open and close as
> quickly as some more basic php sites. Server load is around 3 average
> for a quad core box. So OK...
>
> But i wanted your expert opinion on how to check, test and verify my
> config params for nginx and php5-fpm. I want to be 100% sure i haven't
> allocated too many processes. So without pasting my entire config, i
> will show just the bits i'm concerned i wish to check with you guys.
>
>
> php5-fpm tweaks
> Concerns - is max_children / start servers too high? Would they take up
> CPU processes wasting resources?
> pm = dynamic
> pm.max_children = 30
> pm.start_servers = 15
> pm.min_spare_servers = 5
> pm.max_spare_servers = 30
> pm.max_requests = 511
> listen.backlog = 1024
>
>
> Worker_processes 4
> worker_connections 8192
>
>
> fastcgi_params
> Concerns - is my fastcgi_buffers too much? The reason why i set them
> high is that each XML result can contain a lot of data.
> fastcgi_connect_timeout 60;
> fastcgi_send_timeout 180;
> fastcgi_read_timeout 180;
> fastcgi_buffer_size 128k;
> fastcgi_buffers 256 16k;
> fastcgi_busy_buffers_size 256k;
> fastcgi_temp_file_write_size 256k;
>
>
> Even under load, memory usage only reaches about 45% so perhaps i'm
> wasting an opportunity to cache more things in memory.
>
>
> Thank you
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227820,227820#msg-227820
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx



-- 
James Michael DuPont
Member of Free Libre Open Source Software Kosova http://flossk.org
Contributor FOSM, the CC-BY-SA map of the world http://fosm.org
Mozilla Rep https://reps.mozilla.org/u/h4ck3rm1k3


From lhmwzy at gmail.com  Sun Jun 24 08:54:28 2012
From: lhmwzy at gmail.com (lhmwzy)
Date: Sun, 24 Jun 2012 16:54:28 +0800
Subject: gzip gzip_min_length directives doesn't work in ajax?
Message-ID: <CALL55gg5ZmG2Vd65pj0hCZjoTMQJrQNh=kYVcVBbiW75Wr55GA@mail.gmail.com>

 I have the following conf

http {
...
    gzip on;
    gzip_min_length 1000;
    gzip_buffers 16 64k;
    gzip_http_version 1.1;
    gzip_comp_level 6;
    gzip_types text/plain application/x-javascript text/css application/xml;
    gzip_vary on;
...

I notice that the gzip_min_length 1000; dirctives doesn't word in ajax.

the request header:

Host	10.66.23.99
Accept-Charset	GB2312,utf-8;q=0.7,*;q=0.7
(Request-Line)	GET /luapp/getname?query=dsfds HTTP/1.1
Accept-Encoding	gzip, deflate
Connection	keep-alive
User-Agent	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20100101
Firefox/5.0
Cookie	name=bq0xPMS+HUgGYuV7pB9f9j6l9qhcIdS3fABQDOlgsuY=;
returnurl=/app/images/shadow.png
Accept	text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Language	zh-cn,zh;q=0.5

the response header:
(Status-Line)	HTTP/1.1 200 OK
Connection	keep-alive
Content-Encoding	gzip
Content-Type	text/html; charset=UTF-8
Date	Sun, 24 Jun 2012 08:37:05 GMT
Server	ngx_openresty/1.2.1.1
Transfer-Encoding	chunked
Vary	Accept-Encoding

the url:http://10.66.23.99/luapp/getname?query=dsfds
the return content:
{"query":"dsfds","suggestions":{}}
the size of return content is 35bytes,is smaller than gzip_min_length
in the conf,but it is still gziped,
the gzip resut:text/html; charset=UTF-8 : 35 bytes, gzip compressed to
55 bytes ( -57.1 % saving )

Why?
I'm using nginx 1.2.1


From johannes_graumann at web.de  Sun Jun 24 10:34:07 2012
From: johannes_graumann at web.de (Johannes Graumann)
Date: Sun, 24 Jun 2012 13:34:07 +0300
Subject: Conversion of PHP single machine setup to nginx/php residing on
	different boxes
References: <jqnl96$557$1@dough.gmane.org>
	<20120606133424.GE4719@craic.sysops.org>
	<jqoden$b36$1@dough.gmane.org>
Message-ID: <js6qdk$6ck$1@dough.gmane.org>

Hello Again,

Johannes Graumann wrote:
> Thanks a lot for your pointers, which nudged me in the right direction.
> After also finding http://nginxlibrary.com/resolving-no-input-file-
> specified-error/ I came up with the following, which is working (a
> "info.php" script at the documentroot containing a call to "phpinfo()" is
> rendered properly and the output has "Server API:	CGI/FastCGI"):
> 
>> server {
>> listen   443;
>> server_name  XXX.org XXX;
>> client_max_body_size 40M;
>> # SSL is using CACert credentials
>> ssl  on;
>> ssl_certificate  /etc/ssl/private/cacert.XXX.org.pem;
>> ssl_certificate_key
> /etc/ssl/private/cacert.XXX.org_privatkey.pem;
>> ssl_session_timeout  5m;
>> ssl_protocols  SSLv3 TLSv1;
>> ssl_ciphers  ALL:!ADH:!EXPORT56:!LOW:RC4+RSA:+HIGH:+MEDIUM:
> +SSLv3:+EXP;
>> ssl_prefer_server_ciphers   on;
>> # Proxy the "feng-container" lxc container
>> root    /var/www/;
>> location / {
>> proxy_pass      http://10.10.10.3:80/;
>> index           index.php index.html index.htm;
>> }
>> location ~ \.php$ {
>> fastcgi_pass   10.10.10.3:9000;
>> fastcgi_index  index.php;
>> fastcgi_param  SCRIPT_FILENAME
> $document_root$fastcgi_script_name;
>> include         fastcgi_params;
>> }
>> }

As I wrote, this works fine for a plain "index.php" containing "phpinfo()". 
I now want to use the setup to run fengoffice along the lines of 
http://www.howtoforge.com/how-to-set-up-a-feng-office-suite-web-server-on-
ubuntu-server-10.10 . So I change the above setup to point at root 
"/var/www/www.feng.graumannschaft.org/web/" which is where fenoffice's 
index.php resides on 10.10.10.3. THis however does not work and the browser 
pointed at the urls reports 
>Unable to connect
>Iceweasel can't establish a connection to the server at 10.10.10.3.

I seem to be missing rewriting somewhere, but no prowling the internet has 
given me an answer that will work. Can someone nudge me into the right 
direction (again) how to fix this?

Thanks for any pointers, Joh


From nginx-forum at nginx.us  Sun Jun 24 22:24:01 2012
From: nginx-forum at nginx.us (Xaymar)
Date: Sun, 24 Jun 2012 18:24:01 -0400 (EDT)
Subject: Problem with try files: =404 results in php files being downloaded
	instead of parsed by php
Message-ID: <cf860ae12d0b2538b526bf3b30d9a409.NginxMailingListEnglish@forum.nginx.org>

Hello,

I tried changing my template configuration so that it would show "404
not found" instead of "No input file specified." but to my surprise,
try_files did something completely unpredictable and now I'm stuck with
"No input file specified.". To be exact I tried changin this:
> try_files "$uri" "$uri/" "/index.php";
into this:
> try_files "$uri" "$uri/" "/index.php" =404;
which then resulted in nginx sending the php file as
application-octet-stream, instead of parsing it through the fastcgi
handler. How do I do the above right, if not with the try_files syntax?

My configurations:
/etc/nginx/nginx.conf - http://files.realitybends.de/nginx.conf
/etc/nginx/mime.types - http://files.realitybends.de/mime.types
/etc/nginx/conf.d/default.conf -
http://files.realitybends.de/conf.d/default.conf
/etc/nginx/conf.d/mime.types -
http://files.realitybends.de/conf.d/mime.types
/etc/nginx/inc.d/global.conf -
http://files.realitybends.de/inc.d/global.conf
/etc/nginx/inc.d/php.conf - http://files.realitybends.de/inc.d/php.conf
/etc/nginx/sites-available/realitybends.de -
http://files.realitybends.de/sites-available/realitybends.de
The corresponding line is in /etc/nginx/inc.d/global.conf:
> Line 21:                try_files "$uri" "$uri/" "/index.php";

Thanks in advance,
Xaymar

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227833,227833#msg-227833


From nginx-forum at nginx.us  Mon Jun 25 00:36:51 2012
From: nginx-forum at nginx.us (tonny.young)
Date: Sun, 24 Jun 2012 20:36:51 -0400 (EDT)
Subject: custom Nginx module memleaks problem
In-Reply-To: <CAOKiq2AjH-0Wf_9-VUZPx-aTMvb_bSX-+JwwnQ+YdKWiB5XJPA@mail.gmail.com>
References: <CAOKiq2AjH-0Wf_9-VUZPx-aTMvb_bSX-+JwwnQ+YdKWiB5XJPA@mail.gmail.com>
Message-ID: <bba36308e0e57ce8887244cd4098894c.NginxMailingListEnglish@forum.nginx.org>

Thanks for the suggestions.Can you explain me  how my module "blocks"?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227746,227834#msg-227834


From fernando at funciton.com  Mon Jun 25 02:04:16 2012
From: fernando at funciton.com (=?ISO-8859-1?Q?Fernando_Fl=F3rez?=)
Date: Sun, 24 Jun 2012 21:04:16 -0500
Subject: cache and mobile video playback
In-Reply-To: <CA+FsSoJp2n+c-CxxdoqFAwLb=bmq+ZqOM=8ZLkLy5eaD8LCgjg@mail.gmail.com>
References: <EDF712D1448C42C48E0D73AC54A803C5@funciton.com>
	<CA+FsSoJp2n+c-CxxdoqFAwLb=bmq+ZqOM=8ZLkLy5eaD8LCgjg@mail.gmail.com>
Message-ID: <CAB8ESJHR8CeucG5rYGJYWghv-O7xmy0gAhWY1O3st6pBdU=buw@mail.gmail.com>

Thank you. Just tried applying the patch to nginx 1.2.1 but seems it is
(somehow) already implemented.

We still hit this bug. Any other suggestions?

Thanks a lot!



2012/6/22 Antoine Bonavita <antoine.bonavita at gmail.com>

> Hello,
>
> I don't know if it applies to your situation but I ran into a similar
> problem. Details (and patch from Maxim) here:
> http://forum.nginx.org/read.php?2,225815
>
> Hope this helps,
>
> Antoine.
>
> On Thu, Jun 21, 2012 at 4:13 PM, Fernando Fl?rez <fernando at funciton.com>
> wrote:
> > Hello,
> >
> > We are using nginx as a load balancer for mp4 videos. Everything works
> > perfectly but we started having issues with mobile video playback.
> >
> > Somehow the video, after it's stored on the nginx cache, can't be played
> > back on mobiles. Has anyone come across this?
> >
> > Any hints would be much appreciated.
> >
> > thanks.
> >
> >
> > _______________________________________________
> > nginx mailing list
> > nginx at nginx.org
> > http://mailman.nginx.org/mailman/listinfo/nginx
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120624/d46aa814/attachment.html>

From agentzh at gmail.com  Mon Jun 25 03:26:01 2012
From: agentzh at gmail.com (agentzh)
Date: Mon, 25 Jun 2012 11:26:01 +0800
Subject: custom Nginx module memleaks problem
In-Reply-To: <bba36308e0e57ce8887244cd4098894c.NginxMailingListEnglish@forum.nginx.org>
References: <CAOKiq2AjH-0Wf_9-VUZPx-aTMvb_bSX-+JwwnQ+YdKWiB5XJPA@mail.gmail.com>
	<bba36308e0e57ce8887244cd4098894c.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAB4Tn6Nbx9W=K4hA_1qua3U2jz_OsZwuFLJH2Tj5uBiks5EJNQ@mail.gmail.com>

Hello!

On Mon, Jun 25, 2012 at 8:36 AM, tonny.young <nginx-forum at nginx.us> wrote:
> Thanks for the suggestions.Can you explain me ?how my module "blocks"?
>

All your memcached related calls from within your content handler will
block your nginx worker processes from serving other concurrent
requests, which essentially turns your nginx server into something
like Apache's prefork mpm.

Regards,
-agentzh


From shankar at opendrops.com  Mon Jun 25 04:22:22 2012
From: shankar at opendrops.com (Shankar Dhanasekaran)
Date: Mon, 25 Jun 2012 09:52:22 +0530
Subject: Help me test and verify my config
In-Reply-To: <CAF0qKV0EnvnE3XcD--yGS0C1Adw12qEpYV+06G-iHUO9Siap6Q@mail.gmail.com>
References: <cccb7dbe83f94b3ee98ae4b79e066fc3.NginxMailingListEnglish@forum.nginx.org>
	<CAF0qKV0EnvnE3XcD--yGS0C1Adw12qEpYV+06G-iHUO9Siap6Q@mail.gmail.com>
Message-ID: <4FE7E77E.7090307@opendrops.com>

The question is buried inside the details. It's, I guess, this:

"But i wanted your expert opinion on how to check, test and verify my
config params for nginx and php5-fpm. I want to be 100% sure i haven't
allocated too many processes."


Openly yours,
Shankar Dhanasekaran



Mike Dupont wrote:
> Ok,
> so what is your question?
> thanks,
> mike
>
> On Sun, Jun 24, 2012 at 12:23 AM, bp1000<nginx-forum at nginx.us>  wrote:
>> Nginx community, i've recently switched to this awesome software which
>> has performed admirably under load testing.
>>
>> I host a php/mysql driven site that with each page view serves results
>> from multiple external xml feeds in realtime. Once we have the XML data
>> we cache results to reduce load.
>>
>> I run nginx / php5-fpm / memcache and APC. Site gets>  100,000 searches
>> per day. Each query takes between 1 and 4 seconds depending on the
>> search. So as you can imagine the processes don't open and close as
>> quickly as some more basic php sites. Server load is around 3 average
>> for a quad core box. So OK...
>>
>> But i wanted your expert opinion on how to check, test and verify my
>> config params for nginx and php5-fpm. I want to be 100% sure i haven't
>> allocated too many processes. So without pasting my entire config, i
>> will show just the bits i'm concerned i wish to check with you guys.
>>
>>
>> php5-fpm tweaks
>> Concerns - is max_children / start servers too high? Would they take up
>> CPU processes wasting resources?
>> pm = dynamic
>> pm.max_children = 30
>> pm.start_servers = 15
>> pm.min_spare_servers = 5
>> pm.max_spare_servers = 30
>> pm.max_requests = 511
>> listen.backlog = 1024
>>
>>
>> Worker_processes 4
>> worker_connections 8192
>>
>>
>> fastcgi_params
>> Concerns - is my fastcgi_buffers too much? The reason why i set them
>> high is that each XML result can contain a lot of data.
>> fastcgi_connect_timeout 60;
>> fastcgi_send_timeout 180;
>> fastcgi_read_timeout 180;
>> fastcgi_buffer_size 128k;
>> fastcgi_buffers 256 16k;
>> fastcgi_busy_buffers_size 256k;
>> fastcgi_temp_file_write_size 256k;
>>
>>
>> Even under load, memory usage only reaches about 45% so perhaps i'm
>> wasting an opportunity to cache more things in memory.
>>
>>
>> Thank you
>>
>> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227820,227820#msg-227820
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120625/d20d0132/attachment.html>

From agentzh at gmail.com  Mon Jun 25 04:35:03 2012
From: agentzh at gmail.com (agentzh)
Date: Mon, 25 Jun 2012 12:35:03 +0800
Subject: [ANN] ngx_openresty devel version 1.2.1.3 released
In-Reply-To: <CAB4Tn6MnaY5J0CUqwi5=am+3sDPc3ivNtP=e74W2S77WEnrVOQ@mail.gmail.com>
References: <CAB4Tn6MnaY5J0CUqwi5=am+3sDPc3ivNtP=e74W2S77WEnrVOQ@mail.gmail.com>
Message-ID: <CAB4Tn6MPhuazpFjtx=9P2jV1WB-1BPtVkDmii1YrM01qhWVSXw@mail.gmail.com>

Hello!

After about three days' active development, I'm happy to annouce the
new development version of ngx_openresty, 1.2.1.3:

? ?http://openresty.org/#Download

Below is the change log for this release (compared with the last release,
1.2.1.1):

 *   upgraded EchoNginxModule to 0.40.

     *   feature: added new directive echo_status which can be used
         to specify a different default response status code other
         than 200. thanks Maxime Corbeau for requesting this.

 *   upgraded LuaNginxModule to 0.5.3.

     *   bugfix: ngx.say and ngx.print might cause nginx to crash
         when table-typed arguments were given. thanks sztanpet for
         reporting this in github issue #54.

 *   applied location_if_inherits_proxy.patch to the nginx core. see
     <http://mailman.nginx.org/pipermail/nginx-devel/2012-June/002374.html>
for details.

The HTML version of the change log with lots of helpful hyper-links can
be browsed here:

   http://openresty.org/#ChangeLog1002001

Special thanks go to all our contributors and users for helping make this
happen :)

OpenResty (aka. ngx_openresty) is a full-fledged web application
server by bundling the standard Nginx core, lots of 3rd-party Nginx
modules, as well as most of their external dependencies. See
OpenResty's homepage for details:

??? http://openresty.org/

Have fun!
-agentzh


From wendal1985 at gmail.com  Mon Jun 25 04:40:20 2012
From: wendal1985 at gmail.com (Wendal Chen)
Date: Mon, 25 Jun 2012 12:40:20 +0800
Subject: [openresty] [ANN] ngx_openresty devel version 1.2.1.3 released
In-Reply-To: <CAB4Tn6MPhuazpFjtx=9P2jV1WB-1BPtVkDmii1YrM01qhWVSXw@mail.gmail.com>
References: <CAB4Tn6MnaY5J0CUqwi5=am+3sDPc3ivNtP=e74W2S77WEnrVOQ@mail.gmail.com>
	<CAB4Tn6MPhuazpFjtx=9P2jV1WB-1BPtVkDmii1YrM01qhWVSXw@mail.gmail.com>
Message-ID: <CAM79QPUchsx5Mhe5yvuOy8QiXQnQxoZ+WUftz8iD62qx1QN6HQ@mail.gmail.com>

Good!

????,?????????

2012/6/25 agentzh <agentzh at gmail.com>

> Hello!
>
> After about three days' active development, I'm happy to annouce the
> new development version of ngx_openresty, 1.2.1.3:
>
>   http://openresty.org/#Download
>
> Below is the change log for this release (compared with the last release,
> 1.2.1.1):
>
>  *   upgraded EchoNginxModule to 0.40.
>
>     *   feature: added new directive echo_status which can be used
>         to specify a different default response status code other
>         than 200. thanks Maxime Corbeau for requesting this.
>
>  *   upgraded LuaNginxModule to 0.5.3.
>
>     *   bugfix: ngx.say and ngx.print might cause nginx to crash
>         when table-typed arguments were given. thanks sztanpet for
>         reporting this in github issue #54.
>
>  *   applied location_if_inherits_proxy.patch to the nginx core. see
>     <http://mailman.nginx.org/pipermail/nginx-devel/2012-June/002374.html>
> for details.
>
> The HTML version of the change log with lots of helpful hyper-links can
> be browsed here:
>
>   http://openresty.org/#ChangeLog1002001
>
> Special thanks go to all our contributors and users for helping make this
> happen :)
>
> OpenResty (aka. ngx_openresty) is a full-fledged web application
> server by bundling the standard Nginx core, lots of 3rd-party Nginx
> modules, as well as most of their external dependencies. See
> OpenResty's homepage for details:
>
>    http://openresty.org/
>
> Have fun!
> -agentzh
>
> --
> ???: ??"openresty",???????!
> ??: ????? openresty at googlegroups.com
> ??: ????? openresty+unsubscribe at googlegroups.com
> ??: http://groups.google.com/group/openresty
> ??: http://openresty.org/
> ??: https://github.com/agentzh/ngx_openresty
> ??: ????? http://wiki.woodpecker.org.cn/moin/AskForHelp
> ??: http://agentzh.org/misc/nginx/agentzh-nginx-tutorials-zhcn.html
>



-- 
Wendal Chen
GuangDong China
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120625/b78ba1a8/attachment-0001.html>

From nginx-forum at nginx.us  Mon Jun 25 08:03:04 2012
From: nginx-forum at nginx.us (karolis)
Date: Mon, 25 Jun 2012 04:03:04 -0400 (EDT)
Subject: AJP from apache to nginx
Message-ID: <70b8181f98a2b97a17451280cb57463c.NginxMailingListEnglish@forum.nginx.org>

Hi everyone,

first of all i'm completely new user of nginx. I want to move from
apache-tomcat to nginx-tomcat, but i'm having big problems with nginx
ajp module and how to use it. Any help would be greatly appreciated!

Here are my apache httpd-vhosts.conf: 

NameVirtualHost *:80
NameVirtualHost *:443

<VirtualHost *:80>
        ServerAdmin webmaster at localhost
        ServerName alis.am.lt
        ProxyRequests off
        ProxyPreserveHost on

        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>

        ProxyPass /AlisL09Service
http://10.255.6.120:8080/AlisL09Service/
        ProxyPassReverse /AlisL09Service
http://10.255.6.120:8080/AlisL09Service/

        ProxyPass /gis/geoserver/web !
        ProxyPass /gis http://10.255.5.140:8080
        ProxyPassReverse /gis http://10.255.5.140:8080

        ProxyPass / ajp://localhost:8009/
        ProxyPassReverse / ajp://localhost:8009/
        ProxyPassReverse / http://localhost:8009/
        ProxyPassReverseCookiePath /localhost /localhost/

</VirtualHost>
<VirtualHost *:443>
        ServerAdmin webmaster at localhost
        ServerName alis.am.lt

        ProxyRequests off
        ProxyPreserveHost on

        <Proxy *>
                Order deny,allow
                Allow from all
        </Proxy>

        ProxyPass /gis/geoserver/web !
        ProxyPass /gis http://10.255.5.140:8080
        ProxyPassReverse /gis http://10.255.5.140:8080

        ProxyPass / ajp://localhost:8009/
        ProxyPassReverse / ajp://localhost:8009/
        ProxyPassReverse / http://localhost:8009/
        ProxyPassReverseCookiePath /localhost /localhost/

        SSLEngine on
        SSLProtocol all
        SSLCertificateFile
/home/dts/certificates/alis.publicsite.primary.cert.p7b
        SSLCertificateKeyFile
/home/dts/certificates/alis.am.lt_privateKeyNoPass.key
        SSLCertificateChainFile
/home/dts/certificates/alis.publicsite.intermediate.cert.p7b

</VirtualHost>
SSLPassPhraseDialog builtin


And here's what i have so far in my nginx.conf:

user              nginx;
worker_processes  8;

error_log  logs/error.log;
pid        logs/nginx.pid;

events {
    worker_connections  8192;
}

http {
upstream www_serveriai  {
server 10.255.7.120:443;
}
upstream www_serveriai_80  {
server 10.255.7.120:80;
}
    include       /usr/local/nginx/conf/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local]
"$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /usr/local/nginx/logs/access.log  main;

    sendfile        on;
    keepalive_timeout  65;

 server {
      listen 80;
      server_name alis.am.lt;
      location / {
        #proxy_pass ajp://localhost:8009/;
        proxy_pass http://localhost:8009/;
        ajp_keep_conn on;
        ajp_pass www_serveriai_80;
      }

}
}

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227843,227843#msg-227843


From nginx-forum at nginx.us  Mon Jun 25 08:54:18 2012
From: nginx-forum at nginx.us (n1xman)
Date: Mon, 25 Jun 2012 04:54:18 -0400 (EDT)
Subject: healthcheck_nginx_upstreams patch fails for Nginx 1.2.1
In-Reply-To: <zarafa.4fcf55b2.1ebd.0719361e620ae004@mail.openindex.io>
References: <zarafa.4fcf55b2.1ebd.0719361e620ae004@mail.openindex.io>
Message-ID: <237e853b8ae444e93e4f2ce49a5538ad.NginxMailingListEnglish@forum.nginx.org>

Hello,

I have the same problem and have you find a solution for this..? 

I hope developer will update the patch and continue to release going
forward.

Thanks in advance.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227279,227844#msg-227844


From nbubingo at gmail.com  Mon Jun 25 09:19:56 2012
From: nbubingo at gmail.com (=?GB2312?B?0qbOsLHz?=)
Date: Mon, 25 Jun 2012 17:19:56 +0800
Subject: AJP from apache to nginx
In-Reply-To: <70b8181f98a2b97a17451280cb57463c.NginxMailingListEnglish@forum.nginx.org>
References: <70b8181f98a2b97a17451280cb57463c.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAGxuLK1fwkqVG=nG1JAkVNGDCHsoKu=yb9PvM6NaO6MpGtv-kQ@mail.gmail.com>

why you use two proxy modules? You should choose one. The port 8009
normally is the AJP connector, you should use it with ajp module. Or
you can use the port 80 with http proxy module.

Thanks.

2012/6/25 karolis <nginx-forum at nginx.us>:
> Hi everyone,
>
> first of all i'm completely new user of nginx. I want to move from
> apache-tomcat to nginx-tomcat, but i'm having big problems with nginx
> ajp module and how to use it. Any help would be greatly appreciated!
>
> Here are my apache httpd-vhosts.conf:
>
> NameVirtualHost *:80
> NameVirtualHost *:443
>
> <VirtualHost *:80>
> ? ? ? ?ServerAdmin webmaster at localhost
> ? ? ? ?ServerName alis.am.lt
> ? ? ? ?ProxyRequests off
> ? ? ? ?ProxyPreserveHost on
>
> ? ? ? ?<Proxy *>
> ? ? ? ? ? ? ? ?Order deny,allow
> ? ? ? ? ? ? ? ?Allow from all
> ? ? ? ?</Proxy>
>
> ? ? ? ?ProxyPass /AlisL09Service
> http://10.255.6.120:8080/AlisL09Service/
> ? ? ? ?ProxyPassReverse /AlisL09Service
> http://10.255.6.120:8080/AlisL09Service/
>
> ? ? ? ?ProxyPass /gis/geoserver/web !
> ? ? ? ?ProxyPass /gis http://10.255.5.140:8080
> ? ? ? ?ProxyPassReverse /gis http://10.255.5.140:8080
>
> ? ? ? ?ProxyPass / ajp://localhost:8009/
> ? ? ? ?ProxyPassReverse / ajp://localhost:8009/
> ? ? ? ?ProxyPassReverse / http://localhost:8009/
> ? ? ? ?ProxyPassReverseCookiePath /localhost /localhost/
>
> </VirtualHost>
> <VirtualHost *:443>
> ? ? ? ?ServerAdmin webmaster at localhost
> ? ? ? ?ServerName alis.am.lt
>
> ? ? ? ?ProxyRequests off
> ? ? ? ?ProxyPreserveHost on
>
> ? ? ? ?<Proxy *>
> ? ? ? ? ? ? ? ?Order deny,allow
> ? ? ? ? ? ? ? ?Allow from all
> ? ? ? ?</Proxy>
>
> ? ? ? ?ProxyPass /gis/geoserver/web !
> ? ? ? ?ProxyPass /gis http://10.255.5.140:8080
> ? ? ? ?ProxyPassReverse /gis http://10.255.5.140:8080
>
> ? ? ? ?ProxyPass / ajp://localhost:8009/
> ? ? ? ?ProxyPassReverse / ajp://localhost:8009/
> ? ? ? ?ProxyPassReverse / http://localhost:8009/
> ? ? ? ?ProxyPassReverseCookiePath /localhost /localhost/
>
> ? ? ? ?SSLEngine on
> ? ? ? ?SSLProtocol all
> ? ? ? ?SSLCertificateFile
> /home/dts/certificates/alis.publicsite.primary.cert.p7b
> ? ? ? ?SSLCertificateKeyFile
> /home/dts/certificates/alis.am.lt_privateKeyNoPass.key
> ? ? ? ?SSLCertificateChainFile
> /home/dts/certificates/alis.publicsite.intermediate.cert.p7b
>
> </VirtualHost>
> SSLPassPhraseDialog builtin
>
>
> And here's what i have so far in my nginx.conf:
>
> user ? ? ? ? ? ? ?nginx;
> worker_processes ?8;
>
> error_log ?logs/error.log;
> pid ? ? ? ?logs/nginx.pid;
>
> events {
> ? ?worker_connections ?8192;
> }
>
> http {
> upstream www_serveriai ?{
> server 10.255.7.120:443;
> }
> upstream www_serveriai_80 ?{
> server 10.255.7.120:80;
> }
> ? ?include ? ? ? /usr/local/nginx/conf/mime.types;
> ? ?default_type ?application/octet-stream;
>
> ? ?log_format ?main ?'$remote_addr - $remote_user [$time_local]
> "$request" '
> ? ? ? ? ? ? ? ? ? ? ?'$status $body_bytes_sent "$http_referer" '
> ? ? ? ? ? ? ? ? ? ? ?'"$http_user_agent" "$http_x_forwarded_for"';
>
> ? ?access_log ?/usr/local/nginx/logs/access.log ?main;
>
> ? ?sendfile ? ? ? ?on;
> ? ?keepalive_timeout ?65;
>
> ?server {
> ? ? ?listen 80;
> ? ? ?server_name alis.am.lt;
> ? ? ?location / {
> ? ? ? ?#proxy_pass ajp://localhost:8009/;
> ? ? ? ?proxy_pass http://localhost:8009/;
> ? ? ? ?ajp_keep_conn on;
> ? ? ? ?ajp_pass www_serveriai_80;
> ? ? ?}
>
> }
> }
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227843,227843#msg-227843
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From nbubingo at gmail.com  Mon Jun 25 09:24:28 2012
From: nbubingo at gmail.com (=?GB2312?B?0qbOsLHz?=)
Date: Mon, 25 Jun 2012 17:24:28 +0800
Subject: healthcheck_nginx_upstreams patch fails for Nginx 1.2.1
In-Reply-To: <237e853b8ae444e93e4f2ce49a5538ad.NginxMailingListEnglish@forum.nginx.org>
References: <zarafa.4fcf55b2.1ebd.0719361e620ae004@mail.openindex.io>
	<237e853b8ae444e93e4f2ce49a5538ad.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAGxuLK0RYQ_Ss4SDMjE-GsdSMS9aHZkYmHwwTar0iT4Ov1r8Cw@mail.gmail.com>

Hi,

May be you can use my upstream check module:
https://github.com/yaoweibin/nginx_upstream_check_module

This module is more powerful than the healthcheck_nginx_upstreams
module. And it has been merge into Tengine (Taobao's fork of Nginx) :
http://tengine.taobao.org/


You can use it with the patch
(https://github.com/yaoweibin/nginx_upstream_check_module/blob/master/check_1.2.1%2B.patch)
with nginx-1.2.1+.

Thanks.

2012/6/25 n1xman <nginx-forum at nginx.us>:
> Hello,
>
> I have the same problem and have you find a solution for this..?
>
> I hope developer will update the patch and continue to release going
> forward.
>
> Thanks in advance.
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227279,227844#msg-227844
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From markus.jelsma at openindex.io  Mon Jun 25 09:34:09 2012
From: markus.jelsma at openindex.io (=?utf-8?Q?Markus_Jelsma?=)
Date: Mon, 25 Jun 2012 09:34:09 +0000
Subject: healthcheck_nginx_upstreams patch fails for Nginx 1.2.1
In-Reply-To: <CAGxuLK0RYQ_Ss4SDMjE-GsdSMS9aHZkYmHwwTar0iT4Ov1r8Cw@mail.gmail.com>
References: <CAGxuLK0RYQ_Ss4SDMjE-GsdSMS9aHZkYmHwwTar0iT4Ov1r8Cw@mail.gmail.com>
Message-ID: <zarafa.4fe83091.5840.0818b97704644180@mail.openindex.io>

Hi ???,

It has more features indeed and i see a patch for the upstream fair module. The other module does not work with fair but i assume with the patch yours does?

Thanks
 
 
-----Original message-----
> From:??? <nbubingo at gmail.com>
> Sent: Mon 25-Jun-2012 11:25
> To: nginx at nginx.org
> Subject: Re: healthcheck_nginx_upstreams patch fails for Nginx 1.2.1
> 
> Hi,
> 
> May be you can use my upstream check module:
> https://github.com/yaoweibin/nginx_upstream_check_module
> 
> This module is more powerful than the healthcheck_nginx_upstreams
> module. And it has been merge into Tengine (Taobao's fork of Nginx) :
> http://tengine.taobao.org/
> 
> 
> You can use it with the patch
> (https://github.com/yaoweibin/nginx_upstream_check_module/blob/master/check_1.2.1%2B.patch)
> with nginx-1.2.1+.
> 
> Thanks.
> 
> 2012/6/25 n1xman <nginx-forum at nginx.us>:
> > Hello,
> >
> > I have the same problem and have you find a solution for this..?
> >
> > I hope developer will update the patch and continue to release going
> > forward.
> >
> > Thanks in advance.
> >
> > Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227279,227844#msg-227844
> >
> > _______________________________________________
> > nginx mailing list
> > nginx at nginx.org
> > http://mailman.nginx.org/mailman/listinfo/nginx
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
> 


From maxim at nginx.com  Mon Jun 25 09:42:51 2012
From: maxim at nginx.com (Maxim Konovalov)
Date: Mon, 25 Jun 2012 13:42:51 +0400
Subject: Fwd: nginx.org documents in simplified Chinese
In-Reply-To: <CAKPCrs0U3+yTd9antEBEbkL_8WPA8AEe+n3Q8FGXVu6N+Av5uQ@mail.gmail.com>
References: <CAKPCrs0U3+yTd9antEBEbkL_8WPA8AEe+n3Q8FGXVu6N+Av5uQ@mail.gmail.com>
Message-ID: <4FE8329B.1070900@nginx.com>

Hello,

could someone with Chinese language do a brief review of an enclosed
diff for us?

Thanks in advance,

-------- Original Message --------
Subject: 	Re: nginx.org documents in simplified Chinese
Date: 	Thu, 31 May 2012 19:54:02 +0800
From: 	chen cw <crk_world at yahoo.com.cn>
Reply-To: 	nginx-devel at nginx.org
To: 	nginx-devel at nginx.org

Hello everybody,
I come here with the patch for nginx.org <http://nginx.org>
documents in simplified Chinese, and I'm glad that someone will give
it a review. This work is done by the whole Server Platforms Team at
Taobao.com.

Thank you.

Regards

-- 
Charles Chen
Software Engineer
Server Platforms Team at Taobao.com

-- 
Maxim Konovalov
+7 (910) 4293178
http://nginx.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginx_org.diff
Type: application/octet-stream
Size: 63709 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120625/820e9c77/attachment-0001.obj>
-------------- next part --------------
_______________________________________________
nginx-devel mailing list
nginx-devel at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx-devel

From mdounin at mdounin.ru  Mon Jun 25 10:11:05 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Mon, 25 Jun 2012 14:11:05 +0400
Subject: gzip gzip_min_length directives doesn't work in ajax?
In-Reply-To: <CALL55gg5ZmG2Vd65pj0hCZjoTMQJrQNh=kYVcVBbiW75Wr55GA@mail.gmail.com>
References: <CALL55gg5ZmG2Vd65pj0hCZjoTMQJrQNh=kYVcVBbiW75Wr55GA@mail.gmail.com>
Message-ID: <20120625101105.GX31671@mdounin.ru>

Hello!

On Sun, Jun 24, 2012 at 04:54:28PM +0800, lhmwzy wrote:

>  I have the following conf
> 
> http {
> ...
>     gzip on;
>     gzip_min_length 1000;
>     gzip_buffers 16 64k;
>     gzip_http_version 1.1;
>     gzip_comp_level 6;
>     gzip_types text/plain application/x-javascript text/css application/xml;
>     gzip_vary on;
> ...
> 
> I notice that the gzip_min_length 1000; dirctives doesn't word in ajax.
> 
> the request header:
> 
> Host	10.66.23.99
> Accept-Charset	GB2312,utf-8;q=0.7,*;q=0.7
> (Request-Line)	GET /luapp/getname?query=dsfds HTTP/1.1
> Accept-Encoding	gzip, deflate
> Connection	keep-alive
> User-Agent	Mozilla/5.0 (Windows NT 6.1; WOW64; rv:5.0) Gecko/20100101
> Firefox/5.0
> Cookie	name=bq0xPMS+HUgGYuV7pB9f9j6l9qhcIdS3fABQDOlgsuY=;
> returnurl=/app/images/shadow.png
> Accept	text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
> Accept-Language	zh-cn,zh;q=0.5
> 
> the response header:
> (Status-Line)	HTTP/1.1 200 OK
> Connection	keep-alive
> Content-Encoding	gzip
> Content-Type	text/html; charset=UTF-8
> Date	Sun, 24 Jun 2012 08:37:05 GMT
> Server	ngx_openresty/1.2.1.1
> Transfer-Encoding	chunked
> Vary	Accept-Encoding
> 
> the url:http://10.66.23.99/luapp/getname?query=dsfds
> the return content:
> {"query":"dsfds","suggestions":{}}
> the size of return content is 35bytes,is smaller than gzip_min_length
> in the conf,but it is still gziped,
> the gzip resut:text/html; charset=UTF-8 : 35 bytes, gzip compressed to
> 55 bytes ( -57.1 % saving )
> 
> Why?
> I'm using nginx 1.2.1

The gzip_min_length directive doesn't work if length isn't known.

Maxim Dounin


From mdounin at mdounin.ru  Mon Jun 25 10:21:45 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Mon, 25 Jun 2012 14:21:45 +0400
Subject: Problem with try files: =404 results in php files being
	downloaded instead of parsed by php
In-Reply-To: <cf860ae12d0b2538b526bf3b30d9a409.NginxMailingListEnglish@forum.nginx.org>
References: <cf860ae12d0b2538b526bf3b30d9a409.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120625102145.GY31671@mdounin.ru>

Hello!

On Sun, Jun 24, 2012 at 06:24:01PM -0400, Xaymar wrote:

> Hello,
> 
> I tried changing my template configuration so that it would show "404
> not found" instead of "No input file specified." but to my surprise,
> try_files did something completely unpredictable and now I'm stuck with
> "No input file specified.". To be exact I tried changin this:
> > try_files "$uri" "$uri/" "/index.php";
> into this:
> > try_files "$uri" "$uri/" "/index.php" =404;
> which then resulted in nginx sending the php file as
> application-octet-stream, instead of parsing it through the fastcgi
> handler.

You've asked nginx to return /index.php as static if $uri isn't 
found, and it does so.  No surprise here.

> How do I do the above right, if not with the try_files syntax?

Add "try_files $uri =404;" to your "location ~ \.php" instead.

[...]

Maxim Dounin


From nginx-forum at nginx.us  Mon Jun 25 10:39:18 2012
From: nginx-forum at nginx.us (technoplague)
Date: Mon, 25 Jun 2012 06:39:18 -0400 (EDT)
Subject: nginx rewrite expression dilemma
Message-ID: <6f77f1abf56cabfd7ce1adfc71791f42.NginxMailingListEnglish@forum.nginx.org>

Hi,

Having following apache config working: 

=========================================================

    <Directory /data/www/dev/domain.com/cf/htdocs/get>
        Options FollowSymlinks
        RewriteEngine on
        RewriteRule ^([^/\.]+)/([^/]+)$ index.php?contid=$1 [L]
    </Directory>

=========================================================

Rewrite works properly, when pointing to domain.com/get/aa/bb

I can't get this working properly in nginx using the following config:
When I enter URL that works in apache, nginx returns with 404. 

=========================================================
upstream cf-domain {

        server unix:/data/www/dev/domain.com/cf/cf-domain.sock;
}


server {
        listen 62.236.108.22:80;
        listen 127.0.0.1:28005;
        server_name cfdev.domain.com;
        access_log
/data/www/dev/domain.com/cf/logs/frontend/access.log;
        error_log /data/www/dev/domain.com/cf/logs/frontend/error.log;

        charset utf-8;

        location ~ ^/get/ {
                rewrite ^([^/\.]+)/([^/]+)$ index.php?contid=$1 last;
                fastcgi_pass cf-domain;
        }

        location / {
                root /data/www/dev/domain.com/cf/htdocs;
                index index.php index.html;

                if ($request_uri ~* "\.(ico|css|js|gif|jpe?g|png)$") {
                        expires max;
                }

                if (!-f $request_filename) {
                        rewrite  ^/(.*)$  /index.php?q=$1  last;
                        break;
                }
        }

        location ~ (\.php)$ {
                fastcgi_param SCRIPT_FILENAME
/data/www/dev/domain.com/cf/htdocs$fastcgi_script_name;
                fastcgi_param PATH_INFO $fastcgi_script_name;
                include /etc/nginx/fastcgi_params;
                fastcgi_pass cf-domain;
        }

        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
            root html;
        }
}

=========================================================

I suspect I need to amend processing order or rewrite, but can't seem to
find the right way. Can you please help me to find where the error is?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227851,227851#msg-227851


From nginx-forum at nginx.us  Mon Jun 25 10:42:29 2012
From: nginx-forum at nginx.us (shahzaib1232)
Date: Mon, 25 Jun 2012 06:42:29 -0400 (EDT)
Subject: http_flv_module not working, any idea please
In-Reply-To: <790499b9e77ed3d8b16dd5e6cd2e099b.NginxMailingListEnglish@forum.nginx.org>
References: <790499b9e77ed3d8b16dd5e6cd2e099b.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <fd852cb8ef0de6517f65aa8c8a60baf1.NginxMailingListEnglish@forum.nginx.org>

i am having the same issue ? can someone guide me? working on it more
than 3weeks

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,205650,227852#msg-227852


From mdounin at mdounin.ru  Mon Jun 25 10:47:51 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Mon, 25 Jun 2012 14:47:51 +0400
Subject: cache and mobile video playback
In-Reply-To: <CAB8ESJHR8CeucG5rYGJYWghv-O7xmy0gAhWY1O3st6pBdU=buw@mail.gmail.com>
References: <EDF712D1448C42C48E0D73AC54A803C5@funciton.com>
	<CA+FsSoJp2n+c-CxxdoqFAwLb=bmq+ZqOM=8ZLkLy5eaD8LCgjg@mail.gmail.com>
	<CAB8ESJHR8CeucG5rYGJYWghv-O7xmy0gAhWY1O3st6pBdU=buw@mail.gmail.com>
Message-ID: <20120625104751.GB31671@mdounin.ru>

Hello!

On Sun, Jun 24, 2012 at 09:04:16PM -0500, Fernando Fl?rez wrote:

> Thank you. Just tried applying the patch to nginx 1.2.1 but seems it is
> (somehow) already implemented.

It's not.  Note that forum interface corrupts whitespaces, and 
it's like the reason why you weren't able to apply the patch 
cleanly.  Try grabbing it from mailing list archive directly here:

http://mailman.nginx.org/pipermail/nginx/2012-April/033517.html

I'm not sure that you the same issue as Antoine though, as you 
claim to have problems with files already in cache, which is 
different from Antoine case (he had problems with files 
being loaded into cache).

> We still hit this bug. Any other suggestions?

If your issue isn't exactly the same as Antoine's one - please dig 
further into what goes on.

Maxim Dounin


> 
> Thanks a lot!
> 
> 
> 
> 2012/6/22 Antoine Bonavita <antoine.bonavita at gmail.com>
> 
> > Hello,
> >
> > I don't know if it applies to your situation but I ran into a similar
> > problem. Details (and patch from Maxim) here:
> > http://forum.nginx.org/read.php?2,225815
> >
> > Hope this helps,
> >
> > Antoine.
> >
> > On Thu, Jun 21, 2012 at 4:13 PM, Fernando Fl?rez <fernando at funciton.com>
> > wrote:
> > > Hello,
> > >
> > > We are using nginx as a load balancer for mp4 videos. Everything works
> > > perfectly but we started having issues with mobile video playback.
> > >
> > > Somehow the video, after it's stored on the nginx cache, can't be played
> > > back on mobiles. Has anyone come across this?
> > >
> > > Any hints would be much appreciated.
> > >
> > > thanks.
> > >
> > >
> > > _______________________________________________
> > > nginx mailing list
> > > nginx at nginx.org
> > > http://mailman.nginx.org/mailman/listinfo/nginx
> >
> > _______________________________________________
> > nginx mailing list
> > nginx at nginx.org
> > http://mailman.nginx.org/mailman/listinfo/nginx
> >

> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From mdounin at mdounin.ru  Mon Jun 25 10:56:29 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Mon, 25 Jun 2012 14:56:29 +0400
Subject: limit zone nor working
In-Reply-To: <4ed67bda496165195c18b9136ec18e80.NginxMailingListEnglish@forum.nginx.org>
References: <4ed67bda496165195c18b9136ec18e80.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120625105629.GC31671@mdounin.ru>

Hello!

On Fri, Jun 22, 2012 at 04:59:11PM -0400, thecrow wrote:

> limit_conn_zone $remote_user zone=peruser:10m; 
> 
> 
> limit_conn peruser 1 ;
> 
> Not working why?

Most likely because $remote_user evaluates to an empty string and 
hence it's ignored.

See here for details:
http://nginx.org/r/limit_conn_zone

Maxim Dounin


From nginx-forum at nginx.us  Mon Jun 25 12:49:23 2012
From: nginx-forum at nginx.us (karolis)
Date: Mon, 25 Jun 2012 08:49:23 -0400 (EDT)
Subject: AJP from apache to nginx
In-Reply-To: <CAGxuLK1fwkqVG=nG1JAkVNGDCHsoKu=yb9PvM6NaO6MpGtv-kQ@mail.gmail.com>
References: <CAGxuLK1fwkqVG=nG1JAkVNGDCHsoKu=yb9PvM6NaO6MpGtv-kQ@mail.gmail.com>
Message-ID: <c381c134c1c0666b905e8e1ff9a375a4.NginxMailingListEnglish@forum.nginx.org>

Ok, but that doesn't solve my problem.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227843,227856#msg-227856


From www at lc365.net  Mon Jun 25 13:25:08 2012
From: www at lc365.net (=?gb2312?B?ufnV8cGi?=)
Date: Mon, 25 Jun 2012 21:25:08 +0800
Subject: nginx.org documents in simplified Chinese
In-Reply-To: <4FE8329B.1070900@nginx.com>
References: <CAKPCrs0U3+yTd9antEBEbkL_8WPA8AEe+n3Q8FGXVu6N+Av5uQ@mail.gmail.com>,
	<4FE8329B.1070900@nginx.com>
Message-ID: <BLU162-W57BBD34CA9D511ED508193E3E10@phx.gbl>


Hello 
Maxim,
    I read most of the translation attached. It is really good for the Simplified Chinese version.

    I vote it.


    Regards,


    Robert Kwok

Date: Mon, 25 Jun 2012 13:42:51 +0400
From: maxim at nginx.com
To: nginx at nginx.org
Subject: Fwd: nginx.org documents in simplified Chinese

Hello,
 
could someone with Chinese language do a brief review of an enclosed
diff for us?
 
Thanks in advance,
 
-------- Original Message --------
Subject: 	Re: nginx.org documents in simplified Chinese
Date: 	Thu, 31 May 2012 19:54:02 +0800
From: 	chen cw <crk_world at yahoo.com.cn>
Reply-To: 	nginx-devel at nginx.org
To: 	nginx-devel at nginx.org
 
Hello everybody,
I come here with the patch for nginx.org <http://nginx.org>
documents in simplified Chinese, and I'm glad that someone will give
it a review. This work is done by the whole Server Platforms Team at
Taobao.com.
 
Thank you.
 
Regards
 
-- 
Charles Chen
Software Engineer
Server Platforms Team at Taobao.com
 
-- 
Maxim Konovalov
+7 (910) 4293178
http://nginx.com/

_______________________________________________
nginx mailing list
nginx at nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120625/9e46bfc7/attachment.html>

From maxim at nginx.com  Mon Jun 25 13:27:13 2012
From: maxim at nginx.com (Maxim Konovalov)
Date: Mon, 25 Jun 2012 17:27:13 +0400
Subject: nginx.org documents in simplified Chinese
In-Reply-To: <BLU162-W57BBD34CA9D511ED508193E3E10@phx.gbl>
References: <CAKPCrs0U3+yTd9antEBEbkL_8WPA8AEe+n3Q8FGXVu6N+Av5uQ@mail.gmail.com>,
	<4FE8329B.1070900@nginx.com>
	<BLU162-W57BBD34CA9D511ED508193E3E10@phx.gbl>
Message-ID: <4FE86731.4080303@nginx.com>

On 6/25/12 5:25 PM, ??? wrote:
> Hello  Maxim,
>     I read most of the translation attached. It is really good for
> the Simplified Chinese version.
> 
>     I vote it.
> 
Thanks, Robert!

-- 
Maxim Konovalov
+7 (910) 4293178
http://nginx.com/


From markus.jelsma at openindex.io  Mon Jun 25 14:12:58 2012
From: markus.jelsma at openindex.io (=?utf-8?Q?Markus_Jelsma?=)
Date: Mon, 25 Jun 2012 14:12:58 +0000
Subject: SSI and expires header
Message-ID: <zarafa.4fe871ea.331c.4342a6fc037d7b16@mail.openindex.io>

Hello,

We use SSI for serving a specific file but we want it to be cached by the clients for a few hours. We know SSI removes the Expires header set by the standard headers module so we wrote a small perl_set sub that returns a proper HTTP expires date in the future which we set using the headers_more module. Testing via curl -i returns and checking in the browser confirms the Expires header is set correctly. We also output a Cache-Control header. 

The browser, however, doesn't seem to cache the object so we must do something wrong here. I assume we also need a LastModified header but how can we force to send that header while SSI is on? 

Thanks,
Markus


From mat999 at gmail.com  Mon Jun 25 14:30:13 2012
From: mat999 at gmail.com (SplitIce)
Date: Tue, 26 Jun 2012 00:30:13 +1000
Subject: A Challenging Config
Message-ID: <CALFfGYbgk8K6jDh8fLGiL258pft=GkcHjUh9G-BZ45J0gYoPjg@mail.gmail.com>

Ok, Ive been working on a project for a long time. It involves automated
config file building for the nginx web server :)
Now im adding caching. The user of the software can using the interface
select regex's to apply caching logic to.

Ive devided the cache types into 3 types:
1. CACHE: Cache if possible
2. FORCE-CACHE: Cache always, ignore Cache-Control headers
3. NEVER CACHE

all other traffic is caught by the default "/" location. Execution order
for these statements is from 1->3 (e.g 3 should override 1).

I have a couple questions:

1) How can I ignore the effect of cache control on caching?
proxy_hide_header?

2) What is the most efficient order to acheive this caching override
system, my origional idea was to just use location blocks like

location ~ to_cache {
     proxy_cache ....;
     proxy_pass ....;
}

location ~ not_to_cache {
     proxy_cache off;
     proxy_pass ....;
}

location / {
    proxy_pass ....;
}

is this right? Im not really sure I understand the wiki text on matching
order.

Thanks in advance,
SplitIce
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120626/a96d1635/attachment.html>

From aydinumut82 at gmail.com  Mon Jun 25 14:54:45 2012
From: aydinumut82 at gmail.com (Umut Aydin)
Date: Mon, 25 Jun 2012 17:54:45 +0300
Subject: nginx + gunicorn + web.py
Message-ID: <CAN_wiOCf7h8Y4MWm0nWgbfFJm2Uc5r_BNRa5ca=eqZ8UO99TgA@mail.gmail.com>

Hello everyone,

As you can see in configuration, we have nginx servers (there are 2 of
them) as reverse proxy which keep requests balanced for 6 gunicorn
application(web.py framework) nodes.

In python part, we calculate execution time and we know that application
part completes in ~0.02 sec per request but it takes 60-300 milliseconds to
see it on browser in the beginning which is acceptable for us.

In time (~20-30 minutes), active connection number increases to 1000+ from
300+. Our python application still completes in ~0.02 sec but it takes
sometimes even 30 seconds to see it on browser.

*/nginx_status*
Active connections: 361
server accepts handled requests
 71644 71644 195385
Reading: 0 Writing: 13 Waiting: 348

*Gunicorn: *http://pastebin.com/CY8m922F
*Nginx:* http://pastebin.com/7bx5H33Q

Do you have any idea?

On the other hand; is that feasible way to deliver a web.py application?

Thanks.
-Umut
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120625/f4fddf27/attachment.html>

From mdounin at mdounin.ru  Mon Jun 25 15:02:42 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Mon, 25 Jun 2012 19:02:42 +0400
Subject: A Challenging Config
In-Reply-To: <CALFfGYbgk8K6jDh8fLGiL258pft=GkcHjUh9G-BZ45J0gYoPjg@mail.gmail.com>
References: <CALFfGYbgk8K6jDh8fLGiL258pft=GkcHjUh9G-BZ45J0gYoPjg@mail.gmail.com>
Message-ID: <20120625150241.GN31671@mdounin.ru>

Hello!

On Tue, Jun 26, 2012 at 12:30:13AM +1000, SplitIce wrote:

> Ok, Ive been working on a project for a long time. It involves automated
> config file building for the nginx web server :)
> Now im adding caching. The user of the software can using the interface
> select regex's to apply caching logic to.
> 
> Ive devided the cache types into 3 types:
> 1. CACHE: Cache if possible
> 2. FORCE-CACHE: Cache always, ignore Cache-Control headers
> 3. NEVER CACHE
> 
> all other traffic is caught by the default "/" location. Execution order
> for these statements is from 1->3 (e.g 3 should override 1).
> 
> I have a couple questions:
> 
> 1) How can I ignore the effect of cache control on caching?
> proxy_hide_header?

http://nginx.org/r/proxy_ignore_headers

> 2) What is the most efficient order to acheive this caching override
> system, my origional idea was to just use location blocks like
> 
> location ~ to_cache {
>      proxy_cache ....;
>      proxy_pass ....;
> }
> 
> location ~ not_to_cache {
>      proxy_cache off;
>      proxy_pass ....;
> }
> 
> location / {
>     proxy_pass ....;
> }
> 
> is this right? Im not really sure I understand the wiki text on matching
> order.

Try official docs instead, it might be better:

http://nginx.org/r/location

Maxim Dounin


From nginx-forum at nginx.us  Mon Jun 25 23:00:55 2012
From: nginx-forum at nginx.us (whiskybar)
Date: Mon, 25 Jun 2012 19:00:55 -0400 (EDT)
Subject: try_files and index
Message-ID: <2ee6f0676b87ce71d1f29f2de4f0382d.NginxMailingListEnglish@forum.nginx.org>

Why is it my first configuration returns 403 while my second
configuration returns 404?

I looked into logs and it seems my first configuration triggers the
index module which is set to the default index.html, finds nothing and
returns 403. Why isn't the =404 triggered? And why is the index module
triggered at all?

server {
    root /var;
    try_files $uri =404;
    location / {
    }
}

My second configuration works more like I expected; but then, why isn't
the index module triggered as well? Does try_files disable the index
module somehow?

server {
    root /var;
    location / {
        try_files $uri =404;
    }
}

Can someone explain how nginx goes to decide what to do?
Thank you

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227887,227887#msg-227887


From edho at myconan.net  Tue Jun 26 01:45:36 2012
From: edho at myconan.net (Edho Arief)
Date: Tue, 26 Jun 2012 08:45:36 +0700
Subject: try_files and index
In-Reply-To: <2ee6f0676b87ce71d1f29f2de4f0382d.NginxMailingListEnglish@forum.nginx.org>
References: <2ee6f0676b87ce71d1f29f2de4f0382d.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAAtReCmwq3-nJ_PL2L7vqbVTXH6kDsR344fpVMWAL=x5aCbm8g@mail.gmail.com>

On Tue, Jun 26, 2012 at 6:00 AM, whiskybar <nginx-forum at nginx.us> wrote:
> Why is it my first configuration returns 403 while my second
> configuration returns 404?
>
> I looked into logs and it seems my first configuration triggers the
> index module which is set to the default index.html, finds nothing and
> returns 403. Why isn't the =404 triggered? And why is the index module
> triggered at all?
>
> server {
> ? ?root /var;
> ? ?try_files $uri =404;
> ? ?location / {
> ? ?}
> }
>
> My second configuration works more like I expected; but then, why isn't
> the index module triggered as well? Does try_files disable the index
> module somehow?
>
> server {
> ? ?root /var;
> ? ?location / {
> ? ? ? ?try_files $uri =404;
> ? ?}
> }
>
> Can someone explain how nginx goes to decide what to do?
> Thank you
>

try_files doesn't trigger index; you must try $uri/ explicitly.
Therefore, the correct try_files you need is:
try_files $uri $uri/ =404;


From mat999 at gmail.com  Tue Jun 26 03:35:59 2012
From: mat999 at gmail.com (SplitIce)
Date: Tue, 26 Jun 2012 13:35:59 +1000
Subject: A Challenging Config
In-Reply-To: <20120625150241.GN31671@mdounin.ru>
References: <CALFfGYbgk8K6jDh8fLGiL258pft=GkcHjUh9G-BZ45J0gYoPjg@mail.gmail.com>
	<20120625150241.GN31671@mdounin.ru>
Message-ID: <CALFfGYZNoT0+2+VFPUQRVQguZJQpWksOAhEpFvkwkDQON2NTVw@mail.gmail.com>

Ok thanks, my problem isnt with the matching order (bad explination on my
part) but more with the matching procedure

e.g

location ~ to_cache {
     proxy_cache ....;
     proxy_pass ....;
}

location ~ not_to_cache {
     proxy_cache off;
     proxy_pass ....;
}

/
If the url /abc-not_to_cache-def/ is passed to nginx does the server
execute both the matches (to_cache, then not_to_cache with not_to_cache
overriding to_cache) or does it stop after the first match (to_cache)?




On Tue, Jun 26, 2012 at 1:02 AM, Maxim Dounin <mdounin at mdounin.ru> wrote:

> Hello!
>
> On Tue, Jun 26, 2012 at 12:30:13AM +1000, SplitIce wrote:
>
> > Ok, Ive been working on a project for a long time. It involves automated
> > config file building for the nginx web server :)
> > Now im adding caching. The user of the software can using the interface
> > select regex's to apply caching logic to.
> >
> > Ive devided the cache types into 3 types:
> > 1. CACHE: Cache if possible
> > 2. FORCE-CACHE: Cache always, ignore Cache-Control headers
> > 3. NEVER CACHE
> >
> > all other traffic is caught by the default "/" location. Execution order
> > for these statements is from 1->3 (e.g 3 should override 1).
> >
> > I have a couple questions:
> >
> > 1) How can I ignore the effect of cache control on caching?
> > proxy_hide_header?
>
> http://nginx.org/r/proxy_ignore_headers
>
> > 2) What is the most efficient order to acheive this caching override
> > system, my origional idea was to just use location blocks like
> >
> > location ~ to_cache {
> >      proxy_cache ....;
> >      proxy_pass ....;
> > }
> >
> > location ~ not_to_cache {
> >      proxy_cache off;
> >      proxy_pass ....;
> > }
> >
> > location / {
> >     proxy_pass ....;
> > }
> >
> > is this right? Im not really sure I understand the wiki text on matching
> > order.
>
> Try official docs instead, it might be better:
>
> http://nginx.org/r/location
>
> Maxim Dounin
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120626/6418b2a2/attachment.html>

From wendal1985 at gmail.com  Tue Jun 26 03:53:26 2012
From: wendal1985 at gmail.com (Wendal Chen)
Date: Tue, 26 Jun 2012 11:53:26 +0800
Subject: Nginx 1.2.1 warning when using clang
Message-ID: <CAM79QPUXx5=OVKOcGP9nah1bFujJNWz8AxaOPxnf05EnAsTy-w@mail.gmail.com>

OpenSUSE 11.4  using clang

warning  :

src/core/nginx.c:487:37: warning: array index of '3' indexes past the end
of an array (that contains 3 elements) [-Warray-bounds]
        if (ngx_strcmp(var[i].data, "TZ") == 0
            ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
src/core/ngx_string.h:57:70: note: expanded from:
#define ngx_strcmp(s1, s2)  strcmp((const char *) s1, (const char *) s2)
                                                                     ^
/usr/include/bits/string2.h:817:28: note: expanded from:
               : __strcmp_gc (s1, s2, __s2_len))
   \
                                  ^
/usr/include/bits/string2.h:911:27: note: expanded from:
                                    (__const char *) (s2))[3]);
  \
                                                      ^    ~
1 warning generated.
src/core/ngx_file.c:384:27: warning: array index of '3' indexes past the
end of an array (that contains 3 elements) [-Warray-bounds]
        if (ngx_strcmp(p, "rw") == 0) {
            ~~~~~~~~~~~~~~^~~~~
src/core/ngx_string.h:57:70: note: expanded from:
#define ngx_strcmp(s1, s2)  strcmp((const char *) s1, (const char *) s2)
                                                                     ^
/usr/include/bits/string2.h:817:28: note: expanded from:
               : __strcmp_gc (s1, s2, __s2_len))
   \
                                  ^
/usr/include/bits/string2.h:911:27: note: expanded from:
                                    (__const char *) (s2))[3]);
  \
                                                      ^    ~
src/core/ngx_file.c:387:34: warning: array index of '2' indexes past the
end of an array (that contains 2 elements) [-Warray-bounds]
        } else if (ngx_strcmp(p, "r") == 0) {

.... and more ....
-- 
Wendal Chen
GuangDong China
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120626/5f69a9e9/attachment.html>

From mdounin at mdounin.ru  Tue Jun 26 06:44:03 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 26 Jun 2012 10:44:03 +0400
Subject: A Challenging Config
In-Reply-To: <CALFfGYZNoT0+2+VFPUQRVQguZJQpWksOAhEpFvkwkDQON2NTVw@mail.gmail.com>
References: <CALFfGYbgk8K6jDh8fLGiL258pft=GkcHjUh9G-BZ45J0gYoPjg@mail.gmail.com>
	<20120625150241.GN31671@mdounin.ru>
	<CALFfGYZNoT0+2+VFPUQRVQguZJQpWksOAhEpFvkwkDQON2NTVw@mail.gmail.com>
Message-ID: <20120626064403.GT31671@mdounin.ru>

Hello!

On Tue, Jun 26, 2012 at 01:35:59PM +1000, SplitIce wrote:

> Ok thanks, my problem isnt with the matching order (bad explination on my
> part) but more with the matching procedure
> 
> e.g
> 
> location ~ to_cache {
>      proxy_cache ....;
>      proxy_pass ....;
> }
> 
> location ~ not_to_cache {
>      proxy_cache off;
>      proxy_pass ....;
> }
> 
> /
> If the url /abc-not_to_cache-def/ is passed to nginx does the server
> execute both the matches (to_cache, then not_to_cache with not_to_cache
> overriding to_cache) or does it stop after the first match (to_cache)?

Quoting from http://nginx.org/r/location, the link already suggested:

: Then regular expressions are checked, in the order of their 
: appearance in a configuration file. A search of regular 
: expressions terminates on the first match, and the corresponding 
: configuration is used.

[...]

Maxim Dounin


From nginx-forum at nginx.us  Tue Jun 26 06:47:10 2012
From: nginx-forum at nginx.us (abcomp01)
Date: Tue, 26 Jun 2012 02:47:10 -0400 (EDT)
Subject: How to disable auto redirect to visual host?
Message-ID: <835bc6edf7573fec12ad2839dbe086a1.NginxMailingListEnglish@forum.nginx.org>

server {
server_name www.clickzeed.com;
listen 80;
server_name_in_redirect off;
root /home/wwwroot/clickzeed;
}


but i not set anything about www.test.com

when i access www.test.com in visual host it auto redirect to t
/home/wwwroot/clickzeed ?

and how ro config to access ip different doc root not auto ?


* www.test.com it test domain

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227906,227906#msg-227906


From mdounin at mdounin.ru  Tue Jun 26 07:01:28 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 26 Jun 2012 11:01:28 +0400
Subject: Nginx 1.2.1 warning when using clang
In-Reply-To: <CAM79QPUXx5=OVKOcGP9nah1bFujJNWz8AxaOPxnf05EnAsTy-w@mail.gmail.com>
References: <CAM79QPUXx5=OVKOcGP9nah1bFujJNWz8AxaOPxnf05EnAsTy-w@mail.gmail.com>
Message-ID: <20120626070128.GU31671@mdounin.ru>

Hello!

On Tue, Jun 26, 2012 at 11:53:26AM +0800, Wendal Chen wrote:

> OpenSUSE 11.4  using clang
> 
> warning  :
> 
> src/core/nginx.c:487:37: warning: array index of '3' indexes past the end
> of an array (that contains 3 elements) [-Warray-bounds]
>         if (ngx_strcmp(var[i].data, "TZ") == 0
>             ~~~~~~~~~~~~~~~~~~~~~~~~^~~~~
> src/core/ngx_string.h:57:70: note: expanded from:
> #define ngx_strcmp(s1, s2)  strcmp((const char *) s1, (const char *) s2)
>                                                                      ^
> /usr/include/bits/string2.h:817:28: note: expanded from:
>                : __strcmp_gc (s1, s2, __s2_len))
>    \
>                                   ^
> /usr/include/bits/string2.h:911:27: note: expanded from:
>                                     (__const char *) (s2))[3]);
>   \
>                                                       ^    ~
> 1 warning generated.
> src/core/ngx_file.c:384:27: warning: array index of '3' indexes past the
> end of an array (that contains 3 elements) [-Warray-bounds]

[...]

This looks like glibc problem.

Maxim Dounin


From lists at ruby-forum.com  Tue Jun 26 07:14:00 2012
From: lists at ruby-forum.com (shahzaib mushtaq)
Date: Tue, 26 Jun 2012 09:14:00 +0200
Subject: nginx flv pseudo stream
Message-ID: <83390e5f414341e1c777a9723511b5e9@ruby-forum.com>

hello, my flv pseudo stream is not working on nginx. I also added my flv
directory on nginx.conf and attached my nginx.conf with my post. I am
struggling on it more than 3weeks.

Attachments:
http://www.ruby-forum.com/attachment/7523/nginx.jpg


-- 
Posted via http://www.ruby-forum.com/.


From nginx-forum at nginx.us  Tue Jun 26 07:18:29 2012
From: nginx-forum at nginx.us (whiskybar)
Date: Tue, 26 Jun 2012 03:18:29 -0400 (EDT)
Subject: try_files and index
In-Reply-To: <CAAtReCmwq3-nJ_PL2L7vqbVTXH6kDsR344fpVMWAL=x5aCbm8g@mail.gmail.com>
References: <CAAtReCmwq3-nJ_PL2L7vqbVTXH6kDsR344fpVMWAL=x5aCbm8g@mail.gmail.com>
Message-ID: <c8710b820b42f8637cfddfd04f562be6.NginxMailingListEnglish@forum.nginx.org>

I'm afraid I have to disagree on this. That was my guess before I tried
that too. Here's the relevant part of the log for my first
configuration, with `try_files $uri =404` only:

2012/06/25 21:34:22 [debug] 30604#0: *335710 open index
"/var/index.html"
2012/06/25 21:34:22 [debug] 30604#0: *335710 stat() "/var/index.html"
failed (
2: No such file or directory)

And btw, this is on Nginx 1.2 64bit (Ubuntu). Why is it happening?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227887,227909#msg-227909


From edho at myconan.net  Tue Jun 26 07:22:17 2012
From: edho at myconan.net (Edho Arief)
Date: Tue, 26 Jun 2012 14:22:17 +0700
Subject: try_files and index
In-Reply-To: <c8710b820b42f8637cfddfd04f562be6.NginxMailingListEnglish@forum.nginx.org>
References: <CAAtReCmwq3-nJ_PL2L7vqbVTXH6kDsR344fpVMWAL=x5aCbm8g@mail.gmail.com>
	<c8710b820b42f8637cfddfd04f562be6.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAAtReCk8PLgoJWddFFKEjLiRLWah9tvT90-+L5CBnTGso8d+xg@mail.gmail.com>

On Tue, Jun 26, 2012 at 2:18 PM, whiskybar <nginx-forum at nginx.us> wrote:
> I'm afraid I have to disagree on this. That was my guess before I tried
> that too. Here's the relevant part of the log for my first
> configuration, with `try_files $uri =404` only:
>
> 2012/06/25 21:34:22 [debug] 30604#0: *335710 open index
> "/var/index.html"
> 2012/06/25 21:34:22 [debug] 30604#0: *335710 stat() "/var/index.html"
> failed (
> 2: No such file or directory)
>
> And btw, this is on Nginx 1.2 64bit (Ubuntu). Why is it happening?
>

...there's no /var/index.html ?


From mdounin at mdounin.ru  Tue Jun 26 07:31:35 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 26 Jun 2012 11:31:35 +0400
Subject: try_files and index
In-Reply-To: <c8710b820b42f8637cfddfd04f562be6.NginxMailingListEnglish@forum.nginx.org>
References: <CAAtReCmwq3-nJ_PL2L7vqbVTXH6kDsR344fpVMWAL=x5aCbm8g@mail.gmail.com>
	<c8710b820b42f8637cfddfd04f562be6.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120626073135.GX31671@mdounin.ru>

Hello!

On Tue, Jun 26, 2012 at 03:18:29AM -0400, whiskybar wrote:

> I'm afraid I have to disagree on this. That was my guess before I tried
> that too. Here's the relevant part of the log for my first
> configuration, with `try_files $uri =404` only:
> 
> 2012/06/25 21:34:22 [debug] 30604#0: *335710 open index
> "/var/index.html"
> 2012/06/25 21:34:22 [debug] 30604#0: *335710 stat() "/var/index.html"
> failed (
> 2: No such file or directory)
> 
> And btw, this is on Nginx 1.2 64bit (Ubuntu). Why is it happening?

In your first configuration try_files is a nop, as it's defined at 
server level and will be only used if request doesn't match any of 
locations defined.

Maxim Dounin


From lists at ruby-forum.com  Tue Jun 26 07:32:58 2012
From: lists at ruby-forum.com (shahzaib mushtaq)
Date: Tue, 26 Jun 2012 09:32:58 +0200
Subject: try_files and index
In-Reply-To: <CAAtReCk8PLgoJWddFFKEjLiRLWah9tvT90-+L5CBnTGso8d+xg@mail.gmail.com>
References: <2ee6f0676b87ce71d1f29f2de4f0382d.NginxMailingListEnglish@forum.nginx.org>
	<CAAtReCmwq3-nJ_PL2L7vqbVTXH6kDsR344fpVMWAL=x5aCbm8g@mail.gmail.com>
	<c8710b820b42f8637cfddfd04f562be6.NginxMailingListEnglish@forum.nginx.org>
	<CAAtReCk8PLgoJWddFFKEjLiRLWah9tvT90-+L5CBnTGso8d+xg@mail.gmail.com>
Message-ID: <3842225598b4449b84c2ce608bcfcaa0@ruby-forum.com>

Edho Arief wrote in post #1066087:
> On Tue, Jun 26, 2012 at 2:18 PM, whiskybar <nginx-forum at nginx.us> wrote:
>> And btw, this is on Nginx 1.2 64bit (Ubuntu). Why is it happening?
>>
>
> ...there's no /var/index.html ?

root should be under location

-- 
Posted via http://www.ruby-forum.com/.


From lists at ruby-forum.com  Tue Jun 26 07:39:22 2012
From: lists at ruby-forum.com (shahzaib mushtaq)
Date: Tue, 26 Jun 2012 09:39:22 +0200
Subject: nginx flv pseudo stream not working
Message-ID: <17db34614dbcd7cd862441c1ad2443da@ruby-forum.com>

hello, i compile my nginx 0.9.4 --with-http_flv_module but flv psuedo
stream is not working but mp4 pseudo is working fine. I also added my
flv directive in nginx.conf file :-

Server {

location ~ \.flv$ {
  flv;
}

location /videos {
  root /usr/local/nginx/html;
  index index.php index.html;
  autoindex on;
}
}

I am struggling on it more than 3weeks.
Thats my log file for flv:-

"GET /videos/test3.flv?start=434343 HTTP/1.1" 206 34439 "-" "vlc/1.1.4
LibVLC/1.1.4"

-- 
Posted via http://www.ruby-forum.com/.


From nginx-forum at nginx.us  Tue Jun 26 07:47:30 2012
From: nginx-forum at nginx.us (whiskybar)
Date: Tue, 26 Jun 2012 03:47:30 -0400 (EDT)
Subject: try_files and index
In-Reply-To: <20120626073135.GX31671@mdounin.ru>
References: <20120626073135.GX31671@mdounin.ru>
Message-ID: <a68b35f67a79f703d0c2dee839adffba.NginxMailingListEnglish@forum.nginx.org>

> In your first configuration try_files is a nop, as
> it's defined at 
> server level and will be only used if request
> doesn't match any of 
> locations defined.

That explains it then. Thank you very much Maxim!

@Edho there was no /var/index.html because I was forcing a 404 in this
snippet.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227887,227915#msg-227915


From lists at ruby-forum.com  Tue Jun 26 08:30:32 2012
From: lists at ruby-forum.com (shahzaib mushtaq)
Date: Tue, 26 Jun 2012 10:30:32 +0200
Subject: Nginx 1.2.1 warning when using clang
In-Reply-To: <20120626070128.GU31671@mdounin.ru>
References: <CAM79QPUXx5=OVKOcGP9nah1bFujJNWz8AxaOPxnf05EnAsTy-w@mail.gmail.com>
	<20120626070128.GU31671@mdounin.ru>
Message-ID: <da7931593e19057d4019359711846d81@ruby-forum.com>

Maxim Dounin wrote in post #1066080:
> Hello!
>
> On Tue, Jun 26, 2012 at 11:53:26AM +0800, Wendal Chen wrote:
>
>>                                                                      ^
>> end of an array (that contains 3 elements) [-Warray-bounds]
> [...]
>
> This looks like glibc problem.
>
> Maxim Dounin

hey dude , can you help me on nginx flv module ? 
www.ruby-forum.com/topic/4403230#new , will be really thankfull to you

-- 
Posted via http://www.ruby-forum.com/.


From nginx-forum at nginx.us  Tue Jun 26 08:35:15 2012
From: nginx-forum at nginx.us (coombesy)
Date: Tue, 26 Jun 2012 04:35:15 -0400 (EDT)
Subject: $host includes port for reverse proxy
Message-ID: <944017e8808a64f4824087634eff16c4.NginxMailingListEnglish@forum.nginx.org>

I am trying to run a data server behind nginx by using a reverse proxy.
My problem is that the host name received by my application contains the
port of the proxied server not the port of the initial request i.e. a
request to http://myserver/dataserver is forwarded to /dataserver:30084
but my appliaction gets myserver:30084 instead of myserver. It is a
requirement that I know the port of the original request so as to be
able to operate on a port other than 80. As it stands I am having to
programatically remove the port.

This is part of my nginx.conf:

    server {
        listen       80;
        server_name  localhost;

        location / {
            root   html;
            index  example.html example.htm;
        }

        location /dataserver {
            proxy_pass http://localhost:30084/dataserver;
            proxy_set_header Host $host;
        }

Any help would be appreciated.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227919,227919#msg-227919


From nginx-forum at nginx.us  Tue Jun 26 09:34:10 2012
From: nginx-forum at nginx.us (n1xman)
Date: Tue, 26 Jun 2012 05:34:10 -0400 (EDT)
Subject: healthcheck_nginx_upstreams patch fails for Nginx 1.2.1
In-Reply-To: <zarafa.4fcf55b2.1ebd.0719361e620ae004@mail.openindex.io>
References: <zarafa.4fcf55b2.1ebd.0719361e620ae004@mail.openindex.io>
Message-ID: <baf0ab2da84a6decae21878228233d46.NginxMailingListEnglish@forum.nginx.org>

Hi ???,

Yes, I have already compiled and it is work fine with the patch.

Thanks for the module and we can live with this.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227279,227920#msg-227920


From nginx-forum at nginx.us  Tue Jun 26 09:39:40 2012
From: nginx-forum at nginx.us (shahzaib1232)
Date: Tue, 26 Jun 2012 05:39:40 -0400 (EDT)
Subject: healthcheck_nginx_upstreams patch fails for Nginx 1.2.1
In-Reply-To: <baf0ab2da84a6decae21878228233d46.NginxMailingListEnglish@forum.nginx.org>
References: <zarafa.4fcf55b2.1ebd.0719361e620ae004@mail.openindex.io>
	<baf0ab2da84a6decae21878228233d46.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <aba0cc884f237e8a46f08ab4c068045e.NginxMailingListEnglish@forum.nginx.org>

i've compiled nginx 1.2 --with-http_flv_module and add its directive on
nginx.conf file, but looks like flv module is broken? can anyone give me
link for patch ? thanks

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227279,227922#msg-227922


From lists at ruby-forum.com  Tue Jun 26 09:45:43 2012
From: lists at ruby-forum.com (shahzaib mushtaq)
Date: Tue, 26 Jun 2012 11:45:43 +0200
Subject: problem with flv
In-Reply-To: <b4c4f4860901041127k74b5e3b0pe2a491a0481b10fd@mail.gmail.com>
References: <614cbaf0901030924k55ccf55di8349770c6c025402@mail.gmail.com>
	<55da14450901040347g131ca2e5w640a120b62d4718a@mail.gmail.com>
	<614cbaf0901041112q4315d6a0i601a66310798b167@mail.gmail.com>
	<b4c4f4860901041127k74b5e3b0pe2a491a0481b10fd@mail.gmail.com>
Message-ID: <b2e4abfd8e611fb4db14a4bf30474aea@ruby-forum.com>

Ed wrote in post #765737:
> what player are you using? If your running flowplayer I can paste the
> correct start querry.
dude i am using flowplayer with same problem can you paste query for it 
?

-- 
Posted via http://www.ruby-forum.com/.


From mdounin at mdounin.ru  Tue Jun 26 10:02:33 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 26 Jun 2012 14:02:33 +0400
Subject: healthcheck_nginx_upstreams patch fails for Nginx 1.2.1
In-Reply-To: <aba0cc884f237e8a46f08ab4c068045e.NginxMailingListEnglish@forum.nginx.org>
References: <zarafa.4fcf55b2.1ebd.0719361e620ae004@mail.openindex.io>
	<baf0ab2da84a6decae21878228233d46.NginxMailingListEnglish@forum.nginx.org>
	<aba0cc884f237e8a46f08ab4c068045e.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120626100233.GC31671@mdounin.ru>

Hello!

On Tue, Jun 26, 2012 at 05:39:40AM -0400, shahzaib1232 wrote:

> i've compiled nginx 1.2 --with-http_flv_module and add its directive on
> nginx.conf file, but looks like flv module is broken? can anyone give me
> link for patch ? thanks

Please stop polluting unrelated threads.  Thank you.

Maxim Dounin


From markus.jelsma at openindex.io  Tue Jun 26 11:33:55 2012
From: markus.jelsma at openindex.io (=?utf-8?Q?Markus_Jelsma?=)
Date: Tue, 26 Jun 2012 11:33:55 +0000
Subject: SSI and expires header
In-Reply-To: <zarafa.4fe871ea.331c.4342a6fc037d7b16@mail.openindex.io>
References: <zarafa.4fe871ea.331c.4342a6fc037d7b16@mail.openindex.io>
Message-ID: <zarafa.4fe99e23.4ccd.403df7a14da0112d@mail.openindex.io>

We also tried using the Nginx sub module but this module as well strips away any Last-Modified header, even when we force the Last-Modified header with headers more using a perl_set subroutine returning the proper date.

Any suggestions are very welcome :)
Markus

 
 
-----Original message-----
> From:Markus Jelsma <markus.jelsma at openindex.io>
> Sent: Mon 25-Jun-2012 16:13
> To: nginx at nginx.org
> Subject: SSI and expires header
> 
> Hello,
> 
> We use SSI for serving a specific file but we want it to be cached by the clients for a few hours. We know SSI removes the Expires header set by the standard headers module so we wrote a small perl_set sub that returns a proper HTTP expires date in the future which we set using the headers_more module. Testing via curl -i returns and checking in the browser confirms the Expires header is set correctly. We also output a Cache-Control header. 
> 
> The browser, however, doesn't seem to cache the object so we must do something wrong here. I assume we also need a LastModified header but how can we force to send that header while SSI is on? 
> 
> Thanks,
> Markus
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
> 


From mdounin at mdounin.ru  Tue Jun 26 14:00:24 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 26 Jun 2012 18:00:24 +0400
Subject: nginx-1.3.2
Message-ID: <20120626140023.GJ31671@mdounin.ru>

Changes with nginx 1.3.2                                         26 Jun 2012

    *) Change: the "single" parameter of the "keepalive" directive is now
       ignored.

    *) Change: SSL compression is now disabled when using all versions of
       OpenSSL, including ones prior to 1.0.0.

    *) Feature: it is now possible to use the "ip_hash" directive to balance
       IPv6 clients.

    *) Feature: the $status variable can now be used not only in the
       "log_format" directive.

    *) Bugfix: a segmentation fault might occur in a worker process on
       shutdown if the "resolver" directive was used.

    *) Bugfix: a segmentation fault might occur in a worker process if the
       ngx_http_mp4_module was used.

    *) Bugfix: in the ngx_http_mp4_module.

    *) Bugfix: a segmentation fault might occur in a worker process if
       conflicting wildcard server names were used.

    *) Bugfix: nginx might be terminated abnormally on a SIGBUS signal on
       ARM platform.

    *) Bugfix: an alert "sendmsg() failed (9: Bad file number)" on HP-UX
       while reconfiguration.


Maxim Dounin


From nginx-forum at nginx.us  Tue Jun 26 14:14:43 2012
From: nginx-forum at nginx.us (n1xman)
Date: Tue, 26 Jun 2012 10:14:43 -0400 (EDT)
Subject: nginx-sticky & nginx_http_upstream_check modules not working together
Message-ID: <ec1e8dadfc770c5b59dc45557e0f95d8.NginxMailingListEnglish@forum.nginx.org>

Hi,

We use nginx-sticky-module for session persistence and we planned to use
nginx_http_upstream_check_module for to check the upstream service
health.

Scenario: We expect nginx_http_upstream_check_module to check the
service (return 2xx|3xx) and take it out from the upstream pool if the
"service" is not responsive. And nginx-sticky should respect the
decision taken by nginx_http_upstream and start new session to available
upstream server. However, the upstream server is up with the service
port; only the content not being served.

The problem in this scenario, Nginx continue to serve the failed
upstream server until we shutdown the upstream service port. Note that
http_upstream module status page indicates the respective service is
down upon I glitch the service.

I think nginx-sticky got the previous cookie and found the peer match
which is the failed server and continue to maintain the previous
session. If I shutdown the server/port, then sticky tries available
peers and create a new session with available upstream server.

What we need is nginx-sticky module to respect the decision taken by the
nginx_http_upstream module as the priority is "service" availability not
just the "server and port" availability. We run jboss on upstream
servers and the probability is very high the service is malfunction but
the jboss server is up. These two modules are working fine
individually.

Here is the configuration I have tried. We really need your support on
possible configuration options to get this two modules work together.

upstream cluster {
  sticky;
  server 192.168.0.61:8081;
  server 192.168.0.61:8082;
        check interval=3000 rise=2 fall=5 timeout=1000 type=http;
        check_http_send "GET /keepalive.html HTTP/1.0\r\n\r\n";
        check_http_expect_alive http_2xx http_3xx;
}

server {
    listen       80;
    server_name  localhost;

    access_log /var/log/nginx/access.log main;
    error_log /var/log/nginx/error.log warn;

location /stat {
    check_status;
}

 location /test {
        proxy_pass http://cluster/service1/test.html;
        error_log /var/log/nginx/error.log debug;
        }

Here is my nginx version:

nginx version: nginx/1.2.1-1
built by gcc 4.1.2 20080704 (Red Hat 4.1.2-48)
TLS SNI support disabled
configure arguments: --prefix=/etc/nginx/ --sbin-path=/usr/sbin/nginx
--conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error.log
--http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid
--lock-path=/var/run/nginx.lock
--http-client-body-temp-path=/var/cache/nginx/client_temp
--http-proxy-temp-path=/var/cache/nginx/proxy_temp
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp
--http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx
--group=nginx --with-http_ssl_module --with-http_realip_module
--with-http_addition_module --with-http_sub_module
--with-http_dav_module --with-http_flv_module --with-http_mp4_module
--with-http_gzip_static_module --with-http_random_index_module
--with-http_secure_link_module --with-http_stub_status_module
--with-mail_ssl_module --with-file-aio --with-debug --with-cc-opt='-O2
-g -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables'
--without-http_uwsgi_module --without-http_scgi_module
--without-mail_pop3_module --without-mail_imap_module
--without-mail_smtp_module
--add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/simpl-ngx_devel_kit-24202b4
--add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-echo-nginx-module-080c0a1
--add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-set-misc-nginx-module-87d0ab2
--add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/mikewest-nginx-static-etags-25bfaf9
--add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/nginx-sticky-module-1.0
--add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-memc-nginx-module-8befc56
--add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-srcache-nginx-module-8df221e
--add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/yaoweibin-nginx_upstream_check_module-dfee401

uname -rop
2.6.18-194.el5PAE i686 GNU/Linux

cat /etc/redhat-release
Red Hat Enterprise Linux Server release 5.5 (Tikanga)

debug logs:
service down, service port still up - http://pastebin.com/S9wJFkmR
service down, service port down- http://pastebin.com/HSjMMs75

Thanks in advance.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227937,227937#msg-227937


From jerome at loyet.net  Tue Jun 26 14:25:46 2012
From: jerome at loyet.net (=?ISO-8859-1?B?Suly9G1lIExveWV0?=)
Date: Tue, 26 Jun 2012 16:25:46 +0200
Subject: nginx-sticky & nginx_http_upstream_check modules not working
	together
In-Reply-To: <ec1e8dadfc770c5b59dc45557e0f95d8.NginxMailingListEnglish@forum.nginx.org>
References: <ec1e8dadfc770c5b59dc45557e0f95d8.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAFK6my6KkOtC5O9-rzj_UpEmaW1pJY9WTuwf+9RJ69orthsQAw@mail.gmail.com>

2012/6/26 n1xman <nginx-forum at nginx.us>
>
> Hi,
>
> We use nginx-sticky-module for session persistence and we planned to use
> nginx_http_upstream_check_module for to check the upstream service
> health.
>
> Scenario: We expect nginx_http_upstream_check_module to check the
> service (return 2xx|3xx) and take it out from the upstream pool if the
> "service" is not responsive. And nginx-sticky should respect the
> decision taken by nginx_http_upstream and start new session to available
> upstream server. However, the upstream server is up with the service
> port; only the content not being served.
>
> The problem in this scenario, Nginx continue to serve the failed
> upstream server until we shutdown the upstream service port. Note that
> http_upstream module status page indicates the respective service is
> down upon I glitch the service.
>
> I think nginx-sticky got the previous cookie and found the peer match
> which is the failed server and continue to maintain the previous
> session. If I shutdown the server/port, then sticky tries available
> peers and create a new session with available upstream server.
>
> What we need is nginx-sticky module to respect the decision taken by the
> nginx_http_upstream module as the priority is "service" availability not
> just the "server and port" availability. We run jboss on upstream
> servers and the probability is very high the service is malfunction but
> the jboss server is up. These two modules are working fine
> individually.
>
> Here is the configuration I have tried. We really need your support on
> possible configuration options to get this two modules work together.
>
> upstream cluster {
> ?sticky;
> ?server 192.168.0.61:8081;
> ?server 192.168.0.61:8082;
> ? ? ? ?check interval=3000 rise=2 fall=5 timeout=1000 type=http;
> ? ? ? ?check_http_send "GET /keepalive.html HTTP/1.0\r\n\r\n";
> ? ? ? ?check_http_expect_alive http_2xx http_3xx;
> }
>
> server {
> ? ?listen ? ? ? 80;
> ? ?server_name ?localhost;
>
> ? ?access_log /var/log/nginx/access.log main;
> ? ?error_log /var/log/nginx/error.log warn;
>
> location /stat {
> ? ?check_status;
> }
>
> ?location /test {
> ? ? ? ?proxy_pass http://cluster/service1/test.html;
> ? ? ? ?error_log /var/log/nginx/error.log debug;
> ? ? ? ?}
>
> Here is my nginx version:
>
> nginx version: nginx/1.2.1-1
> built by gcc 4.1.2 20080704 (Red Hat 4.1.2-48)
> TLS SNI support disabled
> configure arguments: --prefix=/etc/nginx/ --sbin-path=/usr/sbin/nginx
> --conf-path=/etc/nginx/nginx.conf
> --error-log-path=/var/log/nginx/error.log
> --http-log-path=/var/log/nginx/access.log --pid-path=/var/run/nginx.pid
> --lock-path=/var/run/nginx.lock
> --http-client-body-temp-path=/var/cache/nginx/client_temp
> --http-proxy-temp-path=/var/cache/nginx/proxy_temp
> --http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp
> --http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp
> --http-scgi-temp-path=/var/cache/nginx/scgi_temp --user=nginx
> --group=nginx --with-http_ssl_module --with-http_realip_module
> --with-http_addition_module --with-http_sub_module
> --with-http_dav_module --with-http_flv_module --with-http_mp4_module
> --with-http_gzip_static_module --with-http_random_index_module
> --with-http_secure_link_module --with-http_stub_status_module
> --with-mail_ssl_module --with-file-aio --with-debug --with-cc-opt='-O2
> -g -m32 -march=i386 -mtune=generic -fasynchronous-unwind-tables'
> --without-http_uwsgi_module --without-http_scgi_module
> --without-mail_pop3_module --without-mail_imap_module
> --without-mail_smtp_module
>
> --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/simpl-ngx_devel_kit-24202b4
>
> --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-echo-nginx-module-080c0a1
>
> --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-set-misc-nginx-module-87d0ab2
>
> --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/mikewest-nginx-static-etags-25bfaf9
>
> --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/nginx-sticky-module-1.0
>
> --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-memc-nginx-module-8befc56
>
> --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/agentzh-srcache-nginx-module-8df221e
>
> --add-module=/usr/local/hirantha/rpmbuild/BUILD/nginx-1.2.1/contrib/yaoweibin-nginx_upstream_check_module-dfee401
>
> uname -rop
> 2.6.18-194.el5PAE i686 GNU/Linux
>
> cat /etc/redhat-release
> Red Hat Enterprise Linux Server release 5.5 (Tikanga)
>
> debug logs:
> service down, service port still up - http://pastebin.com/S9wJFkmR
> service down, service port down- http://pastebin.com/HSjMMs75
>
> Thanks in advance.

Hi,

can you please open a bug report about the sticky module
(http://code.google.com/p/nginx-sticky-module/). I'll look into it (no
ETA as i'm away for vacations these days).

++ Jerome

>
> Posted at Nginx Forum:
> http://forum.nginx.org/read.php?2,227937,227937#msg-227937
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From nginx-forum at nginx.us  Tue Jun 26 16:34:01 2012
From: nginx-forum at nginx.us (bp1000)
Date: Tue, 26 Jun 2012 12:34:01 -0400 (EDT)
Subject: Help me test and verify my config
In-Reply-To: <cccb7dbe83f94b3ee98ae4b79e066fc3.NginxMailingListEnglish@forum.nginx.org>
References: <cccb7dbe83f94b3ee98ae4b79e066fc3.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <9d89f3f4fe2466c56b7d1741a08fd6b3.NginxMailingListEnglish@forum.nginx.org>

Yes, i just wanted an expert opinion on verifying my parameters 

I felt it necessary to explain the application, environment and
parameters. 


Just as a follow up; i found that the pm = dynamic config i was using
whilst serving OK for visitor, it seemed to be using twice the
processing that a pm = static used up. 

So i have switched to an entirely static allocation. 


I projected that each child process consumes about 50Mb with overheads
and therefore allocated 40 child processes for php5-fpm 

So far so good. 

I'm still getting connection reset by peer but i'm 99% sure this is
people who click back or stop the load before the page finishes. As we
get over 100k searches per day, 10-15 connection reset by peer errors
are fine. 


The only thing is, only 50% of my memory is being used so maybe i can
allocate more somewhere.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227820,227943#msg-227943


From jamesmikedupont at googlemail.com  Tue Jun 26 19:43:28 2012
From: jamesmikedupont at googlemail.com (Mike Dupont)
Date: Tue, 26 Jun 2012 19:43:28 +0000
Subject: Help me test and verify my config
In-Reply-To: <9d89f3f4fe2466c56b7d1741a08fd6b3.NginxMailingListEnglish@forum.nginx.org>
References: <cccb7dbe83f94b3ee98ae4b79e066fc3.NginxMailingListEnglish@forum.nginx.org>
	<9d89f3f4fe2466c56b7d1741a08fd6b3.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAF0qKV11tA8U9Z9=k716GDcA3md6pRaWrGw1QNMWyy7H-5A5MA@mail.gmail.com>

may i suggest http://www.catb.org/~esr/faqs/smart-questions.html

On Tue, Jun 26, 2012 at 4:34 PM, bp1000 <nginx-forum at nginx.us> wrote:
> Yes, i just wanted an expert opinion on verifying my parameters
>
> I felt it necessary to explain the application, environment and
> parameters.
>
>
> Just as a follow up; i found that the pm = dynamic config i was using
> whilst serving OK for visitor, it seemed to be using twice the
> processing that a pm = static used up.
>
> So i have switched to an entirely static allocation.
>
>
> I projected that each child process consumes about 50Mb with overheads
> and therefore allocated 40 child processes for php5-fpm
>
> So far so good.
>
> I'm still getting connection reset by peer but i'm 99% sure this is
> people who click back or stop the load before the page finishes. As we
> get over 100k searches per day, 10-15 connection reset by peer errors
> are fine.
>
>
> The only thing is, only 50% of my memory is being used so maybe i can
> allocate more somewhere.
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227820,227943#msg-227943
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx



-- 
James Michael DuPont
Member of Free Libre Open Source Software Kosova http://flossk.org
Contributor FOSM, the CC-BY-SA map of the world http://fosm.org
Mozilla Rep https://reps.mozilla.org/u/h4ck3rm1k3


From nginx-forum at nginx.us  Tue Jun 26 20:00:09 2012
From: nginx-forum at nginx.us (n1xman)
Date: Tue, 26 Jun 2012 16:00:09 -0400 (EDT)
Subject: nginx-sticky & nginx_http_upstream_check modules not working
	together
In-Reply-To: <ec1e8dadfc770c5b59dc45557e0f95d8.NginxMailingListEnglish@forum.nginx.org>
References: <ec1e8dadfc770c5b59dc45557e0f95d8.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <6d652318b5840d5b19c033a539f9677d.NginxMailingListEnglish@forum.nginx.org>

Thanks Jerome,

We will hold the nginx_http_upstream_check module until resolve this.
This module is really important for us as we use multiple Cometd
instances successfully. The only issue is sometimes the Cometd service
is not functional but the jboss port is listing. 

http://code.google.com/p/nginx-sticky-module/issues/detail?id=22

Thanks in advance

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227937,227959#msg-227959


From nginx-forum at nginx.us  Wed Jun 27 02:24:11 2012
From: nginx-forum at nginx.us (paphillon)
Date: Tue, 26 Jun 2012 22:24:11 -0400 (EDT)
Subject: --with-debug compile option
Message-ID: <2f7f4e9fe44527e2a573cb16e2984b41.NginxMailingListEnglish@forum.nginx.org>

Hi,

I need to compile Nginx with --with-debug option.

Will there be any performance implications if I have this flag set but
NOT set the error log to debug_* when I don't want to debug or
troubleshoot any issue?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227963,227963#msg-227963


From ru at nginx.com  Wed Jun 27 03:06:20 2012
From: ru at nginx.com (Ruslan Ermilov)
Date: Wed, 27 Jun 2012 07:06:20 +0400
Subject: --with-debug compile option
In-Reply-To: <2f7f4e9fe44527e2a573cb16e2984b41.NginxMailingListEnglish@forum.nginx.org>
References: <2f7f4e9fe44527e2a573cb16e2984b41.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120627030620.GA1536@lo0.su>

On Tue, Jun 26, 2012 at 10:24:11PM -0400, paphillon wrote:
> I need to compile Nginx with --with-debug option.
> 
> Will there be any performance implications if I have this flag set but
> NOT set the error log to debug_* when I don't want to debug or
> troubleshoot any issue?

No.  Using http://nginx.org/r/debug_connection is also worth considering.


From nginx-forum at nginx.us  Wed Jun 27 03:38:11 2012
From: nginx-forum at nginx.us (paphillon)
Date: Tue, 26 Jun 2012 23:38:11 -0400 (EDT)
Subject: Intermittent 400 error code -client sent invalid method while reading
	client request line, 
Message-ID: <179ef5fd41da0c2ab6814ff926186b61.NginxMailingListEnglish@forum.nginx.org>

In our setup we have a client that makes some web services calls to the
back end with nginx as a proxy in between.

Most of the time it is successful 99%  but 1% calls are dropped and the
client reports the error. On retry the operation goes through fine, no
other change is requried.

The client is on a hosted environment, so getting detailed logs from
client is bit hard.

(Client Error) --- Error: unable to send request to :
https://proxt.nginx.host.url. Server response:
System.HttpResponse[Status=null, StatusCode=-1]

Nginx captures the below in the default server error log. Interestingly
no access / error log is written for the virtual host that is suppose to
handle the request.

2012/06/26 20:22:55 [debug] 32536#0: *305 http check ssl handshake
2012/06/26 20:22:55 [debug] 32536#0: *305 https ssl handshake: 0x16
2012/06/26 20:22:55 [debug] 32536#0: *305 http process request line
2012/06/26 20:22:55 [debug] 32536#0: *305 http process request line
2012/06/26 20:22:55 [info] 32536#0: *305 client sent invalid method
while reading client request line, client: 96.43.x.x, server: , request:
"User-Agent: Java/1.6.0_21"
2012/06/26 20:22:55 [debug] 32536#0: *305 http finalize request: 400,
"?" a:1, c:1
2012/06/26 20:22:55 [debug] 32536#0: *305 http special response: 400,
"?"
2012/06/26 20:22:55 [debug] 32536#0: *305 http set discard body
2012/06/26 20:22:55 [debug] 32536#0: *305 headers more header filter,
uri ""
2012/06/26 20:22:55 [debug] 32536#0: *305 http output filter "?"
2012/06/26 20:22:55 [debug] 32536#0: *305 http copy filter: "?"
2012/06/26 20:22:55 [debug] 32536#0: *305 http postpone filter "?"
000000001C39D958
2012/06/26 20:22:55 [debug] 32536#0: *305 http write filter: l:1 f:0
s:166
2012/06/26 20:22:55 [debug] 32536#0: *305 http write filter limit 0
2012/06/26 20:22:55 [debug] 32536#0: *305 http write filter
0000000000000000
2012/06/26 20:22:55 [debug] 32536#0: *305 http copy filter: 0 "?"
2012/06/26 20:22:55 [debug] 32536#0: *305 http finalize request: 0, "?"
a:1, c:1
2012/06/26 20:22:55 [debug] 32536#0: *305 http lingering close handler
2012/06/26 20:22:55 [debug] 32536#0: *305 lingering read: 0
2012/06/26 20:22:55 [debug] 32536#0: *305 http request count:1 blk:0
2012/06/26 20:22:55 [debug] 32536#0: *305 http close request
2012/06/26 20:22:55 [debug] 32536#0: *305 http log handler
2012/06/26 20:22:55 [debug] 32536#0: *305 close http connection: 10

Any pointers?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227966,227966#msg-227966


From nginx-forum at nginx.us  Wed Jun 27 03:52:09 2012
From: nginx-forum at nginx.us (tonny.young)
Date: Tue, 26 Jun 2012 23:52:09 -0400 (EDT)
Subject: modify and reload Nginx's config  from webpage?
Message-ID: <c96bc530266c5aaa24222188329a73b1.NginxMailingListEnglish@forum.nginx.org>

I think it would be more convenient to manage Nginx from webpage than
command line.Any suggesions?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227967,227967#msg-227967


From nginx-forum at nginx.us  Wed Jun 27 03:59:35 2012
From: nginx-forum at nginx.us (tonny.young)
Date: Tue, 26 Jun 2012 23:59:35 -0400 (EDT)
Subject: custom Nginx module memleaks problem
In-Reply-To: <CAB4Tn6Nbx9W=K4hA_1qua3U2jz_OsZwuFLJH2Tj5uBiks5EJNQ@mail.gmail.com>
References: <CAB4Tn6Nbx9W=K4hA_1qua3U2jz_OsZwuFLJH2Tj5uBiks5EJNQ@mail.gmail.com>
Message-ID: <f57137700e4076b328be2bcfb251374d.NginxMailingListEnglish@forum.nginx.org>

agentzh Wrote:
-------------------------------------------------------
> Hello!
> 
> On Mon, Jun 25, 2012 at 8:36 AM, tonny.young
> <nginx-forum at nginx.us> wrote:
> > Thanks for the suggestions.Can you explain me
> ?how my module "blocks"?
> >
> 
> All your memcached related calls from within your
> content handler will
> block your nginx worker processes from serving
> other concurrent
> requests, which essentially turns your nginx
> server into something
> like Apache's prefork mpm.
> 
> Regards,
> -agentzh
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

Thanks for the explain.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227746,227968#msg-227968


From r at roze.lv  Wed Jun 27 05:25:47 2012
From: r at roze.lv (Reinis Rozitis)
Date: Wed, 27 Jun 2012 08:25:47 +0300
Subject: modify and reload Nginx's config  from webpage?
In-Reply-To: <c96bc530266c5aaa24222188329a73b1.NginxMailingListEnglish@forum.nginx.org>
References: <c96bc530266c5aaa24222188329a73b1.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <5DBD4451B750436AA43526BF43A6AA15@DD21>

> I think it would be more convenient to manage Nginx from webpage than command line.Any suggesions?

You can manage this with pretty any scripting language (php/lua/perl etc) ..

rr


From agentzh at gmail.com  Wed Jun 27 06:20:15 2012
From: agentzh at gmail.com (agentzh)
Date: Wed, 27 Jun 2012 14:20:15 +0800
Subject: --with-debug compile option
In-Reply-To: <2f7f4e9fe44527e2a573cb16e2984b41.NginxMailingListEnglish@forum.nginx.org>
References: <2f7f4e9fe44527e2a573cb16e2984b41.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAB4Tn6Oii2kGBFtM=hG8a=1DV1rw9EnmguyU6VfCNvr4cJZUUg@mail.gmail.com>

Hello!

On Wed, Jun 27, 2012 at 10:24 AM, paphillon <nginx-forum at nginx.us> wrote:
> I need to compile Nginx with --with-debug option.
>
> Will there be any performance implications if I have this flag set but
> NOT set the error log to debug_* when I don't want to debug or
> troubleshoot any issue?
>

Even though the current error log level is set higher than "debug",
there will still be C function call overhead for all those
ngx_log_debugN calls.

Also, both the nginx core and lots of 3rd-party modules have chunks of
debugging code protected by the "#if (NGX_DEBUG)" and "#endif" C
macros, which won't get even compiled when --with-debug is not
specified. Generally speaking, more code compiled (and run) means more
bugs. I can catch issues in the debugging code from time to time.

We usually do not use nginx builds with --with-debug in production
environments but we also prepare a separate debugging build at the
same time.

Best regards,
-agentzh


From f.bonnet at esiee.fr  Wed Jun 27 06:32:47 2012
From: f.bonnet at esiee.fr (Frank Bonnet)
Date: Wed, 27 Jun 2012 08:32:47 +0200
Subject: nginx-1.3.2
In-Reply-To: <20120626140023.GJ31671@mdounin.ru>
References: <20120626140023.GJ31671@mdounin.ru>
Message-ID: <4FEAA90F.9020303@esiee.fr>


CYBERDROID Inc.
Hello

Does it works well with php-fpm ? I plan to use it on a 
dovecot2/roudcube production server
with approx 2000 simultaneous users  FreeBSD 7.4 64 bit / HP proliant 380

Thanks a lot

Le 26/06/2012 16:00, Maxim Dounin a ?crit :
> Changes with nginx 1.3.2                                         26 Jun 2012
>
>      *) Change: the "single" parameter of the "keepalive" directive is now
>         ignored.
>
>      *) Change: SSL compression is now disabled when using all versions of
>         OpenSSL, including ones prior to 1.0.0.
>
>      *) Feature: it is now possible to use the "ip_hash" directive to balance
>         IPv6 clients.
>
>      *) Feature: the $status variable can now be used not only in the
>         "log_format" directive.
>
>      *) Bugfix: a segmentation fault might occur in a worker process on
>         shutdown if the "resolver" directive was used.
>
>      *) Bugfix: a segmentation fault might occur in a worker process if the
>         ngx_http_mp4_module was used.
>
>      *) Bugfix: in the ngx_http_mp4_module.
>
>      *) Bugfix: a segmentation fault might occur in a worker process if
>         conflicting wildcard server names were used.
>
>      *) Bugfix: nginx might be terminated abnormally on a SIGBUS signal on
>         ARM platform.
>
>      *) Bugfix: an alert "sendmsg() failed (9: Bad file number)" on HP-UX
>         while reconfiguration.
>
>
> Maxim Dounin
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120627/a8fa67c5/attachment.html>

From r at roze.lv  Wed Jun 27 06:40:08 2012
From: r at roze.lv (Reinis Rozitis)
Date: Wed, 27 Jun 2012 09:40:08 +0300
Subject: nginx-1.3.2
In-Reply-To: <4FEAA90F.9020303@esiee.fr>
References: <20120626140023.GJ31671@mdounin.ru> <4FEAA90F.9020303@esiee.fr>
Message-ID: <0B439312FD9E450ABFA31B24CB7C8BCF@DD21>

CYBERDROID Inc.> Does it works well with php-fpm ? I plan to use it on a dovecot2/roudcube production server with approx 2000 
simultaneous users  FreeBSD 7.4 64 bit / HP proliant 380

It works well also with 20k and 200k simultaneous users, but it?s rarely the webserver itself being the bottleneck (or resource hog) 
more likely php in this case.

rr 


From f.bonnet at esiee.fr  Wed Jun 27 07:06:42 2012
From: f.bonnet at esiee.fr (Frank Bonnet)
Date: Wed, 27 Jun 2012 09:06:42 +0200
Subject: nginx-1.3.2
In-Reply-To: <0B439312FD9E450ABFA31B24CB7C8BCF@DD21>
References: <20120626140023.GJ31671@mdounin.ru> <4FEAA90F.9020303@esiee.fr>
	<0B439312FD9E450ABFA31B24CB7C8BCF@DD21>
Message-ID: <4FEAB102.7060100@esiee.fr>


CYBERDROID Inc.

Le 27/06/2012 08:40, Reinis Rozitis a ?crit :
> CYBERDROID Inc.> Does it works well with php-fpm ? I plan to use it on 
> a dovecot2/roudcube production server with approx 2000 simultaneous 
> users  FreeBSD 7.4 64 bit / HP proliant 380
>
> It works well also with 20k and 200k simultaneous users, but it?s 
> rarely the webserver itself being the bottleneck (or resource hog) 
> more likely php in this case.

Yes of course but I've read few weeks ago there were troubles between a 
version
of nginx and php-fpm. That is the reason of my question on this version.

Kind regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120627/c7860668/attachment-0001.html>

From ru at nginx.com  Wed Jun 27 07:44:05 2012
From: ru at nginx.com (Ruslan Ermilov)
Date: Wed, 27 Jun 2012 11:44:05 +0400
Subject: --with-debug compile option
In-Reply-To: <CAB4Tn6Oii2kGBFtM=hG8a=1DV1rw9EnmguyU6VfCNvr4cJZUUg@mail.gmail.com>
References: <2f7f4e9fe44527e2a573cb16e2984b41.NginxMailingListEnglish@forum.nginx.org>
	<CAB4Tn6Oii2kGBFtM=hG8a=1DV1rw9EnmguyU6VfCNvr4cJZUUg@mail.gmail.com>
Message-ID: <20120627074405.GA70146@lo0.su>

On Wed, Jun 27, 2012 at 02:20:15PM +0800, agentzh wrote:
> Hello!
> 
> On Wed, Jun 27, 2012 at 10:24 AM, paphillon <nginx-forum at nginx.us> wrote:
> > I need to compile Nginx with --with-debug option.
> >
> > Will there be any performance implications if I have this flag set but
> > NOT set the error log to debug_* when I don't want to debug or
> > troubleshoot any issue?
> >
> 
> Even though the current error log level is set higher than "debug",
> there will still be C function call overhead for all those
> ngx_log_debugN calls.

These aren't functions but are macros that first check if log_level is
set for debugging, and they don't pessimize performance in any measurable
way.

> Also, both the nginx core and lots of 3rd-party modules have chunks of
> debugging code protected by the "#if (NGX_DEBUG)" and "#endif" C
> macros, which won't get even compiled when --with-debug is not
> specified.

The same holds true for ngx_log_debugN() macros.

> Generally speaking, more code compiled (and run) means more
> bugs. I can catch issues in the debugging code from time to time.

Most of these allocate some register/stack space, do some assignments,
and empty loop at worst.  Some of these can be optimized by first
checking if log_level was set for debugging (like is done in
ngx_select_process_events(), for example).  Still, think they don't
pessimize performance measurable.

(There's some debugging code in SSL that's not conditional on the
log_level to be set for debugging.)

> We usually do not use nginx builds with --with-debug in production
> environments but we also prepare a separate debugging build at the
> same time.


From mdounin at mdounin.ru  Wed Jun 27 07:49:59 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 27 Jun 2012 11:49:59 +0400
Subject: Intermittent 400 error code -client sent invalid method while
	reading client request line, 
In-Reply-To: <179ef5fd41da0c2ab6814ff926186b61.NginxMailingListEnglish@forum.nginx.org>
References: <179ef5fd41da0c2ab6814ff926186b61.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120627074958.GB31671@mdounin.ru>

Hello!

On Tue, Jun 26, 2012 at 11:38:11PM -0400, paphillon wrote:

> In our setup we have a client that makes some web services calls to the
> back end with nginx as a proxy in between.
> 
> Most of the time it is successful 99%  but 1% calls are dropped and the
> client reports the error. On retry the operation goes through fine, no
> other change is requried.
> 
> The client is on a hosted environment, so getting detailed logs from
> client is bit hard.
> 
> (Client Error) --- Error: unable to send request to :
> https://proxt.nginx.host.url. Server response:
> System.HttpResponse[Status=null, StatusCode=-1]
> 
> Nginx captures the below in the default server error log. Interestingly
> no access / error log is written for the virtual host that is suppose to
> handle the request.

As request is invalid and there is no Host header, it's not 
possible to match virtual host.  So no surpirse here.

> 2012/06/26 20:22:55 [debug] 32536#0: *305 http check ssl handshake
> 2012/06/26 20:22:55 [debug] 32536#0: *305 https ssl handshake: 0x16
> 2012/06/26 20:22:55 [debug] 32536#0: *305 http process request line
> 2012/06/26 20:22:55 [debug] 32536#0: *305 http process request line
> 2012/06/26 20:22:55 [info] 32536#0: *305 client sent invalid method
> while reading client request line, client: 96.43.x.x, server: , request:
> "User-Agent: Java/1.6.0_21"

It looks like client indeed failed to produce correct request, 
"User-Agent: Java/1.6.0_21" doesn't looks like valid one.

[...]

Maxim Dounin


From luky-37 at hotmail.com  Wed Jun 27 10:11:45 2012
From: luky-37 at hotmail.com (Lukas Tribus)
Date: Wed, 27 Jun 2012 12:11:45 +0200
Subject: nginx-1.3.2
In-Reply-To: <4FEAB102.7060100@esiee.fr>
References: <20120626140023.GJ31671@mdounin.ru>
	<4FEAA90F.9020303@esiee.fr>, <0B439312FD9E450ABFA31B24CB7C8BCF@DD21>,
	<4FEAB102.7060100@esiee.fr>
Message-ID: <DUB107-W32F64564BA845D9853DCA5EDE70@phx.gbl>


> Yes of course but I've read few weeks ago there were troubles between a?
> version?
> of nginx and php-fpm. That is the reason of my question on this version.??

You're probably referring to the "nginx 1.3.1 not PHP-FPM friendly" thread. You can ignore that, the problem wasn't nginx.

However you should probably consider using the stable version?1.2.1 instead of the development builds in 1.3.x.


 		 	   		  

From shahzaib.cb at gmail.com  Wed Jun 27 11:57:32 2012
From: shahzaib.cb at gmail.com (shahzaib shahzaib)
Date: Wed, 27 Jun 2012 16:57:32 +0500
Subject: nginx-1.3.2
In-Reply-To: <DUB107-W32F64564BA845D9853DCA5EDE70@phx.gbl>
References: <20120626140023.GJ31671@mdounin.ru> <4FEAA90F.9020303@esiee.fr>
	<0B439312FD9E450ABFA31B24CB7C8BCF@DD21> <4FEAB102.7060100@esiee.fr>
	<DUB107-W32F64564BA845D9853DCA5EDE70@phx.gbl>
Message-ID: <CAD3xhrPvCRVvjkjYM6LnGbnkj4e-KEXzzV1S081_ddotK129Ow@mail.gmail.com>

& i am having problem on using nginx-1.2.1 its flv module is broken :-(,
flv psuedo streaming is not working .

On Wed, Jun 27, 2012 at 3:11 PM, Lukas Tribus <luky-37 at hotmail.com> wrote:

>
> > Yes of course but I've read few weeks ago there were troubles between a
> > version
> > of nginx and php-fpm. That is the reason of my question on this
> version.
>
> You're probably referring to the "nginx 1.3.1 not PHP-FPM friendly"
> thread. You can ignore that, the problem wasn't nginx.
>
> However you should probably consider using the stable version 1.2.1
> instead of the development builds in 1.3.x.
>
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120627/5b59f88d/attachment.html>

From nginx-forum at nginx.us  Wed Jun 27 14:19:20 2012
From: nginx-forum at nginx.us (bp1000)
Date: Wed, 27 Jun 2012 10:19:20 -0400 (EDT)
Subject: Help me test and verify my config
In-Reply-To: <cccb7dbe83f94b3ee98ae4b79e066fc3.NginxMailingListEnglish@forum.nginx.org>
References: <cccb7dbe83f94b3ee98ae4b79e066fc3.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <295694e75236402c88a3a09bec71fe49.NginxMailingListEnglish@forum.nginx.org>

Mike, sure

I thought my post title was very clear; couldn't have been any clearer.


I guess i may as well have posted a dancing cat purely for entertainment
value. 

Perhaps my post wasn't that clear then. Fair enough. I had searched and
clawed over tonnes of information. In fact i spent quite a few hours
looking. However, it seems not 1 set of parameters is suitable for every
nginx + php5-fpm set up, which is sensible really. I'm not a natural
sysadmin and as it was the weekend my sysadmin was unavailable, probably
off geocaching or something. 

What i couldn't find is enough info on how to test and verify my chosen
config. Due to the volume of traffic and revenue involved i didnt want
it to be trial and error. I also wanted an expert eye cast over the
chosen params in case anything jumped out as obviously incorrect.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227820,227998#msg-227998


From mdounin at mdounin.ru  Wed Jun 27 14:28:05 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 27 Jun 2012 18:28:05 +0400
Subject: nginx-1.3.2
In-Reply-To: <CAD3xhrPvCRVvjkjYM6LnGbnkj4e-KEXzzV1S081_ddotK129Ow@mail.gmail.com>
References: <20120626140023.GJ31671@mdounin.ru> <4FEAA90F.9020303@esiee.fr>
	<0B439312FD9E450ABFA31B24CB7C8BCF@DD21> <4FEAB102.7060100@esiee.fr>
	<DUB107-W32F64564BA845D9853DCA5EDE70@phx.gbl>
	<CAD3xhrPvCRVvjkjYM6LnGbnkj4e-KEXzzV1S081_ddotK129Ow@mail.gmail.com>
Message-ID: <20120627142804.GF31671@mdounin.ru>

Hello!

On Wed, Jun 27, 2012 at 04:57:32PM +0500, shahzaib shahzaib wrote:

> & i am having problem on using nginx-1.2.1 its flv module is broken :-(,
> flv psuedo streaming is not working .

It's not broken, for sure.  You've just doing it wrong.  
Unfortunately you've failed to provide enough information to say 
what exactly you are doing wrong.

Maxim Dounin


From shahzaib.cb at gmail.com  Wed Jun 27 15:45:13 2012
From: shahzaib.cb at gmail.com (shahzaib shahzaib)
Date: Wed, 27 Jun 2012 20:45:13 +0500
Subject: nginx-1.3.2
In-Reply-To: <20120627142804.GF31671@mdounin.ru>
References: <20120626140023.GJ31671@mdounin.ru> <4FEAA90F.9020303@esiee.fr>
	<0B439312FD9E450ABFA31B24CB7C8BCF@DD21> <4FEAB102.7060100@esiee.fr>
	<DUB107-W32F64564BA845D9853DCA5EDE70@phx.gbl>
	<CAD3xhrPvCRVvjkjYM6LnGbnkj4e-KEXzzV1S081_ddotK129Ow@mail.gmail.com>
	<20120627142804.GF31671@mdounin.ru>
Message-ID: <CAD3xhrP6LBcy7g8Ws5w94J=WD-ivpzBOUF6dZ=i9+uAt9_O6uw@mail.gmail.com>

well, i've compiled my nginx 1.2.1 from this source
http://h264.code-shop.com/trac/wiki/Mod-H264-Streaming-Nginx-Version2 , add
aditional module --with-http_flv_module for pseudo stream and added flv
directive in nginx.conf file. But when i try to play video by
test.flv?start=343434 , player stucked & not play. Mp4 is working fine but
not flv.

On Wed, Jun 27, 2012 at 7:28 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:

> Hello!
>
> On Wed, Jun 27, 2012 at 04:57:32PM +0500, shahzaib shahzaib wrote:
>
> > & i am having problem on using nginx-1.2.1 its flv module is broken :-(,
> > flv psuedo streaming is not working .
>
> It's not broken, for sure.  You've just doing it wrong.
> Unfortunately you've failed to provide enough information to say
> what exactly you are doing wrong.
>
> Maxim Dounin
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120627/206b3406/attachment.html>

From mit at stagename.com  Wed Jun 27 16:12:15 2012
From: mit at stagename.com (Mit Rowe)
Date: Wed, 27 Jun 2012 12:12:15 -0400
Subject: FLV module issues (was Re: nginx-1.3.2)
Message-ID: <CAFWPQt68B6SY_b+6569K8UwwT4gF9asLGGzBvK3Z8t_n0Y5yfA@mail.gmail.com>

shahzaib,

those instructions are for incredibly old versions of things. Perhaps what
you're looking for is this module...

http://wiki.nginx.org/HttpFlvModule

and/or this one...

http://wiki.nginx.org/HttpMp4Module

both of which can be compiled into the most recent versions of nginx.

I also echo Maxim's advise that you use the nginx 1.2.x branch from
http://nginx.org/en/download.html as the 1.3.x branch is a development
version

Hope this helps,
Mit





On Wed, Jun 27, 2012 at 11:45 AM, shahzaib shahzaib
<shahzaib.cb at gmail.com>wrote:

> well, i've compiled my nginx 1.2.1 from this source
> http://h264.code-shop.com/trac/wiki/Mod-H264-Streaming-Nginx-Version2 ,
> add aditional module --with-http_flv_module for pseudo stream and added flv
> directive in nginx.conf file. But when i try to play video by
> test.flv?start=343434 , player stucked & not play. Mp4 is working fine but
> not flv.
>
>
> On Wed, Jun 27, 2012 at 7:28 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
>
>> Hello!
>>
>> On Wed, Jun 27, 2012 at 04:57:32PM +0500, shahzaib shahzaib wrote:
>>
>> > & i am having problem on using nginx-1.2.1 its flv module is broken :-(,
>> > flv psuedo streaming is not working .
>>
>> It's not broken, for sure.  You've just doing it wrong.
>> Unfortunately you've failed to provide enough information to say
>> what exactly you are doing wrong.
>>
>> Maxim Dounin
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>



-- 
Will 'Mit' Rowe
Stagename*
*1-866-326-3098
mit at stagename.com <josh at stagename.com>
www.stagename.com
Twitter: @stagename

*The information transmitted is intended only for the person or entity to
which it is addressed and may contain confidential and/or privileged
material. Any review, retransmission, dissemination or other use of this
information by persons or entities other than the intended recipient is
prohibited. If you received this transmission in error, please contact the
sender and delete all material contained herein from your computer.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120627/a08c3bcc/attachment.html>

From mdounin at mdounin.ru  Wed Jun 27 16:56:18 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 27 Jun 2012 20:56:18 +0400
Subject: nginx-1.3.2
In-Reply-To: <CAD3xhrP6LBcy7g8Ws5w94J=WD-ivpzBOUF6dZ=i9+uAt9_O6uw@mail.gmail.com>
References: <20120626140023.GJ31671@mdounin.ru> <4FEAA90F.9020303@esiee.fr>
	<0B439312FD9E450ABFA31B24CB7C8BCF@DD21> <4FEAB102.7060100@esiee.fr>
	<DUB107-W32F64564BA845D9853DCA5EDE70@phx.gbl>
	<CAD3xhrPvCRVvjkjYM6LnGbnkj4e-KEXzzV1S081_ddotK129Ow@mail.gmail.com>
	<20120627142804.GF31671@mdounin.ru>
	<CAD3xhrP6LBcy7g8Ws5w94J=WD-ivpzBOUF6dZ=i9+uAt9_O6uw@mail.gmail.com>
Message-ID: <20120627165617.GH31671@mdounin.ru>

Hello!

On Wed, Jun 27, 2012 at 08:45:13PM +0500, shahzaib shahzaib wrote:

> well, i've compiled my nginx 1.2.1 from this source
> http://h264.code-shop.com/trac/wiki/Mod-H264-Streaming-Nginx-Version2 , add
> aditional module --with-http_flv_module for pseudo stream and added flv
> directive in nginx.conf file. But when i try to play video by
> test.flv?start=343434 , player stucked & not play. Mp4 is working fine but
> not flv.

You can't seek to arbitrary byte position, you have to use 
byte position of a keyframe as available from flv metadata.

Maxim Dounin


From shahzaib.cb at gmail.com  Wed Jun 27 18:32:42 2012
From: shahzaib.cb at gmail.com (shahzaib shahzaib)
Date: Wed, 27 Jun 2012 23:32:42 +0500
Subject: nginx-1.3.2
In-Reply-To: <20120627165617.GH31671@mdounin.ru>
References: <20120626140023.GJ31671@mdounin.ru> <4FEAA90F.9020303@esiee.fr>
	<0B439312FD9E450ABFA31B24CB7C8BCF@DD21> <4FEAB102.7060100@esiee.fr>
	<DUB107-W32F64564BA845D9853DCA5EDE70@phx.gbl>
	<CAD3xhrPvCRVvjkjYM6LnGbnkj4e-KEXzzV1S081_ddotK129Ow@mail.gmail.com>
	<20120627142804.GF31671@mdounin.ru>
	<CAD3xhrP6LBcy7g8Ws5w94J=WD-ivpzBOUF6dZ=i9+uAt9_O6uw@mail.gmail.com>
	<20120627165617.GH31671@mdounin.ru>
Message-ID: <CAD3xhrO8UcCNs+jPW3oT8F9EOk2oQ6tdUsNXTp4QHfEWSDyXFw@mail.gmail.com>

can you explain a bit more please? how i am going to seek it? is it prefer
some specific bytes ?

On Wed, Jun 27, 2012 at 9:56 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:

> Hello!
>
> On Wed, Jun 27, 2012 at 08:45:13PM +0500, shahzaib shahzaib wrote:
>
> > well, i've compiled my nginx 1.2.1 from this source
> > http://h264.code-shop.com/trac/wiki/Mod-H264-Streaming-Nginx-Version2 ,
> add
> > aditional module --with-http_flv_module for pseudo stream and added flv
> > directive in nginx.conf file. But when i try to play video by
> > test.flv?start=343434 , player stucked & not play. Mp4 is working fine
> but
> > not flv.
>
> You can't seek to arbitrary byte position, you have to use
> byte position of a keyframe as available from flv metadata.
>
> Maxim Dounin
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120627/b85cb8cd/attachment.html>

From shahzaib.cb at gmail.com  Wed Jun 27 18:47:22 2012
From: shahzaib.cb at gmail.com (shahzaib shahzaib)
Date: Wed, 27 Jun 2012 23:47:22 +0500
Subject: nginx-1.3.2
In-Reply-To: <CAD3xhrO8UcCNs+jPW3oT8F9EOk2oQ6tdUsNXTp4QHfEWSDyXFw@mail.gmail.com>
References: <20120626140023.GJ31671@mdounin.ru> <4FEAA90F.9020303@esiee.fr>
	<0B439312FD9E450ABFA31B24CB7C8BCF@DD21> <4FEAB102.7060100@esiee.fr>
	<DUB107-W32F64564BA845D9853DCA5EDE70@phx.gbl>
	<CAD3xhrPvCRVvjkjYM6LnGbnkj4e-KEXzzV1S081_ddotK129Ow@mail.gmail.com>
	<20120627142804.GF31671@mdounin.ru>
	<CAD3xhrP6LBcy7g8Ws5w94J=WD-ivpzBOUF6dZ=i9+uAt9_O6uw@mail.gmail.com>
	<20120627165617.GH31671@mdounin.ru>
	<CAD3xhrO8UcCNs+jPW3oT8F9EOk2oQ6tdUsNXTp4QHfEWSDyXFw@mail.gmail.com>
Message-ID: <CAD3xhrOZMzmz232NM_FsjPPme9LCe8dwaz9siD096aNr3tjXWg@mail.gmail.com>

how can i use this meta data ?

On Wed, Jun 27, 2012 at 11:32 PM, shahzaib shahzaib
<shahzaib.cb at gmail.com>wrote:

> can you explain a bit more please? how i am going to seek it? is it prefer
> some specific bytes ?
>
>
> On Wed, Jun 27, 2012 at 9:56 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
>
>> Hello!
>>
>> On Wed, Jun 27, 2012 at 08:45:13PM +0500, shahzaib shahzaib wrote:
>>
>> > well, i've compiled my nginx 1.2.1 from this source
>> > http://h264.code-shop.com/trac/wiki/Mod-H264-Streaming-Nginx-Version2, add
>> > aditional module --with-http_flv_module for pseudo stream and added flv
>> > directive in nginx.conf file. But when i try to play video by
>> > test.flv?start=343434 , player stucked & not play. Mp4 is working fine
>> but
>> > not flv.
>>
>> You can't seek to arbitrary byte position, you have to use
>> byte position of a keyframe as available from flv metadata.
>>
>> Maxim Dounin
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120627/3ef29a76/attachment-0001.html>

From shahzaib.cb at gmail.com  Wed Jun 27 18:47:59 2012
From: shahzaib.cb at gmail.com (shahzaib shahzaib)
Date: Wed, 27 Jun 2012 23:47:59 +0500
Subject: nginx-1.3.2
In-Reply-To: <CAD3xhrOZMzmz232NM_FsjPPme9LCe8dwaz9siD096aNr3tjXWg@mail.gmail.com>
References: <20120626140023.GJ31671@mdounin.ru> <4FEAA90F.9020303@esiee.fr>
	<0B439312FD9E450ABFA31B24CB7C8BCF@DD21> <4FEAB102.7060100@esiee.fr>
	<DUB107-W32F64564BA845D9853DCA5EDE70@phx.gbl>
	<CAD3xhrPvCRVvjkjYM6LnGbnkj4e-KEXzzV1S081_ddotK129Ow@mail.gmail.com>
	<20120627142804.GF31671@mdounin.ru>
	<CAD3xhrP6LBcy7g8Ws5w94J=WD-ivpzBOUF6dZ=i9+uAt9_O6uw@mail.gmail.com>
	<20120627165617.GH31671@mdounin.ru>
	<CAD3xhrO8UcCNs+jPW3oT8F9EOk2oQ6tdUsNXTp4QHfEWSDyXFw@mail.gmail.com>
	<CAD3xhrOZMzmz232NM_FsjPPme9LCe8dwaz9siD096aNr3tjXWg@mail.gmail.com>
Message-ID: <CAD3xhrPfYx+nHX6VQN7=oLcwLA6bhk727zJ=E+tMUDyjK6GEJQ@mail.gmail.com>

i am actually new to this field ,thats why making u people lot of trouble ,
sorry for that

On Wed, Jun 27, 2012 at 11:47 PM, shahzaib shahzaib
<shahzaib.cb at gmail.com>wrote:

> how can i use this meta data ?
>
>
> On Wed, Jun 27, 2012 at 11:32 PM, shahzaib shahzaib <shahzaib.cb at gmail.com
> > wrote:
>
>> can you explain a bit more please? how i am going to seek it? is it
>> prefer some specific bytes ?
>>
>>
>> On Wed, Jun 27, 2012 at 9:56 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
>>
>>> Hello!
>>>
>>> On Wed, Jun 27, 2012 at 08:45:13PM +0500, shahzaib shahzaib wrote:
>>>
>>> > well, i've compiled my nginx 1.2.1 from this source
>>> > http://h264.code-shop.com/trac/wiki/Mod-H264-Streaming-Nginx-Version2, add
>>> > aditional module --with-http_flv_module for pseudo stream and added flv
>>> > directive in nginx.conf file. But when i try to play video by
>>> > test.flv?start=343434 , player stucked & not play. Mp4 is working fine
>>> but
>>> > not flv.
>>>
>>> You can't seek to arbitrary byte position, you have to use
>>> byte position of a keyframe as available from flv metadata.
>>>
>>> Maxim Dounin
>>>
>>> _______________________________________________
>>> nginx mailing list
>>> nginx at nginx.org
>>> http://mailman.nginx.org/mailman/listinfo/nginx
>>>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120627/c94dd820/attachment.html>

From nginx-forum at nginx.us  Wed Jun 27 21:42:46 2012
From: nginx-forum at nginx.us (akia)
Date: Wed, 27 Jun 2012 17:42:46 -0400 (EDT)
Subject: Converting Rewrite rules
Message-ID: <6dc28bc02ec9aef2e8d523a4b7082a89.NginxMailingListEnglish@forum.nginx.org>

I'm needing help on converting a htaccess rules to the nginx format.

I've got the software installed in a sub folder called directory. In the
root of that folder there is this .htaccess information:


#Options +FollowSymLinks
#Options -MultiViews
#Options All -Indexes

# This can be uncommented to compress js and css files
#<IfModule mod_deflate.c>
#<FilesMatch "\.(js|css)$">
#    SetOutputFilter DEFLATE
#</FilesMatch>
#</IfModule>

# This can be uncommented to set cache control for image, js, and css
files
#Header unset ETag
#FileETag None
#<FilesMatch "(?i)^.*\.(ico|flv|swf|jpg|jpeg|png|gif|js|css)$">
#Header unset Last-Modified
#Header set Expires "Fri, 21 Dec 2012 00:00:00 GMT"
#Header set Cache-Control "public, no-transform"
#</FilesMatch>

<FilesMatch "\.(htaccess|tpl)$">
  Order Allow,Deny
  Deny from all
</FilesMatch>

<IfModule mod_rewrite.c>
RewriteEngine On

#RewriteRule ^([a-zA-Z]+)\.html$ $1.php [L]

#Handle all category links.  Static category text followed by ID,
followed by path
#The "category" text here needs to be changed if the language variable
category is changed
RewriteRule ^category\/(.+/)location/(.+)$
browse_categories.php?id=$1&location=$2 [L,NC,QSA]
RewriteRule ^category\/(.+)$ browse_categories.php?id=$1 [L,NC,QSA]

#Handle all location links.  Static location text followed by ID,
followed by path
#The "location" text here needs to be changed if the language variable
location is changed
RewriteRule ^location\/(.+)$ browse_locations.php?id=$1 [L,NC,QSA]

#Rewrite pages
RewriteRule ^pages\/(.+)\.html$ page.php?id=$1 [L,NC]

#Rewrite Blog
RewriteRule ^blog.html$ blog.php [L,NC,QSA]
RewriteRule ^blog\/([^/]+)-([0-9]+).html$ blog_post.php?id=$2 [L,NC]
RewriteRule ^blog\/category\/(.+)-([0-9]+).html$ blog.php?category_id=$2
[L,NC,QSA]

#Rewrite listing/banner website out
RewriteRule ^out-([0-9]+)\.html$ out.php?listing_id=$1 [L]
RewriteRule ^out-([0-9]+)-([0-9]+)\.html$
out.php?listing_id=$1&banner_id=$2 [L]

#Rewrite listings
#Ignore any physical files
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^([^/]+)\.html$ listing.php?id=$1 [L,NC]
RewriteRule ^([^/]+)/images\.html$ listing_images.php?id=$1 [L,NC]
RewriteRule ^([^/]+)/send-message\.html$ listing_email.php?id=$1 [L,NC]
RewriteRule ^([^/]+)/send-message-friend\.html$
listing_email_friend.php?id=$1 [L,NC]
RewriteRule ^([^/]+)/reviews\.html$ listing_reviews.php?id=$1
[L,NC,QSA]
RewriteRule ^([^/]+)/add-review\.html$ listing_reviews_add.php?id=$1
[L,NC]
RewriteRule ^([^/]+)/classifieds\.html$ listing_classifieds.php?id=$1
[L,NC,QSA]
RewriteRule ^([^/]+)/documents\.html$ listing_documents.php?id=$1
[L,NC,QSA]
RewriteRule ^([^/]+)/suggestion\.html$ listing_suggestion.php?id=$1
[L,NC]
RewriteRule ^([^/]+)/claim\.html$ listing_claim.php?id=$1 [L,NC]

#Rewrite classifieds
RewriteRule ^classified/[^/]+-([0-9]+)\.html$ classified.php?id=$1
[L,NC]
RewriteRule ^classified/[^/]+-([0-9]+)/images\.html$
classified_images.php?id=$1 [L,NC]

#Rewrite sitemap
RewriteRule ^sitemap.xml$ xml.php?type=sitemap [L]

RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(.*)$ 404.php?id=$1 [L,NC]

</IfModule>

Then in the following subfolders I've got these other ones:

Directory/files
<FilesMatch "\.(php|php3|php4|phtml|pl|cgi)$">
deny from all
</FilesMatch>

and 
Directory/files/upload

<FilesMatch "\.csv$">
deny from all
</FilesMatch>

and
Directory/includes/ckeditor
#
# Copyright (c) 2003-2011, CKSource - Frederico Knabben. All rights
reserved.
# For licensing, see LICENSE.html or http://ckeditor.com/license
#

#
# On some specific Linux installations you could face problems with
Firefox.
# It could give you errors when loading the editor saying that some
illegal
# characters were found (three strange chars in the beginning of the
file).
# This could happen if you map the .js or .css files to PHP, for
example.
#
# Those characters are the Byte Order Mask (BOM) of the Unicode encoded
files.
# All FCKeditor files are Unicode encoded.
#

AddType application/x-javascript .js
AddType text/css .css

#
# If PHP is mapped to handle XML files, you could have some issues. The
# following will disable it.
#
AddType text/xml .xml

This is the converted files I've got

# nginx configuration

location /directory/category {
  rewrite ^/category\/(.+/)location/(.+)$
/browse_categories.php?id=$1&location=$2 break;
  rewrite ^/category\/(.+)$ /browse_categories.php?id=$1 break;
}

location /directory/location {
  rewrite ^/location\/(.+)$ /browse_locations.php?id=$1 break;
}

location /directory/pages {
  rewrite ^/pages\/(.+)\.html$ /page.php?id=$1 break;
}

location = /directory/blog.html {
  rewrite ^(.*)$ /blog.php break;
}

location /directory/blog {
  rewrite ^/blog\/([^/]+)-([0-9]+).html$ /blog_post.php?id=$2 break;
  rewrite ^/blog\/category\/(.+)-([0-9]+).html$ /blog.php?category_id=$2
break;
}

location /directory/out {
  rewrite ^/out-([0-9]+)\.html$ /out.php?listing_id=$1 break;
  rewrite ^/out-([0-9]+)-([0-9]+)\.html$
/out.php?listing_id=$1&banner_id=$2 break;
}

location /directory/ {
  if (!-e $request_filename){
    rewrite ^/([^/]+)\.html$ /listing.php?id=$1 break;
  }
  rewrite ^/([^/]+)/images\.html$ /listing_images.php?id=$1 break;
  rewrite ^/([^/]+)/send-message\.html$ /listing_email.php?id=$1 break;
  rewrite ^/([^/]+)/send-message-friend\.html$
/listing_email_friend.php?id=$1 break;
  rewrite ^/([^/]+)/reviews\.html$ /listing_reviews.php?id=$1 break;
  rewrite ^/([^/]+)/add-review\.html$ /listing_reviews_add.php?id=$1
break;
  rewrite ^/([^/]+)/classifieds\.html$ /listing_classifieds.php?id=$1
break;
  rewrite ^/([^/]+)/documents\.html$ /listing_documents.php?id=$1
break;
  rewrite ^/([^/]+)/suggestion\.html$ /listing_suggestion.php?id=$1
break;
  rewrite ^/([^/]+)/claim\.html$ /listing_claim.php?id=$1 break;
  if (!-e $request_filename){
    rewrite ^(.*)$ /404.php?id=$1 break;
  }
}

location /directory/classified {
  rewrite ^/classified/[^/]+-([0-9]+)\.html$ /classified.php?id=$1
break;
  rewrite ^/classified/[^/]+-([0-9]+)/images\.html$
/classified_images.php?id=$1 break;
}

location = /sitemap.xml {
  rewrite ^(.*)$ /xml.php?type=sitemap break;
}

location ~ \.(htaccess|tpl)$ {
  deny all;
}

location ~/files/\.(php|php3|php4|phtml|pl|cgi)$ {
  deny all;
}

location ~ \.csv$ {
  deny all;
}

But this dosn't seem to work, and as I'm new to using nginx I can't get
my head around it. Can anyone help

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,228027,228027#msg-228027


From luky-37 at hotmail.com  Wed Jun 27 22:25:09 2012
From: luky-37 at hotmail.com (Lukas Tribus)
Date: Thu, 28 Jun 2012 00:25:09 +0200
Subject: nginx-1.3.2
In-Reply-To: <CAD3xhrPfYx+nHX6VQN7=oLcwLA6bhk727zJ=E+tMUDyjK6GEJQ@mail.gmail.com>
References: <20120626140023.GJ31671@mdounin.ru>
	<4FEAA90F.9020303@esiee.fr>,<0B439312FD9E450ABFA31B24CB7C8BCF@DD21>
	<4FEAB102.7060100@esiee.fr>,
	<DUB107-W32F64564BA845D9853DCA5EDE70@phx.gbl>,
	<CAD3xhrPvCRVvjkjYM6LnGbnkj4e-KEXzzV1S081_ddotK129Ow@mail.gmail.com>,
	<20120627142804.GF31671@mdounin.ru>,
	<CAD3xhrP6LBcy7g8Ws5w94J=WD-ivpzBOUF6dZ=i9+uAt9_O6uw@mail.gmail.com>,
	<20120627165617.GH31671@mdounin.ru>,
	<CAD3xhrO8UcCNs+jPW3oT8F9EOk2oQ6tdUsNXTp4QHfEWSDyXFw@mail.gmail.com>,
	<CAD3xhrOZMzmz232NM_FsjPPme9LCe8dwaz9siD096aNr3tjXWg@mail.gmail.com>,
	<CAD3xhrPfYx+nHX6VQN7=oLcwLA6bhk727zJ=E+tMUDyjK6GEJQ@mail.gmail.com>
Message-ID: <DUB107-W238A3A2AED5EE133587F5BEDE70@phx.gbl>


> can you explain a bit more please? how i am going to seek it? is it prefer some specific bytes ?



See this:

http://nginx.org/en/docs/http/ngx_http_flv_module.html

http://nginx.org/en/docs/http/ngx_http_mp4_module.html



You will need a Flash/HTML5 Player to do this, for example JWPlayer [1]. But please be advised that this list is not about Video Playback.



[1] http://www.longtailvideo.com/players/

 		 	   		  

From nginx-forum at nginx.us  Wed Jun 27 22:59:18 2012
From: nginx-forum at nginx.us (pavs)
Date: Wed, 27 Jun 2012 18:59:18 -0400 (EDT)
Subject: nginx not connecting with varnish
Message-ID: <4c68905012f1478dead8701d30144f99.NginxMailingListEnglish@forum.nginx.org>

I get this varnish error ?FetchError no backend connection? 

Varnishlog:

        0 CLI          - Rd ping
        0 CLI          - Wr 200 19 PONG 1340829925 1.0
       12 SessionOpen  c 79.124.74.11 3063 :80
       12 SessionClose c EOF
       12 StatSess     c 79.124.74.11 3063 0 1 0 0 0 0 0 0
        0 CLI          - Rd ping
        0 CLI          - Wr 200 19 PONG 1340829928 1.0
        0 CLI          - Rd ping
        0 CLI          - Wr 200 19 PONG 1340829931 1.0
       12 SessionOpen  c 108.62.115.226 46211 :80
       12 ReqStart     c 108.62.115.226 46211 467185881
       12 RxRequest    c GET
       12 RxURL        c /
       12 RxProtocol   c HTTP/1.0
       12 RxHeader     c User-Agent:
Pingdom.com_bot_version_1.4_(http://www.pingdom.com/)
       12 RxHeader     c Host: www.mysite.com
       12 VCL_call     c recv lookup
       12 VCL_call     c hash
       12 Hash         c /
       12 Hash         c www.mysite.com
       12 VCL_return   c hash
       12 VCL_call     c miss fetch
       12 FetchError   c no backend connection
       12 VCL_call     c error deliver
       12 VCL_call     c deliver deliver
       12 TxProtocol   c HTTP/1.1
       12 TxStatus     c 503
       12 TxResponse   c Service Unavailable
       12 TxHeader     c Server: Varnish
       12 TxHeader     c Content-Type: text/html; charset=utf-8
       12 TxHeader     c Retry-After: 5
       12 TxHeader     c Content-Length: 418
       12 TxHeader     c Accept-Ranges: bytes
       12 TxHeader     c Date: Wed, 27 Jun 2012 20:45:31 GMT
       12 TxHeader     c X-Varnish: 467185881
       12 TxHeader     c Age: 1
       12 TxHeader     c Via: 1.1 varnish
       12 TxHeader     c Connection: close
       12 Length       c 418
       12 ReqEnd       c 467185881 1340829931.192433119
1340829931.891024113 0.000051022 0.698516846 0.000074035
       12 SessionClose c error
       12 StatSess     c 108.62.115.226 46211 1 1 1 0 0 0 256 418
        0 CLI          - Rd ping
        0 CLI          - Wr 200 19 PONG 1340829934 1.0
        0 CLI          - Rd ping
        0 CLI          - Wr 200 19 PONG 1340829937 1.0

---

    netstat -tlnp
     Active Internet connections (only servers)
    Proto Recv-Q Send-Q Local Address           Foreign Address        
State       PID/Program name
    tcp        0      0 0.0.0.0:8080            0.0.0.0:*              
LISTEN      3086/nginx      
    tcp        0      0 0.0.0.0:80              0.0.0.0:*              
LISTEN      1915/varnishd   
    tcp        0      0 0.0.0.0:22              0.0.0.0:*              
LISTEN      1279/sshd       
    tcp        0      0 127.0.0.2:25            0.0.0.0:*              
LISTEN      3195/sendmail: MTA:
    tcp        0      0 127.0.0.2:6082          0.0.0.0:*              
LISTEN      1914/varnishd   
    tcp        0      0 127.0.0.2:9000          0.0.0.0:*              
LISTEN      1317/php-fpm.conf)
    tcp        0      0 127.0.0.2:3306          0.0.0.0:*              
LISTEN      1192/mysqld     
    tcp        0      0 127.0.0.2:587           0.0.0.0:*              
LISTEN      3195/sendmail: MTA:
    tcp        0      0 127.0.0.2:11211         0.0.0.0:*              
LISTEN      3072/memcached  
    tcp6       0      0 :::8080                 :::*                   
LISTEN      3086/nginx      
    tcp6       0      0 :::80                   :::*                   
LISTEN      1915/varnishd   
    tcp6       0      0 :::22                   :::*                   
LISTEN      1279/sshd  

---

/etc/nginx/site-enabled/default

    server {
    	listen   8080; ## listen for ipv4; this line is default and
implied
    	listen   [::]:8080 default ipv6only=on; ## listen for ipv6
    
    	root /usr/share/nginx/www;
    	index index.html index.htm index.php;
    
    	# Make site accessible from http://localhost/
    	server_name localhost;
    
    	location / {
    		# First attempt to serve request as file, then
    		# as directory, then fall back to index.html
    		try_files $uri $uri/ /index.html;
    	}
    
    	location /doc {
    		root /usr/share;
    		autoindex on;
    		allow 127.0.0.2;
    		deny all;
    	}
    
    	location /images {
    		root /usr/share;
    		autoindex off;
    	}
    
    	#error_page 404 /404.html;
    
    	# redirect server error pages to the static page /50x.html
    	#
    	#error_page 500 502 503 504 /50x.html;
    	#location = /50x.html {
    	#	root /usr/share/nginx/www;
    	#}
    
    	# proxy the PHP scripts to Apache listening on 127.0.0.1:80
    	#
    	#location ~ \.php$ {
    	#	proxy_pass http://127.0.0.1;
    	#}
    
    	# pass the PHP scripts to FastCGI server listening on
127.0.0.1:9000
    	#
    	location ~ \.php$ {
    		fastcgi_pass 127.0.0.2:9000;
    		fastcgi_index index.php;
    		include fastcgi_params;
    	}
    
    	# deny access to .htaccess files, if Apache's document root
    	# concurs with nginx's one
    	#
    	#location ~ /\.ht {
    	#	deny all;
    	#}
    }

---


/etc/nginx/sites-enabled/www.mysite.com.vhost

    server {
           listen 8080;
           server_name www.mysite.com mysite.com.net;
           root /var/www/www.mysite.com/web;
           if ($http_host != "www.mysite.com") {
                     rewrite ^ http://www.mysite.com$request_uri
permanent;
           }
           index index.php index.html;
           location = /favicon.ico {
                    log_not_found off;
                    access_log off;
           }
           location = /robots.txt {
                    allow all;
                    log_not_found off;
                    access_log off;
           }
           # Deny all attempts to access hidden files such as .htaccess,
.htpasswd, .DS_Store (Mac).
           location ~ /\. {
                    deny all;
                    access_log off;
                    log_not_found off;
           }
           location / {
                    try_files $uri $uri/ /index.php?$args;
           }
           # Add trailing slash to */wp-admin requests.
           rewrite /wp-admin$ $scheme://$host$uri/ permanent;
           location ~*  \.(jpg|jpeg|png|gif|css|js|ico)$ {
                    expires max;
                    log_not_found off;
           }
           location ~ \.php$ {
                    try_files $uri =404;
                    include /etc/nginx/fastcgi_params;
                    fastcgi_pass 127.0.0.2:9000;
                    fastcgi_param SCRIPT_FILENAME
$document_root$fastcgi_script_name;
           }
    
    include /var/www/www.mysite.com/web/nginx.conf;
           location ~ /nginx.conf {
                    deny all;
                    access_log off;
                    log_not_found off;
           }
    
    }

---

    /etc/varnish/default.vcl

    # This is a basic VCL configuration file for varnish.  See the
vcl(7)
    # man page for details on VCL syntax and semantics.
    # 
    # Default backend definition.  Set this to point to your content
    # server.
    # 
    backend default {
        .host = "127.0.0.2";
        .port = "8080";
        # .connect_timeout = 600s;
        #.first_byte_timeout = 600s;
        # .between_bytes_timeout = 600s;
        # .max_connections = 800;

---
Note: uncommenting the last four options at default.vcl made no
difference. 

---


cat /etc/default/varnish

    # Configuration file for varnish
    #
    # /etc/init.d/varnish expects the variables $DAEMON_OPTS, $NFILES
and $MEMLOCK
    # to be set from this shell script fragment.
    #
    
    # Should we start varnishd at boot?  Set to "yes" to enable.
    START=yes
    
    # Maximum number of open files (for ulimit -n)
    NFILES=131072
    
    # Maximum locked memory size (for ulimit -l)
    # Used for locking the shared memory log in memory.  If you increase
log size,
    # you need to increase this number as well
    MEMLOCK=82000
    
    # Default varnish instance name is the local nodename.  Can be
overridden with
    # the -n switch, to have more instances on a single server.
    INSTANCE=$(uname -n)
    
    # This file contains 4 alternatives, please use only one.
    
    ## Alternative 1, Minimal configuration, no VCL
    #
    # Listen on port 6081, administration on localhost:6082, and forward
to
    # content server on localhost:8080.  Use a 1GB fixed-size cache
file.
    #
    # DAEMON_OPTS="-a :6081 \
    #              -T localhost:6082 \
    # 	     -b localhost:8080 \
    # 	     -u varnish -g varnish \
    #            -S /etc/varnish/secret \
    # 	     -s file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"
    
    
    ## Alternative 2, Configuration with VCL
    #
    # Listen on port 6081, administration on localhost:6082, and forward
to
    # one content server selected by the vcl file, based on the request.
 Use a 1GB
    # fixed-size cache file.
    #
    DAEMON_OPTS="-a :80 \
                 -T 127.0.0.2:6082 \
                 -f /etc/varnish/default.vcl \
                 -S /etc/varnish/secret \
                 -s
file,/var/lib/varnish/$INSTANCE/varnish_storage.bin,1G"


If you need any other info let me know. I am all out of clue as to whats
the problem.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,228029,228029#msg-228029


From nginx-forum at nginx.us  Thu Jun 28 00:36:49 2012
From: nginx-forum at nginx.us (defage)
Date: Wed, 27 Jun 2012 20:36:49 -0400 (EDT)
Subject: How does to error_page when this issue
Message-ID: <89f5c3d3ee12a3bdd50123f29abe2c94.NginxMailingListEnglish@forum.nginx.org>

some url like:  http://localhost.com/%u
It will response http 400 status , and when generate this response
,nothing found  in error log or access log.

how to config this issue error_page?

my config
location / {
    error_page   400 =/400;
}

location /400 {
    root   /path/some/path;
}
it don't work.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,228031,228031#msg-228031


From nbubingo at gmail.com  Thu Jun 28 02:47:49 2012
From: nbubingo at gmail.com (=?GB2312?B?0qbOsLHz?=)
Date: Thu, 28 Jun 2012 10:47:49 +0800
Subject: nginx-sticky & nginx_http_upstream_check modules not working
	together
In-Reply-To: <6d652318b5840d5b19c033a539f9677d.NginxMailingListEnglish@forum.nginx.org>
References: <ec1e8dadfc770c5b59dc45557e0f95d8.NginxMailingListEnglish@forum.nginx.org>
	<6d652318b5840d5b19c033a539f9677d.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAGxuLK2=X1A2_iKVC-zSCpFswKg8GEov3rfFTE_OgHwiovUa4w@mail.gmail.com>

Hi,

I'm the author of the upstream check module.  The upstream check only
support official round robin and ip hash module.

The sticky upstream module need an extra patch to work with this check
module. See the fair module patch as an example
(https://github.com/yaoweibin/nginx_upstream_check_module/blob/master/upstream_fair.patch).


2012/6/27 n1xman <nginx-forum at nginx.us>:
> Thanks Jerome,
>
> We will hold the nginx_http_upstream_check module until resolve this.
> This module is really important for us as we use multiple Cometd
> instances successfully. The only issue is sometimes the Cometd service
> is not functional but the jboss port is listing.
>
> http://code.google.com/p/nginx-sticky-module/issues/detail?id=22
>
> Thanks in advance
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227937,227959#msg-227959
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From shahzaib.cb at gmail.com  Thu Jun 28 06:24:00 2012
From: shahzaib.cb at gmail.com (shahzaib shahzaib)
Date: Thu, 28 Jun 2012 11:24:00 +0500
Subject: nginx-1.3.2
In-Reply-To: <DUB107-W238A3A2AED5EE133587F5BEDE70@phx.gbl>
References: <20120626140023.GJ31671@mdounin.ru> <4FEAA90F.9020303@esiee.fr>
	<0B439312FD9E450ABFA31B24CB7C8BCF@DD21> <4FEAB102.7060100@esiee.fr>
	<DUB107-W32F64564BA845D9853DCA5EDE70@phx.gbl>
	<CAD3xhrPvCRVvjkjYM6LnGbnkj4e-KEXzzV1S081_ddotK129Ow@mail.gmail.com>
	<20120627142804.GF31671@mdounin.ru>
	<CAD3xhrP6LBcy7g8Ws5w94J=WD-ivpzBOUF6dZ=i9+uAt9_O6uw@mail.gmail.com>
	<20120627165617.GH31671@mdounin.ru>
	<CAD3xhrO8UcCNs+jPW3oT8F9EOk2oQ6tdUsNXTp4QHfEWSDyXFw@mail.gmail.com>
	<CAD3xhrOZMzmz232NM_FsjPPme9LCe8dwaz9siD096aNr3tjXWg@mail.gmail.com>
	<CAD3xhrPfYx+nHX6VQN7=oLcwLA6bhk727zJ=E+tMUDyjK6GEJQ@mail.gmail.com>
	<DUB107-W238A3A2AED5EE133587F5BEDE70@phx.gbl>
Message-ID: <CAD3xhrPfY4+aJ2UAYNvbpDbE0eX0fj4SdqXsxsoosNEEQhxnFQ@mail.gmail.com>

i've installed jwplayer from this source
http://www.longtailvideo.com/support/jw-player/jw-player-for-flash-v5/12/install-the-jw-player-for-flash-v5,still
when i try to seek video or try to download it by
test.flv?start=343434 ,video size reduces but video broken

On Thu, Jun 28, 2012 at 3:25 AM, Lukas Tribus <luky-37 at hotmail.com> wrote:

>
> > can you explain a bit more please? how i am going to seek it? is it
> prefer some specific bytes ?
>
>
>
> See this:
>
> http://nginx.org/en/docs/http/ngx_http_flv_module.html
>
> http://nginx.org/en/docs/http/ngx_http_mp4_module.html
>
>
>
> You will need a Flash/HTML5 Player to do this, for example JWPlayer [1].
> But please be advised that this list is not about Video Playback.
>
>
>
> [1] http://www.longtailvideo.com/players/
>
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120628/5d4fe905/attachment.html>

From shahzaib.cb at gmail.com  Thu Jun 28 06:50:37 2012
From: shahzaib.cb at gmail.com (shahzaib shahzaib)
Date: Thu, 28 Jun 2012 11:50:37 +0500
Subject: nginx-1.3.2
In-Reply-To: <CAD3xhrPfY4+aJ2UAYNvbpDbE0eX0fj4SdqXsxsoosNEEQhxnFQ@mail.gmail.com>
References: <20120626140023.GJ31671@mdounin.ru> <4FEAA90F.9020303@esiee.fr>
	<0B439312FD9E450ABFA31B24CB7C8BCF@DD21> <4FEAB102.7060100@esiee.fr>
	<DUB107-W32F64564BA845D9853DCA5EDE70@phx.gbl>
	<CAD3xhrPvCRVvjkjYM6LnGbnkj4e-KEXzzV1S081_ddotK129Ow@mail.gmail.com>
	<20120627142804.GF31671@mdounin.ru>
	<CAD3xhrP6LBcy7g8Ws5w94J=WD-ivpzBOUF6dZ=i9+uAt9_O6uw@mail.gmail.com>
	<20120627165617.GH31671@mdounin.ru>
	<CAD3xhrO8UcCNs+jPW3oT8F9EOk2oQ6tdUsNXTp4QHfEWSDyXFw@mail.gmail.com>
	<CAD3xhrOZMzmz232NM_FsjPPme9LCe8dwaz9siD096aNr3tjXWg@mail.gmail.com>
	<CAD3xhrPfYx+nHX6VQN7=oLcwLA6bhk727zJ=E+tMUDyjK6GEJQ@mail.gmail.com>
	<DUB107-W238A3A2AED5EE133587F5BEDE70@phx.gbl>
	<CAD3xhrPfY4+aJ2UAYNvbpDbE0eX0fj4SdqXsxsoosNEEQhxnFQ@mail.gmail.com>
Message-ID: <CAD3xhrOnAg7etdE7TBSHSVYThuR-4GcPoW_43A3sMTaUZHSptQ@mail.gmail.com>

@Lukas, i know those flv-module links & i've had alread added flv & mp4
directive in nginx.conf  & mp4 pseudo is working perfect.

On Thu, Jun 28, 2012 at 11:24 AM, shahzaib shahzaib
<shahzaib.cb at gmail.com>wrote:

> i've installed jwplayer from this source
> http://www.longtailvideo.com/support/jw-player/jw-player-for-flash-v5/12/install-the-jw-player-for-flash-v5,still when i try to seek video or try to download it by
> test.flv?start=343434 ,video size reduces but video broken
>
>
> On Thu, Jun 28, 2012 at 3:25 AM, Lukas Tribus <luky-37 at hotmail.com> wrote:
>
>>
>> > can you explain a bit more please? how i am going to seek it? is it
>> prefer some specific bytes ?
>>
>>
>>
>> See this:
>>
>> http://nginx.org/en/docs/http/ngx_http_flv_module.html
>>
>> http://nginx.org/en/docs/http/ngx_http_mp4_module.html
>>
>>
>>
>> You will need a Flash/HTML5 Player to do this, for example JWPlayer [1].
>> But please be advised that this list is not about Video Playback.
>>
>>
>>
>> [1] http://www.longtailvideo.com/players/
>>
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120628/a8b60c71/attachment.html>

From mat999 at gmail.com  Thu Jun 28 07:16:00 2012
From: mat999 at gmail.com (SplitIce)
Date: Thu, 28 Jun 2012 17:16:00 +1000
Subject: proxy_store
Message-ID: <CALFfGYaqhF9GipT=t6gO5Za7g6sxr9c10X25PmgV2jSFiNtP6w@mail.gmail.com>

Been tearing out my hair for hours today trying to get proxy_store to
work. Is there a minimum version for proxy_store with variables
support?

My nginx refuses to work with simple stuff like
set $md5 test;
proxy_store /data/nginx/1/$md5;"

instead trying to store to [root]/[full url] evident by the error log
2012/06/28 17:13:24 [error] 5700#0: *1 open()
"/usr/html/img/diagram.png" failed (2: No such file or directory),
client: 192.168.2.2, server: , request: "GET /img/diagram.png
HTTP/1.1", host: "192.168.2.15:88"

My nginx version 1.2.1

I dont see it in the changelog, howeaver maybe its a new feature? Not
in stable that is.


From mat999 at gmail.com  Thu Jun 28 07:22:53 2012
From: mat999 at gmail.com (SplitIce)
Date: Thu, 28 Jun 2012 17:22:53 +1000
Subject: proxy_store
In-Reply-To: <CALFfGYaqhF9GipT=t6gO5Za7g6sxr9c10X25PmgV2jSFiNtP6w@mail.gmail.com>
References: <CALFfGYaqhF9GipT=t6gO5Za7g6sxr9c10X25PmgV2jSFiNtP6w@mail.gmail.com>
Message-ID: <CALFfGYaTr4MtQito8vaKv+8vhkBec2Yas6DuGBnk5xj=L0SyVg@mail.gmail.com>

Haha, serves me right. Did a clean build (make clean, configure,
build) and the issue was fixed. Strange but im glad it works.

As always thanks for all the hard work. nginx is amazing.

On Thu, Jun 28, 2012 at 5:16 PM, SplitIce <mat999 at gmail.com> wrote:
> Been tearing out my hair for hours today trying to get proxy_store to
> work. Is there a minimum version for proxy_store with variables
> support?
>
> My nginx refuses to work with simple stuff like
> set $md5 test;
> proxy_store /data/nginx/1/$md5;"
>
> instead trying to store to [root]/[full url] evident by the error log
> 2012/06/28 17:13:24 [error] 5700#0: *1 open()
> "/usr/html/img/diagram.png" failed (2: No such file or directory),
> client: 192.168.2.2, server: , request: "GET /img/diagram.png
> HTTP/1.1", host: "192.168.2.15:88"
>
> My nginx version 1.2.1
>
> I dont see it in the changelog, howeaver maybe its a new feature? Not
> in stable that is.


From nginx-forum at nginx.us  Thu Jun 28 07:47:23 2012
From: nginx-forum at nginx.us (Wolfsrudel)
Date: Thu, 28 Jun 2012 03:47:23 -0400 (EDT)
Subject: Converting Rewrite rules
In-Reply-To: <6dc28bc02ec9aef2e8d523a4b7082a89.NginxMailingListEnglish@forum.nginx.org>
References: <6dc28bc02ec9aef2e8d523a4b7082a89.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <90526c96a906ef40546215863d735319.NginxMailingListEnglish@forum.nginx.org>

Try to diff with the results of the converter:
http://winginx.com/htaccess

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,228027,228041#msg-228041


From r at roze.lv  Thu Jun 28 10:29:49 2012
From: r at roze.lv (Reinis Rozitis)
Date: Thu, 28 Jun 2012 13:29:49 +0300
Subject: How does to error_page when this issue
In-Reply-To: <89f5c3d3ee12a3bdd50123f29abe2c94.NginxMailingListEnglish@forum.nginx.org>
References: <89f5c3d3ee12a3bdd50123f29abe2c94.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <3E0D9E55B4B741108E56F301E0EE6AB9@DD21>

> how to config this issue error_page?

Does http://localhost/400 show correctly?

rr


From mdounin at mdounin.ru  Thu Jun 28 12:07:06 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 28 Jun 2012 16:07:06 +0400
Subject: nginx-1.3.2
In-Reply-To: <CAD3xhrPfY4+aJ2UAYNvbpDbE0eX0fj4SdqXsxsoosNEEQhxnFQ@mail.gmail.com>
References: <DUB107-W32F64564BA845D9853DCA5EDE70@phx.gbl>
	<CAD3xhrPvCRVvjkjYM6LnGbnkj4e-KEXzzV1S081_ddotK129Ow@mail.gmail.com>
	<20120627142804.GF31671@mdounin.ru>
	<CAD3xhrP6LBcy7g8Ws5w94J=WD-ivpzBOUF6dZ=i9+uAt9_O6uw@mail.gmail.com>
	<20120627165617.GH31671@mdounin.ru>
	<CAD3xhrO8UcCNs+jPW3oT8F9EOk2oQ6tdUsNXTp4QHfEWSDyXFw@mail.gmail.com>
	<CAD3xhrOZMzmz232NM_FsjPPme9LCe8dwaz9siD096aNr3tjXWg@mail.gmail.com>
	<CAD3xhrPfYx+nHX6VQN7=oLcwLA6bhk727zJ=E+tMUDyjK6GEJQ@mail.gmail.com>
	<DUB107-W238A3A2AED5EE133587F5BEDE70@phx.gbl>
	<CAD3xhrPfY4+aJ2UAYNvbpDbE0eX0fj4SdqXsxsoosNEEQhxnFQ@mail.gmail.com>
Message-ID: <20120628120706.GI31671@mdounin.ru>

Hello!

On Thu, Jun 28, 2012 at 11:24:00AM +0500, shahzaib shahzaib wrote:

> i've installed jwplayer from this source
> http://www.longtailvideo.com/support/jw-player/jw-player-for-flash-v5/12/install-the-jw-player-for-flash-v5,still
> when i try to seek video or try to download it by
> test.flv?start=343434 ,video size reduces but video broken

The fact that video size is recuded means that flv module in nginx works 
fine.

As I already said using arbitrary byte positions in the "start" 
argument isn't possible with flv, you have to use positions of a 
keyframe/seekpoint there.  With arbitrary byte position broken 
video is expected result.

If seeking doesn't work from a flash player, most likely reason is 
problems with flv file itself.  In particular, please refer the 
the note here:

http://www.longtailvideo.com/support/jw-player/jw-player-for-flash-v5/12534/video-delivery-http-pseudo-streaming#mechanism

: Note: Some FLV encoders do not include seekpoints metadata when 
: encoding videos. Without this data, HTTP Pseudostreaming will not 
: work. If you suspect your videos to not have metadata, use our 
: Metaviewer plugin to inspect the video. There should be a 
: seekpoints or keyframes list. If it is not there, use the FLVMDI 
: tool to parse your FLV videos and inject this metadata.

(The page itself contains appropriate links, quoted here just 
clarify which note I'm referring to.)

Maxim Dounin


From kworthington at gmail.com  Thu Jun 28 13:06:27 2012
From: kworthington at gmail.com (Kevin Worthington)
Date: Thu, 28 Jun 2012 09:06:27 -0400
Subject: nginx-1.3.2
In-Reply-To: <20120626140023.GJ31671@mdounin.ru>
References: <20120626140023.GJ31671@mdounin.ru>
Message-ID: <CAGo79UV7OUT-2Pj=2e=f=i=wiMvHs3ZF1saE1kLaKGb4m5d=eg@mail.gmail.com>

Hello Nginx Users,

Now available: Nginx 1.3.2 For Windows http://goo.gl/2aSez (32-bit and
64-bit versions)

These versions are to support legacy users who are already using
Cygwin based builds of Nginx. Officially supported native Windows
binaries are at nginx.org.

Announcements are also available via my Twitter stream, listed below
if you'd like updates that way.

Thank you,
Kevin
--
Kevin Worthington
kworthington *@* (gmail]  [dot} {com)
http://kevinworthington.com/
http://twitter.com/kworthington


On Tue, Jun 26, 2012 at 10:00 AM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> Changes with nginx 1.3.2 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 26 Jun 2012
>
> ? ?*) Change: the "single" parameter of the "keepalive" directive is now
> ? ? ? ignored.
>
> ? ?*) Change: SSL compression is now disabled when using all versions of
> ? ? ? OpenSSL, including ones prior to 1.0.0.
>
> ? ?*) Feature: it is now possible to use the "ip_hash" directive to balance
> ? ? ? IPv6 clients.
>
> ? ?*) Feature: the $status variable can now be used not only in the
> ? ? ? "log_format" directive.
>
> ? ?*) Bugfix: a segmentation fault might occur in a worker process on
> ? ? ? shutdown if the "resolver" directive was used.
>
> ? ?*) Bugfix: a segmentation fault might occur in a worker process if the
> ? ? ? ngx_http_mp4_module was used.
>
> ? ?*) Bugfix: in the ngx_http_mp4_module.
>
> ? ?*) Bugfix: a segmentation fault might occur in a worker process if
> ? ? ? conflicting wildcard server names were used.
>
> ? ?*) Bugfix: nginx might be terminated abnormally on a SIGBUS signal on
> ? ? ? ARM platform.
>
> ? ?*) Bugfix: an alert "sendmsg() failed (9: Bad file number)" on HP-UX
> ? ? ? while reconfiguration.
>
>
> Maxim Dounin
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From mdounin at mdounin.ru  Thu Jun 28 13:47:19 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 28 Jun 2012 17:47:19 +0400
Subject: How does to error_page when this issue
In-Reply-To: <89f5c3d3ee12a3bdd50123f29abe2c94.NginxMailingListEnglish@forum.nginx.org>
References: <89f5c3d3ee12a3bdd50123f29abe2c94.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120628134719.GJ31671@mdounin.ru>

Hello!

On Wed, Jun 27, 2012 at 08:36:49PM -0400, defage wrote:

> some url like:  http://localhost.com/%u
> It will response http 400 status , and when generate this response
> ,nothing found  in error log or access log.
>
> how to config this issue error_page?
> 
> my config
> location / {
>     error_page   400 =/400;
> }
> 
> location /400 {
>     root   /path/some/path;
> }
> it don't work.

These errors are shown up in a default server on a listen socket 
in question, as virtual host isn't yet known when error happens.

The error_page should work, though you have to configure 
it in the default server as well.

Maxim Dounin


From contact at jpluscplusm.com  Thu Jun 28 21:16:45 2012
From: contact at jpluscplusm.com (Jonathan Matthews)
Date: Thu, 28 Jun 2012 22:16:45 +0100
Subject: modify and reload Nginx's config from webpage?
In-Reply-To: <c96bc530266c5aaa24222188329a73b1.NginxMailingListEnglish@forum.nginx.org>
References: <c96bc530266c5aaa24222188329a73b1.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAKsTx7DgywG046b3szzRHGY+mjWU2LjYvS9rPwPSmNH0X22NaA@mail.gmail.com>

On 27 June 2012 04:52, tonny.young <nginx-forum at nginx.us> wrote:
> I think it would be more convenient to manage Nginx from webpage than
> command line.Any suggesions?

As Reinis points out, you can achieve this using any scripting
language you care to expose via nginx.

It doesn't, however, have any place being implemented inside nginx
itself. It would add unnecessary code, complexity and risk to the
daemon.

Jonathan
-- 
Jonathan Matthews
Oxford, London, UK
http://www.jpluscplusm.com/contact.html


From contact at jpluscplusm.com  Thu Jun 28 21:54:40 2012
From: contact at jpluscplusm.com (Jonathan Matthews)
Date: Thu, 28 Jun 2012 22:54:40 +0100
Subject: unique_id
In-Reply-To: <CAPiPmQkZSOPjLmQ8vXkRxv3NsnghRti7Caz0-hh2ZJ=aRAhuMA@mail.gmail.com>
References: <CAPiPmQkZSOPjLmQ8vXkRxv3NsnghRti7Caz0-hh2ZJ=aRAhuMA@mail.gmail.com>
Message-ID: <CAKsTx7B00cxKz-OnJVBwkDeLVo0ixT4_KiHxCGPD=5gUyNpYDg@mail.gmail.com>

Resurrecting an old thread ...

On 18 July 2011 10:07, G?bor Farkas <gabor at nekomancer.net> wrote:
> hi,
>
> i need something like
> http://httpd.apache.org/docs/current/mod/mod_unique_id.html (but for
> nginx obviously).
>
> basically i need nginx to generate some kind of
> uuid/checksum/something-unique, that it can send to an
> upstream-proxied server,
> and also put into the logs. the idea is to be able to track the
> 'lifetime' of a request as it traverses through nginx and into the
> upstream server and then back into nginx.

I had exactly this idea too :-) I'm wondering if anyone has any input?

Some random thoughts:

I'd like to *avoid* using embedded LUA/Perl/etc, even though they have
libraries that might do the actual (UU)ID generation. This is because,
as the OP suggests, having this header inserted at the most external
entry point to your network means you can track the request most
completely across your infrastructure. On my external nginx instances
(SSL-terminating, for example) I *really* like to keep the enabled
modules as light as possible to decrease the machine's attack surface.

Linux exposes /proc/sys/kernel/random/uuid, which does the heavy
lifting for us of generating a (UU)ID. Windows ... probably doesn't
:-/

Is anyone doing anything like this? Am I missing a simple way of
achieving the goal of injecting (relatively) unique IDs into my N-tier
proxy_pass'd architecture?

Cheers!
Jonathan
-- 
Jonathan Matthews
Oxford, London, UK
http://www.jpluscplusm.com/contact.html


From nginx-forum at nginx.us  Thu Jun 28 22:58:51 2012
From: nginx-forum at nginx.us (munkhabi)
Date: Thu, 28 Jun 2012 18:58:51 -0400 (EDT)
Subject: diffs of main_conf
Message-ID: <986056e8c3783791caad267f1159e6ae.NginxMailingListEnglish@forum.nginx.org>

ngx_cycle->conf_cx->main_conf
r->main_conf
r->ctx->main_conf

How these are used / what are the difference of them?
M.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,228077,228077#msg-228077


From nginx-forum at nginx.us  Fri Jun 29 02:17:51 2012
From: nginx-forum at nginx.us (defage)
Date: Thu, 28 Jun 2012 22:17:51 -0400 (EDT)
Subject: How does to error_page when this issue
In-Reply-To: <89f5c3d3ee12a3bdd50123f29abe2c94.NginxMailingListEnglish@forum.nginx.org>
References: <89f5c3d3ee12a3bdd50123f29abe2c94.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <3c5ee5dfe71aed70ed50bfacf9b44115.NginxMailingListEnglish@forum.nginx.org>

Thanks your reply.  Working properly now

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,228031,228079#msg-228079


From nginx-forum at nginx.us  Fri Jun 29 02:23:57 2012
From: nginx-forum at nginx.us (sistematico)
Date: Thu, 28 Jun 2012 22:23:57 -0400 (EDT)
Subject: UserDir
In-Reply-To: <CAOi0A7m4w7KwC8iKn0x2rKL19y7OJ2acva2q5LWZ3ob+QYs4AA@mail.gmail.com>
References: <CAOi0A7m4w7KwC8iKn0x2rKL19y7OJ2acva2q5LWZ3ob+QYs4AA@mail.gmail.com>
Message-ID: <9b1d6e502141d20796fc088993902d9a.NginxMailingListEnglish@forum.nginx.org>

Try this -> http://pastie.org/4169064

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,221861,228080#msg-228080


From lists at ruby-forum.com  Fri Jun 29 02:55:59 2012
From: lists at ruby-forum.com (Youngseok Choi)
Date: Fri, 29 Jun 2012 04:55:59 +0200
Subject: Nginx Active & Writing Connections exponential growth.
In-Reply-To: <AANLkTi=DVb+MS63JBOfPJB4foKeVMX9Qifi6gsJYkBYE@mail.gmail.com>
References: <AANLkTi=DVb+MS63JBOfPJB4foKeVMX9Qifi6gsJYkBYE@mail.gmail.com>
Message-ID: <1b45e3ec7ba59888ed98c6c04f3efc2d@ruby-forum.com>

Hi, Antonio.

I've met a very similar situation which you did about 2 years ago.
Did you solve this situation?
If so, how did you do that?

Thanks.

-- 
Posted via http://www.ruby-forum.com/.


From igor at sysoev.ru  Fri Jun 29 05:59:27 2012
From: igor at sysoev.ru (Igor Sysoev)
Date: Fri, 29 Jun 2012 09:59:27 +0400
Subject: unique_id
In-Reply-To: <CAKsTx7B00cxKz-OnJVBwkDeLVo0ixT4_KiHxCGPD=5gUyNpYDg@mail.gmail.com>
References: <CAPiPmQkZSOPjLmQ8vXkRxv3NsnghRti7Caz0-hh2ZJ=aRAhuMA@mail.gmail.com>
	<CAKsTx7B00cxKz-OnJVBwkDeLVo0ixT4_KiHxCGPD=5gUyNpYDg@mail.gmail.com>
Message-ID: <F70CAE70-7F8A-4200-8D15-B71F7AA85B33@sysoev.ru>

http://nginx.org/en/docs/http/ngx_http_userid_module.html


--
Igor Sysoev

On Jun 29, 2012, at 1:54 , Jonathan Matthews wrote:

> Resurrecting an old thread ...
> 
> On 18 July 2011 10:07, G?bor Farkas <gabor at nekomancer.net> wrote:
>> hi,
>> 
>> i need something like
>> http://httpd.apache.org/docs/current/mod/mod_unique_id.html (but for
>> nginx obviously).
>> 
>> basically i need nginx to generate some kind of
>> uuid/checksum/something-unique, that it can send to an
>> upstream-proxied server,
>> and also put into the logs. the idea is to be able to track the
>> 'lifetime' of a request as it traverses through nginx and into the
>> upstream server and then back into nginx.
> 
> I had exactly this idea too :-) I'm wondering if anyone has any input?
> 
> Some random thoughts:
> 
> I'd like to *avoid* using embedded LUA/Perl/etc, even though they have
> libraries that might do the actual (UU)ID generation. This is because,
> as the OP suggests, having this header inserted at the most external
> entry point to your network means you can track the request most
> completely across your infrastructure. On my external nginx instances
> (SSL-terminating, for example) I *really* like to keep the enabled
> modules as light as possible to decrease the machine's attack surface.
> 
> Linux exposes /proc/sys/kernel/random/uuid, which does the heavy
> lifting for us of generating a (UU)ID. Windows ... probably doesn't
> :-/
> 
> Is anyone doing anything like this? Am I missing a simple way of
> achieving the goal of injecting (relatively) unique IDs into my N-tier
> proxy_pass'd architecture?
> 
> Cheers!
> Jonathan
> -- 
> Jonathan Matthews
> Oxford, London, UK
> http://www.jpluscplusm.com/contact.html
> 
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx


From nginx-forum at nginx.us  Fri Jun 29 07:10:41 2012
From: nginx-forum at nginx.us (henn1nk)
Date: Fri, 29 Jun 2012 03:10:41 -0400 (EDT)
Subject: upstream server are always redirected as https
Message-ID: <2e6a246ace52e4b0a15169c0b5149a7d.NginxMailingListEnglish@forum.nginx.org>

I am always redirect to https://mydomain .... How can i STOP this?


upstream navi_profi_server {
	server unix:/tmp/navi-profi.sock fail_timeout=0;
}

server {
	listen 80;
	client_max_body_size 4G;
	server_name _;
	keepalive_timeout 5;
	root /home/navi-profi/app/current/;

	location / {
		proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
		proxy_set_header Host $http_host;
		proxy_redirect off;

		if (!-f $request_filename) {
			proxy_pass http://navi_profi_server;
			break;
		}
	}

	error_page 500 502 503 504 /500.html;
	location = /500.html {
		root /home/navi-profi/app/shared/public;
	}
}

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,228086,228086#msg-228086


From shahzaib.cb at gmail.com  Fri Jun 29 12:02:16 2012
From: shahzaib.cb at gmail.com (shahzaib shahzaib)
Date: Fri, 29 Jun 2012 17:02:16 +0500
Subject: nginx-1.3.2
In-Reply-To: <CAGo79UV7OUT-2Pj=2e=f=i=wiMvHs3ZF1saE1kLaKGb4m5d=eg@mail.gmail.com>
References: <20120626140023.GJ31671@mdounin.ru>
	<CAGo79UV7OUT-2Pj=2e=f=i=wiMvHs3ZF1saE1kLaKGb4m5d=eg@mail.gmail.com>
Message-ID: <CAD3xhrM+FBVqeJsddDmTmqCxyVpv2xEUmuXUywB+fpC9kwM+kQ@mail.gmail.com>

@Maxim i've converted my flv video using flvmdi tool with this command
flvmdi test.flv sample.flv /k /x & it created flv file keyframes and save
into xml file, but still when i try to play the video from given keyframe,
does'nt show anything. Waiting for your help. Thanks

On Thu, Jun 28, 2012 at 6:06 PM, Kevin Worthington
<kworthington at gmail.com>wrote:

> Hello Nginx Users,
>
> Now available: Nginx 1.3.2 For Windows http://goo.gl/2aSez (32-bit and
> 64-bit versions)
>
> These versions are to support legacy users who are already using
> Cygwin based builds of Nginx. Officially supported native Windows
> binaries are at nginx.org.
>
> Announcements are also available via my Twitter stream, listed below
> if you'd like updates that way.
>
> Thank you,
> Kevin
> --
> Kevin Worthington
> kworthington *@* (gmail]  [dot} {com)
> http://kevinworthington.com/
> http://twitter.com/kworthington
>
>
> On Tue, Jun 26, 2012 at 10:00 AM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> > Changes with nginx 1.3.2                                         26 Jun
> 2012
> >
> >    *) Change: the "single" parameter of the "keepalive" directive is now
> >       ignored.
> >
> >    *) Change: SSL compression is now disabled when using all versions of
> >       OpenSSL, including ones prior to 1.0.0.
> >
> >    *) Feature: it is now possible to use the "ip_hash" directive to
> balance
> >       IPv6 clients.
> >
> >    *) Feature: the $status variable can now be used not only in the
> >       "log_format" directive.
> >
> >    *) Bugfix: a segmentation fault might occur in a worker process on
> >       shutdown if the "resolver" directive was used.
> >
> >    *) Bugfix: a segmentation fault might occur in a worker process if the
> >       ngx_http_mp4_module was used.
> >
> >    *) Bugfix: in the ngx_http_mp4_module.
> >
> >    *) Bugfix: a segmentation fault might occur in a worker process if
> >       conflicting wildcard server names were used.
> >
> >    *) Bugfix: nginx might be terminated abnormally on a SIGBUS signal on
> >       ARM platform.
> >
> >    *) Bugfix: an alert "sendmsg() failed (9: Bad file number)" on HP-UX
> >       while reconfiguration.
> >
> >
> > Maxim Dounin
> >
> > _______________________________________________
> > nginx mailing list
> > nginx at nginx.org
> > http://mailman.nginx.org/mailman/listinfo/nginx
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120629/c8760120/attachment.html>

From contact at jpluscplusm.com  Fri Jun 29 13:07:09 2012
From: contact at jpluscplusm.com (Jonathan Matthews)
Date: Fri, 29 Jun 2012 14:07:09 +0100
Subject: unique_id
In-Reply-To: <F70CAE70-7F8A-4200-8D15-B71F7AA85B33@sysoev.ru>
References: <CAPiPmQkZSOPjLmQ8vXkRxv3NsnghRti7Caz0-hh2ZJ=aRAhuMA@mail.gmail.com>
	<CAKsTx7B00cxKz-OnJVBwkDeLVo0ixT4_KiHxCGPD=5gUyNpYDg@mail.gmail.com>
	<F70CAE70-7F8A-4200-8D15-B71F7AA85B33@sysoev.ru>
Message-ID: <CAKsTx7DFgmOxWp2z9RWWKtQUPRUVVEJ5V4jayvqBKSgU8MHhsQ@mail.gmail.com>

On 29 June 2012 06:59, Igor Sysoev <igor at sysoev.ru> wrote:
> http://nginx.org/en/docs/http/ngx_http_userid_module.html

Thanks for the pointer, Igor.
I can't quite see how to use this to generate *solely* a new header to
add to the subsequent proxy_pass'd requests. I was /imagining/ that,
if I were get into the depths of actually writing a module, it'd
expose something like

  proxy_set_header X-UUID $new_uuid;

I'm definitely /not/ looking to pass a cookie back to the consumer -
that's not the aim at all, and wouldn't work in my architecture.
Am I missing something obvious about how to use this module?

Jonathan
-- 
Jonathan Matthews
Oxford, London, UK
http://www.jpluscplusm.com/contact.html


From mat999 at gmail.com  Fri Jun 29 13:28:08 2012
From: mat999 at gmail.com (mat999 at gmail.com)
Date: Fri, 29 Jun 2012 23:28:08 +1000
Subject: Proxy cache max size
Message-ID: <39249915-61D3-4E86-8795-6EF5309932ED@gmail.com>

I have a question. If the file being written to a cache exceeds max size what behavior happens? As I can think of it there are 3 possible outcomes.

1. File is written and later cleaned up by the cache manager (bad)
2. File isnt written. It is recognized that it can't be cached.
3. The file is written and truncated (bad)

Thanks

 

Sent from my iPad

From mdounin at mdounin.ru  Fri Jun 29 13:55:46 2012
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 29 Jun 2012 17:55:46 +0400
Subject: Proxy cache max size
In-Reply-To: <39249915-61D3-4E86-8795-6EF5309932ED@gmail.com>
References: <39249915-61D3-4E86-8795-6EF5309932ED@gmail.com>
Message-ID: <20120629135546.GO31671@mdounin.ru>

Hello!

On Fri, Jun 29, 2012 at 11:28:08PM +1000, mat999 at gmail.com wrote:

> I have a question. If the file being written to a cache exceeds max size what behavior happens? As I can think of it there are 3 possible outcomes.
> 
> 1. File is written and later cleaned up by the cache manager (bad)
> 2. File isnt written. It is recognized that it can't be cached.
> 3. The file is written and truncated (bad)
> 
> Thanks

The file is written, and later cleaned up by the cache manager.

It might even be used for a while to serve requests, as it takes 
some time (up to 10 seconds) for the cache manager to recognize 
the max_size limit was exceeded and least recently used files 
should be removed from the cache.

Maxim Dounin


From contact at jpluscplusm.com  Fri Jun 29 13:59:44 2012
From: contact at jpluscplusm.com (Jonathan Matthews)
Date: Fri, 29 Jun 2012 14:59:44 +0100
Subject: upstream server are always redirected as https
In-Reply-To: <2e6a246ace52e4b0a15169c0b5149a7d.NginxMailingListEnglish@forum.nginx.org>
References: <2e6a246ace52e4b0a15169c0b5149a7d.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <CAKsTx7AvsjBTjQOLzb2F4jhojozkLAoMzDM_EmHm76uMM4Vh3w@mail.gmail.com>

On 29 June 2012 08:10, henn1nk <nginx-forum at nginx.us> wrote:
> I am always redirect to https://mydomain .... How can i STOP this?

Nothing in the nginx config you posted is doing this. It's almost
certainly your application that's choosing to issue the redirect.
If I had to guess, I'd suggest that your app is redirecting you, a
non-logged-in user, to a login page, which it insists on serving over
HTTPS so your login creds can't get sniffed.

You can verify that it's the app that's doing this by either

* watching your app's (*not* nginx's) per-request logs and seeing a
301/302 get issued or
* doing a "curl -v" against the URI you're hitting in your browser,
and looking out for response headers that let you know it's definitely
app responding, not nginx (for example "X-Powered-By:", etc) or
* doing a "curl -v" against the app *directly*, without involving
nginx, and seeing the 301/302 get issued.

Something like that, anyway; I hope you get the idea.

To stop this being a problem, you either need to

* set up an SSL nginx server which informs the app that it's a secure
connection or
* lie to the app, and tell it that the HTTP connection is actually secure
* tell the app not to insist on an SSL login.

I'd suggest you do the first of these. The "X-Forwarded-Proto" header
may be your friend. Have a google.

HTH,
Jonathan
-- 
Jonathan Matthews
Oxford, London, UK
http://www.jpluscplusm.com/contact.html


From soracchi at netbuilder.it  Fri Jun 29 16:14:43 2012
From: soracchi at netbuilder.it (Andrea Soracchi)
Date: Fri, 29 Jun 2012 18:14:43 +0200 (CEST)
Subject: Upstream module
In-Reply-To: <32488745.335.1340984637406.JavaMail.sorry@sorry>
Message-ID: <18325698.366.1340986827527.JavaMail.sorry@sorry>

Hi,

this is a piece of zimbra's nginx proxy default configuration:

http
{
    .....

    upstream zimbra
    {
            server   mbs1.server.it:8080;

        zmauth;
    }

    # HTTP route lookup handlers
    #
        zmroutehandlers   mbs1.server.it:7072/service/extension/nginx-lookup;

    zmroute_timeout 15000ms;

   .....
}

I have the same needs: the HTTP servers upstream must change according to the value written inside the cookie zmauth.

Does an add-on exist?

Please help me,

thank you 


-- 
Andrea Soracchi - Netbuilder S.r.l. 
Multidialogo : La storia e' fatta da chi sa comunicare 
System Engineer // t. +39 0521 247791 // f. +39 0521 7431140 // www.netbuilder.it 



From nginx-forum at nginx.us  Fri Jun 29 18:42:16 2012
From: nginx-forum at nginx.us (x7311)
Date: Fri, 29 Jun 2012 14:42:16 -0400 (EDT)
Subject: proxy server needs to point to two servers
Message-ID: <13cccb96ef93f3aef604a2ae1fc30674.NginxMailingListEnglish@forum.nginx.org>

Hi all.

Our machines are behind a private firewall. I have a master machine as
proxy server so two machines (production and development) can be
accessed publicly. 

So I can access production as  http://public_url/app1, 
http://public_url/app2,  http://pbulic_url/app3
and development as
http://public_url/dev/app1, etc  (actually, dev.public_url) would be a
better option.

However, with the config below, I cannot access the development machine
at all. 

This is the site-enabled/default configuration we have on the proxy
server

server {
        listen 80;
        client_max_body_size 200M;
        server_name localhost 127.0.0.1;
        server_name_in_redirect off;

        location / {
                proxy_pass http://10.10.0.59;
                proxy_redirect default;
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
        }
}

and I want to add a second server block because I need to support
development server as well.

My attempt with the second server block...

server {
        listen 80;
        client_max_body_size 200M;
        server_name localhost 127.0.0.1;
        server_name_in_redirect off;

        location ^~ /dev/ {
                proxy_pass http://10.10.0.56;
                proxy_redirect default;
                rewrite /dev/(.*) /$1 break;
                proxy_set_header Host $http_host;
                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For
$proxy_add_x_forwarded_for;
        }
}

How can I fix my error? I know I am terrible with nginx configuration...
thanks!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,228113,228113#msg-228113


From francis at daoine.org  Fri Jun 29 19:50:07 2012
From: francis at daoine.org (Francis Daly)
Date: Fri, 29 Jun 2012 20:50:07 +0100
Subject: proxy server needs to point to two servers
In-Reply-To: <13cccb96ef93f3aef604a2ae1fc30674.NginxMailingListEnglish@forum.nginx.org>
References: <13cccb96ef93f3aef604a2ae1fc30674.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120629195007.GQ6210@craic.sysops.org>

On Fri, Jun 29, 2012 at 02:42:16PM -0400, x7311 wrote:

Hi there,

> So I can access production as  http://public_url/app1, 
> http://public_url/app2,  http://pbulic_url/app3
> and development as
> http://public_url/dev/app1, etc  (actually, dev.public_url) would be a
> better option.

dev.public_url is probably easier to use, with your configuration below.

The server_name directive is used to choose which one server will handle
this request. Because you have two server blocks with the same server_name
values, the second one will never be used.

> server {
>         listen 80;
>         client_max_body_size 200M;
>         server_name localhost 127.0.0.1;

Probably include public_url there, if that is the name that you are
using to access the server.

> My attempt with the second server block...
> 
> server {
>         listen 80;
>         client_max_body_size 200M;
>         server_name localhost 127.0.0.1;

and include dev.public_url there, so that this server block has a chance
of being used.

Once you are using this server block, then you can see if there are any
problems with the configuration inside it. It might all work perfectly
as-is.

	f
-- 
Francis Daly        francis at daoine.org


From nginx-forum at nginx.us  Fri Jun 29 20:11:12 2012
From: nginx-forum at nginx.us (akia)
Date: Fri, 29 Jun 2012 16:11:12 -0400 (EDT)
Subject: Converting Rewrite rules
In-Reply-To: <6dc28bc02ec9aef2e8d523a4b7082a89.NginxMailingListEnglish@forum.nginx.org>
References: <6dc28bc02ec9aef2e8d523a4b7082a89.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <c535abaed2797a220667c94ac8af419f.NginxMailingListEnglish@forum.nginx.org>

Yea thats what I used to get the current rewrite rules in the first
place but they are not working.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,228027,228115#msg-228115


From nginx-forum at nginx.us  Fri Jun 29 21:20:02 2012
From: nginx-forum at nginx.us (x7311)
Date: Fri, 29 Jun 2012 17:20:02 -0400 (EDT)
Subject: proxy server needs to point to two servers
In-Reply-To: <13cccb96ef93f3aef604a2ae1fc30674.NginxMailingListEnglish@forum.nginx.org>
References: <13cccb96ef93f3aef604a2ae1fc30674.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <0aeea788220743d734ced3def1121f26.NginxMailingListEnglish@forum.nginx.org>

Francis,
Thanks for the great help.

Here is the update nginx configuration.
http://pastebin.com/736sxcmK

The public domain is actually an ip-address of the server. Let's called
it 999.99.99.99

Since they are behind private firewall, for me to access this (at this
stage), I have to SSH tunnel into the master server 999.99.99.99. In any
case, I ping dev.999.99.99.99 on the master server and it said unknown
services.

So I edited my 
http://pastebin.com/VME5c4Dw

I can now ping dev.999.99.99.99 but I think this is so laughable... it
seems like I don't really know what I am doing :(

me at my_PC:~$ ssh studentXYZ at student.college.edu -L 1234:dev.999.99.99:80
-N
studentXYZ at student.college.edu's password: 
channel 2: open failed: administratively prohibited: open failed
channel 2: open failed: administratively prohibited: open failed
channel 2: open failed: administratively prohibited: open failed
channel 2: open failed: administratively prohibited: open failed
channel 2: open failed: administratively prohibited: open failed

It seems like I didn't have it right...
Thanks for all the help so far.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,228113,228118#msg-228118


From nginx-forum at nginx.us  Sat Jun 30 01:32:21 2012
From: nginx-forum at nginx.us (Jiff)
Date: Fri, 29 Jun 2012 21:32:21 -0400 (EDT)
Subject: dokuwiki not in root problem of regexp
Message-ID: <d5ffc56dc4c37bb6e13e6db3c16a30ef.NginxMailingListEnglish@forum.nginx.org>

Hi forumers,

I'm trying to set a configuration up for DW but I'm going mad with the
regexps:(

My starter is the conf file found on the nginx wiki, but modified not to
point DW to the server root:
server {
   server_name wiki.domain.tld;
###   root /var/www/dokuwiki;
   root /var/www;
 
   location /dokuwiki {
      index doku.php;
      try_files $uri $uri/ @dokuwiki;
   }
bla bla bla

And here I'm stuck.
Original dirs exclusion: 
   location ~ /(data|conf|bin|inc)/ {
      deny all;
   }

Of course, this won't work w/ my changes, and I'm totally unable to find
the right syntax to exclude these dirs from this conf (made many
unsuccessful tests:(

In my mind it _should_ be: "location ~/dokuwiki/(data|conf|bin|inc)/"
but it don't work, sniff.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,228124,228124#msg-228124


From shahzaib.cb at gmail.com  Sat Jun 30 06:17:09 2012
From: shahzaib.cb at gmail.com (shahzaib shahzaib)
Date: Sat, 30 Jun 2012 11:17:09 +0500
Subject: nginx-1.3.2
In-Reply-To: <CAD3xhrM+FBVqeJsddDmTmqCxyVpv2xEUmuXUywB+fpC9kwM+kQ@mail.gmail.com>
References: <20120626140023.GJ31671@mdounin.ru>
	<CAGo79UV7OUT-2Pj=2e=f=i=wiMvHs3ZF1saE1kLaKGb4m5d=eg@mail.gmail.com>
	<CAD3xhrM+FBVqeJsddDmTmqCxyVpv2xEUmuXUywB+fpC9kwM+kQ@mail.gmail.com>
Message-ID: <CAD3xhrP1OtPoO2AQ1G6ojqB3BmreouxaAvzjSwSCk=wp8bfGxQ@mail.gmail.com>

Thats my starter of nginx.conf
Server {

location ~ \.flv$ {
    flv;
}

location /videos {
    root /usr/local/nginx/html;
    index index.php index.html;
    autoindex on;
}
}

On Fri, Jun 29, 2012 at 5:02 PM, shahzaib shahzaib <shahzaib.cb at gmail.com>wrote:

> @Maxim i've converted my flv video using flvmdi tool with this command
> flvmdi test.flv sample.flv /k /x & it created flv file keyframes and save
> into xml file, but still when i try to play the video from given keyframe,
> does'nt show anything. Waiting for your help. Thanks
>
>
> On Thu, Jun 28, 2012 at 6:06 PM, Kevin Worthington <kworthington at gmail.com
> > wrote:
>
>> Hello Nginx Users,
>>
>> Now available: Nginx 1.3.2 For Windows http://goo.gl/2aSez (32-bit and
>> 64-bit versions)
>>
>> These versions are to support legacy users who are already using
>> Cygwin based builds of Nginx. Officially supported native Windows
>> binaries are at nginx.org.
>>
>> Announcements are also available via my Twitter stream, listed below
>> if you'd like updates that way.
>>
>> Thank you,
>> Kevin
>> --
>> Kevin Worthington
>> kworthington *@* (gmail]  [dot} {com)
>> http://kevinworthington.com/
>> http://twitter.com/kworthington
>>
>>
>> On Tue, Jun 26, 2012 at 10:00 AM, Maxim Dounin <mdounin at mdounin.ru>
>> wrote:
>> > Changes with nginx 1.3.2                                         26 Jun
>> 2012
>> >
>> >    *) Change: the "single" parameter of the "keepalive" directive is now
>> >       ignored.
>> >
>> >    *) Change: SSL compression is now disabled when using all versions of
>> >       OpenSSL, including ones prior to 1.0.0.
>> >
>> >    *) Feature: it is now possible to use the "ip_hash" directive to
>> balance
>> >       IPv6 clients.
>> >
>> >    *) Feature: the $status variable can now be used not only in the
>> >       "log_format" directive.
>> >
>> >    *) Bugfix: a segmentation fault might occur in a worker process on
>> >       shutdown if the "resolver" directive was used.
>> >
>> >    *) Bugfix: a segmentation fault might occur in a worker process if
>> the
>> >       ngx_http_mp4_module was used.
>> >
>> >    *) Bugfix: in the ngx_http_mp4_module.
>> >
>> >    *) Bugfix: a segmentation fault might occur in a worker process if
>> >       conflicting wildcard server names were used.
>> >
>> >    *) Bugfix: nginx might be terminated abnormally on a SIGBUS signal on
>> >       ARM platform.
>> >
>> >    *) Bugfix: an alert "sendmsg() failed (9: Bad file number)" on HP-UX
>> >       while reconfiguration.
>> >
>> >
>> > Maxim Dounin
>> >
>> > _______________________________________________
>> > nginx mailing list
>> > nginx at nginx.org
>> > http://mailman.nginx.org/mailman/listinfo/nginx
>>
>> _______________________________________________
>> nginx mailing list
>> nginx at nginx.org
>> http://mailman.nginx.org/mailman/listinfo/nginx
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120630/239b9e5a/attachment.html>

From mat999 at gmail.com  Sat Jun 30 07:20:38 2012
From: mat999 at gmail.com (SplitIce)
Date: Sat, 30 Jun 2012 17:20:38 +1000
Subject: Proxy cache max size
In-Reply-To: <20120629135546.GO31671@mdounin.ru>
References: <39249915-61D3-4E86-8795-6EF5309932ED@gmail.com>
	<20120629135546.GO31671@mdounin.ru>
Message-ID: <CALFfGYbyzN5ei5uxKJ-u=WERoYXdhq4nooM10_tvGWVZvorcyA@mail.gmail.com>

Hmm this presents a rather large issue for me.

Is it possible to get the upstream response size in lua and set a variable
to influence proxy_no_cache? If it is ill learn lua.

On Fri, Jun 29, 2012 at 11:55 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:

> Hello!
>
> On Fri, Jun 29, 2012 at 11:28:08PM +1000, mat999 at gmail.com wrote:
>
> > I have a question. If the file being written to a cache exceeds max size
> what behavior happens? As I can think of it there are 3 possible outcomes.
> >
> > 1. File is written and later cleaned up by the cache manager (bad)
> > 2. File isnt written. It is recognized that it can't be cached.
> > 3. The file is written and truncated (bad)
> >
> > Thanks
>
> The file is written, and later cleaned up by the cache manager.
>
> It might even be used for a while to serve requests, as it takes
> some time (up to 10 seconds) for the cache manager to recognize
> the max_size limit was exceeded and least recently used files
> should be removed from the cache.
>
> Maxim Dounin
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120630/0d170a3d/attachment.html>

From nginx-forum at nginx.us  Sat Jun 30 10:35:58 2012
From: nginx-forum at nginx.us (n1xman)
Date: Sat, 30 Jun 2012 06:35:58 -0400 (EDT)
Subject: nginx-sticky & nginx_http_upstream_check modules not working
	together
In-Reply-To: <ec1e8dadfc770c5b59dc45557e0f95d8.NginxMailingListEnglish@forum.nginx.org>
References: <ec1e8dadfc770c5b59dc45557e0f95d8.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <14d65d84bcef5ffb348da9ff6c08deaf.NginxMailingListEnglish@forum.nginx.org>

Hi ???,

Thanks for the update and it is noted. However, why we would like to use
sticky instead of ip_hash or upstream_fair as we want to make sure
persistence browser (using cookie) instead of client connecting IP as
sometimes they are behind proxies.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,227937,228138#msg-228138


From francis at daoine.org  Sat Jun 30 11:41:25 2012
From: francis at daoine.org (Francis Daly)
Date: Sat, 30 Jun 2012 12:41:25 +0100
Subject: proxy server needs to point to two servers
In-Reply-To: <0aeea788220743d734ced3def1121f26.NginxMailingListEnglish@forum.nginx.org>
References: <13cccb96ef93f3aef604a2ae1fc30674.NginxMailingListEnglish@forum.nginx.org>
	<0aeea788220743d734ced3def1121f26.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120630114125.GR6210@craic.sysops.org>

On Fri, Jun 29, 2012 at 05:20:02PM -0400, x7311 wrote:

Hi there,

> The public domain is actually an ip-address of the server. Let's called
> it 999.99.99.99

If you want two different server{} blocks, then with your setup you must
use two different hostnames to access them.

The default server could use the ip address; the dev server must use
something else. The easiest way is probably to add an address/name
pair to the hosts file on your client (web browser) machine, so that
your 999.99.99.99 resolves to "dev.example.com" for you.

I see below that you have done something like this.

Then put "server_name dev.example.com" in the server block that refers
to the dev system.

(An alternative is to continue using just the address to access the server;
but then you probably want both configurations in the same server{}
block, and you will have to change something to make sure that the right
request goes to the right proxy_pass upstream server.

Depending on what your upstream does, that may or may not be easy.)

> I can now ping dev.999.99.99.99 but I think this is so laughable... it
> seems like I don't really know what I am doing :(

This is "networking", not "nginx".  Do whatever ssh'ing that you already
do, using *only* the ip addresses like you already do. (If you need
an ssh tunnel to get to the ip:port of nginx, then you only need one
tunnel to get to both the live and dev servers, because they are on the
same ip:port.)

The only extra change to make it that in your web browser, use the
dev.whatever name. If you want to test from a different machine, you
must also add the temporary entry into the hosts file there.

And you must make sure that you use the same dev.whatever name in (a)
your web browser; (b) your hosts file; and (c) your nginx conf file.

Your examples seem to use different numbers of 9s.

Good luck with it,

	f
-- 
Francis Daly        francis at daoine.org


From francis at daoine.org  Sat Jun 30 12:13:30 2012
From: francis at daoine.org (Francis Daly)
Date: Sat, 30 Jun 2012 13:13:30 +0100
Subject: dokuwiki not in root problem of regexp
In-Reply-To: <d5ffc56dc4c37bb6e13e6db3c16a30ef.NginxMailingListEnglish@forum.nginx.org>
References: <d5ffc56dc4c37bb6e13e6db3c16a30ef.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120630121330.GS6210@craic.sysops.org>

On Fri, Jun 29, 2012 at 09:32:21PM -0400, Jiff wrote:

Hi there,

I don't know dokuwiki, so this is all untested, but...

> Original dirs exclusion: 
>    location ~ /(data|conf|bin|inc)/ {
>       deny all;
>    }
> 
> Of course, this won't work w/ my changes,

...why "of course"?

The original example wanted to block access to /data/ and
/something/data/; you now want to block access to /dokuwiki/data/
and /dokuwiki/something/data/.

This location block will match all of those (depending on what else is
in your config file).

> In my mind it _should_ be: "location ~/dokuwiki/(data|conf|bin|inc)/"

That looks to me like it should also work...

> but it don't work, sniff.

...so there is something else going on.

What one url did you access to test this?

What response did you see?

What response did you expect to see?

If you provide your config file, or at least the full list of top-level
location definitions, someone may be able to point out why the second
and third answers differ.

http://nginx.org/r/location

Does the example config in
http://bugs.dokuwiki.org/index.php?do=details&task_id=2388 provide any
useful hints?

Good luck with it,

	f
-- 
Francis Daly        francis at daoine.org


From nginx-forum at nginx.us  Sat Jun 30 14:25:41 2012
From: nginx-forum at nginx.us (Jiff)
Date: Sat, 30 Jun 2012 10:25:41 -0400 (EDT)
Subject: dokuwiki not in root problem of regexp
In-Reply-To: <20120630121330.GS6210@craic.sysops.org>
References: <20120630121330.GS6210@craic.sysops.org>
Message-ID: <ccef5fd51fca09766eab18819173653a.NginxMailingListEnglish@forum.nginx.org>

Hi Francis,

> > Original dirs exclusion: 
> >    location ~ /(data|conf|bin|inc)/ {
> >       deny all;
> >    }
> > 
> > Of course, this won't work w/ my changes,
> 
> ....why "of course"?

I'm cursed w/ IT & electronics: they hate me,
I must have pissed off Murphy in another live:):(
 
> The original example wanted to block access to
> /data/ and
> /something/data/; you now want to block access to
> /dokuwiki/data/
> and /dokuwiki/something/data/.
> 
> This location block will match all of those
> (depending on what else is
> in your config file).
> 
> > In my mind it _should_ be: "location
> ~/dokuwiki/(data|conf|bin|inc)/"
> 
> That looks to me like it should also work...

Yep, I read the docs and found a useful link toward
perl regexps, so I thought this would have worked
(I must say I didn't understand it fully: eg: at this time
I don't really know the difference between .* and (.*)  ).

> What one url did you access to test this?

conf say:  root  mydyndnsdom.org
(I've set an authoritative zone for it in the LAN,
returning: 192.168.1.50)
I access it by:  http://mydyndnsdom.org
 
> What response did you see?

192.168.1.50 - - [30/Jun/2012:07:37:40 +0200] "GET
/dokuwiki/lib/tpl/default/images/button-dw.png HTTP/1.1" 444 0
"http://mydyndnsdom.org/install.php" "Mozilla/5.0 (X11; U; Linux i686;
en-US; rv:1.9.1.16) Gecko/20120603 Iceape/2.0.11"

444 is what I intend to use when stable; however, for 
tests my block is:
location ~ /dokuwiki/(data|conf|bin|inc)/ {
   return 403;
}

> What response did you expect to see?

a 200 one

> If you provide your config file, or at least the
> full list of top-level
> location definitions, someone may be able to point
> out why the second
> and third answers differ.

server_name  mydyndnsdom.org;
root               /var/www;
listen             80;
index             doku.php;

location ~ \.php$ {
   if (!-f $request_filename) { 
      return   403;
   }
   include            fastcgi_params;
   fastcgi_index    doku.php;
   fastcgi_param   SCRIPT_FILENAME    
$document_root$fastcgi_script_name;
   # PB:   Sometimes a 400 is returned
   # SOLT: http://forum.dokuwiki.org/thread/4855
   fastcgi_pass     unix:/var/run/php5-fpm.socket;
}

# Common conf file between HTTP & HTTPS confs
include  
/etc/nginx/sites-available/mydyndnsdom.org_DOKUWIKI_http_https_COMMON.conf;

========

in COMMON file:

location ~ /dokuwiki/(data|conf|bin|inc)/ {
   return 403;
}

location ~* \.(js|css|png|jpg|jpeg|gif|ico)$  {
   expires             30d;
   access_log       off;
   log_not_found   off;
}

location /dokuwiki {
   location / {
   index     doku.php;
   try_files $uri $uri/ @dokuwiki;
}

location   @dokuwiki {
   rewrite    ^/dokuwiki/_media/(.*)           
/lib/exe/fetch.php?media=$1         last;
   rewrite    ^/dokuwiki/_detail/(.*)            
/lib/exe/detail.php?media=$1        last;
   rewrite    ^/dokuwiki/_export/([^/]+)/(.*)  
/doku.php?do=export_$1&id=$2   last;
   rewrite    ^/dokuwiki/(.*)                      
/doku.php?id=$1&$args               last;
}

> http://nginx.org/r/location

This matches the link I read about regexps.
 
> Does the example config in
> http://bugs.dokuwiki.org/index.php?do=details&task
> _id=2388 provide any
> useful hints?

Oh, I see; but there's something strange: he only modify one path;
but others nest in the same place, so he logically should have
split the original block in 4 blocks, no? (last post).

> Good luck with it,

Thanks.

This night, I found that the unstable Debian pkg (last version)
also fit into stable branch, so I flipped in it (easier maintenance).

Now, I'm gonna restart and modify my nginx conf+DW
according to all information you gave me.

I'll keep you aware about the issue.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,228124,228145#msg-228145


From francis at daoine.org  Sat Jun 30 15:42:17 2012
From: francis at daoine.org (Francis Daly)
Date: Sat, 30 Jun 2012 16:42:17 +0100
Subject: dokuwiki not in root problem of regexp
In-Reply-To: <ccef5fd51fca09766eab18819173653a.NginxMailingListEnglish@forum.nginx.org>
References: <20120630121330.GS6210@craic.sysops.org>
	<ccef5fd51fca09766eab18819173653a.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20120630154217.GT6210@craic.sysops.org>

On Sat, Jun 30, 2012 at 10:25:41AM -0400, Jiff wrote:

Hi there,

> > > In my mind it _should_ be: "location
> > ~/dokuwiki/(data|conf|bin|inc)/"
> > 
> > That looks to me like it should also work...

...for /dokuwiki/data/, but not for /dokuwiki/something/data/ -- the
difference may not matter here.

> (I must say I didn't understand it fully: eg: at this time
> I don't really know the difference between .* and (.*)  ).

"perldoc perlre". The short version is: capture.

> > What one url did you access to test this?
> 
> conf say:  root  mydyndnsdom.org
> (I've set an authoritative zone for it in the LAN,
> returning: 192.168.1.50)
> I access it by:  http://mydyndnsdom.org

The specific url you tried was

http://mydyndnsdom.org/dokuwiki/lib/tpl/default/images/button-dw.png

> > What response did you see?
> 
> 192.168.1.50 - - [30/Jun/2012:07:37:40 +0200] "GET
> /dokuwiki/lib/tpl/default/images/button-dw.png HTTP/1.1" 444 0
> "http://mydyndnsdom.org/install.php" "Mozilla/5.0 (X11; U; Linux i686;
> en-US; rv:1.9.1.16) Gecko/20120603 Iceape/2.0.11"

HTTP 444 is not a standard return code. It is used within nginx as a
"just close the connection" signal. The config you have shown does not
include 444 anywhere that I can see.

> 444 is what I intend to use when stable; however, for 
> tests my block is:
> location ~ /dokuwiki/(data|conf|bin|inc)/ {
>    return 403;
> }

/dokuwiki/lib/tpl/default/images/button-dw.png does not match this
location, and so this config will not be used.

Also, it looks like you are using http://mydyndnsdom.org/install.php,
not http://mydyndnsdom.org/dokuwiki/install.php, as the starting point. Is
that expected?

> > What response did you expect to see?
> 
> a 200 one

According to the config you posted,
/dokuwiki/lib/tpl/default/images/button-dw.png should return the content
of the file /var/www/dokuwiki/lib/tpl/default/images/button-dw.png or
else 404.

> location ~ \.php$ {

> location ~ /dokuwiki/(data|conf|bin|inc)/ {

> location ~* \.(js|css|png|jpg|jpeg|gif|ico)$  {

That is the one that will match this one request.

> location /dokuwiki {

> location   @dokuwiki {


I don't see how the config you posted can lead to the access log you
posted. Maybe someone else will have better luck. Maybe enabling the
debug log will give more hints to where the problem it.

> > Does the example config in
> > http://bugs.dokuwiki.org/index.php?do=details&task
> > _id=2388 provide any
> > useful hints?
> 
> Oh, I see; but there's something strange: he only modify one path;
> but others nest in the same place, so he logically should have
> split the original block in 4 blocks, no? (last post).

Probably not. At that point it that report, they are talking about
"xsendfile" and are learning that nginx is not the same as apache.

It's not directly related to what you are reporting.

All the best,

	f
-- 
Francis Daly        francis at daoine.org


From brian at akins.org  Sat Jun 30 16:11:16 2012
From: brian at akins.org (Brian Akins)
Date: Sat, 30 Jun 2012 12:11:16 -0400
Subject: Proxy cache max size
In-Reply-To: <CALFfGYbyzN5ei5uxKJ-u=WERoYXdhq4nooM10_tvGWVZvorcyA@mail.gmail.com>
References: <39249915-61D3-4E86-8795-6EF5309932ED@gmail.com>
	<20120629135546.GO31671@mdounin.ru>
	<CALFfGYbyzN5ei5uxKJ-u=WERoYXdhq4nooM10_tvGWVZvorcyA@mail.gmail.com>
Message-ID: <83880F25-A88D-4F83-8E56-8127B9D4B489@akins.org>


On Jun 30, 2012, at 3:20 AM, SplitIce wrote:

> Hmm this presents a rather large issue for me.
> 
> Is it possible to get the upstream response size in lua and set a variable to influence proxy_no_cache? If it is ill learn lua.

By the time Lua gets involved, the response has already been cached (or not). 

You could do your own cache instead of proxy_cache, of course.  I have some things that store the "cache" in redis, for example. Could be memcache, custom cache, etc.

--Brian