From kaushalshriyan at gmail.com  Mon May  2 19:05:16 2022
From: kaushalshriyan at gmail.com (Kaushal Shriyan)
Date: Tue, 3 May 2022 00:35:16 +0530
Subject: Purge the Nginx cache
In-Reply-To: <CAD7Ssm8i0XMd1NwoP=bA_KwJaQnDXF0p0m09rd+YJqo84ypKOg@mail.gmail.com>
References: <CAD7Ssm-FNG=V06CQzKbK_O8iAwPq4Z8LJXW37_1Njw_oTXYMDQ@mail.gmail.com>
 <YmLemhRFGejch0Wp@FreeBSD.org.ru> <CAD7Ssm__okuV_w7umBzMSuBWbS0izCp1+UBzoatAHKTqA_1GDw@mail.gmail.com>
 <YmLn9Oiz8UVRxdN9@FreeBSD.org.ru> <CAD7Ssm9sMH+fQQYv2mQw6_pO-VcJd1S5HfEHJhiutKKgOKqYeg@mail.gmail.com>
 <CAD7Ssm9U9Oiifh4-52N3brBcZL11TKUr5aCed8goJ8Qjiqofrg@mail.gmail.com>
 <CAD7Ssm-t22LKasTmZZ4rtWd_GBsBffskpqRxShN0zHd2CWBspQ@mail.gmail.com>
 <YmhYV8e4dGrXwugG@FreeBSD.org.ru> <CAD7Ssm8s9ZbagH7vP3SkgK0NJN-9gJrpvg3PZx8K6T6QtqH5Yw@mail.gmail.com>
 <CAD7Ssm8i0XMd1NwoP=bA_KwJaQnDXF0p0m09rd+YJqo84ypKOg@mail.gmail.com>
Message-ID: <CAD7Ssm-zKJRfdKoAn=uA6OgzjuzPoTbSV_chGOVhsNQLPrugCw@mail.gmail.com>

Hi,

I am running the nginx version: nginx/1.20.2 (OSS) as a reverse proxy
server on CentOS Linux release 7.9.2009 (Core). I will appreciate it if
someone can pitch in for my post to this mailing list. Any recommendations
to purge nginx cache since i am using the Open Source version of Nginx?

Thanks in Advance.

Best Regards,

Kaushal


On Fri, Apr 29, 2022 at 11:44 PM Kaushal Shriyan <kaushalshriyan at gmail.com>
wrote:

>
> On Fri, Apr 29, 2022 at 12:54 AM Kaushal Shriyan <kaushalshriyan at gmail.com>
> wrote:
>
>> Hi,
>>
>> I am following
>> https://www.ryadel.com/en/nginx-purge-proxy-cache-delete-invalidate-linux-centos-7/
>> and https://bluegrid.io/edu/how-to-purge-the-nginx-cache/ to purge
>> cache. I am attaching the nginx file for your reference.
>>
>> $curl -I https://gsmanginxproxycachepurge.testapicraft.com -H
>> "secret-header: true"
>>
>> HTTP/1.1 200 OK
>> Server: nginx/1.20.2
>> Date: Thu, 28 Apr 2022 19:21:54 GMT
>> Content-Type: text/html; charset=UTF-8
>> Connection: keep-alive
>> Cache-Control: max-age=21600, public
>> Link: <https://gsmanginxproxycachepurge.testapicraft.com/>;
>> rel="canonical", <https://gsmanginxproxycachepurge.testapicraft.com/>;
>> rel="shortlink", <https://gsmanginxproxycachepurge.testapicraft.comhome>;
>> rel="revision"
>> X-UA-Compatible: IE=edge
>> Content-language: en
>> X-Content-Type-Options: nosniff
>> X-Frame-Options: SAMEORIGIN
>> Permissions-Policy: interest-cohort=()
>> Expires: Sun, 19 Nov 1978 05:00:00 GMT
>> Vary: Cookie
>> X-XSS-Protection: 1; mode=block
>> Strict-Transport-Security: max-age=31536000; includeSubDomains
>> Set-Cookie:
>> ADRUM_BT=R%3A0%7Cg%3A5277dd0a-8de6-440a-a8f7-52fb782db25114%7Cn%3Aicebergtest_e1c60ae6-5d00-47d5-8c0a-690d8465795f%7Ci%3A129601;
>> expires=Thu, 28-Apr-2022 19:14:45 GMT; Max-Age=30; path=/
>> Last-Modified: Tue, 26 Apr 2022 11:42:25 GMT
>> ETag: "1650973345"
>> Access-Control-Allow-Origin: *
>>
>> *X-Cache-Status: HIT*
>>
>> I am seeing it as HIT instead of BYPASS and I am not sure about this term
>> between HIT vs MISS vs BYPASS vs EXPIRED in context to Nginx cache.
>>
>> Please guide me. Thanks in advance.
>>
>> Best Regards,
>>
>> Kaushal
>>
>>>
>>>
> Hi,
>
> I will appreciate it if someone can pitch in for my earlier post to this
> mailing list. Thanks in Advance.
>
> Best Regards,
>
> Kaushal
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220503/dd5cea25/attachment.htm>

From francis at daoine.org  Tue May  3 08:26:06 2022
From: francis at daoine.org (Francis Daly)
Date: Tue, 3 May 2022 09:26:06 +0100
Subject: Purge the Nginx cache
In-Reply-To: <CAD7Ssm8s9ZbagH7vP3SkgK0NJN-9gJrpvg3PZx8K6T6QtqH5Yw@mail.gmail.com>
References: <CAD7Ssm-FNG=V06CQzKbK_O8iAwPq4Z8LJXW37_1Njw_oTXYMDQ@mail.gmail.com>
 <YmLemhRFGejch0Wp@FreeBSD.org.ru>
 <CAD7Ssm__okuV_w7umBzMSuBWbS0izCp1+UBzoatAHKTqA_1GDw@mail.gmail.com>
 <YmLn9Oiz8UVRxdN9@FreeBSD.org.ru>
 <CAD7Ssm9sMH+fQQYv2mQw6_pO-VcJd1S5HfEHJhiutKKgOKqYeg@mail.gmail.com>
 <CAD7Ssm9U9Oiifh4-52N3brBcZL11TKUr5aCed8goJ8Qjiqofrg@mail.gmail.com>
 <CAD7Ssm-t22LKasTmZZ4rtWd_GBsBffskpqRxShN0zHd2CWBspQ@mail.gmail.com>
 <YmhYV8e4dGrXwugG@FreeBSD.org.ru>
 <CAD7Ssm8s9ZbagH7vP3SkgK0NJN-9gJrpvg3PZx8K6T6QtqH5Yw@mail.gmail.com>
Message-ID: <20220503082606.GA14624@daoine.org>

On Fri, Apr 29, 2022 at 12:54:42AM +0530, Kaushal Shriyan wrote:

Hi there,

> I am following
> https://www.ryadel.com/en/nginx-purge-proxy-cache-delete-invalidate-linux-centos-7/
> and https://bluegrid.io/edu/how-to-purge-the-nginx-cache/ to purge cache. I
> am attaching the nginx file for your reference.

It's probably best to follow exactly one document, to avoid any confusion
from mixing things.

I think that you are following the second one here with its method number
2, using the stock nginx proxy_cache_bypass directive.

> $curl -I https://gsmanginxproxycachepurge.testapicraft.com -H
> "secret-header: true"

> *X-Cache-Status: HIT*
> 
> I am seeing it as HIT instead of BYPASS and I am not sure about this term
> between HIT vs MISS vs BYPASS vs EXPIRED in context to Nginx cache.

Your configuration for https://gsmanginxproxycachepurge.testapicraft.com
reads the $bypass variable if it is set; but it never sets it, so it will
be read as "empty", and the proxy_cache_bypass directive will *not*
cause the cache to be bypassed in this case.

If you want to use this method, you must ensure that your $bypass variable
is set for the one request that you are making.

Good luck with it,

	f
-- 
Francis Daly        francis at daoine.org


From francesco.montanari at outlook.com  Tue May  3 10:12:15 2022
From: francesco.montanari at outlook.com (Francesco Montanari)
Date: Tue, 3 May 2022 10:12:15 +0000
Subject: [warn] duplicate extension "woff"
Message-ID:  <PR3P193MB0895598055E037293B31C65EFDC09@PR3P193MB0895.EURP193.PROD.OUTLOOK.COM>

Hello,

first of all, I apologize if this is not the proper way to use a mailing list, I think I never used one and I didn't know they were still a thing 😅

However, after updating to the latest nginx mainline I started seeing this warning:

nginx: [warn] duplicate extension "woff", content type: "font/woff2", previous content type: "font/woff" in /etc/nginx/mime.types:29

so I wonder which one of the two lines should be deleted? I checked the file on Master but it has the same two rows: https://github.com/nginx/nginx/blob/master/conf/mime.types
Maybe this file should be updated as well?
[https://opengraph.githubassets.com/f85c548d3f674884d0a9c9555a7ece50817dbcf1674ce83abbae20a338667800/nginx/nginx]<https://github.com/nginx/nginx/blob/master/conf/mime.types>
nginx/mime.types at master · nginx/nginx · GitHub<https://github.com/nginx/nginx/blob/master/conf/mime.types>
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
github.com

Thank you

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220503/72d4a387/attachment.htm>

From kaushalshriyan at gmail.com  Tue May  3 10:29:48 2022
From: kaushalshriyan at gmail.com (Kaushal Shriyan)
Date: Tue, 3 May 2022 15:59:48 +0530
Subject: Purge the Nginx cache
In-Reply-To: <20220503082606.GA14624@daoine.org>
References: <CAD7Ssm-FNG=V06CQzKbK_O8iAwPq4Z8LJXW37_1Njw_oTXYMDQ@mail.gmail.com>
 <YmLemhRFGejch0Wp@FreeBSD.org.ru> <CAD7Ssm__okuV_w7umBzMSuBWbS0izCp1+UBzoatAHKTqA_1GDw@mail.gmail.com>
 <YmLn9Oiz8UVRxdN9@FreeBSD.org.ru> <CAD7Ssm9sMH+fQQYv2mQw6_pO-VcJd1S5HfEHJhiutKKgOKqYeg@mail.gmail.com>
 <CAD7Ssm9U9Oiifh4-52N3brBcZL11TKUr5aCed8goJ8Qjiqofrg@mail.gmail.com>
 <CAD7Ssm-t22LKasTmZZ4rtWd_GBsBffskpqRxShN0zHd2CWBspQ@mail.gmail.com>
 <YmhYV8e4dGrXwugG@FreeBSD.org.ru> <CAD7Ssm8s9ZbagH7vP3SkgK0NJN-9gJrpvg3PZx8K6T6QtqH5Yw@mail.gmail.com>
 <20220503082606.GA14624@daoine.org>
Message-ID: <CAD7Ssm-zkKQ5hbeV4oxezxm5NTk-_smnQmVrbcHoAEjwj3RWug@mail.gmail.com>

Hi Francis,

I am following https://bluegrid.io/edu/how-to-purge-the-nginx-cache/ and
have attached the nginx config file for your reference. I am running nginx
version: nginx/1.20.2 on CentOS Linux release 7.9.2009 (Core)

#curl -I https://testnginxproxycachepurge.testintcraft.com -H 'Cache-Purge:
true'
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 03 May 2022 10:24:24 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Cache-Control: max-age=21600, public
Link: <https://testnginxproxycachepurge.testintcraft.com/>;
rel="canonical", <https://testnginxproxycachepurge.testintcraft.com/>;
rel="shortlink", <https://testnginxproxycachepurge.testintcraft.com/home>;
rel="revision"
X-UA-Compatible: IE=edge
Content-language: en
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Permissions-Policy: interest-cohort=()
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Vary: Cookie
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie:
ADRUM_BT=R%3A0%7Cg%3A39ca00fc-b183-4fbf-95ad-494a6e7b8d1f99%7Cn%3Aicebergtest_e1c60ae6-5d00-47d5-8c0a-690d8465795f%7Ci%3A129601%7Cs%3Af%7Ch%3Ae;
expires=Tue, 03-May-2022 08:39:15 GMT; Max-Age=30; path=/
Last-Modified: Tue, 26 Apr 2022 11:42:25 GMT
ETag: "1650973345"
Access-Control-Allow-Origin: *
*X-Cache-Status: HIT*

Please guide me. Thanks in advance.

Best Regards,

Kaushal

On Tue, May 3, 2022 at 1:59 PM Francis Daly <francis at daoine.org> wrote:

> On Fri, Apr 29, 2022 at 12:54:42AM +0530, Kaushal Shriyan wrote:
>
> Hi there,
>
> > I am following
> >
> https://www.ryadel.com/en/nginx-purge-proxy-cache-delete-invalidate-linux-centos-7/
> > and https://bluegrid.io/edu/how-to-purge-the-nginx-cache/ to purge
> cache. I
> > am attaching the nginx file for your reference.
>
> It's probably best to follow exactly one document, to avoid any confusion
> from mixing things.
>
> I think that you are following the second one here with its method number
> 2, using the stock nginx proxy_cache_bypass directive.
>
> > $curl -I https://gsmanginxproxycachepurge.testapicraft.com -H
> > "secret-header: true"
>
> > *X-Cache-Status: HIT*
> >
> > I am seeing it as HIT instead of BYPASS and I am not sure about this term
> > between HIT vs MISS vs BYPASS vs EXPIRED in context to Nginx cache.
>
> Your configuration for https://gsmanginxproxycachepurge.testapicraft.com
> reads the $bypass variable if it is set; but it never sets it, so it will
> be read as "empty", and the proxy_cache_bypass directive will *not*
> cause the cache to be bypassed in this case.
>
> If you want to use this method, you must ensure that your $bypass variable
> is set for the one request that you are making.
>
> Good luck with it,
>
>         f
> --
> Francis Daly        francis at daoine.org
> _______________________________________________
> nginx mailing list -- nginx at nginx.org
> To unsubscribe send an email to nginx-leave at nginx.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220503/e7c2fb30/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginxdefault.conf
Type: application/octet-stream
Size: 5229 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220503/e7c2fb30/attachment.obj>

From francesco.montanari at outlook.com  Tue May  3 10:37:12 2022
From: francesco.montanari at outlook.com (Francesco Montanari)
Date: Tue, 3 May 2022 10:37:12 +0000
Subject: [warn] duplicate extension "woff"
In-Reply-To:  <PR3P193MB0895598055E037293B31C65EFDC09@PR3P193MB0895.EURP193.PROD.OUTLOOK.COM>
References:  <PR3P193MB0895598055E037293B31C65EFDC09@PR3P193MB0895.EURP193.PROD.OUTLOOK.COM>
Message-ID:  <PR3P193MB0895D2D0C24F3B21C0F0D131FDC09@PR3P193MB0895.EURP193.PROD.OUTLOOK.COM>

After checking better, I found where the issue is, I have

    font/woff2 woff;

Instead of
    font/woff2 woff2;

I’ll contact my package maintainer (ppa:ondrej/nginx-mainline on Ubuntu) so they can fix the issue



From: Francesco Montanari <francesco.montanari at outlook.com>
Sent: Tuesday, May 3, 2022 1:12 PM
To: nginx at nginx.org
Subject: [warn] duplicate extension "woff"

Hello,

first of all, I apologize if this is not the proper way to use a mailing list, I think I never used one and I didn't know they were still a thing 😅

However, after updating to the latest nginx mainline I started seeing this warning:

nginx: [warn] duplicate extension "woff", content type: "font/woff2", previous content type: "font/woff" in /etc/nginx/mime.types:29

so I wonder which one of the two lines should be deleted? I checked the file on Master but it has the same two rows: https://github.com/nginx/nginx/blob/master/conf/mime.types<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnginx%2Fnginx%2Fblob%2Fmaster%2Fconf%2Fmime.types&data=05%7C01%7C%7Ce30be8153f4b440c38ab08da2ced814c%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637871695837334287%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=m3xpFKdgOm2uh%2FRGqCI0vYJDgVjEcW7jdhCh5Ez0Gug%3D&reserved=0>
Maybe this file should be updated as well?
[https://opengraph.githubassets.com/f85c548d3f674884d0a9c9555a7ece50817dbcf1674ce83abbae20a338667800/nginx/nginx]<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnginx%2Fnginx%2Fblob%2Fmaster%2Fconf%2Fmime.types&data=05%7C01%7C%7Ce30be8153f4b440c38ab08da2ced814c%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637871695837334287%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=m3xpFKdgOm2uh%2FRGqCI0vYJDgVjEcW7jdhCh5Ez0Gug%3D&reserved=0>
nginx/mime.types at master · nginx/nginx · GitHub<https://nam12.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnginx%2Fnginx%2Fblob%2Fmaster%2Fconf%2Fmime.types&data=05%7C01%7C%7Ce30be8153f4b440c38ab08da2ced814c%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637871695837334287%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000%7C%7C%7C&sdata=m3xpFKdgOm2uh%2FRGqCI0vYJDgVjEcW7jdhCh5Ez0Gug%3D&reserved=0>
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
github.com

Thank you

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220503/566ef1fc/attachment.htm>

From francis at daoine.org  Tue May  3 11:57:11 2022
From: francis at daoine.org (Francis Daly)
Date: Tue, 3 May 2022 12:57:11 +0100
Subject: Purge the Nginx cache
In-Reply-To: <CAD7Ssm-zkKQ5hbeV4oxezxm5NTk-_smnQmVrbcHoAEjwj3RWug@mail.gmail.com>
References: <YmLemhRFGejch0Wp@FreeBSD.org.ru>
 <CAD7Ssm__okuV_w7umBzMSuBWbS0izCp1+UBzoatAHKTqA_1GDw@mail.gmail.com>
 <YmLn9Oiz8UVRxdN9@FreeBSD.org.ru>
 <CAD7Ssm9sMH+fQQYv2mQw6_pO-VcJd1S5HfEHJhiutKKgOKqYeg@mail.gmail.com>
 <CAD7Ssm9U9Oiifh4-52N3brBcZL11TKUr5aCed8goJ8Qjiqofrg@mail.gmail.com>
 <CAD7Ssm-t22LKasTmZZ4rtWd_GBsBffskpqRxShN0zHd2CWBspQ@mail.gmail.com>
 <YmhYV8e4dGrXwugG@FreeBSD.org.ru>
 <CAD7Ssm8s9ZbagH7vP3SkgK0NJN-9gJrpvg3PZx8K6T6QtqH5Yw@mail.gmail.com>
 <20220503082606.GA14624@daoine.org>
 <CAD7Ssm-zkKQ5hbeV4oxezxm5NTk-_smnQmVrbcHoAEjwj3RWug@mail.gmail.com>
Message-ID: <20220503115711.GB14624@daoine.org>

On Tue, May 03, 2022 at 03:59:48PM +0530, Kaushal Shriyan wrote:

Hi there,

> I am following https://bluegrid.io/edu/how-to-purge-the-nginx-cache/ and
> have attached the nginx config file for your reference. I am running nginx
> version: nginx/1.20.2 on CentOS Linux release 7.9.2009 (Core)
> 
> #curl -I https://testnginxproxycachepurge.testintcraft.com -H 'Cache-Purge:
> true'
> HTTP/1.1 200 OK
> *X-Cache-Status: HIT*
> 
> Please guide me. Thanks in advance.

You made a curl request for https://testnginxproxycachepurge.testintcraft.com.

Your config for that request (location /) includes

	proxy_cache_bypass $bypass;
	proxy_cache_bypass $no_cache $nouricache;

Each of those variables is 0 or empty, so "X-Cache-Status: HIT"
is correct.

If you want to bypass the cache, you must make at least one of those
variables have a different value.

For local testing, you could try adding something like

	map $http_cache_purge $bypass {
		default 0;
		true 1;
	}

beside your other "map" directives; but you should understand what
that does, and how it compares to what you want, before running it
in production.



If there are follow-up questions, it might be worth explaining what
exactly it is that you want to achieve.

The "normal" nginx behaviour when caching is enabled, is: a request comes
from the client; nginx looks in the cache to see if it has a response
for that that request that is still valid; if there is a valid response,
nginx writes it to the client; if there is not a valid response, nginx
makes a request of upstream, gets the response, writes it to the cache
with a suitable "valid" time, and writes it to the client.

Pretty much every step of that can be changed by configuration.

I *think* that the thing that you want to do is: for some specific
requests, instead of nginx sending a valid response from its cache,
nginx should make a request of upstream and write the new response to
the cache (as well as sending it to the client).

If that is not it -- or if you want to give a more specific description
of "some specific requests" -- then adding the details will help other
people to be able to provide a good answer.

Good luck with it,

	f
-- 
Francis Daly        francis at daoine.org


From kaushalshriyan at gmail.com  Tue May  3 16:17:03 2022
From: kaushalshriyan at gmail.com (Kaushal Shriyan)
Date: Tue, 3 May 2022 21:47:03 +0530
Subject: Purge the Nginx cache
In-Reply-To: <20220503115711.GB14624@daoine.org>
References: <YmLemhRFGejch0Wp@FreeBSD.org.ru> <CAD7Ssm__okuV_w7umBzMSuBWbS0izCp1+UBzoatAHKTqA_1GDw@mail.gmail.com>
 <YmLn9Oiz8UVRxdN9@FreeBSD.org.ru> <CAD7Ssm9sMH+fQQYv2mQw6_pO-VcJd1S5HfEHJhiutKKgOKqYeg@mail.gmail.com>
 <CAD7Ssm9U9Oiifh4-52N3brBcZL11TKUr5aCed8goJ8Qjiqofrg@mail.gmail.com>
 <CAD7Ssm-t22LKasTmZZ4rtWd_GBsBffskpqRxShN0zHd2CWBspQ@mail.gmail.com>
 <YmhYV8e4dGrXwugG@FreeBSD.org.ru> <CAD7Ssm8s9ZbagH7vP3SkgK0NJN-9gJrpvg3PZx8K6T6QtqH5Yw@mail.gmail.com>
 <20220503082606.GA14624@daoine.org> <CAD7Ssm-zkKQ5hbeV4oxezxm5NTk-_smnQmVrbcHoAEjwj3RWug@mail.gmail.com>
 <20220503115711.GB14624@daoine.org>
Message-ID: <CAD7Ssm8NJ0Gs8B3hb8Wj2DxcfrzrsnsXM0ahcC+dsd8N9Jmifw@mail.gmail.com>

On Tue, May 3, 2022 at 5:30 PM Francis Daly <francis at daoine.org> wrote:

> On Tue, May 03, 2022 at 03:59:48PM +0530, Kaushal Shriyan wrote:
>
> Hi there,
>
> > I am following https://bluegrid.io/edu/how-to-purge-the-nginx-cache/ and
> > have attached the nginx config file for your reference. I am running
> nginx
> > version: nginx/1.20.2 on CentOS Linux release 7.9.2009 (Core)
> >
> > #curl -I https://testnginxproxycachepurge.testintcraft.com -H
> 'Cache-Purge:
> > true'
> > HTTP/1.1 200 OK
> > *X-Cache-Status: HIT*
> >
> > Please guide me. Thanks in advance.
>
> You made a curl request for
> https://testnginxproxycachepurge.testintcraft.com.
>
> Your config for that request (location /) includes
>
>         proxy_cache_bypass $bypass;
>         proxy_cache_bypass $no_cache $nouricache;
>
> Each of those variables is 0 or empty, so "X-Cache-Status: HIT"
> is correct.
>
> If you want to bypass the cache, you must make at least one of those
> variables have a different value.
>
> For local testing, you could try adding something like
>
>         map $http_cache_purge $bypass {
>                 default 0;
>                 true 1;
>         }
>
> beside your other "map" directives; but you should understand what
> that does, and how it compares to what you want, before running it
> in production.
>
>
>
> If there are follow-up questions, it might be worth explaining what
> exactly it is that you want to achieve.
>
> The "normal" nginx behaviour when caching is enabled, is: a request comes
> from the client; nginx looks in the cache to see if it has a response
> for that that request that is still valid; if there is a valid response,
> nginx writes it to the client; if there is not a valid response, nginx
> makes a request of upstream, gets the response, writes it to the cache
> with a suitable "valid" time, and writes it to the client.
>
> Pretty much every step of that can be changed by configuration.
>
> I *think* that the thing that you want to do is: for some specific
> requests, instead of nginx sending a valid response from its cache,
> nginx should make a request of upstream and write the new response to
> the cache (as well as sending it to the client).
>
> If that is not it -- or if you want to give a more specific description
> of "some specific requests" -- then adding the details will help other
> people to be able to provide a good answer.
>
> Good luck with it,
>
>         f
> --
> Francis Daly        francis at daoine.org
> _______________________________________________
> nginx mailing list -- nginx at nginx.org
> To unsubscribe send an email to nginx-leave at nginx.org


Thanks Francis for the detailed explanation and much appreciated !!!. We
typically clear the nginx cache manually using the below command.

#rm -rf /var/www/nginx/cache/content/*
#rm -rf /var/www/nginx/cache/files/*

The bigger problem is that this way of purging the Nginx cache deletes
everything that was cached by this Nginx reverse proxy server and adds
overhead to the infrastructure impacting the performance resulting with a
high number of requests per time unit.
I am trying out by purging with the BYPASS method as Nginx module
proxy_cache_purge needs commercial subscription.

Directive proxy_cache_bypass is a recommended approach to refresh the cache
resource after successful retrieval of the contents from the upstream
backend server.

I have deleted the cache by following the method

#rm -rf /var/www/nginx/cache/content/*
#rm -rf /var/www/nginx/cache/files/*
#curl -I https://testnginxproxycachepurge.testintcraft.com -H 'Cache-Purge:
true'
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 03 May 2022 16:06:08 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Cache-Control: max-age=21600, public
Link: <https://testnginxproxycachepurge.testintcraft.com/>;
rel="canonical", <https://testnginxproxycachepurge.testintcraft.com/>;
rel="shortlink", <https://testnginxproxycachepurge.testintcraft.com/home>;
rel="revision"
X-UA-Compatible: IE=edge
Content-language: en
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Permissions-Policy: interest-cohort=()
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Vary: Cookie
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie:
ADRUM_BT=R%3A0%7Cg%3A39ca00fc-b183-4fbf-95ad-494a6e7b8d1f102%7Cn%3Aicebergtest_e1c60ae6-5d00-47d5-8c0a-690d8465795f%7Ci%3A129601%7Cs%3Af;
expires=Tue, 03-May-2022 16:06:38 GMT; Max-Age=30; path=/
Last-Modified: Tue, 26 Apr 2022 11:42:25 GMT
ETag: "1650973345"
Access-Control-Allow-Origin: *

*X-Cache-Status: MISS*
#curl -I https://testnginxproxycachepurge.testintcraft.com -H 'Cache-Purge:
true'
HTTP/1.1 200 OK
Server: nginx/1.20.2
Date: Tue, 03 May 2022 16:06:19 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Cache-Control: max-age=21600, public
Link: <https://testnginxproxycachepurge.testintcraft.com/>;
rel="canonical", <https://testnginxproxycachepurge.testintcraft.com/>;
rel="shortlink", <https://testnginxproxycachepurge.testintcraft.com/home>;
rel="revision"
X-UA-Compatible: IE=edge
Content-language: en
X-Content-Type-Options: nosniff
X-Frame-Options: SAMEORIGIN
Permissions-Policy: interest-cohort=()
Expires: Sun, 19 Nov 1978 05:00:00 GMT
Vary: Cookie
X-XSS-Protection: 1; mode=block
Strict-Transport-Security: max-age=31536000; includeSubDomains
Set-Cookie:
ADRUM_BT=R%3A0%7Cg%3A39ca00fc-b183-4fbf-95ad-494a6e7b8d1f102%7Cn%3Aicebergtest_e1c60ae6-5d00-47d5-8c0a-690d8465795f%7Ci%3A129601%7Cs%3Af;
expires=Tue, 03-May-2022 16:06:38 GMT; Max-Age=30; path=/
Last-Modified: Tue, 26 Apr 2022 11:42:25 GMT
ETag: "1650973345"
Access-Control-Allow-Origin: *

*X-Cache-Status: HIT*#

I am seeing it as HIT instead of BYPASS in context to Nginx cache. I am
attaching the config file for your reference. Please comment and I look
forward to hearing from you. Thanks in Advance.

Best Regards,

Kaushal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220503/8eb39174/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginx.conf.bypass
Type: application/octet-stream
Size: 5509 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220503/8eb39174/attachment.obj>

From francis at daoine.org  Wed May  4 13:06:12 2022
From: francis at daoine.org (Francis Daly)
Date: Wed, 4 May 2022 14:06:12 +0100
Subject: Purge the Nginx cache
In-Reply-To: <CAD7Ssm8NJ0Gs8B3hb8Wj2DxcfrzrsnsXM0ahcC+dsd8N9Jmifw@mail.gmail.com>
References: <YmLn9Oiz8UVRxdN9@FreeBSD.org.ru>
 <CAD7Ssm9sMH+fQQYv2mQw6_pO-VcJd1S5HfEHJhiutKKgOKqYeg@mail.gmail.com>
 <CAD7Ssm9U9Oiifh4-52N3brBcZL11TKUr5aCed8goJ8Qjiqofrg@mail.gmail.com>
 <CAD7Ssm-t22LKasTmZZ4rtWd_GBsBffskpqRxShN0zHd2CWBspQ@mail.gmail.com>
 <YmhYV8e4dGrXwugG@FreeBSD.org.ru>
 <CAD7Ssm8s9ZbagH7vP3SkgK0NJN-9gJrpvg3PZx8K6T6QtqH5Yw@mail.gmail.com>
 <20220503082606.GA14624@daoine.org>
 <CAD7Ssm-zkKQ5hbeV4oxezxm5NTk-_smnQmVrbcHoAEjwj3RWug@mail.gmail.com>
 <20220503115711.GB14624@daoine.org>
 <CAD7Ssm8NJ0Gs8B3hb8Wj2DxcfrzrsnsXM0ahcC+dsd8N9Jmifw@mail.gmail.com>
Message-ID: <20220504130612.GC14624@daoine.org>

On Tue, May 03, 2022 at 09:47:03PM +0530, Kaushal Shriyan wrote:

Hi there,

> Thanks Francis for the detailed explanation and much appreciated !!!. We
> typically clear the nginx cache manually using the below command.
> 
> #rm -rf /var/www/nginx/cache/content/*
> #rm -rf /var/www/nginx/cache/files/*

That will remove from the filesystem anything that was in those
directories; that will have the effect of nginx not having a valid
response in the cache for an incoming request, so nginx will make the
request of upstream and handle the response.

> The bigger problem is that this way of purging the Nginx cache deletes
> everything that was cached by this Nginx reverse proxy server and adds
> overhead to the infrastructure impacting the performance resulting with a
> high number of requests per time unit.

Yes - that "purge" is "removal of everything from disk".

> Directive proxy_cache_bypass is a recommended approach to refresh the cache
> resource after successful retrieval of the contents from the upstream
> backend server.

Yes - "proxy_cache_bypass" will tell nginx to skip the "looks in the
cache" step of the processing, and just do all of the other steps.

It won't "purge" the cache at all; it will add-or-replace the cached
response for this one request. If that is what you want, then it is the
correct directive to use.

> I have deleted the cache by following the method
> 
> #rm -rf /var/www/nginx/cache/content/*
> #rm -rf /var/www/nginx/cache/files/*
> #curl -I https://testnginxproxycachepurge.testintcraft.com -H 'Cache-Purge:
> true'
> HTTP/1.1 200 OK

> *X-Cache-Status: MISS*

> #curl -I https://testnginxproxycachepurge.testintcraft.com -H 'Cache-Purge:
> true'
> HTTP/1.1 200 OK

> *X-Cache-Status: HIT*#

> I am seeing it as HIT instead of BYPASS in context to Nginx cache. I am
> attaching the config file for your reference. Please comment and I look
> forward to hearing from you. Thanks in Advance.

You originally had the config that never set $bypass.

I suggested that you set $bypass by adding a "map" to sometimes set
$bypass to 1.

You added the "map", which was good; and then you also added code to
always set $bypass to 0, and then sometimes set it to something else.

So the second piece of code you added, undid what the first piece you
added did.

If you are going to "set $bypass 0;", then you may as well remove the
"map" part again.


What does the nginx access log say about this request? Most importantly:
what is the IP address of the client, as far as nginx is concerned? If
it does not match

        $remote_addr ~ "^(127.0.0.1)$"

then your $bypass will remain as 0, and your cache will never be bypassed.

If you want to allow one set of IP addresses to invite nginx to bypass
the cache, put that IP address pattern in the "if $remote_addr" part.

If you want to allow any IP address to invite nginx to bypass the cache,
set $bypass for any IP address.

Good luck with it,

	f
-- 
Francis Daly        francis at daoine.org


From alan.jackson at netvalue.nz  Thu May  5 23:54:56 2022
From: alan.jackson at netvalue.nz (Alan Jackson)
Date: Fri, 6 May 2022 11:54:56 +1200 (NZST)
Subject: limit_conn_zone using $http_ variable not working?
Message-ID: <1542157122.287827.1651794896557.JavaMail.zimbra@netvalue.nz>

Hi,

I'm trying to use rate limiting on an nginx mail proxy->nginx fastcgi backend to restrict the number of concurrent connections from a client's IP. Unfortunately, I can't use proxy_protocol on the mail proxy side due to the nginx version not supporting it. 

Using debug logging, I know that the nginx mail proxy is passing through an http header 'Client-IP' which contains the originating client IP.

I've confirmed that in the http backend, the variable $http_client_ip contains the originating request's client ip ($binary_remote_addr just contains 127.0.0.1 due to the proxy), and that setting a return http header using this variable works just fine.

However, when I try to use limit_conn_zone with the $http_client_ip variable, it is not behaving as I expect:

"limit_conn_zone $http_client_ip zone=perip:10m;" 

Results in log lines like:

"limiting connections, dry run, by zone "perip", client: 127.0.0.1, server: _, request: "GET /mail_auth.php HTTP/1.0" 

which doesn't look like the variable is being instantiated properly (client is still 127.0.0.1).

Is using an $http_ variable expected to work in a limit_conn_zone config like this?


Regards,
-- 
Alan Jackson   | Systems Administrator
NetValue Limited


From pluknet at nginx.com  Fri May  6 10:18:00 2022
From: pluknet at nginx.com (Sergey Kandaurov)
Date: Fri, 6 May 2022 14:18:00 +0400
Subject: limit_conn_zone using $http_ variable not working?
In-Reply-To: <1542157122.287827.1651794896557.JavaMail.zimbra@netvalue.nz>
References: <1542157122.287827.1651794896557.JavaMail.zimbra@netvalue.nz>
Message-ID: <D978DE4B-9902-4DAA-A72D-5FBE16F178E1@nginx.com>


> On 6 May 2022, at 03:54, Alan Jackson <alan.jackson at netvalue.nz> wrote:
> 
> Hi,
> 
> I'm trying to use rate limiting on an nginx mail proxy->nginx fastcgi backend to restrict the number of concurrent connections from a client's IP. Unfortunately, I can't use proxy_protocol on the mail proxy side due to the nginx version not supporting it. 
> 
> Using debug logging, I know that the nginx mail proxy is passing through an http header 'Client-IP' which contains the originating client IP.
> 
> I've confirmed that in the http backend, the variable $http_client_ip contains the originating request's client ip ($binary_remote_addr just contains 127.0.0.1 due to the proxy), and that setting a return http header using this variable works just fine.
> 
> However, when I try to use limit_conn_zone with the $http_client_ip variable, it is not behaving as I expect:
> 
> "limit_conn_zone $http_client_ip zone=perip:10m;" 
> 
> Results in log lines like:
> 
> "limiting connections, dry run, by zone "perip", client: 127.0.0.1, server: _, request: "GET /mail_auth.php HTTP/1.0" 
> 
> which doesn't look like the variable is being instantiated properly (client is still 127.0.0.1).
> 

The "client: 127.0.0.1" part is the above log represents client address
you previously claimed to contain "127.0.0.1", which is fine.
The limit_conn_zone key evaluated content is logged at the debug level.

> Is using an $http_ variable expected to work in a limit_conn_zone config like this?
> 

Yes, it is.


From kaushalshriyan at gmail.com  Sat May  7 13:01:59 2022
From: kaushalshriyan at gmail.com (Kaushal Shriyan)
Date: Sat, 7 May 2022 18:31:59 +0530
Subject: building ngx_cache_purge module on CentOS Linux release 7.9.2009 (Core)
Message-ID: <CAD7Ssm-n=KV_8Lp0HOX1oV9wUrNKr4dvAuu0K_om5RES5EY56A@mail.gmail.com>

Hi,

I am referring to https://github.com/FRiCKLE/ngx_cache_purge/ and running
the open source nginx version: nginx/1.20.2 on CentOS Linux release
7.9.2009 (Core). When i trying to compile the ngx_cache_purge_module.c I am
encountering fatal error: nginx.h: No such file or directory

# ls -l
total 76
-rw-r--r-- 1 501 wheel  1980 Dec 23  2014 CHANGES
-rw-r--r-- 1 501 wheel   516 Dec 23  2014 config
-rw-r--r-- 1 501 wheel  1424 Dec 23  2014 LICENSE
-rw-r--r-- 1 501 wheel 51501 Dec 23  2014 ngx_cache_purge_module.c
-rw-r--r-- 1 501 wheel  5090 Dec 23  2014 README.md
drwxr-xr-x 2 501 wheel    80 May  7 02:22 t
-rw-r--r-- 1 501 wheel   281 Dec 23  2014 TODO.md
#

#gcc -o ngx_cache_purge_module ngx_cache_purge_module.c
ngx_cache_purge_module.c:30:19: fatal error: nginx.h: No such file or
directory
 #include <nginx.h>
                   ^
compilation terminated.

# yum search nginx-devel
Loaded plugins: fastestmirror
Loading mirror speeds from cached hostfile
 * base: uk.mirrors.clouvider.net
 * centos-sclo-rh: uk.mirrors.clouvider.net
 * epel: d2lzkl7pfhq30w.cloudfront.net
 * extras: mirrors.vinters.com
 * updates: mirrors.vinters.com
Warning: No matches found for: nginx-devel
No matches found
# rpm -qa | grep epel
epel-release-7-14.noarch
# cat /etc/redhat-release
CentOS Linux release 7.9.2009 (Core)
#

Please correct me if I am missing something. Thanks in advance.

Best Regards,

Kaushal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220507/44e0e4f1/attachment.htm>

From osa at freebsd.org.ru  Sat May  7 13:58:39 2022
From: osa at freebsd.org.ru (Sergey A. Osokin)
Date: Sat, 7 May 2022 16:58:39 +0300
Subject: building ngx_cache_purge module on CentOS Linux release 7.9.2009
 (Core)
In-Reply-To: <CAD7Ssm-n=KV_8Lp0HOX1oV9wUrNKr4dvAuu0K_om5RES5EY56A@mail.gmail.com>
References: <CAD7Ssm-n=KV_8Lp0HOX1oV9wUrNKr4dvAuu0K_om5RES5EY56A@mail.gmail.com>
Message-ID: <YnZ7D2or4AkrJdh6@FreeBSD.org.ru>

Hi Kaushal,

On Sat, May 07, 2022 at 06:31:59PM +0530, Kaushal Shriyan wrote:
> 
> #gcc -o ngx_cache_purge_module ngx_cache_purge_module.c
> ngx_cache_purge_module.c:30:19: fatal error: nginx.h: No such file or
> directory
>  #include <nginx.h>
>                    ^
> compilation terminated.

I'd recommend to follow this [1] blog post to create a dynamic module
for nginx.

References:
1. https://www.nginx.com/blog/compiling-dynamic-modules-nginx-plus/

-- 
Sergey A. Osokin


From kaushalshriyan at gmail.com  Sun May  8 03:10:44 2022
From: kaushalshriyan at gmail.com (Kaushal Shriyan)
Date: Sun, 8 May 2022 08:40:44 +0530
Subject: building ngx_cache_purge module on CentOS Linux release 7.9.2009 (Core)
In-Reply-To: <YnZ7D2or4AkrJdh6@FreeBSD.org.ru>
References: <CAD7Ssm-n=KV_8Lp0HOX1oV9wUrNKr4dvAuu0K_om5RES5EY56A@mail.gmail.com>
 <YnZ7D2or4AkrJdh6@FreeBSD.org.ru>
Message-ID: <CAD7Ssm-Y6wEt59D6cAhLqbEStKZjAep3TjH13JUokcufhZP+WQ@mail.gmail.com>

Hi Sergey,

I followed
https://www.nginx.com/blog/compiling-dynamic-modules-nginx-plus/#load_module
to generate the third party dynamic module

Nginx Version :- nginx version: nginx/1.20.1
OS Version :- CentOS Linux release 7.9.2009 (Core)

cd /home/kaushal/ngx-cache-purge/
# ls -l
total 64
-rw-r--r-- 1 root root   728 May  8 02:48 config
-rw-r--r-- 1 root root 51501 May  8 02:48 ngx_cache_purge_module.c
-rw-r--r-- 1 root root  5090 May  8 02:48 README.md
# cat config
if [ "$HTTP_PROXY" = "YES" ]; then
    have=NGX_HTTP_PROXY . auto/have
fi

if [ "$HTTP_FASTCGI" = "YES" ]; then
    have=NGX_HTTP_FASTCGI . auto/have
fi

if [ "$HTTP_SCGI" = "YES" ]; then
    have=NGX_HTTP_SCGI . auto/have
fi

if [ "$HTTP_UWSGI" = "YES" ]; then
    have=NGX_HTTP_UWSGI . auto/have
fi

if test -n "$ngx_module_link"; then
    ngx_module_type=HTTP
    ngx_module_name=ngx_http_cache_purge_module
    ngx_module_srcs="$ngx_addon_dir/ngx_cache_purge_module.c"

    have=NGX_CACHE_PURGE_MODULE . auto/have

    . auto/module
else
    HTTP_MODULES="$HTTP_MODULES ngx_http_cache_purge_module"
    NGX_ADDON_SRCS="$NGX_ADDON_SRCS $ngx_addon_dir/ngx_cache_purge_module.c"

    have=NGX_CACHE_PURGE_MODULE . auto/have
fi
#

#wget http://nginx.org/download/nginx-1.20.2.tar.gz
#tar zxvf nginx-1.20.2.tar.gz
#cd /home/kaushal/nginx-1.20.2/
#./configure --with-compat --add-dynamic-module=../ngx-cache-purge

#cat /usr/share/nginx/modules/ngx-http-cache-purge-module.conf
load_module "/usr/lib64/nginx/modules/ngx_http_cache_purge_module.so";

#cat /etc/nginx/nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log;
pid /run/nginx.pid;

# Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;

#nginx -t -c /etc/nginx/nginx.conf
nginx: [emerg] module
"/usr/lib64/nginx/modules/ngx_http_cache_purge_module.so" version 1020002
instead of 1020001 in
/usr/share/nginx/modules/ngx-http-cache-purge-module.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed

Please correct and guide me if I am missing something. Thanks in advance.

Best Regards,

Kaushal

On Sat, May 7, 2022 at 7:32 PM Sergey A. Osokin <osa at freebsd.org.ru> wrote:

> Hi Kaushal,
>
> On Sat, May 07, 2022 at 06:31:59PM +0530, Kaushal Shriyan wrote:
> >
> > #gcc -o ngx_cache_purge_module ngx_cache_purge_module.c
> > ngx_cache_purge_module.c:30:19: fatal error: nginx.h: No such file or
> > directory
> >  #include <nginx.h>
> >                    ^
> > compilation terminated.
>
> I'd recommend to follow this [1] blog post to create a dynamic module
> for nginx.
>
> References:
> 1. https://www.nginx.com/blog/compiling-dynamic-modules-nginx-plus/
>
> --
> Sergey A. Osokin
> _______________________________________________
> nginx mailing list -- nginx at nginx.org
> To unsubscribe send an email to nginx-leave at nginx.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220508/c477632a/attachment.htm>

From kaushalshriyan at gmail.com  Sun May  8 04:58:23 2022
From: kaushalshriyan at gmail.com (Kaushal Shriyan)
Date: Sun, 8 May 2022 10:28:23 +0530
Subject: building ngx_cache_purge module on CentOS Linux release 7.9.2009 (Core)
In-Reply-To: <CAD7Ssm-Y6wEt59D6cAhLqbEStKZjAep3TjH13JUokcufhZP+WQ@mail.gmail.com>
References: <CAD7Ssm-n=KV_8Lp0HOX1oV9wUrNKr4dvAuu0K_om5RES5EY56A@mail.gmail.com>
 <YnZ7D2or4AkrJdh6@FreeBSD.org.ru> <CAD7Ssm-Y6wEt59D6cAhLqbEStKZjAep3TjH13JUokcufhZP+WQ@mail.gmail.com>
Message-ID: <CAD7Ssm8aMroMBy+8f1rsz8j=syn0DrcFQJT0HfYPXtGO26FvHg@mail.gmail.com>

Hi,

I am able to fix the issue below.

#nginx -t -c /etc/nginx/nginx.conf
nginx: [emerg] module
"/usr/lib64/nginx/modules/ngx_http_cache_purge_module.so" version 1020002
instead of 1020001 in
/usr/share/nginx/modules/ngx-http-cache-purge-module.conf:1
nginx: configuration file /etc/nginx/nginx.conf test failed

Nginx Version :- nginx version: nginx/1.20.2
OS Version :- CentOS Linux release 7.9.2009 (Core)

cd /home/kaushal/nginx-1.20.2/
#./configure --with-compat --add-dynamic-module=../ngx-cache-purge
checking for OS
 + Linux 3.10.0-1160.62.1.el7.x86_64 x86_64
checking for C compiler ... found
 + using GNU C compiler
 + gcc version: 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
checking for gcc -pipe switch ... found
checking for -Wl,-E switch ... found
checking for gcc builtin atomic operations ... found
checking for C99 variadic macros ... found
checking for gcc variadic macros ... found
checking for gcc builtin 64 bit byteswap ... found
checking for unistd.h ... found
checking for inttypes.h ... found
checking for limits.h ... found
checking for sys/filio.h ... not found
checking for sys/param.h ... found
checking for sys/mount.h ... found
checking for sys/statvfs.h ... found
checking for crypt.h ... found
checking for Linux specific features
checking for epoll ... found
checking for EPOLLRDHUP ... found
checking for EPOLLEXCLUSIVE ... not found
checking for eventfd() ... found
checking for O_PATH ... found
checking for sendfile() ... found
checking for sendfile64() ... found
checking for sys/prctl.h ... found
checking for prctl(PR_SET_DUMPABLE) ... found
checking for prctl(PR_SET_KEEPCAPS) ... found
checking for capabilities ... found
checking for crypt_r() ... found
checking for sys/vfs.h ... found
checking for nobody group ... found
checking for poll() ... found
checking for /dev/poll ... not found
checking for kqueue ... not found
checking for crypt() ... not found
checking for crypt() in libcrypt ... found
checking for F_READAHEAD ... not found
checking for posix_fadvise() ... found
checking for O_DIRECT ... found
checking for F_NOCACHE ... not found
checking for directio() ... not found
checking for statfs() ... found
checking for statvfs() ... found
checking for dlopen() ... not found
checking for dlopen() in libdl ... found
checking for sched_yield() ... found
checking for sched_setaffinity() ... found
checking for SO_SETFIB ... not found
checking for SO_REUSEPORT ... found
checking for SO_ACCEPTFILTER ... not found
checking for SO_BINDANY ... not found
checking for IP_TRANSPARENT ... found
checking for IP_BINDANY ... not found
checking for IP_BIND_ADDRESS_NO_PORT ... found
checking for IP_RECVDSTADDR ... not found
checking for IP_SENDSRCADDR ... not found
checking for IP_PKTINFO ... found
checking for IPV6_RECVPKTINFO ... found
checking for TCP_DEFER_ACCEPT ... found
checking for TCP_KEEPIDLE ... found
checking for TCP_FASTOPEN ... found
checking for TCP_INFO ... found
checking for accept4() ... found
checking for int size ... 4 bytes
checking for long size ... 8 bytes
checking for long long size ... 8 bytes
checking for void * size ... 8 bytes
checking for uint32_t ... found
checking for uint64_t ... found
checking for sig_atomic_t ... found
checking for sig_atomic_t size ... 4 bytes
checking for socklen_t ... found
checking for in_addr_t ... found
checking for in_port_t ... found
checking for rlim_t ... found
checking for uintptr_t ... uintptr_t found
checking for system byte ordering ... little endian
checking for size_t size ... 8 bytes
checking for off_t size ... 8 bytes
checking for time_t size ... 8 bytes
checking for AF_INET6 ... found
checking for setproctitle() ... not found
checking for pread() ... found
checking for pwrite() ... found
checking for pwritev() ... found
checking for strerrordesc_np() ... not found
checking for sys_nerr ... found
checking for localtime_r() ... found
checking for clock_gettime(CLOCK_MONOTONIC) ... found
checking for posix_memalign() ... found
checking for memalign() ... found
checking for mmap(MAP_ANON|MAP_SHARED) ... found
checking for mmap("/dev/zero", MAP_SHARED) ... found
checking for System V shared memory ... found
checking for POSIX semaphores ... not found
checking for POSIX semaphores in libpthread ... found
checking for struct msghdr.msg_control ... found
checking for ioctl(FIONBIO) ... found
checking for ioctl(FIONREAD) ... found
checking for struct tm.tm_gmtoff ... found
checking for struct dirent.d_namlen ... not found
checking for struct dirent.d_type ... found
checking for sysconf(_SC_NPROCESSORS_ONLN) ... found
checking for sysconf(_SC_LEVEL1_DCACHE_LINESIZE) ... found
checking for openat(), fstatat() ... found
checking for getaddrinfo() ... found
configuring additional dynamic modules
adding module in ../ngx-cache-purge
 +  was configured
checking for PCRE library ... found
checking for PCRE JIT support ... found
checking for zlib library ... found
creating objs/Makefile

Configuration summary
  + using system PCRE library
  + OpenSSL library is not used
  + using system zlib library

  nginx path prefix: "/usr/local/nginx"
  nginx binary file: "/usr/local/nginx/sbin/nginx"
  nginx modules path: "/usr/local/nginx/modules"
  nginx configuration prefix: "/usr/local/nginx/conf"
  nginx configuration file: "/usr/local/nginx/conf/nginx.conf"
  nginx pid file: "/usr/local/nginx/logs/nginx.pid"
  nginx error log file: "/usr/local/nginx/logs/error.log"
  nginx http access log file: "/usr/local/nginx/logs/access.log"
  nginx http client request body temporary files: "client_body_temp"
  nginx http proxy temporary files: "proxy_temp"
  nginx http fastcgi temporary files: "fastcgi_temp"
  nginx http uwsgi temporary files: "uwsgi_temp"
  nginx http scgi temporary files: "scgi_temp"

#make modules
make -f objs/Makefile modules
make[1]: Entering directory `/home/kaushal/nginx-1.20.2'
cc -c -fPIC -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter
-Werror -g  -I src/core -I src/event -I src/event/modules -I src/os/unix -I
objs -I src/http -I src/http/modules \
-o objs/addon/ngx-cache-purge/ngx_cache_purge_module.o \
../ngx-cache-purge/ngx_cache_purge_module.c
cc -c -fPIC -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter
-Werror -g  -I src/core -I src/event -I src/event/modules -I src/os/unix -I
objs -I src/http -I src/http/modules \
-o objs/ngx_http_cache_purge_module_modules.o \
objs/ngx_http_cache_purge_module_modules.c
cc -o objs/ngx_http_cache_purge_module.so \
objs/addon/ngx-cache-purge/ngx_cache_purge_module.o \
objs/ngx_http_cache_purge_module_modules.o \
-shared
make[1]: Leaving directory `/home/kaushal/nginx-1.20.2'

#cp ngx_http_cache_purge_module.so /etc/nginx/modules

cd /home/kaushal/ngx-cache-purge/
# ls -l
total 64
-rw-r--r-- 1 root root   728 May  8 02:48 config
-rw-r--r-- 1 root root 51501 May  8 02:48 ngx_cache_purge_module.c
-rw-r--r-- 1 root root  5090 May  8 02:48 README.md
# cat config
if [ "$HTTP_PROXY" = "YES" ]; then
    have=NGX_HTTP_PROXY . auto/have
fi

if [ "$HTTP_FASTCGI" = "YES" ]; then
    have=NGX_HTTP_FASTCGI . auto/have
fi

if [ "$HTTP_SCGI" = "YES" ]; then
    have=NGX_HTTP_SCGI . auto/have
fi

if [ "$HTTP_UWSGI" = "YES" ]; then
    have=NGX_HTTP_UWSGI . auto/have
fi

if test -n "$ngx_module_link"; then
    ngx_module_type=HTTP
    ngx_module_name=ngx_http_cache_purge_module
    ngx_module_srcs="$ngx_addon_dir/ngx_cache_purge_module.c"

    have=NGX_CACHE_PURGE_MODULE . auto/have

    . auto/module
else
    HTTP_MODULES="$HTTP_MODULES ngx_http_cache_purge_module"
    NGX_ADDON_SRCS="$NGX_ADDON_SRCS $ngx_addon_dir/ngx_cache_purge_module.c"

    have=NGX_CACHE_PURGE_MODULE . auto/have
fi
#
# pwd
/etc/nginx/modules
# nginx -v
nginx version: nginx/1.20.2
# ls -l
total 88
-rwxr-xr-x 1 root root 88904 May  8 04:34 ngx_http_cache_purge_module.so
#

#nginx -t -c /etc/nginx/nginx.conf
nginx: [emerg] unknown directive "proxy_cache_purge" in
/etc/nginx/conf.d/default.conf:103
nginx: configuration file /etc/nginx/nginx.conf test failed

I have the nginx module /etc/nginx/modules/ngx_http_cache_purge_module.so
and I am attaching the file for your reference.

Please correct and guide me if I am missing something. Thanks in advance.

Best Regards,

Kaushal

On Sun, May 8, 2022 at 8:40 AM Kaushal Shriyan <kaushalshriyan at gmail.com>
wrote:

> Hi Sergey,
>
> I followed
> https://www.nginx.com/blog/compiling-dynamic-modules-nginx-plus/#load_module
> to generate the third party dynamic module
>
> Nginx Version :- nginx version: nginx/1.20.1
> OS Version :- CentOS Linux release 7.9.2009 (Core)
>
> cd /home/kaushal/ngx-cache-purge/
> # ls -l
> total 64
> -rw-r--r-- 1 root root   728 May  8 02:48 config
> -rw-r--r-- 1 root root 51501 May  8 02:48 ngx_cache_purge_module.c
> -rw-r--r-- 1 root root  5090 May  8 02:48 README.md
> # cat config
> if [ "$HTTP_PROXY" = "YES" ]; then
>     have=NGX_HTTP_PROXY . auto/have
> fi
>
> if [ "$HTTP_FASTCGI" = "YES" ]; then
>     have=NGX_HTTP_FASTCGI . auto/have
> fi
>
> if [ "$HTTP_SCGI" = "YES" ]; then
>     have=NGX_HTTP_SCGI . auto/have
> fi
>
> if [ "$HTTP_UWSGI" = "YES" ]; then
>     have=NGX_HTTP_UWSGI . auto/have
> fi
>
> if test -n "$ngx_module_link"; then
>     ngx_module_type=HTTP
>     ngx_module_name=ngx_http_cache_purge_module
>     ngx_module_srcs="$ngx_addon_dir/ngx_cache_purge_module.c"
>
>     have=NGX_CACHE_PURGE_MODULE . auto/have
>
>     . auto/module
> else
>     HTTP_MODULES="$HTTP_MODULES ngx_http_cache_purge_module"
>     NGX_ADDON_SRCS="$NGX_ADDON_SRCS
> $ngx_addon_dir/ngx_cache_purge_module.c"
>
>     have=NGX_CACHE_PURGE_MODULE . auto/have
> fi
> #
>
> #wget http://nginx.org/download/nginx-1.20.2.tar.gz
> #tar zxvf nginx-1.20.2.tar.gz
> #cd /home/kaushal/nginx-1.20.2/
> #./configure --with-compat --add-dynamic-module=../ngx-cache-purge
>
> #cat /usr/share/nginx/modules/ngx-http-cache-purge-module.conf
> load_module "/usr/lib64/nginx/modules/ngx_http_cache_purge_module.so";
>
> #cat /etc/nginx/nginx.conf
> user nginx;
> worker_processes auto;
> error_log /var/log/nginx/error.log;
> pid /run/nginx.pid;
>
> # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
> include /usr/share/nginx/modules/*.conf;
>
> #nginx -t -c /etc/nginx/nginx.conf
> nginx: [emerg] module
> "/usr/lib64/nginx/modules/ngx_http_cache_purge_module.so" version 1020002
> instead of 1020001 in
> /usr/share/nginx/modules/ngx-http-cache-purge-module.conf:1
> nginx: configuration file /etc/nginx/nginx.conf test failed
>
> Please correct and guide me if I am missing something. Thanks in advance.
>
> Best Regards,
>
> Kaushal
>
> On Sat, May 7, 2022 at 7:32 PM Sergey A. Osokin <osa at freebsd.org.ru>
> wrote:
>
>> Hi Kaushal,
>>
>> On Sat, May 07, 2022 at 06:31:59PM +0530, Kaushal Shriyan wrote:
>> >
>> > #gcc -o ngx_cache_purge_module ngx_cache_purge_module.c
>> > ngx_cache_purge_module.c:30:19: fatal error: nginx.h: No such file or
>> > directory
>> >  #include <nginx.h>
>> >                    ^
>> > compilation terminated.
>>
>> I'd recommend to follow this [1] blog post to create a dynamic module
>> for nginx.
>>
>> References:
>> 1. https://www.nginx.com/blog/compiling-dynamic-modules-nginx-plus/
>>
>> --
>> Sergey A. Osokin
>> _______________________________________________
>> nginx mailing list -- nginx at nginx.org
>> To unsubscribe send an email to nginx-leave at nginx.org
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220508/494c34a3/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginxpurge.conf
Type: application/octet-stream
Size: 6159 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220508/494c34a3/attachment.obj>

From kaushalshriyan at gmail.com  Sun May  8 06:09:43 2022
From: kaushalshriyan at gmail.com (Kaushal Shriyan)
Date: Sun, 8 May 2022 11:39:43 +0530
Subject: building ngx_cache_purge module on CentOS Linux release 7.9.2009 (Core)
In-Reply-To: <CAD7Ssm8aMroMBy+8f1rsz8j=syn0DrcFQJT0HfYPXtGO26FvHg@mail.gmail.com>
References: <CAD7Ssm-n=KV_8Lp0HOX1oV9wUrNKr4dvAuu0K_om5RES5EY56A@mail.gmail.com>
 <YnZ7D2or4AkrJdh6@FreeBSD.org.ru> <CAD7Ssm-Y6wEt59D6cAhLqbEStKZjAep3TjH13JUokcufhZP+WQ@mail.gmail.com>
 <CAD7Ssm8aMroMBy+8f1rsz8j=syn0DrcFQJT0HfYPXtGO26FvHg@mail.gmail.com>
Message-ID: <CAD7Ssm9HXT-G07imuSDPBzPmNNzCp0ae+gndt1Yc-MH0zaWLtA@mail.gmail.com>

Hi Sergey,

I have fixed the issue by adding the below line in main context of
nginx.conf file

load_module modules/ngx_http_cache_purge_module.so;


#cat /etc/nginx/nginx.conf
user  nginx;
worker_processes  auto;

error_log  /var/log/nginx/error.log notice;
pid        /var/run/nginx.pid;

*load_module modules/ngx_http_cache_purge_module.so;*
events {
    worker_connections  1024;
}


http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request"
'
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

# nginx -t -c /etc/nginx/nginx.conf
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
#

Best Regards,

Kaushal

On Sun, May 8, 2022 at 10:28 AM Kaushal Shriyan <kaushalshriyan at gmail.com>
wrote:

> Hi,
>
> I am able to fix the issue below.
>
> #nginx -t -c /etc/nginx/nginx.conf
> nginx: [emerg] module
> "/usr/lib64/nginx/modules/ngx_http_cache_purge_module.so" version 1020002
> instead of 1020001 in
> /usr/share/nginx/modules/ngx-http-cache-purge-module.conf:1
> nginx: configuration file /etc/nginx/nginx.conf test failed
>
> Nginx Version :- nginx version: nginx/1.20.2
> OS Version :- CentOS Linux release 7.9.2009 (Core)
>
> cd /home/kaushal/nginx-1.20.2/
> #./configure --with-compat --add-dynamic-module=../ngx-cache-purge
> checking for OS
>  + Linux 3.10.0-1160.62.1.el7.x86_64 x86_64
> checking for C compiler ... found
>  + using GNU C compiler
>  + gcc version: 4.8.5 20150623 (Red Hat 4.8.5-44) (GCC)
> checking for gcc -pipe switch ... found
> checking for -Wl,-E switch ... found
> checking for gcc builtin atomic operations ... found
> checking for C99 variadic macros ... found
> checking for gcc variadic macros ... found
> checking for gcc builtin 64 bit byteswap ... found
> checking for unistd.h ... found
> checking for inttypes.h ... found
> checking for limits.h ... found
> checking for sys/filio.h ... not found
> checking for sys/param.h ... found
> checking for sys/mount.h ... found
> checking for sys/statvfs.h ... found
> checking for crypt.h ... found
> checking for Linux specific features
> checking for epoll ... found
> checking for EPOLLRDHUP ... found
> checking for EPOLLEXCLUSIVE ... not found
> checking for eventfd() ... found
> checking for O_PATH ... found
> checking for sendfile() ... found
> checking for sendfile64() ... found
> checking for sys/prctl.h ... found
> checking for prctl(PR_SET_DUMPABLE) ... found
> checking for prctl(PR_SET_KEEPCAPS) ... found
> checking for capabilities ... found
> checking for crypt_r() ... found
> checking for sys/vfs.h ... found
> checking for nobody group ... found
> checking for poll() ... found
> checking for /dev/poll ... not found
> checking for kqueue ... not found
> checking for crypt() ... not found
> checking for crypt() in libcrypt ... found
> checking for F_READAHEAD ... not found
> checking for posix_fadvise() ... found
> checking for O_DIRECT ... found
> checking for F_NOCACHE ... not found
> checking for directio() ... not found
> checking for statfs() ... found
> checking for statvfs() ... found
> checking for dlopen() ... not found
> checking for dlopen() in libdl ... found
> checking for sched_yield() ... found
> checking for sched_setaffinity() ... found
> checking for SO_SETFIB ... not found
> checking for SO_REUSEPORT ... found
> checking for SO_ACCEPTFILTER ... not found
> checking for SO_BINDANY ... not found
> checking for IP_TRANSPARENT ... found
> checking for IP_BINDANY ... not found
> checking for IP_BIND_ADDRESS_NO_PORT ... found
> checking for IP_RECVDSTADDR ... not found
> checking for IP_SENDSRCADDR ... not found
> checking for IP_PKTINFO ... found
> checking for IPV6_RECVPKTINFO ... found
> checking for TCP_DEFER_ACCEPT ... found
> checking for TCP_KEEPIDLE ... found
> checking for TCP_FASTOPEN ... found
> checking for TCP_INFO ... found
> checking for accept4() ... found
> checking for int size ... 4 bytes
> checking for long size ... 8 bytes
> checking for long long size ... 8 bytes
> checking for void * size ... 8 bytes
> checking for uint32_t ... found
> checking for uint64_t ... found
> checking for sig_atomic_t ... found
> checking for sig_atomic_t size ... 4 bytes
> checking for socklen_t ... found
> checking for in_addr_t ... found
> checking for in_port_t ... found
> checking for rlim_t ... found
> checking for uintptr_t ... uintptr_t found
> checking for system byte ordering ... little endian
> checking for size_t size ... 8 bytes
> checking for off_t size ... 8 bytes
> checking for time_t size ... 8 bytes
> checking for AF_INET6 ... found
> checking for setproctitle() ... not found
> checking for pread() ... found
> checking for pwrite() ... found
> checking for pwritev() ... found
> checking for strerrordesc_np() ... not found
> checking for sys_nerr ... found
> checking for localtime_r() ... found
> checking for clock_gettime(CLOCK_MONOTONIC) ... found
> checking for posix_memalign() ... found
> checking for memalign() ... found
> checking for mmap(MAP_ANON|MAP_SHARED) ... found
> checking for mmap("/dev/zero", MAP_SHARED) ... found
> checking for System V shared memory ... found
> checking for POSIX semaphores ... not found
> checking for POSIX semaphores in libpthread ... found
> checking for struct msghdr.msg_control ... found
> checking for ioctl(FIONBIO) ... found
> checking for ioctl(FIONREAD) ... found
> checking for struct tm.tm_gmtoff ... found
> checking for struct dirent.d_namlen ... not found
> checking for struct dirent.d_type ... found
> checking for sysconf(_SC_NPROCESSORS_ONLN) ... found
> checking for sysconf(_SC_LEVEL1_DCACHE_LINESIZE) ... found
> checking for openat(), fstatat() ... found
> checking for getaddrinfo() ... found
> configuring additional dynamic modules
> adding module in ../ngx-cache-purge
>  +  was configured
> checking for PCRE library ... found
> checking for PCRE JIT support ... found
> checking for zlib library ... found
> creating objs/Makefile
>
> Configuration summary
>   + using system PCRE library
>   + OpenSSL library is not used
>   + using system zlib library
>
>   nginx path prefix: "/usr/local/nginx"
>   nginx binary file: "/usr/local/nginx/sbin/nginx"
>   nginx modules path: "/usr/local/nginx/modules"
>   nginx configuration prefix: "/usr/local/nginx/conf"
>   nginx configuration file: "/usr/local/nginx/conf/nginx.conf"
>   nginx pid file: "/usr/local/nginx/logs/nginx.pid"
>   nginx error log file: "/usr/local/nginx/logs/error.log"
>   nginx http access log file: "/usr/local/nginx/logs/access.log"
>   nginx http client request body temporary files: "client_body_temp"
>   nginx http proxy temporary files: "proxy_temp"
>   nginx http fastcgi temporary files: "fastcgi_temp"
>   nginx http uwsgi temporary files: "uwsgi_temp"
>   nginx http scgi temporary files: "scgi_temp"
>
> #make modules
> make -f objs/Makefile modules
> make[1]: Entering directory `/home/kaushal/nginx-1.20.2'
> cc -c -fPIC -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter
> -Werror -g  -I src/core -I src/event -I src/event/modules -I src/os/unix -I
> objs -I src/http -I src/http/modules \
> -o objs/addon/ngx-cache-purge/ngx_cache_purge_module.o \
> ../ngx-cache-purge/ngx_cache_purge_module.c
> cc -c -fPIC -pipe  -O -W -Wall -Wpointer-arith -Wno-unused-parameter
> -Werror -g  -I src/core -I src/event -I src/event/modules -I src/os/unix -I
> objs -I src/http -I src/http/modules \
> -o objs/ngx_http_cache_purge_module_modules.o \
> objs/ngx_http_cache_purge_module_modules.c
> cc -o objs/ngx_http_cache_purge_module.so \
> objs/addon/ngx-cache-purge/ngx_cache_purge_module.o \
> objs/ngx_http_cache_purge_module_modules.o \
> -shared
> make[1]: Leaving directory `/home/kaushal/nginx-1.20.2'
>
> #cp ngx_http_cache_purge_module.so /etc/nginx/modules
>
> cd /home/kaushal/ngx-cache-purge/
> # ls -l
> total 64
> -rw-r--r-- 1 root root   728 May  8 02:48 config
> -rw-r--r-- 1 root root 51501 May  8 02:48 ngx_cache_purge_module.c
> -rw-r--r-- 1 root root  5090 May  8 02:48 README.md
> # cat config
> if [ "$HTTP_PROXY" = "YES" ]; then
>     have=NGX_HTTP_PROXY . auto/have
> fi
>
> if [ "$HTTP_FASTCGI" = "YES" ]; then
>     have=NGX_HTTP_FASTCGI . auto/have
> fi
>
> if [ "$HTTP_SCGI" = "YES" ]; then
>     have=NGX_HTTP_SCGI . auto/have
> fi
>
> if [ "$HTTP_UWSGI" = "YES" ]; then
>     have=NGX_HTTP_UWSGI . auto/have
> fi
>
> if test -n "$ngx_module_link"; then
>     ngx_module_type=HTTP
>     ngx_module_name=ngx_http_cache_purge_module
>     ngx_module_srcs="$ngx_addon_dir/ngx_cache_purge_module.c"
>
>     have=NGX_CACHE_PURGE_MODULE . auto/have
>
>     . auto/module
> else
>     HTTP_MODULES="$HTTP_MODULES ngx_http_cache_purge_module"
>     NGX_ADDON_SRCS="$NGX_ADDON_SRCS
> $ngx_addon_dir/ngx_cache_purge_module.c"
>
>     have=NGX_CACHE_PURGE_MODULE . auto/have
> fi
> #
> # pwd
> /etc/nginx/modules
> # nginx -v
> nginx version: nginx/1.20.2
> # ls -l
> total 88
> -rwxr-xr-x 1 root root 88904 May  8 04:34 ngx_http_cache_purge_module.so
> #
>
> #nginx -t -c /etc/nginx/nginx.conf
> nginx: [emerg] unknown directive "proxy_cache_purge" in
> /etc/nginx/conf.d/default.conf:103
> nginx: configuration file /etc/nginx/nginx.conf test failed
>
> I have the nginx module /etc/nginx/modules/ngx_http_cache_purge_module.so
> and I am attaching the file for your reference.
>
> Please correct and guide me if I am missing something. Thanks in advance.
>
> Best Regards,
>
> Kaushal
>
> On Sun, May 8, 2022 at 8:40 AM Kaushal Shriyan <kaushalshriyan at gmail.com>
> wrote:
>
>> Hi Sergey,
>>
>> I followed
>> https://www.nginx.com/blog/compiling-dynamic-modules-nginx-plus/#load_module
>> to generate the third party dynamic module
>>
>> Nginx Version :- nginx version: nginx/1.20.1
>> OS Version :- CentOS Linux release 7.9.2009 (Core)
>>
>> cd /home/kaushal/ngx-cache-purge/
>> # ls -l
>> total 64
>> -rw-r--r-- 1 root root   728 May  8 02:48 config
>> -rw-r--r-- 1 root root 51501 May  8 02:48 ngx_cache_purge_module.c
>> -rw-r--r-- 1 root root  5090 May  8 02:48 README.md
>> # cat config
>> if [ "$HTTP_PROXY" = "YES" ]; then
>>     have=NGX_HTTP_PROXY . auto/have
>> fi
>>
>> if [ "$HTTP_FASTCGI" = "YES" ]; then
>>     have=NGX_HTTP_FASTCGI . auto/have
>> fi
>>
>> if [ "$HTTP_SCGI" = "YES" ]; then
>>     have=NGX_HTTP_SCGI . auto/have
>> fi
>>
>> if [ "$HTTP_UWSGI" = "YES" ]; then
>>     have=NGX_HTTP_UWSGI . auto/have
>> fi
>>
>> if test -n "$ngx_module_link"; then
>>     ngx_module_type=HTTP
>>     ngx_module_name=ngx_http_cache_purge_module
>>     ngx_module_srcs="$ngx_addon_dir/ngx_cache_purge_module.c"
>>
>>     have=NGX_CACHE_PURGE_MODULE . auto/have
>>
>>     . auto/module
>> else
>>     HTTP_MODULES="$HTTP_MODULES ngx_http_cache_purge_module"
>>     NGX_ADDON_SRCS="$NGX_ADDON_SRCS
>> $ngx_addon_dir/ngx_cache_purge_module.c"
>>
>>     have=NGX_CACHE_PURGE_MODULE . auto/have
>> fi
>> #
>>
>> #wget http://nginx.org/download/nginx-1.20.2.tar.gz
>> #tar zxvf nginx-1.20.2.tar.gz
>> #cd /home/kaushal/nginx-1.20.2/
>> #./configure --with-compat --add-dynamic-module=../ngx-cache-purge
>>
>> #cat /usr/share/nginx/modules/ngx-http-cache-purge-module.conf
>> load_module "/usr/lib64/nginx/modules/ngx_http_cache_purge_module.so";
>>
>> #cat /etc/nginx/nginx.conf
>> user nginx;
>> worker_processes auto;
>> error_log /var/log/nginx/error.log;
>> pid /run/nginx.pid;
>>
>> # Load dynamic modules. See /usr/share/doc/nginx/README.dynamic.
>> include /usr/share/nginx/modules/*.conf;
>>
>> #nginx -t -c /etc/nginx/nginx.conf
>> nginx: [emerg] module
>> "/usr/lib64/nginx/modules/ngx_http_cache_purge_module.so" version 1020002
>> instead of 1020001 in
>> /usr/share/nginx/modules/ngx-http-cache-purge-module.conf:1
>> nginx: configuration file /etc/nginx/nginx.conf test failed
>>
>> Please correct and guide me if I am missing something. Thanks in advance.
>>
>> Best Regards,
>>
>> Kaushal
>>
>> On Sat, May 7, 2022 at 7:32 PM Sergey A. Osokin <osa at freebsd.org.ru>
>> wrote:
>>
>>> Hi Kaushal,
>>>
>>> On Sat, May 07, 2022 at 06:31:59PM +0530, Kaushal Shriyan wrote:
>>> >
>>> > #gcc -o ngx_cache_purge_module ngx_cache_purge_module.c
>>> > ngx_cache_purge_module.c:30:19: fatal error: nginx.h: No such file or
>>> > directory
>>> >  #include <nginx.h>
>>> >                    ^
>>> > compilation terminated.
>>>
>>> I'd recommend to follow this [1] blog post to create a dynamic module
>>> for nginx.
>>>
>>> References:
>>> 1. https://www.nginx.com/blog/compiling-dynamic-modules-nginx-plus/
>>>
>>> --
>>> Sergey A. Osokin
>>> _______________________________________________
>>> nginx mailing list -- nginx at nginx.org
>>> To unsubscribe send an email to nginx-leave at nginx.org
>>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220508/a4507e0e/attachment.htm>

From kaushalshriyan at gmail.com  Sun May  8 08:08:27 2022
From: kaushalshriyan at gmail.com (Kaushal Shriyan)
Date: Sun, 8 May 2022 13:38:27 +0530
Subject: building ngx_cache_purge module on CentOS Linux release 7.9.2009 (Core)
In-Reply-To: <CAD7Ssm9HXT-G07imuSDPBzPmNNzCp0ae+gndt1Yc-MH0zaWLtA@mail.gmail.com>
References: <CAD7Ssm-n=KV_8Lp0HOX1oV9wUrNKr4dvAuu0K_om5RES5EY56A@mail.gmail.com>
 <YnZ7D2or4AkrJdh6@FreeBSD.org.ru> <CAD7Ssm-Y6wEt59D6cAhLqbEStKZjAep3TjH13JUokcufhZP+WQ@mail.gmail.com>
 <CAD7Ssm8aMroMBy+8f1rsz8j=syn0DrcFQJT0HfYPXtGO26FvHg@mail.gmail.com> <CAD7Ssm9HXT-G07imuSDPBzPmNNzCp0ae+gndt1Yc-MH0zaWLtA@mail.gmail.com>
Message-ID: <CAD7Ssm_TizmOJUKRvm7_Rza4h946PtS45To4r36kpiz2XskS9Q@mail.gmail.com>

Hi,

I have a follow up question. when i run using Method PURGE I am
encountering http 404 whereas when i run using Method GET.

*404 Not Found*

#curl -vvv -X PURGE -I
https://testnginxproxycachepurge.testintcraft.com/apis
* About to connect() to testnginxproxycachepurge.testintcraft.com port 443
(#0)
*   Trying 34.105.141.181...
* Connected to testnginxproxycachepurge.testintcraft.com (34.105.141.181)
port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=testnginxproxycachepurge.testintcraft.com
* start date: Apr 26 11:06:35 2022 GMT
* expire date: Jul 25 11:06:34 2022 GMT
* common name: testnginxproxycachepurge.testintcraft.com
* issuer: CN=R3,O=Let's Encrypt,C=US
> PURGE /apis HTTP/1.1
> User-Agent: curl/7.29.0
> Host: testnginxproxycachepurge.testintcraft.com
> Accept: */*
>
< HTTP/1.1 404 Not Found
HTTP/1.1 404 Not Found
< Server: nginx/1.20.2
Server: nginx/1.20.2
< Date: Sun, 08 May 2022 08:01:55 GMT
Date: Sun, 08 May 2022 08:01:55 GMT
< Content-Type: text/html
Content-Type: text/html
< Content-Length: 153
Content-Length: 153
< Connection: keep-alive
Connection: keep-alive

<
* Excess found in a non pipelined read: excess = 153 url = /apis
(zero-length body)
* Connection #0 to host testnginxproxycachepurge.testintcraft.com left
intact

*200 OK*
#curl -vvv -X GET -I https://testnginxproxycachepurge.testintcraft.com/apis
* About to connect() to testnginxproxycachepurge.testintcraft.com port 443
(#0)
*   Trying 34.105.141.181...
* Connected to testnginxproxycachepurge.testintcraft.com (34.105.141.181)
port 443 (#0)
* Initializing NSS with certpath: sql:/etc/pki/nssdb
*   CAfile: /etc/pki/tls/certs/ca-bundle.crt
  CApath: none
* SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
* Server certificate:
* subject: CN=testnginxproxycachepurge.testintcraft.com
* start date: Apr 26 11:06:35 2022 GMT
* expire date: Jul 25 11:06:34 2022 GMT
* common name: testnginxproxycachepurge.testintcraft.com
* issuer: CN=R3,O=Let's Encrypt,C=US
> GET /apis HTTP/1.1
> User-Agent: curl/7.29.0
> Host: testnginxproxycachepurge.testintcraft.com
> Accept: */*
>
< HTTP/1.1 200 OK
HTTP/1.1 200 OK
< Server: nginx/1.20.2
Server: nginx/1.20.2
< Date: Sun, 08 May 2022 08:01:43 GMT
Date: Sun, 08 May 2022 08:01:43 GMT
< Content-Type: text/html; charset=UTF-8
Content-Type: text/html; charset=UTF-8
< Transfer-Encoding: chunked
Transfer-Encoding: chunked
< Connection: keep-alive
Connection: keep-alive
< Cache-Control: max-age=21600, public
Cache-Control: max-age=21600, public
< Link: <https://testnginxproxycachepurge.testintcraft.com/apis>;
rel="canonical"
Link: <https://testnginxproxycachepurge.testintcraft.com/apis>;
rel="canonical"
< X-UA-Compatible: IE=edge
X-UA-Compatible: IE=edge
< Content-language: en
Content-language: en
< X-Content-Type-Options: nosniff
X-Content-Type-Options: nosniff
< X-Frame-Options: SAMEORIGIN
X-Frame-Options: SAMEORIGIN
< Permissions-Policy: interest-cohort=()
Permissions-Policy: interest-cohort=()
< Expires: Sun, 19 Nov 1978 05:00:00 GMT
Expires: Sun, 19 Nov 1978 05:00:00 GMT
< Vary: Cookie
Vary: Cookie
< X-XSS-Protection: 1; mode=block
X-XSS-Protection: 1; mode=block
< Strict-Transport-Security: max-age=31536000; includeSubDomains
Strict-Transport-Security: max-age=31536000; includeSubDomains
< Set-Cookie: ADRUM_BT=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT;
Max-Age=0; path=/
Set-Cookie: ADRUM_BT=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT;
Max-Age=0; path=/
< Set-Cookie:
ADRUM_BT=R%3A53%7Cg%3A5277dd0a-8de6-440a-a8f7-52fb782db251139%7Cn%3Aicebergtest_e1c60ae6-5d00-47d5-8c0a-690d8465795f;
expires=Sun, 08-May-2022 05:58:56 GMT; Max-Age=30; path=/
Set-Cookie:
ADRUM_BT=R%3A53%7Cg%3A5277dd0a-8de6-440a-a8f7-52fb782db251139%7Cn%3Aicebergtest_e1c60ae6-5d00-47d5-8c0a-690d8465795f;
expires=Sun, 08-May-2022 05:58:56 GMT; Max-Age=30; path=/
< Last-Modified: Tue, 26 Apr 2022 14:39:40 GMT
Last-Modified: Tue, 26 Apr 2022 14:39:40 GMT
< ETag: "1650983980"
ETag: "1650983980"
< Access-Control-Allow-Origin: *
Access-Control-Allow-Origin: *
< X-Cache-Status: HIT
X-Cache-Status: HIT

<
* Excess found in a non pipelined read: excess = 15395 url = /apis
(zero-length body)
* Connection #0 to host testnginxproxycachepurge.testintcraft.com left
intact
#

Please guide me. Thanks in advance.

Best Regards,

Kaushal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220508/43c6b1de/attachment.htm>

From kaushalshriyan at gmail.com  Sun May  8 10:22:16 2022
From: kaushalshriyan at gmail.com (Kaushal Shriyan)
Date: Sun, 8 May 2022 15:52:16 +0530
Subject: building ngx_cache_purge module on CentOS Linux release 7.9.2009 (Core)
In-Reply-To: <CAD7Ssm_TizmOJUKRvm7_Rza4h946PtS45To4r36kpiz2XskS9Q@mail.gmail.com>
References: <CAD7Ssm-n=KV_8Lp0HOX1oV9wUrNKr4dvAuu0K_om5RES5EY56A@mail.gmail.com>
 <YnZ7D2or4AkrJdh6@FreeBSD.org.ru> <CAD7Ssm-Y6wEt59D6cAhLqbEStKZjAep3TjH13JUokcufhZP+WQ@mail.gmail.com>
 <CAD7Ssm8aMroMBy+8f1rsz8j=syn0DrcFQJT0HfYPXtGO26FvHg@mail.gmail.com>
 <CAD7Ssm9HXT-G07imuSDPBzPmNNzCp0ae+gndt1Yc-MH0zaWLtA@mail.gmail.com> <CAD7Ssm_TizmOJUKRvm7_Rza4h946PtS45To4r36kpiz2XskS9Q@mail.gmail.com>
Message-ID: <CAD7Ssm98vK3Si_J=aYRh87S+AfSwHTjRiY9HP6-NStt6JpQYkA@mail.gmail.com>

Hi,

I am attaching the nginx file for your reference. Please guide me. Thanks
in advance.

Best Regards,

Kaushal

Best Regards,

Kaushal

On Sun, May 8, 2022 at 1:38 PM Kaushal Shriyan <kaushalshriyan at gmail.com>
wrote:

> Hi,
>
> I have a follow up question. when i run using Method PURGE I am
> encountering http 404 whereas when i run using Method GET.
>
> *404 Not Found*
>
> #curl -vvv -X PURGE -I
> https://testnginxproxycachepurge.testintcraft.com/apis
> * About to connect() to testnginxproxycachepurge.testintcraft.com port
> 443 (#0)
> *   Trying 34.105.141.181...
> * Connected to testnginxproxycachepurge.testintcraft.com (34.105.141.181)
> port 443 (#0)
> * Initializing NSS with certpath: sql:/etc/pki/nssdb
> *   CAfile: /etc/pki/tls/certs/ca-bundle.crt
>   CApath: none
> * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
> * Server certificate:
> * subject: CN=testnginxproxycachepurge.testintcraft.com
> * start date: Apr 26 11:06:35 2022 GMT
> * expire date: Jul 25 11:06:34 2022 GMT
> * common name: testnginxproxycachepurge.testintcraft.com
> * issuer: CN=R3,O=Let's Encrypt,C=US
> > PURGE /apis HTTP/1.1
> > User-Agent: curl/7.29.0
> > Host: testnginxproxycachepurge.testintcraft.com
> > Accept: */*
> >
> < HTTP/1.1 404 Not Found
> HTTP/1.1 404 Not Found
> < Server: nginx/1.20.2
> Server: nginx/1.20.2
> < Date: Sun, 08 May 2022 08:01:55 GMT
> Date: Sun, 08 May 2022 08:01:55 GMT
> < Content-Type: text/html
> Content-Type: text/html
> < Content-Length: 153
> Content-Length: 153
> < Connection: keep-alive
> Connection: keep-alive
>
> <
> * Excess found in a non pipelined read: excess = 153 url = /apis
> (zero-length body)
> * Connection #0 to host testnginxproxycachepurge.testintcraft.com left
> intact
>
> *200 OK*
> #curl -vvv -X GET -I
> https://testnginxproxycachepurge.testintcraft.com/apis
> * About to connect() to testnginxproxycachepurge.testintcraft.com port
> 443 (#0)
> *   Trying 34.105.141.181...
> * Connected to testnginxproxycachepurge.testintcraft.com (34.105.141.181)
> port 443 (#0)
> * Initializing NSS with certpath: sql:/etc/pki/nssdb
> *   CAfile: /etc/pki/tls/certs/ca-bundle.crt
>   CApath: none
> * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
> * Server certificate:
> * subject: CN=testnginxproxycachepurge.testintcraft.com
> * start date: Apr 26 11:06:35 2022 GMT
> * expire date: Jul 25 11:06:34 2022 GMT
> * common name: testnginxproxycachepurge.testintcraft.com
> * issuer: CN=R3,O=Let's Encrypt,C=US
> > GET /apis HTTP/1.1
> > User-Agent: curl/7.29.0
> > Host: testnginxproxycachepurge.testintcraft.com
> > Accept: */*
> >
> < HTTP/1.1 200 OK
> HTTP/1.1 200 OK
> < Server: nginx/1.20.2
> Server: nginx/1.20.2
> < Date: Sun, 08 May 2022 08:01:43 GMT
> Date: Sun, 08 May 2022 08:01:43 GMT
> < Content-Type: text/html; charset=UTF-8
> Content-Type: text/html; charset=UTF-8
> < Transfer-Encoding: chunked
> Transfer-Encoding: chunked
> < Connection: keep-alive
> Connection: keep-alive
> < Cache-Control: max-age=21600, public
> Cache-Control: max-age=21600, public
> < Link: <https://testnginxproxycachepurge.testintcraft.com/apis>;
> rel="canonical"
> Link: <https://testnginxproxycachepurge.testintcraft.com/apis>;
> rel="canonical"
> < X-UA-Compatible: IE=edge
> X-UA-Compatible: IE=edge
> < Content-language: en
> Content-language: en
> < X-Content-Type-Options: nosniff
> X-Content-Type-Options: nosniff
> < X-Frame-Options: SAMEORIGIN
> X-Frame-Options: SAMEORIGIN
> < Permissions-Policy: interest-cohort=()
> Permissions-Policy: interest-cohort=()
> < Expires: Sun, 19 Nov 1978 05:00:00 GMT
> Expires: Sun, 19 Nov 1978 05:00:00 GMT
> < Vary: Cookie
> Vary: Cookie
> < X-XSS-Protection: 1; mode=block
> X-XSS-Protection: 1; mode=block
> < Strict-Transport-Security: max-age=31536000; includeSubDomains
> Strict-Transport-Security: max-age=31536000; includeSubDomains
> < Set-Cookie: ADRUM_BT=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT;
> Max-Age=0; path=/
> Set-Cookie: ADRUM_BT=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT;
> Max-Age=0; path=/
> < Set-Cookie:
> ADRUM_BT=R%3A53%7Cg%3A5277dd0a-8de6-440a-a8f7-52fb782db251139%7Cn%3Aicebergtest_e1c60ae6-5d00-47d5-8c0a-690d8465795f;
> expires=Sun, 08-May-2022 05:58:56 GMT; Max-Age=30; path=/
> Set-Cookie:
> ADRUM_BT=R%3A53%7Cg%3A5277dd0a-8de6-440a-a8f7-52fb782db251139%7Cn%3Aicebergtest_e1c60ae6-5d00-47d5-8c0a-690d8465795f;
> expires=Sun, 08-May-2022 05:58:56 GMT; Max-Age=30; path=/
> < Last-Modified: Tue, 26 Apr 2022 14:39:40 GMT
> Last-Modified: Tue, 26 Apr 2022 14:39:40 GMT
> < ETag: "1650983980"
> ETag: "1650983980"
> < Access-Control-Allow-Origin: *
> Access-Control-Allow-Origin: *
> < X-Cache-Status: HIT
> X-Cache-Status: HIT
>
> <
> * Excess found in a non pipelined read: excess = 15395 url = /apis
> (zero-length body)
> * Connection #0 to host testnginxproxycachepurge.testintcraft.com left
> intact
> #
>
> Please guide me. Thanks in advance.
>
> Best Regards,
>
> Kaushal
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220508/991bb658/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginxpurgecache.conf
Type: application/octet-stream
Size: 6192 bytes
Desc: not available
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220508/991bb658/attachment.obj>

From kaushalshriyan at gmail.com  Sun May  8 12:31:41 2022
From: kaushalshriyan at gmail.com (Kaushal Shriyan)
Date: Sun, 8 May 2022 18:01:41 +0530
Subject: building ngx_cache_purge module on CentOS Linux release 7.9.2009 (Core)
In-Reply-To: <CAD7Ssm98vK3Si_J=aYRh87S+AfSwHTjRiY9HP6-NStt6JpQYkA@mail.gmail.com>
References: <CAD7Ssm-n=KV_8Lp0HOX1oV9wUrNKr4dvAuu0K_om5RES5EY56A@mail.gmail.com>
 <YnZ7D2or4AkrJdh6@FreeBSD.org.ru> <CAD7Ssm-Y6wEt59D6cAhLqbEStKZjAep3TjH13JUokcufhZP+WQ@mail.gmail.com>
 <CAD7Ssm8aMroMBy+8f1rsz8j=syn0DrcFQJT0HfYPXtGO26FvHg@mail.gmail.com>
 <CAD7Ssm9HXT-G07imuSDPBzPmNNzCp0ae+gndt1Yc-MH0zaWLtA@mail.gmail.com>
 <CAD7Ssm_TizmOJUKRvm7_Rza4h946PtS45To4r36kpiz2XskS9Q@mail.gmail.com> <CAD7Ssm98vK3Si_J=aYRh87S+AfSwHTjRiY9HP6-NStt6JpQYkA@mail.gmail.com>
Message-ID: <CAD7Ssm_x7pQ2VvSCZhW+8wUfOwCGUh==wmQ_fbuB4W6vZY=iPA@mail.gmail.com>

Hi,

Further to the earlier email, the nginx cache has the contents which are
as follows.

# pwd
/var/www/nginx/cache
#
# ls -l
total 0
drwxrwxrwx. 14 nginx deployuser 114 May  8 05:58 content
drwxrwxrwx. 15 nginx deployuser 123 May  8 07:31 files
#
/var/www/nginx/cache/files
# ls -l
total 0
drwx------ 4 nginx nginx 26 May  8 05:58 0
drwx------ 4 nginx nginx 26 May  8 06:04 1
drwx------ 5 nginx nginx 36 May  8 05:58 2
drwx------ 3 nginx nginx 16 May  6 12:12 3
drwx------ 4 nginx nginx 26 May  8 05:58 4
drwx------ 3 nginx nginx 16 May  8 06:04 6
drwx------ 3 nginx nginx 16 May  8 06:04 7
drwx------ 3 nginx nginx 16 May  5 10:44 9
drwx------ 3 nginx nginx 16 May  5 10:44 a
drwx------ 3 nginx nginx 16 May  8 06:04 b
drwx------ 3 nginx nginx 16 May  8 07:31 d
drwx------ 4 nginx nginx 26 May  8 06:04 e
drwx------ 3 nginx nginx 16 May  5 11:29 f
# cd ../content/
# ls -l
total 0
drwx------ 3 nginx nginx 16 May  6 05:28 1
drwx------ 5 nginx nginx 36 May  8 11:39 2
drwx------ 3 nginx nginx 16 May  6 12:12 3
drwx------ 3 nginx nginx 16 May  8 05:58 4
drwx------ 6 nginx nginx 46 May  5 08:03 5
drwx------ 6 nginx nginx 46 May  8 07:31 7
drwx------ 4 nginx nginx 26 May  5 08:03 8
drwx------ 3 nginx nginx 16 May  4 17:21 9
drwx------ 4 nginx nginx 26 May  8 06:04 a
drwx------ 5 nginx nginx 36 May  8 06:30 c
drwx------ 3 nginx nginx 16 May  5 06:21 d
drwx------ 4 nginx nginx 26 May  5 08:03 f
#

Best Regards,

Kaushal

On Sun, May 8, 2022 at 3:52 PM Kaushal Shriyan <kaushalshriyan at gmail.com>
wrote:

> Hi,
>
> I am attaching the nginx file for your reference. Please guide me. Thanks
> in advance.
>
> Best Regards,
>
> Kaushal
>
> Best Regards,
>
> Kaushal
>
> On Sun, May 8, 2022 at 1:38 PM Kaushal Shriyan <kaushalshriyan at gmail.com>
> wrote:
>
>> Hi,
>>
>> I have a follow up question. when i run using Method PURGE I am
>> encountering http 404 whereas when i run using Method GET.
>>
>> *404 Not Found*
>>
>> #curl -vvv -X PURGE -I
>> https://testnginxproxycachepurge.testintcraft.com/apis
>> * About to connect() to testnginxproxycachepurge.testintcraft.com port
>> 443 (#0)
>> *   Trying 34.105.141.181...
>> * Connected to testnginxproxycachepurge.testintcraft.com
>> (34.105.141.181) port 443 (#0)
>> * Initializing NSS with certpath: sql:/etc/pki/nssdb
>> *   CAfile: /etc/pki/tls/certs/ca-bundle.crt
>>   CApath: none
>> * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
>> * Server certificate:
>> * subject: CN=testnginxproxycachepurge.testintcraft.com
>> * start date: Apr 26 11:06:35 2022 GMT
>> * expire date: Jul 25 11:06:34 2022 GMT
>> * common name: testnginxproxycachepurge.testintcraft.com
>> * issuer: CN=R3,O=Let's Encrypt,C=US
>> > PURGE /apis HTTP/1.1
>> > User-Agent: curl/7.29.0
>> > Host: testnginxproxycachepurge.testintcraft.com
>> > Accept: */*
>> >
>> < HTTP/1.1 404 Not Found
>> HTTP/1.1 404 Not Found
>> < Server: nginx/1.20.2
>> Server: nginx/1.20.2
>> < Date: Sun, 08 May 2022 08:01:55 GMT
>> Date: Sun, 08 May 2022 08:01:55 GMT
>> < Content-Type: text/html
>> Content-Type: text/html
>> < Content-Length: 153
>> Content-Length: 153
>> < Connection: keep-alive
>> Connection: keep-alive
>>
>> <
>> * Excess found in a non pipelined read: excess = 153 url = /apis
>> (zero-length body)
>> * Connection #0 to host testnginxproxycachepurge.testintcraft.com left
>> intact
>>
>> *200 OK*
>> #curl -vvv -X GET -I
>> https://testnginxproxycachepurge.testintcraft.com/apis
>> * About to connect() to testnginxproxycachepurge.testintcraft.com port
>> 443 (#0)
>> *   Trying 34.105.141.181...
>> * Connected to testnginxproxycachepurge.testintcraft.com
>> (34.105.141.181) port 443 (#0)
>> * Initializing NSS with certpath: sql:/etc/pki/nssdb
>> *   CAfile: /etc/pki/tls/certs/ca-bundle.crt
>>   CApath: none
>> * SSL connection using TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
>> * Server certificate:
>> * subject: CN=testnginxproxycachepurge.testintcraft.com
>> * start date: Apr 26 11:06:35 2022 GMT
>> * expire date: Jul 25 11:06:34 2022 GMT
>> * common name: testnginxproxycachepurge.testintcraft.com
>> * issuer: CN=R3,O=Let's Encrypt,C=US
>> > GET /apis HTTP/1.1
>> > User-Agent: curl/7.29.0
>> > Host: testnginxproxycachepurge.testintcraft.com
>> > Accept: */*
>> >
>> < HTTP/1.1 200 OK
>> HTTP/1.1 200 OK
>> < Server: nginx/1.20.2
>> Server: nginx/1.20.2
>> < Date: Sun, 08 May 2022 08:01:43 GMT
>> Date: Sun, 08 May 2022 08:01:43 GMT
>> < Content-Type: text/html; charset=UTF-8
>> Content-Type: text/html; charset=UTF-8
>> < Transfer-Encoding: chunked
>> Transfer-Encoding: chunked
>> < Connection: keep-alive
>> Connection: keep-alive
>> < Cache-Control: max-age=21600, public
>> Cache-Control: max-age=21600, public
>> < Link: <https://testnginxproxycachepurge.testintcraft.com/apis>;
>> rel="canonical"
>> Link: <https://testnginxproxycachepurge.testintcraft.com/apis>;
>> rel="canonical"
>> < X-UA-Compatible: IE=edge
>> X-UA-Compatible: IE=edge
>> < Content-language: en
>> Content-language: en
>> < X-Content-Type-Options: nosniff
>> X-Content-Type-Options: nosniff
>> < X-Frame-Options: SAMEORIGIN
>> X-Frame-Options: SAMEORIGIN
>> < Permissions-Policy: interest-cohort=()
>> Permissions-Policy: interest-cohort=()
>> < Expires: Sun, 19 Nov 1978 05:00:00 GMT
>> Expires: Sun, 19 Nov 1978 05:00:00 GMT
>> < Vary: Cookie
>> Vary: Cookie
>> < X-XSS-Protection: 1; mode=block
>> X-XSS-Protection: 1; mode=block
>> < Strict-Transport-Security: max-age=31536000; includeSubDomains
>> Strict-Transport-Security: max-age=31536000; includeSubDomains
>> < Set-Cookie: ADRUM_BT=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT;
>> Max-Age=0; path=/
>> Set-Cookie: ADRUM_BT=deleted; expires=Thu, 01-Jan-1970 00:00:01 GMT;
>> Max-Age=0; path=/
>> < Set-Cookie:
>> ADRUM_BT=R%3A53%7Cg%3A5277dd0a-8de6-440a-a8f7-52fb782db251139%7Cn%3Aicebergtest_e1c60ae6-5d00-47d5-8c0a-690d8465795f;
>> expires=Sun, 08-May-2022 05:58:56 GMT; Max-Age=30; path=/
>> Set-Cookie:
>> ADRUM_BT=R%3A53%7Cg%3A5277dd0a-8de6-440a-a8f7-52fb782db251139%7Cn%3Aicebergtest_e1c60ae6-5d00-47d5-8c0a-690d8465795f;
>> expires=Sun, 08-May-2022 05:58:56 GMT; Max-Age=30; path=/
>> < Last-Modified: Tue, 26 Apr 2022 14:39:40 GMT
>> Last-Modified: Tue, 26 Apr 2022 14:39:40 GMT
>> < ETag: "1650983980"
>> ETag: "1650983980"
>> < Access-Control-Allow-Origin: *
>> Access-Control-Allow-Origin: *
>> < X-Cache-Status: HIT
>> X-Cache-Status: HIT
>>
>> <
>> * Excess found in a non pipelined read: excess = 15395 url = /apis
>> (zero-length body)
>> * Connection #0 to host testnginxproxycachepurge.testintcraft.com left
>> intact
>> #
>>
>> Please guide me. Thanks in advance.
>>
>> Best Regards,
>>
>> Kaushal
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220508/17b84648/attachment.htm>

From osa at freebsd.org.ru  Sun May  8 20:31:42 2022
From: osa at freebsd.org.ru (Sergey A. Osokin)
Date: Sun, 8 May 2022 23:31:42 +0300
Subject: building ngx_cache_purge module on CentOS Linux release 7.9.2009
 (Core)
In-Reply-To: <CAD7Ssm98vK3Si_J=aYRh87S+AfSwHTjRiY9HP6-NStt6JpQYkA@mail.gmail.com>
References: <CAD7Ssm-n=KV_8Lp0HOX1oV9wUrNKr4dvAuu0K_om5RES5EY56A@mail.gmail.com>
 <YnZ7D2or4AkrJdh6@FreeBSD.org.ru>
 <CAD7Ssm-Y6wEt59D6cAhLqbEStKZjAep3TjH13JUokcufhZP+WQ@mail.gmail.com>
 <CAD7Ssm8aMroMBy+8f1rsz8j=syn0DrcFQJT0HfYPXtGO26FvHg@mail.gmail.com>
 <CAD7Ssm9HXT-G07imuSDPBzPmNNzCp0ae+gndt1Yc-MH0zaWLtA@mail.gmail.com>
 <CAD7Ssm_TizmOJUKRvm7_Rza4h946PtS45To4r36kpiz2XskS9Q@mail.gmail.com>
 <CAD7Ssm98vK3Si_J=aYRh87S+AfSwHTjRiY9HP6-NStt6JpQYkA@mail.gmail.com>
Message-ID: <YngorlsL/z/gcAEi@FreeBSD.org.ru>

Hi Kaushal,

thanks for the update.

On Sun, May 08, 2022 at 03:52:16PM +0530, Kaushal Shriyan wrote:
> Hi,
> 
> I am attaching the nginx file for your reference. Please guide me. Thanks
> in advance.

[ ... ]

Well, you did absolutely right when you raised an issue for the vendor of
the third-party module [1].  Hope somebody takes care on that soon.

While I'm here, I'd recommend to take a look on tests for the third-party
module here [2], hope that helps you to create a set of tests for your
specific case.

Thank you.

References:
1. https://github.com/FRiCKLE/ngx_cache_purge/issues/76
2. https://github.com/FRiCKLE/ngx_cache_purge/tree/master/t

-- 
Sergey A. Osokin


From kaushalshriyan at gmail.com  Mon May  9 02:26:50 2022
From: kaushalshriyan at gmail.com (Kaushal Shriyan)
Date: Mon, 9 May 2022 07:56:50 +0530
Subject: building ngx_cache_purge module on CentOS Linux release 7.9.2009 (Core)
In-Reply-To: <YngorlsL/z/gcAEi@FreeBSD.org.ru>
References: <CAD7Ssm-n=KV_8Lp0HOX1oV9wUrNKr4dvAuu0K_om5RES5EY56A@mail.gmail.com>
 <YnZ7D2or4AkrJdh6@FreeBSD.org.ru> <CAD7Ssm-Y6wEt59D6cAhLqbEStKZjAep3TjH13JUokcufhZP+WQ@mail.gmail.com>
 <CAD7Ssm8aMroMBy+8f1rsz8j=syn0DrcFQJT0HfYPXtGO26FvHg@mail.gmail.com>
 <CAD7Ssm9HXT-G07imuSDPBzPmNNzCp0ae+gndt1Yc-MH0zaWLtA@mail.gmail.com>
 <CAD7Ssm_TizmOJUKRvm7_Rza4h946PtS45To4r36kpiz2XskS9Q@mail.gmail.com>
 <CAD7Ssm98vK3Si_J=aYRh87S+AfSwHTjRiY9HP6-NStt6JpQYkA@mail.gmail.com> <YngorlsL/z/gcAEi@FreeBSD.org.ru>
Message-ID: <CAD7Ssm8_n3GA1tuTz+pxVP=LvcPK95rMkFNJx2jcH5hJgqZSww@mail.gmail.com>

Hi Sergey,

I am not sure if I completely understand
https://github.com/FRiCKLE/ngx_cache_purge/tree/master/t. Any examples to
create and run the test cases?

Best Regards,

Kaushal

On Mon, May 9, 2022 at 2:05 AM Sergey A. Osokin <osa at freebsd.org.ru> wrote:

> Hi Kaushal,
>
> thanks for the update.
>
> On Sun, May 08, 2022 at 03:52:16PM +0530, Kaushal Shriyan wrote:
> > Hi,
> >
> > I am attaching the nginx file for your reference. Please guide me. Thanks
> > in advance.
>
> [ ... ]
>
> Well, you did absolutely right when you raised an issue for the vendor of
> the third-party module [1].  Hope somebody takes care on that soon.
>
> While I'm here, I'd recommend to take a look on tests for the third-party
> module here [2], hope that helps you to create a set of tests for your
> specific case.
>
> Thank you.
>
> References:
> 1. https://github.com/FRiCKLE/ngx_cache_purge/issues/76
> 2. https://github.com/FRiCKLE/ngx_cache_purge/tree/master/t
>
> --
> Sergey A. Osokin
> _______________________________________________
> nginx mailing list -- nginx at nginx.org
> To unsubscribe send an email to nginx-leave at nginx.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220509/1f921af7/attachment.htm>

From osa at freebsd.org.ru  Mon May  9 02:56:44 2022
From: osa at freebsd.org.ru (Sergey A. Osokin)
Date: Mon, 9 May 2022 05:56:44 +0300
Subject: building ngx_cache_purge module on CentOS Linux release 7.9.2009
 (Core)
In-Reply-To: <CAD7Ssm8_n3GA1tuTz+pxVP=LvcPK95rMkFNJx2jcH5hJgqZSww@mail.gmail.com>
References: <CAD7Ssm-n=KV_8Lp0HOX1oV9wUrNKr4dvAuu0K_om5RES5EY56A@mail.gmail.com>
 <YnZ7D2or4AkrJdh6@FreeBSD.org.ru>
 <CAD7Ssm-Y6wEt59D6cAhLqbEStKZjAep3TjH13JUokcufhZP+WQ@mail.gmail.com>
 <CAD7Ssm8aMroMBy+8f1rsz8j=syn0DrcFQJT0HfYPXtGO26FvHg@mail.gmail.com>
 <CAD7Ssm9HXT-G07imuSDPBzPmNNzCp0ae+gndt1Yc-MH0zaWLtA@mail.gmail.com>
 <CAD7Ssm_TizmOJUKRvm7_Rza4h946PtS45To4r36kpiz2XskS9Q@mail.gmail.com>
 <CAD7Ssm98vK3Si_J=aYRh87S+AfSwHTjRiY9HP6-NStt6JpQYkA@mail.gmail.com>
 <YngorlsL/z/gcAEi@FreeBSD.org.ru>
 <CAD7Ssm8_n3GA1tuTz+pxVP=LvcPK95rMkFNJx2jcH5hJgqZSww@mail.gmail.com>
Message-ID: <YniC7Ehf2nZjSqmV@FreeBSD.org.ru>

Hi Kaushal,

On Mon, May 09, 2022 at 07:56:50AM +0530, Kaushal Shriyan wrote:
> Hi Sergey,
> 
> I am not sure if I completely understand
> https://github.com/FRiCKLE/ngx_cache_purge/tree/master/t. Any examples to
> create and run the test cases?

Sure, please take a look on the followving URL [1].

References:
1. https://perldoc.perl.org/prove

--
Sergey A. Osokin


From kaushalshriyan at gmail.com  Mon May  9 03:14:32 2022
From: kaushalshriyan at gmail.com (Kaushal Shriyan)
Date: Mon, 9 May 2022 08:44:32 +0530
Subject: building ngx_cache_purge module on CentOS Linux release 7.9.2009 (Core)
In-Reply-To: <YniC7Ehf2nZjSqmV@FreeBSD.org.ru>
References: <CAD7Ssm-n=KV_8Lp0HOX1oV9wUrNKr4dvAuu0K_om5RES5EY56A@mail.gmail.com>
 <YnZ7D2or4AkrJdh6@FreeBSD.org.ru> <CAD7Ssm-Y6wEt59D6cAhLqbEStKZjAep3TjH13JUokcufhZP+WQ@mail.gmail.com>
 <CAD7Ssm8aMroMBy+8f1rsz8j=syn0DrcFQJT0HfYPXtGO26FvHg@mail.gmail.com>
 <CAD7Ssm9HXT-G07imuSDPBzPmNNzCp0ae+gndt1Yc-MH0zaWLtA@mail.gmail.com>
 <CAD7Ssm_TizmOJUKRvm7_Rza4h946PtS45To4r36kpiz2XskS9Q@mail.gmail.com>
 <CAD7Ssm98vK3Si_J=aYRh87S+AfSwHTjRiY9HP6-NStt6JpQYkA@mail.gmail.com>
 <YngorlsL/z/gcAEi@FreeBSD.org.ru> <CAD7Ssm8_n3GA1tuTz+pxVP=LvcPK95rMkFNJx2jcH5hJgqZSww@mail.gmail.com>
 <YniC7Ehf2nZjSqmV@FreeBSD.org.ru>
Message-ID: <CAD7Ssm-CjJwoB5sSQO6dmduCgKgaR6p39h=keMRzFHQmRx=0Lw@mail.gmail.com>

Hi Sergey,

Is there a way to find out what URLs are cached in Nginx Cache? from Nginx
command line utility or /etc/nginx/nginx.conf

# pwd
/var/www/nginx/cache
#ls -l
total 0
drwxrwxrwx. 14 nginx deployuser 114 May  8 05:58 content
drwxrwxrwx. 15 nginx deployuser 123 May  8 07:31 files
#cd /var/www/nginx/cache/files
# ls -l
total 0
drwx------ 4 nginx nginx 26 May  8 05:58 0
drwx------ 4 nginx nginx 26 May  8 06:04 1
drwx------ 5 nginx nginx 36 May  8 05:58 2
drwx------ 3 nginx nginx 16 May  6 12:12 3
drwx------ 4 nginx nginx 26 May  8 05:58 4
drwx------ 3 nginx nginx 16 May  8 06:04 6
drwx------ 3 nginx nginx 16 May  8 06:04 7
drwx------ 3 nginx nginx 16 May  5 10:44 9
drwx------ 3 nginx nginx 16 May  5 10:44 a
drwx------ 3 nginx nginx 16 May  8 06:04 b
drwx------ 3 nginx nginx 16 May  8 07:31 d
drwx------ 4 nginx nginx 26 May  8 06:04 e
drwx------ 3 nginx nginx 16 May  5 11:29 f
# cd /var/www/nginx/cache/content
# ls -l
total 0
drwx------ 3 nginx nginx 16 May  6 05:28 1
drwx------ 5 nginx nginx 36 May  8 11:39 2
drwx------ 3 nginx nginx 16 May  6 12:12 3
drwx------ 3 nginx nginx 16 May  8 05:58 4
drwx------ 6 nginx nginx 46 May  5 08:03 5
drwx------ 6 nginx nginx 46 May  8 07:31 7
drwx------ 4 nginx nginx 26 May  5 08:03 8
drwx------ 3 nginx nginx 16 May  4 17:21 9
drwx------ 4 nginx nginx 26 May  8 06:04 a
drwx------ 5 nginx nginx 36 May  8 06:30 c
drwx------ 3 nginx nginx 16 May  5 06:21 d
drwx------ 4 nginx nginx 26 May  5 08:03 f
#

Please guide me. Thanks in Advance.

Best Regards,

Kaushal

On Mon, May 9, 2022 at 8:30 AM Sergey A. Osokin <osa at freebsd.org.ru> wrote:

> Hi Kaushal,
>
> On Mon, May 09, 2022 at 07:56:50AM +0530, Kaushal Shriyan wrote:
> > Hi Sergey,
> >
> > I am not sure if I completely understand
> > https://github.com/FRiCKLE/ngx_cache_purge/tree/master/t. Any examples
> to
> > create and run the test cases?
>
> Sure, please take a look on the followving URL [1].
>
> References:
> 1. https://perldoc.perl.org/prove
>
> --
> Sergey A. Osokin
> _______________________________________________
> nginx mailing list -- nginx at nginx.org
> To unsubscribe send an email to nginx-leave at nginx.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220509/5aef817d/attachment.htm>

From osa at freebsd.org.ru  Mon May  9 13:02:20 2022
From: osa at freebsd.org.ru (Sergey A. Osokin)
Date: Mon, 9 May 2022 16:02:20 +0300
Subject: building ngx_cache_purge module on CentOS Linux release 7.9.2009
 (Core)
In-Reply-To: <CAD7Ssm-CjJwoB5sSQO6dmduCgKgaR6p39h=keMRzFHQmRx=0Lw@mail.gmail.com>
References: <YnZ7D2or4AkrJdh6@FreeBSD.org.ru>
 <CAD7Ssm-Y6wEt59D6cAhLqbEStKZjAep3TjH13JUokcufhZP+WQ@mail.gmail.com>
 <CAD7Ssm8aMroMBy+8f1rsz8j=syn0DrcFQJT0HfYPXtGO26FvHg@mail.gmail.com>
 <CAD7Ssm9HXT-G07imuSDPBzPmNNzCp0ae+gndt1Yc-MH0zaWLtA@mail.gmail.com>
 <CAD7Ssm_TizmOJUKRvm7_Rza4h946PtS45To4r36kpiz2XskS9Q@mail.gmail.com>
 <CAD7Ssm98vK3Si_J=aYRh87S+AfSwHTjRiY9HP6-NStt6JpQYkA@mail.gmail.com>
 <YngorlsL/z/gcAEi@FreeBSD.org.ru>
 <CAD7Ssm8_n3GA1tuTz+pxVP=LvcPK95rMkFNJx2jcH5hJgqZSww@mail.gmail.com>
 <YniC7Ehf2nZjSqmV@FreeBSD.org.ru>
 <CAD7Ssm-CjJwoB5sSQO6dmduCgKgaR6p39h=keMRzFHQmRx=0Lw@mail.gmail.com>
Message-ID: <YnkQ3Kz6YMLEw8/l@FreeBSD.org.ru>

Hi Kaushal,

On Mon, May 09, 2022 at 08:44:32AM +0530, Kaushal Shriyan wrote:
> 
> Is there a way to find out what URLs are cached in Nginx Cache? from Nginx
> command line utility or /etc/nginx/nginx.conf

I'd recommend to use standard UNIX/Linux tools for that: find(1) [1],
xargs(1) [2], grep(1) [3].

References:
1. https://www.freebsd.org/cgi/man.cgi?query=find&apropos=0&sektion=0&manpath=FreeBSD+13.0-RELEASE+and+Ports&arch=default&format=html
2. https://www.freebsd.org/cgi/man.cgi?query=xargs&apropos=0&sektion=0&manpath=FreeBSD+13.0-RELEASE+and+Ports&arch=default&format=html
3. https://www.freebsd.org/cgi/man.cgi?query=grep&apropos=0&sektion=0&manpath=FreeBSD+13.0-RELEASE+and+Ports&arch=default&format=html

--
Sergey A. Osokin


From alan.jackson at netvalue.nz  Mon May  9 21:27:46 2022
From: alan.jackson at netvalue.nz (Alan Jackson)
Date: Tue, 10 May 2022 09:27:46 +1200 (NZST)
Subject: limit_conn_zone using $http_ variable not working?
In-Reply-To: <D978DE4B-9902-4DAA-A72D-5FBE16F178E1@nginx.com>
References: <1542157122.287827.1651794896557.JavaMail.zimbra@netvalue.nz> <D978DE4B-9902-4DAA-A72D-5FBE16F178E1@nginx.com>
Message-ID: <1690968682.8550.1652131666905.JavaMail.zimbra@netvalue.nz>

Thanks for the reply. Helped me along the right path - debug logging was very useful.

In the end I used real_ip module to rewrite with Client-IP:

                set_real_ip_from 127.0.0.1;
                real_ip_header Client-IP;

And now the $binary_remote_addr contains the original remote client IP.

                limit_conn_zone $binary_remote_addr zone=perip:10m;

Log lines are also now useful, and display the original remote client IP :)

Regards,
--Alan


> The "client: 127.0.0.1" part is the above log represents client address
> you previously claimed to contain "127.0.0.1", which is fine.
> The limit_conn_zone key evaluated content is logged at the debug level.


----- Original Message -----
From: "Sergey Kandaurov" <pluknet at nginx.com>
To: "nginx" <nginx at nginx.org>
Sent: Friday, 6 May, 2022 10:18:00 PM
Subject: Re: limit_conn_zone using $http_ variable not working?

> On 6 May 2022, at 03:54, Alan Jackson <alan.jackson at netvalue.nz> wrote:
> 
> Hi,
> 
> I'm trying to use rate limiting on an nginx mail proxy->nginx fastcgi backend to restrict the number of concurrent connections from a client's IP. Unfortunately, I can't use proxy_protocol on the mail proxy side due to the nginx version not supporting it. 
> 
> Using debug logging, I know that the nginx mail proxy is passing through an http header 'Client-IP' which contains the originating client IP.
> 
> I've confirmed that in the http backend, the variable $http_client_ip contains the originating request's client ip ($binary_remote_addr just contains 127.0.0.1 due to the proxy), and that setting a return http header using this variable works just fine.
> 
> However, when I try to use limit_conn_zone with the $http_client_ip variable, it is not behaving as I expect:
> 
> "limit_conn_zone $http_client_ip zone=perip:10m;" 
> 
> Results in log lines like:
> 
> "limiting connections, dry run, by zone "perip", client: 127.0.0.1, server: _, request: "GET /mail_auth.php HTTP/1.0" 
> 
> which doesn't look like the variable is being instantiated properly (client is still 127.0.0.1).
> 


> Is using an $http_ variable expected to work in a limit_conn_zone config like this?
> 

Yes, it is.

_______________________________________________
nginx mailing list -- nginx at nginx.org
To unsubscribe send an email to nginx-leave at nginx.org


From d.e.earle at gmail.com  Fri May 13 14:23:15 2022
From: d.e.earle at gmail.com (Daniel Earle)
Date: Fri, 13 May 2022 15:23:15 +0100
Subject: Trying to config for proxying to site down page
Message-ID: <CABtE10hYUhj7WEn5sYehU70dCWJOgC+OJL06XJPPtYDbEsX3LQ@mail.gmail.com>

I'm trying to get nginx to forward to my S3 bucket when my web app k8 pod
is down. So I was hoping the below config would, in the case of 50x error
or no response, forward request to bucket, then if the document doesn't
exist (very likely for first 50x request) - it would then return
sitedown.html - this would then request some css files which would fail
with same 50x then try on S3 and success.

However it just returns 404 when my application pod is down (if I remove
 proxy_intercept_errors on; error_page 403 404 =200 I get the S3 404
message as expected).

I want to avoid hosting the website down error page on the nginx server.

Below is my config (everything else config wise is as in the FROM
nginxinc/nginx-unprivileged:1.21 docker image)

server {
    listen       8080 default_server;
    server_name  _;
    port_in_redirect off;
    client_max_body_size 51M;
    server_tokens off;

    error_page 501 502 503 504 = @holding_page_proxy;

    location @holding_page_proxy {
        proxy_pass
https://tca-holding-pages-permits-dev.s3.eu-west-2.amazonaws.com;
        proxy_intercept_errors on;
        error_page 403 404 =200
https://mybucket.s3.eu-west-2.amazonaws.com/sitedown.html;
    }

    location / {
          proxy_read_timeout 180s;
          proxy_set_header X-Real-IP  $http_x_real_ip;
          proxy_set_header X-Forwarded-Host "";
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header Host $http_host;
          proxy_next_upstream error timeout invalid_header http_502
http_503 http_504 http_404;
          proxy_http_version 1.1;
          proxy_pass http://application:8080/;
    }

    # Deny access to the Spring Boot actuator.
    location /actuator {
        deny  all;
    }

    # probe for kubernetes checks
    location = /probe.html {
        root   /usr/share/nginx/html;
    }
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220513/51340bbf/attachment.htm>

From wizard at koalatyworks.com  Fri May 13 20:31:37 2022
From: wizard at koalatyworks.com (Ken Wright)
Date: Fri, 13 May 2022 16:31:37 -0400
Subject: 404 on one web app
Message-ID: <b83437389ea617144d258b22e1e0b375ee42a7fc.camel@koalatyworks.com>

I've been trying to install Roundcube on my mailserver, but when I get
to the step of starting the web-based configuration I get a 404
message.  The server is running Ubuntu 22.04 and I've previously had
Roundcube working, at least until I physically moved the server into my
new office.  The .conf file shows the root as /var/www/roundcube, which
is the correct path (I've double-checked that) but I still get that
404.

If anyone can help, I'd be very appreciative!  Further details on
request.

Ken
-- 
If you ever think international affairs make sense, remember this:
Because a Serb shot an Austrian in Bosnia, Germany invaded Belgium
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220513/bfc6d3cd/attachment.bin>

From r at roze.lv  Sat May 14 15:52:29 2022
From: r at roze.lv (Reinis Rozitis)
Date: Sat, 14 May 2022 18:52:29 +0300
Subject: Trying to config for proxying to site down page
In-Reply-To: <CABtE10hYUhj7WEn5sYehU70dCWJOgC+OJL06XJPPtYDbEsX3LQ@mail.gmail.com>
References: <CABtE10hYUhj7WEn5sYehU70dCWJOgC+OJL06XJPPtYDbEsX3LQ@mail.gmail.com>
Message-ID: <000901d867aa$9dd14af0$d973e0d0$@roze.lv>

You can’t have a full url in the error_page (just uri)

Change:
 error_page 403 404 =200 https://mybucket.s3.eu-west-2.amazonaws.com/sitedown.html;
   
to something like:

error_page 403 404 =200 /sitedown.html;

location /sitedown.html {
   proxy_pass https://mybucket.s3.eu-west-2.amazonaws.com;
}

(or you can do similar @named location with return 301 .. depending on if you want the client to be redirected to that particular bucket url).


Also you might need to enable recursive_error_pages http://nginx.org/en/docs/http/ngx_http_core_module.html#recursive_error_pages since you have  an error_page within error_page.

rr

From: Daniel Earle <d.e.earle at gmail.com> 
Sent: piektdiena, 2022. gada 13. maijs 17:23
To: nginx at nginx.org
Subject: Trying to config for proxying to site down page

I'm trying to get nginx to forward to my S3 bucket when my web app k8 pod is down. So I was hoping the below config would, in the case of 50x error or no response, forward request to bucket, then if the document doesn't exist (very likely for first 50x request) - it would then return sitedown.html - this would then request some css files which would fail with same 50x then try on S3 and success.

However it just returns 404 when my application pod is down (if I remove  proxy_intercept_errors on; error_page 403 404 =200 I get the S3 404 message as expected).

I want to avoid hosting the website down error page on the nginx server.

Below is my config (everything else config wise is as in the FROM nginxinc/nginx-unprivileged:1.21 docker image)

server {
    listen       8080 default_server;
    server_name  _;
    port_in_redirect off;
    client_max_body_size 51M;
    server_tokens off;

    error_page 501 502 503 504 = @holding_page_proxy;

    location @holding_page_proxy {
        proxy_pass https://tca-holding-pages-permits-dev.s3.eu-west-2.amazonaws.com;
        proxy_intercept_errors on;
        error_page 403 404 =200 https://mybucket.s3.eu-west-2.amazonaws.com/sitedown.html;
    }

    location / {
          proxy_read_timeout 180s;
          proxy_set_header X-Real-IP  $http_x_real_ip;
          proxy_set_header X-Forwarded-Host "";
          proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
          proxy_set_header Host $http_host;
          proxy_next_upstream error timeout invalid_header http_502 http_503 http_504 http_404;
          proxy_http_version 1.1;
          proxy_pass http://application:8080/;
    }

    # Deny access to the Spring Boot actuator.
    location /actuator {
        deny  all;
    }

    # probe for kubernetes checks
    location = /probe.html {
        root   /usr/share/nginx/html;
    }
}


From nginx-forum at forum.nginx.org  Mon May 16 12:52:49 2022
From: nginx-forum at forum.nginx.org (kalai1302)
Date: Mon, 16 May 2022 08:52:49 -0400
Subject: need help reverse-proxy config
In-Reply-To: <207727426.20170109201733@maelenn.org>
References: <207727426.20170109201733@maelenn.org>
Message-ID: <526b0c279fa653f8179c745cd8bb450c.NginxMailingListEnglish@forum.nginx.org>

.

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,271891,294180#msg-294180


From mkeen21 at gmail.com  Tue May 17 03:29:44 2022
From: mkeen21 at gmail.com (Matthew Keen)
Date: Tue, 17 May 2022 13:29:44 +1000
Subject: UDP Load Balancer with HTTP healthcheck
Message-ID: <CABTkkEVLsOc+P0dQ7T4aDpqu5vEF5oNjb7F=qXEaYtJzm3Dhgg@mail.gmail.com>

Hi all,

Can someone please advise if it's possible to have a UDP loadbalancer with
HTTP healthchecks in NGINX?

Also, if this is a valid configuration would anyone have an example .conf
file?

Thanks in advance !!!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220517/5a1f2250/attachment.htm>

From nginx-forum at forum.nginx.org  Tue May 17 12:27:14 2022
From: nginx-forum at forum.nginx.org (Tammymeans)
Date: Tue, 17 May 2022 08:27:14 -0400
Subject: Purge the Nginx cache
In-Reply-To: <CAD7Ssm-FNG=V06CQzKbK_O8iAwPq4Z8LJXW37_1Njw_oTXYMDQ@mail.gmail.com>
References: <CAD7Ssm-FNG=V06CQzKbK_O8iAwPq4Z8LJXW37_1Njw_oTXYMDQ@mail.gmail.com>
Message-ID: <a66875d9ce6c420bf535cf39b372a451.NginxMailingListEnglish@forum.nginx.org>

kaushalshriyan Wrote:
-------------------------------------------------------
> Hi,
> 
> I am running the nginx version: nginx/1.20.2 as a reverse proxy server
> on
> CentOS Linux release 7.9.2009 (Core). Is there a way to purge the
> cache
> without restarting the nginx server? I am reading a blog which says to
> use
> nginx bypass purge cache method instead of manually purging Nginx
> cache
> using the below method.
> https://testfiledownload.com/
> $sudo rm -rf /var/cache/nginx/*
> 
> Please let me know the best recommended way to purge cache. Thanks in
> advance. I look forward to hearing from you.
> 
> Best Regards,
> 
> Kaushal
> _______________________________________________
> nginx mailing list -- nginx at nginx.org
> To unsubscribe send an email to nginx-leave at nginx.org


Howo to do this please explain in more details >

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,294027,294182#msg-294182


From lee.iitb at gmail.com  Thu May 19 05:41:00 2022
From: lee.iitb at gmail.com (Thomas Stephen Lee)
Date: Thu, 19 May 2022 11:11:00 +0530
Subject: EL 9 RPMs and SRPMs
Message-ID: <CAG7s96XV7KjSevhoV5J6MQxqcduUvnc-vMnPOKZsgx2g=GTKAg@mail.gmail.com>

Hi,

Now that Red Hat has released EL 9, please provide SRPMs and RPMs for EL 9

Thanks

---
Lee


From hobson42 at gmail.com  Sat May 21 02:53:05 2022
From: hobson42 at gmail.com (Ian Hobson)
Date: Sat, 21 May 2022 09:53:05 +0700
Subject: compiling nchan from source
Message-ID: <2b5ba63f-5c61-03bf-7f95-f306506db112@gmail.com>

Hi Everyone,

I compile nginx from source. When I use nchan-1.2.12 everything compiles 
clean.

However I tried to upgrade to nchan-1.2.15 and I get a compilation error.

Google told me the same error was reported back in February.

My C skills are a forgotten week's course taken in the early 1990s, and 
never used, so I don't have the skills to sort it out.

Could it be the version of gcc OR is it conflicting with openssl3.0.3, 
pcre-8.45, or zlib-1.2.12?

Thanks for ideas. I would like to use the latest nchan.

Is it possible to use a pre-compiled version, and link dynamically?

O/S Ubunutu 20.04 and Ubuntu 22.04

Regards

Ian

-- 
Ian Hobson
Tel (+66) 626 544 695


From osa at freebsd.org.ru  Sat May 21 03:37:36 2022
From: osa at freebsd.org.ru (Sergey A. Osokin)
Date: Sat, 21 May 2022 06:37:36 +0300
Subject: compiling nchan from source
In-Reply-To: <2b5ba63f-5c61-03bf-7f95-f306506db112@gmail.com>
References: <2b5ba63f-5c61-03bf-7f95-f306506db112@gmail.com>
Message-ID: <YohegKyD5PaX0Ri6@FreeBSD.org.ru>

Hi Ian,

hope you're doing well.

On Sat, May 21, 2022 at 09:53:05AM +0700, Ian Hobson wrote:
> 
> I compile nginx from source. When I use nchan-1.2.12 everything compiles 
> clean.
> However I tried to upgrade to nchan-1.2.15 and I get a compilation error.
> Google told me the same error was reported back in February.

nchan-1.2.15 builds well as a part of the FreeBSD www/nginx-devel port,
and that's what I'd recommed to use.

[...]

> Could it be the version of gcc OR is it conflicting with openssl3.0.3, 
> pcre-8.45, or zlib-1.2.12?

The issue is probably related to the OpenSSL version 3, so in case it's
possible I'd recommend to avoid of usage of that version at the moment.
Another options are:
o) refresh C knowledge and patch the third-party module
o) wait until the vendor or a contributor provides a compatible version

> Is it possible to use a pre-compiled version, and link dynamically?

I'd recommend to contact to the vendor to ask about the build requirements
of the third-party module.

Thank you.

-- 
Sergey A. Osokin


From hobson42 at gmail.com  Sat May 21 04:13:07 2022
From: hobson42 at gmail.com (Ian Hobson)
Date: Sat, 21 May 2022 11:13:07 +0700
Subject: compiling nchan from source
In-Reply-To: <YohegKyD5PaX0Ri6@FreeBSD.org.ru>
References: <2b5ba63f-5c61-03bf-7f95-f306506db112@gmail.com>
 <YohegKyD5PaX0Ri6@FreeBSD.org.ru>
Message-ID: <f90f8348-dc8c-29cd-2797-940c82ce8f2b@gmail.com>

Hi Sergey,

On 21/05/2022 10:37, Sergey A. Osokin wrote:
> Hi Ian,
> 
> hope you're doing well.
I am thanks.
> 
> On Sat, May 21, 2022 at 09:53:05AM +0700, Ian Hobson wrote:
>>
>> I compile nginx from source. When I use nchan-1.2.12 everything compiles
>> clean.
>> However I tried to upgrade to nchan-1.2.15 and I get a compilation error.
>> Google told me the same error was reported back in February.
> 
> nchan-1.2.15 builds well as a part of the FreeBSD www/nginx-devel port,
> and that's what I'd recommed to use.
> 
Changing the production O/S would be a lot of work, so its possible but 
not attractive.

I wonder if the problem is some conditional compilation that has been 
corrected for FreeBSD and not for Debian/Ubuntu?

> [...]
> 
>> Could it be the version of gcc OR is it conflicting with openssl3.0.3,
>> pcre-8.45, or zlib-1.2.12?
> 
> The issue is probably related to the OpenSSL version 3, so in case it's
> possible I'd recommend to avoid of usage of that version at the moment.
Tried compiling with openssl-1.1.1n and got the same errors.

> Another options are:
> o) refresh C knowledge and patch the third-party module
I may well take a look.
My plan, now I am retired, is to contribute to the open source movement 
in Rust, but whatever.

> o) wait until the vendor or a contributor provides a compatible version
> 
>> Is it possible to use a pre-compiled version, and link dynamically?
> 
> I'd recommend to contact to the vendor to ask about the build requirements
> of the third-party module.
I have contacted the developer. No response yet.

Thanks for your quick reply.

Ian
-- 
Ian Hobson


From i at qingly.me  Sat May 21 18:55:29 2022
From: i at qingly.me (wordlesswind)
Date: Sun, 22 May 2022 02:55:29 +0800
Subject: Why do newer versions of Chromium favor RSA certificates over ECC
 certificates?
Message-ID: <654bb2a0-bc2c-9c74-bbb5-ef24f9b9bb95@qingly.me>

Hello,


I noticed that after Chromium 594356 build (71.0.3563.0) it favors RSA 
certificates over ECC certificates.


Windows x86-64:

https://commondatastorage.googleapis.com/chromium-browser-snapshots/index.html?prefix=Win_x64/594356/

https://commondatastorage.googleapis.com/chromium-browser-snapshots/index.html?prefix=Win_x64/594369/


I don't get the idea from the changes in the source code. I'm curious to 
know why, since obviously ECC certificates are smaller than RSA 
certificates.


Let’s Encrypt

ECC 384 (E1)

RSA 4096 (R3)

nginx.conf:
         ssl_stapling         on;
         resolver             8.8.8.8 1.1.1.1 valid=300s;
         ssl_stapling_verify  on;

         ssl_session_cache    shared:SSL:10m;
         ssl_session_timeout  1d;

         ssl_protocols        TLSv1.2 TLSv1.3;
         ssl_ciphers 
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256;
         ssl_ecdh_curve       secp384r1;

         ssl_early_data       on;


From teward at thomas-ward.net  Sat May 21 19:41:43 2022
From: teward at thomas-ward.net (Thomas Ward)
Date: Sat, 21 May 2022 19:41:43 +0000
Subject: Why do newer versions of Chromium favor RSA certificates over ECC
 certificates?
In-Reply-To: <654bb2a0-bc2c-9c74-bbb5-ef24f9b9bb95@qingly.me>
References: <654bb2a0-bc2c-9c74-bbb5-ef24f9b9bb95@qingly.me>
Message-ID:  <MN0PR19MB5948C7E016BAA06F325A46059BD29@MN0PR19MB5948.namprd19.prod.outlook.com>

This isnt an nginx question.  Ask chromium developers why they chose that approach.



Sent from my Galaxy



-------- Original message --------
From: wordlesswind via nginx <nginx at nginx.org>
Date: 5/21/22 14:56 (GMT-05:00)
To: nginx at nginx.org
Cc: wordlesswind <i at qingly.me>
Subject: Why do newer versions of Chromium favor RSA certificates over ECC certificates?

Hello,


I noticed that after Chromium 594356 build (71.0.3563.0) it favors RSA
certificates over ECC certificates.


Windows x86-64:

https://commondatastorage.googleapis.com/chromium-browser-snapshots/index.html?prefix=Win_x64/594356/

https://commondatastorage.googleapis.com/chromium-browser-snapshots/index.html?prefix=Win_x64/594369/


I don't get the idea from the changes in the source code. I'm curious to
know why, since obviously ECC certificates are smaller than RSA
certificates.


Let’s Encrypt

ECC 384 (E1)

RSA 4096 (R3)

nginx.conf:
         ssl_stapling         on;
         resolver             8.8.8.8 1.1.1.1 valid=300s;
         ssl_stapling_verify  on;

         ssl_session_cache    shared:SSL:10m;
         ssl_session_timeout  1d;

         ssl_protocols        TLSv1.2 TLSv1.3;
         ssl_ciphers
ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256;
         ssl_ecdh_curve       secp384r1;

         ssl_early_data       on;

_______________________________________________
nginx mailing list -- nginx at nginx.org
To unsubscribe send an email to nginx-leave at nginx.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220521/47281529/attachment.htm>

From mdounin at mdounin.ru  Sun May 22 15:30:44 2022
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Sun, 22 May 2022 18:30:44 +0300
Subject: Why do newer versions of Chromium favor RSA certificates over
 ECC certificates?
In-Reply-To: <654bb2a0-bc2c-9c74-bbb5-ef24f9b9bb95@qingly.me>
References: <654bb2a0-bc2c-9c74-bbb5-ef24f9b9bb95@qingly.me>
Message-ID: <YopXJBFYdzK5pOtA@mdounin.ru>

Hello!

On Sun, May 22, 2022 at 02:55:29AM +0800, wordlesswind via nginx wrote:

> I noticed that after Chromium 594356 build (71.0.3563.0) it favors RSA 
> certificates over ECC certificates.

[...]

> I don't get the idea from the changes in the source code. I'm curious to 
> know why, since obviously ECC certificates are smaller than RSA 
> certificates.
> 
> 
> Let’s Encrypt
> 
> ECC 384 (E1)
> 
> RSA 4096 (R3)
> 
> nginx.conf:
>          ssl_stapling         on;
>          resolver             8.8.8.8 1.1.1.1 valid=300s;
>          ssl_stapling_verify  on;
> 
>          ssl_session_cache    shared:SSL:10m;
>          ssl_session_timeout  1d;
> 
>          ssl_protocols        TLSv1.2 TLSv1.3;
>          ssl_ciphers 
> ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-RSA-AES128-GCM-SHA256;
>          ssl_ecdh_curve       secp384r1;
> 
>          ssl_early_data       on;

First of all, you may want to get rid of the "ssl_ecdh_curve" in 
your nginx configuration.  Or at least add "prime256v1" and 
"x25519" to the list.  Using only "secp384r1" severely limits what 
can be used during the handshake, and can affect ciphers and 
certificates being used.

For example, in current versions of Chrome the preferred signature 
algorithm for TLS 1.3 ciphers is "ecdsa_secp256r1_sha256", so it 
won't work in your configuration.  And the only key share group is 
"x25519", so your configuration will require HelloRetryRequest.

Secondly, given the signature algorithms order as used by Chrome 
and assuming Chromium's is the same, you'll likely have to switch 
to prime256v1 (AKA secp256r1) certificates (and probably from R3) 
to make sure they are being preferred over RSA:

            Extension: signature_algorithms (len=18)
                Type: signature_algorithms (13)
                Length: 18
                Signature Hash Algorithms Length: 16
                Signature Hash Algorithms (8 algorithms)
                    Signature Algorithm: ecdsa_secp256r1_sha256 (0x0403)
                        Signature Hash Algorithm Hash: SHA256 (4)
                        Signature Hash Algorithm Signature: ECDSA (3)
                    Signature Algorithm: rsa_pss_rsae_sha256 (0x0804)
                        Signature Hash Algorithm Hash: Unknown (8)
                        Signature Hash Algorithm Signature: SM2 (4)
                    Signature Algorithm: rsa_pkcs1_sha256 (0x0401)
                        Signature Hash Algorithm Hash: SHA256 (4)
                        Signature Hash Algorithm Signature: RSA (1)
                    Signature Algorithm: ecdsa_secp384r1_sha384 (0x0503)
                        Signature Hash Algorithm Hash: SHA384 (5)
                        Signature Hash Algorithm Signature: ECDSA (3)
                    Signature Algorithm: rsa_pss_rsae_sha384 (0x0805)
                        Signature Hash Algorithm Hash: Unknown (8)
                        Signature Hash Algorithm Signature: Unknown (5)
                    Signature Algorithm: rsa_pkcs1_sha384 (0x0501)
                        Signature Hash Algorithm Hash: SHA384 (5)
                        Signature Hash Algorithm Signature: RSA (1)
                    Signature Algorithm: rsa_pss_rsae_sha512 (0x0806)
                        Signature Hash Algorithm Hash: Unknown (8)
                        Signature Hash Algorithm Signature: Unknown (6)
                    Signature Algorithm: rsa_pkcs1_sha512 (0x0601)
                        Signature Hash Algorithm Hash: SHA512 (6)
                        Signature Hash Algorithm Signature: RSA (1)

Note that ecdsa_secp384r1_sha384 comes after rsa_pkcs1_sha256.  
Overall, it looks like signature algorithms are ordered based on 
the hash function bits, and this results in RSA with sha256 
signature being preferred over ECDSA with secp384r1/sha384.  The 
question "why to use such order" should be addressed to the 
Chromium developers, as already suggested.

Just in case, on nginx side you can force the order you prefer by 
using the ssl_prefer_server_ciphers directive 
(http://nginx.org/r/ssl_prefer_server_ciphers).  I wouldn't 
recommend doing this though, as in most cases clients know better 
which ciphers they can handle more efficiently and securely.

-- 
Maxim Dounin
http://mdounin.ru/


From thresh at nginx.com  Mon May 23 13:05:00 2022
From: thresh at nginx.com (Konstantin Pavlov)
Date: Mon, 23 May 2022 17:05:00 +0400
Subject: EL 9 RPMs and SRPMs
In-Reply-To: <CAG7s96XV7KjSevhoV5J6MQxqcduUvnc-vMnPOKZsgx2g=GTKAg@mail.gmail.com>
References: <CAG7s96XV7KjSevhoV5J6MQxqcduUvnc-vMnPOKZsgx2g=GTKAg@mail.gmail.com>
Message-ID: <b1be8c57-7f6f-1ae3-3cd0-420edfdb417e@nginx.com>

Hello!

On 19/05/2022 9:41 AM, Thomas Stephen Lee wrote:
> Hi,
> 
> Now that Red Hat has released EL 9, please provide SRPMs and RPMs for EL 9

RHEL 9 packages are now published for both mainline and stable versions, 
enjoy:

stable: https://nginx.org/packages/rhel/9/
mainline: https://nginx.org/packages/mainline/rhel/9/

website docs on https://nginx.org/en/linux_packages.html will follow 
shortly.

Thanks,

-- 
Konstantin Pavlov
Principal Consultant
https://www.nginx.com


From rejaine at bhz.jamef.com.br  Mon May 23 17:36:24 2022
From: rejaine at bhz.jamef.com.br (Rejaine Monteiro)
Date: Mon, 23 May 2022 14:36:24 -0300
Subject: Http failure reponse only with Iphone/IOS/Safari (nginx 1.8)
Message-ID: <CAMTrDfVS7-ijvqenb4erqkjT3R7j_ubXRyNiyaeJ5KkhEW8EMA@mail.gmail.com>

I have an nginx working as a reverse proxy for several servers in the
backend, after updated from 1.7 to 1.8 , everything is working fine, except
for a webservice that is giving error only when accessed by
IPhone/IOS/Safari..
That is, for Android, Windows, Chrome or Mozilla, it works normally.
But if you open it through Safari from an IOS, from the Http error...

Http failure reply for https://etc...
  Unknown error.

SSL certificates were also installed for the new server. Nginx settings
were all kept as per the old server.

And nothing has changed in the webservice application either. The only
change was in the proxy server infrastructure, which was migrated to a
newer server, with a new operating system and a new version of nginx.

We have already checked the firewall, routes, etc., everything is normal,
because it is connecting normally on all other platforms, the error is only
occurring even with IOS/Iphone.

Any tips?

-- 
*Esta mensagem pode conter informações confidenciais ou privilegiadas, 
sendo seu sigilo protegido por lei. Se você não for o destinatário ou a 
pessoa autorizada a receber esta mensagem, não pode usar, copiar ou 
divulgar as informações nela contidas ou tomar qualquer ação baseada nessas 
informações. Se você recebeu esta mensagem por engano, por favor avise 
imediatamente ao remetente, respondendo o e-mail e em seguida apague-o. 
Agradecemos sua cooperação.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220523/4b566cc7/attachment.htm>

From osa at freebsd.org.ru  Mon May 23 18:06:47 2022
From: osa at freebsd.org.ru (Sergey A. Osokin)
Date: Mon, 23 May 2022 21:06:47 +0300
Subject: Http failure reponse only with Iphone/IOS/Safari (nginx 1.8)
In-Reply-To: <CAMTrDfVS7-ijvqenb4erqkjT3R7j_ubXRyNiyaeJ5KkhEW8EMA@mail.gmail.com>
References: <CAMTrDfVS7-ijvqenb4erqkjT3R7j_ubXRyNiyaeJ5KkhEW8EMA@mail.gmail.com>
Message-ID: <YovNN9P+rgWY+tdN@FreeBSD.org.ru>

Hi Rejaine,

hope you're doing well these days.

On Mon, May 23, 2022 at 02:36:24PM -0300, Rejaine Monteiro wrote:
> I have an nginx working as a reverse proxy for several servers in the
> backend, after updated from 1.7 to 1.8

Are you talking about nginx?  Why I'm asking is just because the
recent version from nginx stable branch is 1.20.2. and I don't
think that version 1.8 is still supported.

-- 
Sergey A. Osokin


From rejaine at bhz.jamef.com.br  Mon May 23 18:38:39 2022
From: rejaine at bhz.jamef.com.br (Rejaine Monteiro)
Date: Mon, 23 May 2022 15:38:39 -0300
Subject: Http failure reponse only with Iphone/IOS/Safari (nginx 1.8)
In-Reply-To: <YovNN9P+rgWY+tdN@FreeBSD.org.ru>
References: <CAMTrDfVS7-ijvqenb4erqkjT3R7j_ubXRyNiyaeJ5KkhEW8EMA@mail.gmail.com>
 <YovNN9P+rgWY+tdN@FreeBSD.org.ru>
Message-ID: <CAMTrDfXqCO4Mm9Mq9+_e1+E+ShWrnQyNX9bDqpCAvgMrmn+UvA@mail.gmail.com>

sorry, nginx 1.17  to 1.18



Em seg., 23 de mai. de 2022 às 15:09, Sergey A. Osokin <osa at freebsd.org.ru>
escreveu:

> Hi Rejaine,
>
> hope you're doing well these days.
>
> On Mon, May 23, 2022 at 02:36:24PM -0300, Rejaine Monteiro wrote:
> > I have an nginx working as a reverse proxy for several servers in the
> > backend, after updated from 1.7 to 1.8
>
> Are you talking about nginx?  Why I'm asking is just because the
> recent version from nginx stable branch is 1.20.2. and I don't
> think that version 1.8 is still supported.
>
> --
> Sergey A. Osokin
> _______________________________________________
> nginx mailing list -- nginx at nginx.org
> To unsubscribe send an email to nginx-leave at nginx.org
>

-- 
*Esta mensagem pode conter informações confidenciais ou privilegiadas, 
sendo seu sigilo protegido por lei. Se você não for o destinatário ou a 
pessoa autorizada a receber esta mensagem, não pode usar, copiar ou 
divulgar as informações nela contidas ou tomar qualquer ação baseada nessas 
informações. Se você recebeu esta mensagem por engano, por favor avise 
imediatamente ao remetente, respondendo o e-mail e em seguida apague-o. 
Agradecemos sua cooperação.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220523/b3a16c7e/attachment.htm>

From rejaine at bhz.jamef.com.br  Mon May 23 18:58:01 2022
From: rejaine at bhz.jamef.com.br (Rejaine Monteiro)
Date: Mon, 23 May 2022 15:58:01 -0300
Subject: Http failure reponse only with Iphone/IOS/Safari (nginx 1.8)
In-Reply-To: <CAMTrDfXqCO4Mm9Mq9+_e1+E+ShWrnQyNX9bDqpCAvgMrmn+UvA@mail.gmail.com>
References: <CAMTrDfVS7-ijvqenb4erqkjT3R7j_ubXRyNiyaeJ5KkhEW8EMA@mail.gmail.com>
 <YovNN9P+rgWY+tdN@FreeBSD.org.ru> <CAMTrDfXqCO4Mm9Mq9+_e1+E+ShWrnQyNX9bDqpCAvgMrmn+UvA@mail.gmail.com>
Message-ID: <CAMTrDfXgXUi+=D=UmeyVMoFrwa7orTDEntqu31Ppofir5F3TdA@mail.gmail.com>

debug log i see some erros "client canceled stream"

iI think the error was related to http2.. I turned it off and everything
started working correctly..

the old version 1.17 it worked with it enabled and the configuration files
were copied from the old server to the new one .. only with    1.18 the
problems started.





Em seg., 23 de mai. de 2022 às 15:38, Rejaine Monteiro <
rejaine at bhz.jamef.com.br> escreveu:

>
>
> sorry, nginx 1.17  to 1.18
>
>
>
> Em seg., 23 de mai. de 2022 às 15:09, Sergey A. Osokin <osa at freebsd.org.ru>
> escreveu:
>
>> Hi Rejaine,
>>
>> hope you're doing well these days.
>>
>> On Mon, May 23, 2022 at 02:36:24PM -0300, Rejaine Monteiro wrote:
>> > I have an nginx working as a reverse proxy for several servers in the
>> > backend, after updated from 1.7 to 1.8
>>
>> Are you talking about nginx?  Why I'm asking is just because the
>> recent version from nginx stable branch is 1.20.2. and I don't
>> think that version 1.8 is still supported.
>>
>> --
>> Sergey A. Osokin
>> _______________________________________________
>> nginx mailing list -- nginx at nginx.org
>> To unsubscribe send an email to nginx-leave at nginx.org
>>
>

-- 
*Esta mensagem pode conter informações confidenciais ou privilegiadas, 
sendo seu sigilo protegido por lei. Se você não for o destinatário ou a 
pessoa autorizada a receber esta mensagem, não pode usar, copiar ou 
divulgar as informações nela contidas ou tomar qualquer ação baseada nessas 
informações. Se você recebeu esta mensagem por engano, por favor avise 
imediatamente ao remetente, respondendo o e-mail e em seguida apague-o. 
Agradecemos sua cooperação.*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220523/2d66dae1/attachment.htm>

From lee.iitb at gmail.com  Tue May 24 04:40:00 2022
From: lee.iitb at gmail.com (Thomas Stephen Lee)
Date: Tue, 24 May 2022 10:10:00 +0530
Subject: EL 9 RPMs and SRPMs
In-Reply-To: <b1be8c57-7f6f-1ae3-3cd0-420edfdb417e@nginx.com>
References: <CAG7s96XV7KjSevhoV5J6MQxqcduUvnc-vMnPOKZsgx2g=GTKAg@mail.gmail.com>
 <b1be8c57-7f6f-1ae3-3cd0-420edfdb417e@nginx.com>
Message-ID: <CAG7s96XKmP73ArN+C_vBAFSf5vA-fw0u0L=7mMOSGTU0Qrfa7A@mail.gmail.com>

Thanks a lot for the prompt action 😎.

---
Lee

On Mon, May 23, 2022 at 6:35 PM Konstantin Pavlov <thresh at nginx.com> wrote:
>
> Hello!
>
> On 19/05/2022 9:41 AM, Thomas Stephen Lee wrote:
> > Hi,
> >
> > Now that Red Hat has released EL 9, please provide SRPMs and RPMs for EL 9
>
> RHEL 9 packages are now published for both mainline and stable versions,
> enjoy:
>
> stable: https://nginx.org/packages/rhel/9/
> mainline: https://nginx.org/packages/mainline/rhel/9/
>
> website docs on https://nginx.org/en/linux_packages.html will follow
> shortly.
>
> Thanks,
>
> --
> Konstantin Pavlov
> Principal Consultant
> https://www.nginx.com


From nginx-forum at forum.nginx.org  Tue May 24 05:25:05 2022
From: nginx-forum at forum.nginx.org (AussieSusan)
Date: Tue, 24 May 2022 01:25:05 -0400
Subject: Make relative paths in proxy go to the right server
Message-ID: <155490774caccf01c7e23b5b34fdeffd.NginxMailingListEnglish@forum.nginx.org>

I am a total newbie to this and I don't even know if what I want to do is
possible.

I have a web server that locally serves some of the files but in one case
needs to  pass the web requests on to another server.

For example: "https://myserver.com/weather" needs to be handled locally, but
"https://myserver.com/whatever" needs to go to a different server on the
network. To do this I have:

       location /whatever {
                proxy_pass http://10.12.45.12:1234/;
        }

This works OK but the pages served by the other server have relative paths
to files that are relative to THAT server. The user's browser converts the
relative paths from "other_base/file_path.css" to
"https://myserver.com/other_base/file_path.css".

I could add another 'location' entry to my configuration for "/other_base"
but there is no guarantee that the 'other_base" name will always be the
same.

What do I need to put in the Nginx configuration so that the files relative
to the other server are correctly redirected (e.g.
https://myserve.com/whatever/other_base/file_path.css")

Susan

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,294234,294234#msg-294234


From jpfuntne at cisco.com  Tue May 24 11:07:28 2022
From: jpfuntne at cisco.com (John Pfuntner -X (jpfuntne - EASI LLC at Cisco))
Date: Tue, 24 May 2022 11:07:28 +0000
Subject: Alpine v3.16 package files not found
Message-ID: <BL0PR11MB3188EFEFB74D403AB0401ABCD8D79@BL0PR11MB3188.namprd11.prod.outlook.com>

My team builds an NGINX Docker image every morning on Alpine v3.16 and this today the package files could not be found at https://nginx.org/packages/mainline/alpine/.  Previous builds were fine.

Will the Alpine v3.16 directory be available soon?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220524/f62f770c/attachment.htm>

From thresh at nginx.com  Tue May 24 11:24:05 2022
From: thresh at nginx.com (Konstantin Pavlov)
Date: Tue, 24 May 2022 15:24:05 +0400
Subject: Alpine v3.16 package files not found
In-Reply-To: <BL0PR11MB3188EFEFB74D403AB0401ABCD8D79@BL0PR11MB3188.namprd11.prod.outlook.com>
References: <BL0PR11MB3188EFEFB74D403AB0401ABCD8D79@BL0PR11MB3188.namprd11.prod.outlook.com>
Message-ID: <bc022161-7c84-9bd2-c61c-6b381cc404da@nginx.com>

Hi John,

On 24/05/2022 3:07 PM, John Pfuntner -X (jpfuntne - EASI LLC at Cisco) 
via nginx wrote:
> My team builds an NGINX Docker image every morning on Alpine v3.16 and 
> this today the package files could not be found at 
> https://nginx.org/packages/mainline/alpine/ 
> <https://nginx.org/packages/mainline/alpine/>.  Previous builds were fine.

Alpine 3.16 was released only yesterday so we naturally had no chance to 
build repos and packages for that distribution just yet.

> Will the Alpine v3.16 directory be available soon?

Sure, I expect them to be published this or next week.

Have a good one,

-- 
Konstantin Pavlov
Principal Consultant
https://www.nginx.com


From jpfuntne at cisco.com  Tue May 24 11:28:39 2022
From: jpfuntne at cisco.com (John Pfuntner -X (jpfuntne - EASI LLC at Cisco))
Date: Tue, 24 May 2022 11:28:39 +0000
Subject: Alpine v3.16 package files not found
In-Reply-To: <bc022161-7c84-9bd2-c61c-6b381cc404da@nginx.com>
References: <BL0PR11MB3188EFEFB74D403AB0401ABCD8D79@BL0PR11MB3188.namprd11.prod.outlook.com>
 <bc022161-7c84-9bd2-c61c-6b381cc404da@nginx.com>
Message-ID: <BL0PR11MB31889FFE96A38EE58D2A76FCD8D79@BL0PR11MB3188.namprd11.prod.outlook.com>

Oh, of course.  I didn't even notice we had jumped to 3.16!  We just start with alpine:latest as the base image and picked up the new release.  Thank you for the quick response, Konstantin.

> -----Original Message-----
> From: Konstantin Pavlov <thresh at nginx.com>
> Sent: Tuesday, May 24, 2022 7:24 AM
> To: nginx at nginx.org
> Cc: John Pfuntner -X (jpfuntne - EASI LLC at Cisco) <jpfuntne at cisco.com>
> Subject: Re: Alpine v3.16 package files not found
> 
> Hi John,
> 
> On 24/05/2022 3:07 PM, John Pfuntner -X (jpfuntne - EASI LLC at Cisco) via
> nginx wrote:
> > My team builds an NGINX Docker image every morning on Alpine v3.16 and
> > this today the package files could not be found at
> > https://nginx.org/packages/mainline/alpine/
> > <https://nginx.org/packages/mainline/alpine/>.  Previous builds were fine.
> 
> Alpine 3.16 was released only yesterday so we naturally had no chance to
> build repos and packages for that distribution just yet.
> 
> > Will the Alpine v3.16 directory be available soon?
> 
> Sure, I expect them to be published this or next week.
> 
> Have a good one,
> 
> --
> Konstantin Pavlov
> Principal Consultant
> https://www.nginx.com

From mdounin at mdounin.ru  Tue May 24 15:05:27 2022
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 24 May 2022 18:05:27 +0300
Subject: nginx-1.22.0
Message-ID: <Yoz0N9G1LgBG1Ezu@mdounin.ru>

Changes with nginx 1.22.0                                        24 May 2022

    *) 1.22.x stable branch.


-- 
Maxim Dounin
http://nginx.org/


From nginx-forum at forum.nginx.org  Tue May 24 16:20:12 2022
From: nginx-forum at forum.nginx.org (petecooper)
Date: Tue, 24 May 2022 12:20:12 -0400
Subject: Migrating from PHP-FPM to Nginx Unit: worth it?
Message-ID: <e06e78ab80ba8b85429031e555e3009e.NginxMailingListEnglish@forum.nginx.org>

I run a fleet of small- to medium-scale web apps on PHP, and I'm comfortable
compiling Nginx + PHP to to optimise for my needs. Until now, I've used
PHP-FPM exclusively. I have read about performance improvements with Nginx
Unit as far as PHP is concerned. This interests me, and I have time
available to learn.

My question - for anyone who's gone from PHP-FPM to Unit…was it worth it?
What advice would you give?

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,294258,294258#msg-294258


From xeioex at nginx.com  Tue May 24 16:45:47 2022
From: xeioex at nginx.com (Dmitry Volyntsev)
Date: Tue, 24 May 2022 09:45:47 -0700
Subject: njs-0.7.4
Message-ID: <c0f6b296-5021-c7d8-319b-6825fb536cd6@nginx.com>

Hello,

I'm glad to announce a new release of NGINX JavaScript module (njs).

This release focuses on stabilization of recently released features
including WebCrypto API and fixing bugs found by various fuzzers.

Learn more about njs:

- Overview and introduction:https://nginx.org/en/docs/njs/
- NGINX JavaScript in Your Web Server Configuration:
     https://youtu.be/Jc_L6UffFOs
- Extending NGINX with Custom Code:https://youtu.be/0CVhq4AUU7M
- Using node modules with njs:
https://nginx.org/en/docs/njs/node_modules.html
- Writing njs code using TypeScript definition files:
    https://nginx.org/en/docs/njs/typescript.html

We are hiring:

If you are a C programmer, passionate about Open Source and you
love what we do, consider the following career opportunity:
https://ffive.wd5.myworkdayjobs.com/NGINX/job/Ireland-Homebase/Software-Engineer-III---NGNIX-NJS_RP1022237

Feel free to try it and give us feedback on:

- Github:https://github.com/nginx/njs/issues
- Mailing list:https://mailman.nginx.org/mailman/listinfo/nginx-devel

Additional examples and howtos can be found here:

- Github:https://github.com/nginx/njs-examples

Changes with njs 0.7.4                                        24 May 2022

     nginx modules:

     *) Feature: added extended directive to configure Fetch API.
        The following directives were added: "js_fetch_timeout",
        "js_fetch_verify", "js_fetch_buffer_size",
        "js_fetch_max_response_buffer_size".

     *) Change: r.internalRedirect() now accepts escaped URIs.

     *) Bugfix: fixed Response parsing with more than 8 headers
        in Fetch API.

     Core:

     *) Feature: added njs.version_number property.

     *) Feature: added compatibility with BoringSSL for
        WebCrypto API.

     *) Bugfix: fixed Array.prototype.sort() when arr size is changed
        in a comparator.

     *) Bugfix: fixed Array.prototype.slice() with slow "this" argument.

     *) Bugfix: fixed aggregation methods of Promise ctor with
        array-like object.

     *) Bugfix: fixed Array.prototype.lastIndexOf() with Unicode
        string as "this".

     *) Bugfix: fixed JSON.parse() when reviver function is provided.

     *) Bugfix: fixed Object.defineProperty() when a recursive descriptor
        is provided.

     *) Bugfix: fixed Array.prototype.fill() for typed-arrays.

     *) Bugfix: making function expression binding immutable according
        the specs.

     *) Bugfix: fixed redefinition of special props in
        Object.defineProperty().
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220524/cf27ee65/attachment.htm>

From xeioex at nginx.com  Tue May 24 17:01:49 2022
From: xeioex at nginx.com (Dmitry Volyntsev)
Date: Tue, 24 May 2022 10:01:49 -0700
Subject: njs-0.7.4 (fixed formatting)
Message-ID: <ffd23634-0888-fb13-7eb9-db65e5426e2a@nginx.com>

Hello,

I’m glad to announce a new release of NGINX JavaScript module (njs).

This release focuses on stabilization of recently released features
including WebCrypto API and fixing bugs found by various fuzzers.

Learn more about njs:

- Overview and introduction: https://nginx.org/en/docs/njs/
- NGINX JavaScript in Your Web Server Configuration:
     https://youtu.be/Jc_L6UffFOs
- Extending NGINX with Custom Code: https://youtu.be/0CVhq4AUU7M
- Using node modules with njs:
https://nginx.org/en/docs/njs/node_modules.html
- Writing njs code using TypeScript definition files:
    https://nginx.org/en/docs/njs/typescript.html

We are hiring:

If you are a C programmer, passionate about Open Source and you
love what we do, consider the following career opportunity:
https://ffive.wd5.myworkdayjobs.com/NGINX/job/Ireland-Homebase/Software-Engineer-III---NGNIX-NJS_RP1022237

Feel free to try it and give us feedback on:

- Github: https://github.com/nginx/njs/issues
- Mailing list: https://mailman.nginx.org/mailman/listinfo/nginx-devel

Additional examples and howtos can be found here:

- Github: https://github.com/nginx/njs-examples

Changes with njs 0.7.4                                      24 May 2022

     nginx modules:

     *) Feature: added extended directive to configure Fetch API.
        The following directives were added: “js_fetch_timeout”,
        “js_fetch_verify”, “js_fetch_buffer_size”,
        “js_fetch_max_response_buffer_size”.

     *) Change: r.internalRedirect() now accepts escaped URIs.

     *) Bugfix: fixed Response parsing with more than 8 headers
        in Fetch API.

     Core:

     *) Feature: added njs.version_number property.

     *) Feature: added compatibility with BoringSSL for
        WebCrypto API.

     *) Bugfix: fixed Array.prototype.sort() when arr size is changed
        in a comparator.

     *) Bugfix: fixed Array.prototype.slice() with slow “this” argument.

     *) Bugfix: fixed aggregation methods of Promise ctor with
        array-like object.

     *) Bugfix: fixed Array.prototype.lastIndexOf() with unicode
        string as “this”.

     *) Bugfix: fixed JSON.parse() when reviver function is provided.

     *) Bugfix: fixed Object.defineProperty() when a recursive descriptor
        is provided.

     *) Bugfix: fixed Array.prototype.fill() for typed-arrays.

     *) Bugfix: making function expression binding immutable according
        the specs.

     *) Bugfix: fixed redefinition of special props in
        Object.defineProperty().


From thresh at nginx.com  Wed May 25 11:43:24 2022
From: thresh at nginx.com (Konstantin Pavlov)
Date: Wed, 25 May 2022 15:43:24 +0400
Subject: Alpine v3.16 package files not found
In-Reply-To: <BL0PR11MB31889FFE96A38EE58D2A76FCD8D79@BL0PR11MB3188.namprd11.prod.outlook.com>
References: <BL0PR11MB3188EFEFB74D403AB0401ABCD8D79@BL0PR11MB3188.namprd11.prod.outlook.com>
 <bc022161-7c84-9bd2-c61c-6b381cc404da@nginx.com>
 <BL0PR11MB31889FFE96A38EE58D2A76FCD8D79@BL0PR11MB3188.namprd11.prod.outlook.com>
Message-ID: <9d6df3a1-6acc-f825-f839-c58056468ee4@nginx.com>

Hi John, everyone,

On 24/05/2022 3:28 PM, John Pfuntner -X (jpfuntne - EASI LLC at Cisco) 
via nginx wrote:
> Oh, of course.  I didn't even notice we had jumped to 3.16!  We just start with alpine:latest as the base image and picked up the new release.  Thank you for the quick response, Konstantin.
> 


Alpine 3.16 packages are now live on nginx.org repos:

- stable https://nginx.org/packages/alpine/v3.16/main/
- mainline https://nginx.org/packages/mainline/alpine/v3.16/main/

The installation instructions are as usual on 
https://nginx.org/en/linux_packages.html

Have a good one,


-- 
Konstantin Pavlov
Principal Consultant
https://www.nginx.com


From jpfuntne at cisco.com  Wed May 25 11:50:34 2022
From: jpfuntne at cisco.com (John Pfuntner -X (jpfuntne - EASI LLC at Cisco))
Date: Wed, 25 May 2022 11:50:34 +0000
Subject: Alpine v3.16 package files not found
In-Reply-To: <9d6df3a1-6acc-f825-f839-c58056468ee4@nginx.com>
References: <BL0PR11MB3188EFEFB74D403AB0401ABCD8D79@BL0PR11MB3188.namprd11.prod.outlook.com>
 <bc022161-7c84-9bd2-c61c-6b381cc404da@nginx.com>
 <BL0PR11MB31889FFE96A38EE58D2A76FCD8D79@BL0PR11MB3188.namprd11.prod.outlook.com>
 <9d6df3a1-6acc-f825-f839-c58056468ee4@nginx.com>
Message-ID: <BL0PR11MB31885098D551608AA702BE6BD8D69@BL0PR11MB3188.namprd11.prod.outlook.com>

Excellent!!  Thank you, Konstantin!

> -----Original Message-----
> From: Konstantin Pavlov <thresh at nginx.com>
> Sent: Wednesday, May 25, 2022 7:43 AM
> To: nginx at nginx.org
> Cc: John Pfuntner -X (jpfuntne - EASI LLC at Cisco) <jpfuntne at cisco.com>
> Subject: Re: Alpine v3.16 package files not found
> 
> Hi John, everyone,
> 
> On 24/05/2022 3:28 PM, John Pfuntner -X (jpfuntne - EASI LLC at Cisco) via
> nginx wrote:
> > Oh, of course.  I didn't even notice we had jumped to 3.16!  We just start
> with alpine:latest as the base image and picked up the new release.  Thank
> you for the quick response, Konstantin.
> >
> 
> 
> Alpine 3.16 packages are now live on nginx.org repos:
> 
> - stable https://nginx.org/packages/alpine/v3.16/main/
> - mainline https://nginx.org/packages/mainline/alpine/v3.16/main/
> 
> The installation instructions are as usual on
> https://nginx.org/en/linux_packages.html
> 
> Have a good one,
> 
> 
> --
> Konstantin Pavlov
> Principal Consultant
> https://www.nginx.com

From francis at daoine.org  Wed May 25 12:38:39 2022
From: francis at daoine.org (Francis Daly)
Date: Wed, 25 May 2022 13:38:39 +0100
Subject: Make relative paths in proxy go to the right server
In-Reply-To: <155490774caccf01c7e23b5b34fdeffd.NginxMailingListEnglish@forum.nginx.org>
References: <155490774caccf01c7e23b5b34fdeffd.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20220525123839.GE14624@daoine.org>

On Tue, May 24, 2022 at 01:25:05AM -0400, AussieSusan wrote:

Hi there,

> I am a total newbie to this and I don't even know if what I want to do is
> possible.

In the general case, it's not possible.

In some specific limited cases, it might work.

> For example: "https://myserver.com/weather" needs to be handled locally, but
> "https://myserver.com/whatever" needs to go to a different server on the
> network. To do this I have:
> 
>        location /whatever {
>                 proxy_pass http://10.12.45.12:1234/;
>         }

Small aside -- things will work more smoothly if you have the same
number of "/" at the end of the "location" value and at the end of the
"proxy_pass" value (if you have any / in the proxy_pass value). In this
case, that would be "location /whatever/ {"

> This works OK but the pages served by the other server have relative paths
> to files that are relative to THAT server. The user's browser converts the
> relative paths from "other_base/file_path.css" to
> "https://myserver.com/other_base/file_path.css".

The simplest/cleanest fix, if you control the other "back-end" server,
is to change that server so that its content is all installed below
"/whatever/", so that your proxy_pass value does not have anything after
the host:port part and all relative links from that are equally valid
from the front-end nginx server.

The next cleanest (again, if you control the other server) is to ensure
that no things in the content that the browser will interpret as a link
start with "/". They can start with "relative", or "./relative", or maybe
"../relative" (depending how deep in the tree they are).



Although...

If the first request was for "/whatever/something", then a relative
"other/file.css" would resolve to "/whatever/other/file.css", which
should Just Work. There would be a problem if the relative link were to
"/other/file.css" -- the details there can matter :-(

So as a first attempt -- look at the html in the response, and see does
it refer to "other" or to "/other" (with a leading slash). If it does not
have the slash, then perhaps requesting /whatever/ instead of /whatever
will let things work -- and you can "enforce" that by configuring nginx
to have "location /whatever/".

> I could add another 'location' entry to my configuration for "/other_base"
> but there is no guarantee that the 'other_base" name will always be the
> same.

In general, that's the (only?) way to be sure. And it will work
fine, until more than one system wants to use the same /prefix/ or
/prefix/url.html

> What do I need to put in the Nginx configuration so that the files relative
> to the other server are correctly redirected (e.g.
> https://myserve.com/whatever/other_base/file_path.css")

Maybe just "location /whatever/ {". Maybe lots of changes elsewhere too.

Good luck with it,

	f
-- 
Francis Daly        francis at daoine.org


From francis at daoine.org  Wed May 25 12:47:08 2022
From: francis at daoine.org (Francis Daly)
Date: Wed, 25 May 2022 13:47:08 +0100
Subject: 404 on one web app
In-Reply-To: <b83437389ea617144d258b22e1e0b375ee42a7fc.camel@koalatyworks.com>
References: <b83437389ea617144d258b22e1e0b375ee42a7fc.camel@koalatyworks.com>
Message-ID: <20220525124708.GF14624@daoine.org>

On Fri, May 13, 2022 at 04:31:37PM -0400, Ken Wright wrote:

Hi there,

> I've been trying to install Roundcube on my mailserver, but when I get
> to the step of starting the web-based configuration I get a 404
> message.  The server is running Ubuntu 22.04 and I've previously had
> Roundcube working, at least until I physically moved the server into my
> new office.  The .conf file shows the root as /var/www/roundcube, which
> is the correct path (I've double-checked that) but I still get that
> 404.

What http request is made of nginx, that results in the 404?

What do the various log files say, caused the 404? (As in: did nginx
auto-generate it because it was configured to serve a file that was
not present; or did nginx generate it because a try_files or something
similar was looking for a file; or did the service at other end of a
proxy_pass or fastcgi_pass generate it for its own reasons?)

(Probably the nginx config, and its "location" directives, will help
show which location is used to handle this request, and any associated
sub-requests.)

Cheers,

	f
-- 
Francis Daly        francis at daoine.org


From nginx-forum at forum.nginx.org  Wed May 25 17:34:03 2022
From: nginx-forum at forum.nginx.org (blason)
Date: Wed, 25 May 2022 13:34:03 -0400
Subject: Keepalived with nginx open source
Message-ID: <71c80838d011c18ac6ac292d4c8e845c.NginxMailingListEnglish@forum.nginx.org>

Hi Team,

I am going to deploy two nginx reverse proxy servers and I wanted them in HA
mode. I see keepalived is available with Plus version however keepalived
being an open source can be used with Open source version as well? Can
someone please confirm if keepalived or any other approach can help me in
achieving Active-Passive setup of nginx reverse proxies?

TIA
Blason R

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,294275,294275#msg-294275


From nginx-forum at forum.nginx.org  Wed May 25 17:43:07 2022
From: nginx-forum at forum.nginx.org (blason)
Date: Wed, 25 May 2022 13:43:07 -0400
Subject: Nginx reverse proxy gzip for json payload
Message-ID: <cdd351e02f140cda5ffba16992072937.NginxMailingListEnglish@forum.nginx.org>

Hi Team,

I currently have IIS server and I am planning to put reverse proxy server in
front of that IIS server. Since this IIS server carries a huge request in
every request that is around 40-50 Mb of data is being uploaded at every
transaction I need to enable gzip on for the server. However I see only 
html/text files can be gzipped and if any specific other data needs to be
gzipped then needs to be defined.

Can someone please tell me if json data can be achieved with gzip on?

TIA
Blason R

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,294276,294276#msg-294276


From osa at freebsd.org.ru  Thu May 26 15:09:46 2022
From: osa at freebsd.org.ru (Sergey A. Osokin)
Date: Thu, 26 May 2022 18:09:46 +0300
Subject: Keepalived with nginx open source
In-Reply-To: <71c80838d011c18ac6ac292d4c8e845c.NginxMailingListEnglish@forum.nginx.org>
References: <71c80838d011c18ac6ac292d4c8e845c.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <Yo+YOjECnlhz6A93@FreeBSD.org.ru>

Hi,

hope you're doing well.

On Wed, May 25, 2022 at 01:34:03PM -0400, blason wrote:
> Hi Team,
> 
> I am going to deploy two nginx reverse proxy servers and I wanted them in HA
> mode. I see keepalived is available with Plus version however keepalived
> being an open source can be used with Open source version as well? Can
> someone please confirm if keepalived or any other approach can help me in
> achieving Active-Passive setup of nginx reverse proxies?

You can definitely try to do that, there're some articles available with the
"How to setup HA NGINX with keepalived in linux" topic.

Thank you.

-- 
Sergey A. Osokin


From osa at freebsd.org.ru  Thu May 26 16:48:54 2022
From: osa at freebsd.org.ru (Sergey A. Osokin)
Date: Thu, 26 May 2022 19:48:54 +0300
Subject: Nginx reverse proxy gzip for json payload
In-Reply-To: <cdd351e02f140cda5ffba16992072937.NginxMailingListEnglish@forum.nginx.org>
References: <cdd351e02f140cda5ffba16992072937.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <Yo+vdrGX2PcSO9yA@FreeBSD.org.ru>

Hi,

On Wed, May 25, 2022 at 01:43:07PM -0400, blason wrote:
> Hi Team,
> 
> I currently have IIS server and I am planning to put reverse proxy server in
> front of that IIS server. Since this IIS server carries a huge request in
> every request that is around 40-50 Mb of data is being uploaded at every
> transaction I need to enable gzip on for the server. However I see only 
> html/text files can be gzipped and if any specific other data needs to be
> gzipped then needs to be defined.

Could you try to use the following directive:

gzip_types *;

as it's mentioned in the ngx_http_gzip module documentation,
https://nginx.org/en/docs/http/ngx_http_gzip_module.html#gzip_types

-- 
Sergey A. Osokin


From nginx-forum at forum.nginx.org  Fri May 27 09:31:10 2022
From: nginx-forum at forum.nginx.org (blason)
Date: Fri, 27 May 2022 05:31:10 -0400
Subject: Nginx reverse proxy gzip for json payload
In-Reply-To: <Yo+vdrGX2PcSO9yA@FreeBSD.org.ru>
References: <Yo+vdrGX2PcSO9yA@FreeBSD.org.ru>
Message-ID: <e5e016244c1d7d42eefbba18640cb9a8.NginxMailingListEnglish@forum.nginx.org>

Thanks for the reply. Let me try doing that.

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,294276,294293#msg-294293


From nginx-forum at forum.nginx.org  Fri May 27 09:31:33 2022
From: nginx-forum at forum.nginx.org (blason)
Date: Fri, 27 May 2022 05:31:33 -0400
Subject: Keepalived with nginx open source
In-Reply-To: <71c80838d011c18ac6ac292d4c8e845c.NginxMailingListEnglish@forum.nginx.org>
References: <71c80838d011c18ac6ac292d4c8e845c.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <43beb6900fd696354ef24c28d140f63c.NginxMailingListEnglish@forum.nginx.org>

Thanks for input; much appreciated.

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,294275,294294#msg-294294


From francis at daoine.org  Fri May 27 09:56:26 2022
From: francis at daoine.org (Francis Daly)
Date: Fri, 27 May 2022 10:56:26 +0100
Subject: Keepalived with nginx open source
In-Reply-To: <71c80838d011c18ac6ac292d4c8e845c.NginxMailingListEnglish@forum.nginx.org>
References: <71c80838d011c18ac6ac292d4c8e845c.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20220527095626.GG14624@daoine.org>

On Wed, May 25, 2022 at 01:34:03PM -0400, blason wrote:

Hi there,

> I am going to deploy two nginx reverse proxy servers and I wanted them in HA
> mode. I see keepalived is available with Plus version however keepalived
> being an open source can be used with Open source version as well? Can
> someone please confirm if keepalived or any other approach can help me in
> achieving Active-Passive setup of nginx reverse proxies?

As per the other reply -- it should Just Work.

The way keepalived works is that IP#1 is on machine1, IP#2 is on machine2,
and IP#3 is on one of those two machines -- it changes or "floats"
between them, based on the keepalived configuration.

So for high-availability, you want your clients to talk to IP#3 (and be
handled by whichever machine currently has that IP).

>From an nginx config point of view, the main thing is probably to ensure
that in your "listen" directives, you don't do anything that would cause
nginx to try to bind() to IP#3.

http://nginx.org/r/listen

(At least one of those bind() attempts should fail because IP#3 is not
on that machine right now, which would lead to sadness.)

If you want to see whether your config avoids that -- try running it
on a machine that does not have IP#3. If nginx fails to start, you
probably want to look at your listen directives to see if you are happy
to change them.

Good luck with it,

	f
-- 
Francis Daly        francis at daoine.org


From francis at daoine.org  Fri May 27 10:25:49 2022
From: francis at daoine.org (Francis Daly)
Date: Fri, 27 May 2022 11:25:49 +0100
Subject: Nginx reverse proxy gzip for json payload
In-Reply-To: <e5e016244c1d7d42eefbba18640cb9a8.NginxMailingListEnglish@forum.nginx.org>
References: <Yo+vdrGX2PcSO9yA@FreeBSD.org.ru>
 <e5e016244c1d7d42eefbba18640cb9a8.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20220527102549.GH14624@daoine.org>

On Fri, May 27, 2022 at 05:31:10AM -0400, blason wrote:

Hi there,

note that you have the request from the client to nginx, the request
from nginx to the upstream, the response from upstream to nginx, and
the response from nginx to the client.

"gzip" and friends deal with the response from nginx to the client.

http://nginx.org/r/gzip, http://nginx.org/r/gzip_types (which redirect
to different parts of the same page).

(I'm pretty sure that) nginx does not have an option to compress the
request from nginx to upstream.

If that is the thing that you want to do, you will need another
plan. (Possibly involving lua or one of the other embeddable languages.)

Cheers,

	f
-- 
Francis Daly        francis at daoine.org


From wangjiahao at openresty.com  Fri May 27 14:27:34 2022
From: wangjiahao at openresty.com (Jiahao Wang)
Date: Fri, 27 May 2022 22:27:34 +0800
Subject: [ANN] OpenResty 1.21.4.1 released
Message-ID: <CAOJ00aikVnn+6fJ0fvH=zy=QUq7DWsTCqCGxuBMy9bKfA35dUQ@mail.gmail.com>

Hi folks,

I am happy to announce the new formal release, 1.21.4.1, of our
OpenResty web platform based on NGINX and LuaJIT. It is the first
OpenResty version based on Nginx core 1.21.4.

The full announcement, download links, and change logs can be found below:

http://openresty.org/en/ann-1021004001.html

You can download the software packages here:

https://openresty.org/en/download.html

OpenResty is a high performance and dynamic web platform based on our
enhanced version of Nginx core, our enhanced version of LuaJIT, and
many powerful Nginx modules and Lua libraries. See OpenResty's
homepage for details:

https://openresty.org/en/

Enjoy!

Best regards,
Jiahao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220527/bbea5b67/attachment.htm>

From nginx-forum at forum.nginx.org  Sat May 28 11:09:32 2022
From: nginx-forum at forum.nginx.org (blason)
Date: Sat, 28 May 2022 07:09:32 -0400
Subject: Nginx reverse proxy gzip for json payload
In-Reply-To: <20220527102549.GH14624@daoine.org>
References: <20220527102549.GH14624@daoine.org>
Message-ID: <80ffabcd35b6c929b89a728d037fec88.NginxMailingListEnglish@forum.nginx.org>

This is fine - I need a part from Nginx to client. And thanks for clarifying
about nginx compressing the request which are only in responses.

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,294276,294305#msg-294305


From nginx-forum at forum.nginx.org  Sun May 29 05:20:03 2022
From: nginx-forum at forum.nginx.org (AussieSusan)
Date: Sun, 29 May 2022 01:20:03 -0400
Subject: Make relative paths in proxy go to the right server
In-Reply-To: <20220525123839.GE14624@daoine.org>
References: <20220525123839.GE14624@daoine.org>
Message-ID: <af1d9dbd98eb091f892e7159b69cfb66.NginxMailingListEnglish@forum.nginx.org>

Thank you Francis.

Adding the '/' at the end of the 'location' entry seems to have done the
trick.

(And sorry for the delay in responding - what is that saying about life
happening when you try to make plans)

Susan

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,294234,294309#msg-294309


From wizard at koalatyworks.com  Mon May 30 17:37:25 2022
From: wizard at koalatyworks.com (Ken Wright)
Date: Mon, 30 May 2022 13:37:25 -0400
Subject: Nginx not finding a directory in its path
Message-ID: <dfd29932cf9daf9afb58c8188c4728961d4a2bc7.camel@koalatyworks.com>

I've been trying to install Roundcube on my server, but when I get to
the web installer (enter mail.example.com/installer in the address bar
of my browser) I consistently get 404.  The webroot is
/var/www/roundcube, and there's an installer directory under that with
an index file in it.  I just can't figure out why it's misbehaving (or,
more accurately, what I haven't correctly told it to do).

The server is Ubuntu 22.04, and my nginx version is i.21.6.

Ken

-- 
If you ever think international affairs make sense, remember this:
Because a Serb shot an Austrian in Bosnia, Germany invaded Belgium
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220530/a4c24dbb/attachment.bin>

From francis at daoine.org  Mon May 30 19:53:54 2022
From: francis at daoine.org (Francis Daly)
Date: Mon, 30 May 2022 20:53:54 +0100
Subject: Nginx not finding a directory in its path
In-Reply-To: <dfd29932cf9daf9afb58c8188c4728961d4a2bc7.camel@koalatyworks.com>
References: <dfd29932cf9daf9afb58c8188c4728961d4a2bc7.camel@koalatyworks.com>
Message-ID: <20220530195354.GI14624@daoine.org>

On Mon, May 30, 2022 at 01:37:25PM -0400, Ken Wright wrote:

Hi there,

> I've been trying to install Roundcube on my server, but when I get to
> the web installer (enter mail.example.com/installer in the address bar
> of my browser) I consistently get 404.  The webroot is
> /var/www/roundcube, and there's an installer directory under that with
> an index file in it.  I just can't figure out why it's misbehaving (or,
> more accurately, what I haven't correctly told it to do).

Do the nginx logs indicate that the request got to nginx?

What is your nginx config, for this request?

	f
-- 
Francis Daly        francis at daoine.org


From nginx-forum at forum.nginx.org  Mon May 30 21:52:24 2022
From: nginx-forum at forum.nginx.org (jinshu)
Date: Mon, 30 May 2022 17:52:24 -0400
Subject: Different TLS versions for Different vHosts
Message-ID: <9f98ce18baf5a531ace77e3af5ae541e.NginxMailingListEnglish@forum.nginx.org>

Hello,

I am using nginx/1.20.1 and i am still searching for solution for
configuring different ssl_protocol version for different vhosts. Currently
it is reasing the first vhost ssl setting and applied to all following
vhosts.

Anyone got any idea?

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,294327,294327#msg-294327


From mdounin at mdounin.ru  Mon May 30 22:49:19 2022
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 31 May 2022 01:49:19 +0300
Subject: Different TLS versions for Different vHosts
In-Reply-To: <9f98ce18baf5a531ace77e3af5ae541e.NginxMailingListEnglish@forum.nginx.org>
References: <9f98ce18baf5a531ace77e3af5ae541e.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <YpVJ73Z/0Ne1q4cA@mdounin.ru>

Hello!

On Mon, May 30, 2022 at 05:52:24PM -0400, jinshu wrote:

> I am using nginx/1.20.1 and i am still searching for solution for
> configuring different ssl_protocol version for different vhosts. Currently
> it is reasing the first vhost ssl setting and applied to all following
> vhosts.

OpenSSL selects the protocol to use based on the settings of the 
initial SSL context when establishing an SSL connection, before 
applying any SNI-based settings.  This means that it is basically 
not possible to use different SSL/TLS protocols in different 
name-based virtual servers.  On the other hand, it is possible to 
do so by using IP-based virtual servers.

See 

http://nginx.org/en/docs/http/request_processing.html#mixed_name_ip_based_servers

for basic information about configuring IP-based virtual servers 
along with name-based ones.

Hope this helps.

-- 
Maxim Dounin
http://mdounin.ru/


From wizard at koalatyworks.com  Tue May 31 02:30:13 2022
From: wizard at koalatyworks.com (Ken Wright)
Date: Mon, 30 May 2022 22:30:13 -0400
Subject: Nginx not finding a directory in its path
In-Reply-To: <165395526263.56534.13925873879636984581@ec2-18-197-214-38.eu-central-1.compute.amazonaws.com>
References: 	<165395526263.56534.13925873879636984581@ec2-18-197-214-38.eu-central-1.compute.amazonaws.com>
Message-ID: <c4e37f0c13520e4439b9d8f771445746a93fc762.camel@koalatyworks.com>

On Tue, 2022-05-31 at 00:01 +0000, nginx-request at nginx.org wrote:


Hi there,

> I've been trying to install Roundcube on my server, but when I get to
> the web installer (enter mail.example.com/installer in the address
bar
> of my browser) I consistently get 404.  The webroot is
> /var/www/roundcube, and there's an installer directory under that
with
> an index file in it.  I just can't figure out why it's misbehaving
(or,
> more accurately, what I haven't correctly told it to do).

Do the nginx logs indicate that the request got to nginx?

What is your nginx config, for this request?


These are the most recent entries in the nginx access log:

72.18.50.172 - - [30/May/2022:22:19:34 -0400] "GET /installer HTTP/2.0"
404 114 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101
Firefox/100.0"
72.18.50.172 - - [30/May/2022:22:19:34 -0400] "GET /favicon.ico
HTTP/2.0" 404 114 "https://grace.koalatyworks.com/installer"
"Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101
Firefox/100.0"


Do you mean the config file for Roundcube or a different config?  Sorry
if I'm being dense, but I don't want to waste bandwidth with the wrong
file.

Ken
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: This is a digitally signed message part
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220530/51c6d758/attachment.bin>

From nginx-forum at forum.nginx.org  Tue May 31 05:53:20 2022
From: nginx-forum at forum.nginx.org (husaindalroti)
Date: Tue, 31 May 2022 01:53:20 -0400
Subject: Pass Lua variable in proxy pass directive
Message-ID: <f4087866e4a1e3598bce32f6ebdbd449.NginxMailingListEnglish@forum.nginx.org>

Hi Team,

Is it possible to pass lua variable in proxy pass directive which we define
using set_by_lua_file directive ?

Example :
set_by_lua_file $ref test.lua; 
proxy_pass '$ref';

Below is lua code :

local function main()
    local host="https://example.com"
    return host
end

return main()

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,294355,294355#msg-294355


From francis at daoine.org  Tue May 31 06:35:54 2022
From: francis at daoine.org (Francis Daly)
Date: Tue, 31 May 2022 07:35:54 +0100
Subject: Nginx not finding a directory in its path
In-Reply-To: <c4e37f0c13520e4439b9d8f771445746a93fc762.camel@koalatyworks.com>
References: <165395526263.56534.13925873879636984581@ec2-18-197-214-38.eu-central-1.compute.amazonaws.com>
 <c4e37f0c13520e4439b9d8f771445746a93fc762.camel@koalatyworks.com>
Message-ID: <20220531063554.GJ14624@daoine.org>

On Mon, May 30, 2022 at 10:30:13PM -0400, Ken Wright wrote:
> On Tue, 2022-05-31 at 00:01 +0000, nginx-request at nginx.org wrote:

Hi there,

> These are the most recent entries in the nginx access log:
> 
> 72.18.50.172 - - [30/May/2022:22:19:34 -0400] "GET /installer HTTP/2.0"
> 404 114 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101
> Firefox/100.0"
> 72.18.50.172 - - [30/May/2022:22:19:34 -0400] "GET /favicon.ico
> HTTP/2.0" 404 114 "https://grace.koalatyworks.com/installer"
> "Mozilla/5.0 (X11; Linux x86_64; rv:100.0) Gecko/20100101
> Firefox/100.0"

Thanks; that suggests that the request is being handled by nginx.

> Do you mean the config file for Roundcube or a different config?  Sorry
> if I'm being dense, but I don't want to waste bandwidth with the wrong
> file.

No worries.

The nginx config that handles this request to this server is what
matters first.

We can see that it does return 404; it sounds like you want it to return
a redirect to /installer/, and then you want the request to /installer/
to cause the file installer/index.php to be php-processed. And neither
of those happens.

The current nginx config should show why other things happen instead.

Something like "nginx -T" can show the config file content; other
possibilities exist as well.

Thanks,

	f
-- 
Francis Daly        francis at daoine.org


From evald80 at gmail.com  Tue May 31 16:01:01 2022
From: evald80 at gmail.com (evald ibrahimi)
Date: Tue, 31 May 2022 18:01:01 +0200
Subject: nginx -s reload does not work with proxy directives
Message-ID: <CAPYfWRSKpkLuTPNrFKTa5JzYe8fsX6B3vCnO9WGDosBUmOE-Lw@mail.gmail.com>

hello,

Just encounter this issue on the latest version of nginx 1.22.0.
Basically i added the "proxy_read_timeout 600s;" in a server directive and
run "nginx -s reload".
I was getting still "upstream timed out (110: Connection timed out) while
reading response header from upstream, client: " after 60 seconds which is
the default value.
Than i said, let's restart the whole service with systemctl restart nginx
and it worked..no more upstream timeout.

the whole config file:
----------------------------
server {
server_name blablaerp.com;

# modsecurity on;

client_max_body_size 100M;
location / {
proxy_pass https://172.20.14.172:443;
proxy_read_timeout 600s;

proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
proxy_set_header Host $host;
}

error_log  /var/log/nginx/bcamprod_Errnginx.log;
access_log /var/log/nginx/bcamprod_Accessnginx.log;

listen 443 ssl; # managed by Certbot
    ssl_certificate /etc/letsencrypt/live/blablaerp.com/fullchain.pem; #
managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/blablaerp.com/privkey.pem; #
managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

    add_header X-Robots-Tag "noindex, nofollow, nosnippet, noarchive";
#add_header X-Robots-Tag "all";
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220531/1e2f751f/attachment.htm>

From mdounin at mdounin.ru  Tue May 31 16:38:37 2022
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 31 May 2022 19:38:37 +0300
Subject: nginx -s reload does not work with proxy directives
In-Reply-To: <CAPYfWRSKpkLuTPNrFKTa5JzYe8fsX6B3vCnO9WGDosBUmOE-Lw@mail.gmail.com>
References: <CAPYfWRSKpkLuTPNrFKTa5JzYe8fsX6B3vCnO9WGDosBUmOE-Lw@mail.gmail.com>
Message-ID: <YpZEjT6C2QzizoAR@mdounin.ru>

Hello!

On Tue, May 31, 2022 at 06:01:01PM +0200, evald ibrahimi wrote:

> Just encounter this issue on the latest version of nginx 1.22.0.
> Basically i added the "proxy_read_timeout 600s;" in a server directive and
> run "nginx -s reload".
> I was getting still "upstream timed out (110: Connection timed out) while
> reading response header from upstream, client: " after 60 seconds which is
> the default value.
> Than i said, let's restart the whole service with systemctl restart nginx
> and it worked..no more upstream timeout.

This suggests that reload wasn't successful for some reason.

There are various legitimate cases when reload might fail even if 
the configuration is perfectly correct: for example, if there are 
conflicting settings for a shared memory zone (e.g., you cannot 
change size of a shared memory zone), or when using conflicting 
listening sockets on Linux (such as "listen 80;" and "listen 
127.0.0.1:80 bind;").  Detailed information about why reload 
failed is expected to appear in the error log.

Further, bugs in 3rd party modules might additionally break 
configuration reloads.  If there are any, you may want to test if 
things work correctly without 3rd party modules.

Hope this helps.

-- 
Maxim Dounin
http://mdounin.ru/


From nginx-forum at forum.nginx.org  Tue May 31 16:57:46 2022
From: nginx-forum at forum.nginx.org (hanzhai)
Date: Tue, 31 May 2022 12:57:46 -0400
Subject: Buffer reuse like gzip filter module, with pre-configured number of buffers
Message-ID: <cee7d7013298a7bf116f26c05a284412.NginxMailingListEnglish@forum.nginx.org>

Hi,

I am writing my own filter module based on the gzip filter module. My filter
module would first insert a long text (200 to 1024 KB based on the
situation) at the beginning of the original response and then do some other
manipulations to the original response. The pre-configured number of buffers
that can be allocated per request (like the gzip_buffers directive in gzip
filter module) will reduce the risk of OOM. 

Here is the example code:


ngx_int_t rc;
ngx_chain_t *ch = NULL;
size_t len = 64 * 4096;

ngx_buf_t *b = ngx_create_temp_buf(r->pool, len);
if (b == NULL) {
    return NGX_ERROR;
}
b->recycled = 1;
b->tag = (ngx_buf_tag_t) &ngx_http_my_filter_module;

// operation to copy 64 kb data to the ngx_buf_t b;
b->last = b->pos + len;

ch = ngx_alloc_chain_link(r->pool);
if (ch == NULL) {
    goto failed;
}
ch->buf = b;
ch->next = NULL;

rc = ngx_http_next_body_filter(r, ch); // rc got NGX_OK
if (rc != NGX_OK && rc != NGX_AGAIN) {
    goto failed;
}

ngx_chain_update_chains(r->pool, &ctx->free, &ctx->busy, &ch,
                        (ngx_buf_tag_t) &ngx_http_my_filter_module);

ngx_chain_t *cl = ch;
while (cl) {
    ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, "buf sz: %z",
ngx_buf_size(cl->buf)); // output: buf sz: 65536
    cl = cl->next;
}

// reuse the buffer b if possible


Explanation:

I created a buffer b with 64k, then I copied 64k data, then I called
ngx_http_next_body_filter to send the first 64k data to the client, then I
want to reuse the buffer b to send the next 64k data and so on.

The question is after ngx_http_next_body_filter, ctx->free is still NULL,
because ngx_buf_size(b) got 65536 which means that the buffer b cannot be
recycled. My guess even if the next_body_filter returns an NGX_OK, it
doesn't guarantee any of the buffers inside the ngx_chain_t can be reused.

What should I do if I want to reuse the 64k buffer?

Posted at Nginx Forum: https://forum.nginx.org/read.php?2,294374,294374#msg-294374


From evald80 at gmail.com  Tue May 31 17:24:40 2022
From: evald80 at gmail.com (evald ibrahimi)
Date: Tue, 31 May 2022 19:24:40 +0200
Subject: nginx -s reload does not work with proxy directives
In-Reply-To: <YpZEjT6C2QzizoAR@mdounin.ru>
References: <CAPYfWRSKpkLuTPNrFKTa5JzYe8fsX6B3vCnO9WGDosBUmOE-Lw@mail.gmail.com>
 <YpZEjT6C2QzizoAR@mdounin.ru>
Message-ID: <CAPYfWRQSc84+6G-BGXtoaZdHzziu3UwgE6dW8tE2kUeh6eJW8Q@mail.gmail.com>

Thanks for the explanation.

On Tue, 31 May 2022, 18:38 Maxim Dounin, <mdounin at mdounin.ru> wrote:

> Hello!
>
> On Tue, May 31, 2022 at 06:01:01PM +0200, evald ibrahimi wrote:
>
> > Just encounter this issue on the latest version of nginx 1.22.0.
> > Basically i added the "proxy_read_timeout 600s;" in a server directive
> and
> > run "nginx -s reload".
> > I was getting still "upstream timed out (110: Connection timed out) while
> > reading response header from upstream, client: " after 60 seconds which
> is
> > the default value.
> > Than i said, let's restart the whole service with systemctl restart nginx
> > and it worked..no more upstream timeout.
>
> This suggests that reload wasn't successful for some reason.
>
> There are various legitimate cases when reload might fail even if
> the configuration is perfectly correct: for example, if there are
> conflicting settings for a shared memory zone (e.g., you cannot
> change size of a shared memory zone), or when using conflicting
> listening sockets on Linux (such as "listen 80;" and "listen
> 127.0.0.1:80 bind;").  Detailed information about why reload
> failed is expected to appear in the error log.
>
> Further, bugs in 3rd party modules might additionally break
> configuration reloads.  If there are any, you may want to test if
> things work correctly without 3rd party modules.
>
> Hope this helps.
>
> --
> Maxim Dounin
> http://mdounin.ru/
> _______________________________________________
> nginx mailing list -- nginx at nginx.org
> To unsubscribe send an email to nginx-leave at nginx.org
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20220531/4de7f49d/attachment.htm>

From francis at daoine.org  Tue May 31 18:46:30 2022
From: francis at daoine.org (Francis Daly)
Date: Tue, 31 May 2022 19:46:30 +0100
Subject: Pass Lua variable in proxy pass directive
In-Reply-To: <f4087866e4a1e3598bce32f6ebdbd449.NginxMailingListEnglish@forum.nginx.org>
References: <f4087866e4a1e3598bce32f6ebdbd449.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <20220531184630.GK14624@daoine.org>

On Tue, May 31, 2022 at 01:53:20AM -0400, husaindalroti wrote:

Hi there,

> Is it possible to pass lua variable in proxy pass directive which we define
> using set_by_lua_file directive ?

Untested, but the documentation suggests that it should work.

> set_by_lua_file $ref test.lua; 
> proxy_pass '$ref';

Perhaps use:

    proxy_pass $ref;

without the quotes, to match most examples of using variables in
proxy_pass.

Good luck with it,

	f
-- 
Francis Daly        francis at daoine.org


From mdounin at mdounin.ru  Tue May 31 20:37:07 2022
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 31 May 2022 23:37:07 +0300
Subject: Buffer reuse like gzip filter module, with pre-configured number
 of buffers
In-Reply-To: <cee7d7013298a7bf116f26c05a284412.NginxMailingListEnglish@forum.nginx.org>
References: <cee7d7013298a7bf116f26c05a284412.NginxMailingListEnglish@forum.nginx.org>
Message-ID: <YpZ8cxiQVLXfjQYw@mdounin.ru>

Hello!

On Tue, May 31, 2022 at 12:57:46PM -0400, hanzhai wrote:

[...]

> rc = ngx_http_next_body_filter(r, ch); // rc got NGX_OK
> if (rc != NGX_OK && rc != NGX_AGAIN) {
>     goto failed;
> }
> 
> ngx_chain_update_chains(r->pool, &ctx->free, &ctx->busy, &ch,
>                         (ngx_buf_tag_t) &ngx_http_my_filter_module);
> 
> ngx_chain_t *cl = ch;
> while (cl) {
>     ngx_log_error(NGX_LOG_ERR, r->connection->log, 0, "buf sz: %z",
> ngx_buf_size(cl->buf)); // output: buf sz: 65536
>     cl = cl->next;
> }
> 
> // reuse the buffer b if possible
> 
> 
> Explanation:
> 
> I created a buffer b with 64k, then I copied 64k data, then I called
> ngx_http_next_body_filter to send the first 64k data to the client, then I
> want to reuse the buffer b to send the next 64k data and so on.
> 
> The question is after ngx_http_next_body_filter, ctx->free is still NULL,
> because ngx_buf_size(b) got 65536 which means that the buffer b cannot be
> recycled. My guess even if the next_body_filter returns an NGX_OK, it
> doesn't guarantee any of the buffers inside the ngx_chain_t can be reused.
> 
> What should I do if I want to reuse the 64k buffer?

The idea is that buffers which aren't yet sent will be referenced 
in ctx->busy, and once fully sent, they will be moved to ctx->free 
and can be reused.  If your body filter was called and there are 
no buffers in ctx->free (and you've exhausted all the configured 
buffers), you simply call ngx_http_next_body_filter() with NULL 
chain and then call ngx_chain_update_chains() to see if there are 
any buffers which can be reused.  And if there are still no 
buffers to use, you simply return NGX_AGAIN to wait for additional 
write events.  Check the ctx->nomem case in the gzip filter for 
additional details.

-- 
Maxim Dounin
http://mdounin.ru/