proxy_cache_bypass with ssi caches template

bponury nginx-forum at nginx.us
Mon Jan 10 22:55:04 MSK 2011 

Hi everyone,
I've been struggling with this for some time now trying to drop varnish
in favor for nginx.

Server: nginx/0.8.54

quick peek on problem - SSI on; proxy_cache_bypass caches backend
response as regular html page with HTTP/1.1 200 OK inside, so next fetch
from cache will return to client a page with SSI tags inside
(unprocessed).

And now the full configuration if the problem is still not clear.
My goal: force refresh of item in cache
Item has SSI tags inside which I would like to be processed (this is
obvious)

So far I've found that there's no way of refreshing cache other than
deleting a file on hdd (which could lead to strange problems in my
opinion) or using proxy_cache_bypass. Bypass goes right to backend and
the response is cached, but with ssi on it's cached wrong.

Configuration:
- debian6-32 (running nginx 0.8.54)
- bypass will be used when 'Secret' header is set
- backend has two files - index.php and footer.php

[b]Step 1) first fetch (without bypass) returns this:[/b]
[code]
[20:45:01] debian6-32:~# printf "GET /num/5 HTTP/1.0\r\nHost:
debian6-32\r\n\r\n" | nc.traditional debian6-32 80 | grep '>'
>>>> FOOTER 08:46:05
>>>> INDEX 08:46:05
[20:45:08] debian6-32:~# printf "GET /num/5 HTTP/1.0\r\nHost:
debian6-32\\r\n\r\n" | nc.traditional debian6-32 80 | grep '>'
>>>> FOOTER 08:46:05
>>>> INDEX 08:46:05
[/code]
We can see that cache and SSI works fine (footer line is produced by
footer.php) and the whole page is cached

[b]Step 2) let's refresh cache using secret header[/b]
[code]
[20:45:16] ponury at eva:~ $ printf "GET /num/5 HTTP/1.0\r\nHost:
debian6-32\r\nSecret: 1\r\n\r\n" | nc.traditional debian6-32 80 | grep
'>>'
>>>> FOOTER 08:47:09
>>>> INDEX 08:47:09
[20:45:18] ponury at eva:~ $ printf "GET /num/5 HTTP/1.0\r\nHost:
debian6-32\r\nSecret: 1\r\n\r\n" | nc.traditional debian6-32 80 | grep
'>>'
>>>> FOOTER 08:47:11
>>>> INDEX 08:47:11
[20:45:20] ponury at eva:~ $
[/code]
Also bypass works great each time backend is being hit.

[b]Step 3)  fetch that page without bypass:[/b]
[code]
[20:45:11] debian6-32:~# printf "GET /num/5 HTTP/1.0\r\nHost:
debian6-32\r\nCookie: refresh=1\r\n\r\n" | nc.traditional debian6-32 80
| grep '>'
<!--# include file="/footer.php" -->
>>>> INDEX 08:47:11
[20:45:23] debian6-32:~#
[/code]
And here it is... clients receives unprocessed ssi header. The good news
is - its fresh. Bad news - it shouldn't happen.

My current nginx config:
        [code]
location / { 
            ssi on; 

            proxy_cache my-cache;
            proxy_cache_valid  200 302  1m; 

            if ($remote_addr ~* "192.168.0.128") {
                set $is_backend 1;
            }   
            proxy_cache_bypass $is_backend $http_secret;

            proxy_pass http://192.168.0.128$uri$is_args$args;
        }
[/code]
   
So, is there something I'm missing or this just can't be done?

Thank you in advance for any help.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,165196,165196#msg-165196

More information about the nginx mailing list