Primary script unknown error - can't figure out how to fix

Steve Holdoway steve at greengecko.co.nz
Tue Jan 8 19:44:17 UTC 2013


At first glance I can't see anything listening on port 443.

Cheers,

Steve
On 09/01/13 08:08, Patrick Lists wrote:
> Hi all,
>
> I'm new to nginx and trying to setup a piwik virtual hosts on an 
> up-to-date CentOS 6.3 box with nginx 1.2.6, php-5.3.3 with php-fpm src 
> from the 5.3.20 release. I'm seeing some "Primary script unknown" 
> errors which I can't figure out with the info in the book, wiki or 
> google. Below are my configs. Hopefully someone has a clue what I am 
> doing wrong.
>
> # ls -l /usr/share/nginx
> drwxr-xr-x. 12 root root 4096 Jan  8 18:47 piwik
>
> # ls -l /usr/share/nginx/piwik
> total 96
> -rw-r-----.  1 nginx nginx   676 Aug 12 16:05 composer.json
> drwxr-x---.  2 nginx nginx  4096 Nov 27 11:11 config
> drwxr-x---. 25 nginx nginx  4096 Nov 27 11:11 core
> -rw-r-----.  1 nginx nginx   822 Feb 14  2005 favicon.ico
> -rw-rw-r--.  1 nginx nginx   273 Nov 27 11:11 How to install Piwik.html
> -rw-r-----.  1 nginx nginx  1611 Mar 20  2012 index.php
> drwxr-x---.  2 nginx nginx  4096 Nov 27 11:11 js
> drwxr-x---.  2 nginx nginx  4096 Nov 27 11:11 lang
> -rw-r-----.  1 nginx nginx  6070 Feb 13  2012 LEGALNOTICE
> drwxr-x---. 21 nginx nginx  4096 Nov 27 11:11 libs
> drwxr-x---.  6 nginx nginx  4096 Nov 27 11:11 misc
> -rw-r-----.  1 nginx nginx 21548 Nov  1 10:02 piwik.js
> -rw-r-----.  1 nginx nginx  2967 Oct 23 11:22 piwik.php
> drwxr-x---. 46 nginx nginx  4096 Nov 27 11:11 plugins
> -rw-r-----.  1 nginx nginx  2640 Mar  6  2012 README
> drwxr-x---.  2 nginx nginx  4096 Nov 27 11:11 tests
> drwxr-x---.  3 nginx nginx  4096 Nov 27 11:11 themes
> drwxr-x---.  2 nginx nginx  4096 Nov 27 11:11 tmp
>
>
> # cat /etc/nginx/nginx.conf
>
> user  nginx nginx;
>
> ## as recommended in the Nginx book, p98
> worker_processes      2;
> worker_rlimit_nofile  1024;
> worker_priority       -5;
> worker_cpu_affinity   01 10;
>
> error_log  /var/log/nginx/error.log;
> pid        /var/run/nginx.pid;
>
> events {
>     ## as recommended in the Nginx book, p98
>     worker_connections  128;
>     ## epoll is preferred on 2.6 Linux
>     use epoll;
>     ## Accept as many connections as possible
>     multi_accept on;
> }
>
> http {
>     ## http://nginx.org/en/docs/http/server_names.html
>     server_names_hash_bucket_size  64;
>
>     ## MIME types
>     include       /etc/nginx/mime.types;
>     default_type  application/octet-stream;
>
>     ## FastCGI
>     include /etc/nginx/fastcgi.conf;
>
>     ## define the log format
>     log_format  main  '$remote_addr - $remote_user [$time_local] 
> "$request" '
>                       '$status $body_bytes_sent "$http_referer" '
>                       '"$http_user_agent" "$http_x_forwarded_for"';
>
>     ## Default log and error files
>     access_log  /var/log/nginx/access.log  main;
>     error_log  /var/log/nginx/error.log;
>
>     ## Use sendfile() syscall to speed up I/O operations and speed up
>     ## static file serving
>     sendfile        on;
>
>     ## Handling of IPs in proxied and load balancing situations
>     set_real_ip_from 0.0.0.0/32; # all addresses get a real IP
>     real_ip_header X-Forwarded-For; # ip forwarded from the load 
> balancer/proxy
>
>     ## Define a zone for limiting the number of simultaneous
>     ## connections nginx accepts. 1m means 32000 simultaneous
>     ## sessions. We need to define for each server the limit_conn
>     ## value refering to this or other zones
>     limit_conn_zone $binary_remote_addr zone=arbeit:10m;
>
>     ## Timeouts
>     client_body_timeout 60;
>     client_header_timeout 60;
>     keepalive_timeout 10 10;
>     send_timeout 60;
>
>     ## reset lingering timed out connections. Deflect DDoS
>     reset_timedout_connection on;
>
>     ## Body size
>     client_max_body_size 10m;
>
>     ## TCP options
>     tcp_nodelay on;
>     ## Optimization of socket handling when using sendfile
>     tcp_nopush on;
>
>     ## Compression.
>     gzip              on;
>     gzip_buffers      16 8k;
>     gzip_comp_level   1;
>     gzip_http_version 1.1;
>     gzip_min_length   10;
>     gzip_types        text/plain text/css application/x-javascript 
> text/xml application/xml application/xml+rss text/javascript 
> image/x-icon application/vnd.ms-fontobject font/opentype 
> application/x-font-ttf;
>     gzip_vary         on;
>     gzip_proxied      any; # Compression for all requests
>     ## No need for regexps. See
>     ## http://wiki.nginx.org/NginxHttpGzipModule#gzip_disable
>     gzip_disable "msie6";
>
>     ## Serve already compressed files directly, bypassing on-the-fly
>     ## compression
>     gzip_static on;
>
>     ## Hide the Nginx version number.
>     server_tokens off;
>
>     ## Use a SSL/TLS cache for SSL session resume. This needs to be
>     ## here (in this context, for session resumption to work. See this
>     ## thread on the Nginx mailing list:
>     ## http://nginx.org/pipermail/nginx/2010-November/023736.html
>     ssl_session_cache shared:SSL:10m;
>     ssl_session_timeout 10m;
>
>     ## Enable clickjacking protection in modern browsers. Available in
>     ## IE8 also. See
>     ## 
> https://developer.mozilla.org/en/The_X-FRAME-OPTIONS_response_header
>     add_header X-Frame-Options SAMEORIGIN;
>
>     ## add Maxmind GeoIP databases
>     ## http://dev.maxmind.com/geoip/geolite
>     geoip_country  /etc/nginx/GeoIP.dat;
>     ##geoip_country  /etc/nginx/GeoIPv6.dat;
>     geoip_city     /etc/nginx/GeoLiteCity.dat;
>     ##geoip_city     /etc/nginx/GeoLiteCityv6.dat;
>
>     ## Include the upstream servers for PHP FastCGI handling config.
>     include upstream_phpcgi.conf;
>
>     ## FastCGI cache zone definition.
>     include fastcgi_cache_zone.conf;
>
>     ## Include the php-fpm status allowed hosts configuration block.
>     ## Uncomment to enable if you're running php-fpm.
>     include php_fpm_status_allowed_hosts.conf;
>
>     ## Include all vhosts.
>     include /etc/nginx/sites-enabled/*;
>
> }
>
>
> # cat /etc/nginx/fastcgi.conf
>
> ### fastcgi configuration.
> fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
> include fastcgi_params;
> fastcgi_buffers 256 4k;
> fastcgi_intercept_errors on;
> ## allow 4 hrs - pass timeout responsibility to upstream
> fastcgi_read_timeout 14400;
> fastcgi_index index.php;
>
> # cat /etc/nginx/upstream_phpcgi.conf
>
> ### Upstream configuration for PHP FastCGI.
>
> ## Add as many servers as needed. Cf. 
> http://wiki.nginx.org/HttpUpstreamModule.
> upstream phpcgi {
>     ##server unix:/var/run/php-fpm.sock;
>     server 127.0.0.1:9000;
> }
>
>
> # cat /etc/nginx/fastcgi_cache_zone.conf
>
> fastcgi_cache_path /var/lib/nginx/tmp/fastcgi levels=1:2 
> keys_zone=fcgicache:100k max_size=10M inactive=3h 
> loader_threshold=2592000000 loader_sleep=1 loader_files=100000;
>
>
> # cat /etc/nginx/sites-available/piwik.conf
>
> ### Nginx configuration for Piwik.
> ### based on https://github.com/perusio/piwik-nginx
>
> server {
>     listen <my_public_ip>:80; # IPv4
>     listen <my_public_ipv6>:80; # IPv6
>
>     server_name  piwik.domain.com;
>
>     # always redirect to the ssl version
>     rewrite  ^ https://$server_name$request_uri? permanent;
> }
>
> server {
>     listen <my_public_ip>:80; # IPv4
>     listen <my_public_ipv6>:80; # IPv6
>
>     ## SSL config
>     ssl_protocols  SSLv3 TLSv1 TLSv1.1 TLSv1.2;
>     ssl_ciphers    HIGH:!aNULL:!MD5:!RC4;
>     ssl_prefer_server_ciphers  on;
>
>     # public server cert
>     ssl_certificate  /etc/pki/tls/certs/piwik.domain.com.crt;
>     # private server key without pass
>     ssl_certificate_key /etc/pki/tls/private/piwik.domain.com.key;
>     # public CA cert to verify client certs
>     ssl_client_certificate  /etc/pki/tls/certs/My_CA.crt;
>
>     ## verify client certs
>     ssl_verify_client on;
>     #ssl_verify_depth 1;
>
>     limit_conn arbeit 32;
>     server_name piwik.domain.com;
>
>     ## Access and error log files.
>     access_log /var/log/nginx/piwik.domain.com_access.log;
>     error_log /var/log/nginx/piwik.domain.com_error.log;
>
>     root /usr/share/nginx/piwik.domain.com;
>     index index.php;
>
>     ## Disallow any usage of piwik assets if referer is non valid.
>     location ~* ^.+\.(?:css|gif|jpe?g|js|png|swf)$ {
>         ## Defining the valid referers.
>         valid_referers none blocked *.domain.com domain.com;
>         if ($invalid_referer)  {
>             return 444;
>         }
>         expires max;
>         ## No need to bleed constant updates. Send the all shebang in one
>         ## fell swoop.
>         tcp_nodelay off;
>         ## Set the OS file cache.
>         open_file_cache max=500 inactive=120s;
>         open_file_cache_valid 45s;
>         open_file_cache_min_uses 2;
>         open_file_cache_errors off;
>     }
>
>     ## Support for favicon. Return a 204 (No Content) if the favicon
>     ## doesn't exist.
>     location = /favicon.ico {
>         try_files /favicon.ico =204;
>     }
>
>     ## Try all locations and relay to index.php as a fallback.
>     location / {
>         try_files $uri /index.php?$query_string;
>     }
>
>     ## Relay all index.php requests to fastcgi.
>     location = /index.php {
>         fastcgi_pass 127.0.0.1:9001;
>         ## FastCGI cache.
>         ## cache ui for 5m (set the same interval of your crontab)
>         include sites-available/fcgi_piwik_cache.conf;
>         fastcgi_index   index.php;
>         fastcgi_param   SCRIPT_FILENAME 
> $document_root$fastcgi_script_name;
>         include         fastcgi_params;
>     }
>
>     ## Relay all piwik.php requests to fastcgi.
>     location = /piwik.php {
>         fastcgi_pass 127.0.0.1:9001;
>         include sites-available/fcgi_piwik_long_cache.conf;
>         fastcgi_index   index.php;
>         fastcgi_param   SCRIPT_FILENAME 
> $document_root$fastcgi_script_name;
>         include         fastcgi_params;
>     }
>
>     ## Any other attempt to access PHP files redirects to the root.
>     location ~* ^.+\.php$ {
>         return 302 /;
>     }
>
>     ## Redirect to the root if attempting to access a txt file.
>     location ~* 
> (?:DESIGN|(?:gpl|README|LICENSE)[^.]*|LEGALNOTICE)(?:\.txt)*$ {
>         return 302 /;
>     }
>
>     ## Disallow access to several helper files.
>     location ~* \.(?:bat|html?|git|ini|sh|svn[^.]*|txt|tpl|xml)$ {
>         return 404;
>     }
>
>     ## No crawling of this site for bots that obey robots.txt.
>     location = /robots.txt {
>         return 200 "User-agent: *\nDisallow: /\n";
>     }
>
>     ## Including the php-fpm status and ping pages config.
>     ## Uncomment to enable if you're running php-fpm.
>     include php_fpm_status_vhost.conf;
>
> } # server
>
>
> # cat /etc/nginx/fastcgi_params
> ### fastcgi parameters.
> fastcgi_param  QUERY_STRING       $query_string;
> fastcgi_param  REQUEST_METHOD     $request_method;
> fastcgi_param  CONTENT_TYPE       $content_type;
> fastcgi_param  CONTENT_LENGTH     $content_length;
>
> fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
> fastcgi_param  REQUEST_URI        $request_uri;
> fastcgi_param  DOCUMENT_URI       $document_uri;
> fastcgi_param  DOCUMENT_ROOT      $document_root;
> fastcgi_param  SERVER_PROTOCOL    $server_protocol;
>
> fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
> fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
>
> fastcgi_param  REMOTE_ADDR        $remote_addr;
> fastcgi_param  REMOTE_PORT        $remote_port;
> fastcgi_param  SERVER_ADDR        $server_addr;
> fastcgi_param  SERVER_PORT        $server_port;
> fastcgi_param  SERVER_NAME        $server_name;
>
> # Maxmind GeoIP for Piwik
> # http://piwik.org/faq/how-to/#faq_166
> fastcgi_param GEOIP_ADDR          $remote_addr;
> fastcgi_param GEOIP_COUNTRY_CODE  $geoip_country_code;
> fastcgi_param GEOIP_COUNTRY_NAME  $geoip_country_name;
> fastcgi_param GEOIP_REGION        $geoip_region;
> fastcgi_param GEOIP_REGION_NAME   $geoip_region_name;
> fastcgi_param GEOIP_CITY          $geoip_city;
> fastcgi_param GEOIP_AREA_CODE     $geoip_area_code;
> fastcgi_param GEOIP_LATITUDE      $geoip_latitude;
> fastcgi_param GEOIP_LONGITUDE     $geoip_longitude;
> fastcgi_param GEOIP_POSTAL_CODE   $geoip_postal_code;
>
> # PHP only, required if PHP was built with --enable-force-cgi-redirect
> fastcgi_param  REDIRECT_STATUS    200;
>
> # cat /etc/php-fpm.conf
> [global]
> pid = run/php-fpm.pid
> error_log = log/php-fpm.log
> syslog.facility = daemon
> log_level = notice
> emergency_restart_threshold = 10
> emergency_restart_interval = 1
> process_control_timeout = 10s
> daemonize = yes
> rlimit_files = 131072
> rlimit_core = unlimited
> events.mechanism = epoll
>
> [piwik]
>
> user = nginx
> group = nginx
>
> listen = 127.0.0.1:9001
>
> listen.owner = nginx
> listen.group = nginx
> listen.mode = 0666
> listen.backlog = -1
>
> listen.allowed_clients = 127.0.0.1
>
> pm = dynamic
> pm.max_children = 10
> pm.start_servers = 3
> pm.min_spare_servers = 2
> pm.max_spare_servers = 4
>
> pm.status_path = /fpm-status
> ping.path = /ping
>
> access.log = /var/log/php-fpm-$pool.access.log
> slowlog = /var/log/php-fpm-$pool.slow.log
>
> request_slowlog_timeout = 5s
> request_terminate_timeout = 120s
>
> catch_workers_output = yes
>
> security.limit_extensions = .php
>
> env[HOSTNAME] = $HOSTNAME
> env[PATH] = /usr/local/bin:/usr/bin:/bin
> env[TMP] = /tmp
> env[TMPDIR] = /tmp
> env[TEMP] = /tmp
>
>
> The various errors I see are:
>
> 2013/01/08 19:31:00 [error] 638#0: *3 FastCGI sent in stderr: "Primary 
> script unknown" while reading response header from upstream, client: 
> <client_ipv6_address>, server: piwik.domain.com, request: "GET / 
> HTTP/1.1", upstream: "fastcgi://127.0.0.1:9001", host: "piwik.domain.com"
>
> 2013/01/08 19:32:00 [error] 638#0: *15 FastCGI sent in stderr: 
> "Primary script unknown", client: <client_ipv6_address>, server: 
> piwik.domain.com, request: "GET / HTTP/1.1", host: "piwik.domain.com"
>
>
> Any advice or pointers to docs where I can find a solution are most 
> appreciated.
>
> Thanks/спасибо,
> Patrick
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>



More information about the nginx mailing list