Primary script unknown error - can't figure out how to fix
Steve Holdoway
steve at greengecko.co.nz
Tue Jan 8 19:44:17 UTC 2013
At first glance I can't see anything listening on port 443.
Cheers,
Steve
On 09/01/13 08:08, Patrick Lists wrote:
> Hi all,
>
> I'm new to nginx and trying to setup a piwik virtual hosts on an
> up-to-date CentOS 6.3 box with nginx 1.2.6, php-5.3.3 with php-fpm src
> from the 5.3.20 release. I'm seeing some "Primary script unknown"
> errors which I can't figure out with the info in the book, wiki or
> google. Below are my configs. Hopefully someone has a clue what I am
> doing wrong.
>
> # ls -l /usr/share/nginx
> drwxr-xr-x. 12 root root 4096 Jan 8 18:47 piwik
>
> # ls -l /usr/share/nginx/piwik
> total 96
> -rw-r-----. 1 nginx nginx 676 Aug 12 16:05 composer.json
> drwxr-x---. 2 nginx nginx 4096 Nov 27 11:11 config
> drwxr-x---. 25 nginx nginx 4096 Nov 27 11:11 core
> -rw-r-----. 1 nginx nginx 822 Feb 14 2005 favicon.ico
> -rw-rw-r--. 1 nginx nginx 273 Nov 27 11:11 How to install Piwik.html
> -rw-r-----. 1 nginx nginx 1611 Mar 20 2012 index.php
> drwxr-x---. 2 nginx nginx 4096 Nov 27 11:11 js
> drwxr-x---. 2 nginx nginx 4096 Nov 27 11:11 lang
> -rw-r-----. 1 nginx nginx 6070 Feb 13 2012 LEGALNOTICE
> drwxr-x---. 21 nginx nginx 4096 Nov 27 11:11 libs
> drwxr-x---. 6 nginx nginx 4096 Nov 27 11:11 misc
> -rw-r-----. 1 nginx nginx 21548 Nov 1 10:02 piwik.js
> -rw-r-----. 1 nginx nginx 2967 Oct 23 11:22 piwik.php
> drwxr-x---. 46 nginx nginx 4096 Nov 27 11:11 plugins
> -rw-r-----. 1 nginx nginx 2640 Mar 6 2012 README
> drwxr-x---. 2 nginx nginx 4096 Nov 27 11:11 tests
> drwxr-x---. 3 nginx nginx 4096 Nov 27 11:11 themes
> drwxr-x---. 2 nginx nginx 4096 Nov 27 11:11 tmp
>
>
> # cat /etc/nginx/nginx.conf
>
> user nginx nginx;
>
> ## as recommended in the Nginx book, p98
> worker_processes 2;
> worker_rlimit_nofile 1024;
> worker_priority -5;
> worker_cpu_affinity 01 10;
>
> error_log /var/log/nginx/error.log;
> pid /var/run/nginx.pid;
>
> events {
> ## as recommended in the Nginx book, p98
> worker_connections 128;
> ## epoll is preferred on 2.6 Linux
> use epoll;
> ## Accept as many connections as possible
> multi_accept on;
> }
>
> http {
> ## http://nginx.org/en/docs/http/server_names.html
> server_names_hash_bucket_size 64;
>
> ## MIME types
> include /etc/nginx/mime.types;
> default_type application/octet-stream;
>
> ## FastCGI
> include /etc/nginx/fastcgi.conf;
>
> ## define the log format
> log_format main '$remote_addr - $remote_user [$time_local]
> "$request" '
> '$status $body_bytes_sent "$http_referer" '
> '"$http_user_agent" "$http_x_forwarded_for"';
>
> ## Default log and error files
> access_log /var/log/nginx/access.log main;
> error_log /var/log/nginx/error.log;
>
> ## Use sendfile() syscall to speed up I/O operations and speed up
> ## static file serving
> sendfile on;
>
> ## Handling of IPs in proxied and load balancing situations
> set_real_ip_from 0.0.0.0/32; # all addresses get a real IP
> real_ip_header X-Forwarded-For; # ip forwarded from the load
> balancer/proxy
>
> ## Define a zone for limiting the number of simultaneous
> ## connections nginx accepts. 1m means 32000 simultaneous
> ## sessions. We need to define for each server the limit_conn
> ## value refering to this or other zones
> limit_conn_zone $binary_remote_addr zone=arbeit:10m;
>
> ## Timeouts
> client_body_timeout 60;
> client_header_timeout 60;
> keepalive_timeout 10 10;
> send_timeout 60;
>
> ## reset lingering timed out connections. Deflect DDoS
> reset_timedout_connection on;
>
> ## Body size
> client_max_body_size 10m;
>
> ## TCP options
> tcp_nodelay on;
> ## Optimization of socket handling when using sendfile
> tcp_nopush on;
>
> ## Compression.
> gzip on;
> gzip_buffers 16 8k;
> gzip_comp_level 1;
> gzip_http_version 1.1;
> gzip_min_length 10;
> gzip_types text/plain text/css application/x-javascript
> text/xml application/xml application/xml+rss text/javascript
> image/x-icon application/vnd.ms-fontobject font/opentype
> application/x-font-ttf;
> gzip_vary on;
> gzip_proxied any; # Compression for all requests
> ## No need for regexps. See
> ## http://wiki.nginx.org/NginxHttpGzipModule#gzip_disable
> gzip_disable "msie6";
>
> ## Serve already compressed files directly, bypassing on-the-fly
> ## compression
> gzip_static on;
>
> ## Hide the Nginx version number.
> server_tokens off;
>
> ## Use a SSL/TLS cache for SSL session resume. This needs to be
> ## here (in this context, for session resumption to work. See this
> ## thread on the Nginx mailing list:
> ## http://nginx.org/pipermail/nginx/2010-November/023736.html
> ssl_session_cache shared:SSL:10m;
> ssl_session_timeout 10m;
>
> ## Enable clickjacking protection in modern browsers. Available in
> ## IE8 also. See
> ##
> https://developer.mozilla.org/en/The_X-FRAME-OPTIONS_response_header
> add_header X-Frame-Options SAMEORIGIN;
>
> ## add Maxmind GeoIP databases
> ## http://dev.maxmind.com/geoip/geolite
> geoip_country /etc/nginx/GeoIP.dat;
> ##geoip_country /etc/nginx/GeoIPv6.dat;
> geoip_city /etc/nginx/GeoLiteCity.dat;
> ##geoip_city /etc/nginx/GeoLiteCityv6.dat;
>
> ## Include the upstream servers for PHP FastCGI handling config.
> include upstream_phpcgi.conf;
>
> ## FastCGI cache zone definition.
> include fastcgi_cache_zone.conf;
>
> ## Include the php-fpm status allowed hosts configuration block.
> ## Uncomment to enable if you're running php-fpm.
> include php_fpm_status_allowed_hosts.conf;
>
> ## Include all vhosts.
> include /etc/nginx/sites-enabled/*;
>
> }
>
>
> # cat /etc/nginx/fastcgi.conf
>
> ### fastcgi configuration.
> fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
> include fastcgi_params;
> fastcgi_buffers 256 4k;
> fastcgi_intercept_errors on;
> ## allow 4 hrs - pass timeout responsibility to upstream
> fastcgi_read_timeout 14400;
> fastcgi_index index.php;
>
> # cat /etc/nginx/upstream_phpcgi.conf
>
> ### Upstream configuration for PHP FastCGI.
>
> ## Add as many servers as needed. Cf.
> http://wiki.nginx.org/HttpUpstreamModule.
> upstream phpcgi {
> ##server unix:/var/run/php-fpm.sock;
> server 127.0.0.1:9000;
> }
>
>
> # cat /etc/nginx/fastcgi_cache_zone.conf
>
> fastcgi_cache_path /var/lib/nginx/tmp/fastcgi levels=1:2
> keys_zone=fcgicache:100k max_size=10M inactive=3h
> loader_threshold=2592000000 loader_sleep=1 loader_files=100000;
>
>
> # cat /etc/nginx/sites-available/piwik.conf
>
> ### Nginx configuration for Piwik.
> ### based on https://github.com/perusio/piwik-nginx
>
> server {
> listen <my_public_ip>:80; # IPv4
> listen <my_public_ipv6>:80; # IPv6
>
> server_name piwik.domain.com;
>
> # always redirect to the ssl version
> rewrite ^ https://$server_name$request_uri? permanent;
> }
>
> server {
> listen <my_public_ip>:80; # IPv4
> listen <my_public_ipv6>:80; # IPv6
>
> ## SSL config
> ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
> ssl_ciphers HIGH:!aNULL:!MD5:!RC4;
> ssl_prefer_server_ciphers on;
>
> # public server cert
> ssl_certificate /etc/pki/tls/certs/piwik.domain.com.crt;
> # private server key without pass
> ssl_certificate_key /etc/pki/tls/private/piwik.domain.com.key;
> # public CA cert to verify client certs
> ssl_client_certificate /etc/pki/tls/certs/My_CA.crt;
>
> ## verify client certs
> ssl_verify_client on;
> #ssl_verify_depth 1;
>
> limit_conn arbeit 32;
> server_name piwik.domain.com;
>
> ## Access and error log files.
> access_log /var/log/nginx/piwik.domain.com_access.log;
> error_log /var/log/nginx/piwik.domain.com_error.log;
>
> root /usr/share/nginx/piwik.domain.com;
> index index.php;
>
> ## Disallow any usage of piwik assets if referer is non valid.
> location ~* ^.+\.(?:css|gif|jpe?g|js|png|swf)$ {
> ## Defining the valid referers.
> valid_referers none blocked *.domain.com domain.com;
> if ($invalid_referer) {
> return 444;
> }
> expires max;
> ## No need to bleed constant updates. Send the all shebang in one
> ## fell swoop.
> tcp_nodelay off;
> ## Set the OS file cache.
> open_file_cache max=500 inactive=120s;
> open_file_cache_valid 45s;
> open_file_cache_min_uses 2;
> open_file_cache_errors off;
> }
>
> ## Support for favicon. Return a 204 (No Content) if the favicon
> ## doesn't exist.
> location = /favicon.ico {
> try_files /favicon.ico =204;
> }
>
> ## Try all locations and relay to index.php as a fallback.
> location / {
> try_files $uri /index.php?$query_string;
> }
>
> ## Relay all index.php requests to fastcgi.
> location = /index.php {
> fastcgi_pass 127.0.0.1:9001;
> ## FastCGI cache.
> ## cache ui for 5m (set the same interval of your crontab)
> include sites-available/fcgi_piwik_cache.conf;
> fastcgi_index index.php;
> fastcgi_param SCRIPT_FILENAME
> $document_root$fastcgi_script_name;
> include fastcgi_params;
> }
>
> ## Relay all piwik.php requests to fastcgi.
> location = /piwik.php {
> fastcgi_pass 127.0.0.1:9001;
> include sites-available/fcgi_piwik_long_cache.conf;
> fastcgi_index index.php;
> fastcgi_param SCRIPT_FILENAME
> $document_root$fastcgi_script_name;
> include fastcgi_params;
> }
>
> ## Any other attempt to access PHP files redirects to the root.
> location ~* ^.+\.php$ {
> return 302 /;
> }
>
> ## Redirect to the root if attempting to access a txt file.
> location ~*
> (?:DESIGN|(?:gpl|README|LICENSE)[^.]*|LEGALNOTICE)(?:\.txt)*$ {
> return 302 /;
> }
>
> ## Disallow access to several helper files.
> location ~* \.(?:bat|html?|git|ini|sh|svn[^.]*|txt|tpl|xml)$ {
> return 404;
> }
>
> ## No crawling of this site for bots that obey robots.txt.
> location = /robots.txt {
> return 200 "User-agent: *\nDisallow: /\n";
> }
>
> ## Including the php-fpm status and ping pages config.
> ## Uncomment to enable if you're running php-fpm.
> include php_fpm_status_vhost.conf;
>
> } # server
>
>
> # cat /etc/nginx/fastcgi_params
> ### fastcgi parameters.
> fastcgi_param QUERY_STRING $query_string;
> fastcgi_param REQUEST_METHOD $request_method;
> fastcgi_param CONTENT_TYPE $content_type;
> fastcgi_param CONTENT_LENGTH $content_length;
>
> fastcgi_param SCRIPT_NAME $fastcgi_script_name;
> fastcgi_param REQUEST_URI $request_uri;
> fastcgi_param DOCUMENT_URI $document_uri;
> fastcgi_param DOCUMENT_ROOT $document_root;
> fastcgi_param SERVER_PROTOCOL $server_protocol;
>
> fastcgi_param GATEWAY_INTERFACE CGI/1.1;
> fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
>
> fastcgi_param REMOTE_ADDR $remote_addr;
> fastcgi_param REMOTE_PORT $remote_port;
> fastcgi_param SERVER_ADDR $server_addr;
> fastcgi_param SERVER_PORT $server_port;
> fastcgi_param SERVER_NAME $server_name;
>
> # Maxmind GeoIP for Piwik
> # http://piwik.org/faq/how-to/#faq_166
> fastcgi_param GEOIP_ADDR $remote_addr;
> fastcgi_param GEOIP_COUNTRY_CODE $geoip_country_code;
> fastcgi_param GEOIP_COUNTRY_NAME $geoip_country_name;
> fastcgi_param GEOIP_REGION $geoip_region;
> fastcgi_param GEOIP_REGION_NAME $geoip_region_name;
> fastcgi_param GEOIP_CITY $geoip_city;
> fastcgi_param GEOIP_AREA_CODE $geoip_area_code;
> fastcgi_param GEOIP_LATITUDE $geoip_latitude;
> fastcgi_param GEOIP_LONGITUDE $geoip_longitude;
> fastcgi_param GEOIP_POSTAL_CODE $geoip_postal_code;
>
> # PHP only, required if PHP was built with --enable-force-cgi-redirect
> fastcgi_param REDIRECT_STATUS 200;
>
> # cat /etc/php-fpm.conf
> [global]
> pid = run/php-fpm.pid
> error_log = log/php-fpm.log
> syslog.facility = daemon
> log_level = notice
> emergency_restart_threshold = 10
> emergency_restart_interval = 1
> process_control_timeout = 10s
> daemonize = yes
> rlimit_files = 131072
> rlimit_core = unlimited
> events.mechanism = epoll
>
> [piwik]
>
> user = nginx
> group = nginx
>
> listen = 127.0.0.1:9001
>
> listen.owner = nginx
> listen.group = nginx
> listen.mode = 0666
> listen.backlog = -1
>
> listen.allowed_clients = 127.0.0.1
>
> pm = dynamic
> pm.max_children = 10
> pm.start_servers = 3
> pm.min_spare_servers = 2
> pm.max_spare_servers = 4
>
> pm.status_path = /fpm-status
> ping.path = /ping
>
> access.log = /var/log/php-fpm-$pool.access.log
> slowlog = /var/log/php-fpm-$pool.slow.log
>
> request_slowlog_timeout = 5s
> request_terminate_timeout = 120s
>
> catch_workers_output = yes
>
> security.limit_extensions = .php
>
> env[HOSTNAME] = $HOSTNAME
> env[PATH] = /usr/local/bin:/usr/bin:/bin
> env[TMP] = /tmp
> env[TMPDIR] = /tmp
> env[TEMP] = /tmp
>
>
> The various errors I see are:
>
> 2013/01/08 19:31:00 [error] 638#0: *3 FastCGI sent in stderr: "Primary
> script unknown" while reading response header from upstream, client:
> <client_ipv6_address>, server: piwik.domain.com, request: "GET /
> HTTP/1.1", upstream: "fastcgi://127.0.0.1:9001", host: "piwik.domain.com"
>
> 2013/01/08 19:32:00 [error] 638#0: *15 FastCGI sent in stderr:
> "Primary script unknown", client: <client_ipv6_address>, server:
> piwik.domain.com, request: "GET / HTTP/1.1", host: "piwik.domain.com"
>
>
> Any advice or pointers to docs where I can find a solution are most
> appreciated.
>
> Thanks/спасибо,
> Patrick
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
More information about the nginx
mailing list