From bmvishwas at gmail.com Mon Dec 2 05:31:04 2024 From: bmvishwas at gmail.com (Vishwas Bm) Date: Mon, 2 Dec 2024 11:01:04 +0530 Subject: Complete certificate chain not provided by nginx Message-ID: Hi, I have created pem file with the order as follows - - server crt - intermediate certificate - Root certificate. I'm using self-signed SSL certificate, and manually appended the certificates. However nginx does not provide the full chain during a tls handshake. Is this the implementation of nginx or anything we are missing here ? Regards, Vishwas -------------- next part -------------- An HTML attachment was scrubbed... URL: From fusca14 at gmail.com Mon Dec 2 19:55:44 2024 From: fusca14 at gmail.com (Fabiano Furtado Pessoa Coelho) Date: Mon, 2 Dec 2024 16:55:44 -0300 Subject: Weird behavior on ngx_http_sub_module Message-ID: Hi NGINX community! I'm using NGINX version 1.26.2 and trying to modify, for instance, the original NGINX "403 Forbidden" static HTML page to customize the body tag. The original HTML source page is... 403 Forbidden

403 Forbidden

nginx
... and I'm applying, at http{} block, the following directives (in this order): sub_filter '

' '
...

'; sub_filter '

403 Forbidden

' '

403 Access Forbidden!

'; The first sub_filter directive worked, but the second did not! So, I changed the second filter to... sub_filter '403 Forbidden

' '403 Access Forbidden!

'; ... and the substitution worked. Is this the expected behavior in these situations, where I overlap the substitution strings (

) between sub_filter directives? Thanks in advance. Fabiano From xeioex at nginx.com Tue Dec 10 20:14:18 2024 From: xeioex at nginx.com (Dmitry Volyntsev) Date: Tue, 10 Dec 2024 12:14:18 -0800 Subject: njs-0.8.8 Message-ID: <315025cc-22ed-47cf-9383-25eae91dac78@nginx.com> Hello, I'm glad to announce a new release of NGINX JavaScript module (njs). This release introduced shared dictionary for QuickJS engine. Learn more about njs: - Overview and introduction:       https://nginx.org/en/docs/njs/ - NGINX JavaScript in Your Web Server Configuration:       https://youtu.be/Jc_L6UffFOs - Extending NGINX with Custom Code:       https://youtu.be/0CVhq4AUU7M - Using node modules with njs:       https://nginx.org/en/docs/njs/node_modules.html - Writing njs code using TypeScript definition files:       https://nginx.org/en/docs/njs/typescript.html Feel free to try it and give us feedback on: - Github:       https://github.com/nginx/njs/issues Additional examples and howtos can be found here: - Github:       https://github.com/nginx/njs-examples Changes with njs 0.8.8                                       10 Dec 2024     nginx modules:     *) Feature: implemented shared dictionary for QuickJS engine.     *) Improvement: js_preload_object is refactored.     *) Bugfix: fixed rate-limited output.     *) Bugfix: optimized use of SSL contexts for        js_fetch_trusted_certificate directive.     Core:     *) Feature: implemented process object for QuickJS engine.     *) Feature: implemented process.kill() method.     *) Bugfix: fixed tests with libxml2 2.13 and later.     *) Bugfix: fixed promise resolving when Promise is inherited.     *) Bugfix: fixed absolute scope in cloned VMs. From Ralf.Figge at bitmail.prima.de Fri Dec 27 21:15:15 2024 From: Ralf.Figge at bitmail.prima.de (Ralf Figge) Date: Fri, 27 Dec 2024 22:15:15 +0100 Subject: nginx and python script Message-ID: Hello, i am a newbee from nginx. I need to run a python script via cgi-bin. I search for information about python and nginx, and found fcgiwrap und uwsig. I test uwsig (as cgi-bin), but there i become only error 502 Gateway error. fcgiwrap looks like better, But i have 1 problem with it: Here some code for the sript; ---------------------------- #!/usr/bin/python3 import os environ = os.environ serial = "unknown"     serial = environ["SERIAL"] serial = serial.strip() ... http://server/cgi-bin/another_script.py?{serial} --------------------------------------------------- My Problem is, that the call "another_script.py" does not have the parameter "?{serial}". (i make a tcpdump from the interface) Has somebody any idea, why it doesn´t go with fcgiwrap? It runs under Debian 12, python 3.12, nginx 1.26.2 . regards Ralf From jeff.dyke at gmail.com Fri Dec 27 21:36:17 2024 From: jeff.dyke at gmail.com (Jeff Dyke) Date: Fri, 27 Dec 2024 16:36:17 -0500 Subject: nginx and python script In-Reply-To: References: Message-ID: Pass {serial} to your proxy from a normal nginx args variable. location /another_script { proxy_pass http://server/cgi-bin/another_script.py? $args } And then you'll likely want to change from environ to the query string. I would also make this ?serial=foo. As the query params are converted to a dict/dataclass. On Fri, Dec 27, 2024 at 4:15 PM Ralf Figge via nginx wrote: > Hello, > > i am a newbee from nginx. I need to run a python script via cgi-bin. I > search for information about python and nginx, and found fcgiwrap und > uwsig. > I test uwsig (as cgi-bin), but there i become only error 502 Gateway > error. fcgiwrap looks like better, But i have 1 problem with it: > Here some code for the sript; > ---------------------------- > #!/usr/bin/python3 > > import os > environ = os.environ > serial = "unknown" > serial = environ["SERIAL"] > serial = serial.strip() > ... > http://server/cgi-bin/another_script.py?{serial} > --------------------------------------------------- > > My Problem is, that the call "another_script.py" does not have the > parameter "?{serial}". (i make a tcpdump from the interface) Has > somebody any idea, why it doesn´t go with fcgiwrap? > > It runs under Debian 12, python 3.12, nginx 1.26.2 . > > regards > Ralf > _______________________________________________ > nginx mailing list > nginx at nginx.org > https://mailman.nginx.org/mailman/listinfo/nginx > -------------- next part -------------- An HTML attachment was scrubbed... URL: From Ralf.Figge at bitmail.prima.de Sat Dec 28 12:16:00 2024 From: Ralf.Figge at bitmail.prima.de (Ralf Figge) Date: Sat, 28 Dec 2024 13:16:00 +0100 Subject: nginx and python script In-Reply-To: References: Message-ID: <85193867-4c5c-43b7-a3dd-ce381051cfab@bitmail.prima.de> Hi Jeff, /i am not shure, that this will be run ok. That was not the full line to call. I had think, that was only something to change in fcgiwrap. This was a part from a ZTP . Here the full python script, which run without changing under apache2 with mod_cgid. ------------------------------------------------------------------------------------------------------------------------------------- #!/usr/bin/python3 import os environ = os.environ serial = "unknown" ztp_server = "10.1.8.241" if "HTTP_X_ARISTA_SERIAL" in environ:     serial = environ["HTTP_X_ARISTA_SERIAL"] serial = serial.strip() print("Content-Type: text/plain") print() print(f"""#!/usr/bin/Cli -p2 enable zerotouch script-exec-timeout 18000 copy http://{ztp_server}/ztp/EOS-4.30.1F.swi flash:EOS-4.30.1F.swi copy http://{ztp_server}/cgi-bin/ztp/create-startup-config.py?{serial} flash:startup-config config boot system flash:EOS-4.30.1F.swi reload """) ------------------------------------------------------------------------------------------------------------------------------------ The //create-startup-config.py run correkt, i have it tested with a manual call. / / /Am 27.12.2024 um 22:36 schrieb Jeff Dyke: > Pass {serial} to your proxy from a normal nginx args variable. > location /another_script { >     proxy_pass http://server/cgi-bin/another_script.py? > $args > } > And then you'll likely want to change from environ to the query > string.  I would also make this ?serial=foo.  As the query params are > converted to a dict/dataclass. > > On Fri, Dec 27, 2024 at 4:15 PM Ralf Figge via nginx > wrote: > > Hello, > > i am a newbee from nginx. I need to run a python script via > cgi-bin. I > search for information about python and nginx, and found fcgiwrap und > uwsig. > I test uwsig (as cgi-bin), but there i become only error 502 Gateway > error. fcgiwrap looks like better, But i have 1 problem with it: > Here some code for the sript; > ---------------------------- > #!/usr/bin/python3 > > import os > environ = os.environ > serial = "unknown" >      serial = environ["SERIAL"] > serial = serial.strip() > ... > http://server/cgi-bin/another_script.py?{serial} > > --------------------------------------------------- > > My Problem is, that the call "another_script.py" does not have the > parameter "?{serial}". (i make a tcpdump from the interface) Has > somebody any idea, why it doesn´t go with fcgiwrap? > > It runs under Debian 12, python 3.12, nginx 1.26.2 . > > regards > Ralf > _______________________________________________ > nginx mailing list > nginx at nginx.org > https://mailman.nginx.org/mailman/listinfo/nginx > > > _______________________________________________ > nginx mailing list > nginx at nginx.org > https://mailman.nginx.org/mailman/listinfo/nginx -------------- next part -------------- An HTML attachment was scrubbed... URL: