Nginx Forum - Nginx Mailing List - English

fastcgi_read_timeout with PHP backend (no replies)

B.R. — Sat, 25 May 2013 13:04:00 -0400

Hello,

I am trying to understand how fastcgi_read_timout works in Nginx.

Here is what I wanna do:
I list files (few MB each) on a distant place which I copy one by one
(loop) on the local disk through PHP.
I do not know the amount of files I need to copy, thus I do not know the
total amount of time I need for the script to finish its execution. What I
know is that I can ensure is a processing time limit per file.
I would like my script not to be forcefully interrupted by either sides
(PHP or Nginx) before completion.

What I did so far:
- PHP has a 'max_execution_time' of 30s (default?). In the loop copying
files, I use the set_time_limit() procedure to reinitialize the limit
before each file copy, hence each file processing has 30s to go: way enough!

- The problem seems to lie on the Nginx side, with the
'fastcgi_read_timeout' configuration entry.
I can't ensure what maximum time I need, and I would like not to use
way-off values such as 2 weeks or 1 year there. ;o)
What I understood from the
documentationis
that the timeout is reinitialized after a successful read: am I right?

The challenge is now to cut any buffering occurring on the PHP side and let
Nginx manage it (since the buffering will occur after content is being read
from the backend). Here is what I did:
* PHP's zlib.output_compression is deactivated by default in PHP
* I deactivated PHP's output_buffering (default is 4096 bytes)
* I am using the PHP flush() procedure at the end of each iteration of the
copying loop, after a message is written to the output

Current state:
* The script seems to still be cut after the expiration of the
'fastcgi_read_timout' limit (confirmed by the error log entry 'upstream
timed out (110: Connection timed out) while reading upstream')
* The PHP loop is entered several times since multiple files have been
copied
* The output sent to the browser is cut before any output from the loop
appears

It seems that there is still some unwanted buffering on the PHP side.
I also note that the PHP's flush() procedure doesn't seem to work since the
output in the browser doesn't contain any message written after eahc file
copy.

Am I misunderstanding something about Nginx here (especially about the
'fastcgi_read_timeout' directive)?
Have you any intel/piece of advice on hte matter?

Thanks,
---
*B. R.*
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Performance trouble after migration Squeeze to Wheezy (no replies)

B.R. — Fri, 24 May 2013 17:18:00 -0400

Hello,

First of all I need to emphasize the fact that I know WHeezy is not yet
supported.
What I am trying to determine how WHeezy could impact Nginx (compiled for
Squeeze) performance.

Since I made the upgrade, big files are being served in a slow fashion
(~200 kiB/s).
The directory serving them is configured with AIO and worked perfectly
before system changes.

I know Sergey listed some changes in the
dependencieshttp://mailman.nginx.org/mailman/listinfo/nginx,
but what precisely would explain such a slow-down?
Is there a defect somewhere that I can work on or just be patient and wait
for the release of the Wheezy build of Nginx?

Thanks,
---
*B. R.*
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Rewriting and proxy problem (2 replies)

Sergio Belkin — Sat, 25 May 2013 05:28:01 -0400

H folks!

I am completeley newbie to nginx

I have the following config

# Forward request to /demo to tomcat. This is for
# the BigBlueButton api demos.
location /demo {
rewrite ^ /upvc;
proxy_pass http://127.0.0.1:8080;
proxy_redirect default;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

# Allow 30M uploaded presentation document.
client_max_body_size 30m;
client_body_buffer_size 128k;

proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;

proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;

include fastcgi_params;
}

location /upvc {
alias /var/lib/tomcat6/webapps/demo;
index demo3.jsp;
expires 1m;
}

Rewrite is working but nginx is not. proxying to tomcat, because of that
returns the jsp file as a plain text file.

Please could you help me?

Thanks in advance!
--
--
Sergio Belkin http://www.sergiobelkin.com
Watch More TV http://sebelk.blogspot.com
LPIC-2 Certified - http://www.lpi.org
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

[ANN] ngx_openresty devel version 1.2.8.5 released (no replies)

agentzh — Thu, 23 May 2013 21:22:01 -0400

Hello guys!

I am happy to announce that the new development version of
ngx_openresty, 1.2.8.5, is now released:

http://openresty.org/#Download

Special thanks go to all our contributors and users for helping make
this release happen!

Below is the complete change log for this release, as compared to the
last (devel) release, 1.2.8.3:

* upgraded LuaNginxModule to 0.8.2.

* feature: added "ngx.HTTP_MKCOL", "ngx.HTTP_COPY",
"ngx.HTTP_MOVE", and other WebDAV request method constants;
also added corresponding support to ngx.req.set_method and
ngx.location.capture. thanks Adallom Roy for the patch.

* feature: allow injecting new user Lua APIs (and overriding
existing Lua APIs) in the "ngx" table.

* bugfix: ngx.req.set_body_file() always enabled Direct I/O
which caused the alert message "fcntl(O_DIRECT) ... Invalid
argument" in error logs on file systems lacking the Direct
I/O support. thanks Matthieu Tourne for reporting this
issue.

* bugfix: buffer corruption might happen in
ngx.req.set_body_file() when Nginx upstream modules were
used later because ngx.req.set_body_file() incorrectly set
"r->request_body->buf" to the in-file buffer which could get
reused by "ngx_http_upstream" for its own purposes.

* bugfix: no longer automatically turn underscores (_) to
dashes (-) in header names for ngx.req.set_header and
ngx.req.clear_header. thanks aviramc for the report.

* bugfix: segmentation fault might happen in nginx 1.4.x when
calling ngx.req.set_header on the "Cookie" request headers
because recent versions of Nginx no longer always initialize
"r->headers_in.cookies". thanks Rob W for reporting this
issue.

* bugfix: fixed the C compiler warning "argument 'nret' might
be clobbered by 'longjmp' or 'vfork'" when compiling with
Ubuntu 13.04's gcc 4.7.3. thanks jacky and Rajeev's reports.

* bugfix: temporary memory leaks might happen when using
ngx.escape_uri, ngx.unescape_uri, ngx.quote_sql_str,
ngx.decode_base64, and ngx.encode_base64 in tight Lua loops
because we allocated memory in nginx's request memory pool
for these methods.

* optimize: ngx.escape_uri now runs faster when the input
string contains no special bytes to be escaped.

* testing: added custom test scaffold t::TestNginxLua which
subclasses Test::Nginx::Socket. it supports the environment
"TEST_NGINX_INIT_BY_LUA" which can be used to add more
custom Lua code to the value of the init_by_lua directive in
the Nginx configuration.

* upgraded SrcacheNginxModule to 0.21.

* bugfix: responses with a status code smaller than all the
status codes specified in the srcache_store_statuses
directive were not skipped as expected. thanks Lanshun Zhou
for the patch.

* feature: applied the invalid_referer_hash patch to the Nginx
core to make the $invalid_referer variable accessible in
embedded dynamic languages like Perl and Lua. thanks Fry-kun for
requesting this.

* updated the dtrace patch for the Nginx core.

* print out more info about the Nginx in-file bufs in the
tapset function "ngx_chain_dump".

The HTML version of the change log with lots of helpful hyper-links
can be browsed here:

http://openresty.org/#ChangeLog1002008

OpenResty (aka. ngx_openresty) is a full-fledged web application
server by bundling the standard Nginx core, lots of 3rd-party Nginx
modules and Lua libraries, as well as most of their external
dependencies. See OpenResty's homepage for details:

http://openresty.org/

We have been running extensive testing on our Amazon EC2 test cluster
and ensure that all the components (including the Nginx core) play
well together. The latest test report can always be found here:

http://qa.openresty.org

Have fun!
-agentzh

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

proxy only certain assets based on host header? (2 replies)

amagad — Fri, 24 May 2013 09:08:02 -0400

We're trying to proxy only certain assets like png|jpg|css only when the host header is a certain DNS name. I tried to do this in the proxy.conf file using something the example below but it doesnt like the if statement. Is there a way to have nginx do what I am looking for?

if ($http_host = dnsname.com) {
location ~ ^/(stylesheets|images|javascripts|tools|flash|components)/ {
proxy_pass http://assethost
}
}

Rewriting (3 replies)

artem — Sat, 25 May 2013 06:08:01 -0400

Hi,
I use opencart with nginx+php-fpm. Sometimes it is necessary to redirect all clients, except admin (190.212.201.0/24), to "Service unavailable" page which is simple index.html file with logo, background image and some text, located in /unav directory.
Below some of nginx.conf

location / {

if ($remote_addr !~ '190\.212\.201\.[0-9]{0,3}') {
rewrite ^/(.*)$ /unav/$1 break;
return 403;
}
try_files $uri $uri/ @opencart;
}

location ^~ /unav {
}

location @opencart {
rewrite ^/(.+)$ /index.php?_route_=$1 last;
}

[...skipped...]

location ~ \.php$ {

try_files $uri =404;
fastcgi_read_timeout 60s;
fastcgi_send_timeout 60s;
include myphp-fpm.conf;

}

Problem is in rewriting.
This rule

rewrite ^/(.*)$ /unav/$1 break;

rewrite ONLY http://mysite.com/ request but in case http://mysite.com/index.php rewrite is none and request processed by location ~ \.php$ rule. Why??

Thanks!

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

NGINX error log format documentation (1 reply)

Jan Teske — Thu, 23 May 2013 15:32:01 -0400

Hey!

I want to parse NGINX error logs. However, I did not find any
documentation concerning the used log format. While the meaning of some
fields like the data is pretty obvious, for some it is not at all. In
addition, I cannot be sure that my parser is complete if I do not have a
documentation of all the possible fields. Since it seems you can change
the access log format, but not that of the error log, I really have no
idea how to get the information I need.

Is there such documentation?

I also posted this question on StackOverflow:
http://stackoverflow.com/questions/16711573/nginx-error-log-format-documentation/16711684

Thank you!

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

How to tell nginx to check dead backend in upstream adaptively? (no replies)

Ryan Chan — Thu, 23 May 2013 11:18:01 -0400

Hi,

Currently nginx will check every fail_timeout (default=10s) which is too
frequent when the backend server dead completely that require manually
replacement and it might take long time.

Definitely we can mark it as down in the config, but that is not an
automatic solution.

Is it possible to config nginx that it check adaptively?
e.g. start from 10s, then 20s, 40s, 60s etc?

Or are there any better approach?

Thanks.
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Override Content-Type header with proxied requests (4 replies)

andrea.mandolo — Fri, 24 May 2013 04:58:49 -0400

Hi !!

i have a Nginx server that operates as a reverse proxy to a my bucket in Amazon S3.

Amazon S3 service could deliver contents with wrong Content-Type header,
so i would like to override this header by referring to file extension.

In other servers i have just configured the "types" block with all mime types mapped with file estensions,
but this approach only works when Nginx delivers contents directly (as a origin server).
If the server is a reverse proxy, doesn't add a new Content-Type header, but honors Content-Type (if exists) received by the origin.

Is it possible to override the content-type response header using "types" block? Is there any best practice to override content-type header by file extensions? Is "map" suggested for this purpose or using multiple "location" block is better?

Thanks in advance!!
---
Andrea

Problem with rewrite regexes when the URL contains a trailing slash (nginx-1.5.0) (3 replies)

Roberto F. — Wed, 22 May 2013 17:18:02 -0400

Hello.
I'm having a problem with nginx's rewrite directive.
Basically, when the URL contains a trailing point, it is ignored by the
rewrite regexp.
Let's do an example:
I load http://uri/something. (with the trailing point). Then, with the
rewrite rule:
rewrite ^/something\.$ /index.html
I should see 'index.html', but instead that appears in the logfile (with
rewrite_log set at on):
2013/05/22 20:36:07 [notice] 6256#1440: *57 "^/something\.$" does not
match "/something", client: 127.0.0.1, server: localhost, request: "GET
/something. HTTP/1.1", host: "localhost"
As you can see, the trailing point is missing from the "does not match"
part of the log.

Is there any workaround for that?
Thank you in advance,
Robertof

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

NGINX SE vs. Open Source (1 reply)

JackB — Wed, 22 May 2013 08:06:02 -0400

Hello,

on your Site (http://nginx.com/products.html) you are comparing NGINX SE with the Open Source version. The table states "Basic" and "Enhanced" on many core features of NGINX. The SE/"Enhanced" column offers additional information by hovering with the mouse over the rows. Those additional information are listing well known features from the Open Source version.
Since there is no detailed comparison (and _NO HOVER_ on the "Basic" column), can you clarify:

- what exactly the differences are on the listed features?
- will currently offered features of the Open Source version be moved to the SE version? (means: removed from the Open Source version)
- will there be a documentation of how SE features work and what they offer?

Thanks.

Using http_limit_conn with a custom variable (2 replies)

Kevin Burke — Wed, 22 May 2013 10:36:07 -0400

Hi,
We're trying to use the limit_conn_zone directive to throttle incoming
HTTP requests.

We'd like to throttle based on the http basic auth variable
($remote_user), however, we must do processing on this value so the
zone does not overflow with illegitimate values. Ideally we'd want to
do something like

set $safe_remote_user "";
content_by_lua '
-- Some code to filter $remote_user values, simplified to one line here
ngx.var.safe_remote_user = $remote_user
'
limit_conn_zone $safe_remote_user zone:user 10m;

However this runs into a problem that we can only set variables inside
of the location context, but limit_conn_zone must be defined in the
http context. So, as we understand it we cannot use a variable defined
by lua in the limit_conn_zone directive. We were curious if anyone has
run into this problem, and if there are workarounds that could help us
solve this problem.

Thanks,
Kevin

----
Kevin Burke | 415-723-4116 | www.twilio.com

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

streaming request (2 replies)

pgte — Thu, 23 May 2013 14:14:01 -0400

Hi,

I'm trying to do a streaming request that uses chunked encoding that gets forwarded to a back-end node.js http server. In this case the client does not end the request before it gets a response header from the server.
This works well if using node.js standalone, but when fronted by Nginx, nginx does not forward the request to my node process and a minute later returns a 408 to the client.

I'm using nginx 1.5.0 with the following configuration:

upstream myservername {
server 127.0.0.1:8888;
}

server {
listen 80;
listen 443 ssl;

server_name myservername;

ssl_certificate ...
ssl_certificate_key ...

location / {
proxy_buffering off;
proxy_http_version 1.1;

proxy_pass http://myservername;
}
}

Any clues on how to solve this?

TIA!

--
Pedro

Looking to returning a 302 Redirect if a file is above a certain size... (no replies)

barntzen — Tue, 21 May 2013 01:27:40 -0400

Hey there,

I was looking for some guidance for a project I'm working on.

We're looking into CDNs here, and we are specifically looking for a decent origin pull service that also supports denying by referrer to prevent hotlinking. However, as it turns out almost all origin pull services *except* a service we'll call ACF restrict you to 100MB or less.

As we're not looking to have bulletproof hotlinking protection, we've determined that the best way to handle it is to serve files through the main CDN (we'll call them FSL), but have our nginx cluster return a 302 redirect if the file the "client" is requesting is over 100MB. I've confirmed with FSL that they will honor and cache that 302, which would then send clients to ACF in as clean a fashion as possible.

The long and short is: I'm trying to work out how to make nginx return a 302 if a file is over 100MB, which I'm told the Lua module should be capable of. Seeking some advice on how to do so as I'm hopeless with Lua and my searches turned up nothing.

Thanks,
~ Benjamin

Can't log/print in header_filter_by_lua (3 replies)

bhedia — Mon, 20 May 2013 20:20:01 -0400

Hi all,

I've been experimenting with rewriting 'Set Cookie' headers in a
nginx-reverse-proxy effort.

The Set-Cookie rewrite doesn't seem to work yet, and more importantly, my
log/print statements don't print to error_log as directed, making it very
difficult to debug.

http {

server {
access_log /home/bhedia/access.log;
#error_log /home/bhedia/errors.log debug;
error_log /home/bhedia/errors.log notice;

listen 80;

root /usr/share/nginx/www;
#index index.html index.htm;

# Make site accessible from http://localhost:8080/
server_name localhost;

location / {

proxy_pass http://10.45.17.85:50088/;
proxy_set_header Host booga.booga.com;
#proxy_cookie_domain test-sites.com booga.booga.com;

header_filter_by_lua '
ngx.log(ngx.NOTICE, "hello world")
local cookies = ngx.header.set_cookie
if not cookies then return end
if type(cookies) ~= "table" then cookies = {cookies} end
local newcookies = {}
for i, val in ipairs(cookies) do
local newval = string.gsub(val,
"([dD]omain)=[%w_-\\\\.-]+",
"%1=booga.booga.com")
ngx.print(val)
ngx.print(newval)
table.insert(newcookies, newval)
end
ngx.header.set_cookie = newcookies
';
}
}
}

Any help would be appreciated.

Thanks!
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Nginx balancing mechanism (no replies)

Sabik2006 — Mon, 20 May 2013 06:39:05 -0400

Hello

What balancing mechanism is used in nginx: connections are balanced, or messages in connections are balanced?

Unbuffered requests in a reverse proxy? (1 reply)

Peter Hultqvist — Mon, 20 May 2013 03:58:02 -0400

Hi

Can nginx be configured to pass through a reverse proxy request before
it has been transmitted completely?

My set-up is a public facing nginx server accepting file uploads passed
to another server via a reverse proxy configuration.
I appears as nginx is reading the entire request before passing it on to
the reverse proxy.

The back end is written to abort early if the file size is not
acceptable depending which account the client is logged in to or abort
immediately if not logged in.
Is there any buffer setting that can be set to 0 so that the request
won't be buffered?

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

[nginx] 1.4.1 + spdy + centos 6 + openssl-1.0.1e (static), firefox 21 ajax requests ssl spdy = segfault (1 reply)

epsilon2930 — Sun, 19 May 2013 21:20:57 -0400

Hello, on one of my servers, nginx suddenly started crashing on some AJAX-heavy pages when accessed via SSL+SPDY. It seems to happen only when Firefox is the client (tested with Firefox 21), latest version of chrome uses SPDY without crashing.

uname -a:
Linux myserver.com 2.6.32-358.6.2.el6.x86_64 #1 SMP Thu May 16 20:59:36 UTC 2013 x86_64 x86_64 x86_64 GNU/Linux

nginx compile flags:
CFLAGS="-g -O0" ./configure --with-pcre=/usr/local/src/nginx-1.4.1/pcre-8.32 --sbin-path=/usr/local/sbin --conf-path=/etc/nginx/nginx.conf --pid-path=/var/run/nginx.pid --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --with-http_realip_module --with-http_ssl_module --with-openssl=/usr/local/src/nginx-1.4.1/openssl-1.0.1e --with-http_spdy_module --http-client-body-temp-path=/tmp/nginx_client --http-proxy-temp-path=/tmp/nginx_proxy --http-fastcgi-temp-path=/tmp/nginx_fastcgi --with-http_stub_status_module --with-debug

nginx log when crash happens:
2013/05/19 18:05:58 [notice] 26737#0: start worker process 26899
2013/05/19 18:05:58 [notice] 26737#0: signal 29 (SIGIO) received
2013/05/19 18:05:59 [notice] 26737#0: signal 17 (SIGCHLD) received
2013/05/19 18:05:59 [alert] 26737#0: worker process 26897 exited on signal 11 (core dumped)
2013/05/19 18:05:59 [notice] 26737#0: start worker process 26907
2013/05/19 18:05:59 [notice] 26737#0: signal 29 (SIGIO) received
2013/05/19 18:06:00 [notice] 26737#0: signal 17 (SIGCHLD) received
2013/05/19 18:06:00 [alert] 26737#0: worker process 26899 exited on signal 11 (core dumped)
2013/05/19 18:06:00 [notice] 26737#0: start worker process 26909
2013/05/19 18:06:00 [notice] 26737#0: signal 29 (SIGIO) received

nginx.conf
http://pastebin.com/G9wAgyeh

gdb backtrace:
# gdb /usr/local/sbin/nginx core.26899

... snip gpl stuff ...

Reading symbols from /usr/local/sbin/nginx...done.
[New Thread 26899]
Missing separate debuginfo for
Try: yum --disablerepo='*' --enablerepo='*-debug*' install /usr/lib/debug/.build-id/50/fc20fea18a6f375789f0f86e28f463d50714fd
Reading symbols from /lib64/libpthread.so.0...(no debugging symbols found)...done.
[Thread debugging using libthread_db enabled]
Loaded symbols for /lib64/libpthread.so.0
Reading symbols from /lib64/libcrypt.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib64/libcrypt.so.1
Reading symbols from /lib64/libdl.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/libdl.so.2
Reading symbols from /lib64/libz.so.1...(no debugging symbols found)...done.
Loaded symbols for /lib64/libz.so.1
Reading symbols from /lib64/libc.so.6...(no debugging symbols found)...done.
Loaded symbols for /lib64/libc.so.6
Reading symbols from /lib64/ld-linux-x86-64.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/ld-linux-x86-64.so.2
Reading symbols from /lib64/libfreebl3.so...(no debugging symbols found)...done.
Loaded symbols for /lib64/libfreebl3.so
Reading symbols from /lib64/libnss_files.so.2...(no debugging symbols found)...done.
Loaded symbols for /lib64/libnss_files.so.2
Core was generated by `nginx: worker process '.
Program terminated with signal 11, Segmentation fault.
#0 0x0000003455283c56 in __memset_sse2 () from /lib64/libc.so.6
Missing separate debuginfos, use: debuginfo-install glibc-2.12-1.107.el6.x86_64 nss-softokn-freebl-3.12.9-11.el6.x86_64 zlib-1.2.3-29.el6.x86_64
(gdb) bt
#0 0x0000003455283c56 in __memset_sse2 () from /lib64/libc.so.6
#1 0x0000000000493a67 in ngx_http_spdy_state_data (sc=0x3035ba0, pos=0x37c78f8 "", end=0x37c78f8 "")
at src/http/ngx_http_spdy.c:1193
#2 0x0000000000492673 in ngx_http_spdy_state_head (sc=0x3035ba0, pos=0x37c78f8 "", end=0x37c78f8 "")
at src/http/ngx_http_spdy.c:699
#3 0x00000000004919e2 in ngx_http_spdy_read_handler (rev=0x7f0318ffe3b8) at src/http/ngx_http_spdy.c:364
#4 0x000000000042ac31 in ngx_event_process_posted (cycle=0x2893a30, posted=0x8d1b68)
at src/event/ngx_event_posted.c:40
#5 0x000000000042887c in ngx_process_events_and_timers (cycle=0x2893a30) at src/event/ngx_event.c:276
#6 0x0000000000435ebd in ngx_worker_process_cycle (cycle=0x2893a30, data=0x1)
at src/os/unix/ngx_process_cycle.c:807
#7 0x00000000004327ca in ngx_spawn_process (cycle=0x2893a30, proc=0x435cf7 ,
data=0x1, name=0x609c9b "worker process", respawn=1) at src/os/unix/ngx_process.c:198
#8 0x0000000000435906 in ngx_reap_children (cycle=0x2893a30) at src/os/unix/ngx_process_cycle.c:619
#9 0x00000000004345ed in ngx_master_process_cycle (cycle=0x2893a30) at src/os/unix/ngx_process_cycle.c:180
#10 0x00000000004041b6 in main (argc=3, argv=0x7fffb6c2dbd8) at src/core/nginx.c:412

Server has a Core i3 540 with HT, OS is 64-bit CentOS 6 fully patched (as of date of this message).

- kernel log when error occurred:
May 19 18:06:00 saruman kernel: nginx[26899]: segfault at 0 ip 0000003455283c56 sp 00007fffb6c2d498 error 6 in libc-2.12.so[3455200000+18a000]

The crash is highly reproducible and when it crashes the ip and sp parameters and offsets are always the same.

I hope I've posted enough info for devs to fix this, sorry for the long message.

nginx cache opendir failed (3 replies)

Ronald Van Assche — Mon, 20 May 2013 05:28:01 -0400

Hi

On a Freebsd 9.1 machine
Nginx 1.4.1

opendir() "/var/cache/www/nginx2" failed (13: Permission denied)

microcache dir :
drwxr-x--x 3 root wheel 512 May 19 17:05 /var/cache
drwxr-xr-x 3 www www 512 May 19 17:06 /var/cache/www
drwx------ 2 www www 512 May 19 17:06 nginx2

How to correct this ?

Thanks.

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

valid_referers dynamic hostname (6 replies)

vlad031@binkmail.com — Fri, 24 May 2013 07:10:46 -0400

Sorry for posting here - don't know for sure if it's the right place.

I have an issue:

1) I use nginx as reverse proxy, but I don't always know the domain name for which I'm serving, so my setup looks like this:

server_name _ $host 0.0.0.0;

2) I try to block invalid referers but when I try to add $host to valid_referers - it doesn't seem to work:

valid_referers none blocked server_names $host ~\.google\. ~\.yahoo\. ~\.bing\. ~\.ask\. ~\.live\. ~\.googleusercontent.com\. ;

How can I make this work?
Also please note that I don't know regexp.

Kind regards,
Vlad

The truth about gzip_buffers? (1 reply)

spdyg — Mon, 20 May 2013 07:28:02 -0400

Reading the docs on nginx.org and searching around, it seems there's no consensus on how we should configure gzip_buffers.

Some guides say that the total buffer needs to be greater than any file you want to gzip, or it will either not gzip the file or truncate it (I'm sure this is not true though!). Other guides suggest arbitrary values.

I guess I have a couple of questions to clear up this confusion:

1. What happens if the response is greater than the total gzip buffer. Will it simply keep the upstream connection open longer while it fills, gzips and transmits the buffers multiple times?

2. If your page size is 4k, does that mean for best efficiency shoudl you keep the size of the buffers to 4k, but just increase the total number of buffers? What is the consideration here?

3. Would having larger buffer sizes potentially allow greater compression because each buffer is compressed individually?

Thanks!

Merging equivalent cache keys? (1 reply)

roysmith649 — Sat, 18 May 2013 09:46:01 -0400

We've got a route which is used to retrieve multiple objects in parallel. The client does a GET on /api/1/station/multi?id=123&id=456&id=789. We cache these in our nginx config:

location ~ /api/[^/]+/station/multi {
proxy_pass http://localhost:8000;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

proxy_cache api;
proxy_cache_use_stale updating;
}

The problem is, clients present the ids in random order. For example, one client might ask for id=1&id=2, and another ask for id=2&id=1. Both should return exactly the same response, but map to different cache keys. For two ids, it's not that bad, but many of the calls are for large numbers of ids and the combinatorics quickly spin out of control.

Is there any way to rewrite the keys in nginx to canonicalize them? Sorting all the ids in numerical order would do it.

404s logged in error.log? (5 replies)

akurilin — Fri, 17 May 2013 23:51:02 -0400

I was wondering if someone could confirm that requests resulting in a 404 response are by default logged to error.log at error level "error".

Is that normal, or is there some piece of configuration I am missing that will stop them from being logged to error.log? I figured 404s would be an un-exceptional event that doesn't require error logging, but perhaps I'm simply not handling that situation correctly in my configuration. Worth double-checking.

Thank you!

Permissions check (1 reply)

Grant — Fri, 17 May 2013 21:36:00 -0400

I just updated nginx and was warned about permissions. Are these appropriate:

/var/log/nginx:
drwxr-x--- root root

/var/lib/nginx/tmp and /var/lib/nginx/tmp/*:
drwx------ nginx nginx

- Grant

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Choosing source-address for upstream connections (2 replies)

Bruno Prémont — Fri, 17 May 2013 09:28:02 -0400

Is there a way to tell nginx to use a specific address when talking to
an upstream?

I would like to do something like:

upstream bla {
server [D0C::1234]:8080 src [D0C::beaf];
server 1.2.3.4:8080 src 1.2.3.5;
server upstream.example.tld src site.example.tld;
}

My system has multiple local addresses and just one of them should be
used to contact the given upstream.

If host-name is provided the source address should be chosen of the
same address family as the upstream address (so it's not necessary to
explicitly state IP addresses and duplicate server entries for IPv4
and IPv6).

It's possible to do it via "src" attribute of routes though it would be
more clean to do it on the application side.
e.g.
ip route add D0C::1234/128 src D0C::beaf ethX
ip route add 1.2.3.4/32 src 1.2.3.5

Bruno

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Add [nginx] to subject lines on this mailing list? (10 replies)

Daniel Griscom — Fri, 17 May 2013 09:06:01 -0400

This mailing list is run by Gnu's Mailman application. The default
configuration for Mailman adds a "[NameOfMailList]" prefix to the
subject of every sent email, e.g.

>Subject: [Congregation] Tuesday's Notes

This makes it very easy to sort out my inbox, and gives my spam
filter something to key on.

On the nginx mailing list this has been turned off, so I find it hard
to figure out why someone unknown is writing me about "bug?", and
often find the list emails in my junk mail folder.

I'd like to have the setting turned back on; would that be OK?

Thanks,
Dan

--
Daniel T. Griscom griscom@suitable.com
Suitable Systems http://www.suitable.com/
1 Centre Street, Suite 204 (781) 665-0053
Wakefield, MA 01880-2400

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

bug? (6 replies)

suttya — Thu, 16 May 2013 09:00:03 -0400

Hy all!

I have this error and i don't know how to slove it.

https://gist.github.com/Stageline/9a643fa13d040d49f1d1

Short details: I try request url with curl seems everithing OK, getting
http 200 code, but if i try this url with external program (look program
link down) getting internal server error 500.

https://raw.github.com/arut/nginx-rtmp-module/master/ngx_rtmp_netcall_module.c

Missing some required http request header or content length wrong?

Thanks
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: access log time format (4 replies)

Casey Scott — Wed, 15 May 2013 12:26:02 -0400

Is it possible to format the time Nginx uses in access.log to match this?

"%Y-%m-%d %H:%M:%S" or 2013-05-14 15:40:21

My goal is to have Nginx access logs match the time format of the rest of our
environment so that monitoring tools/dashboards/etc. can adopt Nginx's
access logs. From what I've read, it doesn't seem to be possible, but the
posts I've seen are pretty old.

Casey

_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Nginx + Mono (OpenBSD 5.3) (no replies)

Gee — Wed, 15 May 2013 11:50:01 -0400

OK - I can confirm that nginx is in fact chroot(8) - After much playing
around, I noticed a comment in the ports documentation that mentions this
(I know, I know...)

So to solve this particular problem, I just moved my socket to
/var/www/ and ensured that my user had the appropriate permissions.

I am now able to serve a simple aspx - although mvc still remains a
challenge.

Thanks to everyone who posted!

Thanks
G
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Can I cache a page conditionally based on cookie value? (2 replies)

patng323 — Wed, 15 May 2013 06:15:31 -0400

Hi,

Using NginX as a reverse proxy, I want to cache the response ONLY if the user has NOT logged in, which can be checked by testing the existence of a cookie.

First I tried to use "if", but NginX complained that I cannot put a proxy_cache_valid inside an "if":

location / {
proxy_pass http://www.xyz.com;
if ($cookie_login = '') {
proxy_cache my-cache;
proxy_cache_valid 200 301 302 60m;
}
}

Then I tried to set the cache-duration to 0s by using a variable, but then NginX complained the time value is incorrect.
set $cacheDuration 60m;
if ($cookie_login != '') {
set $cacheDuration 0s;
}

proxy_cache my-cache;
proxy_cache_valid 200 301 302 $cacheDuration

So is there any way to cache conditionally based on the existence of a cookie?

Thanks.

- Patrick