From mike503 at gmail.com  Wed Jul  1 04:10:26 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Tue, 30 Jun 2009 17:10:26 -0700
Subject: What is the nginx equivalent of this?
Message-ID: <bd9320b30906301710u3ac817b6if7a6670f35131755@mail.gmail.com>

In Apache this is the example:
SSLCipherSuite ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP

Is this it?
ssl_ciphers ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP;




From delta.yeh at gmail.com  Wed Jul  1 07:09:39 2009
From: delta.yeh at gmail.com (Delta Yeh)
Date: Wed, 1 Jul 2009 11:09:39 +0800
Subject: What is the nginx equivalent of this?
In-Reply-To: <bd9320b30906301710u3ac817b6if7a6670f35131755@mail.gmail.com>
References: <bd9320b30906301710u3ac817b6if7a6670f35131755@mail.gmail.com>
Message-ID: <beffb2170906302009u27b88b25t3c7399d8106be9dc@mail.gmail.com>

Does it looks alike? :)

2009/7/1 Michael Shadle <mike503 at gmail.com>

> In Apache this is the example:
> SSLCipherSuite ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP
>
> Is this it?
> ssl_ciphers ALL:-ADH:+HIGH:+MEDIUM:-LOW:-SSLv2:-EXP;
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090701/a5988649/attachment.html>

From yazz.atlas at gmail.com  Wed Jul  1 10:09:11 2009
From: yazz.atlas at gmail.com (Yazz Atlas)
Date: Tue, 30 Jun 2009 23:09:11 -0700
Subject: Help with autoindex on; missing slash for directories
Message-ID: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com>

I'm working on upgrading some servers running nginx-0.6.34 to either
nginx-0.8.4 or nginx-0.7.61. The problem is I have another tool that
was crawling the nginx directory and following all the directories it
found. With the latest version of nginx the the directories aren't
given a slash so doing the automated crawl fails.

The older nginx-0.6.34 output the following: ( Added pre tag to
prevent auto formatting from happening.)

<pre>

<html>
<head><title>Index of /static/</title></head>
<body bgcolor="white">
<h1>Index of /static/</h1><hr><pre><a href="../">../</a>
<a href="site/">site/</a>  30-Jun-2009 21:49                   -
</pre><hr></body>
</html>

</pre>

The newer  nginx-0.8.4 and nginx-0.7.61 out puts the following:

<pre>

<html>
<head><title>Index of /static/</title></head>
<body bgcolor="white">
<h1>Index of /static/</h1><hr><pre><a href="../">../</a>
<a href="site">site</a>  30-Jun-2009 21:49                   -
</pre><hr></body>
</html>

</pre>

Notice the missing slash after the word site. I was relying on having
the slash so I could navigate down directories with my crawler.

 Any one have a solution to add the slash back?

Thanks!

-Yazz Atlas




From mdounin at mdounin.ru  Wed Jul  1 13:30:47 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 1 Jul 2009 13:30:47 +0400
Subject: Help with autoindex on; missing slash for directories
In-Reply-To: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com>
Message-ID: <20090701093047.GC5360@mdounin.ru>

Hello!

On Tue, Jun 30, 2009 at 11:09:11PM -0700, Yazz Atlas wrote:

> I'm working on upgrading some servers running nginx-0.6.34 to either
> nginx-0.8.4 or nginx-0.7.61. The problem is I have another tool that
> was crawling the nginx directory and following all the directories it
> found. With the latest version of nginx the the directories aren't
> given a slash so doing the automated crawl fails.

[...]

> Notice the missing slash after the word site. I was relying on having
> the slash so I could navigate down directories with my crawler.
> 
>  Any one have a solution to add the slash back?

Which OS?  Which filesystem?

And could you please:

1. Test if this regression appeared in 0.7.40.

2. Show ./configure output on your system.

Maxim Dounin




From nginx-forum at nginx.us  Wed Jul  1 14:23:12 2009
From: nginx-forum at nginx.us (miradev)
Date: Wed, 1 Jul 2009 06:23:12 -0400
Subject: More subdomain mapping (dynamic 'root'?)
Message-ID: <ebca29ddbcbb0fcc8132761179f01276.NginxMailingList@forum.nginx.org>

I want to be able to map submains and urls to determined locations on disk, if they exist.

The URL structure is something like: http://.admin.domain.com/

Where  would letters, numbers and underscores , and  is a domain name (e.g.  http://cnn.admin.domain.com/www.cnnminiblog.com)

Nginx should check if /var/www/clients//admin//html/ exists and use that as root:

Some horrible pseudo code:


server {
  listen localhost: 80;
  server_name *.admin.domain.com;

  if ($host ~ (*).admin.domain.com) {
    set $client = $1;
    if ($url ~ ^([^/]*)) {
      set $project = $1;
      set $myroot = /var/www/clients/$client/admin/$project/html;
      if ( -e $myroot ){
        root $myroot;
      }
    }
  }
  ...
}


If this is not very 'nginxy', I am very open to alternate solutions.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3586,3586#msg-3586





From info at pcintelligence.nl  Wed Jul  1 15:59:31 2009
From: info at pcintelligence.nl (Michiel van Es)
Date: Wed, 01 Jul 2009 13:59:31 +0200
Subject: question about nginx, slowloris and fastcgi
Message-ID: <4A4B4FA3.4020205@pcintelligence.nl>

Hi,

i am new to Nginx and I am testing the latest stable Nginx as webserver
with slowloris.
When I test slowloris on my php enabled website I see Nginx running to
100% and get the following error:

500 Internal Server Error

I don't think Nginx crashes (although the 100% cpu concerns me) but I
think fastcgi/php is crashing.

Are other people using Nginx and fastcgi/php are also experiencing this
behaviour and is there a fix to ensure that my website is still running
when slowloris is checking?

Kind regards,

Michiel





From lists at ruby-forum.com  Wed Jul  1 16:18:05 2009
From: lists at ruby-forum.com (Mahiti Support)
Date: Wed, 1 Jul 2009 14:18:05 +0200
Subject: How to put rewrite rules for multiple plone instances
In-Reply-To: <20090128103127.GG14282@rambler-co.ru>
References: <441be1cb0901152328j7bef1a63t867334fc4335d60b@mail.gmail.com> <441be1cb0901160348w33a4c83es825c0b00819e80dd@mail.gmail.com> <20090116121345.GO39529@rambler-co.ru>
	<441be1cb0901160725k433982aar38b27196044f4b93@mail.gmail.com> <20090116154002.GS39529@rambler-co.ru> <441be1cb0901162232r5db93595veb891ef4b002c248@mail.gmail.com>
	<20090117080823.GW39529@rambler-co.ru> <441be1cb0901212051h158f5c0coaf5276cccf5a8ac4@mail.gmail.com> <20090122060941.GA19797@rambler-co.ru>
	<441be1cb0901280226s4b772356jd97991c631e0611a@mail.gmail.com> <20090128103127.GG14282@rambler-co.ru>
Message-ID: <e00a7e1c8b2341dce61ffe080b385acf@ruby-forum.com>

Igor Sysoev wrote:
> On Wed, Jan 28, 2009 at 03:56:53PM +0530, Vishnu Kumar D R wrote:
> 
>> Hi Igor,
>> 
>> Let me make it to the point
>> 
>> whats the nginx equivalent for the statement in apache2?
>> RewriteRule ^/(.*)
>> http://localhost:8080/VirtualHostBase/http/%{HTTP_HOST}:80/$1 [L,P]
> 
> location / {
>     proxy_pass 
> http://127.0.0.1:8080/VirtualHostBase/http/$host:80$request_uri;
> }

Hi Igor,

Then what is it for
RewriteRule ^/(.*) 
http://127.0.0.1:8050/VirtualHostBase/http/%{HTTP_HOST}:80/live/automiddleeast/VirtualHostRoot/$1 
[L,P]

Thanks
Vishnu
-- 
Posted via http://www.ruby-forum.com/.




From mdounin at mdounin.ru  Wed Jul  1 16:30:29 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 1 Jul 2009 16:30:29 +0400
Subject: question about nginx, slowloris and fastcgi
In-Reply-To: <4A4B4FA3.4020205@pcintelligence.nl>
References: <4A4B4FA3.4020205@pcintelligence.nl>
Message-ID: <20090701123029.GE5360@mdounin.ru>

Hello!

On Wed, Jul 01, 2009 at 01:59:31PM +0200, Michiel van Es wrote:

> Hi,
> 
> i am new to Nginx and I am testing the latest stable Nginx as webserver
> with slowloris.
> When I test slowloris on my php enabled website I see Nginx running to
> 100% and get the following error:
> 
> 500 Internal Server Error
> 
> I don't think Nginx crashes (although the 100% cpu concerns me) but I
> think fastcgi/php is crashing.

What's in error_log?

Symptoms suggest that you've run out of file descriptors in your 
OS.  At start nginx tries to warn you about the problem if 
worker_connections are more than open file resource limit, but 
even this isn't enough (since every connection usually allocates at 
leas 2 file descriptors, and system-wide limit for all processes 
isn't taken into account).

Maxim Dounin

> 
> Are other people using Nginx and fastcgi/php are also experiencing this
> behaviour and is there a fix to ensure that my website is still running
> when slowloris is checking?
> 
> Kind regards,
> 
> Michiel
> 
> 




From artifexor at gmail.com  Wed Jul  1 16:30:51 2009
From: artifexor at gmail.com (Artifex Maximus)
Date: Wed, 1 Jul 2009 14:30:51 +0200
Subject: question about nginx, slowloris and fastcgi
In-Reply-To: <4A4B4FA3.4020205@pcintelligence.nl>
References: <4A4B4FA3.4020205@pcintelligence.nl>
Message-ID: <9cbf3f070907010530p1e665fefy21cd0f6ea8696d@mail.gmail.com>

Hi!
On Wed, Jul 1, 2009 at 1:59 PM, Michiel van Es <info at pcintelligence.nl>wrote:

> Are other people using Nginx and fastcgi/php are also experiencing this
> behaviour and is there a fix to ensure that my website is still running
> when slowloris is checking?


Check this thread:
http://forum.nginx.org/read.php?2,3151,3151

Bye,
a
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090701/d69fcde7/attachment.html>

From info at pcintelligence.nl  Wed Jul  1 17:19:08 2009
From: info at pcintelligence.nl (Michiel van Es)
Date: Wed, 01 Jul 2009 15:19:08 +0200
Subject: question about nginx, slowloris and fastcgi
In-Reply-To: <20090701123029.GE5360@mdounin.ru>
References: <4A4B4FA3.4020205@pcintelligence.nl> <20090701123029.GE5360@mdounin.ru>
Message-ID: <4A4B624C.5050608@pcintelligence.nl>



-------- Original Message --------
Subject: Re: question about nginx, slowloris and fastcgi
From: Maxim Dounin <mdounin at mdounin.ru>
To: nginx at sysoev.ru
Date: 07/01/2009 02:30 PM

> Hello!
> 
> On Wed, Jul 01, 2009 at 01:59:31PM +0200, Michiel van Es wrote:
> 
>> Hi,
>>
>> i am new to Nginx and I am testing the latest stable Nginx as webserver
>> with slowloris.
>> When I test slowloris on my php enabled website I see Nginx running to
>> 100% and get the following error:
>>
>> 500 Internal Server Error
>>
>> I don't think Nginx crashes (although the 100% cpu concerns me) but I
>> think fastcgi/php is crashing.
> 
> What's in error_log?

2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)
2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
files)

> 
> Symptoms suggest that you've run out of file descriptors in your 
> OS.  At start nginx tries to warn you about the problem if 
> worker_connections are more than open file resource limit, but 
> even this isn't enough (since every connection usually allocates at 
> leas 2 file descriptors, and system-wide limit for all processes 
> isn't taken into account).

You're right but how can I stop this?
Or how canI stop the slowloris attack..is it php fastcgi which is
vulnerable to the slowloris DoS?

> 
> Maxim Dounin

Michiel

> 
>> Are other people using Nginx and fastcgi/php are also experiencing this
>> behaviour and is there a fix to ensure that my website is still running
>> when slowloris is checking?
>>
>> Kind regards,
>>
>> Michiel
>>
>>
> 




From mdounin at mdounin.ru  Wed Jul  1 17:44:17 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 1 Jul 2009 17:44:17 +0400
Subject: question about nginx, slowloris and fastcgi
In-Reply-To: <4A4B624C.5050608@pcintelligence.nl>
References: <4A4B4FA3.4020205@pcintelligence.nl> <20090701123029.GE5360@mdounin.ru> <4A4B624C.5050608@pcintelligence.nl>
Message-ID: <20090701134416.GF5360@mdounin.ru>

Hello!

On Wed, Jul 01, 2009 at 03:19:08PM +0200, Michiel van Es wrote:

> 
> 
> -------- Original Message --------
> Subject: Re: question about nginx, slowloris and fastcgi
> From: Maxim Dounin <mdounin at mdounin.ru>
> To: nginx at sysoev.ru
> Date: 07/01/2009 02:30 PM
> 
> > Hello!
> > 
> > On Wed, Jul 01, 2009 at 01:59:31PM +0200, Michiel van Es wrote:
> > 
> >> Hi,
> >>
> >> i am new to Nginx and I am testing the latest stable Nginx as webserver
> >> with slowloris.
> >> When I test slowloris on my php enabled website I see Nginx running to
> >> 100% and get the following error:
> >>
> >> 500 Internal Server Error
> >>
> >> I don't think Nginx crashes (although the 100% cpu concerns me) but I
> >> think fastcgi/php is crashing.
> > 
> > What's in error_log?
> 
> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
> files)
> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
> files)
> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
> files)
> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
> files)
> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
> files)
> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
> files)
> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
> files)
> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
> files)
> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
> files)
> 
> > 
> > Symptoms suggest that you've run out of file descriptors in your 
> > OS.  At start nginx tries to warn you about the problem if 
> > worker_connections are more than open file resource limit, but 
> > even this isn't enough (since every connection usually allocates at 
> > leas 2 file descriptors, and system-wide limit for all processes 
> > isn't taken into account).
> 
> You're right but how can I stop this?

See your OS tuning guides.  Under FreeBSD use something like:

sysctl kern.maxfiles=65535
sysctl kern.maxfilesperproc=60000

Note that other OS limits likely needs tuning too.

> Or how canI stop the slowloris attack..is it php fastcgi which is
> vulnerable to the slowloris DoS?

When nginx with fastcgi_pass used in front of fastcgi - slowloris 
attack won't reach fastcgi.

Maxim Dounin




From nunomagalhaes at eu.ipp.pt  Wed Jul  1 17:52:06 2009
From: nunomagalhaes at eu.ipp.pt (=?UTF-8?Q?Nuno_Magalh=C3=A3es?=)
Date: Wed, 1 Jul 2009 14:52:06 +0100
Subject: 404 instead of "no inout file specified"?
Message-ID: <6b1504c40907010652ib89ca65j40f918eb4035c3d5@mail.gmail.com>

Greetings,

If i provide a valid URL, it's processed.
If i provide an invalid URL, nginx shows the 404 page except it the
invalid URL ends in .php - in that case i get the "no input file
specified" message.

I'm in the process of changing my php files to an html extension (i
assume that would "fix" things), however, i'd like to get a 404
instead of the message regardless.

I tried using "fastcgi_intercept_errors off" in the conf for my server
(in sites-available), but it didn't do anything (i did restart both
nginx and the fast-cgi processes).

Is there a better way?

TIA,
Nuno Magalh?es

-- 
()  ascii ribbon campaign - against html e-mail
/\  ascii-rubanda kampajno - kontra? html-a retpo?to




From roxis at list.ru  Wed Jul  1 18:01:21 2009
From: roxis at list.ru (Roxis)
Date: Wed, 1 Jul 2009 16:01:21 +0200
Subject: 404 instead of "no inout file specified"?
In-Reply-To: <6b1504c40907010652ib89ca65j40f918eb4035c3d5@mail.gmail.com>
References: <6b1504c40907010652ib89ca65j40f918eb4035c3d5@mail.gmail.com>
Message-ID: <200907011601.21147.roxis@list.ru>

On Wednesday 01 July 2009, Nuno Magalh?es wrote:
> Greetings,
>
> If i provide a valid URL, it's processed.
> If i provide an invalid URL, nginx shows the 404 page except it the
> invalid URL ends in .php - in that case i get the "no input file
> specified" message.
>
> I'm in the process of changing my php files to an html extension (i
> assume that would "fix" things), however, i'd like to get a 404
> instead of the message regardless.
>
> I tried using "fastcgi_intercept_errors off" in the conf for my server
> (in sites-available), but it didn't do anything (i did restart both
> nginx and the fast-cgi processes).
>
> Is there a better way?
>
> TIA,
> Nuno Magalh?es

fastcgi_intercept_errors is off by default
you need to set it on

fastcgi_intercept_errors on;




From mdounin at mdounin.ru  Wed Jul  1 18:20:46 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 1 Jul 2009 18:20:46 +0400
Subject: 404 instead of "no inout file specified"?
In-Reply-To: <6b1504c40907010652ib89ca65j40f918eb4035c3d5@mail.gmail.com>
References: <6b1504c40907010652ib89ca65j40f918eb4035c3d5@mail.gmail.com>
Message-ID: <20090701142046.GG5360@mdounin.ru>

Hello!

On Wed, Jul 01, 2009 at 02:52:06PM +0100, Nuno Magalh?es wrote:

> Greetings,
> 
> If i provide a valid URL, it's processed.
> If i provide an invalid URL, nginx shows the 404 page except it the
> invalid URL ends in .php - in that case i get the "no input file
> specified" message.

Looks like you've configured passing urls ending with ".php" to 
php for processing.  So you got errors from php, not from nginx.  
It's expected behaviour, no?

And, actually, "no input file specified" *is* 404 error.  It's 
just has some fancy php-specific content.

> I'm in the process of changing my php files to an html extension (i
> assume that would "fix" things), however, i'd like to get a 404
> instead of the message regardless.
> 
> I tried using "fastcgi_intercept_errors off" in the conf for my server
> (in sites-available), but it didn't do anything (i did restart both
> nginx and the fast-cgi processes).
> 
> Is there a better way?

If you want to change error page returned by php to something 
pretty-looking, you should:

1. Use "fastcgi_intercept_errors on;" to instruct nginx to 
intercept and change errors returned by fastcgi application.

2. Make sure you explicitly configured error_page for 404.  
Default compiled-in error pages are used only for nginx own 
errors, not for fastcgi_intercept_errors/proxy_intercept_errors.

So your resulting config should look like:

    error_page  404  /404.html;

    location ~ \.php$ {
        fastcgi_pass ...;
        fastcgi_intercept_errors on;
    }

    ...

Maxim Dounin




From mdounin at mdounin.ru  Wed Jul  1 18:28:37 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 1 Jul 2009 18:28:37 +0400
Subject: How to put rewrite rules for multiple plone instances
In-Reply-To: <e00a7e1c8b2341dce61ffe080b385acf@ruby-forum.com>
References: <20090116121345.GO39529@rambler-co.ru> <441be1cb0901160725k433982aar38b27196044f4b93@mail.gmail.com> <20090116154002.GS39529@rambler-co.ru> <441be1cb0901162232r5db93595veb891ef4b002c248@mail.gmail.com> <20090117080823.GW39529@rambler-co.ru> <441be1cb0901212051h158f5c0coaf5276cccf5a8ac4@mail.gmail.com> <20090122060941.GA19797@rambler-co.ru> <441be1cb0901280226s4b772356jd97991c631e0611a@mail.gmail.com> <20090128103127.GG14282@rambler-co.ru> <e00a7e1c8b2341dce61ffe080b385acf@ruby-forum.com>
Message-ID: <20090701142837.GH5360@mdounin.ru>

Hello!

On Wed, Jul 01, 2009 at 02:18:05PM +0200, Mahiti Support wrote:

> Igor Sysoev wrote:
> > On Wed, Jan 28, 2009 at 03:56:53PM +0530, Vishnu Kumar D R wrote:
> > 
> >> Hi Igor,
> >> 
> >> Let me make it to the point
> >> 
> >> whats the nginx equivalent for the statement in apache2?
> >> RewriteRule ^/(.*)
> >> http://localhost:8080/VirtualHostBase/http/%{HTTP_HOST}:80/$1 [L,P]
> > 
> > location / {
> >     proxy_pass 
> > http://127.0.0.1:8080/VirtualHostBase/http/$host:80$request_uri;
> > }
> 
> Hi Igor,
> 
> Then what is it for
> RewriteRule ^/(.*) 
> http://127.0.0.1:8050/VirtualHostBase/http/%{HTTP_HOST}:80/live/automiddleeast/VirtualHostRoot/$1 
> [L,P]

Sorry, I'm not Igor, but probably something like

    location / {
        proxy_pass http://127.0.0.1:8050/VirtualHostBase/http/$host:80/live/automiddleeast/VirtualHostRoot$request_uri;
    }

will work for you.

Maxim Dounin




From valery+nginxen at grid.net.ru  Wed Jul  1 19:52:29 2009
From: valery+nginxen at grid.net.ru (Valery Kholodkov)
Date: Wed, 1 Jul 2009 16:52:29 +0100 (BST)
Subject: How to handle NGX_AGAIN returned by
 ngx_http_read_client_request_body() within handler module?
In-Reply-To: <15d512b5e71760db17d3b689b07a7fee.NginxMailingList@forum.nginx.org>
Message-ID: <6436495.72181246463549528.JavaMail.root@zone.mtgsy.net>


Could you please show the code where you install the handler?

----- sayeo87 <nginx-forum at nginx.us> wrote:
> Thanks guys for your replies. I have previously looked at how NGX_AGAIN is handled in the nginx source, and its along the lines of if ngx_http_read_client_request_body returns anything other than NGX_OK, return that from the module, otherwise return NGX_DONE. The problem is when I do this, my module is never called again.
> 
> @Mike: I have tried what you described and it it promising in the sense that it appears that my handler function (2nd arg to ngx_http_read_client_request_body()) gets called again, but the handler function never returns to the main-line code of the module. Is this supposed to be expected behavior?
> 
> I'm just confused because the way this is handled in the Nginx source does not seem to work, even though some people such as as http://markmail.org/message/knchl7ricknggvws have had success with it.
 
-- 
Regards,
Valery Kholodkov




From yazz.atlas at gmail.com  Wed Jul  1 20:48:29 2009
From: yazz.atlas at gmail.com (Yazz Atlas)
Date: Wed, 01 Jul 2009 09:48:29 -0700
Subject: Help with autoindex on; missing slash for directories
In-Reply-To: <20090701093047.GC5360@mdounin.ru>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com> <20090701093047.GC5360@mdounin.ru>
Message-ID: <4A4B935D.3030803@gmail.com>

On 7/1/09 2:30 AM, Maxim Dounin wrote:
> Hello!
>
> On Tue, Jun 30, 2009 at 11:09:11PM -0700, Yazz Atlas wrote:
>
>> I'm working on upgrading some servers running nginx-0.6.34 to either
>> nginx-0.8.4 or nginx-0.7.61. The problem is I have another tool that
>> was crawling the nginx directory and following all the directories it
>> found. With the latest version of nginx the the directories aren't
>> given a slash so doing the automated crawl fails.
>
> [...]
>
>> Notice the missing slash after the word site. I was relying on having
>> the slash so I could navigate down directories with my crawler.
>>
>>   Any one have a solution to add the slash back?
>
> Which OS?  Which filesystem?

CentOS release 5.3 (Final) with ext3 filesystem, Linux example 
2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64 
x86_64 GNU/Linux

> And could you please:
>
> 1. Test if this regression appeared in 0.7.40.

The problem still exists with 0.7.40. I did compiled 0.6.38 and it does 
not have the problem. However I would like to move to the either 0.7.x 
or 0.8.x.

> 2. Show ./configure output on your system.

[root at example nginx-0.7.40]# ./configure  --http-proxy-temp-path=/tmp 
--prefix=/opt/nginx --with-http_ssl_module 
--with-http_gzip_static_module 
--http-fastcgi-temp-path=/opt/nginx/fastcgi_temp 
--http-proxy-temp-path=/opt/nginx/proxy_temp 
--http-client-body-temp-path=/opt/nginx/client_body_temp --group=nobody 
--user=nobody --prefix=/opt/nginx --with-http_realip_module 
--with-http_secure_link_module --with-http_stub_status_module 
--with-http_xslt_module/nginx/checking for OSp --group=nobody 
--user=nobody --prefix=/opt/nginx --with-http_realip_module  + Linux 
2.6.18-128.1.10.el5 x86_64
checking for C compiler ... found
  + using GNU C compiler0704 (Red Hat 4.1.2-44)
  + gcc version: 4.1.2 20080704 (Red Hat 4.1.2-44)--prefix=/opt/nginx 
--with-http_ssl_module checking for gcc -pipe switch ... 
foundastcgi-temp-path=/opt/nginx/fastcgi_temp --http-proxychecking for 
gcc variadic macros ... foundchecking for C99 variadic macros ... 
foundginx --with-http_realip_module --with-http_secure_checking for 
unistd.h ... foundatus_module --with-http_xslt_module
checking for inttypes.h ... found
checking for limits.h ... found
checking for sys/filio.h ... not found
checking for crypt.h ... found
checking for Linux specific features
checking for epoll ... found.40/
checking for sendfile() ... found
checking for sendfile64() ... found
checking for sys/prctl.h ... foundgure  --http-proxy-temp-path=/tmp 
--prefix=/opt/nginx --wichecking for prctl(PR_SET_DUMPABLE) ... 
founddule --http-fastcgi-temp-path=/opt/nginx/fastcgchecking for 
sched_setaffinity() ... foundroxy_temp 
--http-client-body-temp-path=/opt/nginx/checking for poll() ... founddy 
--user=nobody --prefix=/opt/nginx --with-http_realip_module checking for 
/dev/poll ... not found
checking for kqueue ... not found
checking for crypt() ... not found
checking for crypt() in libcrypt ... found
checking for O_DIRECT ... found
checking for F_NOCACHE ... not found
checking for directio() ... not found
checking for PCRE library ... found
checking for OpenSSL library ... found
checking for zlib library ... found
checking for libxslt ... found
checking for libexslt ... found
checking for int size ... 4 bytes
checking for long size ... 8 bytes
checking for long long size ... 8 bytes
checking for void * size ... 8 bytes
checking for uint64_t ... found
checking for sig_atomic_t ... found
checking for sig_atomic_t size ... 4 bytes
checking for socklen_t ... found
checking for in_addr_t ... found
checking for in_port_t ... found
checking for rlim_t ... found
checking for uintptr_t ... uintptr_t found
checking for system endianess ... little endianess
checking for size_t size ... 8 bytes
checking for off_t size ... 8 bytes
checking for time_t size ... 8 bytes
checking for setproctitle() ... not found
checking for pread() ... found
checking for pwrite() ... found
checking for strerror_r() ... found but is not working
checking for gnu style strerror_r() ... found
checking for localtime_r() ... found
checking for posix_memalign() ... found
checking for memalign() ... found
checking for sched_yield() ... found
checking for mmap(MAP_ANON|MAP_SHARED) ... found
checking for mmap("/dev/zero", MAP_SHARED) ... found
checking for System V shared memory ... found
checking for struct msghdr.msg_control ... found
checking for ioctl(FIONBIO) ... found
checking for struct tm.tm_gmtoff ... found
checking for struct dirent.d_namlen ... not found
checking for struct dirent.d_type ... found

Configuration summary
   + using system PCRE library
   + using system OpenSSL library
   + md5: using OpenSSL library
   + sha1 library is not used
   + using system zlib library

   nginx path prefix: "/opt/nginx"
   nginx binary file: "/opt/nginx/sbin/nginx"
   nginx configuration prefix: "/opt/nginx/conf"
   nginx configuration file: "/opt/nginx/conf/nginx.conf"
   nginx pid file: "/opt/nginx/logs/nginx.pid"
   nginx error log file: "/opt/nginx/logs/error.log"
   nginx http access log file: "/opt/nginx/logs/access.log"
   nginx http client request body temporary files: 
"/opt/nginx/client_body_temp"
   nginx http proxy temporary files: "/opt/nginx/proxy_temp"
   nginx http fastcgi temporary files: "/opt/nginx/fastcgi_temp"


> Maxim Dounin
>





From admin at ampprod.com  Wed Jul  1 21:44:39 2009
From: admin at ampprod.com (AMP Admin)
Date: Wed, 1 Jul 2009 12:44:39 -0500
Subject: Advanced Maintenance
In-Reply-To: <4A4B935D.3030803@gmail.com>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com> <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com>
Message-ID: <013d01c9fa73$9c781bf0$d56853d0$@com>

I see lots of maintenance page solutions but I would like to keep serving
images and a few directories.  Is that possible?

Right now we have:
	if (-f $document_root/maintenance.php) {
		rewrite  ^(.*)$  /maintenance.php last;
		break;
	}

But we would like to make the privacypolicy.php page and the images & promo
directories always available.  That way people can always see our
advertisers, images, and privacy policy.





From jgarvin.lists at gmail.com  Wed Jul  1 22:50:53 2009
From: jgarvin.lists at gmail.com (Jon Garvin)
Date: Wed, 01 Jul 2009 12:50:53 -0600
Subject: ignoring proxy_read_timeout?
Message-ID: <4A4BB00D.4030707@gmail.com>

We're getting upstream timeout errors on certan requests that generate
large reports.  I tried setting proxy_read_timeout 300 in both the
location and server sections of the nginx.conf file, but even after
restarting nginx requests still return a 504  Gateway Time-out after
exactly 60 seconds.

Any ideas?

-- 

http://www.5valleys.com/

http://www.workingwithrails.com/person/8078





From info at pcintelligence.nl  Thu Jul  2 00:22:30 2009
From: info at pcintelligence.nl (Michiel van Es)
Date: Wed, 01 Jul 2009 22:22:30 +0200
Subject: question about nginx, slowloris and fastcgi
In-Reply-To: <20090701134416.GF5360@mdounin.ru>
References: <4A4B4FA3.4020205@pcintelligence.nl> <20090701123029.GE5360@mdounin.ru> <4A4B624C.5050608@pcintelligence.nl> <20090701134416.GF5360@mdounin.ru>
Message-ID: <4A4BC586.9050302@pcintelligence.nl>



Maxim Dounin wrote:
> Hello!
> 
> On Wed, Jul 01, 2009 at 03:19:08PM +0200, Michiel van Es wrote:
> 
>>
>> -------- Original Message --------
>> Subject: Re: question about nginx, slowloris and fastcgi
>> From: Maxim Dounin <mdounin at mdounin.ru>
>> To: nginx at sysoev.ru
>> Date: 07/01/2009 02:30 PM
>>
>>> Hello!
>>>
>>> On Wed, Jul 01, 2009 at 01:59:31PM +0200, Michiel van Es wrote:
>>>
>>>> Hi,
>>>>
>>>> i am new to Nginx and I am testing the latest stable Nginx as webserver
>>>> with slowloris.
>>>> When I test slowloris on my php enabled website I see Nginx running to
>>>> 100% and get the following error:
>>>>
>>>> 500 Internal Server Error
>>>>
>>>> I don't think Nginx crashes (although the 100% cpu concerns me) but I
>>>> think fastcgi/php is crashing.
>>> What's in error_log?
>> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
>> files)
>> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
>> files)
>> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
>> files)
>> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
>> files)
>> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
>> files)
>> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
>> files)
>> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
>> files)
>> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
>> files)
>> 2009/07/01 13:43:01 [alert] 25226#0: accept() failed (24: Too many open
>> files)
>>
>>> Symptoms suggest that you've run out of file descriptors in your 
>>> OS.  At start nginx tries to warn you about the problem if 
>>> worker_connections are more than open file resource limit, but 
>>> even this isn't enough (since every connection usually allocates at 
>>> leas 2 file descriptors, and system-wide limit for all processes 
>>> isn't taken into account).
>> You're right but how can I stop this?
> 
> See your OS tuning guides.  Under FreeBSD use something like:
> 
> sysctl kern.maxfiles=65535
> sysctl kern.maxfilesperproc=60000
> 
> Note that other OS limits likely needs tuning too.

I have to tune CentOS file handles and network proc's right?
And then it should protect me from slowloris?

> 
>> Or how canI stop the slowloris attack..is it php fastcgi which is
>> vulnerable to the slowloris DoS?
> 
> When nginx with fastcgi_pass used in front of fastcgi - slowloris 
> attack won't reach fastcgi.

What is the fastcgi_pass? Is it included in the nginx installation?
I am using a rather old nginx install from the Epel repositories for CentOS.

> 
> Maxim Dounin
> 
Michiel




From nginx-forum at nginx.us  Thu Jul  2 00:24:38 2009
From: nginx-forum at nginx.us (vburshteyn)
Date: Wed, 1 Jul 2009 16:24:38 -0400
Subject: memcached settings
Message-ID: <28fc561b63ff103c4ab4a3fc9678f462.NginxMailingList@forum.nginx.org>

Hi and thanks to all in advance,

I am setting up my nginx to run with memcached.  Now my issue is that when i set it up and turn it on i keep getting 404 error page.

So i am thinking that i am using the wrong settings.

How would i go about figuring out what the right value of the memcached key is?

sorry but truwly a newb to linux/nginx scene.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3617,3617#msg-3617





From jerome at loyet.net  Thu Jul  2 00:50:46 2009
From: jerome at loyet.net (=?ISO-8859-1?B?Suly9G1lIExveWV0?=)
Date: Wed, 1 Jul 2009 22:50:46 +0200
Subject: memcached settings
In-Reply-To: <28fc561b63ff103c4ab4a3fc9678f462.NginxMailingList@forum.nginx.org>
References: <28fc561b63ff103c4ab4a3fc9678f462.NginxMailingList@forum.nginx.org>
Message-ID: <3bea96c40907011350s4b938fa1p405e78803882ae79@mail.gmail.com>

it would be helpfull to give us your conf so that someone can help you.

++ Jerome

2009/7/1 vburshteyn <nginx-forum at nginx.us>:
> Hi and thanks to all in advance,
>
> I am setting up my nginx to run with memcached. ?Now my issue is that when i set it up and turn it on i keep getting 404 error page.
>
> So i am thinking that i am using the wrong settings.
>
> How would i go about figuring out what the right value of the memcached key is?
>
> sorry but truwly a newb to linux/nginx scene.
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3617,3617#msg-3617
>
>
>




From grails at jmsd.co.uk  Thu Jul  2 01:01:38 2009
From: grails at jmsd.co.uk (John Moore)
Date: Wed, 01 Jul 2009 22:01:38 +0100
Subject: Treat .htm files as PHP?
Message-ID: <4A4BCEB2.8010203@jmsd.co.uk>

I know how to do this with Apache, not so sure with nginx. One one of
the websites I am hosting I want to use some PHP, but I don't want to
rename the files from *.htm to *.php - I want the *.htm pages to be
parsed as PHP (but for that site, or location, only). I should add that
I have PHP set up and working fine with nginx, so that is not an issue.

TIA,

John





From mike503 at gmail.com  Thu Jul  2 01:18:03 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Wed, 1 Jul 2009 14:18:03 -0700
Subject: Treat .htm files as PHP?
In-Reply-To: <4A4BCEB2.8010203@jmsd.co.uk>
References: <4A4BCEB2.8010203@jmsd.co.uk>
Message-ID: <0FD4C1CE-C908-4365-A5B2-BA3A2C14327F@gmail.com>

Should be as simple as changing a php block and changing the extension  
to htm and passing it on to fastcgi like normal. I think.

Sent from my iPhone

On Jul 1, 2009, at 2:01 PM, John Moore <grails at jmsd.co.uk> wrote:

> I know how to do this with Apache, not so sure with nginx. One one of
> the websites I am hosting I want to use some PHP, but I don't want to
> rename the files from *.htm to *.php - I want the *.htm pages to be
> parsed as PHP (but for that site, or location, only). I should add  
> that
> I have PHP set up and working fine with nginx, so that is not an  
> issue.
>
> TIA,
>
> John
>
>




From mdounin at mdounin.ru  Thu Jul  2 02:53:52 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 2 Jul 2009 02:53:52 +0400
Subject: Help with autoindex on; missing slash for directories
In-Reply-To: <4A4B935D.3030803@gmail.com>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com> <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com>
Message-ID: <20090701225352.GJ5360@mdounin.ru>

Hello!

On Wed, Jul 01, 2009 at 09:48:29AM -0700, Yazz Atlas wrote:

> On 7/1/09 2:30 AM, Maxim Dounin wrote:
>> Hello!
>>
>> On Tue, Jun 30, 2009 at 11:09:11PM -0700, Yazz Atlas wrote:
>>
>>> I'm working on upgrading some servers running nginx-0.6.34 to either
>>> nginx-0.8.4 or nginx-0.7.61. The problem is I have another tool that
>>> was crawling the nginx directory and following all the directories it
>>> found. With the latest version of nginx the the directories aren't
>>> given a slash so doing the automated crawl fails.
>>
>> [...]
>>
>>> Notice the missing slash after the word site. I was relying on having
>>> the slash so I could navigate down directories with my crawler.
>>>
>>>   Any one have a solution to add the slash back?
>>
>> Which OS?  Which filesystem?
>
> CentOS release 5.3 (Final) with ext3 filesystem, Linux example  
> 2.6.18-128.1.10.el5 #1 SMP Thu May 7 10:35:59 EDT 2009 x86_64 x86_64  
> x86_64 GNU/Linux
>
>> And could you please:
>>
>> 1. Test if this regression appeared in 0.7.40.
>
> The problem still exists with 0.7.40. I did compiled 0.6.38 and it does  
> not have the problem. However I would like to move to the either 0.7.x  
> or 0.8.x.

I mean *appeared* in 0.7.40, i.e. problem exists in 0.7.40 but not 
in 0.7.39.  But after some thinking it's most likely 0.7.15 when 
dirent.d_type checking was initially introduced (i.e. problem exists in 
0.7.15 but not in 0.7.14).

>> 2. Show ./configure output on your system.
>
> [root at example nginx-0.7.40]# ./configure  --http-proxy-temp-path=/tmp  
> --prefix=/opt/nginx --with-http_ssl_module  

[...]

> checking for struct dirent.d_namlen ... not found
> checking for struct dirent.d_type ... found

[...]

You system has dirent.d_type, but it looks like it's something 
wrong with it.  I've tried to reproduce problem on vmware image of 
CentOS 5.3 i386 - but failed, everythings works ok.  I've even 
tried initial release version and fully updated one (with 
2.6.18-128.1.16.el5 kernel), no problems found.

It's either x64 only issue, or something wrong with headers on 
your server(s).  Unfortenately I have no x64 version on hand to 
test it there, but people report that everything is ok at least on 
other x64 distributions.

Could you please check your headers, most notably 
/usr/include/dirent.h and /usr/include/bits/dirent.h?

Maxim Dounin




From mdounin at mdounin.ru  Thu Jul  2 02:59:57 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 2 Jul 2009 02:59:57 +0400
Subject: question about nginx, slowloris and fastcgi
In-Reply-To: <4A4BC586.9050302@pcintelligence.nl>
References: <4A4B4FA3.4020205@pcintelligence.nl> <20090701123029.GE5360@mdounin.ru> <4A4B624C.5050608@pcintelligence.nl> <20090701134416.GF5360@mdounin.ru> <4A4BC586.9050302@pcintelligence.nl>
Message-ID: <20090701225957.GK5360@mdounin.ru>

Hello!

On Wed, Jul 01, 2009 at 10:22:30PM +0200, Michiel van Es wrote:

[...]

> >> Or how canI stop the slowloris attack..is it php fastcgi which is
> >> vulnerable to the slowloris DoS?
> > 
> > When nginx with fastcgi_pass used in front of fastcgi - slowloris 
> > attack won't reach fastcgi.
> 
> What is the fastcgi_pass? Is it included in the nginx installation?
> I am using a rather old nginx install from the Epel repositories for CentOS.

Uhm, fastcgi_pass is nginx configuration directive to pass request 
processing to fastcgi backends.

Maxim Dounin




From mdounin at mdounin.ru  Thu Jul  2 03:19:21 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 2 Jul 2009 03:19:21 +0400
Subject: Advanced Maintenance
In-Reply-To: <013d01c9fa73$9c781bf0$d56853d0$@com>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com> <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com> <013d01c9fa73$9c781bf0$d56853d0$@com>
Message-ID: <20090701231921.GL5360@mdounin.ru>

Hello!

On Wed, Jul 01, 2009 at 12:44:39PM -0500, AMP Admin wrote:

> I see lots of maintenance page solutions but I would like to keep serving
> images and a few directories.  Is that possible?
> 
> Right now we have:
> 	if (-f $document_root/maintenance.php) {
> 		rewrite  ^(.*)$  /maintenance.php last;
> 		break;
> 	}
> 
> But we would like to make the privacypolicy.php page and the images & promo
> directories always available.  That way people can always see our
> advertisers, images, and privacy policy.

Feel free to configure maintenance checks only in locations you 
need them.  E.g.

    location / {
        # maintenance checks here
        ...
    }

    location /always-visible {
        # no maintenance checks here
    }

Maxim Dounin

p.s. Please start a new thread when asking unrelated questions.  
Just hitting "reply" is a bad idea.




From avleen at gmail.com  Thu Jul  2 03:22:22 2009
From: avleen at gmail.com (Avleen Vig)
Date: Thu, 2 Jul 2009 00:22:22 +0100
Subject: Curious about old bug
Message-ID: <33c66c80907011622ye551a2cna4abd7e936a06939@mail.gmail.com>

I'm reading through the changelog from 0.6.35 -> 0.7.59, and saw this:
    Bugfix: now accept threshold depends on worker_connections

I was wondering if anyone could tell me what that was?

Thanks :)




From nginx-forum at nginx.us  Thu Jul  2 03:28:54 2009
From: nginx-forum at nginx.us (vburshteyn)
Date: Wed, 1 Jul 2009 19:28:54 -0400
Subject: memcached settings
In-Reply-To: <3bea96c40907011350s4b938fa1p405e78803882ae79@forum.nginx.org>
References: <28fc561b63ff103c4ab4a3fc9678f462.NginxMailingList@forum.nginx.org> <3bea96c40907011350s4b938fa1p405e78803882ae79@forum.nginx.org>
Message-ID: <f4b85587a45030f793a204fd91ac0a1b.NginxMailingList@forum.nginx.org>

Basically we are running a nginx/apache2/django setup

memcached works, i tested it and such.  From here it goes to apache server.  Everything works right up till i enable the 

    set $memcached_key $uri;
    memcached_pass     127.0.0.1:11212;


server {
    listen 10.176.67.151:80;
    server_name www.mysite.com;
    
    location / {
        proxy_pass http://10.176.67.151:8080/;
        include /etc/nginx/proxy.conf;

    set $memcached_key $uri;
    memcached_pass     127.0.0.1:11212;


    }
    location /static/ {
            alias /home/django/broadway.com/broadway/static/;
            expires 1d;
    }
    location /media/ {
            alias /home/django/broadway.com/src/django/django/contrib/admin/media/;
            expires 1d;
    }
}

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3617,3629#msg-3629





From grangier at gmail.com  Thu Jul  2 03:38:50 2009
From: grangier at gmail.com (xgdlm)
Date: Thu, 2 Jul 2009 01:38:50 +0200
Subject: memcached settings
In-Reply-To: <f4b85587a45030f793a204fd91ac0a1b.NginxMailingList@forum.nginx.org>
References: <28fc561b63ff103c4ab4a3fc9678f462.NginxMailingList@forum.nginx.org> <3bea96c40907011350s4b938fa1p405e78803882ae79@forum.nginx.org> <f4b85587a45030f793a204fd91ac0a1b.NginxMailingList@forum.nginx.org>
Message-ID: <0C817A63-E309-4717-985F-B174A96B6431@gmail.com>

Hello,

http://wiki.nginx.org/NginxHttpMemcachedModule

server {
    listen 10.176.67.151:80;
    server_name www.mysite.com;

   location @fallback {
	proxy_pass http://10.176.67.151:8080/;
        include /etc/nginx/proxy.conf;
   }

    location / {
    set $memcached_key $uri;
    memcached_pass     127.0.0.1:11212;
   error_page 404 = @fallback;
   error_page 502 = @fallback;

    }
    location /static/ {
            alias /home/django/broadway.com/broadway/static/;
            expires 1d;
    }
    location /media/ {
            alias /home/django/broadway.com/src/django/django/contrib/ 
admin/media/;
            expires 1d;
    }
}

xav

Le 2 juil. 09 ? 01:28, vburshteyn a ?crit :

> Basically we are running a nginx/apache2/django setup
>
> memcached works, i tested it and such.  From here it goes to apache  
> server.  Everything works right up till i enable the
>
>    set $memcached_key $uri;
>    memcached_pass     127.0.0.1:11212;
>
>
> server {
>    listen 10.176.67.151:80;
>    server_name www.mysite.com;
>
>    location / {
>        proxy_pass http://10.176.67.151:8080/;
>        include /etc/nginx/proxy.conf;
>
>    set $memcached_key $uri;
>    memcached_pass     127.0.0.1:11212;
>
>
>    }
>    location /static/ {
>            alias /home/django/broadway.com/broadway/static/;
>            expires 1d;
>    }
>    location /media/ {
>            alias /home/django/broadway.com/src/django/django/contrib/ 
> admin/media/;
>            expires 1d;
>    }
> }
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3617,3629#msg-3629
>
>





From xufengnju at sina.com  Thu Jul  2 05:15:30 2009
From: xufengnju at sina.com (=?utf-8?B?WFVGRU5H?=)
Date: Thu, 2 Jul 2009 09:15:30 +0800
Subject: =?utf-8?B?UmU6IG1lbWNhY2hlZCBzZXR0aW5ncw==?=
References: <28fc561b63ff103c4ab4a3fc9678f462.NginxMailingList@forum.nginx.org>
Message-ID: <200907020915247657603@sina.com>

Hi,
	Make sure what you stored in memcached is exactly as what Nginx will retrieve from it.
Yours,

------------------				 
XUFENG
2009-07-02

-------------------------------------------------------------
????vburshteyn
?????2009-07-02 04:24:38
????nginx
???
???memcached settings

Hi and thanks to all in advance,

I am setting up my nginx to run with memcached.  Now my issue is that when i set it up and turn it on i keep getting 404 error page.

So i am thinking that i am using the wrong settings.

How would i go about figuring out what the right value of the memcached key is?

sorry but truwly a newb to linux/nginx scene.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3617,3617#msg-3617





From avleen at gmail.com  Thu Jul  2 05:23:06 2009
From: avleen at gmail.com (Avleen Vig)
Date: Thu, 2 Jul 2009 02:23:06 +0100
Subject: Tuning workers and connections
Message-ID: <33c66c80907011823r7c6224e8w2945765c150f1f55@mail.gmail.com>

Hi folks, I have some questions about tuning nginx for best
performance, on a site which handle ~1000 requests per second.

In our config, we have:

    worker_processes  16;
    worker_rlimit_nofile 32768;
    events {
        worker_connections  8192;
    }

This is on a server with 8 CPU cores and 8Gb RAM.
My understanding is that this should allow nginx to establish up to
32k network connections, because that is the limit of
worker_rlimit_nofile. We serve very few files off the disk, maybe a
dozen CSS and JS files. Everything else is handed to backends using
proxy_pass.
So with one fd for the browser, and one fd to the upstream, we should
be able to handle 16k concurrent connections.

However what we're seeing, is that around 5k connections we get a
performance hit. Connections slow down, take longer to establish, etc.
The load on the box is almost zero, nginx is clearly working very fast
and efficiently, but I'm not sure why it slows down.
Any thoughts?


Also, I'm thinking about enabling the multi_accept option, but I
couldn't find much documentation on how this works.
It sounds like a high-performance tweak which we should be using if we
get this many requests per second.
Could it be that not using multi_accept is the problem?
Nginx otherwise has to handle the incoming connection requests in
serial and this is a bottleneck?


Thanks :)




From gabe at vtunnel.com  Thu Jul  2 06:39:25 2009
From: gabe at vtunnel.com (Gabriel Ramuglia)
Date: Wed, 1 Jul 2009 19:39:25 -0700
Subject: Tuning workers and connections
In-Reply-To: <33c66c80907011823r7c6224e8w2945765c150f1f55@mail.gmail.com>
References: <33c66c80907011823r7c6224e8w2945765c150f1f55@mail.gmail.com>
Message-ID: <932ea6c90907011939k3eec710dla9c0d839f2cafc12@mail.gmail.com>

I'm no expert, but if your load level is low, it does sound possible
that you are having issues accepting requests in serial for each
worker connection. I would try increasing the number of worker
processes to 32 and see if that helps. Also, if you're seeing 5k
connections, you should try increasing the number of worker
connections to double what it is now, just in case.

Be happy to hear any dissenting opinions.
-Gabe

On Wed, Jul 1, 2009 at 6:23 PM, Avleen Vig<avleen at gmail.com> wrote:
> Hi folks, I have some questions about tuning nginx for best
> performance, on a site which handle ~1000 requests per second.
>
> In our config, we have:
>
> ? ?worker_processes ?16;
> ? ?worker_rlimit_nofile 32768;
> ? ?events {
> ? ? ? ?worker_connections ?8192;
> ? ?}
>
> This is on a server with 8 CPU cores and 8Gb RAM.
> My understanding is that this should allow nginx to establish up to
> 32k network connections, because that is the limit of
> worker_rlimit_nofile. We serve very few files off the disk, maybe a
> dozen CSS and JS files. Everything else is handed to backends using
> proxy_pass.
> So with one fd for the browser, and one fd to the upstream, we should
> be able to handle 16k concurrent connections.
>
> However what we're seeing, is that around 5k connections we get a
> performance hit. Connections slow down, take longer to establish, etc.
> The load on the box is almost zero, nginx is clearly working very fast
> and efficiently, but I'm not sure why it slows down.
> Any thoughts?
>
>
> Also, I'm thinking about enabling the multi_accept option, but I
> couldn't find much documentation on how this works.
> It sounds like a high-performance tweak which we should be using if we
> get this many requests per second.
> Could it be that not using multi_accept is the problem?
> Nginx otherwise has to handle the incoming connection requests in
> serial and this is a bottleneck?
>
>
> Thanks :)
>
>




From admin at ampprod.com  Thu Jul  2 07:06:11 2009
From: admin at ampprod.com (AMP Admin)
Date: Wed, 1 Jul 2009 22:06:11 -0500
Subject: Advanced Maintenance
In-Reply-To: <20090701231921.GL5360@mdounin.ru>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com> <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com> <013d01c9fa73$9c781bf0$d56853d0$@com> <20090701231921.GL5360@mdounin.ru>
Message-ID: <024b01c9fac2$0e91b7c0$2bb52740$@com>

I don't understand.  How do we make the "no maintenance checks"?  sorry, I'm
still learning.

If we want everything but privacypolicy.php, images directory and promo
directory to go to maintenance how would that look?

It seems that this puts the entire site in maintenance mode:
Location / {
 	if (-f $document_root/maintenance.php) {
		rewrite  ^(.*)$  /maintenance.php last;
		break;
 	}
}

I'm not sure how to do the no maintenance part.

-----Original Message-----
From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of
Maxim Dounin
Sent: Wednesday, July 01, 2009 6:19 PM
To: nginx at sysoev.ru
Subject: Re: Advanced Maintenance

Hello!

On Wed, Jul 01, 2009 at 12:44:39PM -0500, AMP Admin wrote:

> I see lots of maintenance page solutions but I would like to keep serving
> images and a few directories.  Is that possible?
> 
> Right now we have:
> 	if (-f $document_root/maintenance.php) {
> 		rewrite  ^(.*)$  /maintenance.php last;
> 		break;
> 	}
> 
> But we would like to make the privacypolicy.php page and the images &
promo
> directories always available.  That way people can always see our
> advertisers, images, and privacy policy.

Feel free to configure maintenance checks only in locations you 
need them.  E.g.

    location / {
        # maintenance checks here
        ...
    }

    location /always-visible {
        # no maintenance checks here
    }

Maxim Dounin

p.s. Please start a new thread when asking unrelated questions.  
Just hitting "reply" is a bad idea.





From edhoprima at gmail.com  Thu Jul  2 07:37:47 2009
From: edhoprima at gmail.com (Edho P Arief)
Date: Thu, 2 Jul 2009 10:37:47 +0700
Subject: Advanced Maintenance
In-Reply-To: <024b01c9fac2$0e91b7c0$2bb52740$@com>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com>
	 <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com>
	 <013d01c9fa73$9c781bf0$d56853d0$@com>
	 <20090701231921.GL5360@mdounin.ru>
	 <024b01c9fac2$0e91b7c0$2bb52740$@com>
Message-ID: <a3780c060907012037m1dd9979byed0d2dceb1f968df@mail.gmail.com>

On Thu, Jul 2, 2009 at 10:06 AM, AMP Admin<admin at ampprod.com> wrote:
> I don't understand. ?How do we make the "no maintenance checks"? ?sorry, I'm
> still learning.
>
> If we want everything but privacypolicy.php, images directory and promo
> directory to go to maintenance how would that look?
>
> It seems that this puts the entire site in maintenance mode:
> Location / {
> ? ? ? ?if (-f $document_root/maintenance.php) {
> ? ? ? ? ? ? ? ?rewrite ?^(.*)$ ?/maintenance.php last;
> ? ? ? ? ? ? ? ?break;
> ? ? ? ?}
> }
>
> I'm not sure how to do the no maintenance part.
>

location ~ ^/(?!privacypolicy.php|images|promo) {
  try_files /maintenance.php $uri @fallback;
}

-- 
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org




From dave at cheney.net  Thu Jul  2 09:43:16 2009
From: dave at cheney.net (Dave Cheney)
Date: Thu, 02 Jul 2009 01:43:16 -0400
Subject: Tuning workers and connections
References: <33c66c80907011823r7c6224e8w2945765c150f1f55@mail.gmail.com>
Message-ID: <cone.1246513396.797127.14033.501@odessa.cheney.net>

Try adding

events {
   ...
   use epoll;
}

http://wiki.nginx.org/NginxHttpEventsModule#use

Cheers

Dave


Avleen Vig writes:

> Hi folks, I have some questions about tuning nginx for best
> performance, on a site which handle ~1000 requests per second.
> 
> In our config, we have:
> 
>     worker_processes  16;
>     worker_rlimit_nofile 32768;
>     events {
>         worker_connections  8192;
>     }
> 
> This is on a server with 8 CPU cores and 8Gb RAM.
> My understanding is that this should allow nginx to establish up to
> 32k network connections, because that is the limit of
> worker_rlimit_nofile. We serve very few files off the disk, maybe a
> dozen CSS and JS files. Everything else is handed to backends using
> proxy_pass.
> So with one fd for the browser, and one fd to the upstream, we should
> be able to handle 16k concurrent connections.
> 
> However what we're seeing, is that around 5k connections we get a
> performance hit. Connections slow down, take longer to establish, etc.
> The load on the box is almost zero, nginx is clearly working very fast
> and efficiently, but I'm not sure why it slows down.
> Any thoughts?
> 
> 
> Also, I'm thinking about enabling the multi_accept option, but I
> couldn't find much documentation on how this works.
> It sounds like a high-performance tweak which we should be using if we
> get this many requests per second.
> Could it be that not using multi_accept is the problem?
> Nginx otherwise has to handle the incoming connection requests in
> serial and this is a bottleneck?
> 
> 
> Thanks :)
> 




From grails at jmsd.co.uk  Thu Jul  2 13:07:58 2009
From: grails at jmsd.co.uk (John Moore)
Date: Thu, 02 Jul 2009 10:07:58 +0100
Subject: Treat .htm files as PHP?
In-Reply-To: <0FD4C1CE-C908-4365-A5B2-BA3A2C14327F@gmail.com>
References: <4A4BCEB2.8010203@jmsd.co.uk> <0FD4C1CE-C908-4365-A5B2-BA3A2C14327F@gmail.com>
Message-ID: <4A4C78EE.5020804@jmsd.co.uk>

Michael Shadle wrote:
> Should be as simple as changing a php block and changing the extension 
> to htm and passing it on to fastcgi like normal. I think.
Hmm, I'm not sure I quite understand what you mean here. Could you 
perhaps give me an example? When I did what I think you meant, I got an 
error page saying 'No input file specified'.

Thx.




From mdounin at mdounin.ru  Thu Jul  2 13:14:05 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 2 Jul 2009 13:14:05 +0400
Subject: Curious about old bug
In-Reply-To: <33c66c80907011622ye551a2cna4abd7e936a06939@mail.gmail.com>
References: <33c66c80907011622ye551a2cna4abd7e936a06939@mail.gmail.com>
Message-ID: <20090702091405.GM5360@mdounin.ru>

Hello!

On Thu, Jul 02, 2009 at 12:22:22AM +0100, Avleen Vig wrote:

> I'm reading through the changelog from 0.6.35 -> 0.7.59, and saw this:
>     Bugfix: now accept threshold depends on worker_connections
> 
> I was wondering if anyone could tell me what that was?

Historically nginx worker stops accepting new connections for a 
while if there are less than 100 connection structures available 
(to make sure that already accepted connections may finish it's 
work - since connection structures are used for proxy etc).

In 0.7.18 this threshold was changed from constant one to 
worker_connections/8 to make sure that even workers configured 
with less than 100 workers_connections can accept new connections 
normally.

This shouldn't affect typical configurations (worker_connections > 
1024).

Maxim Dounin




From miles at tinyapps.org  Thu Jul  2 13:13:33 2009
From: miles at tinyapps.org (TinyApps.Org)
Date: Wed, 1 Jul 2009 23:13:33 -1000
Subject: Password-protected dirs working but reporting non-existent errors
Message-ID: <58CF188B-D949-4A09-80DB-5663270DDDAF@tinyapps.org>

A quick question if anyone can help:

Password protected directories are working fine,
but when a legitimate user logs in, the following
appears in the error log:

[error] 3876#0: *12 no user/password was provided for basic  
authentication

despite the fact that the username and password
*was* supplied.

A bad username/password produces the expected error:

[error] 3876#0: *12 user "whatever" was not found in "/etc/nginx/htpass"

Has anyone else seen this or have any idea why such
an error would be triggered?




From phill at theactivitypeople.co.uk  Thu Jul  2 13:28:20 2009
From: phill at theactivitypeople.co.uk (Phillip Oldham)
Date: Thu, 02 Jul 2009 10:28:20 +0100
Subject: Treat .htm files as PHP?
In-Reply-To: <4A4C78EE.5020804@jmsd.co.uk>
References: <4A4BCEB2.8010203@jmsd.co.uk> <0FD4C1CE-C908-4365-A5B2-BA3A2C14327F@gmail.com> <4A4C78EE.5020804@jmsd.co.uk>
Message-ID: <4A4C7DB4.7060603@theactivitypeople.co.uk>

John Moore wrote:
> Michael Shadle wrote:
>> Should be as simple as changing a php block and changing the 
>> extension to htm and passing it on to fastcgi like normal. I think.
> Hmm, I'm not sure I quite understand what you mean here. Could you 
> perhaps give me an example? When I did what I think you meant, I got 
> an error page saying 'No input file specified'.
>
> Thx.
Follow this: http://wiki.nginx.org/NginxFcgiExample - and just change 
the location block so it checks for .html instead of .php.

More details can be found here:
http://wiki.nginx.org/NginxConfiguration
http://wiki.nginx.org/NginxHttpFcgiModule




From mdounin at mdounin.ru  Thu Jul  2 13:56:00 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 2 Jul 2009 13:56:00 +0400
Subject: Tuning workers and connections
In-Reply-To: <33c66c80907011823r7c6224e8w2945765c150f1f55@mail.gmail.com>
References: <33c66c80907011823r7c6224e8w2945765c150f1f55@mail.gmail.com>
Message-ID: <20090702095600.GN5360@mdounin.ru>

Hello!

On Thu, Jul 02, 2009 at 02:23:06AM +0100, Avleen Vig wrote:

> Hi folks, I have some questions about tuning nginx for best
> performance, on a site which handle ~1000 requests per second.
> 
> In our config, we have:
> 
>     worker_processes  16;
>     worker_rlimit_nofile 32768;
>     events {
>         worker_connections  8192;
>     }
> 
> This is on a server with 8 CPU cores and 8Gb RAM.
> My understanding is that this should allow nginx to establish up to
> 32k network connections, because that is the limit of
> worker_rlimit_nofile.

No.  With this settings you will be able to handle up to 8192 
connections in each worker, about 128k in total for 16 workers.  
If your system can cope with it.

Directive worker_rlimit_nofile just raises open files limit for 
nginx processes if system allows this, nothing more.  It's usually 
needed only if you started nginx with low limit, then raised the 
system one and want nginx to raise it's limit without restarting.

> We serve very few files off the disk, maybe a
> dozen CSS and JS files. Everything else is handed to backends using
> proxy_pass.
> So with one fd for the browser, and one fd to the upstream, we should
> be able to handle 16k concurrent connections.
> 
> However what we're seeing, is that around 5k connections we get a
> performance hit. Connections slow down, take longer to establish, etc.
> The load on the box is almost zero, nginx is clearly working very fast
> and efficiently, but I'm not sure why it slows down.
> Any thoughts?

There are several things to check:

1. Which event method used?  Make sure you use kqueue for *BSD, 
epoll for Linux.

2. What's in error_log?  Your system logs/memory stats/etc?  You 
may run out of some resources (file descriptors, network buffers, 
connection states in your firewall, ...).

3. In which states nginx workers are?  If they are disk bound it's 
probably a good idea to check why and e.g. try to tune proxy 
buffers / output buffers / sendfile_max_chunk.

> Also, I'm thinking about enabling the multi_accept option, but I
> couldn't find much documentation on how this works.
> It sounds like a high-performance tweak which we should be using if we
> get this many requests per second.
> Could it be that not using multi_accept is the problem?
> Nginx otherwise has to handle the incoming connection requests in
> serial and this is a bottleneck?

With multi_accept nginx tries to accept all connections from 
listen queue at once.  Without it - only one connection will be 
accepted on each return from event function.  The bad thing with 
multi_accept that if you have constant stream of incomming 
connections at high rate - it may overflow your worker_connections 
without any chance to process already accepted connections.

Note that this setting doesn't matter for kqueue (there is number 
of unaccepted connection at return from kernel, and nginx accepts 
all them).  And it's always on for rtsig (not sure, but likely due 
to the fact that rtsig is fragile).

Maxim Dounin




From grails at jmsd.co.uk  Thu Jul  2 14:05:48 2009
From: grails at jmsd.co.uk (John Moore)
Date: Thu, 02 Jul 2009 11:05:48 +0100
Subject: Treat .htm files as PHP?
In-Reply-To: <4A4C7DB4.7060603@theactivitypeople.co.uk>
References: <4A4BCEB2.8010203@jmsd.co.uk> <0FD4C1CE-C908-4365-A5B2-BA3A2C14327F@gmail.com> <4A4C78EE.5020804@jmsd.co.uk> <4A4C7DB4.7060603@theactivitypeople.co.uk>
Message-ID: <4A4C867C.5090702@jmsd.co.uk>

Phillip Oldham wrote:
> John Moore wrote:
>> Michael Shadle wrote:
>>> Should be as simple as changing a php block and changing the 
>>> extension to htm and passing it on to fastcgi like normal. I think.
>> Hmm, I'm not sure I quite understand what you mean here. Could you 
>> perhaps give me an example? When I did what I think you meant, I got 
>> an error page saying 'No input file specified'.
>>
>> Thx.
> Follow this: http://wiki.nginx.org/NginxFcgiExample - and just change 
> the location block so it checks for .html instead of .php.
>
> More details can be found here:
> http://wiki.nginx.org/NginxConfiguration
> http://wiki.nginx.org/NginxHttpFcgiModule
>
>
>
Thanks. My problem was that while PHP was working generally, I couldn't 
get it to work for the specific domain. I realized that I was 
misinforming FastCGI about the location, with this line:

fastcgi_param SCRIPT_FILENAME /var/www/nginx-default$fastcgi_script_name;

Changing it to this solved my problem:

fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

Thanks for the help.




From nginx-forum at nginx.us  Thu Jul  2 14:12:24 2009
From: nginx-forum at nginx.us (kaktos)
Date: Thu, 2 Jul 2009 06:12:24 -0400
Subject: two nginx with ip_hash as a load balancer
Message-ID: <5fbd449938953529977b3e714c12347c.NginxMailingList@forum.nginx.org>

Hi,
I have build a new application behind our hardware load balancer, since we need the 'sticky session' feather that our LB couldn't offer.So I put two nginx as a soft LB behind the hardware LB(that round-robin to nginx). Then I found the two nginx
always hash the same client IP to different backend server. it's weird if I understood right about the ip_hash that using crc32 hashing the IP address and % the number of server nodes to get the target backend server. So why I got two different backend server? any help?


Thank you!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3660,3660#msg-3660





From nbubingo at gmail.com  Thu Jul  2 14:34:43 2009
From: nbubingo at gmail.com (Weibin Yao)
Date: Thu, 02 Jul 2009 18:34:43 +0800
Subject: two nginx with ip_hash as a load balancer
In-Reply-To: <5fbd449938953529977b3e714c12347c.NginxMailingList@forum.nginx.org>
References: <5fbd449938953529977b3e714c12347c.NginxMailingList@forum.nginx.org>
Message-ID: <4A4C8D43.4030200@gmail.com>

kaktos at 2009-7-2 18:12 wrote:
> Hi,
> I have build a new application behind our hardware load balancer, since we need the 'sticky session' feather that our LB couldn't offer.So I put two nginx as a soft LB behind the hardware LB(that round-robin to nginx). Then I found the two nginx
> always hash the same client IP to different backend server. it's weird if I understood right about the ip_hash that using crc32 hashing the IP address and % the number of server nodes to get the target backend server. So why I got two different backend server? any help?
>
>   
You can try my developing module for session sticky: 
http://code.google.com/p/nginx-upstream-jvm-route/. And you need a 
careful test before using this module in your product environment.

Questions/patches can be directed to me, hope this will help you.

-- 
Weibin Yao





From eugen at leitl.org  Thu Jul  2 15:11:46 2009
From: eugen at leitl.org (Eugen Leitl)
Date: Thu, 2 Jul 2009 13:11:46 +0200
Subject: moinmoin + nginx (+memcached) on debian?
Message-ID: <20090702111146.GA22105@leitl.org>


I've just jumped ship from lighty (lighttpd) and would like to configure
nginx + moinmoin (fcgi, I presume) and maybe memcached on a Debian
box (it's a Linux vserver, so no localhost). The nginx version from backported 
is 0.4.13 which is probably ancient.

Do I need to upgrade? If I have to, does have someone to build
a recipe for building a debian package for latest nginx tarball?

Finally, has somebody a working config of nginx + moinmoin they
can share? (Extre kudos for nginx + moinmoin + memcached).

It looks like the snippet from 

http://johnleach.co.uk/words/archives/category/tech/

is not complete.

I've added a 

server {
        listen   80;
        server_name  cryoeuro.eu;

        access_log  /var/log/nginx/localhost.access.log;

        location / {
                include /etc/nginx/fastcgi_params;
                fastcgi_param PATH_INFO $fastcgi_script_name;
                fastcgi_pass 88.198.119.230:9005;
        }

...

     if (!-f $request_filename) {
        fastcgi_pass 88.198.119.230:9005;
      }
  }
}

but I'm getting a 502 Bad Gateway
nginx/0.5.35

Any ideas?

Thanks.

-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From admin at ampprod.com  Thu Jul  2 16:52:42 2009
From: admin at ampprod.com (AMP Admin)
Date: Thu, 2 Jul 2009 07:52:42 -0500
Subject: Advanced Maintenance
In-Reply-To: <a3780c060907012037m1dd9979byed0d2dceb1f968df@mail.gmail.com>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com>	 <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com>	 <013d01c9fa73$9c781bf0$d56853d0$@com>	 <20090701231921.GL5360@mdounin.ru>	 <024b01c9fac2$0e91b7c0$2bb52740$@com> <a3780c060907012037m1dd9979byed0d2dceb1f968df@mail.gmail.com>
Message-ID: <02d601c9fb13$fd96aaf0$f8c400d0$@com>

Ohhh... i was looking for a not operator like '!'.  thanks, I'll give that a try!

-----Original Message-----
From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of Edho P Arief
Sent: Wednesday, July 01, 2009 10:38 PM
To: nginx at sysoev.ru
Subject: Re: Advanced Maintenance

On Thu, Jul 2, 2009 at 10:06 AM, AMP Admin<admin at ampprod.com> wrote:
> I don't understand.  How do we make the "no maintenance checks"?  sorry, I'm
> still learning.
>
> If we want everything but privacypolicy.php, images directory and promo
> directory to go to maintenance how would that look?
>
> It seems that this puts the entire site in maintenance mode:
> Location / {
>        if (-f $document_root/maintenance.php) {
>                rewrite  ^(.*)$  /maintenance.php last;
>                break;
>        }
> }
>
> I'm not sure how to do the no maintenance part.
>

location ~ ^/(?!privacypolicy.php|images|promo) {
  try_files /maintenance.php $uri @fallback;
}

-- 
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org





From avleen at gmail.com  Thu Jul  2 18:01:13 2009
From: avleen at gmail.com (Avleen Vig)
Date: Thu, 2 Jul 2009 15:01:13 +0100
Subject: Tuning workers and connections
In-Reply-To: <20090702095600.GN5360@mdounin.ru>
References: <33c66c80907011823r7c6224e8w2945765c150f1f55@mail.gmail.com>
	 <20090702095600.GN5360@mdounin.ru>
Message-ID: <33c66c80907020701n46f1683md6656384508ec72e@mail.gmail.com>

> Directive worker_rlimit_nofile just raises open files limit for
> nginx processes if system allows this, nothing more. ?It's usually
> needed only if you started nginx with low limit, then raised the
> system one and want nginx to raise it's limit without restarting.

Ah thanks :)

>> We serve very few files off the disk, maybe a
>> dozen CSS and JS files. Everything else is handed to backends using
>> proxy_pass.
>> So with one fd for the browser, and one fd to the upstream, we should
>> be able to handle 16k concurrent connections.
>>
>> However what we're seeing, is that around 5k connections we get a
>> performance hit. Connections slow down, take longer to establish, etc.
>> The load on the box is almost zero, nginx is clearly working very fast
>> and efficiently, but I'm not sure why it slows down.
>> Any thoughts?
>
> There are several things to check:
>
> 1. Which event method used? ?Make sure you use kqueue for *BSD,
> epoll for Linux.

epoll.

> 2. What's in error_log? ?Your system logs/memory stats/etc? ?You
> may run out of some resources (file descriptors, network buffers,
> connection states in your firewall, ...).

I saw nothing about resource starvation in the error log.
Also I should mention this was on 0.6.35.
We've also upgraded to 0.7.59.

> 3. In which states nginx workers are? ?If they are disk bound it's
> probably a good idea to check why and e.g. try to tune proxy
> buffers / output buffers / sendfile_max_chunk.

They don't appear to be disk bound. I will check again tonight at our
peak hours.

>> Also, I'm thinking about enabling the multi_accept option, but I
>> couldn't find much documentation on how this works.
>> It sounds like a high-performance tweak which we should be using if we
>> get this many requests per second.
>> Could it be that not using multi_accept is the problem?
>> Nginx otherwise has to handle the incoming connection requests in
>> serial and this is a bottleneck?
>
> With multi_accept nginx tries to accept all connections from
> listen queue at once. ?Without it - only one connection will be
> accepted on each return from event function. ?The bad thing with
> multi_accept that if you have constant stream of incomming
> connections at high rate - it may overflow your worker_connections
> without any chance to process already accepted connections.

Ok :-)
I've massively increased the number of worker_connections now, and the
box is otherwise quite powerful. It should be able to cope, but
there's only one way to find out!

Thanks guys!




From avleen at gmail.com  Thu Jul  2 17:58:11 2009
From: avleen at gmail.com (Avleen Vig)
Date: Thu, 2 Jul 2009 14:58:11 +0100
Subject: Tuning workers and connections
In-Reply-To: <cone.1246513396.797127.14033.501@odessa.cheney.net>
References: <33c66c80907011823r7c6224e8w2945765c150f1f55@mail.gmail.com>
	 <cone.1246513396.797127.14033.501@odessa.cheney.net>
Message-ID: <33c66c80907020658q3b3cb8d5u481ecdeec052f661@mail.gmail.com>

On Thu, Jul 2, 2009 at 6:43 AM, Dave Cheney<dave at cheney.net> wrote:
> Try adding
>
> events {
> ?...
> ?use epoll;
> }
>
> http://wiki.nginx.org/NginxHttpEventsModule#use

Thanks Dave!

Turns out this was the default (we're using a locally recompiled
version of the Ubuntu package) :-)




From mdounin at mdounin.ru  Thu Jul  2 19:24:58 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 2 Jul 2009 19:24:58 +0400
Subject: Advanced Maintenance
In-Reply-To: <02d601c9fb13$fd96aaf0$f8c400d0$@com>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com> <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com> <013d01c9fa73$9c781bf0$d56853d0$@com> <20090701231921.GL5360@mdounin.ru> <024b01c9fac2$0e91b7c0$2bb52740$@com> <a3780c060907012037m1dd9979byed0d2dceb1f968df@mail.gmail.com> <02d601c9fb13$fd96aaf0$f8c400d0$@com>
Message-ID: <20090702152458.GS5360@mdounin.ru>

Hello!

On Thu, Jul 02, 2009 at 07:52:42AM -0500, AMP Admin wrote:

> Ohhh... i was looking for a not operator like '!'.  thanks, I'll give that a try!

It's much better to just configure normal more specific locations instead 
of using regexps, e.g.

location / {
    # maintanance checks here
}

location /maintanance.php {
    # no checks here
}

location /privacypolicy.php {
    # and no checks here
}

location /images/ {
    # and no checks here
}

location /promo/ {
    # and no checks here
}

Each request will be processed in most-specific location, and 
hence there would be no maintanance checks for privacypolicy.php, 
images and promo (and maintanance.php itself).

Maxim Dounin


> 
> -----Original Message-----
> From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of Edho P Arief
> Sent: Wednesday, July 01, 2009 10:38 PM
> To: nginx at sysoev.ru
> Subject: Re: Advanced Maintenance
> 
> On Thu, Jul 2, 2009 at 10:06 AM, AMP Admin<admin at ampprod.com> wrote:
> > I don't understand.  How do we make the "no maintenance checks"?  sorry, I'm
> > still learning.
> >
> > If we want everything but privacypolicy.php, images directory and promo
> > directory to go to maintenance how would that look?
> >
> > It seems that this puts the entire site in maintenance mode:
> > Location / {
> >        if (-f $document_root/maintenance.php) {
> >                rewrite  ^(.*)$  /maintenance.php last;
> >                break;
> >        }
> > }
> >
> > I'm not sure how to do the no maintenance part.
> >
> 
> location ~ ^/(?!privacypolicy.php|images|promo) {
>   try_files /maintenance.php $uri @fallback;
> }
> 
> -- 
> O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
> 
> 




From nginx-forum at nginx.us  Thu Jul  2 19:29:07 2009
From: nginx-forum at nginx.us (miradev)
Date: Thu, 2 Jul 2009 11:29:07 -0400
Subject: More subdomain mapping (dynamic 'root'?)
In-Reply-To: <ebca29ddbcbb0fcc8132761179f01276.NginxMailingList@forum.nginx.org>
References: <ebca29ddbcbb0fcc8132761179f01276.NginxMailingList@forum.nginx.org>
Message-ID: <d7a71d953cdae67cc40db861b9b4df4c.NginxMailingList@forum.nginx.org>

No replies as yet.

This is what I have come up with so, but I'm not sure I am passing on the correct values to fcgi.
And I would like the log file locations to be a little dynamic.


server {
  listen       localhost:80;  # your server's public IP address
  server_name  .admin.domain.com;

  access_log /var/log/nginx/wordpress/admin/generic-access.log;
  error_log /var/log/nginx/wordpress/admin/generic-error.log;

  set $client $host;
  if ($client ~ "^(*).admin.domain.com"){
    set $client $1;
  }

  location ~ ^/([^/]*)/?(.*) {
    set $domain $1;
    set $myuri $2;
    root /var/www/wordpress/$client/admin/$domain/html;
    index  index.php index.html index.htm;
    if (-f $request_filename) {
      expires 30d;
      break;
    }

    try_files $domain/$myuri $domain/$myuri/ /$domain/index.php?q=$myuri&$args;
  }
}

  location ~ \.php$ {
    fastcgi_pass   localhost:57093;  # port where FastCGI processes were spawned
    fastcgi_index  index.php;
    fastcgi_param  SCRIPT_FILENAME    /var/www/wordpress/$client/admin/$domain/html$fastcgi_script_name;  # same path as above

    fastcgi_param  QUERY_STRING       $query_string;
    fastcgi_param  REQUEST_METHOD     $request_method;
    fastcgi_param  CONTENT_TYPE       $content_type;
    fastcgi_param  CONTENT_LENGTH     $content_length;

    fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
    fastcgi_param  REQUEST_URI        $request_uri;
    fastcgi_param  DOCUMENT_URI       $document_uri;
    fastcgi_param  DOCUMENT_ROOT      $document_root;
    fastcgi_param  SERVER_PROTOCOL    $server_protocol;

    fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
    fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

    fastcgi_param  REMOTE_ADDR        $remote_addr;
    fastcgi_param  REMOTE_PORT        $remote_port;
    fastcgi_param  SERVER_ADDR        $server_addr;
    fastcgi_param  SERVER_PORT        $server_port;
    fastcgi_param  SERVER_NAME        $server_name;

    # required if PHP was built with --enable-force-cgi-redirect
    fastcgi_param  REDIRECT_STATUS    200;
  }
}


Any helpful comments or musings much appreciated.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3586,3673#msg-3673





From mike503 at gmail.com  Thu Jul  2 21:23:16 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Thu, 2 Jul 2009 10:23:16 -0700
Subject: Treat .htm files as PHP?
In-Reply-To: <4A4C867C.5090702@jmsd.co.uk>
References: <4A4BCEB2.8010203@jmsd.co.uk> <0FD4C1CE-C908-4365-A5B2-BA3A2C14327F@gmail.com> <4A4C78EE.5020804@jmsd.co.uk> <4A4C7DB4.7060603@theactivitypeople.co.uk> <4A4C867C.5090702@jmsd.co.uk>
Message-ID: <F3DBD970-7387-4CEC-B6C9-B7311A2570FE@gmail.com>

That's how I have mine setup. No need to hardcode the root in twice!

Sent from my iPhone

On Jul 2, 2009, at 3:05 AM, John Moore <grails at jmsd.co.uk> wrote:

> Phillip Oldham wrote:
>> John Moore wrote:
>>> Michael Shadle wrote:
>>>> Should be as simple as changing a php block and changing the  
>>>> extension to htm and passing it on to fastcgi like normal. I think.
>>> Hmm, I'm not sure I quite understand what you mean here. Could you  
>>> perhaps give me an example? When I did what I think you meant, I  
>>> got an error page saying 'No input file specified'.
>>>
>>> Thx.
>> Follow this: http://wiki.nginx.org/NginxFcgiExample - and just  
>> change the location block so it checks for .html instead of .php.
>>
>> More details can be found here:
>> http://wiki.nginx.org/NginxConfiguration
>> http://wiki.nginx.org/NginxHttpFcgiModule
>>
>>
>>
> Thanks. My problem was that while PHP was working generally, I  
> couldn't get it to work for the specific domain. I realized that I  
> was misinforming FastCGI about the location, with this line:
>
> fastcgi_param SCRIPT_FILENAME /var/www/nginx-default 
> $fastcgi_script_name;
>
> Changing it to this solved my problem:
>
> fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
>
> Thanks for the help.
>




From mike503 at gmail.com  Thu Jul  2 21:56:26 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Thu, 2 Jul 2009 10:56:26 -0700
Subject: Tuning workers and connections
In-Reply-To: <20090702095600.GN5360@mdounin.ru>
References: <33c66c80907011823r7c6224e8w2945765c150f1f55@mail.gmail.com>
	 <20090702095600.GN5360@mdounin.ru>
Message-ID: <bd9320b30907021056r57a9954r4b2ce57439ad834d@mail.gmail.com>

On Thu, Jul 2, 2009 at 2:56 AM, Maxim Dounin<mdounin at mdounin.ru> wrote:

> 1. Which event method used? ?Make sure you use kqueue for *BSD,
> epoll for Linux.

Is epoll enabled by default?

Does it make sense to enable this for all servers, or only those with
massive amounts of load?




From yazz.atlas at gmail.com  Thu Jul  2 22:01:40 2009
From: yazz.atlas at gmail.com (Yazz Atlas)
Date: Thu, 02 Jul 2009 11:01:40 -0700
Subject: Help with autoindex on; missing slash for directories
In-Reply-To: <20090701225352.GJ5360@mdounin.ru>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com> <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com> <20090701225352.GJ5360@mdounin.ru>
Message-ID: <4A4CF604.5030508@gmail.com>

On 7/1/09 3:53 PM, Maxim Dounin wrote:
>
> I mean *appeared* in 0.7.40, i.e. problem exists in 0.7.40 but not
> in 0.7.39.  But after some thinking it's most likely 0.7.15 when
> dirent.d_type checking was initially introduced (i.e. problem exists in
> 0.7.15 but not in 0.7.14).

Ah, gotcha. I miss understood.

>
> [...]
>
>> checking for struct dirent.d_namlen ... not found
>> checking for struct dirent.d_type ... found
>
> [...]
>
> You system has dirent.d_type, but it looks like it's something
> wrong with it.  I've tried to reproduce problem on vmware image of
> CentOS 5.3 i386 - but failed, everythings works ok.  I've even
> tried initial release version and fully updated one (with
> 2.6.18-128.1.16.el5 kernel), no problems found.
>
> It's either x64 only issue, or something wrong with headers on
> your server(s).  Unfortenately I have no x64 version on hand to
> test it there, but people report that everything is ok at least on
> other x64 distributions.
>

I tested under VMware Server Version 2.0.1 and selecting Red Hat 
Enterprise Linux (64bit) as the Guest Operating System.  Then I loaded 
CentOS release 5.3 (Final) x86_64 with Kernel 2.6.18-128.1.14.el5.

The problem still exists.

> Could you please check your headers, most notably
> /usr/include/dirent.h and /usr/include/bits/dirent.h?
>

I attached them in the file called include-dirent-x86_64.tar.gz.

  include/dirent.h
  include/bits/dirent.h

Yazz Atlas
-------------- next part --------------
A non-text attachment was scrubbed...
Name: include-dirent-x86_64.tar.gz
Type: application/x-gzip
Size: 3704 bytes
Desc: not available
URL: <http://nginx.org/pipermail/nginx/attachments/20090702/47a8d3ce/attachment.bin>

From mdounin at mdounin.ru  Thu Jul  2 22:19:29 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 2 Jul 2009 22:19:29 +0400
Subject: Tuning workers and connections
In-Reply-To: <bd9320b30907021056r57a9954r4b2ce57439ad834d@mail.gmail.com>
References: <33c66c80907011823r7c6224e8w2945765c150f1f55@mail.gmail.com> <20090702095600.GN5360@mdounin.ru> <bd9320b30907021056r57a9954r4b2ce57439ad834d@mail.gmail.com>
Message-ID: <20090702181929.GV5360@mdounin.ru>

Hello!

On Thu, Jul 02, 2009 at 10:56:26AM -0700, Michael Shadle wrote:

> On Thu, Jul 2, 2009 at 2:56 AM, Maxim Dounin<mdounin at mdounin.ru> wrote:
> 
> > 1. Which event method used? ?Make sure you use kqueue for *BSD,
> > epoll for Linux.
> 
> Is epoll enabled by default?

By default nginx uses best event method available for particular 
system.  If it finds epoll during ./configure - it uses epoll.

> Does it make sense to enable this for all servers, or only those with
> massive amounts of load?

There is no reason to use slow/limited event methods if better 
ones are available.

Maxim Dounin




From mike503 at gmail.com  Thu Jul  2 22:34:43 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Thu, 2 Jul 2009 11:34:43 -0700
Subject: Tuning workers and connections
In-Reply-To: <20090702181929.GV5360@mdounin.ru>
References: <33c66c80907011823r7c6224e8w2945765c150f1f55@mail.gmail.com>
	 <20090702095600.GN5360@mdounin.ru>
	 <bd9320b30907021056r57a9954r4b2ce57439ad834d@mail.gmail.com>
	 <20090702181929.GV5360@mdounin.ru>
Message-ID: <bd9320b30907021134i720aed8bk8441d32bfbeb27d8@mail.gmail.com>

2009/7/2 Maxim Dounin <mdounin at mdounin.ru>:
> Hello!
>
> On Thu, Jul 02, 2009 at 10:56:26AM -0700, Michael Shadle wrote:
>
>> On Thu, Jul 2, 2009 at 2:56 AM, Maxim Dounin<mdounin at mdounin.ru> wrote:
>>
>> > 1. Which event method used? ?Make sure you use kqueue for *BSD,
>> > epoll for Linux.
>>
>> Is epoll enabled by default?
>
> By default nginx uses best event method available for particular
> system. ?If it finds epoll during ./configure - it uses epoll.

That's what I thought.

>> Does it make sense to enable this for all servers, or only those with
>> massive amounts of load?
>
> There is no reason to use slow/limited event methods if better
> ones are available.

How can I tell which method I'm currently using?




From mdounin at mdounin.ru  Thu Jul  2 23:05:21 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 2 Jul 2009 23:05:21 +0400
Subject: Tuning workers and connections
In-Reply-To: <bd9320b30907021134i720aed8bk8441d32bfbeb27d8@mail.gmail.com>
References: <33c66c80907011823r7c6224e8w2945765c150f1f55@mail.gmail.com> <20090702095600.GN5360@mdounin.ru> <bd9320b30907021056r57a9954r4b2ce57439ad834d@mail.gmail.com> <20090702181929.GV5360@mdounin.ru> <bd9320b30907021134i720aed8bk8441d32bfbeb27d8@mail.gmail.com>
Message-ID: <20090702190521.GW5360@mdounin.ru>

Hello!

On Thu, Jul 02, 2009 at 11:34:43AM -0700, Michael Shadle wrote:

[...]

> >> Does it make sense to enable this for all servers, or only those with
> >> massive amounts of load?
> >
> > There is no reason to use slow/limited event methods if better
> > ones are available.
> 
> How can I tell which method I'm currently using?

At start nginx logs it at notice level, e.g.

2009/07/02 23:04:02 [notice] 83443#0: using the "kqueue" event method

Maxim Dounin




From mdounin at mdounin.ru  Thu Jul  2 23:22:52 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 2 Jul 2009 23:22:52 +0400
Subject: Help with autoindex on; missing slash for directories
In-Reply-To: <4A4CF604.5030508@gmail.com>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com> <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com> <20090701225352.GJ5360@mdounin.ru> <4A4CF604.5030508@gmail.com>
Message-ID: <20090702192251.GX5360@mdounin.ru>

Hello!

On Thu, Jul 02, 2009 at 11:01:40AM -0700, Yazz Atlas wrote:

> On 7/1/09 3:53 PM, Maxim Dounin wrote:
>>
>> I mean *appeared* in 0.7.40, i.e. problem exists in 0.7.40 but not
>> in 0.7.39.  But after some thinking it's most likely 0.7.15 when
>> dirent.d_type checking was initially introduced (i.e. problem exists in
>> 0.7.15 but not in 0.7.14).
>
> Ah, gotcha. I miss understood.
>
>>
>> [...]
>>
>>> checking for struct dirent.d_namlen ... not found
>>> checking for struct dirent.d_type ... found
>>
>> [...]
>>
>> You system has dirent.d_type, but it looks like it's something
>> wrong with it.  I've tried to reproduce problem on vmware image of
>> CentOS 5.3 i386 - but failed, everythings works ok.  I've even
>> tried initial release version and fully updated one (with
>> 2.6.18-128.1.16.el5 kernel), no problems found.
>>
>> It's either x64 only issue, or something wrong with headers on
>> your server(s).  Unfortenately I have no x64 version on hand to
>> test it there, but people report that everything is ok at least on
>> other x64 distributions.
>>
>
> I tested under VMware Server Version 2.0.1 and selecting Red Hat  
> Enterprise Linux (64bit) as the Guest Operating System.  Then I loaded  
> CentOS release 5.3 (Final) x86_64 with Kernel 2.6.18-128.1.14.el5.
>
> The problem still exists.
>
>> Could you please check your headers, most notably
>> /usr/include/dirent.h and /usr/include/bits/dirent.h?
>>
>
> I attached them in the file called include-dirent-x86_64.tar.gz.
>
>  include/dirent.h
>  include/bits/dirent.h

Looks good, I see nothing unusual there.

Could you please compile nginx with the attached simple patch and 
obtain debug log for autoindex request?

Maxim Dounin
-------------- next part --------------
diff -r 1191e3250e60 src/http/modules/ngx_http_autoindex_module.c
--- a/src/http/modules/ngx_http_autoindex_module.c	Mon Jun 22 00:00:00 2009 +0400
+++ b/src/http/modules/ngx_http_autoindex_module.c	Thu Jul 02 19:22:42 2009 +0000
@@ -278,7 +278,7 @@
         }
 
         ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
-                       "http autoindex file: \"%s\"", ngx_de_name(&dir));
+                       "http autoindex file: \"%s\", type %d", ngx_de_name(&dir), dir.type);
 
         len = ngx_de_namelen(&dir);
 

From nunomagalhaes at eu.ipp.pt  Fri Jul  3 01:08:37 2009
From: nunomagalhaes at eu.ipp.pt (=?UTF-8?Q?Nuno_Magalh=C3=A3es?=)
Date: Thu, 2 Jul 2009 22:08:37 +0100
Subject: server_name ip_adress?
Message-ID: <6b1504c40907021408u166d9ca0h15b4ad8de3fe3f30@mail.gmail.com>

Hi,

This is a very basic question i haven't found an answer to. I have a
few virtual hosts, all under /path/to/nginxhtdocs/vhost1, vhost2, etc.
I want to set a catch-all so that if no server matches the request or
is someone uses the IP (namely me) they get the default server.

After a bunch of variations i'm using server_name  _ ""; with a server
root of /path/to/nginxhtdocs but if i use the IP address to access it,
i get one of my vhosts. I assume it does this because it fails to
assume 'default' as a valid catch-all and the vhost it uses is the
first, alphabetically.

All i really want is to have other subfolders i want to access every
now and then, without a domain, so, just 192.0.2.33/somesubfolder for
testing purposes.

Is this achievable or do i always need a domain?

TIA,
Nuno Magalh?es

-- 
()  ascii ribbon campaign - against html e-mail
/\  ascii-rubanda kampajno - kontra? html-a retpo?to




From nunomagalhaes at eu.ipp.pt  Fri Jul  3 01:40:59 2009
From: nunomagalhaes at eu.ipp.pt (=?UTF-8?Q?Nuno_Magalh=C3=A3es?=)
Date: Thu, 2 Jul 2009 22:40:59 +0100
Subject: server_name ip_adress?
In-Reply-To: <6b1504c40907021408u166d9ca0h15b4ad8de3fe3f30@mail.gmail.com>
References: <6b1504c40907021408u166d9ca0h15b4ad8de3fe3f30@mail.gmail.com>
Message-ID: <6b1504c40907021440h282eeeacweccc1e9c9977e52f@mail.gmail.com>

Got it.

server {
        listen   80 default;
        server_name  _ "";

"default" was lacking. I was considering naming my default to
aaaadefault but knew there had to be an elegant way.

Sorry for the noise.

-- 
()  ascii ribbon campaign - against html e-mail
/\  ascii-rubanda kampajno - kontra? html-a retpo?to




From zhuzhaoyuan at gmail.com  Fri Jul  3 07:55:22 2009
From: zhuzhaoyuan at gmail.com (Joshua Zhu)
Date: Fri, 3 Jul 2009 11:55:22 +0800
Subject: Help with autoindex on; missing slash for directories
In-Reply-To: <20090702192251.GX5360@mdounin.ru>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com>
	 <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com>
	 <20090701225352.GJ5360@mdounin.ru> <4A4CF604.5030508@gmail.com>
	 <20090702192251.GX5360@mdounin.ru>
Message-ID: <5bf4451d0907022055y33964155m9d49df06b2a3e9ed@mail.gmail.com>

Hi Maxim!

> Could you please compile nginx with the attached simple patch and
> obtain debug log for autoindex request?
>

IMHO, the ngx_log_debug1 in your patch should be changed to ngx_log_debug2 :)

Cheers!

Joshua




From catap+nginx at catap.ru  Fri Jul  3 10:59:53 2009
From: catap+nginx at catap.ru (Kirill A. Korinskiy)
Date: Fri, 03 Jul 2009 10:59:53 +0400
Subject: server_name ip_adress?
In-Reply-To: <6b1504c40907021440h282eeeacweccc1e9c9977e52f@mail.gmail.com>
References: <6b1504c40907021408u166d9ca0h15b4ad8de3fe3f30@mail.gmail.com>
	<6b1504c40907021440h282eeeacweccc1e9c9977e52f@mail.gmail.com>
Message-ID: <87ab3mtfo6.wl%catap@catap.ru>

At Thu, 2 Jul 2009 22:40:59 +0100,
Nuno Magalh?es <nunomagalhaes at eu.ipp.pt> wrote:

> server {
>         listen   80 default;
>         server_name  _ "";
> 
> "default" was lacking. I was considering naming my default to
> aaaadefault but knew there had to be an elegant way.
> 

or remove server_name derective (:

-- 
wbr, Kirill




From nginx-forum at nginx.us  Fri Jul  3 11:03:54 2009
From: nginx-forum at nginx.us (afen)
Date: Fri, 3 Jul 2009 03:03:54 -0400
Subject: how much Active connections on nginx for windows?
In-Reply-To: <b1510d4440099702ab399015d5f50043.NginxMailingList@forum.nginx.org>
References: <b1510d4440099702ab399015d5f50043.NginxMailingList@forum.nginx.org>
Message-ID: <f75c382e408a0231661ba8a25c9a4d70.NginxMailingList@forum.nginx.org>

what's wrong my config

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3233,3706#msg-3706





From mdounin at mdounin.ru  Fri Jul  3 12:49:35 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 3 Jul 2009 12:49:35 +0400
Subject: Help with autoindex on; missing slash for directories
In-Reply-To: <5bf4451d0907022055y33964155m9d49df06b2a3e9ed@mail.gmail.com>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com> <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com> <20090701225352.GJ5360@mdounin.ru> <4A4CF604.5030508@gmail.com> <20090702192251.GX5360@mdounin.ru> <5bf4451d0907022055y33964155m9d49df06b2a3e9ed@mail.gmail.com>
Message-ID: <20090703084935.GY5360@mdounin.ru>

Hello!

On Fri, Jul 03, 2009 at 11:55:22AM +0800, Joshua Zhu wrote:

> Hi Maxim!
> 
> > Could you please compile nginx with the attached simple patch and
> > obtain debug log for autoindex request?
> >
> 
> IMHO, the ngx_log_debug1 in your patch should be changed to ngx_log_debug2 :)

Yes, you are right, I missed it.  But it doesn't matter as long as nginx 
compiled --with-debug.  And this in turn is required since I need 
this patch just for more verbose debug log on particular system. :)

Maxim Dounin




From slogster at gmail.com  Fri Jul  3 12:58:08 2009
From: slogster at gmail.com (Momchil Ivanov)
Date: Fri, 3 Jul 2009 10:58:08 +0200
Subject: Tuning workers and connections
In-Reply-To: <33c66c80907011823r7c6224e8w2945765c150f1f55@mail.gmail.com>
References: <33c66c80907011823r7c6224e8w2945765c150f1f55@mail.gmail.com>
Message-ID: <200907031058.16034.slogster@gmail.com>

?? Thursday 02 July 2009 03:23:06 Avleen Vig ??????:
> Hi folks, I have some questions about tuning nginx for best
> performance, on a site which handle ~1000 requests per second.
>
> In our config, we have:
>
>     worker_processes  16;
>     worker_rlimit_nofile 32768;
>     events {
>         worker_connections  8192;
>     }
>
> This is on a server with 8 CPU cores and 8Gb RAM.
> My understanding is that this should allow nginx to establish up to
> 32k network connections, because that is the limit of
> worker_rlimit_nofile. We serve very few files off the disk, maybe a
> dozen CSS and JS files. Everything else is handed to backends using
> proxy_pass.
> So with one fd for the browser, and one fd to the upstream, we should
> be able to handle 16k concurrent connections.
>
> However what we're seeing, is that around 5k connections we get a
> performance hit. Connections slow down, take longer to establish, etc.
> The load on the box is almost zero, nginx is clearly working very fast
> and efficiently, but I'm not sure why it slows down.
> Any thoughts?
>
>
> Also, I'm thinking about enabling the multi_accept option, but I
> couldn't find much documentation on how this works.
> It sounds like a high-performance tweak which we should be using if we
> get this many requests per second.
> Could it be that not using multi_accept is the problem?
> Nginx otherwise has to handle the incoming connection requests in
> serial and this is a bottleneck?

The first thing to do would be playing with sysctls, especially increasing 
backlog and somaxconn, decreasing tcp_fin_timeout. If this doesn't help a lot 
you may consider using keepalive connections (only if you are hitting some 
issue with handling lots of accepts).

If you move to keepalive connections, you should make sure that you befefit at 
all, therefore monitor requests/handled accepts.

Momchil

-- 
PGP KeyID: 0x3118168B
Keyserver: pgp.mit.edu
Key fingerprint BB50 2983 0714 36DC D02E ?158A E03D 56DA 3118 168B
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://nginx.org/pipermail/nginx/attachments/20090703/0c2f5ac6/attachment.pgp>

From frank at openminds.be  Fri Jul  3 13:36:24 2009
From: frank at openminds.be (Frank Louwers)
Date: Fri, 3 Jul 2009 11:36:24 +0200
Subject: More subdomain mapping (dynamic 'root'?)
In-Reply-To: <ebca29ddbcbb0fcc8132761179f01276.NginxMailingList@forum.nginx.org>
References: <ebca29ddbcbb0fcc8132761179f01276.NginxMailingList@forum.nginx.org>
Message-ID: <4E19A7D2-7EFE-4D9E-BC2A-322FEA0EDEB7@openminds.be>


On 01 Jul 2009, at 12:23, miradev wrote:

> I want to be able to map submains and urls to determined locations  
> on disk, if they exist.
>
> The URL structure is something like: http://.admin.domain.com/
>
> Where  would letters, numbers and underscores , and  is a domain  
> name (e.g.  http://cnn.admin.domain.com/www.cnnminiblog.com)
>

This is what we do for a customer: this allows them to create new  
domains/projects just by making a new directory. With passenger and  
php-fpm and this setup, he doesn't need to restart/reload *anything*  
to start a new website.

server {
         listen       80;
         server_name  _;
         server_name_in_redirect off;
         passenger_enabled on;
         passenger_use_global_queue on;
         root   /home/customer/sites/$host/public;

         if (!-d $document_root) {
                 #site not (yet) configureerd. Serve default
                 rewrite (.*) http://default.customer.tld/;
         }

         location / {
           passenger_enabled on;
                 index index.html index.htm index.php;
         }
         location ~ .php$ {
                 fastcgi_pass 127.0.0.1:9000;
                 fastcgi_index index.php;
                 include fastcgi_params;
         }
}

Regards,

Frank
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090703/752bbd78/attachment.html>

From nginx-forum at nginx.us  Fri Jul  3 14:42:14 2009
From: nginx-forum at nginx.us (miradev)
Date: Fri, 3 Jul 2009 06:42:14 -0400
Subject: More subdomain mapping (dynamic 'root'?)
In-Reply-To: <4E19A7D2-7EFE-4D9E-BC2A-322FEA0EDEB7@forum.nginx.org>
References: <ebca29ddbcbb0fcc8132761179f01276.NginxMailingList@forum.nginx.org> <4E19A7D2-7EFE-4D9E-BC2A-322FEA0EDEB7@forum.nginx.org>
Message-ID: <e65ed881336c0cab391c40f510c6ccd4.NginxMailingList@forum.nginx.org>

Frank Louwers Wrote:
-------------------------------------------------------
> 
> This is what we do for a customer: this allows
> them to create new  
> domains/projects just by making a new directory.
> With passenger and  
> php-fpm and this setup, he doesn't need to
> restart/reload *anything*  
> to start a new website.
>
> 
> server {
>          listen       80;
>          server_name  _;
>          server_name_in_redirect off;
>          passenger_enabled on;
>          passenger_use_global_queue on;
>          root  
> /home/customer/sites/$host/public;
> 
>          if (!-d $document_root) {
>                  #site not (yet) configureerd.
> Serve default
>                  rewrite (.*)
> http://default.customer.tld/;
>          }
> 
>          location / {
>            passenger_enabled on;
>                  index index.html index.htm
> index.php;
>          }
>          location ~ .php$ {
>                  fastcgi_pass 127.0.0.1:9000;
>                  fastcgi_index index.php;
>                  include fastcgi_params;
>          }
> }
> 

You are building one config file per client - you have '/home/customer/sites/' hard coded? I'm confused, sorry.

With my example (http://cnn.admin.domain.com/www.cnnminiblog.com) I would end up in
/home/customer/sites/cnn.admin.domain.com/public/www.cnnminiblog.com

I'd like the public folder inside the domain, so like this:
/home/cnn/sites/www.cnnminiblog.com/public

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3586,3720#msg-3720





From frank at openminds.be  Fri Jul  3 16:56:42 2009
From: frank at openminds.be (Frank Louwers)
Date: Fri, 3 Jul 2009 14:56:42 +0200
Subject: More subdomain mapping (dynamic 'root'?)
In-Reply-To: <e65ed881336c0cab391c40f510c6ccd4.NginxMailingList@forum.nginx.org>
References: <ebca29ddbcbb0fcc8132761179f01276.NginxMailingList@forum.nginx.org> <4E19A7D2-7EFE-4D9E-BC2A-322FEA0EDEB7@forum.nginx.org> <e65ed881336c0cab391c40f510c6ccd4.NginxMailingList@forum.nginx.org>
Message-ID: <E8976C55-E0F1-460C-851D-39154EBF7E25@openminds.be>


On 03 Jul 2009, at 12:42, miradev wrote:
>>
>
> You are building one config file per client - you have '/home/ 
> customer/sites/' hard coded? I'm confused, sorry.

Yes, it's a dedicated server for a customer.

>
> With my example (http://cnn.admin.domain.com/www.cnnminiblog.com) I  
> would end up in
> /home/customer/sites/cnn.admin.domain.com/public/www.cnnminiblog.com
>
> I'd like the public folder inside the domain, so like this:
> /home/cnn/sites/www.cnnminiblog.com/public

Can you give an example of two urls and the docroot you'd want them to  
use?

Frank
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090703/353521fe/attachment.html>

From nginx-forum at nginx.us  Fri Jul  3 17:28:11 2009
From: nginx-forum at nginx.us (miradev)
Date: Fri, 3 Jul 2009 09:28:11 -0400
Subject: Variables in access_log
Message-ID: <911f7c981591b165a63cb62d3117b09a.NginxMailingList@forum.nginx.org>

>From http://wiki.nginx.org/NginxHttpLogModule

The log file path can contain variables (version >=0.7.4) ..


 nginx -v
nginx version: nginx/0.7.59

Config snippet:

  set $client $host;
  if ($client ~ "^(*).admin.mysite.com"){
    set $client $1;
  }
  root /var/www/wordpress/$client/admin;

  location / {
  ...
    access_log /var/log/nginx/wordpress/admin/$client/generic-access.log;
    error_log /var/log/nginx/wordpress/admin/$client/generic-error.log;
  }


Fails on test:

nginx -t
the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
: open() "/var/log/nginx/wordpress/admin/$client/generic-error.log" failed (2: No such file or directory)
configuration file /usr/local/nginx/conf/nginx.conf test failed


Have I misunderstood?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3722,3722#msg-3722





From eugen at leitl.org  Fri Jul  3 17:42:38 2009
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 3 Jul 2009 15:42:38 +0200
Subject: can someone post their working nginx+moinmoin config?
Message-ID: <20090703134238.GA31310@leitl.org>


Can someone post their working nginx+moinmoin config?
Thanks/???????.

-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From nginx-forum at nginx.us  Fri Jul  3 18:19:47 2009
From: nginx-forum at nginx.us (miradev)
Date: Fri, 3 Jul 2009 10:19:47 -0400
Subject: More subdomain mapping (dynamic 'root'?)
In-Reply-To: <E8976C55-E0F1-460C-851D-39154EBF7E25@forum.nginx.org>
References: <ebca29ddbcbb0fcc8132761179f01276.NginxMailingList@forum.nginx.org> <4E19A7D2-7EFE-4D9E-BC2A-322FEA0EDEB7@forum.nginx.org> <e65ed881336c0cab391c40f510c6ccd4.NginxMailingList@forum.nginx.org> <E8976C55-E0F1-460C-851D-39154EBF7E25@forum.nginx.org>
Message-ID: <9756bf68172578da057860103afc76a5.NginxMailingList@forum.nginx.org>

Frank Louwers Wrote:
-------------------------------------------------------
> Can you give an example of two urls and the
> docroot you'd want them to  
> use?

These are test/dev sites where clients view sample themes, copy and plugins. What they want is to be able to do is see them in action without affecting their 'live' site.. So these are all hosted on a single 'dev' domain.

Admin domain: wpdev.mysite.com

Client: ExoGarage
Domain1: www.exogarage.com
Dmoain2: www.fixurcar.com

URL1: exogarage.wpdev.mysite.com/www.exogarage.com
Docroot: /var/www/wordpress/clients/exogarage/admin/www.exogarage.com/html

URL2: exogarage.wpdev.mysite.com/www.fixurcar.com
Docroot: /var/www/wordpress/clients/exogarage/admin/www.fixurcar.com/html

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3586,3725#msg-3725





From cherife at dotimes.com  Fri Jul  3 18:20:21 2009
From: cherife at dotimes.com (Cherife Li)
Date: Fri, 3 Jul 2009 22:20:21 +0800
Subject: can someone post their working nginx+moinmoin config?
In-Reply-To: <20090703134238.GA31310@leitl.org>
References: <20090703134238.GA31310@leitl.org>
Message-ID: <20090703142021.GA3505@dotimes.com>

On Fri, 03 Jul 2009 at 15:42:38 +0200, Eugen Leitl wrote:

> 
> Can someone post their working nginx+moinmoin config?
> Thanks/???????.

I'm running Moin standalone mode, and using proxy_redirect within nginx.
Here is the block of the config:
[..snip..]
# For MoinMoin:
rewrite ^/moin_static[0-9]+/(.*)$       /moin/$1        last;

location /wiki/ {
    proxy_redirect          http://localhost:8080   /;
    proxy_pass              http://localhost:8080;
    proxy_set_header        X-Real-IP       $remote_addr;
    proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header        Host            $http_host;
    proxy_set_header        X-Moin-Location /wiki/;
}
[..snip..]

Cliff Wells has the experience using Twisted server. It's said to be
better. Although I haven't tried it out. :-)
-- 
Rgds,
Cherife.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://nginx.org/pipermail/nginx/attachments/20090703/e9d92c96/attachment.pgp>

From brentb at beanfield.com  Fri Jul  3 18:43:36 2009
From: brentb at beanfield.com (Brent Bloxam)
Date: Fri, 03 Jul 2009 10:43:36 -0400
Subject: Variables in access_log
In-Reply-To: <911f7c981591b165a63cb62d3117b09a.NginxMailingList@forum.nginx.org>
References: <911f7c981591b165a63cb62d3117b09a.NginxMailingList@forum.nginx.org>
Message-ID: <4A4E1918.9050909@beanfield.com>

miradev wrote:
> Fails on test:
> 
> nginx -t
> the configuration file /usr/local/nginx/conf/nginx.conf syntax is ok
> : open() "/var/log/nginx/wordpress/admin/$client/generic-error.log" failed (2: No such file or directory)
> configuration file /usr/local/nginx/conf/nginx.conf test failed
> 
> 
> Have I misunderstood?
> 
>

Yes, you assumed error_log was the same as access_log. They are not. 
access_log is part of the Log module while error_log is part of the main 
module. error_log (at least in 0.7.59) does not support variables in the 
path.




From nginx-forum at nginx.us  Fri Jul  3 19:00:39 2009
From: nginx-forum at nginx.us (tmiskiew)
Date: Fri, 3 Jul 2009 11:00:39 -0400
Subject: How to set Retry-After for 503?
Message-ID: <418c2d7dfb3f50f6248f078e1a3c2620.NginxMailingList@forum.nginx.org>

Hi everyone,

we're using nginx/0.5.35

I want to set the Retry-After header for 503, but it isn't working.

This is how I tried:

error_page 500 502 504 /500.html;
error_page 503 /system/maintenance.html;
location /system/maintenance.html {
# Allow requests
}

location / {
if (-f $document_root/system/maintenance.html) {
add_header Retry-After 600;
return 503;
}

...
}

I've checked with curl -I -H and it's not showing Retry-After.

Any ideas?

Thanks,
Thomas

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3727,3727#msg-3727





From eugen at leitl.org  Fri Jul  3 19:26:04 2009
From: eugen at leitl.org (Eugen Leitl)
Date: Fri, 3 Jul 2009 17:26:04 +0200
Subject: can someone post their working nginx+moinmoin config?
In-Reply-To: <20090703142021.GA3505@dotimes.com>
References: <20090703134238.GA31310@leitl.org> <20090703142021.GA3505@dotimes.com>
Message-ID: <20090703152604.GC31310@leitl.org>

On Fri, Jul 03, 2009 at 10:20:21PM +0800, Cherife Li wrote:

> Cliff Wells has the experience using Twisted server. It's said to be
> better. Although I haven't tried it out. :-)

Thank you. Have you considered using fcgi for MoinMoin, and if yes, 
did you reject it for a reason?

-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE




From gmm at csdoc.com  Fri Jul  3 20:13:59 2009
From: gmm at csdoc.com (Gena Makhomed)
Date: Fri, 3 Jul 2009 19:13:59 +0300
Subject: How to set Retry-After for 503?
In-Reply-To: <418c2d7dfb3f50f6248f078e1a3c2620.NginxMailingList@forum.nginx.org>
References: <418c2d7dfb3f50f6248f078e1a3c2620.NginxMailingList@forum.nginx.org>
Message-ID: <1483953504.20090703191359@csdoc.com>

On Friday, July 3, 2009 at 18:00:39, tmiskiew wrote:

t> we're using nginx/0.5.35

t> I want to set the Retry-After header for 503, but it isn't working.

t> This is how I tried:

t> location / {
t> if (-f $document_root/system/maintenance.html) {
t> add_header Retry-After 600;
t> return 503;
t> }

t> I've checked with curl -I -H and it's not showing Retry-After.

t> Any ideas?

add_header works only for 200, 204, 301, 302 or 304 status codes.

documentation: http://sysoev.ru/nginx/docs/http/ngx_http_headers_module.html

-- 
Best regards,
 Gena





From pedro.matamouros at sapo.pt  Fri Jul  3 20:45:16 2009
From: pedro.matamouros at sapo.pt (Pedro Mata-Mouros Fonseca)
Date: Fri, 3 Jul 2009 17:45:16 +0100
Subject: External health checking - OPTIONS returns 405
Message-ID: <10F8B021-CD78-450B-860F-0B0B8612E994@sapo.pt>

Greetings,

The following is an HAProxy option httpchk check request. It's purpose  
is to check a server's health by means of issuing a very lightweight  
request to it. It does this, by default, using OPTIONS (it's possible  
to configure it to perform any type of request, but OPTIONS is  
aparently the most lightweight).

Nginx unfortunately returns a 405 to this. It's not really a big deal,  
but is there anyway to "force" Nginx to return a 200 with an empty  
payload or as small as possible? Would you still consider this a  
lightweight check to perform every 2 or so seconds, on a few hundred  
reqs/sec website?

127.0.0.1 - - [03/Jul/2009:17:34:21 +0100] "OPTIONS / HTTP/1.0" 405  
166 "-" "-"

Thanks for your time.

Pedro.




From mike503 at gmail.com  Fri Jul  3 21:54:53 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Fri, 3 Jul 2009 10:54:53 -0700
Subject: nginx Kerberos/SPNEGO/etc. module
Message-ID: <bd9320b30907031054x21c527a7s4299afbc146ffd05@mail.gmail.com>

All:

If you're interested in this module, I am politely asking for some
contributions towards it. I am going to probably ask one of the MIT
Kerberos guys to do a quick scan over the code and tweak any Kerberos
based stuff that could be optimized (he doesn't come cheap) and then
possibly contract an nginx-capable developer to mature it from that
side too.

I've already put some funds in and I am willing to put a little bit
more, but if this is something you want, please contact me, it would
be great to have some of the best eyeballs looking at the code and
mature it sooner rather than later.

I also plan on releasing it and maybe sticking it on github or
something, so that anyone can contribute and such, but before that I'd
like to get it stable as it can be. :)

Thanks,
mike




From nginx-forum at nginx.us  Fri Jul  3 22:01:18 2009
From: nginx-forum at nginx.us (tmiskiew)
Date: Fri, 3 Jul 2009 14:01:18 -0400
Subject: How to set Retry-After for 503?
In-Reply-To: <1483953504@forum.nginx.org>
References: <418c2d7dfb3f50f6248f078e1a3c2620.NginxMailingList@forum.nginx.org> <1483953504@forum.nginx.org>
Message-ID: <9549f93de576c7b47c60306e52947cf5.NginxMailingList@forum.nginx.org>

OK, I see. Can you please explain how to set Retry-After for the status code 503?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3727,3734#msg-3734





From gmm at csdoc.com  Fri Jul  3 23:49:41 2009
From: gmm at csdoc.com (Gena Makhomed)
Date: Fri, 3 Jul 2009 22:49:41 +0300
Subject: How to set Retry-After for 503?
In-Reply-To: <9549f93de576c7b47c60306e52947cf5.NginxMailingList@forum.nginx.org>
References: <418c2d7dfb3f50f6248f078e1a3c2620.NginxMailingList@forum.nginx.org> <1483953504@forum.nginx.org> <9549f93de576c7b47c60306e52947cf5.NginxMailingList@forum.nginx.org>
Message-ID: <708240094.20090703224941@csdoc.com>

On Friday, July 3, 2009 at 21:01:18, tmiskiew wrote:

t> Can you please explain how to set Retry-After for the status code 503?

workaround via apache/mod_php:

> cat 503.php
<?php

header( 'HTTP/1.0 503 Service Temporarily Unavailable' );
header( 'Retry-After: 600' );
header( 'Content-Type: text/html' );

print(
        "<html>"."\x0d\x0a".
        "<head><title>503 Service Temporarily Unavailable</title></head>"."\x0d\x0a".
        "<body bgcolor=\"white\">"."\x0d\x0a".
        "<center><h1>503 Service Temporarily Unavailable</h1></center>"."\x0d\x0a".
        "<hr><center>nginx</center>"."\x0d\x0a".
        "</body>"."\x0d\x0a".
        "</html>"."\x0d\x0a"
    );

> cat headers
HTTP/1.1 503 Service Temporarily Unavailable
Server: nginx
Date: Fri, 03 Jul 2009 19:48:11 GMT
Content-Type: text/html; charset=UTF-8
Connection: keep-alive
Retry-After: 600
Content-Length: 206

-- 
Best regards,
 Gena





From gmm at csdoc.com  Fri Jul  3 23:46:09 2009
From: gmm at csdoc.com (Gena Makhomed)
Date: Fri, 3 Jul 2009 22:46:09 +0300
Subject: How to set Retry-After for 503?
In-Reply-To: <9549f93de576c7b47c60306e52947cf5.NginxMailingList@forum.nginx.org>
References: <418c2d7dfb3f50f6248f078e1a3c2620.NginxMailingList@forum.nginx.org> <1483953504@forum.nginx.org> <9549f93de576c7b47c60306e52947cf5.NginxMailingList@forum.nginx.org>
Message-ID: <1498095573.20090703224609@csdoc.com>

On Friday, July 3, 2009 at 21:01:18, tmiskiew wrote:

t> Can you please explain how to set Retry-After for the status code 503?

workaround via ngx_http_perl_module:

> cat /etc/nginx/perl/erorr503.pm
package error503;
use warnings;
use strict;
use nginx;

sub handler {
    my $r = shift;
    $r->status( 503 );
    $r->header_out( 'Retry-After', 600 );
    $r->send_http_header( 'text/html' );
    $r->print(
        "<html>"."\x0d\x0a".
        "<head><title>503 Service Temporarily Unavailable</title></head>"."\x0d\x0a".
        "<body bgcolor=\"white\">"."\x0d\x0a".
        "<center><h1>503 Service Temporarily Unavailable</h1></center>"."\x0d\x0a".
        "<hr><center>nginx</center>"."\x0d\x0a".
        "</body>"."\x0d\x0a".
        "</html>"."\x0d\x0a"
    );
}

1;

> cat /etc/nginx/conf/nginx.conf
# ...
http {
    server_tokens off;
    perl_modules  /etc/nginx/perl;
    perl_require  erorr503.pm;

    server {
        server_name error503;
        error_page 503 = @error503;
        location @error503 { perl error503::handler; }
        location /error503 { return 503; }
    }
# ...

> curl http://error503/error503 -D headers
<html>
<head><title>503 Service Temporarily Unavailable</title></head>
<body bgcolor="white">
<center><h1>503 Service Temporarily Unavailable</h1></center>
<hr><center>nginx</center>
</body>
</html>

> cat headers
HTTP/1.1 503 Service Temporarily Unavailable
Server: nginx
Date: Fri, 03 Jul 2009 19:30:47 GMT
Content-Type: text/html; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Retry-After: 600

-- 
Best regards,
 Gena





From theglobeisnowdigital at gmail.com  Sat Jul  4 01:22:01 2009
From: theglobeisnowdigital at gmail.com (Magdalena Glinkowski)
Date: Fri, 3 Jul 2009 14:22:01 -0700
Subject: control flow of configuration and bootup : where do the $variables 
	come from (fastcgi to nginx)
Message-ID: <432c29390907031422v6eaa885ahc1ea858b3269aca7@mail.gmail.com>

preface: I'm new to web servers and scripting.

what is the control flow of the fastcgi to nginx boot sequence?
both the fast_cgi configuration file and the nginx configuration file have
$variable assignments, what is the original instantiater of these variables?




context for question:

i notice there is an "emerg" component that is unhappy with my configuration
file, and the source code suggests it's with one of my variables with the
ngx_http_variables code,
the exact message was "unknown "query" variable" now I have resolved it
(interestingly enough I have no "query" variable (maybe its the default no
time for inspection now),
however the first fast_cgi param was "$query-string" (also new to this
"fastcgi")), with this context, this leads me to my open question....

both the fast_cgi configuration file and the nginx configuration file have
$variable assignments, what is the original instantiater of these variables?

Magdalena
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090703/9b62fc2f/attachment.html>

From merlincorey at dc949.org  Sat Jul  4 13:21:40 2009
From: merlincorey at dc949.org (merlin corey)
Date: Sat, 4 Jul 2009 02:21:40 -0700
Subject: Wordpress MU Config
In-Reply-To: <9f73ef880906292228p31778b88h637bafd50d3213cb@mail.gmail.com>
References: <715653D554AB4FB688B344E6F2E6571A@shridesk>
	 <4A442E6C.9010104@gmail.com>
	 <e0af94b80906260516g111fab79i667a5d95e4cc176@mail.gmail.com>
	 <e0af94b80906260517o43749674xf9e76d3ce664f69a@mail.gmail.com>
	 <9f73ef880906292228p31778b88h637bafd50d3213cb@mail.gmail.com>
Message-ID: <e0af94b80907040221w5c70cef3y2373ab17e51d6d8c@mail.gmail.com>

On Mon, Jun 29, 2009 at 10:28 PM, Hone Watson<hone at codingstore.com> wrote:
> Merlin, how does that config account for visitors with logged in
> wordpress user cookies?
>
> With Supercache these users should not be directed to the supercached files:
>

Ah thanks, I knew there would be something.  I have not tested this
yet (far too late) but something like the following should be what we
want (will verify later, again line breaks are my client):

location / {
  if ($http_cookie ~* ?comment_author_|wordpress|wp-postpass_? ) {
    try_files $uri $uri/ /index.php?q=$uri;
    break; // Not sure if needed here
  }
  try_files $uri $uri/
/wp-content/cache/supercache/$http_host/$uriindex.html
/index.php?q=$uri;
}

I'll also try to find a better way to do this but I think at his time
you will definitely need an if somewhere to check cookie value, though
I would like to move it out of main location if possible.

>
> On Fri, Jun 26, 2009 at 10:17 PM, merlin corey<merlincorey at dc949.org> wrote:
>> Also the line breaks are from my mail client truncating... ?I have it
>> all one line, but I don't think it matters for nginx.
>>
>> On Fri, Jun 26, 2009 at 5:16 AM, merlin corey<merlincorey at dc949.org> wrote:
>>> I recently setup wordpress with supercache like so:
>>>
>>> location / {
>>> ?try_files $uri
>>> /wp-content/cache/supercache/$http_host/$uriindex.html $uri/
>>> /index.php?q=$uri;
>>> }
>>>
>>> I believe this is an Igor-cringing-from-too-many-ifs-less
>>> configuration, but I do not guarantee the lack of any cringes
>>> whatsoever :P.
>>>
>>> On Thu, Jun 25, 2009 at 7:11 PM, Jim Ohlstein<jim.ohlstein at gmail.com> wrote:
>>>>
>>>>
>>>> Shri @ DevLib.Org wrote:
>>>>>
>>>>> Hi there,
>>>>> ?Does anyone have an optimized config for Wordpress MU with subdomain
>>>>> support?
>>>>
>>>> I use the config at
>>>> http://lumanau.web.id/2008/11/27/nginx-rewrite-rules-for-wordpressmu-with-wp-super-cache-plugin-enabled.html
>>>> for MU with supercache. It seems to work. I may switch to Varnish or nginx
>>>> fastcgi cache and then the rewrites are pretty trivial. If I recall
>>>> correctly the rewrites are the same for subdomain or subdirectory
>>>> configuration. It's a matter of a config setting in MU and a wildcard DNS
>>>> entry.
>>>>
>>>> Note these are not "optimized" in that they contain lots of "if" statements
>>>> and Igor would probably cringe...
>>>>>
>>>>> ?There are a lot of conflicting configs on the wordpress forums and I
>>>>> could not find one on the Nginx Wiki - hence the request.
>>>>> ?Thanks in advance!
>>>>> ?Regards,
>>>>> Shri
>>>>>
>>>>
>>>> Jim
>>>>
>>>>
>>>>
>>>
>>
>>
>
>




From slogster at gmail.com  Sat Jul  4 16:46:54 2009
From: slogster at gmail.com (Momchil Ivanov)
Date: Sat, 4 Jul 2009 14:46:54 +0200
Subject: can someone post their working nginx+moinmoin config?
In-Reply-To: <20090703152604.GC31310@leitl.org>
References: <20090703134238.GA31310@leitl.org> <20090703142021.GA3505@dotimes.com> <20090703152604.GC31310@leitl.org>
Message-ID: <200907041446.58994.slogster@gmail.com>

?? Friday 03 July 2009 17:26:04 Eugen Leitl ??????:
> On Fri, Jul 03, 2009 at 10:20:21PM +0800, Cherife Li wrote:
> > Cliff Wells has the experience using Twisted server. It's said to be
> > better. Although I haven't tried it out. :-)
>
> Thank you. Have you considered using fcgi for MoinMoin, and if yes,
> did you reject it for a reason?

I am using MoinMoin with mod_wsgi, here is my config:

        location /foo {
            wsgi_pass /www/foo/moin.wsgi;
            wsgi_pass_authorization off;
            wsgi_script_reloading on;
            wsgi_use_main_interpreter on;
        }

-- 
PGP KeyID: 0x3118168B
Keyserver: pgp.mit.edu
Key fingerprint BB50 2983 0714 36DC D02E ?158A E03D 56DA 3118 168B
  
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part.
URL: <http://nginx.org/pipermail/nginx/attachments/20090704/3dc1b9c7/attachment.pgp>

From merlincorey at dc949.org  Sat Jul  4 23:47:05 2009
From: merlincorey at dc949.org (merlin corey)
Date: Sat, 4 Jul 2009 12:47:05 -0700
Subject: External health checking - OPTIONS returns 405
In-Reply-To: <10F8B021-CD78-450B-860F-0B0B8612E994@sapo.pt>
References: <10F8B021-CD78-450B-860F-0B0B8612E994@sapo.pt>
Message-ID: <e0af94b80907041247n534dd414g7abe28db4ba90d4e@mail.gmail.com>

Hello,

You can change HAProxy's health check request method to HEAD.  This
would be the easiest/best solution and still highly lightweight, in my
opinion.

If for some reason you cannot do that, I created an extremely simple
module for nginx which just always replies with a "normal" OPTIONS
reply.  You can download this module from
http://www.rumandcoke.org/nginx/noptions.tar.gz ; extract it (I put it
in src/http/modules) and append --add-module=src/http/modules/noptions
(or your path to the module) then rebuild NginX.  This has not been
tested or used since 0.6.3? and may require some small changes for
0.7/0.8 (but it might not).

Thanks,
Merlin

On Fri, Jul 3, 2009 at 9:45 AM, Pedro Mata-Mouros
Fonseca<pedro.matamouros at sapo.pt> wrote:
> Greetings,
>
> The following is an HAProxy option httpchk check request. It's purpose is to
> check a server's health by means of issuing a very lightweight request to
> it. It does this, by default, using OPTIONS (it's possible to configure it
> to perform any type of request, but OPTIONS is aparently the most
> lightweight).
>
> Nginx unfortunately returns a 405 to this. It's not really a big deal, but
> is there anyway to "force" Nginx to return a 200 with an empty payload or as
> small as possible? Would you still consider this a lightweight check to
> perform every 2 or so seconds, on a few hundred reqs/sec website?
>
> 127.0.0.1 - - [03/Jul/2009:17:34:21 +0100] "OPTIONS / HTTP/1.0" 405 166 "-"
> "-"
>
> Thanks for your time.
>
> Pedro.
>
>




From nginx-forum at nginx.us  Sun Jul  5 13:40:15 2009
From: nginx-forum at nginx.us (batrick)
Date: Sun, 5 Jul 2009 05:40:15 -0400
Subject: Variables in access_log
In-Reply-To: <911f7c981591b165a63cb62d3117b09a.NginxMailingList@forum.nginx.org>
References: <911f7c981591b165a63cb62d3117b09a.NginxMailingList@forum.nginx.org>
Message-ID: <b6f3f35fec9852e7cc0e0b31cebdc768.NginxMailingList@forum.nginx.org>

I have run into a similar problem. I wanted to set up a number of virtual hosts that each share the same configuration except, of course, for the domain name and path. So my plan was to set some environment variables, and then include the template configuration file.

Unfortunately, the plan faltered somewhat because error_log and server_name do not seem to support variables.

Does anybody know of a documentation which directives support variables and which do not?

Kind regards, 

batrick

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3722,3763#msg-3763





From andrew at andrewloe.com  Sun Jul  5 21:14:34 2009
From: andrew at andrewloe.com (W. Andrew Loe III)
Date: Sun, 5 Jul 2009 10:14:34 -0700
Subject: Advanced Maintenance
In-Reply-To: <20090702152458.GS5360@mdounin.ru>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com>
	 <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com>
	 <013d01c9fa73$9c781bf0$d56853d0$@com>
	 <20090701231921.GL5360@mdounin.ru>
	 <024b01c9fac2$0e91b7c0$2bb52740$@com>
	 <a3780c060907012037m1dd9979byed0d2dceb1f968df@mail.gmail.com>
	 <02d601c9fb13$fd96aaf0$f8c400d0$@com>
	 <20090702152458.GS5360@mdounin.ru>
Message-ID: <9007bd350907051014s716c529cxe14a75dfc104c3de@mail.gmail.com>

I wrote a little article on doing this:

http://onehub.com/past/2009/3/6/rails_maintenance_pages_done_right/

On Thu, Jul 2, 2009 at 8:24 AM, Maxim Dounin<mdounin at mdounin.ru> wrote:
> Hello!
>
> On Thu, Jul 02, 2009 at 07:52:42AM -0500, AMP Admin wrote:
>
>> Ohhh... i was looking for a not operator like '!'. ?thanks, I'll give that a try!
>
> It's much better to just configure normal more specific locations instead
> of using regexps, e.g.
>
> location / {
> ? ?# maintanance checks here
> }
>
> location /maintanance.php {
> ? ?# no checks here
> }
>
> location /privacypolicy.php {
> ? ?# and no checks here
> }
>
> location /images/ {
> ? ?# and no checks here
> }
>
> location /promo/ {
> ? ?# and no checks here
> }
>
> Each request will be processed in most-specific location, and
> hence there would be no maintanance checks for privacypolicy.php,
> images and promo (and maintanance.php itself).
>
> Maxim Dounin
>
>
>>
>> -----Original Message-----
>> From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of Edho P Arief
>> Sent: Wednesday, July 01, 2009 10:38 PM
>> To: nginx at sysoev.ru
>> Subject: Re: Advanced Maintenance
>>
>> On Thu, Jul 2, 2009 at 10:06 AM, AMP Admin<admin at ampprod.com> wrote:
>> > I don't understand. ?How do we make the "no maintenance checks"? ?sorry, I'm
>> > still learning.
>> >
>> > If we want everything but privacypolicy.php, images directory and promo
>> > directory to go to maintenance how would that look?
>> >
>> > It seems that this puts the entire site in maintenance mode:
>> > Location / {
>> > ? ? ? ?if (-f $document_root/maintenance.php) {
>> > ? ? ? ? ? ? ? ?rewrite ?^(.*)$ ?/maintenance.php last;
>> > ? ? ? ? ? ? ? ?break;
>> > ? ? ? ?}
>> > }
>> >
>> > I'm not sure how to do the no maintenance part.
>> >
>>
>> location ~ ^/(?!privacypolicy.php|images|promo) {
>> ? try_files /maintenance.php $uri @fallback;
>> }
>>
>> --
>> O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
>>
>>
>
>




From tlott at gamesnet.de  Mon Jul  6 07:37:27 2009
From: tlott at gamesnet.de (Tobias Lott)
Date: Mon, 6 Jul 2009 05:37:27 +0200
Subject: Did I got try_files wrong? and bad gateway 502
Message-ID: <20090706053727.43700b5d@sub.han.vpn.gamesnet.de>

Hey Folks

I got a problem understanding try_files I guess.

Got this as configuration :

location = / { rewrite ^(.*)$ /shop/ redirect; }

location / {
	proxy_pass  http://backend:10060;
	proxy_set_header  X-Real-IP  $remote_addr;
	proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header Host $http_host;
	proxy_redirect off;
	proxy_connect_timeout      90;
	proxy_send_timeout         90;
	proxy_read_timeout         120;
}


Problem is that I cant "catch" all 404 and rewrite it
to /shop/index.php but with "if" (which I shouldn't use cause of
possible performance issues, Igor mentioned I think.)

Doesn't work:
try_files $uri $uri/ /shop/index.php;
error_page 404 /shop/index.php;

Works:
if (!-f $request_filename) { rewrite ^(.*)$  /shop/index.php
redirect; }




Additionally I got another issue, which is that customers getting 502s
pretty damn randomly (using nginx-0.7.61 as frontend and apache 2.2.11
as backend for the time being, which gonna gets migrated soon). Was
trying to tweak a lil with proxy_*_timeout and keepalive_timeout but
since its not reproducible I can't be sure its fixed, are there some
"good to go" values or another option to check?

Thanks so much Igor for that godly piece of software and all involved.


Greetings
-- 
Tobias Lott




From nbubingo at gmail.com  Mon Jul  6 07:38:04 2009
From: nbubingo at gmail.com (Weibin Yao)
Date: Mon, 06 Jul 2009 11:38:04 +0800
Subject: 403:wiki.codemongers.com
Message-ID: <4A51719C.3000904@gmail.com>


  403 Forbidden

------------------------------------------------------------------------
nginx/0.7.51

-- 
Weibin Yao





From cherife at dotimes.com  Mon Jul  6 08:20:34 2009
From: cherife at dotimes.com (Cherife Li)
Date: Mon, 6 Jul 2009 12:20:34 +0800
Subject: 403:wiki.codemongers.com
In-Reply-To: <4A51719C.3000904@gmail.com>
References: <4A51719C.3000904@gmail.com>
Message-ID: <20090706042034.GA1647@dotimes.com>

On Mon, 06 Jul 2009 at 11:38:04 +0800, Weibin Yao wrote:

> 
>   403 Forbidden
> 
That's the old wiki.
Check the new one at <http://wiki.nginx.org/>.
-- 
Rgds,
Cherife.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: not available
URL: <http://nginx.org/pipermail/nginx/attachments/20090706/47b9a599/attachment.pgp>

From mike503 at gmail.com  Mon Jul  6 08:39:44 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Sun, 5 Jul 2009 21:39:44 -0700
Subject: Did I got try_files wrong? and bad gateway 502
In-Reply-To: <20090706053727.43700b5d@sub.han.vpn.gamesnet.de>
References: <20090706053727.43700b5d@sub.han.vpn.gamesnet.de>
Message-ID: <bd9320b30907052139m43c5a05aj818031503f1ab672@mail.gmail.com>

On Sun, Jul 5, 2009 at 8:37 PM, Tobias Lott<tlott at gamesnet.de> wrote:

> Additionally I got another issue, which is that customers getting 502s
> pretty damn randomly (using nginx-0.7.61 as frontend and apache 2.2.11
> as backend for the time being, which gonna gets migrated soon). Was
> trying to tweak a lil with proxy_*_timeout and keepalive_timeout but
> since its not reproducible I can't be sure its fixed, are there some
> "good to go" values or another option to check?

Is it nginx giving the 502 or apache?




From jg at internetx.de  Mon Jul  6 12:28:10 2009
From: jg at internetx.de (Juergen Gotteswinter)
Date: Mon, 06 Jul 2009 10:28:10 +0200
Subject: Nginx Punycode Support
Message-ID: <4A51B59A.9030208@internetx.de>

Hello

does nginx support punycode domains in the server_name directives?

thanks







From tlott at gamesnet.de  Mon Jul  6 14:03:41 2009
From: tlott at gamesnet.de (Tobias Lott)
Date: Mon, 6 Jul 2009 12:03:41 +0200
Subject: Did I got try_files wrong? and bad gateway 502
In-Reply-To: <bd9320b30907052139m43c5a05aj818031503f1ab672@mail.gmail.com>
References: <20090706053727.43700b5d@sub.han.vpn.gamesnet.de>
	<bd9320b30907052139m43c5a05aj818031503f1ab672@mail.gmail.com>
Message-ID: <20090706120341.5ab5e64f@sub.han.vpn.gamesnet.de>



On Sun, 5 Jul 2009 21:39:44 -0700
Michael Shadle <mike503 at gmail.com> wrote:

> On Sun, Jul 5, 2009 at 8:37 PM, Tobias Lott<tlott at gamesnet.de> wrote:
> 
> > Additionally I got another issue, which is that customers getting
> > 502s pretty damn randomly (using nginx-0.7.61 as frontend and
> > apache 2.2.11 as backend for the time being, which gonna gets
> > migrated soon). Was trying to tweak a lil with proxy_*_timeout and
> > keepalive_timeout but since its not reproducible I can't be sure
> > its fixed, are there some "good to go" values or another option to
> > check?
> 
> Is it nginx giving the 502 or apache?
> 

nginx is giving the 502

-- 
Tobias Lott




From juangiordana at gmail.com  Mon Jul  6 18:50:19 2009
From: juangiordana at gmail.com (Juan Fco. Giordana)
Date: Mon, 06 Jul 2009 11:50:19 -0300
Subject: 403:wiki.codemongers.com
In-Reply-To: <20090706042034.GA1647@dotimes.com>
References: <4A51719C.3000904@gmail.com> <20090706042034.GA1647@dotimes.com>
Message-ID: <4A520F2B.1020405@gmail.com>

A 301 redirect to http://wiki.nginx.org/ should be more appropriate then :)

Cherife Li wrote:
> On Mon, 06 Jul 2009 at 11:38:04 +0800, Weibin Yao wrote:
> 
>>   403 Forbidden
>>
> That's the old wiki.
> Check the new one at <http://wiki.nginx.org/>.




From lists at ruby-forum.com  Mon Jul  6 19:23:02 2009
From: lists at ruby-forum.com (Mi Mi)
Date: Mon, 6 Jul 2009 17:23:02 +0200
Subject: Can't upload files > 10Mb
In-Reply-To: <20080515173919.GA27880@rambler-co.ru>
References: <1210869319.4449.12.camel@portableevil.develix.com> <156c5bc40805151001u75e8b4c7k12994b7e03935aca@mail.gmail.com> <1210872776.4449.17.camel@portableevil.develix.com>
	<20080515173919.GA27880@rambler-co.ru>
Message-ID: <00a1b89ebf69500764d1b63939c4c7ec@ruby-forum.com>

Igor Sysoev wrote:
> On Thu, May 15, 2008 at 10:32:56AM -0700, Cliff Wells wrote:
> 
>> 
>> On Thu, 2008-05-15 at 13:01 -0400, Tieg Zaharia wrote:
>> > Hey Cliff-- I had the same problem a few weeks ago and then realized
>> > that the "client_max_body_size" parameter wasn't in the right place.
>> > Do you have it under a location block?
>> 
>> It's in the "http" section.  I'll try adding it to the specific location
>> block.
> 
> Is this error still in error_log ?
> What is your backend ? It may its own limit.

I have the same problem and I don't have any explicit "max" setting in 
any configuration file. I'm not sure what you mean by "backend" -- but I 
cast "http".

[root at myhost /usr/local/etc/nginx]# grep -ri max .
[root at myhost /usr/local/etc/nginx]# grep -ri upload .
[root at myhost /usr/local/etc/nginx]#

Although I read here 
https://cloud-support.engineyard.com/discussions/problems/228-nginxpassenger-issue-file-uploads-not-working-client-intended-to-send-too-large-body 
that "upload_max_file_size 50m; client_max_body_size 50m;" fix the 
problem, my nginx 0.7.61 refuses to accept the former in http { }.

Also, I read from 
http://wiki.nginx.org/NginxHttpCoreModule#client_max_body_size that the 
default size is 1m. Is it reasonable to specify a maximum by default, 
especially *this* strict?

For giving some context: I stumbled into the problem when people were 
reporting that the majority, but not all ("indeterministically", as they 
said) of the Document Uploads in an OpenGoo installation did not work.
-- 
Posted via http://www.ruby-forum.com/.




From cliff at develix.com  Mon Jul  6 21:10:50 2009
From: cliff at develix.com (Cliff Wells)
Date: Mon, 06 Jul 2009 10:10:50 -0700
Subject: Can't upload files > 10Mb
In-Reply-To: <00a1b89ebf69500764d1b63939c4c7ec@ruby-forum.com>
References: <1210869319.4449.12.camel@portableevil.develix.com>
	 <156c5bc40805151001u75e8b4c7k12994b7e03935aca@mail.gmail.com>
	 <1210872776.4449.17.camel@portableevil.develix.com>
	 <20080515173919.GA27880@rambler-co.ru>
	 <00a1b89ebf69500764d1b63939c4c7ec@ruby-forum.com>
Message-ID: <1246900250.4626.1.camel@portable-evil>

On Mon, 2009-07-06 at 17:23 +0200, Mi Mi wrote:
> Igor Sysoev wrote:
> > On Thu, May 15, 2008 at 10:32:56AM -0700, Cliff Wells wrote:
> > 
> >> 
> >> On Thu, 2008-05-15 at 13:01 -0400, Tieg Zaharia wrote:
> >> > Hey Cliff-- I had the same problem a few weeks ago and then realized
> >> > that the "client_max_body_size" parameter wasn't in the right place.
> >> > Do you have it under a location block?
> >> 
> >> It's in the "http" section.  I'll try adding it to the specific location
> >> block.
> > 
> > Is this error still in error_log ?
> > What is your backend ? It may its own limit.
> 
> I have the same problem and I don't have any explicit "max" setting in 
> any configuration file. I'm not sure what you mean by "backend" -- but I 
> cast "http".

There's a default value of 1MB for client_max_body_size, so if you don't
have any explicit setting then that's your limit:

http://wiki.nginx.org/NginxHttpCoreModule#client_max_body_size


Cliff

-- 
http://www.google.com/search?q=vonage+sucks





From mike503 at gmail.com  Tue Jul  7 00:29:58 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Mon, 6 Jul 2009 13:29:58 -0700
Subject: Did I got try_files wrong? and bad gateway 502
In-Reply-To: <20090706120341.5ab5e64f@sub.han.vpn.gamesnet.de>
References: <20090706053727.43700b5d@sub.han.vpn.gamesnet.de>
	 <bd9320b30907052139m43c5a05aj818031503f1ab672@mail.gmail.com>
	 <20090706120341.5ab5e64f@sub.han.vpn.gamesnet.de>
Message-ID: <bd9320b30907061329v78264ab7gfe000b3ae9e8b8c4@mail.gmail.com>

Check the nginx error log for what the message is when you hit those 502's.

Perhaps apache is too busy to service the request or is sending
malformed resposne etc?

On Mon, Jul 6, 2009 at 3:03 AM, Tobias Lott<tlott at gamesnet.de> wrote:
>
>
> On Sun, 5 Jul 2009 21:39:44 -0700
> Michael Shadle <mike503 at gmail.com> wrote:
>
>> On Sun, Jul 5, 2009 at 8:37 PM, Tobias Lott<tlott at gamesnet.de> wrote:
>>
>> > Additionally I got another issue, which is that customers getting
>> > 502s pretty damn randomly (using nginx-0.7.61 as frontend and
>> > apache 2.2.11 as backend for the time being, which gonna gets
>> > migrated soon). Was trying to tweak a lil with proxy_*_timeout and
>> > keepalive_timeout but since its not reproducible I can't be sure
>> > its fixed, are there some "good to go" values or another option to
>> > check?
>>
>> Is it nginx giving the 502 or apache?
>>
>
> nginx is giving the 502
>
> --
> Tobias Lott
>
>




From tlott at gamesnet.de  Tue Jul  7 01:52:02 2009
From: tlott at gamesnet.de (Tobias Lott)
Date: Mon, 6 Jul 2009 23:52:02 +0200
Subject: Did I got try_files wrong? and bad gateway 502
In-Reply-To: <bd9320b30907061329v78264ab7gfe000b3ae9e8b8c4@mail.gmail.com>
References: <20090706053727.43700b5d@sub.han.vpn.gamesnet.de>
	<bd9320b30907052139m43c5a05aj818031503f1ab672@mail.gmail.com>
	<20090706120341.5ab5e64f@sub.han.vpn.gamesnet.de>
	<bd9320b30907061329v78264ab7gfe000b3ae9e8b8c4@mail.gmail.com>
Message-ID: <20090706235202.7b12b96d@sub.han.vpn.gamesnet.de>



On Mon, 6 Jul 2009 13:29:58 -0700
Michael Shadle <mike503 at gmail.com> wrote:

> Check the nginx error log for what the message is when you hit those
> 502's.
> 
> Perhaps apache is too busy to service the request or is sending
> malformed resposne etc?
> 
> On Mon, Jul 6, 2009 at 3:03 AM, Tobias Lott<tlott at gamesnet.de> wrote:
> >
> >
> > On Sun, 5 Jul 2009 21:39:44 -0700
> > Michael Shadle <mike503 at gmail.com> wrote:
> >
> >> On Sun, Jul 5, 2009 at 8:37 PM, Tobias Lott<tlott at gamesnet.de>
> >> wrote:
> >>
> >> > Additionally I got another issue, which is that customers getting
> >> > 502s pretty damn randomly (using nginx-0.7.61 as frontend and
> >> > apache 2.2.11 as backend for the time being, which gonna gets
> >> > migrated soon). Was trying to tweak a lil with proxy_*_timeout
> >> > and keepalive_timeout but since its not reproducible I can't be
> >> > sure its fixed, are there some "good to go" values or another
> >> > option to check?
> >>
> >> Is it nginx giving the 502 or apache?
> >>
> >
> > nginx is giving the 502
> >
> > --
> > Tobias Lott
> >
> >
> 

The only error log entry thats consistent with the 502 is the
following, but its not the same file, one type of file, same client:

2009/07/06 22:48:20 [crit] 86851#0: *183664 connect() to
XX.XX.XX.XX:XX failed (1: Operation not permitted) while connecting
to upstream, client: XX.XX.XX.XX, server: hostname.tld, request:
"GET /some/random/picture.jpg HTTP/1.1", upstream:
"http://XX.XX.XX.XX:XX/some/random/picture.jpg",
host: "hostname.tld", referrer: "http://hostname.tld/some/"


There is nothing in Apache error/access log at that time.


-- 
Tobias Lott




From pedro.matamouros at sapo.pt  Tue Jul  7 03:58:18 2009
From: pedro.matamouros at sapo.pt (Pedro Mata-Mouros Fonseca)
Date: Tue, 7 Jul 2009 00:58:18 +0100
Subject: External health checking - OPTIONS returns 405
In-Reply-To: <e0af94b80907041247n534dd414g7abe28db4ba90d4e@mail.gmail.com>
References: <10F8B021-CD78-450B-860F-0B0B8612E994@sapo.pt> <e0af94b80907041247n534dd414g7abe28db4ba90d4e@mail.gmail.com>
Message-ID: <9BE95041-C67A-47B6-B7AF-B7F3DDB61956@sapo.pt>

Many thanks for the sugestions Merlin, going to check out the HEAD  
method one.

Pedro.

On Jul 4, 2009, at 8:47 PM, merlin corey wrote:

> Hello,
>
> You can change HAProxy's health check request method to HEAD.  This
> would be the easiest/best solution and still highly lightweight, in my
> opinion.
>
> If for some reason you cannot do that, I created an extremely simple
> module for nginx which just always replies with a "normal" OPTIONS
> reply.  You can download this module from
> http://www.rumandcoke.org/nginx/noptions.tar.gz ; extract it (I put it
> in src/http/modules) and append --add-module=src/http/modules/noptions
> (or your path to the module) then rebuild NginX.  This has not been
> tested or used since 0.6.3? and may require some small changes for
> 0.7/0.8 (but it might not).
>
> Thanks,
> Merlin
>
> On Fri, Jul 3, 2009 at 9:45 AM, Pedro Mata-Mouros
> Fonseca<pedro.matamouros at sapo.pt> wrote:
>> Greetings,
>>
>> The following is an HAProxy option httpchk check request. It's  
>> purpose is to
>> check a server's health by means of issuing a very lightweight  
>> request to
>> it. It does this, by default, using OPTIONS (it's possible to  
>> configure it
>> to perform any type of request, but OPTIONS is aparently the most
>> lightweight).
>>
>> Nginx unfortunately returns a 405 to this. It's not really a big  
>> deal, but
>> is there anyway to "force" Nginx to return a 200 with an empty  
>> payload or as
>> small as possible? Would you still consider this a lightweight  
>> check to
>> perform every 2 or so seconds, on a few hundred reqs/sec website?
>>
>> 127.0.0.1 - - [03/Jul/2009:17:34:21 +0100] "OPTIONS / HTTP/1.0" 405  
>> 166 "-"
>> "-"
>>
>> Thanks for your time.
>>
>> Pedro.
>>
>>
>
>





From merlincorey at dc949.org  Tue Jul  7 04:41:40 2009
From: merlincorey at dc949.org (merlin corey)
Date: Mon, 6 Jul 2009 17:41:40 -0700
Subject: Variables in access_log
In-Reply-To: <b6f3f35fec9852e7cc0e0b31cebdc768.NginxMailingList@forum.nginx.org>
References: <911f7c981591b165a63cb62d3117b09a.NginxMailingList@forum.nginx.org>
	 <b6f3f35fec9852e7cc0e0b31cebdc768.NginxMailingList@forum.nginx.org>
Message-ID: <e0af94b80907061741v4a8ff063g9d4becd860a5879f@mail.gmail.com>

I believe server_name now supports some variables but maybe this is
just in development branch.  The official documentation is in Russian
and located at http://sysoev.ru/nginx/docs/ .  There is also a wiki at
http://wiki.nginx.org with English and Chinese translations of some of
the documentation, but it is not always up to date or complete.
Google translate can do a readable job in many cases, and the
configuration language is always the same in any language, plus there
is the common language C that nginx is written in.  These are the
sources you should look through.

Completely separately regarding configurations, I am under the
understanding that nginx performs better with fully specified server
names.  It should be easy enough to put common configuration into
files which you include in each server { } block as necessary.  This
can easily be generated by a script so you don't have to do it by hand
if you have a lot of domains.  The benefits are you get the common
configuration, separate error logging, separate access logging, and
flexibility to make individual host changes while efficiently
selecting proper server blocks.

-- Merlin

On 7/5/09, batrick <nginx-forum at nginx.us> wrote:
> I have run into a similar problem. I wanted to set up a number of virtual
> hosts that each share the same configuration except, of course, for the
> domain name and path. So my plan was to set some environment variables, and
> then include the template configuration file.
>
> Unfortunately, the plan faltered somewhat because error_log and server_name
> do not seem to support variables.
>
> Does anybody know of a documentation which directives support variables and
> which do not?
>
> Kind regards,
>
> batrick
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3722,3763#msg-3763
>
>
>




From merlincorey at dc949.org  Tue Jul  7 04:43:43 2009
From: merlincorey at dc949.org (merlin corey)
Date: Mon, 6 Jul 2009 17:43:43 -0700
Subject: Advanced Maintenance
In-Reply-To: <9007bd350907051014s716c529cxe14a75dfc104c3de@mail.gmail.com>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com>
	 <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com>
	 <013d01c9fa73$9c781bf0$d56853d0$@com>
	 <20090701231921.GL5360@mdounin.ru>
	 <024b01c9fac2$0e91b7c0$2bb52740$@com>
	 <a3780c060907012037m1dd9979byed0d2dceb1f968df@mail.gmail.com>
	 <02d601c9fb13$fd96aaf0$f8c400d0$@com>
	 <20090702152458.GS5360@mdounin.ru>
	 <9007bd350907051014s716c529cxe14a75dfc104c3de@mail.gmail.com>
Message-ID: <e0af94b80907061743r6300f8b2w899acc75ca38a2e7@mail.gmail.com>

You should write a new article with an updated try_files method with
0.7.x being stable now! ;)

On 7/5/09, W. Andrew Loe III <andrew at andrewloe.com> wrote:
> I wrote a little article on doing this:
>
> http://onehub.com/past/2009/3/6/rails_maintenance_pages_done_right/
>
> On Thu, Jul 2, 2009 at 8:24 AM, Maxim Dounin<mdounin at mdounin.ru> wrote:
>> Hello!
>>
>> On Thu, Jul 02, 2009 at 07:52:42AM -0500, AMP Admin wrote:
>>
>>> Ohhh... i was looking for a not operator like '!'. ?thanks, I'll give
>>> that a try!
>>
>> It's much better to just configure normal more specific locations instead
>> of using regexps, e.g.
>>
>> location / {
>> ? ?# maintanance checks here
>> }
>>
>> location /maintanance.php {
>> ? ?# no checks here
>> }
>>
>> location /privacypolicy.php {
>> ? ?# and no checks here
>> }
>>
>> location /images/ {
>> ? ?# and no checks here
>> }
>>
>> location /promo/ {
>> ? ?# and no checks here
>> }
>>
>> Each request will be processed in most-specific location, and
>> hence there would be no maintanance checks for privacypolicy.php,
>> images and promo (and maintanance.php itself).
>>
>> Maxim Dounin
>>
>>
>>>
>>> -----Original Message-----
>>> From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of
>>> Edho P Arief
>>> Sent: Wednesday, July 01, 2009 10:38 PM
>>> To: nginx at sysoev.ru
>>> Subject: Re: Advanced Maintenance
>>>
>>> On Thu, Jul 2, 2009 at 10:06 AM, AMP Admin<admin at ampprod.com> wrote:
>>> > I don't understand. ?How do we make the "no maintenance checks"?
>>> > ?sorry, I'm
>>> > still learning.
>>> >
>>> > If we want everything but privacypolicy.php, images directory and promo
>>> > directory to go to maintenance how would that look?
>>> >
>>> > It seems that this puts the entire site in maintenance mode:
>>> > Location / {
>>> > ? ? ? ?if (-f $document_root/maintenance.php) {
>>> > ? ? ? ? ? ? ? ?rewrite ?^(.*)$ ?/maintenance.php last;
>>> > ? ? ? ? ? ? ? ?break;
>>> > ? ? ? ?}
>>> > }
>>> >
>>> > I'm not sure how to do the no maintenance part.
>>> >
>>>
>>> location ~ ^/(?!privacypolicy.php|images|promo) {
>>> ? try_files /maintenance.php $uri @fallback;
>>> }
>>>
>>> --
>>> O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
>>>
>>>
>>
>>
>
>




From merlincorey at dc949.org  Tue Jul  7 04:50:00 2009
From: merlincorey at dc949.org (merlin corey)
Date: Mon, 6 Jul 2009 17:50:00 -0700
Subject: Nginx Punycode Support
In-Reply-To: <4A51B59A.9030208@internetx.de>
References: <4A51B59A.9030208@internetx.de>
Message-ID: <e0af94b80907061750o3c7db465p367fad24596a925d@mail.gmail.com>

Hello,

NginX supports regular expressions, unix globs, and such within
server_name directive (see
http://sysoev.ru/nginx/docs/http/ngx_http_core_module.html#server_name
and http://wiki.nginx.org/NginxHttpCoreModule#server_name )...
Whether or not you can use that for your unicode encoding, I am not
sure :).

Thanks,
Merlin

On 7/6/09, Juergen Gotteswinter <jg at internetx.de> wrote:
> Hello
>
> does nginx support punycode domains in the server_name directives?
>
> thanks
>
>
>
>
>




From merlincorey at dc949.org  Tue Jul  7 04:53:25 2009
From: merlincorey at dc949.org (merlin corey)
Date: Mon, 6 Jul 2009 17:53:25 -0700
Subject: Did I got try_files wrong? and bad gateway 502
In-Reply-To: <20090706235202.7b12b96d@sub.han.vpn.gamesnet.de>
References: <20090706053727.43700b5d@sub.han.vpn.gamesnet.de>
	 <bd9320b30907052139m43c5a05aj818031503f1ab672@mail.gmail.com>
	 <20090706120341.5ab5e64f@sub.han.vpn.gamesnet.de>
	 <bd9320b30907061329v78264ab7gfe000b3ae9e8b8c4@mail.gmail.com>
	 <20090706235202.7b12b96d@sub.han.vpn.gamesnet.de>
Message-ID: <e0af94b80907061753j427c0652p50867e79f77b1319@mail.gmail.com>

Why not server some random picture from NginX?  Surely that will
relieve the 502s.

On 7/6/09, Tobias Lott <tlott at gamesnet.de> wrote:
>
>
> On Mon, 6 Jul 2009 13:29:58 -0700
> Michael Shadle <mike503 at gmail.com> wrote:
>
>> Check the nginx error log for what the message is when you hit those
>> 502's.
>>
>> Perhaps apache is too busy to service the request or is sending
>> malformed resposne etc?
>>
>> On Mon, Jul 6, 2009 at 3:03 AM, Tobias Lott<tlott at gamesnet.de> wrote:
>> >
>> >
>> > On Sun, 5 Jul 2009 21:39:44 -0700
>> > Michael Shadle <mike503 at gmail.com> wrote:
>> >
>> >> On Sun, Jul 5, 2009 at 8:37 PM, Tobias Lott<tlott at gamesnet.de>
>> >> wrote:
>> >>
>> >> > Additionally I got another issue, which is that customers getting
>> >> > 502s pretty damn randomly (using nginx-0.7.61 as frontend and
>> >> > apache 2.2.11 as backend for the time being, which gonna gets
>> >> > migrated soon). Was trying to tweak a lil with proxy_*_timeout
>> >> > and keepalive_timeout but since its not reproducible I can't be
>> >> > sure its fixed, are there some "good to go" values or another
>> >> > option to check?
>> >>
>> >> Is it nginx giving the 502 or apache?
>> >>
>> >
>> > nginx is giving the 502
>> >
>> > --
>> > Tobias Lott
>> >
>> >
>>
>
> The only error log entry thats consistent with the 502 is the
> following, but its not the same file, one type of file, same client:
>
> 2009/07/06 22:48:20 [crit] 86851#0: *183664 connect() to
> XX.XX.XX.XX:XX failed (1: Operation not permitted) while connecting
> to upstream, client: XX.XX.XX.XX, server: hostname.tld, request:
> "GET /some/random/picture.jpg HTTP/1.1", upstream:
> "http://XX.XX.XX.XX:XX/some/random/picture.jpg",
> host: "hostname.tld", referrer: "http://hostname.tld/some/"
>
>
> There is nothing in Apache error/access log at that time.
>
>
> --
> Tobias Lott
>
>




From mdounin at mdounin.ru  Tue Jul  7 06:06:10 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 7 Jul 2009 06:06:10 +0400
Subject: Did I got try_files wrong? and bad gateway 502
In-Reply-To: <20090706235202.7b12b96d@sub.han.vpn.gamesnet.de>
References: <20090706053727.43700b5d@sub.han.vpn.gamesnet.de> <bd9320b30907052139m43c5a05aj818031503f1ab672@mail.gmail.com> <20090706120341.5ab5e64f@sub.han.vpn.gamesnet.de> <bd9320b30907061329v78264ab7gfe000b3ae9e8b8c4@mail.gmail.com> <20090706235202.7b12b96d@sub.han.vpn.gamesnet.de>
Message-ID: <20090707020609.GS5360@mdounin.ru>

Hello!

On Mon, Jul 06, 2009 at 11:52:02PM +0200, Tobias Lott wrote:

> 
> 
> On Mon, 6 Jul 2009 13:29:58 -0700
> Michael Shadle <mike503 at gmail.com> wrote:
> 
> > Check the nginx error log for what the message is when you hit those
> > 502's.
> > 
> > Perhaps apache is too busy to service the request or is sending
> > malformed resposne etc?
> > 
> > On Mon, Jul 6, 2009 at 3:03 AM, Tobias Lott<tlott at gamesnet.de> wrote:
> > >
> > >
> > > On Sun, 5 Jul 2009 21:39:44 -0700
> > > Michael Shadle <mike503 at gmail.com> wrote:
> > >
> > >> On Sun, Jul 5, 2009 at 8:37 PM, Tobias Lott<tlott at gamesnet.de>
> > >> wrote:
> > >>
> > >> > Additionally I got another issue, which is that customers getting
> > >> > 502s pretty damn randomly (using nginx-0.7.61 as frontend and
> > >> > apache 2.2.11 as backend for the time being, which gonna gets
> > >> > migrated soon). Was trying to tweak a lil with proxy_*_timeout
> > >> > and keepalive_timeout but since its not reproducible I can't be
> > >> > sure its fixed, are there some "good to go" values or another
> > >> > option to check?
> > >>
> > >> Is it nginx giving the 502 or apache?
> > >>
> > >
> > > nginx is giving the 502
> > >
> > > --
> > > Tobias Lott
> > >
> > >
> > 
> 
> The only error log entry thats consistent with the 502 is the
> following, but its not the same file, one type of file, same client:
> 
> 2009/07/06 22:48:20 [crit] 86851#0: *183664 connect() to
> XX.XX.XX.XX:XX failed (1: Operation not permitted) while connecting
> to upstream, client: XX.XX.XX.XX, server: hostname.tld, request:
> "GET /some/random/picture.jpg HTTP/1.1", upstream:
> "http://XX.XX.XX.XX:XX/some/random/picture.jpg",
> host: "hostname.tld", referrer: "http://hostname.tld/some/"

This is EPERM, and most typical reasons include statefull firewall 
between nginx frontend and backend or timewait reuse switched off.

If it's statefull firewall - remove it or convert to non-statefull 
one.

If it's timewait issue - switch on timewait reuse/recycle (see your OS 
tuning guides to find out how).

> There is nothing in Apache error/access log at that time.

Since nginx wasn't allowed to connect() - it's somewhat expected.

Maxim Dounin




From lists at ruby-forum.com  Tue Jul  7 09:33:30 2009
From: lists at ruby-forum.com (Jauder Ho)
Date: Tue, 7 Jul 2009 07:33:30 +0200
Subject: try_files and static web site
Message-ID: <68dea8f82aef5a4f9d2f1d4e02a49f5b@ruby-forum.com>

I have a site that is completely static and I figured I would use
try_files however this results in HTTP 500 errors for directories i.e.
trying to get to http://foo.com/bar/ results in a 500 error. What's
wrong with this config? Thanks.

--Jauder

  server {
    # port to listen on. Can also be set to an IP:PORT
    listen 80;

    # Set the charset
    charset utf-8;

    # sets the domain[s] that this vhost server requests for
    server_name www.foo.com;

    # doc root
    root /var/www/foo.com;

    # vhost specific access log
    access_log  /var/log/nginx_access.log  main;


    # Catchall for everything else
    location / {
      root /var/www/foo.com;
      access_log off;

      index index.html index.shtml;
      expires 1d;

      try_files $uri $uri/;

      #if (-f $request_filename) {
      #  break;
      #}
    }



    error_page 500 502 503 504 /500.html;
    error_page 404 /404.html;

  }
-- 
Posted via http://www.ruby-forum.com/.




From mike503 at gmail.com  Tue Jul  7 09:47:17 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Mon, 6 Jul 2009 22:47:17 -0700
Subject: try_files and static web site
In-Reply-To: <68dea8f82aef5a4f9d2f1d4e02a49f5b@ruby-forum.com>
References: <68dea8f82aef5a4f9d2f1d4e02a49f5b@ruby-forum.com>
Message-ID: <53F14C2F-996A-4EAB-B0CF-AC209C2B01E0@gmail.com>

I see no reason to be using try_files at all in your config.

Sent from my iPhone

On Jul 6, 2009, at 10:33 PM, Jauder Ho <lists at ruby-forum.com> wrote:

> I have a site that is completely static and I figured I would use
> try_files however this results in HTTP 500 errors for directories i.e.
> trying to get to http://foo.com/bar/ results in a 500 error. What's
> wrong with this config? Thanks.
>
> --Jauder
>
>  server {
>    # port to listen on. Can also be set to an IP:PORT
>    listen 80;
>
>    # Set the charset
>    charset utf-8;
>
>    # sets the domain[s] that this vhost server requests for
>    server_name www.foo.com;
>
>    # doc root
>    root /var/www/foo.com;
>
>    # vhost specific access log
>    access_log  /var/log/nginx_access.log  main;
>
>
>    # Catchall for everything else
>    location / {
>      root /var/www/foo.com;
>      access_log off;
>
>      index index.html index.shtml;
>      expires 1d;
>
>      try_files $uri $uri/;
>
>      #if (-f $request_filename) {
>      #  break;
>      #}
>    }
>
>
>
>    error_page 500 502 503 504 /500.html;
>    error_page 404 /404.html;
>
>  }
> -- 
> Posted via http://www.ruby-forum.com/.
>




From nginx-forum at nginx.us  Tue Jul  7 13:44:56 2009
From: nginx-forum at nginx.us (miradev)
Date: Tue, 7 Jul 2009 05:44:56 -0400
Subject: Variables in access_log
In-Reply-To: <4A4E1918.9050909@forum.nginx.org>
References: <911f7c981591b165a63cb62d3117b09a.NginxMailingList@forum.nginx.org> <4A4E1918.9050909@forum.nginx.org>
Message-ID: <52305158abd4031fc068f881cce01669.NginxMailingList@forum.nginx.org>

Brent Bloxam Wrote:

> > Have I misunderstood?
> 
> Yes, you assumed error_log was the same as
> access_log. They are not. 
> access_log is part of the Log module while
> error_log is part of the main 
> module. error_log (at least in 0.7.59) does not
> support variables in the 
> path.

You are right, I missed that completely. Strangely this still fits the requirements, so it is not an issue for me.

Thank you.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3722,3806#msg-3806





From nginx-forum at nginx.us  Tue Jul  7 13:53:02 2009
From: nginx-forum at nginx.us (miradev)
Date: Tue, 7 Jul 2009 05:53:02 -0400
Subject: Variables in access_log
In-Reply-To: <b6f3f35fec9852e7cc0e0b31cebdc768.NginxMailingList@forum.nginx.org>
References: <911f7c981591b165a63cb62d3117b09a.NginxMailingList@forum.nginx.org> <b6f3f35fec9852e7cc0e0b31cebdc768.NginxMailingList@forum.nginx.org>
Message-ID: <54705fcdd9412b89afaabed6dbb4541a.NginxMailingList@forum.nginx.org>

batrick Wrote:
-------------------------------------------------------
> I have run into a similar problem. I wanted to set
> up a number of virtual hosts that each share the
> same configuration except, of course, for the
> domain name and path. So my plan was to set some
> environment variables, and then include the
> template configuration file.

My particular set up is not for 'live' sites (in the typical manner), and I would support Merlin's suggestion to build config files for each one. I do infact do exactly that. A simple template with some variables replaced, and you are away. You never know when you need to add just that one custom setting for that client. For the dev sites, I would just build a completely new site if something specific was wanted, but to unravel a live site from such a fixed structure might be troublesome.

> Unfortunately, the plan faltered somewhat because
> error_log and server_name do not seem to support
> variables.
> 
> Does anybody know of a documentation which
> directives support variables and which do not?

I'm guessing with the pace at which nginx is moving, that if you want such a list, you will have to head to the wiki and compile it yourself.

However, server_name does take wild cards, and you can do regular expression matching on $host. As I have done in my original post.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3722,3807#msg-3807





From nginx-forum at nginx.us  Tue Jul  7 13:59:31 2009
From: nginx-forum at nginx.us (davidc)
Date: Tue, 7 Jul 2009 05:59:31 -0400
Subject: Logging embedded Perl return value
In-Reply-To: <20090410103340.GR21297@forum.nginx.org>
References: <b5601e18946f8638ff7419ea3667845a.NginxMailingList@forum.nginx.org> <20090409051639.GA87521@forum.nginx.org> <395c82ca4719d4e018910bbe6608ce1e.NginxMailingList@forum.nginx.org> <20090410103340.GR21297@forum.nginx.org>
Message-ID: <227390a136e3ae4911bdf2352190d802.NginxMailingList@forum.nginx.org>

Hi Igor,

Thanks for the patch! I just realized it's now in the stable 0.7.x release.

As a test, I tried adding a '207 response code by modifying the files below
and return 'HTTP_CUSTOM_RESPONSE' from the perl handler.

It didn't work so perhaps you could point me to where I'm going wrong?

diff -r orig/nginx-0.7.61/src/http/modules/perl/nginx.pm nginx-0.7.61/src/http/modules/perl/nginx.pm
18a19
>     HTTP_CUSTOM_RESPONSE
63a65
> use constant HTTP_CUSTOM_RESPONSE           => 207;


diff -r orig/nginx-0.7.61/src/http/ngx_http_header_filter_module.c nginx-0.7.61/src/http/ngx_http_header_filter_module.c
60a61
>     ngx_string("207 Custom Response"),
64c65
< #define NGX_HTTP_LAST_LEVEL_200  207
---
> #define NGX_HTTP_LAST_LEVEL_200  208


diff -r orig/nginx-0.7.61/src/http/ngx_http_request.h nginx-0.7.61/src/http/ngx_http_request.h
68a69
> #define NGX_HTTP_CUSTOM_RESPONSE           207

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,933,3808#msg-3808





From jg at internetx.de  Tue Jul  7 15:36:27 2009
From: jg at internetx.de (Juergen Gotteswinter)
Date: Tue, 07 Jul 2009 13:36:27 +0200
Subject: nginx 0.7.61 keeps crashing
Message-ID: <4A53333B.1020605@internetx.de>

Hello,

i got a nginx 0.7.61 running on centos 5.3 x86_64 which keeps crashing with

panic: MUTEX_LOCK (22) [op.c:352].

any ideas? or is this a known problem?





From phill at theactivitypeople.co.uk  Tue Jul  7 15:51:41 2009
From: phill at theactivitypeople.co.uk (Phillip Oldham)
Date: Tue, 07 Jul 2009 12:51:41 +0100
Subject: Maxmind GeoIP City Module
Message-ID: <4A5336CD.9050308@theactivitypeople.co.uk>

We're in need of a GeoIP module which works with the current development 
branch of nginx and can resolve an IP to City-level using Maxmind's 
GeoIP Database (the .dat files). We use nginx extensively but don't have 
experience in C to develop such a module in-house. Are there any module 
developers on the list who would be interested in such a project?

We're flexible regarding the funding of development for such a module, 
and also flexible on whether the finshed module is open-sourced and 
released back to the community.

If anyone is interested please feel free to mail me off-list with any 
thoughts/costs/etc.
-- 

*Phillip B Oldham*
ActivityHQ
phill at activityhq.com <mailto:phill at theactivitypeople.co.uk>

------------------------------------------------------------------------

*Policies*

This e-mail and its attachments are intended for the above named 
recipient(s) only and may be confidential. If they have come to you in 
error, please reply to this e-mail and highlight the error. No action 
should be taken regarding content, nor must you copy or show them to anyone.

This e-mail has been created in the knowledge that Internet e-mail is 
not a 100% secure communications medium, and we have taken steps to 
ensure that this e-mail and attachments are free from any virus. We must 
advise that in keeping with good computing practice the recipient should 
ensure they are completely virus free, and that you understand and 
observe the lack of security when e-mailing us.

------------------------------------------------------------------------
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090707/ca8f7169/attachment.html>

From mdounin at mdounin.ru  Tue Jul  7 16:18:02 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 7 Jul 2009 16:18:02 +0400
Subject: nginx 0.7.61 keeps crashing
In-Reply-To: <4A53333B.1020605@internetx.de>
References: <4A53333B.1020605@internetx.de>
Message-ID: <20090707121802.GU5360@mdounin.ru>

Hello!

On Tue, Jul 07, 2009 at 01:36:27PM +0200, Juergen Gotteswinter wrote:

> Hello,
>
> i got a nginx 0.7.61 running on centos 5.3 x86_64 which keeps crashing with
>
> panic: MUTEX_LOCK (22) [op.c:352].
>
> any ideas? or is this a known problem?

It's messaged issued by perl (for some not-yet-investigated 
reason).  If you don't need embedded perl - just compile nginx 
without it.

Am I right in the assumption that this happens on restart?  If 
yes, there were some reports that fixing init script to wait for 
nginx to stop before starting a new copy (or at least adding a 
sleep 1 between stop and start in restart function) helps.  Or 
better - you may use reload instead (since there are no real 
reason to restart nginx, reload usually sufficient and doesn't 
loose any single request).

Maxim Dounin




From jerome at loyet.net  Tue Jul  7 16:19:59 2009
From: jerome at loyet.net (=?ISO-8859-1?B?Suly9G1lIExveWV0?=)
Date: Tue, 7 Jul 2009 14:19:59 +0200
Subject: Thanks !
Message-ID: <3bea96c40907070519n1235af88sba7328478dfb96ce@mail.gmail.com>

Hi all, Hi Igor,

I've been working on a huge event for one of my customer. We were
running apache / php5_module. We switched to nginx with proxy to
apache / php5_module. The proxy_cache feature and gzip level 9 have
been used.

Last year for the same event we hadn't been able to handle the stream
with 8 servers ... this year we've been able to handle it without any
problems with only 2 servers (only one should have been enough but we
needed redundancy).

A summary:
> 300 Mbits/s out bandwith
> 60 Mbits/s in bandwith
> 7000 requests / s
< 60% cpu per server
since 8AM more than 50 000 000 hits have been served
response time constant and excellent (more than 90% of the requests
have been served in less than 10ms)
Nginx 0.8.4 (I know this is not a production version but It works so
good. I don't have any good reasons not to use it.)

I'm not suprise by thoses results as it's been benched recently. But I
just want to thanks Igor and all of you for your time working on nginx
and the amazing work accomplished. Few months back, the first time I
looked at nginx, the cache support didn't even exist (except for
proxy_store) and now it's fully working ... it was just all we were
waiting for.

I'll try to make an article somewhere about all that but I'm not sure
I'll be able to (politic is politic).

++ Jerome




From juergen.gotteswinter at internetx.de  Tue Jul  7 16:22:24 2009
From: juergen.gotteswinter at internetx.de (=?ISO-8859-1?Q?InterNetX_-_J=FCrgen_Gotteswinter?=)
Date: Tue, 07 Jul 2009 14:22:24 +0200
Subject: nginx 0.7.61 keeps crashing
In-Reply-To: <4A53333B.1020605@internetx.de>
References: <4A53333B.1020605@internetx.de>
Message-ID: <4A533E00.4090006@internetx.de>

i found some discussions about this, and it seems that the nginx perl 
module can cause this on systems with threaded perl. i recompiled the 
rpm without the "--with-perl..." part and reinstalled nginx. a few 
minutes later nginx died again, here are the last lines from error.log

2009/07/07 14:00:04 [notice] 15087#0: signal 3 (SIGQUIT) received, 
shutting down
2009/07/07 14:00:04 [notice] 15088#0: gracefully shutting down
2009/07/07 14:00:07 [notice] 15088#0: exiting
2009/07/07 14:00:07 [notice] 15088#0: exit
2009/07/07 14:00:07 [notice] 15087#0: signal 17 (SIGCHLD) received
2009/07/07 14:00:07 [notice] 15087#0: worker process 15088 exited with 
code 0
2009/07/07 14:00:07 [notice] 15087#0: exit

any ideas?

On 07/07/2009 01:36 PM, Juergen Gotteswinter wrote:
> Hello,
>
> i got a nginx 0.7.61 running on centos 5.3 x86_64 which keeps crashing 
> with
>
> panic: MUTEX_LOCK (22) [op.c:352].
>
> any ideas? or is this a known problem?
>
>
>

-- 
InterNetX GmbH
Maximilianstrasse 6
D-93047 Regensburg

Tel. +49 941 59559-480
Fax  +49 941 59559-245

Gesch?ftsf?hrer/CEO: Thomas M?rz
Amtsgericht Regensburg, HRB 7142





From mdounin at mdounin.ru  Tue Jul  7 16:29:55 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 7 Jul 2009 16:29:55 +0400
Subject: nginx 0.7.61 keeps crashing
In-Reply-To: <4A533E00.4090006@internetx.de>
References: <4A53333B.1020605@internetx.de> <4A533E00.4090006@internetx.de>
Message-ID: <20090707122954.GV5360@mdounin.ru>

Hello!

On Tue, Jul 07, 2009 at 02:22:24PM +0200, InterNetX - J?rgen Gotteswinter wrote:

> i found some discussions about this, and it seems that the nginx perl  
> module can cause this on systems with threaded perl. i recompiled the  
> rpm without the "--with-perl..." part and reinstalled nginx. a few  
> minutes later nginx died again, here are the last lines from error.log
>
> 2009/07/07 14:00:04 [notice] 15087#0: signal 3 (SIGQUIT) received,  
> shutting down
> 2009/07/07 14:00:04 [notice] 15088#0: gracefully shutting down
> 2009/07/07 14:00:07 [notice] 15088#0: exiting
> 2009/07/07 14:00:07 [notice] 15088#0: exit
> 2009/07/07 14:00:07 [notice] 15087#0: signal 17 (SIGCHLD) received
> 2009/07/07 14:00:07 [notice] 15087#0: worker process 15088 exited with  
> code 0
> 2009/07/07 14:00:07 [notice] 15087#0: exit
>
> any ideas?

Somebody sent QUIT signal to nginx master.  From the time (14:00) 
it looks like wrongly implemented log rotation (e.g. via restart 
or something like).  For log rotation use USR1 signal, it was 
specially designated for this (and instructs nginx to just reopen 
logs without any extra unneeded work).

Maxim Dounin

>
> On 07/07/2009 01:36 PM, Juergen Gotteswinter wrote:
>> Hello,
>>
>> i got a nginx 0.7.61 running on centos 5.3 x86_64 which keeps crashing  
>> with
>>
>> panic: MUTEX_LOCK (22) [op.c:352].
>>
>> any ideas? or is this a known problem?
>>
>>
>>
>
> -- 
> InterNetX GmbH
> Maximilianstrasse 6
> D-93047 Regensburg
>
> Tel. +49 941 59559-480
> Fax  +49 941 59559-245
>
> Gesch?ftsf?hrer/CEO: Thomas M?rz
> Amtsgericht Regensburg, HRB 7142
>
>




From jemminger at gmail.com  Tue Jul  7 16:46:58 2009
From: jemminger at gmail.com (jeff emminger)
Date: Tue, 7 Jul 2009 08:46:58 -0400
Subject: Thanks !
In-Reply-To: <3bea96c40907070519n1235af88sba7328478dfb96ce@mail.gmail.com>
References: <3bea96c40907070519n1235af88sba7328478dfb96ce@mail.gmail.com>
Message-ID: <8b109c50907070546v7d50762ncffa1346e5a0c343@mail.gmail.com>

2009/7/7 J?r?me Loyet <jerome at loyet.net>:
> Hi all, Hi Igor,
>
> I've been working on a huge event for one of my customer. We were
> running apache / php5_module. We switched to nginx with proxy to
> apache / php5_module. The proxy_cache feature and gzip level 9 have
> been used.
>

I'm interested, why does nginx just proxy back to apache+php?  Is
apache's balancing the inefficient part?




From jerome at loyet.net  Tue Jul  7 16:54:53 2009
From: jerome at loyet.net (=?ISO-8859-1?B?Suly9G1lIExveWV0?=)
Date: Tue, 7 Jul 2009 14:54:53 +0200
Subject: Thanks !
In-Reply-To: <8b109c50907070546v7d50762ncffa1346e5a0c343@mail.gmail.com>
References: <3bea96c40907070519n1235af88sba7328478dfb96ce@mail.gmail.com>
	 <8b109c50907070546v7d50762ncffa1346e5a0c343@mail.gmail.com>
Message-ID: <3bea96c40907070554k5e003b84g683af2619d760dd2@mail.gmail.com>

2009/7/7 jeff emminger <jemminger at gmail.com>:
> 2009/7/7 J?r?me Loyet <jerome at loyet.net>:
>> Hi all, Hi Igor,
>>
>> I've been working on a huge event for one of my customer. We were
>> running apache / php5_module. We switched to nginx with proxy to
>> apache / php5_module. The proxy_cache feature and gzip level 9 have
>> been used.
>>
>
> I'm interested, why does nginx just proxy back to apache+php?
because the php code has been tested only on apache and the customer
don't want to try something else. A third party compagny handle de
development of the application. We have a lots of constrains here.

> Is apache's balancing the inefficient part?

What do you mean by "apache's balancing" ?




From juergen.gotteswinter at internetx.de  Tue Jul  7 17:03:18 2009
From: juergen.gotteswinter at internetx.de (=?UTF-8?B?SW50ZXJOZXRYIC0gSsO8cmdlbiBHb3R0ZXN3aW50ZXI=?=)
Date: Tue, 07 Jul 2009 15:03:18 +0200
Subject: nginx 0.7.61 keeps crashing
In-Reply-To: <20090707122954.GV5360@mdounin.ru>
References: <4A53333B.1020605@internetx.de> <4A533E00.4090006@internetx.de> <20090707122954.GV5360@mdounin.ru>
Message-ID: <4A534796.1070701@internetx.de>

Hello Maxim,

logrotate is done with -USR Signal, anyway i disabled the nginx 
logrotate for the first. lets see if it helps.

Thanks for help :)

Juergen

On 07/07/2009 02:29 PM, Maxim Dounin wrote:
> Hello!
>
> On Tue, Jul 07, 2009 at 02:22:24PM +0200, InterNetX - J?rgen Gotteswinter wrote:
>
>    
>> i found some discussions about this, and it seems that the nginx perl
>> module can cause this on systems with threaded perl. i recompiled the
>> rpm without the "--with-perl..." part and reinstalled nginx. a few
>> minutes later nginx died again, here are the last lines from error.log
>>
>> 2009/07/07 14:00:04 [notice] 15087#0: signal 3 (SIGQUIT) received,
>> shutting down
>> 2009/07/07 14:00:04 [notice] 15088#0: gracefully shutting down
>> 2009/07/07 14:00:07 [notice] 15088#0: exiting
>> 2009/07/07 14:00:07 [notice] 15088#0: exit
>> 2009/07/07 14:00:07 [notice] 15087#0: signal 17 (SIGCHLD) received
>> 2009/07/07 14:00:07 [notice] 15087#0: worker process 15088 exited with
>> code 0
>> 2009/07/07 14:00:07 [notice] 15087#0: exit
>>
>> any ideas?
>>      
> Somebody sent QUIT signal to nginx master.  From the time (14:00)
> it looks like wrongly implemented log rotation (e.g. via restart
> or something like).  For log rotation use USR1 signal, it was
> specially designated for this (and instructs nginx to just reopen
> logs without any extra unneeded work).
>
> Maxim Dounin
>
>    
>> On 07/07/2009 01:36 PM, Juergen Gotteswinter wrote:
>>      
>>> Hello,
>>>
>>> i got a nginx 0.7.61 running on centos 5.3 x86_64 which keeps crashing
>>> with
>>>
>>> panic: MUTEX_LOCK (22) [op.c:352].
>>>
>>> any ideas? or is this a known problem?
>>>
>>>
>>>
>>>        
>> -- 
>> InterNetX GmbH
>> Maximilianstrasse 6
>> D-93047 Regensburg
>>
>> Tel. +49 941 59559-480
>> Fax  +49 941 59559-245
>>
>> Gesch?ftsf?hrer/CEO: Thomas M?rz
>> Amtsgericht Regensburg, HRB 7142
>>
>>
>>      
>
>    

-- 
InterNetX GmbH
Maximilianstrasse 6
D-93047 Regensburg

Tel. +49 941 59559-480
Fax  +49 941 59559-245

Gesch?ftsf?hrer/CEO: Thomas M?rz
Amtsgericht Regensburg, HRB 7142





From jemminger at gmail.com  Tue Jul  7 18:09:57 2009
From: jemminger at gmail.com (jeff emminger)
Date: Tue, 7 Jul 2009 10:09:57 -0400
Subject: Thanks !
In-Reply-To: <3bea96c40907070554k5e003b84g683af2619d760dd2@mail.gmail.com>
References: <3bea96c40907070519n1235af88sba7328478dfb96ce@mail.gmail.com>
	 <8b109c50907070546v7d50762ncffa1346e5a0c343@mail.gmail.com>
	 <3bea96c40907070554k5e003b84g683af2619d760dd2@mail.gmail.com>
Message-ID: <8b109c50907070709x7eba794fh7b53003fc46eb055@mail.gmail.com>

>> Is apache's balancing the inefficient part?
>
> What do you mean by "apache's balancing" ?
>
>

mod_balancer




From jerome at loyet.net  Tue Jul  7 18:22:12 2009
From: jerome at loyet.net (=?ISO-8859-1?B?Suly9G1lIExveWV0?=)
Date: Tue, 7 Jul 2009 16:22:12 +0200
Subject: Thanks !
In-Reply-To: <8b109c50907070709x7eba794fh7b53003fc46eb055@mail.gmail.com>
References: <3bea96c40907070519n1235af88sba7328478dfb96ce@mail.gmail.com>
	 <8b109c50907070546v7d50762ncffa1346e5a0c343@mail.gmail.com>
	 <3bea96c40907070554k5e003b84g683af2619d760dd2@mail.gmail.com>
	 <8b109c50907070709x7eba794fh7b53003fc46eb055@mail.gmail.com>
Message-ID: <3bea96c40907070722o736c7a78hd55a186e04fc0c1e@mail.gmail.com>

2009/7/7 jeff emminger <jemminger at gmail.com>:
>>> Is apache's balancing the inefficient part?
>>
>> What do you mean by "apache's balancing" ?
>>
>>
>
> mod_balancer

We're not using mod_balancers, we have two dedicated servers running
LVS. LVS load balances requests to nginx which sent the request to
apache / php on localhost.




From jemminger at gmail.com  Tue Jul  7 19:01:19 2009
From: jemminger at gmail.com (jeff emminger)
Date: Tue, 7 Jul 2009 11:01:19 -0400
Subject: Thanks !
In-Reply-To: <3bea96c40907070722o736c7a78hd55a186e04fc0c1e@mail.gmail.com>
References: <3bea96c40907070519n1235af88sba7328478dfb96ce@mail.gmail.com>
	 <8b109c50907070546v7d50762ncffa1346e5a0c343@mail.gmail.com>
	 <3bea96c40907070554k5e003b84g683af2619d760dd2@mail.gmail.com>
	 <8b109c50907070709x7eba794fh7b53003fc46eb055@mail.gmail.com>
	 <3bea96c40907070722o736c7a78hd55a186e04fc0c1e@mail.gmail.com>
Message-ID: <8b109c50907070801x2b10a42cla43547dc158d773@mail.gmail.com>

>>
>> mod_balancer
>
> We're not using mod_balancers, we have two dedicated servers running
> LVS. LVS load balances requests to nginx which sent the request to
> apache / php on localhost.
>
>

I'm just curious as to why putting nginx in front of it all allows
apache+php to handle the load, when it seems to be handling the same
requests (for the php) as before.  Unless there is a lot of static
content that nginx is now handling?




From denis at gostats.ru  Tue Jul  7 19:26:07 2009
From: denis at gostats.ru (Denis F. Latypoff)
Date: Tue, 7 Jul 2009 22:26:07 +0700
Subject: Thanks !
In-Reply-To: <8b109c50907070801x2b10a42cla43547dc158d773@mail.gmail.com>
References: <3bea96c40907070519n1235af88sba7328478dfb96ce@mail.gmail.com> <8b109c50907070546v7d50762ncffa1346e5a0c343@mail.gmail.com> <3bea96c40907070554k5e003b84g683af2619d760dd2@mail.gmail.com> <8b109c50907070709x7eba794fh7b53003fc46eb055@mail.gmail.com> <3bea96c40907070722o736c7a78hd55a186e04fc0c1e@mail.gmail.com> <8b109c50907070801x2b10a42cla43547dc158d773@mail.gmail.com>
Message-ID: <77175107.20090707222607@gostats.ru>

Hello jeff,

Tuesday, July 7, 2009, 10:01:19 PM, you wrote:

>>>
>>> mod_balancer
>>
>> We're not using mod_balancers, we have two dedicated servers running
>> LVS. LVS load balances requests to nginx which sent the request to
>> apache / php on localhost.
>>
>>

> I'm just curious as to why putting nginx in front of it all allows
> apache+php to handle the load, when it seems to be handling the same
> requests (for the php) as before.  Unless there is a lot of static
> content that nginx is now handling?

nginx great reduces apache load with the many slow clients. So apache
processes (slots) are freed very fast with the nginx installed in
front of.

-- 
Best regards,
 Denis                            mailto:denis at gostats.ru





From jerome at loyet.net  Tue Jul  7 19:34:24 2009
From: jerome at loyet.net (=?ISO-8859-1?B?Suly9G1lIExveWV0?=)
Date: Tue, 7 Jul 2009 17:34:24 +0200
Subject: Thanks !
In-Reply-To: <8b109c50907070801x2b10a42cla43547dc158d773@mail.gmail.com>
References: <3bea96c40907070519n1235af88sba7328478dfb96ce@mail.gmail.com>
	 <8b109c50907070546v7d50762ncffa1346e5a0c343@mail.gmail.com>
	 <3bea96c40907070554k5e003b84g683af2619d760dd2@mail.gmail.com>
	 <8b109c50907070709x7eba794fh7b53003fc46eb055@mail.gmail.com>
	 <3bea96c40907070722o736c7a78hd55a186e04fc0c1e@mail.gmail.com>
	 <8b109c50907070801x2b10a42cla43547dc158d773@mail.gmail.com>
Message-ID: <3bea96c40907070834t5242faa7t418c89d2d0c55937@mail.gmail.com>

2009/7/7 jeff emminger <jemminger at gmail.com>:
>>>
>>> mod_balancer
>>
>> We're not using mod_balancers, we have two dedicated servers running
>> LVS. LVS load balances requests to nginx which sent the request to
>> apache / php on localhost.
>>
>>
>
> I'm just curious as to why putting nginx in front of it all allows
> apache+php to handle the load, when it seems to be handling the same
> requests (for the php) as before. ?Unless there is a lot of static
> content that nginx is now handling?

nginx as a reverse proxy handles the connections (keepalived) so
apache does not have to spend time and ressources to handle them. THen
nginx is caching PHP pages, so apache load is much much less than
before (hundreds of process befire, only several now).




From gabe at vtunnel.com  Tue Jul  7 19:34:43 2009
From: gabe at vtunnel.com (Gabriel Ramuglia)
Date: Tue, 7 Jul 2009 08:34:43 -0700
Subject: Thanks !
In-Reply-To: <8b109c50907070801x2b10a42cla43547dc158d773@mail.gmail.com>
References: <3bea96c40907070519n1235af88sba7328478dfb96ce@mail.gmail.com>
	 <8b109c50907070546v7d50762ncffa1346e5a0c343@mail.gmail.com>
	 <3bea96c40907070554k5e003b84g683af2619d760dd2@mail.gmail.com>
	 <8b109c50907070709x7eba794fh7b53003fc46eb055@mail.gmail.com>
	 <3bea96c40907070722o736c7a78hd55a186e04fc0c1e@mail.gmail.com>
	 <8b109c50907070801x2b10a42cla43547dc158d773@mail.gmail.com>
Message-ID: <932ea6c90907070834h5546151m66710cf3ca5f3a53@mail.gmail.com>

If he's pushing massive amounts of bandwidth, just having nginx in
front can help free up the apache slots, as apache only has to stay
open long enough to send its result to nginx, rather than stay open
long enough to handle the entire connection for the end user. that
could be a double edged sword / backfire however if the data being
sent is larger than the size the apache slot would typically be, but
if not it would be a help there. and it sounds from what was said that
the cache module has helped quite a bit as well. if you are dealing
with static content read from disk, then using nginx's single threaded
architecture is especially better suited to that compared to using
apache. 600megabit of streaming or downloads would just fall over and
die with apache, especially if the per stream rates started to suffer,
the number of apache slots to support that would soar.

On Tue, Jul 7, 2009 at 8:01 AM, jeff emminger<jemminger at gmail.com> wrote:
>>>
>>> mod_balancer
>>
>> We're not using mod_balancers, we have two dedicated servers running
>> LVS. LVS load balances requests to nginx which sent the request to
>> apache / php on localhost.
>>
>>
>
> I'm just curious as to why putting nginx in front of it all allows
> apache+php to handle the load, when it seems to be handling the same
> requests (for the php) as before. ?Unless there is a lot of static
> content that nginx is now handling?
>
>




From yanleech at gmail.com  Tue Jul  7 21:47:34 2009
From: yanleech at gmail.com (Leechael Yim)
Date: Wed, 8 Jul 2009 01:47:34 +0800
Subject: 404 instead of "no inout file specified"?
In-Reply-To: <20090701142046.GG5360@mdounin.ru>
References: <6b1504c40907010652ib89ca65j40f918eb4035c3d5@mail.gmail.com> 
	<20090701142046.GG5360@mdounin.ru>
Message-ID: <b49384fc0907071047u7b3a1e93u3c02b21ff4f23b64@mail.gmail.com>

<code lang="nginx">
if (-f $request_filename) {    fastcgi_pass 127.0.0.1:9000;
}
</code>

OR:

<code lang="nginx">
if (!-f $request_filename) {
    return 404;
}
fastcgi_pass 127.0.0.1:9000;
</code>

The first one is what I current used with my Nginx.

On Wed, Jul 1, 2009 at 10:20 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:

> Hello!
>
> On Wed, Jul 01, 2009 at 02:52:06PM +0100, Nuno Magalh?es wrote:
>
> > Greetings,
> >
> > If i provide a valid URL, it's processed.
> > If i provide an invalid URL, nginx shows the 404 page except it the
> > invalid URL ends in .php - in that case i get the "no input file
> > specified" message.
>
> Looks like you've configured passing urls ending with ".php" to
> php for processing.  So you got errors from php, not from nginx.
> It's expected behaviour, no?
>
> And, actually, "no input file specified" *is* 404 error.  It's
> just has some fancy php-specific content.
>
> > I'm in the process of changing my php files to an html extension (i
> > assume that would "fix" things), however, i'd like to get a 404
> > instead of the message regardless.
> >
> > I tried using "fastcgi_intercept_errors off" in the conf for my server
> > (in sites-available), but it didn't do anything (i did restart both
> > nginx and the fast-cgi processes).
> >
> > Is there a better way?
>
> If you want to change error page returned by php to something
> pretty-looking, you should:
>
> 1. Use "fastcgi_intercept_errors on;" to instruct nginx to
> intercept and change errors returned by fastcgi application.
>
> 2. Make sure you explicitly configured error_page for 404.
> Default compiled-in error pages are used only for nginx own
> errors, not for fastcgi_intercept_errors/proxy_intercept_errors.
>
> So your resulting config should look like:
>
>    error_page  404  /404.html;
>
>    location ~ \.php$ {
>        fastcgi_pass ...;
>        fastcgi_intercept_errors on;
>    }
>
>    ...
>
> Maxim Dounin
>
>


-- 
Twitter: http://www.twitter.com/leechael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090708/62b52445/attachment.html>

From edhoprima at gmail.com  Tue Jul  7 22:09:50 2009
From: edhoprima at gmail.com (Edho P Arief)
Date: Wed, 8 Jul 2009 01:09:50 +0700
Subject: 404 instead of "no inout file specified"?
In-Reply-To: <b49384fc0907071047u7b3a1e93u3c02b21ff4f23b64@mail.gmail.com>
References: <6b1504c40907010652ib89ca65j40f918eb4035c3d5@mail.gmail.com>
	 <20090701142046.GG5360@mdounin.ru>
	 <b49384fc0907071047u7b3a1e93u3c02b21ff4f23b64@mail.gmail.com>
Message-ID: <a3780c060907071109y44c2103fj2e9641284c5640a9@mail.gmail.com>

On Wed, Jul 8, 2009 at 12:47 AM, Leechael Yim<yanleech at gmail.com> wrote:
> <code lang="nginx">
> if (-f $request_filename) {
> ?? ?fastcgi_pass 127.0.0.1:9000;
> }
> </code>
> OR:
> <code lang="nginx">
> if (!-f $request_filename) {
> ?? ?return 404;
> }
> fastcgi_pass 127.0.0.1:9000;
> </code>
> The first one is what I current used with my Nginx.


location ~ \.php$ {
  try_files $uri @404;
  ...
}

location @404 {
  return 404; # or custom error page
}

when will people stop using !-f $request_filename...

-- 
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org




From nginx-forum at nginx.us  Tue Jul  7 22:10:21 2009
From: nginx-forum at nginx.us (vburshteyn)
Date: Tue, 7 Jul 2009 14:10:21 -0400
Subject: proxy_cache
Message-ID: <2171f33932c1ad149e34661339012770.NginxMailingList@forum.nginx.org>

Hi folks,  Before i get started i read that somebody posted simmilar thread but since i am still learning this, the answer/solution did not make sense.

I have set up proxy_cache on my nginx but it seems that it is not writing to the cache directory.


http {

upstream backend
{
server 10.176.67.151:8080;
}


proxy_cache_path /etc/nginx/cache/ levels=1:2 keys_zone=one:10m max_size=200m;
#proxy_temp_path /etc/nginx/temp; 


server {
    listen 10.176.67.151:80;

location / {
proxy_pass http://backend;
proxy_cache one;
proxy_cache_key         backend$request_uri;
proxy_cache_valid       10m;
include /etc/nginx/proxy.conf;

}

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3826,3826#msg-3826





From pchychi at gmail.com  Tue Jul  7 22:27:26 2009
From: pchychi at gmail.com (Payam Chychi)
Date: Tue, 7 Jul 2009 11:27:26 -0700
Subject: proxy_cache
In-Reply-To: <2171f33932c1ad149e34661339012770.NginxMailingList@forum.nginx.org>
References: <2171f33932c1ad149e34661339012770.NginxMailingList@forum.nginx.org>
Message-ID: <f08c15d10907071127q2cac0560l92440958f9bb29a8@mail.gmail.com>

On Tue, Jul 7, 2009 at 11:10 AM, vburshteyn<nginx-forum at nginx.us> wrote:
> Hi folks, ?Before i get started i read that somebody posted simmilar thread but since i am still learning this, the answer/solution did not make sense.
>
> I have set up proxy_cache on my nginx but it seems that it is not writing to the cache directory.
>
>
> http {
>
> upstream backend
> {
> server 10.176.67.151:8080;
> }
>
>
> proxy_cache_path /etc/nginx/cache/ levels=1:2 keys_zone=one:10m max_size=200m;
> #proxy_temp_path /etc/nginx/temp;
>
>
> server {
> ? ?listen 10.176.67.151:80;
>
> location / {
> proxy_pass http://backend;
> proxy_cache one;
> proxy_cache_key ? ? ? ? backend$request_uri;
> proxy_cache_valid ? ? ? 10m;
> include /etc/nginx/proxy.conf;
>
> }
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3826,3826#msg-3826
>
>
>

can you run logging with debug? then show us the log file... it will
show exactly what is happening. Also, i would recomend you NOT using
the following if you host more than 1 site on teh same upstream:

" proxy_cache_key         backend$request_uri;"
make it uniqu to every site if possible else you may get wrong content
served back out to requests that have the same md5

-Payam


-- 
Payam Tarverdyan Chychi
Network Security Specialist / Network Engineer




From yanleech at gmail.com  Tue Jul  7 22:30:10 2009
From: yanleech at gmail.com (Leechael Yim)
Date: Wed, 8 Jul 2009 02:30:10 +0800
Subject: 404 instead of "no inout file specified"?
In-Reply-To: <a3780c060907071109y44c2103fj2e9641284c5640a9@mail.gmail.com>
References: <6b1504c40907010652ib89ca65j40f918eb4035c3d5@mail.gmail.com> 
	<20090701142046.GG5360@mdounin.ru> <b49384fc0907071047u7b3a1e93u3c02b21ff4f23b64@mail.gmail.com> 
	<a3780c060907071109y44c2103fj2e9641284c5640a9@mail.gmail.com>
Message-ID: <b49384fc0907071130q1d6fb503uc5665ce2037447e1@mail.gmail.com>

Some situation like, this moment, I got your email....

On Wed, Jul 8, 2009 at 2:09 AM, Edho P Arief <edhoprima at gmail.com> wrote:

> On Wed, Jul 8, 2009 at 12:47 AM, Leechael Yim<yanleech at gmail.com> wrote:
> > <code lang="nginx">
> > if (-f $request_filename) {
> >     fastcgi_pass 127.0.0.1:9000;
> > }
> > </code>
> > OR:
> > <code lang="nginx">
> > if (!-f $request_filename) {
> >     return 404;
> > }
> > fastcgi_pass 127.0.0.1:9000;
> > </code>
> > The first one is what I current used with my Nginx.
>
>
> location ~ \.php$ {
>  try_files $uri @404;
>  ...
> }
>
> location @404 {
>  return 404; # or custom error page
> }
>
> when will people stop using !-f $request_filename...
>
> --
> O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
>
>


-- 
Twitter: http://www.twitter.com/leechael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090708/c82ba679/attachment.html>

From mdounin at mdounin.ru  Tue Jul  7 23:38:52 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 7 Jul 2009 23:38:52 +0400
Subject: 404 instead of "no inout file specified"?
In-Reply-To: <b49384fc0907071047u7b3a1e93u3c02b21ff4f23b64@mail.gmail.com>
References: <6b1504c40907010652ib89ca65j40f918eb4035c3d5@mail.gmail.com> <20090701142046.GG5360@mdounin.ru> <b49384fc0907071047u7b3a1e93u3c02b21ff4f23b64@mail.gmail.com>
Message-ID: <20090707193852.GA54083@mdounin.ru>

Hello!

On Wed, Jul 08, 2009 at 01:47:34AM +0800, Leechael Yim wrote:

> <code lang="nginx">
> if (-f $request_filename) {    fastcgi_pass 127.0.0.1:9000;
> }
> </code>
> 
> OR:
> 
> <code lang="nginx">
> if (!-f $request_filename) {
>     return 404;
> }
> fastcgi_pass 127.0.0.1:9000;
> </code>
> 
> The first one is what I current used with my Nginx.

Both snippets

1. Use if() which is evil.  It was explained a lot of times here 
why if's are evil, so I'm not going to repeat.

2. Just won't work with backend(s) on other host(s).

Maxim Dounin

> 
> On Wed, Jul 1, 2009 at 10:20 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> 
> > Hello!
> >
> > On Wed, Jul 01, 2009 at 02:52:06PM +0100, Nuno Magalh?es wrote:
> >
> > > Greetings,
> > >
> > > If i provide a valid URL, it's processed.
> > > If i provide an invalid URL, nginx shows the 404 page except it the
> > > invalid URL ends in .php - in that case i get the "no input file
> > > specified" message.
> >
> > Looks like you've configured passing urls ending with ".php" to
> > php for processing.  So you got errors from php, not from nginx.
> > It's expected behaviour, no?
> >
> > And, actually, "no input file specified" *is* 404 error.  It's
> > just has some fancy php-specific content.
> >
> > > I'm in the process of changing my php files to an html extension (i
> > > assume that would "fix" things), however, i'd like to get a 404
> > > instead of the message regardless.
> > >
> > > I tried using "fastcgi_intercept_errors off" in the conf for my server
> > > (in sites-available), but it didn't do anything (i did restart both
> > > nginx and the fast-cgi processes).
> > >
> > > Is there a better way?
> >
> > If you want to change error page returned by php to something
> > pretty-looking, you should:
> >
> > 1. Use "fastcgi_intercept_errors on;" to instruct nginx to
> > intercept and change errors returned by fastcgi application.
> >
> > 2. Make sure you explicitly configured error_page for 404.
> > Default compiled-in error pages are used only for nginx own
> > errors, not for fastcgi_intercept_errors/proxy_intercept_errors.
> >
> > So your resulting config should look like:
> >
> >    error_page  404  /404.html;
> >
> >    location ~ \.php$ {
> >        fastcgi_pass ...;
> >        fastcgi_intercept_errors on;
> >    }
> >
> >    ...
> >
> > Maxim Dounin
> >
> >
> 
> 
> -- 
> Twitter: http://www.twitter.com/leechael




From tlott at gamesnet.de  Wed Jul  8 01:52:00 2009
From: tlott at gamesnet.de (Tobias Lott)
Date: Tue, 7 Jul 2009 23:52:00 +0200
Subject: Did I got try_files wrong? and bad gateway 502
In-Reply-To: <20090707020609.GS5360@mdounin.ru>
References: <20090706053727.43700b5d@sub.han.vpn.gamesnet.de>
	<bd9320b30907052139m43c5a05aj818031503f1ab672@mail.gmail.com>
	<20090706120341.5ab5e64f@sub.han.vpn.gamesnet.de>
	<bd9320b30907061329v78264ab7gfe000b3ae9e8b8c4@mail.gmail.com>
	<20090706235202.7b12b96d@sub.han.vpn.gamesnet.de>
	<20090707020609.GS5360@mdounin.ru>
Message-ID: <20090707235200.718e323c@sub.han.vpn.gamesnet.de>



On Tue, 7 Jul 2009 06:06:10 +0400
Maxim Dounin <mdounin at mdounin.ru> wrote:

> Hello!
> 
> On Mon, Jul 06, 2009 at 11:52:02PM +0200, Tobias Lott wrote:
> 
> > 
> > 
> > On Mon, 6 Jul 2009 13:29:58 -0700
> > Michael Shadle <mike503 at gmail.com> wrote:
> > 
> > > Check the nginx error log for what the message is when you hit
> > > those 502's.
> > > 
> > > Perhaps apache is too busy to service the request or is sending
> > > malformed resposne etc?
> > > 
> > > On Mon, Jul 6, 2009 at 3:03 AM, Tobias Lott<tlott at gamesnet.de>
> > > wrote:
> > > >
> > > >
> > > > On Sun, 5 Jul 2009 21:39:44 -0700
> > > > Michael Shadle <mike503 at gmail.com> wrote:
> > > >
> > > >> On Sun, Jul 5, 2009 at 8:37 PM, Tobias Lott<tlott at gamesnet.de>
> > > >> wrote:
> > > >>
> > > >> > Additionally I got another issue, which is that customers
> > > >> > getting 502s pretty damn randomly (using nginx-0.7.61 as
> > > >> > frontend and apache 2.2.11 as backend for the time being,
> > > >> > which gonna gets migrated soon). Was trying to tweak a lil
> > > >> > with proxy_*_timeout and keepalive_timeout but since its not
> > > >> > reproducible I can't be sure its fixed, are there some "good
> > > >> > to go" values or another option to check?
> > > >>
> > > >> Is it nginx giving the 502 or apache?
> > > >>
> > > >
> > > > nginx is giving the 502
> > > >
> > > > --
> > > > Tobias Lott
> > > >
> > > >
> > > 
> > 
> > The only error log entry thats consistent with the 502 is the
> > following, but its not the same file, one type of file, same client:
> > 
> > 2009/07/06 22:48:20 [crit] 86851#0: *183664 connect() to
> > XX.XX.XX.XX:XX failed (1: Operation not permitted) while connecting
> > to upstream, client: XX.XX.XX.XX, server: hostname.tld, request:
> > "GET /some/random/picture.jpg HTTP/1.1", upstream:
> > "http://XX.XX.XX.XX:XX/some/random/picture.jpg",
> > host: "hostname.tld", referrer: "http://hostname.tld/some/"
> 
> This is EPERM, and most typical reasons include statefull firewall 
> between nginx frontend and backend or timewait reuse switched off.
> 
> If it's statefull firewall - remove it or convert to non-statefull 
> one.
> 
> If it's timewait issue - switch on timewait reuse/recycle (see your
> OS tuning guides to find out how).
> 
> > There is nothing in Apache error/access log at that time.
> 
> Since nginx wasn't allowed to connect() - it's somewhat expected.
> 
> Maxim Dounin
> 

True TIME_WAIT is the Problem, thanks for the hint!

Anybody got an idea to my other Issue?:

>I got a problem understanding try_files I guess.
>
>Got this as configuration :
>
>location = / { rewrite ^(.*)$ /shop/ redirect; }
>
>location / {
>	proxy_pass  http://backend:10060;
>	proxy_set_header  X-Real-IP  $remote_addr;
>	proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
>	proxy_set_header Host $http_host;
>	proxy_redirect off;
>	proxy_connect_timeout      90;
>	proxy_send_timeout         90;
>	proxy_read_timeout         120;
>}
>
>
>Problem is that I cant "catch" all 404 and rewrite it
>to /shop/index.php but with "if" (which I shouldn't use cause of
>possible performance issues, Igor mentioned I think.)
>
>Doesn't work:
>try_files $uri $uri/ /shop/index.php;
>error_page 404 /shop/index.php;
>
>Works:
>if (!-f $request_filename) { rewrite ^(.*)$  /shop/index.php
>redirect; }


-- 
Tobias Lott




From merlincorey at dc949.org  Wed Jul  8 02:02:56 2009
From: merlincorey at dc949.org (merlin corey)
Date: Tue, 7 Jul 2009 15:02:56 -0700
Subject: try_files and static web site
In-Reply-To: <53F14C2F-996A-4EAB-B0CF-AC209C2B01E0@gmail.com>
References: <68dea8f82aef5a4f9d2f1d4e02a49f5b@ruby-forum.com>
	 <53F14C2F-996A-4EAB-B0CF-AC209C2B01E0@gmail.com>
Message-ID: <e0af94b80907071502q5384dfc4va74c6d0f5d23a4f7@mail.gmail.com>

Agreed.  There is nothing it is doing, no fallback location (always
should be your last location in try_files).

On Mon, Jul 6, 2009 at 10:47 PM, Michael Shadle<mike503 at gmail.com> wrote:
> I see no reason to be using try_files at all in your config.
>
> Sent from my iPhone
>
> On Jul 6, 2009, at 10:33 PM, Jauder Ho <lists at ruby-forum.com> wrote:
>
>> I have a site that is completely static and I figured I would use
>> try_files however this results in HTTP 500 errors for directories i.e.
>> trying to get to http://foo.com/bar/ results in a 500 error. What's
>> wrong with this config? Thanks.
>>
>> --Jauder
>>
>> ?server {
>> ? # port to listen on. Can also be set to an IP:PORT
>> ? listen 80;
>>
>> ? # Set the charset
>> ? charset utf-8;
>>
>> ? # sets the domain[s] that this vhost server requests for
>> ? server_name www.foo.com;
>>
>> ? # doc root
>> ? root /var/www/foo.com;
>>
>> ? # vhost specific access log
>> ? access_log ?/var/log/nginx_access.log ?main;
>>
>>
>> ? # Catchall for everything else
>> ? location / {
>> ? ? root /var/www/foo.com;
>> ? ? access_log off;
>>
>> ? ? index index.html index.shtml;
>> ? ? expires 1d;
>>
>> ? ? try_files $uri $uri/;
>>
>> ? ? #if (-f $request_filename) {
>> ? ? # ?break;
>> ? ? #}
>> ? }
>>
>>
>>
>> ? error_page 500 502 503 504 /500.html;
>> ? error_page 404 /404.html;
>>
>> ?}
>> --
>> Posted via http://www.ruby-forum.com/.
>>
>
>




From nginx-forum at nginx.us  Wed Jul  8 07:26:54 2009
From: nginx-forum at nginx.us (davidc)
Date: Tue, 7 Jul 2009 23:26:54 -0400
Subject: Logging embedded Perl return value
In-Reply-To: <b5601e18946f8638ff7419ea3667845a.NginxMailingList@forum.nginx.org>
References: <b5601e18946f8638ff7419ea3667845a.NginxMailingList@forum.nginx.org>
Message-ID: <5c3917db97182ee1a2fa973d65d5dd3e.NginxMailingList@forum.nginx.org>

I tried patching nginx to produce a '210 Custom Response' which is just a 2xx
success response but without any content. As it doesn't use content I thought
it should behave like the existing HTTP_NO_CONTENT response.

Is there any problem in doing it this way? Is there a better way to add it?

diff -crB /usr/src/redhat/BUILD/nginx-0.7.61/src/http/modules/ngx_http_headers_filter_module.c nginx-0.7.61/src/http/modules/ngx_http_headers_filter_module.c
*** /usr/src/redhat/BUILD/nginx-0.7.61/src/http/modules/ngx_http_headers_filter_module.c        2009-03-26 21:34:37.000000000 +0800
--- nginx-0.7.61/src/http/modules/ngx_http_headers_filter_module.c      2009-07-08 10:25:54.000000000 +0800
***************
*** 145,150 ****
--- 145,151 ----
          || r != r->main
          || (r->headers_out.status != NGX_HTTP_OK
              && r->headers_out.status != NGX_HTTP_NO_CONTENT
+             && r->headers_out.status != NGX_HTTP_CUSTOM_RESPONSE
              && r->headers_out.status != NGX_HTTP_MOVED_PERMANENTLY
              && r->headers_out.status != NGX_HTTP_MOVED_TEMPORARILY
              && r->headers_out.status != NGX_HTTP_NOT_MODIFIED))
diff -crB /usr/src/redhat/BUILD/nginx-0.7.61/src/http/modules/perl/nginx.pm nginx-0.7.61/src/http/modules/perl/nginx.pm
*** /usr/src/redhat/BUILD/nginx-0.7.61/src/http/modules/perl/nginx.pm   2009-06-22 17:23:35.000000000 +0800
--- nginx-0.7.61/src/http/modules/perl/nginx.pm 2009-07-08 10:23:53.000000000 +0800
***************
*** 16,21 ****
--- 16,22 ----
      HTTP_CREATED
      HTTP_NO_CONTENT
      HTTP_PARTIAL_CONTENT
+     HTTP_CUSTOM_RESPONSE

      HTTP_MOVED_PERMANENTLY
      HTTP_MOVED_TEMPORARILY
***************
*** 61,66 ****
--- 62,68 ----
  use constant HTTP_CREATED                   => 201;
  use constant HTTP_NO_CONTENT                => 204;
  use constant HTTP_PARTIAL_CONTENT           => 206;
+ use constant HTTP_CUSTOM_RESPONSE           => 210;

  use constant HTTP_MOVED_PERMANENTLY         => 301;
  use constant HTTP_MOVED_TEMPORARILY         => 302;
diff -crB /usr/src/redhat/BUILD/nginx-0.7.61/src/http/ngx_http_header_filter_module.c nginx-0.7.61/src/http/ngx_http_header_filter_module.c
*** /usr/src/redhat/BUILD/nginx-0.7.61/src/http/ngx_http_header_filter_module.c 2009-05-18 20:58:19.000000000 +0800
--- nginx-0.7.61/src/http/ngx_http_header_filter_module.c       2009-07-08 10:36:55.000000000 +0800
***************
*** 58,67 ****
      ngx_string("204 No Content"),
      ngx_null_string,  /* "205 Reset Content" */
      ngx_string("206 Partial Content"),

      /* ngx_null_string, */  /* "207 Multi-Status" */

! #define NGX_HTTP_LAST_LEVEL_200  207
  #define NGX_HTTP_LEVEL_200       (NGX_HTTP_LAST_LEVEL_200 - 200)

      /* ngx_null_string, */  /* "300 Multiple Choices" */
--- 58,71 ----
      ngx_string("204 No Content"),
      ngx_null_string,  /* "205 Reset Content" */
      ngx_string("206 Partial Content"),
+     ngx_null_string,
+     ngx_null_string,
+     ngx_null_string,
+     ngx_string("210 Custom Response"),

      /* ngx_null_string, */  /* "207 Multi-Status" */

! #define NGX_HTTP_LAST_LEVEL_200  211
  #define NGX_HTTP_LEVEL_200       (NGX_HTTP_LAST_LEVEL_200 - 200)

      /* ngx_null_string, */  /* "300 Multiple Choices" */
***************
*** 220,226 ****
          {
              /* 2XX */

!             if (status == NGX_HTTP_NO_CONTENT) {
                  r->header_only = 1;
                  r->headers_out.content_type.len = 0;
                  r->headers_out.content_type.data = NULL;
--- 224,230 ----
          {
              /* 2XX */

!             if (status == NGX_HTTP_NO_CONTENT || status == NGX_HTTP_CUSTOM_RESPONSE) {
                  r->header_only = 1;
                  r->headers_out.content_type.len = 0;
                  r->headers_out.content_type.data = NULL;
diff -crB /usr/src/redhat/BUILD/nginx-0.7.61/src/http/ngx_http_request.c nginx-0.7.61/src/http/ngx_http_request.c
*** /usr/src/redhat/BUILD/nginx-0.7.61/src/http/ngx_http_request.c      2009-06-22 17:31:33.000000000 +0800
--- nginx-0.7.61/src/http/ngx_http_request.c    2009-07-08 10:23:21.000000000 +0800
***************
*** 1852,1858 ****

      if (rc >= NGX_HTTP_SPECIAL_RESPONSE
          || rc == NGX_HTTP_CREATED
!         || rc == NGX_HTTP_NO_CONTENT)
      {
          if (rc == NGX_HTTP_CLOSE) {
              ngx_http_close_request(r, rc);
--- 1852,1859 ----

      if (rc >= NGX_HTTP_SPECIAL_RESPONSE
          || rc == NGX_HTTP_CREATED
!         || rc == NGX_HTTP_NO_CONTENT
!         || rc == NGX_HTTP_CUSTOM_RESPONSE)
      {
          if (rc == NGX_HTTP_CLOSE) {
              ngx_http_close_request(r, rc);
diff -crB /usr/src/redhat/BUILD/nginx-0.7.61/src/http/ngx_http_request.h nginx-0.7.61/src/http/ngx_http_request.h
*** /usr/src/redhat/BUILD/nginx-0.7.61/src/http/ngx_http_request.h      2009-05-22 19:05:26.000000000 +0800
--- nginx-0.7.61/src/http/ngx_http_request.h    2009-07-08 10:22:48.000000000 +0800
***************
*** 67,72 ****
--- 67,74 ----
  #define NGX_HTTP_NO_CONTENT                204
  #define NGX_HTTP_PARTIAL_CONTENT           206

+ #define NGX_HTTP_CUSTOM_RESPONSE           210
+
  #define NGX_HTTP_SPECIAL_RESPONSE          300
  #define NGX_HTTP_MOVED_PERMANENTLY         301
  #define NGX_HTTP_MOVED_TEMPORARILY         302
diff -crB /usr/src/redhat/BUILD/nginx-0.7.61/src/http/ngx_http_script.c nginx-0.7.61/src/http/ngx_http_script.c
*** /usr/src/redhat/BUILD/nginx-0.7.61/src/http/ngx_http_script.c       2009-04-27 19:32:33.000000000 +0800
--- nginx-0.7.61/src/http/ngx_http_script.c     2009-07-08 10:27:24.000000000 +0800
***************
*** 1281,1287 ****

      e->status = code->status;

!     if (code->status == NGX_HTTP_NO_CONTENT) {
          e->request->header_only = 1;
          e->request->zero_body = 1;
      }
--- 1281,1289 ----

      e->status = code->status;

!     if (code->status == NGX_HTTP_NO_CONTENT
!         || code->status == NGX_HTTP_CUSTOM_RESPONSE) {
!
          e->request->header_only = 1;
          e->request->zero_body = 1;
      }
diff -crB /usr/src/redhat/BUILD/nginx-0.7.61/src/http/ngx_http_special_response.c nginx-0.7.61/src/http/ngx_http_special_response.c
*** /usr/src/redhat/BUILD/nginx-0.7.61/src/http/ngx_http_special_response.c     2009-05-25 17:06:29.000000000 +0800
--- nginx-0.7.61/src/http/ngx_http_special_response.c   2009-07-08 10:28:09.000000000 +0800
***************
*** 404,410 ****
          err = 0;
          r->header_only = 1;

!     } else if (error == NGX_HTTP_NO_CONTENT) {
          /* 204 */
          err = 0;

--- 404,410 ----
          err = 0;
          r->header_only = 1;

!     } else if (error == NGX_HTTP_NO_CONTENT || error == NGX_HTTP_CUSTOM_RESPONSE) {
          /* 204 */
          err = 0;

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,933,3857#msg-3857





From jg at internetx.de  Wed Jul  8 12:39:11 2009
From: jg at internetx.de (Juergen Gotteswinter)
Date: Wed, 08 Jul 2009 10:39:11 +0200
Subject: Critical SSL Errors
Message-ID: <4A545B2F.1040506@internetx.de>

Hallo,

i get those critical ssl errors in our nginx error log

2009/07/08 10:33:35 [crit] 15582#0: *382780 SSL_do_handshake() failed 
(SSL: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown 
protocol) while SSL handshaking, client: 212.19.39.200, server: XXXXXXXXXXX

the ssl connections cant be established in this case. anyone seen 
something like this before?

thanks

Juergen





From is at rambler-co.ru  Wed Jul  8 15:39:27 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 8 Jul 2009 15:39:27 +0400
Subject: Critical SSL Errors
In-Reply-To: <4A545B2F.1040506@internetx.de>
References: <4A545B2F.1040506@internetx.de>
Message-ID: <20090708113927.GE49412@rambler-co.ru>

On Wed, Jul 08, 2009 at 10:39:11AM +0200, Juergen Gotteswinter wrote:

> Hallo,
> 
> i get those critical ssl errors in our nginx error log
> 
> 2009/07/08 10:33:35 [crit] 15582#0: *382780 SSL_do_handshake() failed 
> (SSL: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown 
> protocol) while SSL handshaking, client: 212.19.39.200, server: XXXXXXXXXXX
> 
> the ssl connections cant be established in this case. anyone seen 
> something like this before?

The most SSL errors were logged on crit level until recently.
Now at least in 0.7.x many of them are logged on info level.


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Wed Jul  8 17:15:19 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 8 Jul 2009 17:15:19 +0400
Subject: Nginx Punycode Support
In-Reply-To: <4A51B59A.9030208@internetx.de>
References: <4A51B59A.9030208@internetx.de>
Message-ID: <20090708131519.GL49412@rambler-co.ru>

On Mon, Jul 06, 2009 at 10:28:10AM +0200, Juergen Gotteswinter wrote:

> Hello
> 
> does nginx support punycode domains in the server_name directives?

If you mean a domain like this:

server_name  xn--jrgen-gotteswinter-m6b.de;

then it's possible.


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Wed Jul  8 17:18:24 2009
From: nginx-forum at nginx.us (vburshteyn)
Date: Wed, 8 Jul 2009 09:18:24 -0400
Subject: vburshteyn
Message-ID: <2c449df47c612bdeaa42d965f6c610af.NginxMailingList@forum.nginx.org>

Hi folks. back again for more info :)

I need to use the rewrite module to rewrite redirects.

for example

http://www.mysite.com/9-to-5/group_show/569889 needs to be http://groups.bqa.mysite.com/9-to-5/group_show/569889

any idea how i would go about doing this?

Thanks in advance.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3863,3863#msg-3863





From is at rambler-co.ru  Wed Jul  8 17:33:37 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 8 Jul 2009 17:33:37 +0400
Subject: Did I got try_files wrong? and bad gateway 502
In-Reply-To: <20090706053727.43700b5d@sub.han.vpn.gamesnet.de>
References: <20090706053727.43700b5d@sub.han.vpn.gamesnet.de>
Message-ID: <20090708133337.GM49412@rambler-co.ru>

On Mon, Jul 06, 2009 at 05:37:27AM +0200, Tobias Lott wrote:

> Hey Folks
> 
> I got a problem understanding try_files I guess.
> 
> Got this as configuration :
> 
> location = / { rewrite ^(.*)$ /shop/ redirect; }
> 
> location / {
> 	proxy_pass  http://backend:10060;
> 	proxy_set_header  X-Real-IP  $remote_addr;
> 	proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
> 	proxy_set_header Host $http_host;
> 	proxy_redirect off;
> 	proxy_connect_timeout      90;
> 	proxy_send_timeout         90;
> 	proxy_read_timeout         120;
> }
> 
> 
> Problem is that I cant "catch" all 404 and rewrite it
> to /shop/index.php but with "if" (which I shouldn't use cause of
> possible performance issues, Igor mentioned I think.)
> 
> Doesn't work:
> try_files $uri $uri/ /shop/index.php;
> error_page 404 /shop/index.php;
> 
> Works:
> if (!-f $request_filename) { rewrite ^(.*)$  /shop/index.php
> redirect; }

Have you tried this:

  location = / { rewrite ^ /shop/ redirect; }

  location / {
      try_files   $uri  $uri/  /shop/index.php;

      proxy_pass  http://backend:10060;
      ...
  }


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Wed Jul  8 18:15:03 2009
From: nginx-forum at nginx.us (ygo)
Date: Wed, 8 Jul 2009 10:15:03 -0400
Subject: nginx API docs in english
Message-ID: <eee4563176a27533855ca6889415ad91.NginxMailingList@forum.nginx.org>

Is there a chance to see this page http://www.grid.net.ru/nginx/nginx-modules.html translated in English (by a human :) ) ? I am trying to understand nginx and automatic translation is sometime weird and doesn't help at all.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3867,3867#msg-3867





From marlon at hyves.nl  Wed Jul  8 18:17:55 2009
From: marlon at hyves.nl (Marlon de Boer)
Date: Wed, 08 Jul 2009 16:17:55 +0200
Subject: syslog support for the 0.7 and 0.8 branch
Message-ID: <4A54AA93.7040302@hyves.nl>

Hi list,

Had some private emails about a new patch, it can be downloaded at
http://bugs.gentoo.org/attachment.cgi?id=197180.

Thanks to Ben Taitelbaum for making it 0.7 / 0.8 compatible.

Regards
Marlon




From valery+nginxen at grid.net.ru  Wed Jul  8 18:56:55 2009
From: valery+nginxen at grid.net.ru (Valery Kholodkov)
Date: Wed, 8 Jul 2009 15:56:55 +0100 (BST)
Subject: nginx API docs in english
In-Reply-To: <eee4563176a27533855ca6889415ad91.NginxMailingList@forum.nginx.org>
Message-ID: <23257796.82771247065015837.JavaMail.root@zone.mtgsy.net>

It is part of my plan to translate this article to English. May be some day in the future.

----- ygo <nginx-forum at nginx.us> wrote:
> Is there a chance to see this page http://www.grid.net.ru/nginx/nginx-modules.html translated in English (by a human :) ) ? I am trying to understand nginx and automatic translation is sometime weird and doesn't help at all.

-- 
Regards,
Valery Kholodkov




From eden at mojiti.com  Wed Jul  8 19:29:32 2009
From: eden at mojiti.com (Eden Li)
Date: Wed, 8 Jul 2009 08:29:32 -0700
Subject: nginx API docs in english
In-Reply-To: <eee4563176a27533855ca6889415ad91.NginxMailingList@forum.nginx.org>
References: <eee4563176a27533855ca6889415ad91.NginxMailingList@forum.nginx.org>
Message-ID: <180e6a10907080829o5a7459can131e9846a7c33a64@mail.gmail.com>

I don't think it's a direct translation, but this guide is *very*
helpful: http://www.evanmiller.org/nginx-modules-guide.html

I think it was written when 0.6.x was just becoming stable, but most
of it should still apply to 0.7.x

On Wed, Jul 8, 2009 at 7:15 AM, ygo<nginx-forum at nginx.us> wrote:
> Is there a chance to see this page http://www.grid.net.ru/nginx/nginx-modules.html translated in English (by a human :) ) ? I am trying to understand nginx and automatic translation is sometime weird and doesn't help at all.
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3867,3867#msg-3867
>
>
>




From cliff at develix.com  Thu Jul  9 01:14:06 2009
From: cliff at develix.com (Cliff Wells)
Date: Wed, 08 Jul 2009 14:14:06 -0700
Subject: Nginx proxying WebDAV = no love
Message-ID: <1247087646.3689.9.camel@portable-evil>

I'm experimenting with WebDAV using pywebdav:

http://code.google.com/p/pywebdav/

It appears to work quite well if I connect to it 
directly (using either Nautilus and Cadaver as client).

However, when I attempt to proxy to it via Nginx, 
I get messages that it's not a WebDAV-enabled share.

Here's my nginx.conf:

http {
    include       mime.types;
    default_type  application/octet-stream;

    server {
        listen       80;
        server_name  _;

        location / {
            proxy_pass_header Server;
            proxy_set_header  Host $http_host;
            proxy_set_header  X-Forwarded-For $remote_addr;
            proxy_pass        http://127.0.0.1:8008;
        }
    }
}


Cadaver reports the following (nautilus message isn't too informative):

$ cadaver http://localhost/
Could not access / (not WebDAV-enabled?):
Unknown transfer-coding in response
Connection to `localhost' closed.
dav:!> 


I can see the request reaches pywebdav:

localhost - - [08/Jul/2009 14:10:40] "OPTIONS / HTTP/1.0" 200 -
localhost - - [08/Jul/2009 14:10:40] "PROPFIND / HTTP/1.0" 207 -


Nginx access log shows:

127.0.0.1 - - [08/Jul/2009:14:11:20 -0700] "OPTIONS / HTTP/1.1" 200 0 "-" "cadaver/0.23.2 neon/0.28.2"
127.0.0.1 - - [08/Jul/2009:14:11:20 -0700] "PROPFIND / HTTP/1.1" 207 593 "-" "cadaver/0.23.2 neon/0.28.2"


Nginx error log shows nothing.


Regards,
Cliff

-- 
http://www.google.com/search?q=vonage+sucks





From mike503 at gmail.com  Thu Jul  9 02:08:40 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Wed, 8 Jul 2009 15:08:40 -0700
Subject: Nginx proxying WebDAV = no love
In-Reply-To: <1247087646.3689.9.camel@portable-evil>
References: <1247087646.3689.9.camel@portable-evil>
Message-ID: <bd9320b30907081508h1cce7726i8282d79f3c5288bd@mail.gmail.com>

Does nginx even support propfind? Or options?

I see it in the code, but I don't see anything that happens when
someone issues the verb.

It's almost like it stubbed out for future expansion (or so it doesn't
reply with "invalid request" at least)

On Wed, Jul 8, 2009 at 2:14 PM, Cliff Wells<cliff at develix.com> wrote:
> I'm experimenting with WebDAV using pywebdav:
>
> http://code.google.com/p/pywebdav/
>
> It appears to work quite well if I connect to it
> directly (using either Nautilus and Cadaver as client).
>
> However, when I attempt to proxy to it via Nginx,
> I get messages that it's not a WebDAV-enabled share.
>
> Here's my nginx.conf:
>
> http {
> ? ?include ? ? ? mime.types;
> ? ?default_type ?application/octet-stream;
>
> ? ?server {
> ? ? ? ?listen ? ? ? 80;
> ? ? ? ?server_name ?_;
>
> ? ? ? ?location / {
> ? ? ? ? ? ?proxy_pass_header Server;
> ? ? ? ? ? ?proxy_set_header ?Host $http_host;
> ? ? ? ? ? ?proxy_set_header ?X-Forwarded-For $remote_addr;
> ? ? ? ? ? ?proxy_pass ? ? ? ?http://127.0.0.1:8008;
> ? ? ? ?}
> ? ?}
> }
>
>
> Cadaver reports the following (nautilus message isn't too informative):
>
> $ cadaver http://localhost/
> Could not access / (not WebDAV-enabled?):
> Unknown transfer-coding in response
> Connection to `localhost' closed.
> dav:!>
>
>
> I can see the request reaches pywebdav:
>
> localhost - - [08/Jul/2009 14:10:40] "OPTIONS / HTTP/1.0" 200 -
> localhost - - [08/Jul/2009 14:10:40] "PROPFIND / HTTP/1.0" 207 -
>
>
> Nginx access log shows:
>
> 127.0.0.1 - - [08/Jul/2009:14:11:20 -0700] "OPTIONS / HTTP/1.1" 200 0 "-" "cadaver/0.23.2 neon/0.28.2"
> 127.0.0.1 - - [08/Jul/2009:14:11:20 -0700] "PROPFIND / HTTP/1.1" 207 593 "-" "cadaver/0.23.2 neon/0.28.2"
>
>
> Nginx error log shows nothing.
>
>
> Regards,
> Cliff
>
> --
> http://www.google.com/search?q=vonage+sucks
>
>
>




From cliff at develix.com  Thu Jul  9 02:27:44 2009
From: cliff at develix.com (Cliff Wells)
Date: Wed, 08 Jul 2009 15:27:44 -0700
Subject: Nginx proxying WebDAV = no love
In-Reply-To: <bd9320b30907081508h1cce7726i8282d79f3c5288bd@mail.gmail.com>
References: <1247087646.3689.9.camel@portable-evil>
	 <bd9320b30907081508h1cce7726i8282d79f3c5288bd@mail.gmail.com>
Message-ID: <1247092064.3689.11.camel@portable-evil>

I was under the impression that Nginx simply passes these along.   Note
that I'm proxying, not using Nginx DAV support.

If this didn't work, then I'm not sure how people succeed in proxying to
Apache/mod_svn, etc.

Cliff


On Wed, 2009-07-08 at 15:08 -0700, Michael Shadle wrote:
> Does nginx even support propfind? Or options?
> 
> I see it in the code, but I don't see anything that happens when
> someone issues the verb.
> 
> It's almost like it stubbed out for future expansion (or so it doesn't
> reply with "invalid request" at least)
> 
> On Wed, Jul 8, 2009 at 2:14 PM, Cliff Wells<cliff at develix.com> wrote:
> > I'm experimenting with WebDAV using pywebdav:
> >
> > http://code.google.com/p/pywebdav/
> >
> > It appears to work quite well if I connect to it
> > directly (using either Nautilus and Cadaver as client).
> >
> > However, when I attempt to proxy to it via Nginx,
> > I get messages that it's not a WebDAV-enabled share.
> >
> > Here's my nginx.conf:
> >
> > http {
> >    include       mime.types;
> >    default_type  application/octet-stream;
> >
> >    server {
> >        listen       80;
> >        server_name  _;
> >
> >        location / {
> >            proxy_pass_header Server;
> >            proxy_set_header  Host $http_host;
> >            proxy_set_header  X-Forwarded-For $remote_addr;
> >            proxy_pass        http://127.0.0.1:8008;
> >        }
> >    }
> > }
> >
> >
> > Cadaver reports the following (nautilus message isn't too informative):
> >
> > $ cadaver http://localhost/
> > Could not access / (not WebDAV-enabled?):
> > Unknown transfer-coding in response
> > Connection to `localhost' closed.
> > dav:!>
> >
> >
> > I can see the request reaches pywebdav:
> >
> > localhost - - [08/Jul/2009 14:10:40] "OPTIONS / HTTP/1.0" 200 -
> > localhost - - [08/Jul/2009 14:10:40] "PROPFIND / HTTP/1.0" 207 -
> >
> >
> > Nginx access log shows:
> >
> > 127.0.0.1 - - [08/Jul/2009:14:11:20 -0700] "OPTIONS / HTTP/1.1" 200 0 "-" "cadaver/0.23.2 neon/0.28.2"
> > 127.0.0.1 - - [08/Jul/2009:14:11:20 -0700] "PROPFIND / HTTP/1.1" 207 593 "-" "cadaver/0.23.2 neon/0.28.2"
> >
> >
> > Nginx error log shows nothing.
> >
> >
> > Regards,
> > Cliff
> >
> > --
> > http://www.google.com/search?q=vonage+sucks
> >
> >
> >
> 
-- 
http://www.google.com/search?q=vonage+sucks





From dave at cheney.net  Thu Jul  9 02:29:07 2009
From: dave at cheney.net (Dave Cheney)
Date: Thu, 9 Jul 2009 08:29:07 +1000
Subject: Nginx proxying WebDAV = no love
In-Reply-To: <bd9320b30907081508h1cce7726i8282d79f3c5288bd@mail.gmail.com>
References: <1247087646.3689.9.camel@portable-evil> <bd9320b30907081508h1cce7726i8282d79f3c5288bd@mail.gmail.com>
Message-ID: <3706FB07-0E31-412E-A68F-445D9F082F42@cheney.net>

Nginx will proxy WebDAV fine, however if you are using an OS X client,  
nginx will send a 400 if the mac sends a Chunked Encoded request. This  
breaks the finder on OS X.

Cheers

Dave

On 09/07/2009, at 8:08 AM, Michael Shadle wrote:

> Does nginx even support propfind? Or options?
>
> I see it in the code, but I don't see anything that happens when
> someone issues the verb.
>
> It's almost like it stubbed out for future expansion (or so it doesn't
> reply with "invalid request" at least)
>
> On Wed, Jul 8, 2009 at 2:14 PM, Cliff Wells<cliff at develix.com> wrote:
>> I'm experimenting with WebDAV using pywebdav:
>>
>> http://code.google.com/p/pywebdav/
>>
>> It appears to work quite well if I connect to it
>> directly (using either Nautilus and Cadaver as client).
>>
>> However, when I attempt to proxy to it via Nginx,
>> I get messages that it's not a WebDAV-enabled share.
>>
>> Here's my nginx.conf:
>>
>> http {
>>    include       mime.types;
>>    default_type  application/octet-stream;
>>
>>    server {
>>        listen       80;
>>        server_name  _;
>>
>>        location / {
>>            proxy_pass_header Server;
>>            proxy_set_header  Host $http_host;
>>            proxy_set_header  X-Forwarded-For $remote_addr;
>>            proxy_pass        http://127.0.0.1:8008;
>>        }
>>    }
>> }
>>
>>
>> Cadaver reports the following (nautilus message isn't too  
>> informative):
>>
>> $ cadaver http://localhost/
>> Could not access / (not WebDAV-enabled?):
>> Unknown transfer-coding in response
>> Connection to `localhost' closed.
>> dav:!>
>>
>>
>> I can see the request reaches pywebdav:
>>
>> localhost - - [08/Jul/2009 14:10:40] "OPTIONS / HTTP/1.0" 200 -
>> localhost - - [08/Jul/2009 14:10:40] "PROPFIND / HTTP/1.0" 207 -
>>
>>
>> Nginx access log shows:
>>
>> 127.0.0.1 - - [08/Jul/2009:14:11:20 -0700] "OPTIONS / HTTP/1.1" 200  
>> 0 "-" "cadaver/0.23.2 neon/0.28.2"
>> 127.0.0.1 - - [08/Jul/2009:14:11:20 -0700] "PROPFIND / HTTP/1.1"  
>> 207 593 "-" "cadaver/0.23.2 neon/0.28.2"
>>
>>
>> Nginx error log shows nothing.
>>
>>
>> Regards,
>> Cliff
>>
>> --
>> http://www.google.com/search?q=vonage+sucks
>>
>>
>>
>





From nginx-forum at nginx.us  Thu Jul  9 02:40:49 2009
From: nginx-forum at nginx.us (nfn)
Date: Wed, 8 Jul 2009 18:40:49 -0400
Subject: Help: cache or not by cookie
In-Reply-To: <90dc96ca6237b646daeeefc86ed2457a.NginxMailingList@forum.nginx.org>
References: <90dc96ca6237b646daeeefc86ed2457a.NginxMailingList@forum.nginx.org>
Message-ID: <65bbabb7c255ac780da15c3582911d41.NginxMailingList@forum.nginx.org>

Hello,

Sorry for bumping this topic but I was trying to setup a similar configuration.
I want to show cached pages for a refresh of 6 min to guests (cookie user=guest) and to members (cookie user=usergroup)

Am I able to read the value from the cookie? How?
How do I add X-Accel-Expires: 0 to nginx?

Thanks

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3173,3898#msg-3898





From mike503 at gmail.com  Thu Jul  9 03:07:52 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Wed, 8 Jul 2009 16:07:52 -0700
Subject: Nginx proxying WebDAV = no love
In-Reply-To: <1247092064.3689.11.camel@portable-evil>
References: <1247087646.3689.9.camel@portable-evil>
	 <bd9320b30907081508h1cce7726i8282d79f3c5288bd@mail.gmail.com>
	 <1247092064.3689.11.camel@portable-evil>
Message-ID: <bd9320b30907081607sec2671n58b2d0666b133d01@mail.gmail.com>

ah i would assume if you say proxy_pass you're literally passing
*anything* over to the upstream. does nginx actually inspect it first?

i was most likely only noticing the nginx DAV support, and it sets
r->method but i don't see anything that happens with those actions...


On Wed, Jul 8, 2009 at 3:27 PM, Cliff Wells<cliff at develix.com> wrote:
> I was under the impression that Nginx simply passes these along. ? Note
> that I'm proxying, not using Nginx DAV support.
>
> If this didn't work, then I'm not sure how people succeed in proxying to
> Apache/mod_svn, etc.
>
> Cliff
>
>
> On Wed, 2009-07-08 at 15:08 -0700, Michael Shadle wrote:
>> Does nginx even support propfind? Or options?
>>
>> I see it in the code, but I don't see anything that happens when
>> someone issues the verb.
>>
>> It's almost like it stubbed out for future expansion (or so it doesn't
>> reply with "invalid request" at least)
>>
>> On Wed, Jul 8, 2009 at 2:14 PM, Cliff Wells<cliff at develix.com> wrote:
>> > I'm experimenting with WebDAV using pywebdav:
>> >
>> > http://code.google.com/p/pywebdav/
>> >
>> > It appears to work quite well if I connect to it
>> > directly (using either Nautilus and Cadaver as client).
>> >
>> > However, when I attempt to proxy to it via Nginx,
>> > I get messages that it's not a WebDAV-enabled share.
>> >
>> > Here's my nginx.conf:
>> >
>> > http {
>> > ? ?include ? ? ? mime.types;
>> > ? ?default_type ?application/octet-stream;
>> >
>> > ? ?server {
>> > ? ? ? ?listen ? ? ? 80;
>> > ? ? ? ?server_name ?_;
>> >
>> > ? ? ? ?location / {
>> > ? ? ? ? ? ?proxy_pass_header Server;
>> > ? ? ? ? ? ?proxy_set_header ?Host $http_host;
>> > ? ? ? ? ? ?proxy_set_header ?X-Forwarded-For $remote_addr;
>> > ? ? ? ? ? ?proxy_pass ? ? ? ?http://127.0.0.1:8008;
>> > ? ? ? ?}
>> > ? ?}
>> > }
>> >
>> >
>> > Cadaver reports the following (nautilus message isn't too informative):
>> >
>> > $ cadaver http://localhost/
>> > Could not access / (not WebDAV-enabled?):
>> > Unknown transfer-coding in response
>> > Connection to `localhost' closed.
>> > dav:!>
>> >
>> >
>> > I can see the request reaches pywebdav:
>> >
>> > localhost - - [08/Jul/2009 14:10:40] "OPTIONS / HTTP/1.0" 200 -
>> > localhost - - [08/Jul/2009 14:10:40] "PROPFIND / HTTP/1.0" 207 -
>> >
>> >
>> > Nginx access log shows:
>> >
>> > 127.0.0.1 - - [08/Jul/2009:14:11:20 -0700] "OPTIONS / HTTP/1.1" 200 0 "-" "cadaver/0.23.2 neon/0.28.2"
>> > 127.0.0.1 - - [08/Jul/2009:14:11:20 -0700] "PROPFIND / HTTP/1.1" 207 593 "-" "cadaver/0.23.2 neon/0.28.2"
>> >
>> >
>> > Nginx error log shows nothing.
>> >
>> >
>> > Regards,
>> > Cliff
>> >
>> > --
>> > http://www.google.com/search?q=vonage+sucks
>> >
>> >
>> >
>>
> --
> http://www.google.com/search?q=vonage+sucks
>
>
>




From chanceycn at gmail.com  Thu Jul  9 05:48:54 2009
From: chanceycn at gmail.com (Chancey)
Date: Thu, 9 Jul 2009 09:48:54 +0800
Subject: How to write this rewrite?
Message-ID: <200907090948443126138@gmail.com>

Hi, guys!

This is Apache's format, how to write in nginx?  Thanks a lot.

<IfModule mod_rewrite.c>
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule !\.(js|ico|gif|jpg|png|css|cgi|html|htm|cert|swf)$ index.php
php_flag always_populate_raw_post_data On
</IfModule>

2009-07-09 



Chancey 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090709/86fba920/attachment.html>

From is at rambler-co.ru  Thu Jul  9 11:02:44 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 9 Jul 2009 11:02:44 +0400
Subject: How to write this rewrite?
In-Reply-To: <200907090948443126138@gmail.com>
References: <200907090948443126138@gmail.com>
Message-ID: <20090709070244.GB66728@rambler-co.ru>

On Thu, Jul 09, 2009 at 09:48:54AM +0800, Chancey wrote:

> Hi, guys!
> 
> This is Apache's format, how to write in nginx?  Thanks a lot.
> 
> <IfModule mod_rewrite.c>
> RewriteEngine On
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteRule !\.(js|ico|gif|jpg|png|css|cgi|html|htm|cert|swf)$ index.php
> php_flag always_populate_raw_post_data On
> </IfModule>

Probably something like this:

   location / {
       try_files  $uri  $uri/  /index.php;

       fastcgi_pass ...
   }

   location ~ \.(js|ico|gif|jpg|png|css|cgi|html|htm|cert|swf)$ {
   }


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Thu Jul  9 11:00:09 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 9 Jul 2009 11:00:09 +0400
Subject: Nginx proxying WebDAV = no love
In-Reply-To: <1247087646.3689.9.camel@portable-evil>
References: <1247087646.3689.9.camel@portable-evil>
Message-ID: <20090709070009.GA66728@rambler-co.ru>

On Wed, Jul 08, 2009 at 02:14:06PM -0700, Cliff Wells wrote:

> I'm experimenting with WebDAV using pywebdav:
> 
> http://code.google.com/p/pywebdav/
> 
> It appears to work quite well if I connect to it 
> directly (using either Nautilus and Cadaver as client).
> 
> However, when I attempt to proxy to it via Nginx, 
> I get messages that it's not a WebDAV-enabled share.
> 
> Here's my nginx.conf:
> 
> http {
>     include       mime.types;
>     default_type  application/octet-stream;
> 
>     server {
>         listen       80;
>         server_name  _;
> 
>         location / {
>             proxy_pass_header Server;
>             proxy_set_header  Host $http_host;
>             proxy_set_header  X-Forwarded-For $remote_addr;
>             proxy_pass        http://127.0.0.1:8008;
>         }
>     }
> }
> 
> 
> Cadaver reports the following (nautilus message isn't too informative):
> 
> $ cadaver http://localhost/
> Could not access / (not WebDAV-enabled?):
> Unknown transfer-coding in response
> Connection to `localhost' closed.
> dav:!> 
> 
> 
> I can see the request reaches pywebdav:
> 
> localhost - - [08/Jul/2009 14:10:40] "OPTIONS / HTTP/1.0" 200 -
> localhost - - [08/Jul/2009 14:10:40] "PROPFIND / HTTP/1.0" 207 -
> 
> 
> Nginx access log shows:
> 
> 127.0.0.1 - - [08/Jul/2009:14:11:20 -0700] "OPTIONS / HTTP/1.1" 200 0 "-" "cadaver/0.23.2 neon/0.28.2"
> 127.0.0.1 - - [08/Jul/2009:14:11:20 -0700] "PROPFIND / HTTP/1.1" 207 593 "-" "cadaver/0.23.2 neon/0.28.2"
> 
> 
> Nginx error log shows nothing.

Coud you create debug log of the requests ?


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Thu Jul  9 11:05:16 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 9 Jul 2009 11:05:16 +0400
Subject: Help: cache or not by cookie
In-Reply-To: <65bbabb7c255ac780da15c3582911d41.NginxMailingList@forum.nginx.org>
References: <90dc96ca6237b646daeeefc86ed2457a.NginxMailingList@forum.nginx.org> <65bbabb7c255ac780da15c3582911d41.NginxMailingList@forum.nginx.org>
Message-ID: <20090709070516.GC66728@rambler-co.ru>

On Wed, Jul 08, 2009 at 06:40:49PM -0400, nfn wrote:

> Hello,
> 
> Sorry for bumping this topic but I was trying to setup a similar configuration.
> I want to show cached pages for a refresh of 6 min to guests (cookie user=guest) and to members (cookie user=usergroup)

proxy_cache_key    "http://cacheserver$request_uri $cookie_user";
proxy_cache_valid  6m;

> Am I able to read the value from the cookie? How?
> How do I add X-Accel-Expires: 0 to nginx?

You should add this header in backend.


-- 
Igor Sysoev
http://sysoev.ru/en/




From chanceycn at gmail.com  Thu Jul  9 11:34:32 2009
From: chanceycn at gmail.com (=?utf-8?B?Q2hhbmNleQ==?=)
Date: Thu, 9 Jul 2009 15:34:32 +0800
Subject: =?utf-8?B?UmU6IFJlOiBIb3cgdG8gd3JpdGUgdGhpcyByZXdyaXRlPw==?=
References: <200907090948443126138@gmail.com>,
 <20090709070244.GB66728@rambler-co.ru>
Message-ID: <200907091534266715615@gmail.com>

Thanks, i'll try it


2009-07-09 



Chancey 



???? Igor Sysoev 
????? 2009-07-09  15:10:56 
???? nginx 
??? 
??? Re: How to write this rewrite? 
 
On Thu, Jul 09, 2009 at 09:48:54AM +0800, Chancey wrote:
> Hi, guys!
> 
> This is Apache's format, how to write in nginx?  Thanks a lot.
> 
> <IfModule mod_rewrite.c>
> RewriteEngine On
> RewriteCond %{REQUEST_FILENAME} !-f
> RewriteCond %{REQUEST_FILENAME} !-d
> RewriteRule !\.(js|ico|gif|jpg|png|css|cgi|html|htm|cert|swf)$ index.php
> php_flag always_populate_raw_post_data On
> </IfModule>
Probably something like this:
   location / {
       try_files  $uri  $uri/  /index.php;
       fastcgi_pass ...
   }
   location ~ \.(js|ico|gif|jpg|png|css|cgi|html|htm|cert|swf)$ {
   }
-- 
Igor Sysoev
http://sysoev.ru/en/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090709/7c1c29c4/attachment.html>

From miles at tinyapps.org  Thu Jul  9 11:42:05 2009
From: miles at tinyapps.org (TinyApps.Org)
Date: Wed, 8 Jul 2009 21:42:05 -1000
Subject: Password-protected dirs working but reporting unexpected errors
Message-ID: <E7C1E888-8534-4D89-8D86-E76EAD85C928@tinyapps.org>

I sent this out a week ago and received no reply,
so I am trying a second and final time to see if
anyone can assist:

Password protected directories are working fine,
but when a legitimate user logs in, the following
appears in the error log:

[error] 3876#0: *12 no user/password was provided for basic  
authentication

despite the fact that the username and password
*were* supplied, and access was granted.

A bad username/password produces the expected error:

[error] 3876#0: *12 user "whatever" was not found in "/etc/nginx/htpass"

Has anyone else seen this or have any idea why such
an error would be triggered?




From is at rambler-co.ru  Thu Jul  9 11:58:29 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 9 Jul 2009 11:58:29 +0400
Subject: Password-protected dirs working but reporting unexpected errors
In-Reply-To: <E7C1E888-8534-4D89-8D86-E76EAD85C928@tinyapps.org>
References: <E7C1E888-8534-4D89-8D86-E76EAD85C928@tinyapps.org>
Message-ID: <20090709075829.GE66728@rambler-co.ru>

On Wed, Jul 08, 2009 at 09:42:05PM -1000, TinyApps.Org wrote:

> I sent this out a week ago and received no reply,
> so I am trying a second and final time to see if
> anyone can assist:
> 
> Password protected directories are working fine,
> but when a legitimate user logs in, the following
> appears in the error log:
> 
> [error] 3876#0: *12 no user/password was provided for basic  
> authentication
> 
> despite the fact that the username and password
> *were* supplied, and access was granted.

The HTTP Basic authentication works as following:
*) A browser requests a page without user/password.
*) A server response with 401 page, sending realm as well.
   At this stage the 401 code appears in access_log and the message
   "no user/password ..." appears in error_log.
*) The browser shows a realm/login/password prompt.
*) If a user will press cancel, then the browser will show the received
   401 page.
*) If the user enters login/password, then the browser repeats the request
   with login/password.

Then until you will exit the browser, it will send these login/password
with all requests in protected hierarchy.

> A bad username/password produces the expected error:
> 
> [error] 3876#0: *12 user "whatever" was not found in "/etc/nginx/htpass"
> 
> Has anyone else seen this or have any idea why such
> an error would be triggered?


-- 
Igor Sysoev
http://sysoev.ru/en/




From dave at cheney.net  Thu Jul  9 12:30:29 2009
From: dave at cheney.net (Dave Cheney)
Date: Thu, 9 Jul 2009 18:30:29 +1000
Subject: Nginx proxying WebDAV = no love
In-Reply-To: <1247087646.3689.9.camel@portable-evil>
References: <1247087646.3689.9.camel@portable-evil>
Message-ID: <F3A2CC1C-3406-4666-9D56-6B0500D13261@cheney.net>

Get out ngrep and make sure that pywebdav is honoring the Connection:  
close request proxied via nginx. I have found that nginx waits for the  
socket to close before forwarding the request. This is correct  
behaviour for a HTTP/1.0 proxy, but most servers are used to HTTP/1.1  
clients who are less correct in their handling of HTTP/1.0.

Cheers

Dave

On 09/07/2009, at 7:14 AM, Cliff Wells wrote:

> I'm experimenting with WebDAV using pywebdav:
>
> http://code.google.com/p/pywebdav/
>
> It appears to work quite well if I connect to it
> directly (using either Nautilus and Cadaver as client).
>
> However, when I attempt to proxy to it via Nginx,
> I get messages that it's not a WebDAV-enabled share.
>
> Here's my nginx.conf:
>
> http {
>    include       mime.types;
>    default_type  application/octet-stream;
>
>    server {
>        listen       80;
>        server_name  _;
>
>        location / {
>            proxy_pass_header Server;
>            proxy_set_header  Host $http_host;
>            proxy_set_header  X-Forwarded-For $remote_addr;
>            proxy_pass        http://127.0.0.1:8008;
>        }
>    }
> }
>
>
> Cadaver reports the following (nautilus message isn't too  
> informative):
>
> $ cadaver http://localhost/
> Could not access / (not WebDAV-enabled?):
> Unknown transfer-coding in response
> Connection to `localhost' closed.
> dav:!>
>
>
> I can see the request reaches pywebdav:
>
> localhost - - [08/Jul/2009 14:10:40] "OPTIONS / HTTP/1.0" 200 -
> localhost - - [08/Jul/2009 14:10:40] "PROPFIND / HTTP/1.0" 207 -
>
>
> Nginx access log shows:
>
> 127.0.0.1 - - [08/Jul/2009:14:11:20 -0700] "OPTIONS / HTTP/1.1" 200  
> 0 "-" "cadaver/0.23.2 neon/0.28.2"
> 127.0.0.1 - - [08/Jul/2009:14:11:20 -0700] "PROPFIND / HTTP/1.1" 207  
> 593 "-" "cadaver/0.23.2 neon/0.28.2"
>
>
> Nginx error log shows nothing.
>
>
> Regards,
> Cliff
>
> -- 
> http://www.google.com/search?q=vonage+sucks
>
>





From jg at internetx.de  Thu Jul  9 12:35:45 2009
From: jg at internetx.de (Juergen Gotteswinter)
Date: Thu, 09 Jul 2009 10:35:45 +0200
Subject: nginx rewrite question
Message-ID: <4A55ABE1.7080704@internetx.de>

Hello,

perhaps someone here could help me with the following problem. i got a 
domain justfornow.com which got a wildcard dns entry, and i need to 
redirect this domain to https. but i have to keep the first part of the 
domain, for example:

user calls http://try.justfornow.com nginx rewrites it to 
https://try.justfornow.com
user calls http://anything.justfornow.com nginx keeps the first part and 
rewrites it to https://anything.justfornow.com

thanks :)




From is at rambler-co.ru  Thu Jul  9 12:40:29 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 9 Jul 2009 12:40:29 +0400
Subject: nginx rewrite question
In-Reply-To: <4A55ABE1.7080704@internetx.de>
References: <4A55ABE1.7080704@internetx.de>
Message-ID: <20090709084029.GJ66728@rambler-co.ru>

On Thu, Jul 09, 2009 at 10:35:45AM +0200, Juergen Gotteswinter wrote:

> Hello,
> 
> perhaps someone here could help me with the following problem. i got a 
> domain justfornow.com which got a wildcard dns entry, and i need to 
> redirect this domain to https. but i have to keep the first part of the 
> domain, for example:
> 
> user calls http://try.justfornow.com nginx rewrites it to 
> https://try.justfornow.com
> user calls http://anything.justfornow.com nginx keeps the first part and 
> rewrites it to https://anything.justfornow.com

server {
    listen       80;
    server_name  *.justfornow.com;
    rewrite      ^    https://$host$request_uri?  permanent;
}


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Thu Jul  9 14:05:26 2009
From: nginx-forum at nginx.us (nfn)
Date: Thu, 9 Jul 2009 06:05:26 -0400
Subject: Help: cache or not by cookie
In-Reply-To: <90dc96ca6237b646daeeefc86ed2457a.NginxMailingList@forum.nginx.org>
References: <90dc96ca6237b646daeeefc86ed2457a.NginxMailingList@forum.nginx.org>
Message-ID: <9edb91412795487e4f2f00c6ab99e755.NginxMailingList@forum.nginx.org>

Thanks Igor, but how do I validate if the user is guest. I only want to show the cached version to guests.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3173,3923#msg-3923





From alouche07 at gmail.com  Thu Jul  9 16:24:21 2009
From: alouche07 at gmail.com (Ali Abbas)
Date: Thu, 9 Jul 2009 14:24:21 +0200
Subject: [emerg]: unknown directive "upstream"
Message-ID: <afb9c0670907090524q6c1a430chae389f4ce85c4cd0@mail.gmail.com>

Hello,

Isn't the http://wiki.nginx.org/NginxHttpUpstreamModule supposed to be
activated by default?

Thanks,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090709/1ee6fffd/attachment.html>

From mdounin at mdounin.ru  Thu Jul  9 17:05:52 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 9 Jul 2009 17:05:52 +0400
Subject: [emerg]: unknown directive "upstream"
In-Reply-To: <afb9c0670907090524q6c1a430chae389f4ce85c4cd0@mail.gmail.com>
References: <afb9c0670907090524q6c1a430chae389f4ce85c4cd0@mail.gmail.com>
Message-ID: <20090709130552.GL54083@mdounin.ru>

Hello!

On Thu, Jul 09, 2009 at 02:24:21PM +0200, Ali Abbas wrote:

> Hello,
> 
> Isn't the http://wiki.nginx.org/NginxHttpUpstreamModule supposed to be
> activated by default?

It's compiled in by default.  Check your config syntax - looks 
like you used upstream{} at wrong level (not within http block?).

Maxim Dounin




From alouche07 at gmail.com  Thu Jul  9 17:36:08 2009
From: alouche07 at gmail.com (Ali Abbas)
Date: Thu, 9 Jul 2009 15:36:08 +0200
Subject: [emerg]: unknown directive "upstream"
In-Reply-To: <20090709130552.GL54083@mdounin.ru>
References: <afb9c0670907090524q6c1a430chae389f4ce85c4cd0@mail.gmail.com> 
	<20090709130552.GL54083@mdounin.ru>
Message-ID: <afb9c0670907090636s43f72e40wb777dd641c490a93@mail.gmail.com>

Hi,

> > Hello,
> >
> > Isn't the http://wiki.nginx.org/NginxHttpUpstreamModule supposed to be
> > activated by default?
>
> It's compiled in by default.  Check your config syntax - looks
> like you used upstream{} at wrong level (not within http block?).


Yeah that was it.

Thx,
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090709/0b04609d/attachment.html>

From miles at tinyapps.org  Thu Jul  9 18:25:14 2009
From: miles at tinyapps.org (TinyApps.Org)
Date: Thu, 9 Jul 2009 04:25:14 -1000
Subject: Password-protected dirs working but reporting unexpected errors
In-Reply-To: <20090709075829.GE66728@rambler-co.ru>
References: <E7C1E888-8534-4D89-8D86-E76EAD85C928@tinyapps.org> <20090709075829.GE66728@rambler-co.ru>
Message-ID: <A25D66A9-087E-4F5E-9E18-0058D6F8CEB7@tinyapps.org>

Thanks so much, Igor!
I'd like to send you a donation, but do not see
a button on http://sysoev.ru/en/ or http://nginx.net/ .
Do the donations to http://wiki.nginx.org/Main really
go to you? Just want to make sure.

Yours Gratefully,

Miles


On Jul 8, 2009, at 9:58 PM, Igor Sysoev wrote:

> On Wed, Jul 08, 2009 at 09:42:05PM -1000, TinyApps.Org wrote:
>
>> I sent this out a week ago and received no reply,
>> so I am trying a second and final time to see if
>> anyone can assist:
>>
>> Password protected directories are working fine,
>> but when a legitimate user logs in, the following
>> appears in the error log:
>>
>> [error] 3876#0: *12 no user/password was provided for basic
>> authentication
>>
>> despite the fact that the username and password
>> *were* supplied, and access was granted.
>
> The HTTP Basic authentication works as following:
> *) A browser requests a page without user/password.
> *) A server response with 401 page, sending realm as well.
>   At this stage the 401 code appears in access_log and the message
>   "no user/password ..." appears in error_log.
> *) The browser shows a realm/login/password prompt.
> *) If a user will press cancel, then the browser will show the  
> received
>   401 page.
> *) If the user enters login/password, then the browser repeats the  
> request
>   with login/password.
>
> Then until you will exit the browser, it will send these login/ 
> password
> with all requests in protected hierarchy.
>
>> A bad username/password produces the expected error:
>>
>> [error] 3876#0: *12 user "whatever" was not found in "/etc/nginx/ 
>> htpass"
>>
>> Has anyone else seen this or have any idea why such
>> an error would be triggered?
>
>
> -- 
> Igor Sysoev
> http://sysoev.ru/en/
>





From is at rambler-co.ru  Thu Jul  9 18:26:36 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 9 Jul 2009 18:26:36 +0400
Subject: Help: cache or not by cookie
In-Reply-To: <9edb91412795487e4f2f00c6ab99e755.NginxMailingList@forum.nginx.org>
References: <90dc96ca6237b646daeeefc86ed2457a.NginxMailingList@forum.nginx.org> <9edb91412795487e4f2f00c6ab99e755.NginxMailingList@forum.nginx.org>
Message-ID: <20090709142636.GE72073@rambler-co.ru>

On Thu, Jul 09, 2009 at 06:05:26AM -0400, nfn wrote:

> Thanks Igor, but how do I validate if the user is guest. I only want to show the cached version to guests.

You need to use
   proxy_cache_key    "http://cacheserver$request_uri $cookie_user";
   proxy_cache_valid  6m;

Then in your backend you should test the "user" cookie. If it is not equal
to "guest", then you should add the "X-Accel-Redirect: 0" header in a
response. In this case nginx will not cache the response. Otherwise,
if cookie is equal to "guest" you do not need to set the header or may set
"X-Accel-Redirect: 360" to say nginx to cache the response to 6 min.


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Thu Jul  9 18:31:39 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 9 Jul 2009 18:31:39 +0400
Subject: vburshteyn
In-Reply-To: <2c449df47c612bdeaa42d965f6c610af.NginxMailingList@forum.nginx.org>
References: <2c449df47c612bdeaa42d965f6c610af.NginxMailingList@forum.nginx.org>
Message-ID: <20090709143139.GF72073@rambler-co.ru>

On Wed, Jul 08, 2009 at 09:18:24AM -0400, vburshteyn wrote:

> Hi folks. back again for more info :)
> 
> I need to use the rewrite module to rewrite redirects.
> 
> for example
> 
> http://www.mysite.com/9-to-5/group_show/569889 needs to be http://groups.bqa.mysite.com/9-to-5/group_show/569889
> 
> any idea how i would go about doing this?

If you need just to redirect to another host, then:

   server {
       server_name  www.mysite.com;
       rewrite      ^  http://groups.bqa.mysite.com$request_uri?;
   }


-- 
Igor Sysoev
http://sysoev.ru/en/




From kgorlo at gmail.com  Thu Jul  9 18:47:43 2009
From: kgorlo at gmail.com (Kamil Gorlo)
Date: Thu, 9 Jul 2009 16:47:43 +0200
Subject: Upstream (fair) with dead servers
Message-ID: <1c14c1730907090747w4294ecffm3d1fc3d3c9010b0f@mail.gmail.com>

Hi,

I have (possibly quite rare) situation where I have one upstream with
two servers and I know that in any particular moment only one of those
servers is running:

upstream blah {
    server server1; // when working, server2 is dead
    server server2; // when working, server1 is dead
}

So, what I need is that Nginx will choose working backend (in this
upstream), remembers it and choose it for every request till some
failure on this server occurs. Then it tries other server in upstream,
till it finds some working - and situation repeats. Is this possible?

Maybe upstream_fair module with option no_rr will work for me (I am not sure)?

Cheers,
-- 
Kamil Gorlo




From is at rambler-co.ru  Thu Jul  9 18:48:35 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 9 Jul 2009 18:48:35 +0400
Subject: Password-protected dirs working but reporting unexpected errors
In-Reply-To: <A25D66A9-087E-4F5E-9E18-0058D6F8CEB7@tinyapps.org>
References: <E7C1E888-8534-4D89-8D86-E76EAD85C928@tinyapps.org> <20090709075829.GE66728@rambler-co.ru> <A25D66A9-087E-4F5E-9E18-0058D6F8CEB7@tinyapps.org>
Message-ID: <20090709144835.GG72073@rambler-co.ru>

On Thu, Jul 09, 2009 at 04:25:14AM -1000, TinyApps.Org wrote:

> Thanks so much, Igor!
> I'd like to send you a donation, but do not see
> a button on http://sysoev.ru/en/ or http://nginx.net/ .
> Do the donations to http://wiki.nginx.org/Main really
> go to you? Just want to make sure.

Yes, http://sysoev.ru/en/donation.html

> Yours Gratefully,
> 
> Miles
> 
> 
> On Jul 8, 2009, at 9:58 PM, Igor Sysoev wrote:
> 
> >On Wed, Jul 08, 2009 at 09:42:05PM -1000, TinyApps.Org wrote:
> >
> >>I sent this out a week ago and received no reply,
> >>so I am trying a second and final time to see if
> >>anyone can assist:
> >>
> >>Password protected directories are working fine,
> >>but when a legitimate user logs in, the following
> >>appears in the error log:
> >>
> >>[error] 3876#0: *12 no user/password was provided for basic
> >>authentication
> >>
> >>despite the fact that the username and password
> >>*were* supplied, and access was granted.
> >
> >The HTTP Basic authentication works as following:
> >*) A browser requests a page without user/password.
> >*) A server response with 401 page, sending realm as well.
> >  At this stage the 401 code appears in access_log and the message
> >  "no user/password ..." appears in error_log.
> >*) The browser shows a realm/login/password prompt.
> >*) If a user will press cancel, then the browser will show the  
> >received
> >  401 page.
> >*) If the user enters login/password, then the browser repeats the  
> >request
> >  with login/password.
> >
> >Then until you will exit the browser, it will send these login/ 
> >password
> >with all requests in protected hierarchy.
> >
> >>A bad username/password produces the expected error:
> >>
> >>[error] 3876#0: *12 user "whatever" was not found in "/etc/nginx/ 
> >>htpass"
> >>
> >>Has anyone else seen this or have any idea why such
> >>an error would be triggered?
> >
> >
> >-- 
> >Igor Sysoev
> >http://sysoev.ru/en/
> >
> 

-- 
????? ??????
http://sysoev.ru




From is at rambler-co.ru  Thu Jul  9 18:57:01 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 9 Jul 2009 18:57:01 +0400
Subject: Upstream (fair) with dead servers
In-Reply-To: <1c14c1730907090747w4294ecffm3d1fc3d3c9010b0f@mail.gmail.com>
References: <1c14c1730907090747w4294ecffm3d1fc3d3c9010b0f@mail.gmail.com>
Message-ID: <20090709145701.GH72073@rambler-co.ru>

On Thu, Jul 09, 2009 at 04:47:43PM +0200, Kamil Gorlo wrote:

> Hi,
> 
> I have (possibly quite rare) situation where I have one upstream with
> two servers and I know that in any particular moment only one of those
> servers is running:
> 
> upstream blah {
>     server server1; // when working, server2 is dead
>     server server2; // when working, server1 is dead
> }
> 
> So, what I need is that Nginx will choose working backend (in this
> upstream), remembers it and choose it for every request till some
> failure on this server occurs. Then it tries other server in upstream,
> till it finds some working - and situation repeats. Is this possible?

No, nginx will send request on both servers in round robin mode.
If one of them will fails, then nginx will resend the failed request
to another server and mark the server as dead for fail_timeout time.

> Maybe upstream_fair module with option no_rr will work for me (I am not sure)?
> 
> Cheers,
> -- 
> Kamil Gorlo


-- 
Igor Sysoev
http://sysoev.ru/en/




From kgorlo at gmail.com  Thu Jul  9 19:09:56 2009
From: kgorlo at gmail.com (Kamil Gorlo)
Date: Thu, 9 Jul 2009 17:09:56 +0200
Subject: Upstream (fair) with dead servers
In-Reply-To: <20090709145701.GH72073@rambler-co.ru>
References: <1c14c1730907090747w4294ecffm3d1fc3d3c9010b0f@mail.gmail.com> 
	<20090709145701.GH72073@rambler-co.ru>
Message-ID: <1c14c1730907090809r66e6c2abm94a5f2a74bc7079a@mail.gmail.com>

2009/7/9 Igor Sysoev <is at rambler-co.ru>:
> On Thu, Jul 09, 2009 at 04:47:43PM +0200, Kamil Gorlo wrote:
>
>> Hi,
>>
>> I have (possibly quite rare) situation where I have one upstream with
>> two servers and I know that in any particular moment only one of those
>> servers is running:
>>
>> upstream blah {
>> ? ? server server1; // when working, server2 is dead
>> ? ? server server2; // when working, server1 is dead
>> }
>>
>> So, what I need is that Nginx will choose working backend (in this
>> upstream), remembers it and choose it for every request till some
>> failure on this server occurs. Then it tries other server in upstream,
>> till it finds some working - and situation repeats. Is this possible?
>
> No, nginx will send request on both servers in round robin mode.
> If one of them will fails, then nginx will resend the failed request
> to another server and mark the server as dead for fail_timeout time.

Hmm, what about situation when all servers are marked as dead? Nginx
will wait till fail_timeout expires for some server and in meantime
return error to client? Or will try dead servers?

Also, is it hard to write such a "upstream-chooser" which will work as
I described?

>> Maybe upstream_fair module with option no_rr will work for me (I am not sure)?
>>
>> Cheers,
>> --
>> Kamil Gorlo
>
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
>




From is at rambler-co.ru  Thu Jul  9 19:14:54 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 9 Jul 2009 19:14:54 +0400
Subject: Upstream (fair) with dead servers
In-Reply-To: <1c14c1730907090809r66e6c2abm94a5f2a74bc7079a@mail.gmail.com>
References: <1c14c1730907090747w4294ecffm3d1fc3d3c9010b0f@mail.gmail.com> <20090709145701.GH72073@rambler-co.ru> <1c14c1730907090809r66e6c2abm94a5f2a74bc7079a@mail.gmail.com>
Message-ID: <20090709151454.GI72073@rambler-co.ru>

On Thu, Jul 09, 2009 at 05:09:56PM +0200, Kamil Gorlo wrote:

> 2009/7/9 Igor Sysoev <is at rambler-co.ru>:
> > On Thu, Jul 09, 2009 at 04:47:43PM +0200, Kamil Gorlo wrote:
> >
> >> Hi,
> >>
> >> I have (possibly quite rare) situation where I have one upstream with
> >> two servers and I know that in any particular moment only one of those
> >> servers is running:
> >>
> >> upstream blah {
> >> ? ? server server1; // when working, server2 is dead
> >> ? ? server server2; // when working, server1 is dead
> >> }
> >>
> >> So, what I need is that Nginx will choose working backend (in this
> >> upstream), remembers it and choose it for every request till some
> >> failure on this server occurs. Then it tries other server in upstream,
> >> till it finds some working - and situation repeats. Is this possible?
> >
> > No, nginx will send request on both servers in round robin mode.
> > If one of them will fails, then nginx will resend the failed request
> > to another server and mark the server as dead for fail_timeout time.
> 
> Hmm, what about situation when all servers are marked as dead? Nginx
> will wait till fail_timeout expires for some server and in meantime
> return error to client? Or will try dead servers?

In this case nginx marks all servers as live and try again.

> Also, is it hard to write such a "upstream-chooser" which will work as
> I described?

I'm going to rewrite upstream modules in 0.8.x (add fair, etc.) and
probably add this functionality. But why do you want to send request
to one only server leaving the other as spare one ?

> >> Maybe upstream_fair module with option no_rr will work for me (I am not sure)?
> >>
> >> Cheers,
> >> --
> >> Kamil Gorlo


-- 
Igor Sysoev
http://sysoev.rua/en/




From miles at tinyapps.org  Thu Jul  9 19:20:54 2009
From: miles at tinyapps.org (TinyApps.Org)
Date: Thu, 9 Jul 2009 05:20:54 -1000
Subject: Password-protected dirs working but reporting unexpected errors
In-Reply-To: <20090709144835.GG72073@rambler-co.ru>
References: <E7C1E888-8534-4D89-8D86-E76EAD85C928@tinyapps.org> <20090709075829.GE66728@rambler-co.ru> <A25D66A9-087E-4F5E-9E18-0058D6F8CEB7@tinyapps.org> <20090709144835.GG72073@rambler-co.ru>
Message-ID: <FB1CE050-726B-4BB2-B96E-95D3CBE50A2B@tinyapps.org>

>> I'd like to send you a donation, but do not see
>> a button on http://sysoev.ru/en/ or http://nginx.net/ .
>> Do the donations to http://wiki.nginx.org/Main really
>> go to you? Just want to make sure.

> Yes, http://sysoev.ru/en/donation.html

Thanks - done!





From kgorlo at gmail.com  Thu Jul  9 19:46:20 2009
From: kgorlo at gmail.com (Kamil Gorlo)
Date: Thu, 9 Jul 2009 17:46:20 +0200
Subject: Upstream (fair) with dead servers
In-Reply-To: <20090709151454.GI72073@rambler-co.ru>
References: <1c14c1730907090747w4294ecffm3d1fc3d3c9010b0f@mail.gmail.com> 
	<20090709145701.GH72073@rambler-co.ru> <1c14c1730907090809r66e6c2abm94a5f2a74bc7079a@mail.gmail.com> 
	<20090709151454.GI72073@rambler-co.ru>
Message-ID: <1c14c1730907090846u331ec5d3v144fbe65351d9ae@mail.gmail.com>

2009/7/9 Igor Sysoev <is at rambler-co.ru>:
> On Thu, Jul 09, 2009 at 05:09:56PM +0200, Kamil Gorlo wrote:
>
>> 2009/7/9 Igor Sysoev <is at rambler-co.ru>:
>> > On Thu, Jul 09, 2009 at 04:47:43PM +0200, Kamil Gorlo wrote:
>> >
>> >> Hi,
>> >>
>> >> I have (possibly quite rare) situation where I have one upstream with
>> >> two servers and I know that in any particular moment only one of those
>> >> servers is running:
>> >>
>> >> upstream blah {
>> >> ? ? server server1; // when working, server2 is dead
>> >> ? ? server server2; // when working, server1 is dead
>> >> }
>> >>
>> >> So, what I need is that Nginx will choose working backend (in this
>> >> upstream), remembers it and choose it for every request till some
>> >> failure on this server occurs. Then it tries other server in upstream,
>> >> till it finds some working - and situation repeats. Is this possible?
>> >
>> > No, nginx will send request on both servers in round robin mode.
>> > If one of them will fails, then nginx will resend the failed request
>> > to another server and mark the server as dead for fail_timeout time.
>>
>> Hmm, what about situation when all servers are marked as dead? Nginx
>> will wait till fail_timeout expires for some server and in meantime
>> return error to client? Or will try dead servers?
>
> In this case nginx marks all servers as live and try again.
>
>> Also, is it hard to write such a "upstream-chooser" which will work as
>> I described?
>
> I'm going to rewrite upstream modules in 0.8.x (add fair, etc.) and
> probably add this functionality. But why do you want to send request
> to one only server leaving the other as spare one ?

Those servers are not HTTP servers, but memcached-like servers (Tokyo Tyrant).

In my configuration Tokyo Tyrant is in master-master taste - which
leads to problems with replication when clients are writing to more
than one master (but this is master-master not master-slave because I
want that, in case of failure, the other working server will cope with
writes). So to prevent problems I have simple (and maybe ugly;)
scripts which blocks interfaces at non-current-master machine.

>> >> Maybe upstream_fair module with option no_rr will work for me (I am not sure)?
>> >>
>> >> Cheers,
>> >> --
>> >> Kamil Gorlo
>
>
> --
> Igor Sysoev
> http://sysoev.rua/en/
>
>




From nginx at tomvalentine.net  Thu Jul  9 22:08:46 2009
From: nginx at tomvalentine.net (nginx at tomvalentine.net)
Date: Thu, 09 Jul 2009 19:08:46 +0100
Subject: Auth_basic 500 error
Message-ID: <4A56322E.6020703@tomvalentine.net>

Hello,

I can not seem to get auth basic to work, my configuration works fine
with everything else, but if I enable authorisation, I get a 500
Internal Server Error

I think the key error is the Readfile() error, but I have no idea what
it means or how to fix it.

   From nginx.conf

location / {
	index  index.html index.htm index.php;
	auth_basic private;
	auth_basic_user_file htpasswd;
}

If anyone can help, thanks!
By the way, I am using nginx/0.7.61 on Windows Vista, and the error
happens in both Firefox/Opera

Tom

Attached is part of my log file



-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: 500_error.log
URL: <http://nginx.org/pipermail/nginx/attachments/20090709/2aa6ccd3/attachment.ksh>

From mike503 at gmail.com  Thu Jul  9 22:32:01 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Thu, 9 Jul 2009 11:32:01 -0700
Subject: Auth_basic 500 error
In-Reply-To: <4A56322E.6020703@tomvalentine.net>
References: <4A56322E.6020703@tomvalentine.net>
Message-ID: <bd9320b30907091132k45854cdey4b2e0566a5f4adbc@mail.gmail.com>

try the full path to the htpasswd file. it's probably trying to read
from the nginx config path.



On Thu, Jul 9, 2009 at 11:08 AM, <nginx at tomvalentine.net> wrote:
> Hello,
>
> I can not seem to get auth basic to work, my configuration works fine
> with everything else, but if I enable authorisation, I get a 500
> Internal Server Error
>
> I think the key error is the Readfile() error, but I have no idea what
> it means or how to fix it.
>
> ?From nginx.conf
>
> location / {
> ? ? ? ?index ?index.html index.htm index.php;
> ? ? ? ?auth_basic private;
> ? ? ? ?auth_basic_user_file htpasswd;
> }
>
> If anyone can help, thanks!
> By the way, I am using nginx/0.7.61 on Windows Vista, and the error
> happens in both Firefox/Opera
>
> Tom
>
> Attached is part of my log file
>
>
>
>
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http request line: "GET / HTTP/1.1"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http uri: "/"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http args: ""
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http exten: ""
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http process request header line
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http header: "Host: localhost:88"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http header: "User-Agent:
> Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.9.1) Gecko/20090624
> Firefox/3.5 (.NET CLR 3.5.30729)"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http header: "Accept:
> text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http header: "Accept-Language:
> en-gb,en;q=0.5"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http header: "Accept-Encoding:
> gzip,deflate"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http header: "Accept-Charset:
> ISO-8859-1,utf-8;q=0.7,*;q=0.7"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http header: "Keep-Alive: 300"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http header: "Connection:
> keep-alive"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http header: "Authorization: Basic
> dG9tOmhramhmc2RsZmpo"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http header: "Pragma: no-cache"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http header: "Cache-Control:
> no-cache"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http header done
> 2009/07/09 17:01:45 [debug] 1348#504: *3 event timer del: 320: 1614849850
> 2009/07/09 17:01:45 [debug] 1348#504: *3 generic phase: 0
> 2009/07/09 17:01:45 [debug] 1348#504: *3 add cleanup: 018BD910
> 2009/07/09 17:01:45 [debug] 1348#504: *3 generic phase: 1
> 2009/07/09 17:01:45 [debug] 1348#504: *3 test location: "/"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 using configuration "/"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http cl:-1 max:1048576
> 2009/07/09 17:01:45 [debug] 1348#504: *3 generic phase: 3
> 2009/07/09 17:01:45 [debug] 1348#504: *3 post rewrite phase: 4
> 2009/07/09 17:01:45 [debug] 1348#504: *3 generic phase: 5
> 2009/07/09 17:01:45 [debug] 1348#504: *3 add cleanup: 018BD92C
> 2009/07/09 17:01:45 [debug] 1348#504: *3 generic phase: 6
> 2009/07/09 17:01:45 [debug] 1348#504: *3 generic phase: 7
> 2009/07/09 17:01:45 [debug] 1348#504: *3 access phase: 8
> 2009/07/09 17:01:45 [debug] 1348#504: *3 access: 0100007F FFFFFFFF 0100007F
> 2009/07/09 17:01:45 [debug] 1348#504: *3 access phase: 9
> 2009/07/09 17:01:45 [error] 1348#504: *3 ReadFile() failed (38: Reached the
> end of the file), client: 127.0.0.1, server: localhost, request: "GET /
> HTTP/1.1", host: "localhost:88"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http finalize request: 500, "/?" 1
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http special response: 500, "/?"
> 2009/07/09 17:01:45 [debug] 1348#504: *3 http set discard body
> 2009/07/09 17:01:45 [debug] 1348#504: *3 HTTP/1.1 500 Internal Server Error
> Server: nginx/0.7.61
> Date: Thu, 09 Jul 2009 16:01:45 GMT
> Content-Type: text/html
> Content-Length: 193
> Connection: close
>
>




From nginx-forum at nginx.us  Thu Jul  9 23:33:14 2009
From: nginx-forum at nginx.us (vburshteyn)
Date: Thu, 9 Jul 2009 15:33:14 -0400
Subject: vburshteyn
In-Reply-To: <20090709143139.GF72073@forum.nginx.org>
References: <2c449df47c612bdeaa42d965f6c610af.NginxMailingList@forum.nginx.org> <20090709143139.GF72073@forum.nginx.org>
Message-ID: <e7af698e0428bb2f0e41ccc21bd22868.NginxMailingList@forum.nginx.org>

Igor, thanks, bolshoye spasibo.  if you dont mind, one more question on that topic  - how would u do this?

../  this needs to be redirected to
 
...//

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3863,3947#msg-3947





From is at rambler-co.ru  Thu Jul  9 23:47:30 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 9 Jul 2009 23:47:30 +0400
Subject: Password-protected dirs working but reporting unexpected errors
In-Reply-To: <FB1CE050-726B-4BB2-B96E-95D3CBE50A2B@tinyapps.org>
References: <E7C1E888-8534-4D89-8D86-E76EAD85C928@tinyapps.org> <20090709075829.GE66728@rambler-co.ru> <A25D66A9-087E-4F5E-9E18-0058D6F8CEB7@tinyapps.org> <20090709144835.GG72073@rambler-co.ru> <FB1CE050-726B-4BB2-B96E-95D3CBE50A2B@tinyapps.org>
Message-ID: <20090709194730.GC80653@rambler-co.ru>

On Thu, Jul 09, 2009 at 05:20:54AM -1000, TinyApps.Org wrote:

> >>I'd like to send you a donation, but do not see
> >>a button on http://sysoev.ru/en/ or http://nginx.net/ .
> >>Do the donations to http://wiki.nginx.org/Main really
> >>go to you? Just want to make sure.
> 
> >Yes, http://sysoev.ru/en/donation.html
> 
> Thanks - done!

Thank you very much!


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Thu Jul  9 23:58:20 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 9 Jul 2009 23:58:20 +0400
Subject: vburshteyn
In-Reply-To: <e7af698e0428bb2f0e41ccc21bd22868.NginxMailingList@forum.nginx.org>
References: <2c449df47c612bdeaa42d965f6c610af.NginxMailingList@forum.nginx.org> <20090709143139.GF72073@forum.nginx.org> <e7af698e0428bb2f0e41ccc21bd22868.NginxMailingList@forum.nginx.org>
Message-ID: <20090709195820.GD80653@rambler-co.ru>

On Thu, Jul 09, 2009 at 03:33:14PM -0400, vburshteyn wrote:

> Igor, thanks, bolshoye spasibo.  if you dont mind, one more question on that topic  - how would u do this?
> 
> ../  this needs to be redirected to
>  
> ...//
> 
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3863,3947#msg-3947

Forum's maillist gateway cut some characters:

----------
[affiliate].[www2].[mysite.com]/[boxoffice][what ever the string in here] this needs to be redirected to

[affiliate].[boxoffice].[www2].[mysite.com]/[boxoffice]/[what ever the string in here]
----------

became

----------
 ../  this needs to be redirected to
  
 ...//
----------

If you want do some generic redirect rule, then

   server {
        server_name  affiliate.www2.mysite.com;

        location ~ ^(/[^/]+) {
            set      $name  $1;
            rewrite  ^  http://affiliate.$name.www2.mysite.com$request_uri?;
        }
   }


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Thu Jul  9 23:59:54 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 9 Jul 2009 23:59:54 +0400
Subject: Auth_basic 500 error
In-Reply-To: <4A56322E.6020703@tomvalentine.net>
References: <4A56322E.6020703@tomvalentine.net>
Message-ID: <20090709195954.GE80653@rambler-co.ru>

On Thu, Jul 09, 2009 at 07:08:46PM +0100, nginx at tomvalentine.net wrote:

> Hello,
> 
> I can not seem to get auth basic to work, my configuration works fine
> with everything else, but if I enable authorisation, I get a 500
> Internal Server Error
> 
> I think the key error is the Readfile() error, but I have no idea what
> it means or how to fix it.
> 
>   From nginx.conf
> 
> location / {
> 	index  index.html index.htm index.php;
> 	auth_basic private;
> 	auth_basic_user_file htpasswd;
> }
> 
> If anyone can help, thanks!
> By the way, I am using nginx/0.7.61 on Windows Vista, and the error
> happens in both Firefox/Opera

> 2009/07/09 17:01:45 [error] 1348#504: *3 ReadFile() failed (38: Reached the end of the file), client: 127.0.0.1, server: localhost, request: "GET / HTTP/1.1", host: "localhost:88"

This is nginx bug, I will try to reproduce it. How big is your htpasswd ?


-- 
Igor Sysoev
http://sysoev.ru/en/




From tom at tomvalentine.net  Fri Jul 10 00:28:31 2009
From: tom at tomvalentine.net (Tom Valentine)
Date: Thu, 09 Jul 2009 21:28:31 +0100
Subject: Auth_basic 500 error
In-Reply-To: <bd9320b30907091132k45854cdey4b2e0566a5f4adbc@mail.gmail.com>
References: <4A56322E.6020703@tomvalentine.net> <bd9320b30907091132k45854cdey4b2e0566a5f4adbc@mail.gmail.com>
Message-ID: <4A5652EF.1010503@tomvalentine.net>



Michael Shadle wrote:
> try the full path to the htpasswd file. it's probably trying to read
> from the nginx config path.
> 

Hi, I changed it to the full file path, and got the same error.
I then changed the configuration to point to a file that did not exist.
This resulted in the error:

2009/07/09 21:12:54 [error] 3820#3944: *3 CreateFile() 
"C:/nginx/conf/.tpasswd" failed (2: The system cannot find the file 
specified), client: 192.168.1.1, server: localhost, request: "GET 
/favicon.ico?hj HTTP/1.1", host: "192.168.1.11:88"


I pointed nginx.conf back to the correct file and switched to a putty 
session on my router and used wget for some testing:

wget http://:d at 192.168.1.11:88/favicon.ico
-->  server returned error: HTTP/1.1 401 Unauthorized	(Expected)

But as soon as I add in a username to the request I got a 500 error:

wget http://fdfdf:fsdfsdfsdfsdfsdfd at 192.168.1.11:88/favicon.ico
-->  server returned error: HTTP/1.1 500 Internal Server Error


The only time I got a 403 error was when I was pointing nginx.conf to a 
non existent file AND if I specified a username in the request:

wget http://vps:sdsd at 192.168.1.11:88/favicon.ico
-->  server returned error: HTTP/1.1 403 Forbidden

So it seems I can only get the authorisation to work if I don't have a 
password file.

So is my password file the problem, I generated the passwords from 
various sources (I tried several) including a working htpasswd file from 
apache, but I would expect a 403 error, not a 500.





From tom at tomvalentine.net  Fri Jul 10 00:31:02 2009
From: tom at tomvalentine.net (Tom Valentine)
Date: Thu, 09 Jul 2009 21:31:02 +0100
Subject: Auth_basic 500 error
In-Reply-To: <20090709195954.GE80653@rambler-co.ru>
References: <4A56322E.6020703@tomvalentine.net> <20090709195954.GE80653@rambler-co.ru>
Message-ID: <4A565386.8040904@tomvalentine.net>



Igor Sysoev wrote:
> On Thu, Jul 09, 2009 at 07:08:46PM +0100, nginx at tomvalentine.net wrote:
> 
>> Hello,
>>
>> I can not seem to get auth basic to work, my configuration works fine
>> with everything else, but if I enable authorisation, I get a 500
>> Internal Server Error
>>
>> I think the key error is the Readfile() error, but I have no idea what
>> it means or how to fix it.
>>
>>   From nginx.conf
>>
>> location / {
>> 	index  index.html index.htm index.php;
>> 	auth_basic private;
>> 	auth_basic_user_file htpasswd;
>> }
>>
>> If anyone can help, thanks!
>> By the way, I am using nginx/0.7.61 on Windows Vista, and the error
>> happens in both Firefox/Opera
> 
>> 2009/07/09 17:01:45 [error] 1348#504: *3 ReadFile() failed (38: Reached the end of the file), client: 127.0.0.1, server: localhost, request: "GET / HTTP/1.1", host: "localhost:88"
> 
> This is nginx bug, I will try to reproduce it. How big is your htpasswd ?
> 
> 


Currently one line, I had a few more user/password combinations in at 
one point when I was trying to figure out what was going wrong.

Tom




From nginx at tomvalentine.net  Fri Jul 10 00:44:00 2009
From: nginx at tomvalentine.net (nginx at tomvalentine.net)
Date: Thu, 09 Jul 2009 21:44:00 +0100
Subject: Auth_basic 500 error
Message-ID: <4A565690.3040703@tomvalentine.net>



Igor Sysoev wrote:
 > On Thu, Jul 09, 2009 at 07:08:46PM +0100, nginx at tomvalentine.net wrote:
 >
 >> Hello,
 >>
 >> I can not seem to get auth basic to work, my configuration works fine
 >> with everything else, but if I enable authorisation, I get a 500
 >> Internal Server Error
 >>
 >> I think the key error is the Readfile() error, but I have no idea what
 >> it means or how to fix it.
 >>
 >>   From nginx.conf
 >>
 >> location / {
 >>     index  index.html index.htm index.php;
 >>     auth_basic private;
 >>     auth_basic_user_file htpasswd;
 >> }
 >>
 >> If anyone can help, thanks!
 >> By the way, I am using nginx/0.7.61 on Windows Vista, and the error
 >> happens in both Firefox/Opera
 >
 >> 2009/07/09 17:01:45 [error] 1348#504: *3 ReadFile() failed (38: 
Reached the end of the file), client: 127.0.0.1, server: localhost, 
request: "GET / HTTP/1.1", host: "localhost:88"
 >
 > This is nginx bug, I will try to reproduce it. How big is your htpasswd ?
 >
 >


Currently one line, I had a few more user/password combinations in at 
one point when I was trying to figure out what was going wrong.

Tom

(Sorry, forgot I had different users setup for my email so sent with 
other id which meant it didn't make it to the mailing list)




From cliff at develix.com  Fri Jul 10 01:20:26 2009
From: cliff at develix.com (Cliff Wells)
Date: Thu, 09 Jul 2009 14:20:26 -0700
Subject: Nginx proxying WebDAV = no love
In-Reply-To: <20090709070009.GA66728@rambler-co.ru>
References: <1247087646.3689.9.camel@portable-evil>
	 <20090709070009.GA66728@rambler-co.ru>
Message-ID: <1247174426.3689.49.camel@portable-evil>

On Thu, 2009-07-09 at 11:00 +0400, Igor Sysoev wrote:

> Coud you create debug log of the requests ?

Sent via private email.

Regards,
Cliff


-- 
http://www.google.com/search?q=vonage+sucks





From nbubingo at gmail.com  Fri Jul 10 06:34:48 2009
From: nbubingo at gmail.com (Weibin Yao)
Date: Fri, 10 Jul 2009 10:34:48 +0800
Subject: Upstream (fair) with dead servers
In-Reply-To: <1c14c1730907090747w4294ecffm3d1fc3d3c9010b0f@mail.gmail.com>
References: <1c14c1730907090747w4294ecffm3d1fc3d3c9010b0f@mail.gmail.com>
Message-ID: <4A56A8C8.1000502@gmail.com>

Kamil Gorlo at 2009-7-9 22:47 wrote:
> Hi,
>
> I have (possibly quite rare) situation where I have one upstream with
> two servers and I know that in any particular moment only one of those
> servers is running:
>
> upstream blah {
>     server server1; // when working, server2 is dead
>     server server2; // when working, server1 is dead
> }
>
> So, what I need is that Nginx will choose working backend (in this
> upstream), remembers it and choose it for every request till some
> failure on this server occurs. Then it tries other server in upstream,
> till it finds some working - and situation repeats. Is this possible?
>
> Maybe upstream_fair module with option no_rr will work for me (I am not sure)?
>
> Cheers,
>   
I think you should try the keepalived.

-- 
Weibin Yao





From nbubingo at gmail.com  Fri Jul 10 06:59:12 2009
From: nbubingo at gmail.com (Weibin Yao)
Date: Fri, 10 Jul 2009 10:59:12 +0800
Subject: Upstream (fair) with dead servers
In-Reply-To: <20090709151454.GI72073@rambler-co.ru>
References: <1c14c1730907090747w4294ecffm3d1fc3d3c9010b0f@mail.gmail.com> <20090709145701.GH72073@rambler-co.ru> <1c14c1730907090809r66e6c2abm94a5f2a74bc7079a@mail.gmail.com> <20090709151454.GI72073@rambler-co.ru>
Message-ID: <4A56AE80.1050906@gmail.com>

Igor Sysoev at 2009-7-9 23:14 wrote:
> I'm going to rewrite upstream modules in 0.8.x (add fair, etc.) and
> probably add this functionality. But why do you want to send request
> to one only server leaving the other as spare one ?
>   
I'm glad to hear the good news, thanks for you hard work. Will you  add  
upstream  keepalive  in  0.8.X?

-- 
Weibin Yao





From is at rambler-co.ru  Fri Jul 10 11:07:35 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Fri, 10 Jul 2009 11:07:35 +0400
Subject: Nginx proxying WebDAV = no love
In-Reply-To: <1247174426.3689.49.camel@portable-evil>
References: <1247087646.3689.9.camel@portable-evil> <20090709070009.GA66728@rambler-co.ru> <1247174426.3689.49.camel@portable-evil>
Message-ID: <20090710070735.GD34030@rambler-co.ru>

On Thu, Jul 09, 2009 at 02:20:26PM -0700, Cliff Wells wrote:

> On Thu, 2009-07-09 at 11:00 +0400, Igor Sysoev wrote:
> 
> > Coud you create debug log of the requests ?
> 
> Sent via private email.

As it was suggested before, the backend sends a chunked response
to nginx's HTTP/1.0 request:

.. 207 Multi-Status
Server: DAV/0.9.3 Python/2.6.2
Connection: close
Date: Thu, 09 Jul 2009 21:17:01 GMT
Content-type: text/xml; encoding="utf-8"
Connection: close
Transfer-Encoding: chunked
Date: Thu, 09 Jul 2009 21:17:01 GMT


-- 
Igor Sysoev
http://sysoev.ru/en/




From dave at cheney.net  Fri Jul 10 11:43:30 2009
From: dave at cheney.net (Dave Cheney)
Date: Fri, 10 Jul 2009 03:43:30 -0400
Subject: Nginx proxying WebDAV =?UTF-8?B?PQ==?= no love
References: <1247087646.3689.9.camel@portable-evil> <20090709070009.GA66728@rambler-co.ru> <1247174426.3689.49.camel@portable-evil> <20090710070735.GD34030@rambler-co.ru>
Message-ID: <cone.1247211810.746588.14033.501@odessa.cheney.net>

What I found was the OS X as the client would send a chunked *request* which 
nginx does not support, however sending a chunked response to a HTTP/1.0 
request is bad form as well.

Cheers

Dave


Igor Sysoev writes:

> On Thu, Jul 09, 2009 at 02:20:26PM -0700, Cliff Wells wrote:
> 
>> On Thu, 2009-07-09 at 11:00 +0400, Igor Sysoev wrote:
>> 
>> > Coud you create debug log of the requests ?
>> 
>> Sent via private email.
> 
> As it was suggested before, the backend sends a chunked response
> to nginx's HTTP/1.0 request:
> 
> .. 207 Multi-Status
> Server: DAV/0.9.3 Python/2.6.2
> Connection: close
> Date: Thu, 09 Jul 2009 21:17:01 GMT
> Content-type: text/xml; encoding="utf-8"
> Connection: close
> Transfer-Encoding: chunked
> Date: Thu, 09 Jul 2009 21:17:01 GMT
> 
> 
> -- 
> Igor Sysoev
> http://sysoev.ru/en/
> 




From is at rambler-co.ru  Fri Jul 10 11:55:44 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Fri, 10 Jul 2009 11:55:44 +0400
Subject: Nginx proxying WebDAV = no love
In-Reply-To: <cone.1247211810.746588.14033.501@odessa.cheney.net>
References: <1247087646.3689.9.camel@portable-evil> <20090709070009.GA66728@rambler-co.ru> <1247174426.3689.49.camel@portable-evil> <20090710070735.GD34030@rambler-co.ru> <cone.1247211810.746588.14033.501@odessa.cheney.net>
Message-ID: <20090710075544.GE34030@rambler-co.ru>

On Fri, Jul 10, 2009 at 03:43:30AM -0400, Dave Cheney wrote:

> What I found was the OS X as the client would send a chunked *request* 
> which nginx does not support, however sending a chunked response to a 
> HTTP/1.0 request is bad form as well.

You are right, I have incorrectly interpreted your sentence:

---
Get out ngrep and make sure that pywebdav is honoring the Connection:
close request proxied via nginx. I have found that nginx waits for the
---

> Cheers
> 
> Dave
> 
> 
> Igor Sysoev writes:
> 
> >On Thu, Jul 09, 2009 at 02:20:26PM -0700, Cliff Wells wrote:
> >
> >>On Thu, 2009-07-09 at 11:00 +0400, Igor Sysoev wrote:
> >>
> >>> Coud you create debug log of the requests ?
> >>
> >>Sent via private email.
> >
> >As it was suggested before, the backend sends a chunked response
> >to nginx's HTTP/1.0 request:
> >
> >.. 207 Multi-Status
> >Server: DAV/0.9.3 Python/2.6.2
> >Connection: close
> >Date: Thu, 09 Jul 2009 21:17:01 GMT
> >Content-type: text/xml; encoding="utf-8"
> >Connection: close
> >Transfer-Encoding: chunked
> >Date: Thu, 09 Jul 2009 21:17:01 GMT
> >
> >
> >-- 
> >Igor Sysoev
> >http://sysoev.ru/en/
> >

-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Fri Jul 10 14:20:24 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Fri, 10 Jul 2009 14:20:24 +0400
Subject: Upstream (fair) with dead servers
In-Reply-To: <4A56AE80.1050906@gmail.com>
References: <1c14c1730907090747w4294ecffm3d1fc3d3c9010b0f@mail.gmail.com> <20090709145701.GH72073@rambler-co.ru> <1c14c1730907090809r66e6c2abm94a5f2a74bc7079a@mail.gmail.com> <20090709151454.GI72073@rambler-co.ru> <4A56AE80.1050906@gmail.com>
Message-ID: <20090710102024.GC38566@rambler-co.ru>

On Fri, Jul 10, 2009 at 10:59:12AM +0800, Weibin Yao wrote:

> Igor Sysoev at 2009-7-9 23:14 wrote:
> >I'm going to rewrite upstream modules in 0.8.x (add fair, etc.) and
> >probably add this functionality. But why do you want to send request
> >to one only server leaving the other as spare one ?
> >  
> I'm glad to hear the good news, thanks for you hard work. Will you  add  
> upstream  keepalive  in  0.8.X?

At least I plan this.


-- 
Igor Sysoev
http://sysoev.ru/en/




From eduveks at gmail.com  Fri Jul 10 18:20:37 2009
From: eduveks at gmail.com (Eduardo Velasques)
Date: Fri, 10 Jul 2009 15:20:37 +0100
Subject: Nginx+WebDav vs SVN
Message-ID: <a666abe0907100720n106ed7ebn6f695ef6e409be63@mail.gmail.com>

Hi,

Nginx + WebDav works with SVN? Without no proxy to Apache + WebDav?

I did an search and I see it is not possible... but is true?

Thank you.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090710/f6dd77f3/attachment.html>

From mike503 at gmail.com  Fri Jul 10 19:44:10 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Fri, 10 Jul 2009 08:44:10 -0700
Subject: Nginx+WebDav vs SVN
In-Reply-To: <a666abe0907100720n106ed7ebn6f695ef6e409be63@mail.gmail.com>
References: <a666abe0907100720n106ed7ebn6f695ef6e409be63@mail.gmail.com>
Message-ID: <bd9320b30907100844k37018aadt4d91b0477647db1b@mail.gmail.com>

It does not support it, it is on my wishlist and some others though :)

2009/7/10 Eduardo Velasques <eduveks at gmail.com>:
> Hi,
>
> Nginx + WebDav works with SVN? Without no proxy to Apache + WebDav?
>
> I did an search and I see it is not possible... but is true?
>
> Thank you.
>
>




From nginx-forum at nginx.us  Fri Jul 10 19:56:33 2009
From: nginx-forum at nginx.us (vburshteyn)
Date: Fri, 10 Jul 2009 11:56:33 -0400
Subject: vburshteyn
In-Reply-To: <20090709195820.GD80653@forum.nginx.org>
References: <2c449df47c612bdeaa42d965f6c610af.NginxMailingList@forum.nginx.org> <20090709143139.GF72073@forum.nginx.org> <e7af698e0428bb2f0e41ccc21bd22868.NginxMailingList@forum.nginx.org> <20090709195820.GD80653@forum.nginx.org>
Message-ID: <358f56bb81dc3ec3e3add921137e650e.NginxMailingList@forum.nginx.org>

Igor, 

in your opinion, if redirects are just say 10% of the traffic, and rest does not need to be redirected, would you just use IF statment?

say 

if (host ~ group) 
rewrite xxxxxxxxxxxxxxxx

or u would still go with virtual server set up that you suggested earlier?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3863,3968#msg-3968





From is at rambler-co.ru  Fri Jul 10 20:01:45 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Fri, 10 Jul 2009 20:01:45 +0400
Subject: vburshteyn
In-Reply-To: <358f56bb81dc3ec3e3add921137e650e.NginxMailingList@forum.nginx.org>
References: <2c449df47c612bdeaa42d965f6c610af.NginxMailingList@forum.nginx.org> <20090709143139.GF72073@forum.nginx.org> <e7af698e0428bb2f0e41ccc21bd22868.NginxMailingList@forum.nginx.org> <20090709195820.GD80653@forum.nginx.org> <358f56bb81dc3ec3e3add921137e650e.NginxMailingList@forum.nginx.org>
Message-ID: <20090710160145.GD44171@rambler-co.ru>

On Fri, Jul 10, 2009 at 11:56:33AM -0400, vburshteyn wrote:

> Igor, 
> 
> in your opinion, if redirects are just say 10% of the traffic, and rest does not need to be redirected, would you just use IF statment?
> 
> say 
> 
> if (host ~ group) 
> rewrite xxxxxxxxxxxxxxxx
> 
> or u would still go with virtual server set up that you suggested earlier?

If you want to write "if (host ~ group)", this means that you should
forget about RewriteCond and use "server { server_name group; ... }


-- 
Igor Sysoev
http://sysoev.ru/en/




From cliff at develix.com  Fri Jul 10 22:53:23 2009
From: cliff at develix.com (Cliff Wells)
Date: Fri, 10 Jul 2009 11:53:23 -0700
Subject: Nginx proxying WebDAV = no love
In-Reply-To: <20090710070735.GD34030@rambler-co.ru>
References: <1247087646.3689.9.camel@portable-evil>
	 <20090709070009.GA66728@rambler-co.ru>
	 <1247174426.3689.49.camel@portable-evil>
	 <20090710070735.GD34030@rambler-co.ru>
Message-ID: <1247252003.3689.56.camel@portable-evil>

On Fri, 2009-07-10 at 11:07 +0400, Igor Sysoev wrote:
> On Thu, Jul 09, 2009 at 02:20:26PM -0700, Cliff Wells wrote:
> 
> > On Thu, 2009-07-09 at 11:00 +0400, Igor Sysoev wrote:
> > 
> > > Coud you create debug log of the requests ?
> > 
> > Sent via private email.
> 
> As it was suggested before, the backend sends a chunked response
> to nginx's HTTP/1.0 request:
> 
> .. 207 Multi-Status
> Server: DAV/0.9.3 Python/2.6.2
> Connection: close
> Date: Thu, 09 Jul 2009 21:17:01 GMT
> Content-type: text/xml; encoding="utf-8"
> Connection: close
> Transfer-Encoding: chunked
> Date: Thu, 09 Jul 2009 21:17:01 GMT

Thanks Igor.   I've fixed it and submitted a patch to the pywebdav
developers.

Regards,
Cliff

-- 
http://www.google.com/search?q=vonage+sucks





From apseudoutopia at gmail.com  Sat Jul 11 00:15:47 2009
From: apseudoutopia at gmail.com (APseudoUtopia)
Date: Fri, 10 Jul 2009 16:15:47 -0400
Subject: Nginx+WebDav vs SVN
In-Reply-To: <bd9320b30907100844k37018aadt4d91b0477647db1b@mail.gmail.com>
References: <a666abe0907100720n106ed7ebn6f695ef6e409be63@mail.gmail.com> 
	<bd9320b30907100844k37018aadt4d91b0477647db1b@mail.gmail.com>
Message-ID: <27ade5280907101315x650d086cibf3a07d045a052f1@mail.gmail.com>

On Fri, Jul 10, 2009 at 11:44 AM, Michael Shadle<mike503 at gmail.com> wrote:
> It does not support it, it is on my wishlist and some others though :)
>
> 2009/7/10 Eduardo Velasques <eduveks at gmail.com>:
>> Hi,
>>
>> Nginx + WebDav works with SVN? Without no proxy to Apache + WebDav?
>>
>> I did an search and I see it is not possible... but is true?
>>
>> Thank you.
>>
>>
>
>

Running svnserve is probably the next best thing. It's a very
lightweight daemon, and it eliminates the need for having apache
installed/running (and it seems to be faster too!)




From mike503 at gmail.com  Sat Jul 11 01:30:36 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Fri, 10 Jul 2009 14:30:36 -0700
Subject: Nginx+WebDav vs SVN
In-Reply-To: <27ade5280907101315x650d086cibf3a07d045a052f1@mail.gmail.com>
References: <a666abe0907100720n106ed7ebn6f695ef6e409be63@mail.gmail.com>
	 <bd9320b30907100844k37018aadt4d91b0477647db1b@mail.gmail.com>
	 <27ade5280907101315x650d086cibf3a07d045a052f1@mail.gmail.com>
Message-ID: <bd9320b30907101430v7797dd02q225725aa86665f36@mail.gmail.com>

ssh+svn is neat too, you can use ssh keys for auth, and it's encrypted
too. only needs a single user account on the svn server too.

On Fri, Jul 10, 2009 at 1:15 PM, APseudoUtopia<apseudoutopia at gmail.com> wrote:
> On Fri, Jul 10, 2009 at 11:44 AM, Michael Shadle<mike503 at gmail.com> wrote:
>> It does not support it, it is on my wishlist and some others though :)
>>
>> 2009/7/10 Eduardo Velasques <eduveks at gmail.com>:
>>> Hi,
>>>
>>> Nginx + WebDav works with SVN? Without no proxy to Apache + WebDav?
>>>
>>> I did an search and I see it is not possible... but is true?
>>>
>>> Thank you.
>>>
>>>
>>
>>
>
> Running svnserve is probably the next best thing. It's a very
> lightweight daemon, and it eliminates the need for having apache
> installed/running (and it seems to be faster too!)
>
>




From kgorlo at gmail.com  Sat Jul 11 02:00:32 2009
From: kgorlo at gmail.com (Kamil Gorlo)
Date: Sat, 11 Jul 2009 00:00:32 +0200
Subject: Upstream (fair) with dead servers
In-Reply-To: <4A56A8C8.1000502@gmail.com>
References: <1c14c1730907090747w4294ecffm3d1fc3d3c9010b0f@mail.gmail.com> 
	<4A56A8C8.1000502@gmail.com>
Message-ID: <1c14c1730907101500j241c5490o27e8e168ebe4bb65@mail.gmail.com>

On Fri, Jul 10, 2009 at 4:34 AM, Weibin Yao<nbubingo at gmail.com> wrote:
> Kamil Gorlo at 2009-7-9 22:47 wrote:
>>
>> Hi,
>>
>> I have (possibly quite rare) situation where I have one upstream with
>> two servers and I know that in any particular moment only one of those
>> servers is running:
>>
>> upstream blah {
>> ? ?server server1; // when working, server2 is dead
>> ? ?server server2; // when working, server1 is dead
>> }
>>
>> So, what I need is that Nginx will choose working backend (in this
>> upstream), remembers it and choose it for every request till some
>> failure on this server occurs. Then it tries other server in upstream,
>> till it finds some working - and situation repeats. Is this possible?
>>
>> Maybe upstream_fair module with option no_rr will work for me (I am not
>> sure)?
>>
>> Cheers,
>>
>
> I think you should try the keepalived.

What do you mean?

Cheers,
Kamil




From merlincorey at dc949.org  Sat Jul 11 02:22:59 2009
From: merlincorey at dc949.org (merlin corey)
Date: Fri, 10 Jul 2009 15:22:59 -0700
Subject: Nginx+WebDav vs SVN
In-Reply-To: <bd9320b30907101430v7797dd02q225725aa86665f36@mail.gmail.com>
References: <a666abe0907100720n106ed7ebn6f695ef6e409be63@mail.gmail.com>
	 <bd9320b30907100844k37018aadt4d91b0477647db1b@mail.gmail.com>
	 <27ade5280907101315x650d086cibf3a07d045a052f1@mail.gmail.com>
	 <bd9320b30907101430v7797dd02q225725aa86665f36@mail.gmail.com>
Message-ID: <e0af94b80907101522uf27ee4bna8f7375dc9d871f0@mail.gmail.com>

Even better, in my opinion, and long the same vein, is git, which uses
a single user account with SSH key access to multiple
users/repositories (check out gitosis for a nice management setup
using git itself).

On Fri, Jul 10, 2009 at 2:30 PM, Michael Shadle<mike503 at gmail.com> wrote:
> ssh+svn is neat too, you can use ssh keys for auth, and it's encrypted
> too. only needs a single user account on the svn server too.
>
> On Fri, Jul 10, 2009 at 1:15 PM, APseudoUtopia<apseudoutopia at gmail.com> wrote:
>> On Fri, Jul 10, 2009 at 11:44 AM, Michael Shadle<mike503 at gmail.com> wrote:
>>> It does not support it, it is on my wishlist and some others though :)
>>>
>>> 2009/7/10 Eduardo Velasques <eduveks at gmail.com>:
>>>> Hi,
>>>>
>>>> Nginx + WebDav works with SVN? Without no proxy to Apache + WebDav?
>>>>
>>>> I did an search and I see it is not possible... but is true?
>>>>
>>>> Thank you.
>>>>
>>>>
>>>
>>>
>>
>> Running svnserve is probably the next best thing. It's a very
>> lightweight daemon, and it eliminates the need for having apache
>> installed/running (and it seems to be faster too!)
>>
>>
>
>




From mike503 at gmail.com  Sat Jul 11 03:08:29 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Fri, 10 Jul 2009 16:08:29 -0700
Subject: Nginx+WebDav vs SVN
In-Reply-To: <e0af94b80907101522uf27ee4bna8f7375dc9d871f0@mail.gmail.com>
References: <a666abe0907100720n106ed7ebn6f695ef6e409be63@mail.gmail.com>
	 <bd9320b30907100844k37018aadt4d91b0477647db1b@mail.gmail.com>
	 <27ade5280907101315x650d086cibf3a07d045a052f1@mail.gmail.com>
	 <bd9320b30907101430v7797dd02q225725aa86665f36@mail.gmail.com>
	 <e0af94b80907101522uf27ee4bna8f7375dc9d871f0@mail.gmail.com>
Message-ID: <bd9320b30907101608m6c0c6e9bta589fd06213a9911@mail.gmail.com>

it's basically the same method using svn+ssh the way i'm using it
(i've used gitosis too, it essentially just manages your
authorized_keys file with the right command line stuff)

so this gives the same benefits as gitosis. i wonder if anyone has
svnosis out there :)

On Fri, Jul 10, 2009 at 3:22 PM, merlin corey<merlincorey at dc949.org> wrote:
> Even better, in my opinion, and long the same vein, is git, which uses
> a single user account with SSH key access to multiple
> users/repositories (check out gitosis for a nice management setup
> using git itself).
>
> On Fri, Jul 10, 2009 at 2:30 PM, Michael Shadle<mike503 at gmail.com> wrote:
>> ssh+svn is neat too, you can use ssh keys for auth, and it's encrypted
>> too. only needs a single user account on the svn server too.




From jim.ohlstein at gmail.com  Sat Jul 11 03:39:46 2009
From: jim.ohlstein at gmail.com (Jim Ohlstein)
Date: Fri, 10 Jul 2009 19:39:46 -0400
Subject: Cache questions
Message-ID: <4A57D142.2070501@gmail.com>

I'm using the fastcgi cache for static files (images, javascript,css) 
and just found multiple lines in the error log like this one:

2009/07/10 10:22:54 [crit] 22476#0: ngx_slab_alloc() failed: no memory 
in cache keys zone "one"

So I increased the memory available for the zone and reloaded nginx. It 
took over five hours to go through the cache but these are the relevant 
entries:

2009/07/10 12:11:03 [notice] 21038#0: start cache manager process 32730
2009/07/10 12:11:04 [notice] 21038#0: cache manager process 22480 exited 
with code 0

and finally

2009/07/10 17:43:27 [notice] 32730#0: http file cache: 
/usr/local/nginx/cache 11638.289M, bsize: 4096

My questions are:

Is that simply the total (11638.289MB or 11.4GB) of all of the file 
sizes, or is that the actual disk space consumed taking into account 
total number of blocks used multiplied by the block size? The number 
could be quite different given what I estimate are nearly one million 
mostly small files in the cache at this point.

When I next upgrade nginx (I'm running 0.8.4), and I attempt a "graceful 
upgrade" will it have to go through this entire process again?






From lists at ruby-forum.com  Sat Jul 11 10:03:58 2009
From: lists at ruby-forum.com (Qaiser Wali)
Date: Sat, 11 Jul 2009 08:03:58 +0200
Subject: Serving Dynamic js files
Message-ID: <3cdc0eccaf279b05a0ec7467c74201aa@ruby-forum.com>

I have a controller named javascripts and in my view i have few .js.erb
files.

on my local machine, i can include the .js as a regular script file and
it works fine. on my production machine i am not sure how to configure
nginx that it can recognize both the folders public/javascripts and
apps/views/javascripts and serve javascripts from both these places.

someone help please.
-- 
Posted via http://www.ruby-forum.com/.




From merlincorey at dc949.org  Sat Jul 11 10:58:55 2009
From: merlincorey at dc949.org (merlin corey)
Date: Fri, 10 Jul 2009 23:58:55 -0700
Subject: Nginx+WebDav vs SVN
In-Reply-To: <bd9320b30907101608m6c0c6e9bta589fd06213a9911@mail.gmail.com>
References: <a666abe0907100720n106ed7ebn6f695ef6e409be63@mail.gmail.com>
	 <bd9320b30907100844k37018aadt4d91b0477647db1b@mail.gmail.com>
	 <27ade5280907101315x650d086cibf3a07d045a052f1@mail.gmail.com>
	 <bd9320b30907101430v7797dd02q225725aa86665f36@mail.gmail.com>
	 <e0af94b80907101522uf27ee4bna8f7375dc9d871f0@mail.gmail.com>
	 <bd9320b30907101608m6c0c6e9bta589fd06213a9911@mail.gmail.com>
Message-ID: <e0af94b80907102358r6a065509y74b2aae26bfdc06a@mail.gmail.com>

The nice thing about gitosis over svnadmin is that gitosis itself is
in a repository and does it's work with post-commit-hooks so you can
have a couple people able to manage it.  However, I agree that
essentially it is the same situation for developers as svn+ssh (aside
from the extra branching capabilities of git and decentralized nature)
which is why I said it was in the same vein :P.

On Fri, Jul 10, 2009 at 4:08 PM, Michael Shadle<mike503 at gmail.com> wrote:
> it's basically the same method using svn+ssh the way i'm using it
> (i've used gitosis too, it essentially just manages your
> authorized_keys file with the right command line stuff)
>
> so this gives the same benefits as gitosis. i wonder if anyone has
> svnosis out there :)
>
> On Fri, Jul 10, 2009 at 3:22 PM, merlin corey<merlincorey at dc949.org> wrote:
>> Even better, in my opinion, and long the same vein, is git, which uses
>> a single user account with SSH key access to multiple
>> users/repositories (check out gitosis for a nice management setup
>> using git itself).
>>
>> On Fri, Jul 10, 2009 at 2:30 PM, Michael Shadle<mike503 at gmail.com> wrote:
>>> ssh+svn is neat too, you can use ssh keys for auth, and it's encrypted
>>> too. only needs a single user account on the svn server too.
>
>




From nginx-list at deepstorm.com  Sat Jul 11 11:28:05 2009
From: nginx-list at deepstorm.com (Shawn Grunberger)
Date: Sat, 11 Jul 2009 00:28:05 -0700
Subject: Setting headers on subrequests
Message-ID: <596495cd0907110028w49d87935n8d23775c8c956b@mail.gmail.com>

I'm investigating a bug in Evan Miller's excellent mod_zip add-on.

The mod_zip code, running as a filter, issues one or more subrequests.
To support byte ranges, Evan sends a different Range header with each
subrequest (thus relying on nginx's built-in Range filter to do the
actual truncation). To accomplish this, the code modifies the
r->headers_in.range structure of the main request before each call to
ngx_http_subrequest (the code calls this "a dirty hack"). In
psuedocode it looks like this:

while (rc == NGX_OK && more_subrequests_to_make) {
    modify r->headers_in.range
    rc = ngx_http_subrequest(r, uri, args, &sr, NULL, 0)
}
return rc

Assume that each call to ngx_http_subrequest returns NGX_OK (in other
words, the subrequests require no network access). In that case, this
code works in nginx 0.7.24 and below. A subrequest's headers are
committed and sent immediately after the call to ngx_http_subrequest.
In 0.7.25 and above, however, this code fails to set a unique header
per subrequest. Instead, all subrequests inherit the Range header set
in the final loop iteration. In other words, no subrequest is
committed and sent until after the loop completes.

Is there a "proper" way to set different header values per subrequest?




From antonio04 at gmail.com  Sat Jul 11 12:05:59 2009
From: antonio04 at gmail.com (Antonio L.)
Date: Sat, 11 Jul 2009 01:05:59 -0700
Subject: Dramatic slowdown on increased connections (fbsd/nginx/php-fpm)
Message-ID: <d37f2aa10907110105n79787d8fn5046345b6298290a@mail.gmail.com>

Hi folks --
I apologize in advance, as this isn't necessarily a clear-cut Nginx issue
per se, but I'd appreciate any pointers that anyone might have.

I'm transitioning a web site with app servers currently running
FreeBSD/Apache/mod_php into a new setup where they will run nginx+php-fpm. I
have been testing with a machine that is running FreeBSD 7.1-Release,
nginx/0.7.60, PHP 5.2.8/fpm-0.5.10.  It's a dual quad-core (Xeon 5405) with
12GB.

I offloaded some live traffic from our app servers to this test server to
see how it performed, gradually increasing the load.  We got to around 250
reqs/s (measured using the nginx stub status module -- and it's purely
dynamic traffic -- static stuff is served separately) with no strain on the
server (avg load on procs was < 1, no disk blocking in vmstat, etc.).

As soon as we passed the 250 req/s mark, we witnessed an instant slowdown.
 On the nginx status page, "Writing: " jumps from approx. 15-20 to over 2000
(continuing to pile up rapidly).  However, server load stays constant and I
didn't notice significant I/O changes (in vmstat/iostat) -- but maybe I
missed something.  Likewise, kern.openfiles rose to maybe ~ 2000 (well below
the limit) and kern.ipc.numopensockets was similar.

This occurs if we keep the load constant at around 200 reqs/s, just not as
fast -- after a couple of hours, though, the same thing happens -- and
traffic just piles up.  The only way we can resolve it is to restart nginx /
php-fpm and decrease the traffic load sent to the server.

This is what my /boot/loader.conf looks like:
kern.maxdsiz="11264M"
kern.dfldsiz="768M"
kern.maxssiz="256MB"
vm.kmem_size="1400M"
kern.maxbcache="64M"
kern.ipc.maxpipekva="4M"
kern.maxfiles="65536"
kern.ipc.nmbclusters="65536"

And /etc/sysctl.conf contains:
kern.ipc.somaxconn=8192
kern.ipc.nmbclusters=32768

In php-fpm.conf I've got rlimit_files set to 30000 and max_children to 200.

Does anyone have any advice on how to further investigate this issue?  I
would expect the load on the server to gradually increase, not pile up like
this, so I assume some system or software configuration value must be
holding this back.

Thanks!

Antonio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090711/e91c86ec/attachment.html>

From lists at ruby-forum.com  Sat Jul 11 19:13:20 2009
From: lists at ruby-forum.com (Andreas Vieten)
Date: Sat, 11 Jul 2009 17:13:20 +0200
Subject: Can't start nginx
Message-ID: <808d0ac45d2eeeabbc7dbf3881810c7b@ruby-forum.com>

Hello,

I've tried a serveral times to start nginx but it always ends with no
happy end.

Download and compiling is no problem for me.

So here goes my way that i do it:

1) cd /tmp
   wget wget http://sysoev.ru/nginx/nginx-0.7.61.tar.gz
   tar xvfz nginx-0.7.61.tar.gz
   cd nginx-0.7.61

./configure \
  --prefix=/usr \
  --conf-path=/etc/nginx/nginx.conf \
  --http-log-path=/var/log/nginx/access_log \
  --error-log-path=/var/log/nginx/error_log \
  --pid-path=/var/run/nginx.pid \
  --http-client-body-temp-path=/var/tmp/nginx/client \
  --http-proxy-temp-path=/var/tmp/nginx/proxy \
  --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi \
  --with-md5-asm --with-md5=/usr/include \
  --with-http_realip_module \
  --with-http_ssl_module \
  --with-http_stub_status_module

   make
   make install

2) vi /etc/init.d/nginx


#! /bin/sh

### BEGIN INIT INFO
# Provides:          nginx
# Required-Start:    $all
# Required-Stop:     $all
# Default-Start:     2 3 4 5
# Default-Stop:      0 1 6
# Short-Description: starts the nginx web server
# Description:       starts nginx using start-stop-daemon
### END INIT INFO

PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
DAEMON=/usr/local/sbin/nginx
NAME=nginx
DESC=nginx

test -x $DAEMON || exit 0

# Include nginx defaults if available
if [ -f /etc/default/nginx ] ; then
        . /etc/default/nginx
fi

set -e

case "$1" in
  start)
        echo -n "Starting $DESC: "
        start-stop-daemon --start --quiet --pidfile
/usr/local/nginx/logs/nginx.pid --exec $DAEMON -- $DAEMON_OPTS
        echo "$NAME."
        ;;
  stop)
        echo -n "Stopping $DESC: "
        start-stop-daemon --stop --quiet --pidfile
/usr/local/nginx/logs/nginx.pid --exec $DAEMON
        echo "$NAME."
        ;;
  restart|force-reload)
        echo -n "Restarting $DESC: "
        start-stop-daemon --stop --quiet --pidfile
/usr/local/nginx/logs/nginx.pid --exec $DAEMON
        sleep 1
        start-stop-daemon --start --quiet --pidfile
/usr/local/nginx/logs/nginx.pid --exec $DAEMON -- $DAEMON_OPTS
        echo "$NAME."
        ;;
  reload)
      echo -n "Reloading $DESC configuration: "
      start-stop-daemon --stop --signal HUP --quiet --pidfile
/usr/local/nginx/logs/nginx.pid --exec $DAEMON
      echo "$NAME."
      ;;
  *)
        N=/etc/init.d/$NAME
        echo "Usage: $N {start|stop|restart|force-reload}" >&2
        exit 1
        ;;
esac

exit 0

3) chmod 755 /etc/init.d/nginx

4) /etc/init.d/nginx start

But it won't start because of this error here:

(root)-(/tmp/nginx-0.7.61) $ /etc/init.d/nginx start
/etc/init.d/nginx: line 1: N: command not found
-- 
Posted via http://www.ruby-forum.com/.




From mikemc-nginx at terabytemedia.com  Sat Jul 11 20:28:01 2009
From: mikemc-nginx at terabytemedia.com (Michael McCallister)
Date: Sat, 11 Jul 2009 09:28:01 -0700
Subject: behaviour changes upgrading from nginx .6.x to .7.x
Message-ID: <4A58BD91.3090909@terabytemedia.com>

Greetings,

First, thanks for nginx - very cool web server.  Next, upon upgrading 
from 0.6.36 to 0.7.61 I noticed some changes in behaviour which prompted 
me to downgrade back to 0.6.36 until I could further understand the 
changes between .6.x and .7.x.  More specifically, here is where things 
worked differently:

Given this rewrite rule:  rewrite ^/[Aa]rticles/?(.*) /search.php?q=$1;

This URL: /Articles/highway+diesel+vehicles

Would generate the following $_GET in php (5.2.8 using fpm) and nginx 
(0.6.36):

array (
  'q' => 'highway diesel vehicles',
)

Whereas the same exact URL would generate the following $_GET in php 
(5.2.8 using fpm - no changes to php) and nginx (0.7.61 - nginx is the 
only thing that changed):

array (
  'q' => 'highway+diesel+vehicles',
)

I view the behaviour under nginx 0.6.36 as correct while the behaviour 
under 0.7.61 does not result in the expected value.  Obviously it is 
trivial to workaround this issue, but this leads up to my main concern - 
what else behaves differently?  I tried to find documentation outlining 
upgrade considerations while migrating from .6.x to .7.x but could not 
find any - my apologies if I missed them and/or am asking a question 
already addressed previously on the list.

So I guess I really have two questions considering the above:

1) Is the above behaviour in .7.x expected?
2) Is there a list of things to watch out for when changing from .6.x to 
.7.x?

Any help is greatly appreciated and thanks again for nginx.

Michael





From cliff at develix.com  Sat Jul 11 22:35:15 2009
From: cliff at develix.com (Cliff Wells)
Date: Sat, 11 Jul 2009 11:35:15 -0700
Subject: Serving Dynamic js files
In-Reply-To: <3cdc0eccaf279b05a0ec7467c74201aa@ruby-forum.com>
References: <3cdc0eccaf279b05a0ec7467c74201aa@ruby-forum.com>
Message-ID: <1247337315.3689.67.camel@portable-evil>

On Sat, 2009-07-11 at 08:03 +0200, Qaiser Wali wrote:
> I have a controller named javascripts and in my view i have few .js.erb
> files.
> 
> on my local machine, i can include the .js as a regular script file and
> it works fine. on my production machine i am not sure how to configure
> nginx that it can recognize both the folders public/javascripts and
> apps/views/javascripts and serve javascripts from both these places.

Use two locations.      

location /public/javascripts { 
    root /someplace/public/javascripts;
}

location /views/javascripts { 
    proxy_pass http://127.0.0.1; # proxy to rails
}

Then just refer to the two urls in your templates.


Cliff

-- 
http://www.google.com/search?q=vonage+sucks





From nginx-forum at nginx.us  Mon Jul 13 00:13:17 2009
From: nginx-forum at nginx.us (compute)
Date: Sun, 12 Jul 2009 16:13:17 -0400
Subject: Howto update to the latest version?
Message-ID: <a6ceb37bc02ba93da3624302fca0fb8d.NginxMailingList@forum.nginx.org>

Hello,

i've installed nginx on debian via 

But it is not the latest version it is only a old one 


So how can i update for example to the latest version? 

Best regards.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3994,3994#msg-3994





From almir at almirkaric.com  Mon Jul 13 00:55:51 2009
From: almir at almirkaric.com (Almir Karic)
Date: Sun, 12 Jul 2009 13:55:51 -0700
Subject: Howto update to the latest version?
In-Reply-To: <a6ceb37bc02ba93da3624302fca0fb8d.NginxMailingList@forum.nginx.org>
References: <a6ceb37bc02ba93da3624302fca0fb8d.NginxMailingList@forum.nginx.org>
Message-ID: <2b6a8c330907121355j67dd4a97lf318087d08dd3f85@mail.gmail.com>

why do you want to update? if there is no feature you need from new
versions i'd advise to stay with what debian provides.

if you insist on upgrading, you will have to download the source,
compile it and install :-), something ala
http://www.softwareprojects.com/resources/programming/t-recompileupgrade-nginx-binary-with-no-down-time-1520.html
only that for /etc/init.d/nginx to work as expected you will have to
change the paths which are passed to ./configure.


On Sun, Jul 12, 2009 at 1:13 PM, compute<nginx-forum at nginx.us> wrote:
> Hello,
>
> i've installed nginx on debian via
>
> But it is not the latest version it is only a old one
>
>
> So how can i update for example to the latest version?
>
> Best regards.
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3994,3994#msg-3994
>
>
>



-- 
python/django hacker & sys admin
almirkaric.com & twitter.com/redduck666




From merlincorey at dc949.org  Mon Jul 13 05:51:42 2009
From: merlincorey at dc949.org (merlin corey)
Date: Sun, 12 Jul 2009 18:51:42 -0700
Subject: Howto update to the latest version?
In-Reply-To: <2b6a8c330907121355j67dd4a97lf318087d08dd3f85@mail.gmail.com>
References: <a6ceb37bc02ba93da3624302fca0fb8d.NginxMailingList@forum.nginx.org>
	 <2b6a8c330907121355j67dd4a97lf318087d08dd3f85@mail.gmail.com>
Message-ID: <e0af94b80907121851x6866b9m40c4d6807fb44a5d@mail.gmail.com>

You can get the current configure string with nginx -V at the
commandline.  This makes replacing nginx binaries a breeze.

For your debian related questions, you should really be looking for
debian related resources.  It sounds like perhaps you are on etch with
nginx 0.5.x (though you did not say) and if that is the case, I agree
with the above poster - *if it ain't broke DON'T fix it* .  The
"debian way" is for stable branches to keep the packages they were
given - this keeps them stable!  If you need a newer version of
software on debian (the debian way), you either need to get a
"backport", make your own package, or update to a newer release off
the operating system.

-- Merlin

On Sun, Jul 12, 2009 at 1:55 PM, Almir Karic<almir at almirkaric.com> wrote:
> why do you want to update? if there is no feature you need from new
> versions i'd advise to stay with what debian provides.
>
> if you insist on upgrading, you will have to download the source,
> compile it and install :-), something ala
> http://www.softwareprojects.com/resources/programming/t-recompileupgrade-nginx-binary-with-no-down-time-1520.html
> only that for /etc/init.d/nginx to work as expected you will have to
> change the paths which are passed to ./configure.
>
>
> On Sun, Jul 12, 2009 at 1:13 PM, compute<nginx-forum at nginx.us> wrote:
>> Hello,
>>
>> i've installed nginx on debian via
>>
>> But it is not the latest version it is only a old one
>>
>>
>> So how can i update for example to the latest version?
>>
>> Best regards.
>>
>> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3994,3994#msg-3994
>>
>>
>>
>
>
>
> --
> python/django hacker & sys admin
> almirkaric.com & twitter.com/redduck666
>
>




From merlincorey at dc949.org  Mon Jul 13 11:17:02 2009
From: merlincorey at dc949.org (merlin corey)
Date: Mon, 13 Jul 2009 00:17:02 -0700
Subject: SSL server_name support, single server block plain/SSL, et al in 
	0.8.x ?
Message-ID: <e0af94b80907130017q4c6671eeie8c64116f7d7c38d@mail.gmail.com>

Hello,

I had a long chat with a user in the IRC channel about SSL in nginx.
Initially, it started out talking about hosting multiple domains with
SSL on the same address.  They pointed me to
http://tools.ietf.org/html/rfc4366#section-3.1 which seems fairly
straightforward and I am curious if there is interest in this or if
Igor plans to implement it at some point in future anyway.

Also, through talking with him, he showed me his idea for how the SSL
support should work.  It went more or less like this:

ssl_certificate      /etc/ssl/custom/supercatchall.crt;
ssl_certificate_key  /etc/ssl/custom/supercatchall.key;
server {
  listen 80;
  listen 443;	
  if(port = 443) {
    ssl on;
  }
  ... normal server config ...
}
... repeated for several servers apparently on same IP ...

I tried to talk him out of using if and using a separate server block
for 443 and 80 ports for each server, and just including common
configuration.  Apparently, this does not currently work, but it seems
it should be more or less usable, I think he was having problems with
using default ssl in the listen line and NginX would not bind multiple
times.  At any rate, he also complained about the "roundabout
redundancy" of the config.  That got me to thinking, would something
like the following be desirable, and how difficult to implement would
it be?

server {
  listen 80;
  listen 443;
  ssl on 443;
  ... normal server config ...
}

My gut instinct tells me this would be a lot more work than simply
allowing multiple SSL hosts per IP address, but it does seem to have a
nice ring to it, this late in the day.

So to summarize, I am curious if 0.8.x is planned to support multiple
SSL hosts per IP, if that feature is even desired by anyone (or maybe
other ways to do it, in case I see this problem again!), and finally
anyone and everyone's thoughts on the above syntax to unify config for
SSL and non SSL (you could still use separate blocks if the
configuration is not exactly the same for plain and SSL, of course).

Thanks,
Merlin




From almir at almirkaric.com  Mon Jul 13 11:53:41 2009
From: almir at almirkaric.com (Almir Karic)
Date: Mon, 13 Jul 2009 00:53:41 -0700
Subject: SSL server_name support, single server block plain/SSL, et al in 
	0.8.x ?
In-Reply-To: <e0af94b80907130017q4c6671eeie8c64116f7d7c38d@mail.gmail.com>
References: <e0af94b80907130017q4c6671eeie8c64116f7d7c38d@mail.gmail.com>
Message-ID: <2b6a8c330907130053h5a87e8dcl851442ad505420f@mail.gmail.com>

You can't do multiple SSL hosts on an ip :-), as you can see on the
top of the document you linked to that is for TLS. Nginx already knows
SNI. IIRC the issue is if client supports SNI.

As for the if(), you don't need it:
http://serverfault.com/questions/10854/nginx-https-serving-with-same-config-as-http
:-)


python/django hacker & sys admin
http://almirkaric.com & http://twitter.com/redduck666



On Mon, Jul 13, 2009 at 12:17 AM, merlin corey<merlincorey at dc949.org> wrote:
> Hello,
>
> I had a long chat with a user in the IRC channel about SSL in nginx.
> Initially, it started out talking about hosting multiple domains with
> SSL on the same address. ?They pointed me to
> http://tools.ietf.org/html/rfc4366#section-3.1 which seems fairly
> straightforward and I am curious if there is interest in this or if
> Igor plans to implement it at some point in future anyway.
>
> Also, through talking with him, he showed me his idea for how the SSL
> support should work. ?It went more or less like this:
>
> ssl_certificate ? ? ?/etc/ssl/custom/supercatchall.crt;
> ssl_certificate_key ?/etc/ssl/custom/supercatchall.key;
> server {
> ?listen 80;
> ?listen 443;
> ?if(port = 443) {
> ? ?ssl on;
> ?}
> ?... normal server config ...
> }
> ... repeated for several servers apparently on same IP ...
>
> I tried to talk him out of using if and using a separate server block
> for 443 and 80 ports for each server, and just including common
> configuration. ?Apparently, this does not currently work, but it seems
> it should be more or less usable, I think he was having problems with
> using default ssl in the listen line and NginX would not bind multiple
> times. ?At any rate, he also complained about the "roundabout
> redundancy" of the config. ?That got me to thinking, would something
> like the following be desirable, and how difficult to implement would
> it be?
>
> server {
> ?listen 80;
> ?listen 443;
> ?ssl on 443;
> ?... normal server config ...
> }
>
> My gut instinct tells me this would be a lot more work than simply
> allowing multiple SSL hosts per IP address, but it does seem to have a
> nice ring to it, this late in the day.
>
> So to summarize, I am curious if 0.8.x is planned to support multiple
> SSL hosts per IP, if that feature is even desired by anyone (or maybe
> other ways to do it, in case I see this problem again!), and finally
> anyone and everyone's thoughts on the above syntax to unify config for
> SSL and non SSL (you could still use separate blocks if the
> configuration is not exactly the same for plain and SSL, of course).
>
> Thanks,
> Merlin
>
>




From denis at gostats.ru  Mon Jul 13 11:58:50 2009
From: denis at gostats.ru (Denis F. Latypoff)
Date: Mon, 13 Jul 2009 14:58:50 +0700
Subject: SSL server_name support, single server block plain/SSL, et al in  0.8.x ?
In-Reply-To: <e0af94b80907130017q4c6671eeie8c64116f7d7c38d@mail.gmail.com>
References: <e0af94b80907130017q4c6671eeie8c64116f7d7c38d@mail.gmail.com>
Message-ID: <186732783.20090713145850@gostats.ru>

Hello merlin,

Monday, July 13, 2009, 2:17:02 PM, you wrote:

> Hello,

> I had a long chat with a user in the IRC channel about SSL in nginx.
> Initially, it started out talking about hosting multiple domains with
> SSL on the same address.  They pointed me to
> http://tools.ietf.org/html/rfc4366#section-3.1 which seems fairly
> straightforward and I am curious if there is interest in this or if
> Igor plans to implement it at some point in future anyway.

> Also, through talking with him, he showed me his idea for how the SSL
> support should work.  It went more or less like this:

> ssl_certificate      /etc/ssl/custom/supercatchall.crt;
> ssl_certificate_key  /etc/ssl/custom/supercatchall.key;
> server {
>   listen 80;
>   listen 443;   
>   if(port = 443) {
>     ssl on;
>   }
>   ... normal server config ...
> }
> ... repeated for several servers apparently on same IP ...

> I tried to talk him out of using if and using a separate server block
> for 443 and 80 ports for each server, and just including common
> configuration.  Apparently, this does not currently work, but it seems
> it should be more or less usable, I think he was having problems with
> using default ssl in the listen line and NginX would not bind multiple
> times.  At any rate, he also complained about the "roundabout
> redundancy" of the config.  That got me to thinking, would something
> like the following be desirable, and how difficult to implement would
> it be?

> server {
>   listen 80;
>   listen 443;
>   ssl on 443;
>   ... normal server config ...
> }

> My gut instinct tells me this would be a lot more work than simply
> allowing multiple SSL hosts per IP address, but it does seem to have a
> nice ring to it, this late in the day.

> So to summarize, I am curious if 0.8.x is planned to support multiple
> SSL hosts per IP, if that feature is even desired by anyone (or maybe
> other ways to do it, in case I see this problem again!), and finally
> anyone and everyone's thoughts on the above syntax to unify config for
> SSL and non SSL (you could still use separate blocks if the
> configuration is not exactly the same for plain and SSL, of course).

> Thanks,
> Merlin

http://wiki.nginx.org/NginxHttpCoreModule#listen

server {
    listen 80;
    listen 443 ssl;
    ... normal server config ...
}

-- 
Best regards,
 Denis                            mailto:denis at gostats.ru





From glen at lumanau.web.id  Mon Jul 13 12:09:12 2009
From: glen at lumanau.web.id (Glen Lumanau)
Date: Mon, 13 Jul 2009 15:09:12 +0700
Subject: [confused] a client request body is buffered to a temporary file
Message-ID: <000001ca0391$366a2e30$a33e8a90$@web.id>

I tried to find on google for the solution for this

But still no luck

 

2009/07/13 15:05:22 [warn] 32467#0: *6899 a client request body is buffered
to a temporary file /var/lib/nginx/body/0/00/0000000000, client:
192.168.254.16, server: mydomain.com, request: "POST /backend.php/F3/saveTV
HTTP/1.0", host: "mydomain.com", referrer:
http://mydomain.com/backend.php/F3/add

 

Here's the config that I used

 

server {

          listen        80 default;

          server_name   mydomain.com www.mydomain.com;

          root          /home/web;

          index         index.php;

 

          charset utf-8;

 

          location ~ \.(gif|jpg|png|jpeg|swf|js|css|flv)$ {

                expires     30d;

          }

 

          location / {

           proxy_set_header  X-Real-IP  $remote_addr;

           proxy_set_header Host $http_host;

           proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;

 

           proxy_pass                   http://127.0.0.1:8080;

 

           client_max_body_size         500m;

           client_body_buffer_size      1024k;

 

           proxy_connect_timeout        100;

           proxy_send_timeout           100;

           proxy_read_timeout           100;

 

           fastcgi_read_timeout         180;

 

           proxy_buffer_size            64k;

           proxy_buffers                4 64k;

           proxy_busy_buffers_size      128k;

           proxy_temp_file_write_size   128k;

          }

        }

 

Help me please.. i'm so confused

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090713/a35f9b51/attachment.html>

From is at rambler-co.ru  Mon Jul 13 12:07:21 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Mon, 13 Jul 2009 12:07:21 +0400
Subject: SSL server_name support, single server block plain/SSL, et al in 0.8.x ?
In-Reply-To: <e0af94b80907130017q4c6671eeie8c64116f7d7c38d@mail.gmail.com>
References: <e0af94b80907130017q4c6671eeie8c64116f7d7c38d@mail.gmail.com>
Message-ID: <20090713080721.GA4512@rambler-co.ru>

On Mon, Jul 13, 2009 at 12:17:02AM -0700, merlin corey wrote:

> Hello,
> 
> I had a long chat with a user in the IRC channel about SSL in nginx.
> Initially, it started out talking about hosting multiple domains with
> SSL on the same address.  They pointed me to
> http://tools.ietf.org/html/rfc4366#section-3.1 which seems fairly
> straightforward and I am curious if there is interest in this or if
> Igor plans to implement it at some point in future anyway.

nginx supports SNI since 0.5.23. You just need OpenSSL built with
SNI support. The main issue, however, are browsers: MSIE 6 and Windows XP
do not support SNI and MSIE 6 is still in use:
http://weblogs.mozillazine.org/asa/archives/2009/07/internet_explorer_6.html

> Also, through talking with him, he showed me his idea for how the SSL
> support should work.  It went more or less like this:
> 
> ssl_certificate      /etc/ssl/custom/supercatchall.crt;
> ssl_certificate_key  /etc/ssl/custom/supercatchall.key;
> server {
>   listen 80;
>   listen 443;	
>   if(port = 443) {
>     ssl on;
>   }
>   ... normal server config ...
> }
> ... repeated for several servers apparently on same IP ...
> 
> I tried to talk him out of using if and using a separate server block
> for 443 and 80 ports for each server, and just including common
> configuration.  Apparently, this does not currently work, but it seems
> it should be more or less usable, I think he was having problems with
> using default ssl in the listen line and NginX would not bind multiple
> times.  At any rate, he also complained about the "roundabout
> redundancy" of the config.  That got me to thinking, would something
> like the following be desirable, and how difficult to implement would
> it be?
> 
> server {
>   listen 80;
>   listen 443;
>   ssl on 443;
>   ... normal server config ...
> }
> 
> My gut instinct tells me this would be a lot more work than simply
> allowing multiple SSL hosts per IP address, but it does seem to have a
> nice ring to it, this late in the day.
> 
> So to summarize, I am curious if 0.8.x is planned to support multiple
> SSL hosts per IP, if that feature is even desired by anyone (or maybe
> other ways to do it, in case I see this problem again!), and finally
> anyone and everyone's thoughts on the above syntax to unify config for
> SSL and non SSL (you could still use separate blocks if the
> configuration is not exactly the same for plain and SSL, of course).

Since 0.7.14 you can use:

    server {
       listen 80;
       listen 443 default ssl;
       ...


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Mon Jul 13 12:23:59 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Mon, 13 Jul 2009 12:23:59 +0400
Subject: [confused] a client request body is buffered to a temporary file
In-Reply-To: <000001ca0391$366a2e30$a33e8a90$@web.id>
References: <000001ca0391$366a2e30$a33e8a90$@web.id>
Message-ID: <20090713082359.GB4512@rambler-co.ru>

On Mon, Jul 13, 2009 at 03:09:12PM +0700, Glen Lumanau wrote:

> I tried to find on google for the solution for this
> 
> But still no luck
> 
>  
> 
> 2009/07/13 15:05:22 [warn] 32467#0: *6899 a client request body is buffered
> to a temporary file /var/lib/nginx/body/0/00/0000000000, client:
> 192.168.254.16, server: mydomain.com, request: "POST /backend.php/F3/saveTV
> HTTP/1.0", host: "mydomain.com", referrer:
> http://mydomain.com/backend.php/F3/add
> 
>  
> 
> Here's the config that I used
> 
>  
> 
> server {
> 
>           listen        80 default;
> 
>           server_name   mydomain.com www.mydomain.com;
> 
>           root          /home/web;
> 
>           index         index.php;
> 
>  
> 
>           charset utf-8;
> 
>  
> 
>           location ~ \.(gif|jpg|png|jpeg|swf|js|css|flv)$ {
> 
>                 expires     30d;
> 
>           }
> 
>  
> 
>           location / {
> 
>            proxy_set_header  X-Real-IP  $remote_addr;
> 
>            proxy_set_header Host $http_host;
> 
>            proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
> 
>  
> 
>            proxy_pass                   http://127.0.0.1:8080;
> 
>  
> 
>            client_max_body_size         500m;
> 
>            client_body_buffer_size      1024k;

You need to increase client_body_buffer_size.

>            proxy_connect_timeout        100;
> 
>            proxy_send_timeout           100;
> 
>            proxy_read_timeout           100;
> 
>  
> 
>            fastcgi_read_timeout         180;
> 
>  
> 
>            proxy_buffer_size            64k;
> 
>            proxy_buffers                4 64k;
> 
>            proxy_busy_buffers_size      128k;
> 
>            proxy_temp_file_write_size   128k;
> 
>           }
> 
>         }
> 
>  
> 
> Help me please.. i'm so confused


-- 
Igor Sysoev
http://sysoev.ru/en/




From glen at lumanau.web.id  Mon Jul 13 13:17:33 2009
From: glen at lumanau.web.id (Glen Lumanau)
Date: Mon, 13 Jul 2009 16:17:33 +0700
Subject: [confused] a client request body is buffered to a temporary file
In-Reply-To: <20090713082359.GB4512@rambler-co.ru>
References: <000001ca0391$366a2e30$a33e8a90$@web.id> <20090713082359.GB4512@rambler-co.ru>
Message-ID: <000501ca039a$c32550d0$496ff270$@web.id>

Thank's it's working now

But have onother issue
I'm uploading a video to my backend.

I saw no errors found on the error.log
But the videos seems can't be copied to the destination folder.
Before using nginx as reverse proxy, it can be copied without any problem.

Any suggestions how can I check that?

-----Original Message-----
From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of Igor
Sysoev
Sent: 13 Juli 2009 15:24
To: nginx at sysoev.ru
Subject: Re: [confused] a client request body is buffered to a temporary
file

On Mon, Jul 13, 2009 at 03:09:12PM +0700, Glen Lumanau wrote:

> I tried to find on google for the solution for this
> 
> But still no luck
> 
>  
> 
> 2009/07/13 15:05:22 [warn] 32467#0: *6899 a client request body is
buffered
> to a temporary file /var/lib/nginx/body/0/00/0000000000, client:
> 192.168.254.16, server: mydomain.com, request: "POST
/backend.php/F3/saveTV
> HTTP/1.0", host: "mydomain.com", referrer:
> http://mydomain.com/backend.php/F3/add
> 
>  
> 
> Here's the config that I used
> 
>  
> 
> server {
> 
>           listen        80 default;
> 
>           server_name   mydomain.com www.mydomain.com;
> 
>           root          /home/web;
> 
>           index         index.php;
> 
>  
> 
>           charset utf-8;
> 
>  
> 
>           location ~ \.(gif|jpg|png|jpeg|swf|js|css|flv)$ {
> 
>                 expires     30d;
> 
>           }
> 
>  
> 
>           location / {
> 
>            proxy_set_header  X-Real-IP  $remote_addr;
> 
>            proxy_set_header Host $http_host;
> 
>            proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
> 
>  
> 
>            proxy_pass                   http://127.0.0.1:8080;
> 
>  
> 
>            client_max_body_size         500m;
> 
>            client_body_buffer_size      1024k;

You need to increase client_body_buffer_size.

>            proxy_connect_timeout        100;
> 
>            proxy_send_timeout           100;
> 
>            proxy_read_timeout           100;
> 
>  
> 
>            fastcgi_read_timeout         180;
> 
>  
> 
>            proxy_buffer_size            64k;
> 
>            proxy_buffers                4 64k;
> 
>            proxy_busy_buffers_size      128k;
> 
>            proxy_temp_file_write_size   128k;
> 
>           }
> 
>         }
> 
>  
> 
> Help me please.. i'm so confused


-- 
Igor Sysoev
http://sysoev.ru/en/





From mdounin at mdounin.ru  Mon Jul 13 15:33:21 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Mon, 13 Jul 2009 15:33:21 +0400
Subject: Cache questions
In-Reply-To: <4A57D142.2070501@gmail.com>
References: <4A57D142.2070501@gmail.com>
Message-ID: <20090713113321.GH67302@mdounin.ru>

Hello!

On Fri, Jul 10, 2009 at 07:39:46PM -0400, Jim Ohlstein wrote:

> I'm using the fastcgi cache for static files (images, javascript,css)  
> and just found multiple lines in the error log like this one:
>
> 2009/07/10 10:22:54 [crit] 22476#0: ngx_slab_alloc() failed: no memory  
> in cache keys zone "one"
>
> So I increased the memory available for the zone and reloaded nginx. It  
> took over five hours to go through the cache but these are the relevant  
> entries:
>
> 2009/07/10 12:11:03 [notice] 21038#0: start cache manager process 32730
> 2009/07/10 12:11:04 [notice] 21038#0: cache manager process 22480 exited  
> with code 0
>
> and finally
>
> 2009/07/10 17:43:27 [notice] 32730#0: http file cache:  
> /usr/local/nginx/cache 11638.289M, bsize: 4096
>
> My questions are:
>
> Is that simply the total (11638.289MB or 11.4GB) of all of the file  
> sizes, or is that the actual disk space consumed taking into account  
> total number of blocks used multiplied by the block size? The number  

It's size on disk (i.e. number of blocks * block size), but for 
files only (it doesn't take directories into account).

> could be quite different given what I estimate are nearly one million  
> mostly small files in the cache at this point.
>
> When I next upgrade nginx (I'm running 0.8.4), and I attempt a "graceful  
> upgrade" will it have to go through this entire process again?

Yes.  Binary upgrade doesn't preserve shared memory zones, so 
cache will be rescanned again.

Note that nginx uses cache even before it was completely scanned, 
so it shouldn't be a problem.

Maxim Dounin




From mdounin at mdounin.ru  Mon Jul 13 15:52:31 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Mon, 13 Jul 2009 15:52:31 +0400
Subject: Can't start nginx
In-Reply-To: <808d0ac45d2eeeabbc7dbf3881810c7b@ruby-forum.com>
References: <808d0ac45d2eeeabbc7dbf3881810c7b@ruby-forum.com>
Message-ID: <20090713115231.GI67302@mdounin.ru>

Hello!

On Sat, Jul 11, 2009 at 05:13:20PM +0200, Andreas Vieten wrote:

> Hello,
> 
> I've tried a serveral times to start nginx but it always ends with no
> happy end.
> 
> Download and compiling is no problem for me.
> 
> So here goes my way that i do it:
> 
> 1) cd /tmp
>    wget wget http://sysoev.ru/nginx/nginx-0.7.61.tar.gz
>    tar xvfz nginx-0.7.61.tar.gz
>    cd nginx-0.7.61
> 
> ./configure \
>   --prefix=/usr \

With this prefix and without --sbin-path set nginx will install 
it's binary into /usr/sbin/nginx.

>   --conf-path=/etc/nginx/nginx.conf \
>   --http-log-path=/var/log/nginx/access_log \
>   --error-log-path=/var/log/nginx/error_log \
>   --pid-path=/var/run/nginx.pid \
>   --http-client-body-temp-path=/var/tmp/nginx/client \
>   --http-proxy-temp-path=/var/tmp/nginx/proxy \
>   --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi \
>   --with-md5-asm --with-md5=/usr/include \

Do you have md5 library *sources* in /usr/include?  Note that 
--with-md5 specifies path to md5 library sources (and nginx will 
try to build them), it's not path to headers.

>   --with-http_realip_module \
>   --with-http_ssl_module \
>   --with-http_stub_status_module
> 
>    make
>    make install
> 
> 2) vi /etc/init.d/nginx
> 
> 
> #! /bin/sh
> 
> ### BEGIN INIT INFO
> # Provides:          nginx
> # Required-Start:    $all
> # Required-Stop:     $all
> # Default-Start:     2 3 4 5
> # Default-Stop:      0 1 6
> # Short-Description: starts the nginx web server
> # Description:       starts nginx using start-stop-daemon
> ### END INIT INFO
> 
> PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin
> DAEMON=/usr/local/sbin/nginx

Seems to be using /usr/local/sbin/nginx binary, while you've just 
compiled /usr/sbin/nginx one (if build succeded - I'm not sure due 
to wierd configure arguments).

Note that other parts of your init script assume /usr/local/... 
paths as well.

[...]

Maxim Dounin




From is at rambler-co.ru  Mon Jul 13 15:48:40 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Mon, 13 Jul 2009 15:48:40 +0400
Subject: Cache questions
In-Reply-To: <20090713113321.GH67302@mdounin.ru>
References: <4A57D142.2070501@gmail.com> <20090713113321.GH67302@mdounin.ru>
Message-ID: <20090713114840.GE9584@rambler-co.ru>

On Mon, Jul 13, 2009 at 03:33:21PM +0400, Maxim Dounin wrote:

> Hello!
> 
> On Fri, Jul 10, 2009 at 07:39:46PM -0400, Jim Ohlstein wrote:
> 
> > I'm using the fastcgi cache for static files (images, javascript,css)  
> > and just found multiple lines in the error log like this one:
> >
> > 2009/07/10 10:22:54 [crit] 22476#0: ngx_slab_alloc() failed: no memory  
> > in cache keys zone "one"
> >
> > So I increased the memory available for the zone and reloaded nginx. It  
> > took over five hours to go through the cache but these are the relevant  
> > entries:
> >
> > 2009/07/10 12:11:03 [notice] 21038#0: start cache manager process 32730
> > 2009/07/10 12:11:04 [notice] 21038#0: cache manager process 22480 exited  
> > with code 0
> >
> > and finally
> >
> > 2009/07/10 17:43:27 [notice] 32730#0: http file cache:  
> > /usr/local/nginx/cache 11638.289M, bsize: 4096
> >
> > My questions are:
> >
> > Is that simply the total (11638.289MB or 11.4GB) of all of the file  
> > sizes, or is that the actual disk space consumed taking into account  
> > total number of blocks used multiplied by the block size? The number  
> 
> It's size on disk (i.e. number of blocks * block size), but for 
> files only (it doesn't take directories into account).

Just note: nginx rounds a file size to the bsize.
bsize is f_bsize from statfs() or f_frsize from statvfs().
I'm not sure that bsize matches always a filesystem allocation unit.

> > could be quite different given what I estimate are nearly one million  
> > mostly small files in the cache at this point.
> >
> > When I next upgrade nginx (I'm running 0.8.4), and I attempt a "graceful  
> > upgrade" will it have to go through this entire process again?
> 
> Yes.  Binary upgrade doesn't preserve shared memory zones, so 
> cache will be rescanned again.
> 
> Note that nginx uses cache even before it was completely scanned, 
> so it shouldn't be a problem.
> 
> Maxim Dounin


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Mon Jul 13 15:54:53 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Mon, 13 Jul 2009 15:54:53 +0400
Subject: nginx-0.8.5
Message-ID: <20090713115453.GG9584@rambler-co.ru>

Changes with nginx 0.8.5                                         13 Jul 2009

    *) Bugfix: now nginx allows underscores in a request method.

    *) Bugfix: a 500 error code was returned for invalid login/password 
       while HTTP Basic authentication on Windows.

    *) Bugfix: ngx_http_perl_module responses did not work in subrequests.

    *) Bugfix: in ngx_http_limit_req_module.
       Thanks to Maxim Dounin.


-- 
Igor Sysoev
http://sysoev.ru/en/




From lists at ruby-forum.com  Mon Jul 13 16:14:29 2009
From: lists at ruby-forum.com (Robert Gabriel)
Date: Mon, 13 Jul 2009 14:14:29 +0200
Subject: Can't start nginx
In-Reply-To: <808d0ac45d2eeeabbc7dbf3881810c7b@ruby-forum.com>
References: <808d0ac45d2eeeabbc7dbf3881810c7b@ruby-forum.com>
Message-ID: <31f5a14539e362a7ad78e4cf31513f2b@ruby-forum.com>

Try this:

sh -x /etc/init.d/nginx start

and see what happen or put it in a reply, as you wish.
-- 
Posted via http://www.ruby-forum.com/.




From mdounin at mdounin.ru  Mon Jul 13 16:36:39 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Mon, 13 Jul 2009 16:36:39 +0400
Subject: behaviour changes upgrading from nginx .6.x to .7.x
In-Reply-To: <4A58BD91.3090909@terabytemedia.com>
References: <4A58BD91.3090909@terabytemedia.com>
Message-ID: <20090713123639.GJ67302@mdounin.ru>

Hello!

On Sat, Jul 11, 2009 at 09:28:01AM -0700, Michael McCallister wrote:

> Greetings,
>
> First, thanks for nginx - very cool web server.  Next, upon upgrading  
> from 0.6.36 to 0.7.61 I noticed some changes in behaviour which prompted  
> me to downgrade back to 0.6.36 until I could further understand the  
> changes between .6.x and .7.x.  More specifically, here is where things  
> worked differently:
>
> Given this rewrite rule:  rewrite ^/[Aa]rticles/?(.*) /search.php?q=$1;
>
> This URL: /Articles/highway+diesel+vehicles
>
> Would generate the following $_GET in php (5.2.8 using fpm) and nginx  
> (0.6.36):
>
> array (
>  'q' => 'highway diesel vehicles',
> )
>
> Whereas the same exact URL would generate the following $_GET in php  
> (5.2.8 using fpm - no changes to php) and nginx (0.7.61 - nginx is the  
> only thing that changed):
>
> array (
>  'q' => 'highway+diesel+vehicles',
> )
>
> I view the behaviour under nginx 0.6.36 as correct while the behaviour  
> under 0.7.61 does not result in the expected value.  Obviously it is  
> trivial to workaround this issue, but this leads up to my main concern -  
> what else behaves differently?  I tried to find documentation outlining  
> upgrade considerations while migrating from .6.x to .7.x but could not  
> find any - my apologies if I missed them and/or am asking a question  
> already addressed previously on the list.
>
> So I guess I really have two questions considering the above:
>
> 1) Is the above behaviour in .7.x expected?

Yes.  Changes with 0.7.14:

...

    *) Bugfix: if URI part captured by a "rewrite" directive was used as a 
       query string, then the query string was not escaped.

...

Note that 'highway+diesel+vehicles' is *unescaped* value ('+' 
has no special meaning when used in path component), and it's 
then escaped when used in query string to 'highway%2bdiesel%2bvehicles' 
(since '+' reserved in query string).  In it's turn php unescapes 
query string escaping and you see

$_GET[q] = 'highway+diesel+vehicles'

exactly as it was captured by your rewrite.

> 2) Is there a list of things to watch out for when changing from .6.x to  
> .7.x?

Changes are documented in CHANGES file in nginx sources
(online version available at http://nginx.net/CHANGES).  It's not 
exactly what you are asking about, but as far as I know it's all 
we currently have (and it worth reading anyway).

Maxim Dounin

>
> Any help is greatly appreciated and thanks again for nginx.
>
> Michael
>
>




From bing_ran at hotmail.com  Mon Jul 13 18:38:58 2009
From: bing_ran at hotmail.com (=?gb2312?B?yL2x+A==?=)
Date: Mon, 13 Jul 2009 22:38:58 +0800
Subject: HTTP limit
Message-ID: <BAY139-DS4DF0116DAF331F2B00AF5EF220@phx.gbl>

Hi,

I'm relatively new to nginx config scripting and I'm wondering if it's possible to exluding specific IP from either the  limit_conn or the limit_req directive. Will enclosing the directive in a 'if' directive will do the trick and a sample?

Thanks

Bing
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090713/d3898da3/attachment.html>

From jg at internetx.de  Mon Jul 13 18:51:27 2009
From: jg at internetx.de (Juergen Gotteswinter)
Date: Mon, 13 Jul 2009 16:51:27 +0200
Subject: nginx-0.8.5
In-Reply-To: <20090713115453.GG9584@rambler-co.ru>
References: <20090713115453.GG9584@rambler-co.ru>
Message-ID: <4A5B49EF.2030702@internetx.de>

Hello

Updated the SuSE RPMS in the opensuse-buildservice to 0.8.5

http://download.opensuse.org/repositories/server:/http/

Regards,

On 07/13/2009 01:54 PM, Igor Sysoev wrote:
> Changes with nginx 0.8.5                                         13 Jul 2009
>
>      *) Bugfix: now nginx allows underscores in a request method.
>
>      *) Bugfix: a 500 error code was returned for invalid login/password
>         while HTTP Basic authentication on Windows.
>
>      *) Bugfix: ngx_http_perl_module responses did not work in subrequests.
>
>      *) Bugfix: in ngx_http_limit_req_module.
>         Thanks to Maxim Dounin.
>
>
>    


-- 
InterNetX GmbH
Maximilianstrasse 6
D-93047 Regensburg

Tel. +49 941 59559-480
Fax  +49 941 59559-245

Gesch?ftsf?hrer/CEO: Thomas M?rz
Amtsgericht Regensburg, HRB 7142





From lists at ruby-forum.com  Mon Jul 13 20:03:33 2009
From: lists at ruby-forum.com (Shai Rosenfeld)
Date: Mon, 13 Jul 2009 18:03:33 +0200
Subject: Client-IP Rails issue
In-Reply-To: <bcd5161edbe45dd17dc9e232bb6904ef@ruby-forum.com>
References: <bcd5161edbe45dd17dc9e232bb6904ef@ruby-forum.com>
Message-ID: <fc470a042f8d6d8e9cd911206ab68aea@ruby-forum.com>

Hope this helps someone -

https://rails.lighthouseapp.com/projects/8994/tickets/322

Shai.
-- 
Posted via http://www.ruby-forum.com/.




From nginx-forum at nginx.us  Mon Jul 13 20:31:01 2009
From: nginx-forum at nginx.us (AndiV74)
Date: Mon, 13 Jul 2009 12:31:01 -0400
Subject: Can't start nginx
In-Reply-To: <31f5a14539e362a7ad78e4cf31513f2b@forum.nginx.org>
References: <808d0ac45d2eeeabbc7dbf3881810c7b@ruby-forum.com> <31f5a14539e362a7ad78e4cf31513f2b@forum.nginx.org>
Message-ID: <00c4f2c0c5f5117ff008508449c76065.NginxMailingList@forum.nginx.org>

Robert Gabriel Wrote:
-------------------------------------------------------
> Try this:
> 
> sh -x /etc/init.d/nginx start
> 
> and see what happen or put it in a reply, as you
> wish.
> -- 
> Posted via http://www.ruby-forum.com/.


Hello, it doesn't work either.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3989,4014#msg-4014





From support-nginx at oeko.net  Mon Jul 13 21:04:09 2009
From: support-nginx at oeko.net (Toni Mueller)
Date: Mon, 13 Jul 2009 19:04:09 +0200
Subject: 0.7.61: error_page 404 woes
Message-ID: <20090713170409.23831.qmail@oak.oeko.net>



Hi,

I'm having a problem with the error_page directive.

What I want is to redirect people who try to access a nonexistent page
to the home page of the site. Following
http://wiki.nginx.org/NginxHttpCoreModule#error_page , I configured

error_page	404	/;

But this statement had no effect. I had to re-write the statement as

error_page	404	http://$server_name/;

to get the desired effect, but don't quite understand, why.

TIA!


Kind regards,
--Toni++






From mikemc-nginx at terabytemedia.com  Mon Jul 13 21:48:30 2009
From: mikemc-nginx at terabytemedia.com (Michael McCallister)
Date: Mon, 13 Jul 2009 10:48:30 -0700
Subject: behaviour changes upgrading from nginx .6.x to .7.x
In-Reply-To: <20090713123639.GJ67302@mdounin.ru>
References: <4A58BD91.3090909@terabytemedia.com> <20090713123639.GJ67302@mdounin.ru>
Message-ID: <4A5B736E.80901@terabytemedia.com>

Maxim Dounin wrote:
> Hello!
>
> On Sat, Jul 11, 2009 at 09:28:01AM -0700, Michael McCallister wrote:
>   
> Yes.  Changes with 0.7.14:
>
> ...
>
>     *) Bugfix: if URI part captured by a "rewrite" directive was used as a 
>        query string, then the query string was not escaped.
>
> ...
>
> Note that 'highway+diesel+vehicles' is *unescaped* value ('+' 
> has no special meaning when used in path component), and it's 
> then escaped when used in query string to 'highway%2bdiesel%2bvehicles' 
> (since '+' reserved in query string).  In it's turn php unescapes 
> query string escaping and you see
>
> $_GET[q] = 'highway+diesel+vehicles'
>
> exactly as it was captured by your rewrite.
>
>   
>> 2) Is there a list of things to watch out for when changing from .6.x to  
>> .7.x?
>>     
>
> Changes are documented in CHANGES file in nginx sources
> (online version available at http://nginx.net/CHANGES).  It's not 
> exactly what you are asking about, but as far as I know it's all 
> we currently have (and it worth reading anyway).
>
> Maxim Dounin
Thanks





From is at rambler-co.ru  Mon Jul 13 22:22:25 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Mon, 13 Jul 2009 22:22:25 +0400
Subject: 0.7.61: error_page 404 woes
In-Reply-To: <20090713170409.23831.qmail@oak.oeko.net>
References: <20090713170409.23831.qmail@oak.oeko.net>
Message-ID: <20090713182225.GB15437@rambler-co.ru>

On Mon, Jul 13, 2009 at 07:04:09PM +0200, Toni Mueller wrote:

> 
> 
> Hi,
> 
> I'm having a problem with the error_page directive.
> 
> What I want is to redirect people who try to access a nonexistent page
> to the home page of the site. Following
> http://wiki.nginx.org/NginxHttpCoreModule#error_page , I configured
> 
> error_page	404	/;
> 
> But this statement had no effect. I had to re-write the statement as
> 
> error_page	404	http://$server_name/;
> 
> to get the desired effect, but don't quite understand, why.

Because the first statement does an internal redirect to /,
while the second one does an external redirect (302).


-- 
Igor Sysoev
http://sysoev.ru/en/




From support at oeko.net  Mon Jul 13 22:48:29 2009
From: support at oeko.net (Toni Mueller)
Date: Mon, 13 Jul 2009 20:48:29 +0200
Subject: 0.7.61: error_page 404 woes
In-Reply-To: <20090713182225.GB15437@rambler-co.ru>
References: <20090713170409.23831.qmail@oak.oeko.net> <20090713182225.GB15437@rambler-co.ru>
Message-ID: <20090713184829.27178.qmail@oak.oeko.net>


Hi,

On Mon, 13.07.2009 at 22:22:25 +0400, Igor Sysoev <is at rambler-co.ru> wrote:
> On Mon, Jul 13, 2009 at 07:04:09PM +0200, Toni Mueller wrote:
> > error_page	404	/;
> > 
> > But this statement had no effect. I had to re-write the statement as
> > 
> > error_page	404	http://$server_name/;
> > 
> > to get the desired effect, but don't quite understand, why.
> 
> Because the first statement does an internal redirect to /,
> while the second one does an external redirect (302).

thanks for the quick answer, but I don't quite understand:

I already assumed that the second would cause an external redirect, but
why the first statement would not lead to an internal rewrite of the
URI and then try that through the remainder of the configuration, I
don't see.

I mean, the documentation suggests that "error_page 404 /somepage.html"
should work, and I don't see that much of a difference.


Kind regards,
--Toni++





From is at rambler-co.ru  Mon Jul 13 23:57:34 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Mon, 13 Jul 2009 23:57:34 +0400
Subject: 0.7.61: error_page 404 woes
In-Reply-To: <20090713184829.27178.qmail@oak.oeko.net>
References: <20090713170409.23831.qmail@oak.oeko.net> <20090713182225.GB15437@rambler-co.ru> <20090713184829.27178.qmail@oak.oeko.net>
Message-ID: <20090713195734.GD15437@rambler-co.ru>

On Mon, Jul 13, 2009 at 08:48:29PM +0200, Toni Mueller wrote:

> 
> Hi,
> 
> On Mon, 13.07.2009 at 22:22:25 +0400, Igor Sysoev <is at rambler-co.ru> wrote:
> > On Mon, Jul 13, 2009 at 07:04:09PM +0200, Toni Mueller wrote:
> > > error_page	404	/;
> > > 
> > > But this statement had no effect. I had to re-write the statement as
> > > 
> > > error_page	404	http://$server_name/;
> > > 
> > > to get the desired effect, but don't quite understand, why.
> > 
> > Because the first statement does an internal redirect to /,
> > while the second one does an external redirect (302).
> 
> thanks for the quick answer, but I don't quite understand:
> 
> I already assumed that the second would cause an external redirect, but
> why the first statement would not lead to an internal rewrite of the
> URI and then try that through the remainder of the configuration, I
> don't see.

What do you see in the first case ? You should see main page with
unchanged nonexistent URI in browser.

> I mean, the documentation suggests that "error_page 404 /somepage.html"
> should work, and I don't see that much of a difference.


-- 
Igor Sysoev
http://sysoev.ru/en/




From jim.ohlstein at gmail.com  Tue Jul 14 00:02:06 2009
From: jim.ohlstein at gmail.com (Jim Ohlstein)
Date: Mon, 13 Jul 2009 16:02:06 -0400
Subject: Cache questions
In-Reply-To: <20090713114840.GE9584@rambler-co.ru>
References: <4A57D142.2070501@gmail.com> <20090713113321.GH67302@mdounin.ru> <20090713114840.GE9584@rambler-co.ru>
Message-ID: <4A5B92BE.60002@gmail.com>



Igor Sysoev wrote:
> On Mon, Jul 13, 2009 at 03:33:21PM +0400, Maxim Dounin wrote:
>
>   
>> Hello!
>>
>> On Fri, Jul 10, 2009 at 07:39:46PM -0400, Jim Ohlstein wrote:
>>
>>     
>>> I'm using the fastcgi cache for static files (images, javascript,css)  
>>> and just found multiple lines in the error log like this one:
>>>
>>> 2009/07/10 10:22:54 [crit] 22476#0: ngx_slab_alloc() failed: no memory  
>>> in cache keys zone "one"
>>>
>>> So I increased the memory available for the zone and reloaded nginx. It  
>>> took over five hours to go through the cache but these are the relevant  
>>> entries:
>>>
>>> 2009/07/10 12:11:03 [notice] 21038#0: start cache manager process 32730
>>> 2009/07/10 12:11:04 [notice] 21038#0: cache manager process 22480 exited  
>>> with code 0
>>>
>>> and finally
>>>
>>> 2009/07/10 17:43:27 [notice] 32730#0: http file cache:  
>>> /usr/local/nginx/cache 11638.289M, bsize: 4096
>>>
>>> My questions are:
>>>
>>> Is that simply the total (11638.289MB or 11.4GB) of all of the file  
>>> sizes, or is that the actual disk space consumed taking into account  
>>> total number of blocks used multiplied by the block size? The number  
>>>       
>> It's size on disk (i.e. number of blocks * block size), but for 
>> files only (it doesn't take directories into account).
>>     
>
> Just note: nginx rounds a file size to the bsize.
> bsize is f_bsize from statfs() or f_frsize from statvfs().
> I'm not sure that bsize matches always a filesystem allocation unit.
>   

OK, Thanks.

In trying to tune this, if I set fastcgi_cache_min_uses to 2, does that 
mean that a file will only be written to the cache the second time that 
it is requested? Google translate did not give me a clear answer to this 
from the Russian documentation. I think that I could improve efficiency 
greatly if I didn't cache files on the first request. I would know 
better if I could get some statistics. I know the last time I asked the 
answer was "not yet". Do you have any idea when this might be 
implemented even on a rudimentary basis?

>   
>>> could be quite different given what I estimate are nearly one million  
>>> mostly small files in the cache at this point.
>>>
>>> When I next upgrade nginx (I'm running 0.8.4), and I attempt a "graceful  
>>> upgrade" will it have to go through this entire process again?
>>>       
>> Yes.  Binary upgrade doesn't preserve shared memory zones, so 
>> cache will be rescanned again.
>>
>> Note that nginx uses cache even before it was completely scanned, 
>> so it shouldn't be a problem.
>>     

Yes, but it uses a fair bit of system resources scanning a large cache. 
Nothing much to be done about it though.

>> Maxim Dounin
>>     
>
>
>   




From is at rambler-co.ru  Tue Jul 14 00:17:46 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Tue, 14 Jul 2009 00:17:46 +0400
Subject: Cache questions
In-Reply-To: <4A5B92BE.60002@gmail.com>
References: <4A57D142.2070501@gmail.com> <20090713113321.GH67302@mdounin.ru> <20090713114840.GE9584@rambler-co.ru> <4A5B92BE.60002@gmail.com>
Message-ID: <20090713201746.GE15437@rambler-co.ru>

On Mon, Jul 13, 2009 at 04:02:06PM -0400, Jim Ohlstein wrote:

> 
> 
> Igor Sysoev wrote:
> >On Mon, Jul 13, 2009 at 03:33:21PM +0400, Maxim Dounin wrote:
> >
> >  
> >>Hello!
> >>
> >>On Fri, Jul 10, 2009 at 07:39:46PM -0400, Jim Ohlstein wrote:
> >>
> >>    
> >>>I'm using the fastcgi cache for static files (images, javascript,css)  
> >>>and just found multiple lines in the error log like this one:
> >>>
> >>>2009/07/10 10:22:54 [crit] 22476#0: ngx_slab_alloc() failed: no memory  
> >>>in cache keys zone "one"
> >>>
> >>>So I increased the memory available for the zone and reloaded nginx. It  
> >>>took over five hours to go through the cache but these are the relevant  
> >>>entries:
> >>>
> >>>2009/07/10 12:11:03 [notice] 21038#0: start cache manager process 32730
> >>>2009/07/10 12:11:04 [notice] 21038#0: cache manager process 22480 exited 
> >>>with code 0
> >>>
> >>>and finally
> >>>
> >>>2009/07/10 17:43:27 [notice] 32730#0: http file cache:  
> >>>/usr/local/nginx/cache 11638.289M, bsize: 4096
> >>>
> >>>My questions are:
> >>>
> >>>Is that simply the total (11638.289MB or 11.4GB) of all of the file  
> >>>sizes, or is that the actual disk space consumed taking into account  
> >>>total number of blocks used multiplied by the block size? The number  
> >>>      
> >>It's size on disk (i.e. number of blocks * block size), but for 
> >>files only (it doesn't take directories into account).
> >>    
> >
> >Just note: nginx rounds a file size to the bsize.
> >bsize is f_bsize from statfs() or f_frsize from statvfs().
> >I'm not sure that bsize matches always a filesystem allocation unit.
> >  
> 
> OK, Thanks.
> 
> In trying to tune this, if I set fastcgi_cache_min_uses to 2, does that 
> mean that a file will only be written to the cache the second time that 
> it is requested? Google translate did not give me a clear answer to this 
> from the Russian documentation. I think that I could improve efficiency 
> greatly if I didn't cache files on the first request.

Yes, a file will be cached only on the second request made during period
set in by "inactive" option of fastcgi_cache_path directive.

> I would know 
> better if I could get some statistics. I know the last time I asked the 
> answer was "not yet". Do you have any idea when this might be 
> implemented even on a rudimentary basis?

You may log $upstream_cache_status.

> >>>could be quite different given what I estimate are nearly one million  
> >>>mostly small files in the cache at this point.
> >>>
> >>>When I next upgrade nginx (I'm running 0.8.4), and I attempt a "graceful 
> >>>upgrade" will it have to go through this entire process again?
> >>>      
> >>Yes.  Binary upgrade doesn't preserve shared memory zones, so 
> >>cache will be rescanned again.
> >>
> >>Note that nginx uses cache even before it was completely scanned, 
> >>so it shouldn't be a problem.
> >>    
> 
> Yes, but it uses a fair bit of system resources scanning a large cache. 
> Nothing much to be done about it though.

I tried to minimize impact of cache scanning according to this comment:

            /*
             * if processing 100 files takes more than 200ms,
             * it seems that many operations require disk i/o,
             * therefore sleep 200ms
             */


-- 
Igor Sysoev
http://sysoev.ru/en/




From mdounin at mdounin.ru  Tue Jul 14 00:50:54 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 14 Jul 2009 00:50:54 +0400
Subject: Cache questions
In-Reply-To: <4A5B92BE.60002@gmail.com>
References: <4A57D142.2070501@gmail.com> <20090713113321.GH67302@mdounin.ru> <20090713114840.GE9584@rambler-co.ru> <4A5B92BE.60002@gmail.com>
Message-ID: <20090713205054.GP67302@mdounin.ru>

Hello!

On Mon, Jul 13, 2009 at 04:02:06PM -0400, Jim Ohlstein wrote:

>
>
> Igor Sysoev wrote:
>> On Mon, Jul 13, 2009 at 03:33:21PM +0400, Maxim Dounin wrote:
>>
>>   
>>> Hello!
>>>
>>> On Fri, Jul 10, 2009 at 07:39:46PM -0400, Jim Ohlstein wrote:
>>>
>>>     
>>>> I'm using the fastcgi cache for static files (images, 
>>>> javascript,css)  and just found multiple lines in the error log 
>>>> like this one:
>>>>
>>>> 2009/07/10 10:22:54 [crit] 22476#0: ngx_slab_alloc() failed: no 
>>>> memory  in cache keys zone "one"
>>>>
>>>> So I increased the memory available for the zone and reloaded 
>>>> nginx. It  took over five hours to go through the cache but these 
>>>> are the relevant  entries:
>>>>
>>>> 2009/07/10 12:11:03 [notice] 21038#0: start cache manager process 32730
>>>> 2009/07/10 12:11:04 [notice] 21038#0: cache manager process 22480 
>>>> exited  with code 0
>>>>
>>>> and finally
>>>>
>>>> 2009/07/10 17:43:27 [notice] 32730#0: http file cache:   
>>>> /usr/local/nginx/cache 11638.289M, bsize: 4096
>>>>
>>>> My questions are:
>>>>
>>>> Is that simply the total (11638.289MB or 11.4GB) of all of the file 
>>>>  sizes, or is that the actual disk space consumed taking into 
>>>> account  total number of blocks used multiplied by the block size? 
>>>> The number        
>>> It's size on disk (i.e. number of blocks * block size), but for  
>>> files only (it doesn't take directories into account).
>>>     
>>
>> Just note: nginx rounds a file size to the bsize.
>> bsize is f_bsize from statfs() or f_frsize from statvfs().
>> I'm not sure that bsize matches always a filesystem allocation unit.
>>   
>
> OK, Thanks.
>
> In trying to tune this, if I set fastcgi_cache_min_uses to 2, does that  
> mean that a file will only be written to the cache the second time that  
> it is requested? Google translate did not give me a clear answer to this  
> from the Russian documentation. I think that I could improve efficiency  
> greatly if I didn't cache files on the first request.

Yes, file will be written only after second request.  Note that 
shared memory will be allocated anyway.

> I would know  
> better if I could get some statistics. I know the last time I asked the  
> answer was "not yet". Do you have any idea when this might be  
> implemented even on a rudimentary basis?

Cache status was implemented in 0.8.3:

    *) Feature: the $upstream_cache_status variable.

You may log it to access_log and collect stats you want.

>>>> could be quite different given what I estimate are nearly one 
>>>> million  mostly small files in the cache at this point.
>>>>
>>>> When I next upgrade nginx (I'm running 0.8.4), and I attempt a 
>>>> "graceful  upgrade" will it have to go through this entire process 
>>>> again?
>>>>       
>>> Yes.  Binary upgrade doesn't preserve shared memory zones, so cache 
>>> will be rescanned again.
>>>
>>> Note that nginx uses cache even before it was completely scanned, so 
>>> it shouldn't be a problem.
>>>     
>
> Yes, but it uses a fair bit of system resources scanning a large cache.  
> Nothing much to be done about it though.

Actually, nginx tries to be nice and pauses scanning for 200ms 
if takes more than 200ms to scan 100 files.

Maxim Dounin




From lists at ruby-forum.com  Tue Jul 14 01:23:36 2009
From: lists at ruby-forum.com (Andreas Vieten)
Date: Mon, 13 Jul 2009 23:23:36 +0200
Subject: Can't start nginx
In-Reply-To: <31f5a14539e362a7ad78e4cf31513f2b@ruby-forum.com>
References: <808d0ac45d2eeeabbc7dbf3881810c7b@ruby-forum.com> <31f5a14539e362a7ad78e4cf31513f2b@ruby-forum.com>
Message-ID: <6ede0e531f82cbd739f53b739d7971a6@ruby-forum.com>

Robert Gabriel wrote:
> Try this:
> 
> sh -x /etc/init.d/nginx start
> 
> and see what happen or put it in a reply, as you wish.


Hello, doesn't work either.
-- 
Posted via http://www.ruby-forum.com/.




From merlincorey at dc949.org  Tue Jul 14 04:41:12 2009
From: merlincorey at dc949.org (merlin corey)
Date: Mon, 13 Jul 2009 17:41:12 -0700
Subject: SSL server_name support, single server block plain/SSL, et al in 
	0.8.x ?
In-Reply-To: <20090713080721.GA4512@rambler-co.ru>
References: <e0af94b80907130017q4c6671eeie8c64116f7d7c38d@mail.gmail.com>
	 <20090713080721.GA4512@rambler-co.ru>
Message-ID: <e0af94b80907131741o4176133dk6e2c342d3d6a8624@mail.gmail.com>

2009/7/13 Igor Sysoev <is at rambler-co.ru>:
> On Mon, Jul 13, 2009 at 12:17:02AM -0700, merlin corey wrote:
>
>> Hello,
>>
>> I had a long chat with a user in the IRC channel about SSL in nginx.
>> Initially, it started out talking about hosting multiple domains with
>> SSL on the same address. ?They pointed me to
>> http://tools.ietf.org/html/rfc4366#section-3.1 which seems fairly
>> straightforward and I am curious if there is interest in this or if
>> Igor plans to implement it at some point in future anyway.
>
> nginx supports SNI since 0.5.23. You just need OpenSSL built with
> SNI support. The main issue, however, are browsers: MSIE 6 and Windows XP
> do not support SNI and MSIE 6 is still in use:
> http://weblogs.mozillazine.org/asa/archives/2009/07/internet_explorer_6.html
>
>> Also, through talking with him, he showed me his idea for how the SSL
>> support should work. ?It went more or less like this:
>>
>> ssl_certificate ? ? ?/etc/ssl/custom/supercatchall.crt;
>> ssl_certificate_key ?/etc/ssl/custom/supercatchall.key;
>> server {
>> ? listen 80;
>> ? listen 443;
>> ? if(port = 443) {
>> ? ? ssl on;
>> ? }
>> ? ... normal server config ...
>> }
>> ... repeated for several servers apparently on same IP ...
>>
>> I tried to talk him out of using if and using a separate server block
>> for 443 and 80 ports for each server, and just including common
>> configuration. ?Apparently, this does not currently work, but it seems
>> it should be more or less usable, I think he was having problems with
>> using default ssl in the listen line and NginX would not bind multiple
>> times. ?At any rate, he also complained about the "roundabout
>> redundancy" of the config. ?That got me to thinking, would something
>> like the following be desirable, and how difficult to implement would
>> it be?
>>
>> server {
>> ? listen 80;
>> ? listen 443;
>> ? ssl on 443;
>> ? ... normal server config ...
>> }
>>
>> My gut instinct tells me this would be a lot more work than simply
>> allowing multiple SSL hosts per IP address, but it does seem to have a
>> nice ring to it, this late in the day.
>>
>> So to summarize, I am curious if 0.8.x is planned to support multiple
>> SSL hosts per IP, if that feature is even desired by anyone (or maybe
>> other ways to do it, in case I see this problem again!), and finally
>> anyone and everyone's thoughts on the above syntax to unify config for
>> SSL and non SSL (you could still use separate blocks if the
>> configuration is not exactly the same for plain and SSL, of course).

> Since 0.7.14 you can use:
>
> ? ?server {
> ? ? ? listen 80;
> ? ? ? listen 443 default ssl;
> ? ? ? ...
>
Ah perfect, I was ignorant of this change and I see it is already on
the English wiki so I have no excuse really for missing it.  Goodbye
ssl on blah blah; I knew there had to be an easier way :D.  Thanks,
Igor and Denis.

Almir, I'm very aware that you don't need ifs, thank you; I head the
get rid of if's in nginx configurations campaign on IRC :D.

As to this multiple SSL domains on a single IP thing...  I guess I may
as well describe what he was trying to do.  I am not sure if it fits
into SNI, but I will check it out and tell him about it as well.
Basically, he wants to have a bunch of different subdomains on the
same IP to have their own SSL certs and for some reason he does not
want to use wildcard certificates or different ports or anything...
he wants to just have it work, and it doesn't allow it.  I'm not quite
sure what to tell him, aside from what I already have.

Thanks again,
Merlin




From jim.ohlstein at gmail.com  Tue Jul 14 04:45:03 2009
From: jim.ohlstein at gmail.com (Jim Ohlstein)
Date: Mon, 13 Jul 2009 20:45:03 -0400
Subject: Cache questions
In-Reply-To: <20090713201746.GE15437@rambler-co.ru>
References: <4A57D142.2070501@gmail.com> <20090713113321.GH67302@mdounin.ru> <20090713114840.GE9584@rambler-co.ru> <4A5B92BE.60002@gmail.com> <20090713201746.GE15437@rambler-co.ru>
Message-ID: <4A5BD50F.1020705@gmail.com>



Igor Sysoev wrote:
> On Mon, Jul 13, 2009 at 04:02:06PM -0400, Jim Ohlstein wrote:
>
>   
>> Igor Sysoev wrote:
>>     
>>> On Mon, Jul 13, 2009 at 03:33:21PM +0400, Maxim Dounin wrote:
>>>
>>>  
>>>       
>>>> Hello!
>>>>
>>>> On Fri, Jul 10, 2009 at 07:39:46PM -0400, Jim Ohlstein wrote:
>>>>
>>>>    
>>>>         
>>>>> I'm using the fastcgi cache for static files (images, javascript,css)  
>>>>> and just found multiple lines in the error log like this one:
>>>>>
>>>>> 2009/07/10 10:22:54 [crit] 22476#0: ngx_slab_alloc() failed: no memory  
>>>>> in cache keys zone "one"
>>>>>
>>>>> So I increased the memory available for the zone and reloaded nginx. It  
>>>>> took over five hours to go through the cache but these are the relevant  
>>>>> entries:
>>>>>
>>>>> 2009/07/10 12:11:03 [notice] 21038#0: start cache manager process 32730
>>>>> 2009/07/10 12:11:04 [notice] 21038#0: cache manager process 22480 exited 
>>>>> with code 0
>>>>>
>>>>> and finally
>>>>>
>>>>> 2009/07/10 17:43:27 [notice] 32730#0: http file cache:  
>>>>> /usr/local/nginx/cache 11638.289M, bsize: 4096
>>>>>
>>>>> My questions are:
>>>>>
>>>>> Is that simply the total (11638.289MB or 11.4GB) of all of the file  
>>>>> sizes, or is that the actual disk space consumed taking into account  
>>>>> total number of blocks used multiplied by the block size? The number  
>>>>>      
>>>>>           
>>>> It's size on disk (i.e. number of blocks * block size), but for 
>>>> files only (it doesn't take directories into account).
>>>>    
>>>>         
>>> Just note: nginx rounds a file size to the bsize.
>>> bsize is f_bsize from statfs() or f_frsize from statvfs().
>>> I'm not sure that bsize matches always a filesystem allocation unit.
>>>  
>>>       
>> OK, Thanks.
>>
>> In trying to tune this, if I set fastcgi_cache_min_uses to 2, does that 
>> mean that a file will only be written to the cache the second time that 
>> it is requested? Google translate did not give me a clear answer to this 
>> from the Russian documentation. I think that I could improve efficiency 
>> greatly if I didn't cache files on the first request.
>>     
>
> Yes, a file will be cached only on the second request made during period
> set in by "inactive" option of fastcgi_cache_path directive.
>
>   
>> I would know 
>> better if I could get some statistics. I know the last time I asked the 
>> answer was "not yet". Do you have any idea when this might be 
>> implemented even on a rudimentary basis?
>>     
>
> You may log $upstream_cache_status.
>   

Can you give me an example of how to do this?

I have tried various permutations of:

location ~ (jpg|jpeg|png|gif|ico|js|css)$ {
    fastcgi_pass unix:/tmp/my.sock;
    fastcgi_cache one;
    fastcgi_cache_key unix:/tmp/my.sock.1$request_uri;
    fastcgi_ignore_headers  Cache-Control  Expires;
    fastcgi_cache_valid 200 302 1d;
    fastcgi_cache_valid 301 7d;
    fastcgi_cache_valid any 10m;
    fastcgi_cache_min_uses 2;
    include /usr/local/nginx/conf/fastcgi_params;
    fastcgi_param  SCRIPT_NAME myscript;
    fastcgi_buffers 64 8k;
    access_log  logs/my-cache.access.log;
    log_format '$remote_addr - $remote_user [$time_local] '
                          '"$request" $status $body_bytes_sent '
                          '"$http_referer" "$http_user_agent"' ' 
$upstream_cache_status ';
}

The logs give me all above with exception of "$upstream_cache_status". 
Every entry ends with the user agent.

>   
>>>>> could be quite different given what I estimate are nearly one million  
>>>>> mostly small files in the cache at this point.
>>>>>
>>>>> When I next upgrade nginx (I'm running 0.8.4), and I attempt a "graceful 
>>>>> upgrade" will it have to go through this entire process again?
>>>>>      
>>>>>           
>>>> Yes.  Binary upgrade doesn't preserve shared memory zones, so 
>>>> cache will be rescanned again.
>>>>
>>>> Note that nginx uses cache even before it was completely scanned, 
>>>> so it shouldn't be a problem.
>>>>    
>>>>         
>> Yes, but it uses a fair bit of system resources scanning a large cache. 
>> Nothing much to be done about it though.
>>     
>
> I tried to minimize impact of cache scanning according to this comment:
>
>             /*
>              * if processing 100 files takes more than 200ms,
>              * it seems that many operations require disk i/o,
>              * therefore sleep 200ms
>              */
>
>
>   
Jim




From mdounin at mdounin.ru  Tue Jul 14 06:29:59 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 14 Jul 2009 06:29:59 +0400
Subject: Cache questions
In-Reply-To: <4A5BD50F.1020705@gmail.com>
References: <4A57D142.2070501@gmail.com> <20090713113321.GH67302@mdounin.ru> <20090713114840.GE9584@rambler-co.ru> <4A5B92BE.60002@gmail.com> <20090713201746.GE15437@rambler-co.ru> <4A5BD50F.1020705@gmail.com>
Message-ID: <20090714022959.GR67302@mdounin.ru>

Hello!

On Mon, Jul 13, 2009 at 08:45:03PM -0400, Jim Ohlstein wrote:

>
>
> Igor Sysoev wrote:
>> On Mon, Jul 13, 2009 at 04:02:06PM -0400, Jim Ohlstein wrote:
>>
>>   
>>> Igor Sysoev wrote:
>>>     
>>>> On Mon, Jul 13, 2009 at 03:33:21PM +0400, Maxim Dounin wrote:
>>>>
>>>>        
>>>>> Hello!
>>>>>
>>>>> On Fri, Jul 10, 2009 at 07:39:46PM -0400, Jim Ohlstein wrote:
>>>>>
>>>>>            
>>>>>> I'm using the fastcgi cache for static files (images, 
>>>>>> javascript,css)  and just found multiple lines in the error log 
>>>>>> like this one:
>>>>>>
>>>>>> 2009/07/10 10:22:54 [crit] 22476#0: ngx_slab_alloc() failed: no 
>>>>>> memory  in cache keys zone "one"
>>>>>>
>>>>>> So I increased the memory available for the zone and reloaded 
>>>>>> nginx. It  took over five hours to go through the cache but 
>>>>>> these are the relevant  entries:
>>>>>>
>>>>>> 2009/07/10 12:11:03 [notice] 21038#0: start cache manager process 32730
>>>>>> 2009/07/10 12:11:04 [notice] 21038#0: cache manager process 
>>>>>> 22480 exited with code 0
>>>>>>
>>>>>> and finally
>>>>>>
>>>>>> 2009/07/10 17:43:27 [notice] 32730#0: http file cache:   
>>>>>> /usr/local/nginx/cache 11638.289M, bsize: 4096
>>>>>>
>>>>>> My questions are:
>>>>>>
>>>>>> Is that simply the total (11638.289MB or 11.4GB) of all of the 
>>>>>> file  sizes, or is that the actual disk space consumed taking 
>>>>>> into account  total number of blocks used multiplied by the 
>>>>>> block size? The number                 
>>>>> It's size on disk (i.e. number of blocks * block size), but for  
>>>>> files only (it doesn't take directories into account).
>>>>>            
>>>> Just note: nginx rounds a file size to the bsize.
>>>> bsize is f_bsize from statfs() or f_frsize from statvfs().
>>>> I'm not sure that bsize matches always a filesystem allocation unit.
>>>>        
>>> OK, Thanks.
>>>
>>> In trying to tune this, if I set fastcgi_cache_min_uses to 2, does 
>>> that mean that a file will only be written to the cache the second 
>>> time that it is requested? Google translate did not give me a clear 
>>> answer to this from the Russian documentation. I think that I could 
>>> improve efficiency greatly if I didn't cache files on the first 
>>> request.
>>>     
>>
>> Yes, a file will be cached only on the second request made during period
>> set in by "inactive" option of fastcgi_cache_path directive.
>>
>>   
>>> I would know better if I could get some statistics. I know the last 
>>> time I asked the answer was "not yet". Do you have any idea when this 
>>> might be implemented even on a rudimentary basis?
>>>     
>>
>> You may log $upstream_cache_status.
>>   
>
> Can you give me an example of how to do this?
>
> I have tried various permutations of:
>
> location ~ (jpg|jpeg|png|gif|ico|js|css)$ {
>    fastcgi_pass unix:/tmp/my.sock;
>    fastcgi_cache one;
>    fastcgi_cache_key unix:/tmp/my.sock.1$request_uri;
>    fastcgi_ignore_headers  Cache-Control  Expires;
>    fastcgi_cache_valid 200 302 1d;
>    fastcgi_cache_valid 301 7d;
>    fastcgi_cache_valid any 10m;
>    fastcgi_cache_min_uses 2;
>    include /usr/local/nginx/conf/fastcgi_params;
>    fastcgi_param  SCRIPT_NAME myscript;
>    fastcgi_buffers 64 8k;
>    access_log  logs/my-cache.access.log;
>    log_format '$remote_addr - $remote_user [$time_local] '
>                          '"$request" $status $body_bytes_sent '
>                          '"$http_referer" "$http_user_agent"' '  
> $upstream_cache_status ';
> }
>
> The logs give me all above with exception of "$upstream_cache_status".  
> Every entry ends with the user agent.

log_format  cachestatus  '$remote_addr - $remote_user [$time_local] '
                         '"$request" $status $body_bytes_sent '
                         '"$http_referer" "$http_user_agent" '
                         '$upstream_cache_status';

access_log  /path/to/log  cachestatus;

Note that log_format's first argument is format name, and second 
argument of access_log is format name too (optional, defaults 
to 'combined' predefined format).

See http://wiki.nginx.org/NginxHttpLogModule for details.

Maxim Dounin




From jim.ohlstein at gmail.com  Tue Jul 14 07:09:34 2009
From: jim.ohlstein at gmail.com (Jim Ohlstein)
Date: Mon, 13 Jul 2009 23:09:34 -0400
Subject: Cache questions
In-Reply-To: <20090714022959.GR67302@mdounin.ru>
References: <4A57D142.2070501@gmail.com> <20090713113321.GH67302@mdounin.ru> <20090713114840.GE9584@rambler-co.ru> <4A5B92BE.60002@gmail.com> <20090713201746.GE15437@rambler-co.ru> <4A5BD50F.1020705@gmail.com> <20090714022959.GR67302@mdounin.ru>
Message-ID: <4A5BF6EE.4080306@gmail.com>



Maxim Dounin wrote:
> Hello!
>
> On Mon, Jul 13, 2009 at 08:45:03PM -0400, Jim Ohlstein wrote:
>
>   
>> Igor Sysoev wrote:
>>     
>>> On Mon, Jul 13, 2009 at 04:02:06PM -0400, Jim Ohlstein wrote:
>>>
>>>   
>>>       
>>>> Igor Sysoev wrote:
>>>>     
>>>>         
>>>>> On Mon, Jul 13, 2009 at 03:33:21PM +0400, Maxim Dounin wrote:
>>>>>
>>>>>        
>>>>>           
>>>>>> Hello!
>>>>>>
>>>>>> On Fri, Jul 10, 2009 at 07:39:46PM -0400, Jim Ohlstein wrote:
>>>>>>
>>>>>>            
>>>>>>             
>>>>>>> I'm using the fastcgi cache for static files (images, 
>>>>>>> javascript,css)  and just found multiple lines in the error log 
>>>>>>> like this one:
>>>>>>>
>>>>>>> 2009/07/10 10:22:54 [crit] 22476#0: ngx_slab_alloc() failed: no 
>>>>>>> memory  in cache keys zone "one"
>>>>>>>
>>>>>>> So I increased the memory available for the zone and reloaded 
>>>>>>> nginx. It  took over five hours to go through the cache but 
>>>>>>> these are the relevant  entries:
>>>>>>>
>>>>>>> 2009/07/10 12:11:03 [notice] 21038#0: start cache manager process 32730
>>>>>>> 2009/07/10 12:11:04 [notice] 21038#0: cache manager process 
>>>>>>> 22480 exited with code 0
>>>>>>>
>>>>>>> and finally
>>>>>>>
>>>>>>> 2009/07/10 17:43:27 [notice] 32730#0: http file cache:   
>>>>>>> /usr/local/nginx/cache 11638.289M, bsize: 4096
>>>>>>>
>>>>>>> My questions are:
>>>>>>>
>>>>>>> Is that simply the total (11638.289MB or 11.4GB) of all of the 
>>>>>>> file  sizes, or is that the actual disk space consumed taking 
>>>>>>> into account  total number of blocks used multiplied by the 
>>>>>>> block size? The number                 
>>>>>>>               
>>>>>> It's size on disk (i.e. number of blocks * block size), but for  
>>>>>> files only (it doesn't take directories into account).
>>>>>>            
>>>>>>             
>>>>> Just note: nginx rounds a file size to the bsize.
>>>>> bsize is f_bsize from statfs() or f_frsize from statvfs().
>>>>> I'm not sure that bsize matches always a filesystem allocation unit.
>>>>>        
>>>>>           
>>>> OK, Thanks.
>>>>
>>>> In trying to tune this, if I set fastcgi_cache_min_uses to 2, does 
>>>> that mean that a file will only be written to the cache the second 
>>>> time that it is requested? Google translate did not give me a clear 
>>>> answer to this from the Russian documentation. I think that I could 
>>>> improve efficiency greatly if I didn't cache files on the first 
>>>> request.
>>>>     
>>>>         
>>> Yes, a file will be cached only on the second request made during period
>>> set in by "inactive" option of fastcgi_cache_path directive.
>>>
>>>   
>>>       
>>>> I would know better if I could get some statistics. I know the last 
>>>> time I asked the answer was "not yet". Do you have any idea when this 
>>>> might be implemented even on a rudimentary basis?
>>>>     
>>>>         
>>> You may log $upstream_cache_status.
>>>   
>>>       
>> Can you give me an example of how to do this?
>>
>> I have tried various permutations of:
>>
>> location ~ (jpg|jpeg|png|gif|ico|js|css)$ {
>>    fastcgi_pass unix:/tmp/my.sock;
>>    fastcgi_cache one;
>>    fastcgi_cache_key unix:/tmp/my.sock.1$request_uri;
>>    fastcgi_ignore_headers  Cache-Control  Expires;
>>    fastcgi_cache_valid 200 302 1d;
>>    fastcgi_cache_valid 301 7d;
>>    fastcgi_cache_valid any 10m;
>>    fastcgi_cache_min_uses 2;
>>    include /usr/local/nginx/conf/fastcgi_params;
>>    fastcgi_param  SCRIPT_NAME myscript;
>>    fastcgi_buffers 64 8k;
>>    access_log  logs/my-cache.access.log;
>>    log_format '$remote_addr - $remote_user [$time_local] '
>>                          '"$request" $status $body_bytes_sent '
>>                          '"$http_referer" "$http_user_agent"' '  
>> $upstream_cache_status ';
>> }
>>
>> The logs give me all above with exception of "$upstream_cache_status".  
>> Every entry ends with the user agent.
>>     
>
> log_format  cachestatus  '$remote_addr - $remote_user [$time_local] '
>                          '"$request" $status $body_bytes_sent '
>                          '"$http_referer" "$http_user_agent" '
>                          '$upstream_cache_status';
>
> access_log  /path/to/log  cachestatus;
>
> Note that log_format's first argument is format name, and second 
> argument of access_log is format name too (optional, defaults 
> to 'combined' predefined format).
>
> See http://wiki.nginx.org/NginxHttpLogModule for details.
>   

Thank you Maxim. Very much appreciated. I had read that page but I guess 
I didn't quite "get it". I've always used the standard "combined" format 
as it had suited my needs until now.

It is now logging "HIT" or "MISS" for each request in that location block.

It is safe to assume that with fastcgi_cache_min_uses set at 2 that for 
every first miss shared memory is allocated, that the file is written to 
the cache on the second miss, and that each logged "hit" is an actual 
serve from the cache (third and subsequent requests for the file)?

> Maxim Dounin
>
>
>   
Jim




From lists at ruby-forum.com  Tue Jul 14 08:57:36 2009
From: lists at ruby-forum.com (Tony Payne)
Date: Tue, 14 Jul 2009 06:57:36 +0200
Subject: Upload progress module: "track_uploads" directive inside an "if" block.
In-Reply-To: <49B0EBCB-7F46-442C-BA0E-A6B4B6CF6D3D@rothlis.net>
References: <278DB3CC-5C63-4E68-A1DB-3064EC0279C5@rothlis.net> <4973C85C.8090705@grid.net.ru> <2CBF9BBB-0677-41AD-A051-086EFFA59D79@rothlis.net> <49B0EBCB-7F46-442C-BA0E-A6B4B6CF6D3D@rothlis.net>
Message-ID: <87b164d4ff3946aa4c1f3edeb565c570@ruby-forum.com>

Dave Rothlisberger wrote:
> After further investigation, it seems that the upload progress tracker
> is stuck at 'state: starting'.
> 
> (while uploading a large file, if I do a GET for /upload_progress?X-
> Progress-ID=xxxx in a separate browser window, I get:
> 
>    new Object({ 'state' : 'starting' })
> 
> even a minute after it has started uploading).
> 
> Once again, this only happens if the "track_uploads" directive is
> inside an "if" block; otherwise it works fine.
> 
> Regards,
> Dave. Rothlisberger.

I think I have found a solution to this issue. I've created a location 
block that grabs the static file extensions and does the normal 
processing on them without the track_uploads call. Essentially, this 
means I can't track uploads to URLs ending in CSS, JS, etc. I can live 
with that. It also means that full page caching probably won't work, but 
I don't use that. Here's my new location block:

    location ~* \.(jpg|gif|png|css|js|htm|html)(\?[0-9]+)?$ {
      proxy_set_header  X-Real-IP  $remote_addr;
      proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header Host $http_host;
      proxy_redirect false;
      proxy_max_temp_file_size 0;
      if (!-f $request_filename) {
        proxy_pass http://mongrel; break;
      }
    }
-- 
Posted via http://www.ruby-forum.com/.




From is at rambler-co.ru  Tue Jul 14 09:21:39 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Tue, 14 Jul 2009 09:21:39 +0400
Subject: Cache questions
In-Reply-To: <4A5BF6EE.4080306@gmail.com>
References: <4A57D142.2070501@gmail.com> <20090713113321.GH67302@mdounin.ru> <20090713114840.GE9584@rambler-co.ru> <4A5B92BE.60002@gmail.com> <20090713201746.GE15437@rambler-co.ru> <4A5BD50F.1020705@gmail.com> <20090714022959.GR67302@mdounin.ru> <4A5BF6EE.4080306@gmail.com>
Message-ID: <20090714052139.GA27340@rambler-co.ru>

On Mon, Jul 13, 2009 at 11:09:34PM -0400, Jim Ohlstein wrote:

> It is now logging "HIT" or "MISS" for each request in that location block.
> 
> It is safe to assume that with fastcgi_cache_min_uses set at 2 that for 
> every first miss shared memory is allocated, that the file is written to 
> the cache on the second miss, and that each logged "hit" is an actual 
> serve from the cache (third and subsequent requests for the file)?

Yes. Currently, there are "MISS", "EXPIRED", "STALE", "UPDATING", and "HIT"
states. If you will think out a good name for state when miss is just counted,
but not cached, I will make this state.


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Tue Jul 14 12:07:47 2009
From: nginx-forum at nginx.us (bavery)
Date: Tue, 14 Jul 2009 04:07:47 -0400
Subject: problem w/ gzip when hiding Content-Type header from upstream server
Message-ID: <69e0c4acac418c641823f567866f9e3c.NginxMailingList@forum.nginx.org>

I have the exact situation described in the wiki for the proxy_hide_header command, where my upstream server sends my JS & CSS files with the wrong Content-Type header.  The file is currently being sent with a text/html content-type from the upstream server, but I am experiencing some occasional issues with browsers not rendering the CSS and suspect it may possibly be due to not having the correct content-type header, since I have read that this can sometimes cause the problems I am seeing.

    location /combined.css {
        proxy_pass http://$proxyforwardto/v/vspfiles/assets/combined.css.asp;
        proxy_hide_header Content-Type;


I have the following line in my config file for specifying which file types gzip should compress.
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;

My problem seems to be that once the Content-Type header is hidden with proxy_hide_header, nginx does not seem to be attempting to determine the correct type itself.  My CSS & JS files are simply passed on uncompressed, with no content-type header. Mime-types are configured correctly in my nginx config, but it doesn't seem to make a difference for these particular files.  I have tried using proxy_set_header to specifically set the content-type header as text/css, but nginx seems to completely ignore this and continues sending the file through without changing the content-type header.

Is there something I am missing here? How can I get nginx to recognize that the .css & .js files it is pulling from the upstream server should still be compressed even though the Content-Type header is being hidden?  I am running nginx version 0.8.0.

Bryan

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4037,4037#msg-4037





From lists at ruby-forum.com  Tue Jul 14 12:32:12 2009
From: lists at ruby-forum.com (Robert Gabriel)
Date: Tue, 14 Jul 2009 10:32:12 +0200
Subject: Can't start nginx
In-Reply-To: <6ede0e531f82cbd739f53b739d7971a6@ruby-forum.com>
References: <808d0ac45d2eeeabbc7dbf3881810c7b@ruby-forum.com> <31f5a14539e362a7ad78e4cf31513f2b@ruby-forum.com> <6ede0e531f82cbd739f53b739d7971a6@ruby-forum.com>
Message-ID: <5c84e9d9fa93b84ccab51e3a4e60cf49@ruby-forum.com>

Andreas Vieten wrote:
> Robert Gabriel wrote:
>> Try this:
>> 
>> sh -x /etc/init.d/nginx start
>> 
>> and see what happen or put it in a reply, as you wish.
> 
> 
> Hello, doesn't work either.

I didnt say its gonna work, but you can see where the error is coming 
from...
-- 
Posted via http://www.ruby-forum.com/.




From lists at ruby-forum.com  Tue Jul 14 12:33:58 2009
From: lists at ruby-forum.com (Robert Gabriel)
Date: Tue, 14 Jul 2009 10:33:58 +0200
Subject: Can't start nginx
In-Reply-To: <5c84e9d9fa93b84ccab51e3a4e60cf49@ruby-forum.com>
References: <808d0ac45d2eeeabbc7dbf3881810c7b@ruby-forum.com> <31f5a14539e362a7ad78e4cf31513f2b@ruby-forum.com> <6ede0e531f82cbd739f53b739d7971a6@ruby-forum.com>
	<5c84e9d9fa93b84ccab51e3a4e60cf49@ruby-forum.com>
Message-ID: <7844bad4b0a6e140d27ad2fdd62d0e43@ruby-forum.com>

Robert Gabriel wrote:
> Andreas Vieten wrote:
>> Robert Gabriel wrote:
>>> Try this:
>>> 
>>> sh -x /etc/init.d/nginx start
>>> 
>>> and see what happen or put it in a reply, as you wish.
>> 
>> 
>> Hello, doesn't work either.
> 
> I didnt say its gonna work, but you can see where the error is coming 
> from...

Wait, are u using Ubuntu?! If so, then do this first:

rm -f /bin/sh; ln -s /bin/bash /bin/sh (as root user)
-- 
Posted via http://www.ruby-forum.com/.




From jim.ohlstein at gmail.com  Tue Jul 14 17:26:22 2009
From: jim.ohlstein at gmail.com (Jim Ohlstein)
Date: Tue, 14 Jul 2009 09:26:22 -0400
Subject: Cache questions
In-Reply-To: <20090714052139.GA27340@rambler-co.ru>
References: <4A57D142.2070501@gmail.com> <20090713113321.GH67302@mdounin.ru> <20090713114840.GE9584@rambler-co.ru> <4A5B92BE.60002@gmail.com> <20090713201746.GE15437@rambler-co.ru> <4A5BD50F.1020705@gmail.com> <20090714022959.GR67302@mdounin.ru> <4A5BF6EE.4080306@gmail.com> <20090714052139.GA27340@rambler-co.ru>
Message-ID: <4A5C877E.30704@gmail.com>



Igor Sysoev wrote:
> On Mon, Jul 13, 2009 at 11:09:34PM -0400, Jim Ohlstein wrote:
>
>   
>> It is now logging "HIT" or "MISS" for each request in that location block.
>>
>> It is safe to assume that with fastcgi_cache_min_uses set at 2 that for 
>> every first miss shared memory is allocated, that the file is written to 
>> the cache on the second miss, and that each logged "hit" is an actual 
>> serve from the cache (third and subsequent requests for the file)?
>>     
>
> Yes. Currently, there are "MISS", "EXPIRED", "STALE", "UPDATING", and "HIT"
> states. If you will think out a good name for state when miss is just counted,
> but not cached, I will make this state.
>
>
>   
"MISS-NOT_CACHED"  fairly well tells the story, if it's not too long. 
Otherwise  "MISS-NC".

Or perhaps "MISS-COUNTING".

Jim




From is at rambler-co.ru  Tue Jul 14 19:11:12 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Tue, 14 Jul 2009 19:11:12 +0400
Subject: Cache questions
In-Reply-To: <4A5C877E.30704@gmail.com>
References: <4A57D142.2070501@gmail.com> <20090713113321.GH67302@mdounin.ru> <20090713114840.GE9584@rambler-co.ru> <4A5B92BE.60002@gmail.com> <20090713201746.GE15437@rambler-co.ru> <4A5BD50F.1020705@gmail.com> <20090714022959.GR67302@mdounin.ru> <4A5BF6EE.4080306@gmail.com> <20090714052139.GA27340@rambler-co.ru> <4A5C877E.30704@gmail.com>
Message-ID: <20090714151112.GH31349@rambler-co.ru>

On Tue, Jul 14, 2009 at 09:26:22AM -0400, Jim Ohlstein wrote:

> 
> 
> Igor Sysoev wrote:
> >On Mon, Jul 13, 2009 at 11:09:34PM -0400, Jim Ohlstein wrote:
> >
> >  
> >>It is now logging "HIT" or "MISS" for each request in that location block.
> >>
> >>It is safe to assume that with fastcgi_cache_min_uses set at 2 that for 
> >>every first miss shared memory is allocated, that the file is written to 
> >>the cache on the second miss, and that each logged "hit" is an actual 
> >>serve from the cache (third and subsequent requests for the file)?
> >>    
> >
> >Yes. Currently, there are "MISS", "EXPIRED", "STALE", "UPDATING", and "HIT"
> >states. If you will think out a good name for state when miss is just 
> >counted,
> >but not cached, I will make this state.
> >
> >
> >  
> "MISS-NOT_CACHED"  fairly well tells the story, if it's not too long. 
> Otherwise  "MISS-NC".
> 
> Or perhaps "MISS-COUNTING".

May be just "COUNTING" ?


-- 
Igor Sysoev
http://sysoev.ru/en/




From jim.ohlstein at gmail.com  Tue Jul 14 19:28:15 2009
From: jim.ohlstein at gmail.com (Jim Ohlstein)
Date: Tue, 14 Jul 2009 11:28:15 -0400
Subject: Cache questions
In-Reply-To: <20090714151112.GH31349@rambler-co.ru>
References: <4A57D142.2070501@gmail.com> <20090713113321.GH67302@mdounin.ru> <20090713114840.GE9584@rambler-co.ru> <4A5B92BE.60002@gmail.com> <20090713201746.GE15437@rambler-co.ru> <4A5BD50F.1020705@gmail.com> <20090714022959.GR67302@mdounin.ru> <4A5BF6EE.4080306@gmail.com> <20090714052139.GA27340@rambler-co.ru> <4A5C877E.30704@gmail.com> <20090714151112.GH31349@rambler-co.ru>
Message-ID: <4A5CA40F.5030809@gmail.com>



Igor Sysoev wrote:
> On Tue, Jul 14, 2009 at 09:26:22AM -0400, Jim Ohlstein wrote:
>
>   
>> Igor Sysoev wrote:
>>     
>>> On Mon, Jul 13, 2009 at 11:09:34PM -0400, Jim Ohlstein wrote:
>>>
>>>  
>>>       
>>>> It is now logging "HIT" or "MISS" for each request in that location block.
>>>>
>>>> It is safe to assume that with fastcgi_cache_min_uses set at 2 that for 
>>>> every first miss shared memory is allocated, that the file is written to 
>>>> the cache on the second miss, and that each logged "hit" is an actual 
>>>> serve from the cache (third and subsequent requests for the file)?
>>>>    
>>>>         
>>> Yes. Currently, there are "MISS", "EXPIRED", "STALE", "UPDATING", and "HIT"
>>> states. If you will think out a good name for state when miss is just 
>>> counted,
>>> but not cached, I will make this state.
>>>
>>>
>>>  
>>>       
>> "MISS-NOT_CACHED"  fairly well tells the story, if it's not too long. 
>> Otherwise  "MISS-NC".
>>
>> Or perhaps "MISS-COUNTING".
>>     
>
> May be just "COUNTING" ?
>
>   
So the first miss would be "MISS", subsequent misses would be 
"COUNTING"? Or vice versa? Either way would be good for me.


Jim




From is at rambler-co.ru  Tue Jul 14 19:41:42 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Tue, 14 Jul 2009 19:41:42 +0400
Subject: Cache questions
In-Reply-To: <4A5CA40F.5030809@gmail.com>
References: <20090713114840.GE9584@rambler-co.ru> <4A5B92BE.60002@gmail.com> <20090713201746.GE15437@rambler-co.ru> <4A5BD50F.1020705@gmail.com> <20090714022959.GR67302@mdounin.ru> <4A5BF6EE.4080306@gmail.com> <20090714052139.GA27340@rambler-co.ru> <4A5C877E.30704@gmail.com> <20090714151112.GH31349@rambler-co.ru> <4A5CA40F.5030809@gmail.com>
Message-ID: <20090714154142.GI31349@rambler-co.ru>

On Tue, Jul 14, 2009 at 11:28:15AM -0400, Jim Ohlstein wrote:

> 
> 
> Igor Sysoev wrote:
> >On Tue, Jul 14, 2009 at 09:26:22AM -0400, Jim Ohlstein wrote:
> >
> >  
> >>Igor Sysoev wrote:
> >>    
> >>>On Mon, Jul 13, 2009 at 11:09:34PM -0400, Jim Ohlstein wrote:
> >>>
> >>> 
> >>>      
> >>>>It is now logging "HIT" or "MISS" for each request in that location 
> >>>>block.
> >>>>
> >>>>It is safe to assume that with fastcgi_cache_min_uses set at 2 that for 
> >>>>every first miss shared memory is allocated, that the file is written 
> >>>>to the cache on the second miss, and that each logged "hit" is an 
> >>>>actual serve from the cache (third and subsequent requests for the 
> >>>>file)?
> >>>>   
> >>>>        
> >>>Yes. Currently, there are "MISS", "EXPIRED", "STALE", "UPDATING", and 
> >>>"HIT"
> >>>states. If you will think out a good name for state when miss is just 
> >>>counted,
> >>>but not cached, I will make this state.
> >>>
> >>>
> >>> 
> >>>      
> >>"MISS-NOT_CACHED"  fairly well tells the story, if it's not too long. 
> >>Otherwise  "MISS-NC".
> >>
> >>Or perhaps "MISS-COUNTING".
> >>    
> >
> >May be just "COUNTING" ?
> >
> >  
> So the first miss would be "MISS", subsequent misses would be 
> "COUNTING"? Or vice versa? Either way would be good for me.

No, last miss will be MISS, while the previous ones will be COUNTING.
In case "..._cache_min_uses 1" the first will be MISS, since it's
the last miss. In "..._cache_min_uses 2": COUNTING, MISS.


-- 
Igor Sysoev
http://sysoev.ru/en/




From jim.ohlstein at gmail.com  Tue Jul 14 19:55:46 2009
From: jim.ohlstein at gmail.com (Jim Ohlstein)
Date: Tue, 14 Jul 2009 11:55:46 -0400
Subject: Cache questions
In-Reply-To: <20090714154142.GI31349@rambler-co.ru>
References: <20090713114840.GE9584@rambler-co.ru> <4A5B92BE.60002@gmail.com> <20090713201746.GE15437@rambler-co.ru> <4A5BD50F.1020705@gmail.com> <20090714022959.GR67302@mdounin.ru> <4A5BF6EE.4080306@gmail.com> <20090714052139.GA27340@rambler-co.ru> <4A5C877E.30704@gmail.com> <20090714151112.GH31349@rambler-co.ru> <4A5CA40F.5030809@gmail.com> <20090714154142.GI31349@rambler-co.ru>
Message-ID: <4A5CAA82.9030901@gmail.com>



Igor Sysoev wrote:

> No, last miss will be MISS, while the previous ones will be COUNTING.
> In case "..._cache_min_uses 1" the first will be MISS, since it's
> the last miss. In "..._cache_min_uses 2": COUNTING, MISS.
>
>   

Sounds good. Thanks Igor.

Jim




From nginx-forum at nginx.us  Tue Jul 14 20:27:57 2009
From: nginx-forum at nginx.us (mhi)
Date: Tue, 14 Jul 2009 12:27:57 -0400
Subject: php sites crash in windows
Message-ID: <85e0bbfa73ccb6ae58eef726807a7651.NginxMailingList@forum.nginx.org>

few clicks and php sites crash. ab benchmarks get this response every time.

Benchmarking 192.168.1.103 (be patient)
apr_poll: The timeout specified has expired (70007)
Total of 10 requests completed


200 requests or more goes to nginx-php failure.

Am I do something wrong or this is a bug?

I tested nginx 0.761 and 0.84 with php 5.3 and 5.2.10 on win XP and 2003

php error:
Warning: strftime() : It is not safe to rely on the system's timezone settings. You are *required* to use the date.timezone setting or the date_default_timezone_set() function. In case you used any of those methods and you are still getting this warning, you most likely misspelled the timezone identifier. We selected 'Europe/Helsinki' for '3.0/DST' instead in C:\mynginxp\html\pmwiki\pmwiki.php on line 322





First time after restart server it seems ok.

nginx.conf


#user  nobody;
worker_processes  2;

error_log  logs/error.log;

events {
    worker_connections  1024;
}

http {
    server_names_hash_bucket_size 64;
    include       mime.types;
    default_type  application/octet-stream;
   # include       fastcgi_params;
    
    autoindex on;
    autoindex_exact_size on;
    autoindex_localtime off;
    
    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  0;

    ignore_invalid_headers  on;

    server {
        listen       8080; # Replace this IP and port with the right ones for your requirements
        server_name  localhost; # Multiple hostnames seperated by spaces.  Replace these as well.


        location / {
            root   html;
            index  index.php index.html index.htm;
        }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        #
        location ~ \.php$ {
           root           html;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
            include        fastcgi_params;
            allow 127.0.0.1;
        }

        }


    # another virtual host using mix of IP-, name-, and port-based configuration
    #
    server {
        listen       8080;
    #    listen       somename:8080;
        server_name  pmwiki  alias  localhost.alias;
    #    access_log      logs/pmwiki.access.log main;

       location / {
            root   html;
            index  index.php index.html index.htm;
        }
    
          location ~ \.php$ {
              root   html/pmwiki;

              fastcgi_pass   127.0.0.1:9000;
              fastcgi_index  index.php;
              fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
              include        fastcgi_params;
              allow 192.168.1.0/24;
          }
    }

}



Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4046,4046#msg-4046





From iberkner at gmail.com  Tue Jul 14 22:14:11 2009
From: iberkner at gmail.com (Ilan Berkner)
Date: Tue, 14 Jul 2009 14:14:11 -0400
Subject: setting up ssl ... can the same server section listen on both ports 
	80 and 443 or do I need to setup a separate server section?
Message-ID: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com>


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090714/b11f164f/attachment.html>

From azifali at gmail.com  Tue Jul 14 22:37:45 2009
From: azifali at gmail.com (Asif Ali)
Date: Wed, 15 Jul 2009 00:07:45 +0530
Subject: parsing special characters
Message-ID: <52d8feb90907141137o524c8851k96302f6c6dc25673@mail.gmail.com>

Dear All,
How does one escape URL based special characters in nginx?
To give you an example

a domain can get requests which passes the urls from another domain...

For e.g.

http://mydomain.com/u=http://anotherdomain.com/someurl/%7c

the u paramter can contain special chacters from another url

Suggestions are welcome. Thanks in advance

regards

Asif Ali
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090715/19e8803a/attachment.html>

From maccaday at gmail.com  Tue Jul 14 23:23:13 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Tue, 14 Jul 2009 22:23:13 +0300
Subject: Cache questions
In-Reply-To: <4A5C877E.30704@gmail.com>
References: <4A57D142.2070501@gmail.com> <20090713113321.GH67302@mdounin.ru> <20090713114840.GE9584@rambler-co.ru> <4A5B92BE.60002@gmail.com> <20090713201746.GE15437@rambler-co.ru> <4A5BD50F.1020705@gmail.com> <20090714022959.GR67302@mdounin.ru> <4A5BF6EE.4080306@gmail.com> <20090714052139.GA27340@rambler-co.ru> <4A5C877E.30704@gmail.com>
Message-ID: <4A5CDB21.5020809@gmail.com>

Jim Ohlstein wrote:
>
>
> Igor Sysoev wrote:
>> On Mon, Jul 13, 2009 at 11:09:34PM -0400, Jim Ohlstein wrote:
>>
>>  
>>> It is now logging "HIT" or "MISS" for each request in that location 
>>> block.
>>>
>>> It is safe to assume that with fastcgi_cache_min_uses set at 2 that 
>>> for every first miss shared memory is allocated, that the file is 
>>> written to the cache on the second miss, and that each logged "hit" 
>>> is an actual serve from the cache (third and subsequent requests for 
>>> the file)?
>>>     
>>
>> Yes. Currently, there are "MISS", "EXPIRED", "STALE", "UPDATING", and 
>> "HIT"
>> states. If you will think out a good name for state when miss is just 
>> counted,
>> but not cached, I will make this state.
>>
>>
>>   
> "MISS-NOT_CACHED"  fairly well tells the story, if it's not too long. 
> Otherwise  "MISS-NC".
>
> Or perhaps "MISS-COUNTING".
>
> Jim
>
>
How about "UNCACHED"?

Marcus




From mike503 at gmail.com  Tue Jul 14 23:58:10 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Tue, 14 Jul 2009 12:58:10 -0700
Subject: setting up ssl ... can the same server section listen on both 
	ports 80 and 443 or do I need to setup a separate server section?
In-Reply-To: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com>
References: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com>
Message-ID: <bd9320b30907141258s3986541ci30c1ca8088dd1913@mail.gmail.com>

someone just posted a config example in the past couple days about this

On Tue, Jul 14, 2009 at 11:14 AM, Ilan Berkner<iberkner at gmail.com> wrote:
>
>




From iberkner at gmail.com  Wed Jul 15 00:06:57 2009
From: iberkner at gmail.com (Ilan Berkner)
Date: Tue, 14 Jul 2009 16:06:57 -0400
Subject: setting up ssl ... can the same server section listen on both 
	ports 80 and 443 or do I need to setup a separate server section?
In-Reply-To: <bd9320b30907141258s3986541ci30c1ca8088dd1913@mail.gmail.com>
References: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com>
	 <bd9320b30907141258s3986541ci30c1ca8088dd1913@mail.gmail.com>
Message-ID: <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com>

If you can point it out to me... I searched, can't find it.

On Tue, Jul 14, 2009 at 3:58 PM, Michael Shadle <mike503 at gmail.com> wrote:

> someone just posted a config example in the past couple days about this
>
> On Tue, Jul 14, 2009 at 11:14 AM, Ilan Berkner<iberkner at gmail.com> wrote:
> >
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090714/3f98af2c/attachment.html>

From mdounin at mdounin.ru  Wed Jul 15 00:16:44 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 15 Jul 2009 00:16:44 +0400
Subject: setting up ssl ... can the same server section listen on both
	ports 80 and 443 or do I need to setup a separate server section?
In-Reply-To: <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com>
References: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com> <bd9320b30907141258s3986541ci30c1ca8088dd1913@mail.gmail.com> <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com>
Message-ID: <20090714201643.GY67302@mdounin.ru>

Hello!

On Tue, Jul 14, 2009 at 04:06:57PM -0400, Ilan Berkner wrote:

> If you can point it out to me... I searched, can't find it.

http://wiki.nginx.org/NginxHttpCoreModule#listen

server {
    listen 80;
    listen 443 default ssl;

    ...
}

Maxim Dounin


> 
> On Tue, Jul 14, 2009 at 3:58 PM, Michael Shadle <mike503 at gmail.com> wrote:
> 
> > someone just posted a config example in the past couple days about this
> >
> > On Tue, Jul 14, 2009 at 11:14 AM, Ilan Berkner<iberkner at gmail.com> wrote:
> > >
> > >
> >
> >




From mike503 at gmail.com  Wed Jul 15 00:19:43 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Tue, 14 Jul 2009 13:19:43 -0700
Subject: setting up ssl ... can the same server section listen on both 
	ports 80 and 443 or do I need to setup a separate server section?
In-Reply-To: <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com>
References: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com>
	 <bd9320b30907141258s3986541ci30c1ca8088dd1913@mail.gmail.com>
	 <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com>
Message-ID: <bd9320b30907141319p752b69afia24997e049ef74e5@mail.gmail.com>

http://marc.info/?l=nginx&m=124747329127204&w=2
http://marc.info/?l=nginx&m=124747239025852&w=2
http://marc.info/?l=nginx&m=124747216625615&w=2

On Tue, Jul 14, 2009 at 1:06 PM, Ilan Berkner<iberkner at gmail.com> wrote:
> If you can point it out to me... I searched, can't find it.
>
> On Tue, Jul 14, 2009 at 3:58 PM, Michael Shadle <mike503 at gmail.com> wrote:
>>
>> someone just posted a config example in the past couple days about this
>>
>> On Tue, Jul 14, 2009 at 11:14 AM, Ilan Berkner<iberkner at gmail.com> wrote:
>> >
>> >
>>
>
>




From iberkner at gmail.com  Wed Jul 15 00:24:24 2009
From: iberkner at gmail.com (Ilan Berkner)
Date: Tue, 14 Jul 2009 16:24:24 -0400
Subject: setting up ssl ... can the same server section listen on both 
	ports 80 and 443 or do I need to setup a separate server section?
In-Reply-To: <bd9320b30907141319p752b69afia24997e049ef74e5@mail.gmail.com>
References: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com>
	 <bd9320b30907141258s3986541ci30c1ca8088dd1913@mail.gmail.com>
	 <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com>
	 <bd9320b30907141319p752b69afia24997e049ef74e5@mail.gmail.com>
Message-ID: <77432c470907141324y568d1069mcd0e6c1cb6350e18@mail.gmail.com>

Thanks Maxim and Michael, I got it.

On Tue, Jul 14, 2009 at 4:19 PM, Michael Shadle <mike503 at gmail.com> wrote:

> http://marc.info/?l=nginx&m=124747329127204&w=2
> http://marc.info/?l=nginx&m=124747239025852&w=2
> http://marc.info/?l=nginx&m=124747216625615&w=2
>
> On Tue, Jul 14, 2009 at 1:06 PM, Ilan Berkner<iberkner at gmail.com> wrote:
> > If you can point it out to me... I searched, can't find it.
> >
> > On Tue, Jul 14, 2009 at 3:58 PM, Michael Shadle <mike503 at gmail.com>
> wrote:
> >>
> >> someone just posted a config example in the past couple days about this
> >>
> >> On Tue, Jul 14, 2009 at 11:14 AM, Ilan Berkner<iberkner at gmail.com>
> wrote:
> >> >
> >> >
> >>
> >
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090714/6fc013e4/attachment.html>

From mike503 at gmail.com  Wed Jul 15 00:25:00 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Tue, 14 Jul 2009 13:25:00 -0700
Subject: setting up ssl ... can the same server section listen on both 
	ports 80 and 443 or do I need to setup a separate server section?
In-Reply-To: <20090714201643.GY67302@mdounin.ru>
References: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com>
	 <bd9320b30907141258s3986541ci30c1ca8088dd1913@mail.gmail.com>
	 <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com>
	 <20090714201643.GY67302@mdounin.ru>
Message-ID: <bd9320b30907141325s4673c222hef4e2e0e3caa05f7@mail.gmail.com>

ideally it would be listen 1.2.3.4:443 default ssl; right?

otherwise this block will be the default ssl host for anything else unmatched.

i typically use ip:443 in all my ssl stuff to ensure i am only going
to serve up the cert on the proper sites anyway.

On Tue, Jul 14, 2009 at 1:16 PM, Maxim Dounin<mdounin at mdounin.ru> wrote:
> Hello!
>
> On Tue, Jul 14, 2009 at 04:06:57PM -0400, Ilan Berkner wrote:
>
>> If you can point it out to me... I searched, can't find it.
>
> http://wiki.nginx.org/NginxHttpCoreModule#listen
>
> server {
> ? ?listen 80;
> ? ?listen 443 default ssl;
>
> ? ?...
> }
>
> Maxim Dounin
>
>
>>
>> On Tue, Jul 14, 2009 at 3:58 PM, Michael Shadle <mike503 at gmail.com> wrote:
>>
>> > someone just posted a config example in the past couple days about this
>> >
>> > On Tue, Jul 14, 2009 at 11:14 AM, Ilan Berkner<iberkner at gmail.com> wrote:
>> > >
>> > >
>> >
>> >
>
>




From iberkner at gmail.com  Wed Jul 15 00:33:01 2009
From: iberkner at gmail.com (Ilan Berkner)
Date: Tue, 14 Jul 2009 16:33:01 -0400
Subject: setting up ssl ... can the same server section listen on both 
	ports 80 and 443 or do I need to setup a separate server section?
In-Reply-To: <bd9320b30907141325s4673c222hef4e2e0e3caa05f7@mail.gmail.com>
References: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com>
	 <bd9320b30907141258s3986541ci30c1ca8088dd1913@mail.gmail.com>
	 <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com>
	 <20090714201643.GY67302@mdounin.ru>
	 <bd9320b30907141325s4673c222hef4e2e0e3caa05f7@mail.gmail.com>
Message-ID: <77432c470907141333j7ff79f78y3eb0286184fc2df8@mail.gmail.com>

That's the way I'll set it up.

I specify IP as well.


On Tue, Jul 14, 2009 at 4:25 PM, Michael Shadle <mike503 at gmail.com> wrote:

> ideally it would be listen 1.2.3.4:443 default ssl; right?
>
> otherwise this block will be the default ssl host for anything else
> unmatched.
>
> i typically use ip:443 in all my ssl stuff to ensure i am only going
> to serve up the cert on the proper sites anyway.
>
> On Tue, Jul 14, 2009 at 1:16 PM, Maxim Dounin<mdounin at mdounin.ru> wrote:
> > Hello!
> >
> > On Tue, Jul 14, 2009 at 04:06:57PM -0400, Ilan Berkner wrote:
> >
> >> If you can point it out to me... I searched, can't find it.
> >
> > http://wiki.nginx.org/NginxHttpCoreModule#listen
> >
> > server {
> >    listen 80;
> >    listen 443 default ssl;
> >
> >    ...
> > }
> >
> > Maxim Dounin
> >
> >
> >>
> >> On Tue, Jul 14, 2009 at 3:58 PM, Michael Shadle <mike503 at gmail.com>
> wrote:
> >>
> >> > someone just posted a config example in the past couple days about
> this
> >> >
> >> > On Tue, Jul 14, 2009 at 11:14 AM, Ilan Berkner<iberkner at gmail.com>
> wrote:
> >> > >
> >> > >
> >> >
> >> >
> >
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090714/4301e6af/attachment.html>

From maccaday at gmail.com  Wed Jul 15 00:56:27 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Tue, 14 Jul 2009 23:56:27 +0300
Subject: Why u_char* not char*
In-Reply-To: <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com>
References: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com>	 <bd9320b30907141258s3986541ci30c1ca8088dd1913@mail.gmail.com> <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com>
Message-ID: <4A5CF0FB.1040409@gmail.com>

Hi,

Why are strings in Nginx stored as u_char*'s and not char*'s pointers?  
What's the advantage?

Thanks,

Marcus.




From lists at ruby-forum.com  Wed Jul 15 01:17:31 2009
From: lists at ruby-forum.com (Luka Horvatic)
Date: Tue, 14 Jul 2009 23:17:31 +0200
Subject: A few questions
Message-ID: <8c3b46bcf0e53298829c2153767cd5d6@ruby-forum.com>

First,for some reason virtual host which i create,i always get error
403.I tried many things,from chowing to various owners and other,until i
found temporal solution-i created copy of html directory(which is
created during install and which working fine) called bla,and pointed
domain to bla directory and then it worked.But this is problematic since
all files are in home directory,which means i will need to copy all of
them into /usr/local/nginx/.
Also what is problem is with alias,i have a script which is located at
/home/ also and that again causing that 403 error since it's not located
in /usr/local/nginx.I tried to make it work by creating symbolic link
but that didn't worked.Seems only solution would be to copy script to
nginx directory which will require a lot of file editing because of
location change.

Also there is a problem with domain alias-*.domain.com not working at
all,nor 1.domain.com.If i have *.domain.com instead domain.com,then i
get 404 error on directory alias,while it works on www.

How do i enable hotlink blank protection for images,where images can be
loaded only by specified domains and direct access?

And how to rewrite following  apache rule:
RewriteEngine on
RewriteRule ^directory/(.*)$ /st/st.php?%{QUERY_STRING}
I using latest stable version,and i think same problems was on latest
legacy version too.

Here is my server section of domain:
server {
        listen       81;
        server_name  www.domain.com *.domain.com ;

        #charset koi8-r;

        #access_log  logs/host.access.log  main;

        location / {
            root   bla;
            index  index.php index.html index.htm;
        }
     location    /TC/ {
         alias  /home/tradecontrol/client/;
     }

        #error_page  404              /404.html;

        # redirect server error pages to the static page /50x.html
        #
        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   bla;
        }

        # proxy the PHP scripts to Apache listening on 127.0.0.1:80
        #
        #location ~ \.php$ {
        #    proxy_pass   http://127.0.0.1;
        #}

        # pass the PHP scripts to FastCGI server listening on
127.0.0.1:9000
        #
        location ~ \.php$ {
            root           bla;
            fastcgi_pass   127.0.0.1:9000;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME
/usr/local/nginx/bla$fastcgi_script_name;
            include        fastcgi_params;
        }

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #    deny  all;
        #}
    }
-- 
Posted via http://www.ruby-forum.com/.




From merlincorey at dc949.org  Wed Jul 15 01:33:57 2009
From: merlincorey at dc949.org (merlin corey)
Date: Tue, 14 Jul 2009 14:33:57 -0700
Subject: parsing special characters
In-Reply-To: <52d8feb90907141137o524c8851k96302f6c6dc25673@mail.gmail.com>
References: <52d8feb90907141137o524c8851k96302f6c6dc25673@mail.gmail.com>
Message-ID: <e0af94b80907141433g21c174d7n9eca206b4bb9b5b6@mail.gmail.com>

Asif,

I am sorry, I am confused.  Would you like to encode the string/URI
for example to use in a rewrite directive, or do you want to decode it
for use in a regular expression capture?

Thanks,
Merlin

On Tue, Jul 14, 2009 at 11:37 AM, Asif Ali<azifali at gmail.com> wrote:
> Dear All,
> How does one escape URL based special characters in nginx?
> To give you an example
> a domain can get requests which passes the urls from another domain...
> For e.g.
> http://mydomain.com/u=http://anotherdomain.com/someurl/%7c
> the u paramter can contain special chacters from another url
> Suggestions are welcome. Thanks in advance
> regards
> Asif Ali
>




From merlincorey at dc949.org  Wed Jul 15 01:37:58 2009
From: merlincorey at dc949.org (merlin corey)
Date: Tue, 14 Jul 2009 14:37:58 -0700
Subject: Cache questions
In-Reply-To: <4A5CDB21.5020809@gmail.com>
References: <4A57D142.2070501@gmail.com> <20090713114840.GE9584@rambler-co.ru>
	 <4A5B92BE.60002@gmail.com> <20090713201746.GE15437@rambler-co.ru>
	 <4A5BD50F.1020705@gmail.com> <20090714022959.GR67302@mdounin.ru>
	 <4A5BF6EE.4080306@gmail.com> <20090714052139.GA27340@rambler-co.ru>
	 <4A5C877E.30704@gmail.com> <4A5CDB21.5020809@gmail.com>
Message-ID: <e0af94b80907141437o7d1307e3r54743edb7eba6710@mail.gmail.com>

COUNTING made good sense to me and was suitably succinct, and I have
no proble with MISSED-NOTCACHED or MISSED-NC.  UNCACHED seems good
too, but it could be confusing some new (and old) that this means it
was removed from cache, I think.

2009/7/14 Marcus Clyne <maccaday at gmail.com>:
> Jim Ohlstein wrote:
>>
>>
>> Igor Sysoev wrote:
>>>
>>> On Mon, Jul 13, 2009 at 11:09:34PM -0400, Jim Ohlstein wrote:
>>>
>>>
>>>>
>>>> It is now logging "HIT" or "MISS" for each request in that location
>>>> block.
>>>>
>>>> It is safe to assume that with fastcgi_cache_min_uses set at 2 that for
>>>> every first miss shared memory is allocated, that the file is written to the
>>>> cache on the second miss, and that each logged "hit" is an actual serve from
>>>> the cache (third and subsequent requests for the file)?
>>>>
>>>
>>> Yes. Currently, there are "MISS", "EXPIRED", "STALE", "UPDATING", and
>>> "HIT"
>>> states. If you will think out a good name for state when miss is just
>>> counted,
>>> but not cached, I will make this state.
>>>
>>>
>>>
>>
>> "MISS-NOT_CACHED" ?fairly well tells the story, if it's not too long.
>> Otherwise ?"MISS-NC".
>>
>> Or perhaps "MISS-COUNTING".
>>
>> Jim
>>
>>
> How about "UNCACHED"?
>
> Marcus
>
>




From merlincorey at dc949.org  Wed Jul 15 01:40:50 2009
From: merlincorey at dc949.org (merlin corey)
Date: Tue, 14 Jul 2009 14:40:50 -0700
Subject: Why u_char* not char*
In-Reply-To: <4A5CF0FB.1040409@gmail.com>
References: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com>
	 <bd9320b30907141258s3986541ci30c1ca8088dd1913@mail.gmail.com>
	 <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com>
	 <4A5CF0FB.1040409@gmail.com>
Message-ID: <e0af94b80907141440i7dda5962md8d4ca9121a92b34@mail.gmail.com>

Hi,

What's the difference in storage of these types in memory?

Thanks,
Merlin

On Tue, Jul 14, 2009 at 1:56 PM, Marcus Clyne<maccaday at gmail.com> wrote:
> Hi,
>
> Why are strings in Nginx stored as u_char*'s and not char*'s pointers?
> ?What's the advantage?
>
> Thanks,
>
> Marcus.
>
>




From nginx at tomvalentine.net  Wed Jul 15 01:47:04 2009
From: nginx at tomvalentine.net (nginx at tomvalentine.net)
Date: Tue, 14 Jul 2009 22:47:04 +0100
Subject: auth_basic password problems
Message-ID: <4A5CFCD8.1040204@tomvalentine.net>

Hi

The authentication on windows now seems to work, to an extent. No more 
500 errors! --> thanks!

However, I can not seem to get it to recognise the password supplied by 
the user unless the user supplies the hashed password.

The attached htpasswd file was created by htpasswd in Linux (htpasswd in 
Windows doesn't do crypt); and nginx 0.6.32 running in Linux has no 
problems with it. But nginx 0.8.5 in Vista wont accept 'password' as the 
password, it will only accept 'xGtGE5iXWkYCI'

E.g.
   htpasswd -db /var/www/.htpasswd nginx2 password
produced
   nginx2:xGtGE5iXWkYCI
and nginx accepts not 'password' but 'xGtGE5iXWkYCI' in Windows.

Sorry, couldn't be bothered compiling nginx for Linux (I need sleep now) 
to see if it was Windows specific or version specific.

Any ideas?
Tom
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: .htpasswd.txt
URL: <http://nginx.org/pipermail/nginx/attachments/20090714/1abdead7/attachment.txt>

From maccaday at gmail.com  Wed Jul 15 02:02:48 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Wed, 15 Jul 2009 01:02:48 +0300
Subject: Why u_char* not char*
In-Reply-To: <e0af94b80907141440i7dda5962md8d4ca9121a92b34@mail.gmail.com>
References: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com>	 <bd9320b30907141258s3986541ci30c1ca8088dd1913@mail.gmail.com>	 <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com>	 <4A5CF0FB.1040409@gmail.com> <e0af94b80907141440i7dda5962md8d4ca9121a92b34@mail.gmail.com>
Message-ID: <4A5D0088.4000101@gmail.com>

Hi,

merlin corey wrote:
> What's the difference in storage of these types in memory?
>   
AFAIK, none - u_char is just an unsigned char.  I can't see why any 
system would store them differently and I'm guessing that type 
conversion would be a noop on every system (though I'd be interested to 
hear of any evidence otherwise).

How they are treated when representing them as numbers or when they're 
involved with any kind of mathematical operations would be different, 
though (in general).

The pain in using u_char* for strings vs char* is that you often have to 
deal with typecasting when interacting with other functions, 
reading/writing etc.  It's much rarer that other functions (especially 
system ones) deal with u_char's rather than char's.

I was wondering why bother with the extra hassle.  I'm guessing there's 
a reason why Igor chose them over char*'s, but I don't know what it is.

Cheers,

Marcus.




From nunomagalhaes at eu.ipp.pt  Wed Jul 15 02:07:02 2009
From: nunomagalhaes at eu.ipp.pt (=?UTF-8?Q?Nuno_Magalh=C3=A3es?=)
Date: Tue, 14 Jul 2009 23:07:02 +0100
Subject: A few questions
In-Reply-To: <8c3b46bcf0e53298829c2153767cd5d6@ruby-forum.com>
References: <8c3b46bcf0e53298829c2153767cd5d6@ruby-forum.com>
Message-ID: <6b1504c40907141507q2bcee998re6c3cc237b0e3e1c@mail.gmail.com>

On Tue, Jul 14, 2009 at 22:17, Luka Horvatic<lists at ruby-forum.com> wrote:
> First,for some reason virtual host which i create,i always get error
> 403. [...]

About your first paragraph:
The HTTP 403 Forbidden, as you've already undoubtedly searched, means
the server won't let the client access that resource. One common issue
is permissions indeed: did you try to 777 everything, including the
pertaining directory? Another problem is accessing directories
(domain.com/foo/) that do not have an index.* file. If the server is
configured not to list the contents of that directory, it'll send 403.

server {
       listen       81;
       server_name  www.domain.com *.domain.com ;

You don't need the *.

       location / {
           root   bla;

Should be root /bla, starting from your system's /

RTFM the rest

-- 
()  ascii ribbon campaign - against html e-mail
/\  ascii-rubanda kampajno - kontra? html-a retpo?to




From rhodes.daniel at gmail.com  Wed Jul 15 02:41:58 2009
From: rhodes.daniel at gmail.com (Daniel Rhodes)
Date: Tue, 14 Jul 2009 15:41:58 -0700
Subject: Problem with flv module in Ubuntu
Message-ID: <2f2bd9a50907141541p21d3e63dl97b273b1e945c24e@mail.gmail.com>

Hello,

I have installed Nginx from source (tried both version 0.7.47 and
0.7.61) on an Ubuntu Hardy 64-bit machine, and in both cases, the flv
module does not work. I am using the JW Player to stream the files and
it only sends one query string parameter, which is what is supposed to
work with Nginx's FLV module.

When I try seeking, I get this response:

2009/07/14 18:29:40 [info] 31340#0: *644 client closed prematurely
connection while sending response to client, client: 98.210.13.200,
server: xxxxxx, request: "GET /content/b/6/88860.flv?start=10482045
HTTP/1.1", host: "xxxxxx"

The config file is:

location ~* ^.+.(flv)$ {
        root             /opt/www/html;
        gzip            off;
        expires       30d;
        limit_rate 500k;
        flv;
}

The configure information is:

nginx version: nginx/0.7.47
built by gcc 4.2.4 (Ubuntu 4.2.4-1ubuntu3)
configure arguments: --with-http_flv_module --prefix=/usr/local
--with-http_gzip_static_module --with-poll_module
--with-http_secure_link_module --with-http_stub_status_module


Any help would be much appreciated!

Thanks,

Dan




From mohammad_ysm at yahoo.com  Wed Jul 15 04:01:31 2009
From: mohammad_ysm at yahoo.com (Mohammad Kolahdouzan)
Date: Tue, 14 Jul 2009 17:01:31 -0700 (PDT)
Subject: configuration for proxy_pass/upstream combination
In-Reply-To: <16b7ceee0906041611r704c24fficc8ff71ba87298a5@mail.gmail.com>
References: <16b7ceee0906041611r704c24fficc8ff71ba87298a5@mail.gmail.com>
Message-ID: <662723.57598.qm@web110105.mail.gq1.yahoo.com>


I have my own module in which when a request is sent to
/mymodule, it'll initiate a new
subrequest to "/a1" and passes a bunch of new arguments to it. As an
example, a call to "http://localhost/mymodule" will generate a
subrequest like "http://a.com/?x=1&y=2"
I have a config similar to the following to support that :

server {
  location /mymodule {
    my_module;
  }
  location /a1 {
    proxy_pass  http://a.com/;
  }
}


Now the issue that I have is when I want to add redundancy. If I change the config file to something similar to the following:

upstream server1{
  server http://a.com;
  server http://b.com;
}
server {
  location /mymodule {
    my_module;
  }
  location /a1 {
    proxy_pass  http://server1;
  }
}

then a request to "http://localhost/mymodule" will generate a subrequest like "http://a.com/a1/?x=1&y=1". I am wondering what it is that I am doing wrong which adds "/a1/" to the subrequest to upstream.

Thanks,
-M


      
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090714/adf767d6/attachment.html>

From mdounin at mdounin.ru  Wed Jul 15 05:41:14 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 15 Jul 2009 05:41:14 +0400
Subject: Why u_char* not char*
In-Reply-To: <4A5CF0FB.1040409@gmail.com>
References: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com> <bd9320b30907141258s3986541ci30c1ca8088dd1913@mail.gmail.com> <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com> <4A5CF0FB.1040409@gmail.com>
Message-ID: <20090715014113.GZ67302@mdounin.ru>

Hello!

On Tue, Jul 14, 2009 at 11:56:27PM +0300, Marcus Clyne wrote:

> Hi,
>
> Why are strings in Nginx stored as u_char*'s and not char*'s pointers?   
> What's the advantage?

I'm not sure why Igor choose it, but there are at least several 
reasons to use 'unsigned char' (aka u_char) instead of 'char' 
(which may be either signed or unsigned):

- Constructs like

    u_char   map[] = { 0, 0, 0, 1, 1, ... };
    u_char  *p;

    ...

    if (map[*p]) { ... }

  work as expected for all possible character values without any 
  extra typecasting.

- Comparision works in predictable way.  And you will get (mostly) 
  reasonable sorting on any arbitraty data even without collation 
  support.

- Overflow behaviour undefined for signed types, and bitwise 
  operators are undefined for negative values.

So basically if you deal with abitrary byte streams in some 
arbitrary way as nginx do - 'unsigned char' is better choice.

Maxim Dounin

p.s. It's really good idea to start new thread for unrelated 
questions.




From mdounin at mdounin.ru  Wed Jul 15 05:55:03 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 15 Jul 2009 05:55:03 +0400
Subject: configuration for proxy_pass/upstream combination
In-Reply-To: <662723.57598.qm@web110105.mail.gq1.yahoo.com>
References: <16b7ceee0906041611r704c24fficc8ff71ba87298a5@mail.gmail.com> <662723.57598.qm@web110105.mail.gq1.yahoo.com>
Message-ID: <20090715015502.GA67302@mdounin.ru>

Hello!

On Tue, Jul 14, 2009 at 05:01:31PM -0700, Mohammad Kolahdouzan wrote:

> 
> I have my own module in which when a request is sent to
> /mymodule, it'll initiate a new
> subrequest to "/a1" and passes a bunch of new arguments to it. As an
> example, a call to "http://localhost/mymodule" will generate a
> subrequest like "http://a.com/?x=1&y=2"
> I have a config similar to the following to support that :
> 
> server {
>   location /mymodule {
>     my_module;
>   }
>   location /a1 {
>     proxy_pass  http://a.com/;
>   }
> }
> 
> 
> Now the issue that I have is when I want to add redundancy. If I change the config file to something similar to the following:
> 
> upstream server1{
>   server http://a.com;
>   server http://b.com;
> }
> server {
>   location /mymodule {
>     my_module;
>   }
>   location /a1 {
>     proxy_pass  http://server1;

-     proxy_pass  http://server1;
+     proxy_pass  http://server1/;

See http://wiki.nginx.org/NginxHttpProxyModule#proxy_pass for 
details.

Maxim Dounin


>   }
> }
> 
> then a request to "http://localhost/mymodule" will generate a subrequest like "http://a.com/a1/?x=1&y=1". I am wondering what it is that I am doing wrong which adds "/a1/" to the subrequest to upstream.
> 
> Thanks,
> -M
> 
> 
>       




From is at rambler-co.ru  Wed Jul 15 11:06:12 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 15 Jul 2009 11:06:12 +0400
Subject: Why u_char* not char*
In-Reply-To: <20090715014113.GZ67302@mdounin.ru>
References: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com> <bd9320b30907141258s3986541ci30c1ca8088dd1913@mail.gmail.com> <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com> <4A5CF0FB.1040409@gmail.com> <20090715014113.GZ67302@mdounin.ru>
Message-ID: <20090715070612.GD51384@rambler-co.ru>

On Wed, Jul 15, 2009 at 05:41:14AM +0400, Maxim Dounin wrote:

> Hello!
> 
> On Tue, Jul 14, 2009 at 11:56:27PM +0300, Marcus Clyne wrote:
> 
> > Hi,
> >
> > Why are strings in Nginx stored as u_char*'s and not char*'s pointers?   
> > What's the advantage?
> 
> I'm not sure why Igor choose it, but there are at least several 
> reasons to use 'unsigned char' (aka u_char) instead of 'char' 
> (which may be either signed or unsigned):
> 
> - Constructs like
> 
>     u_char   map[] = { 0, 0, 0, 1, 1, ... };
>     u_char  *p;
> 
>     ...
> 
>     if (map[*p]) { ... }
> 
>   work as expected for all possible character values without any 
>   extra typecasting.
> 
> - Comparision works in predictable way.  And you will get (mostly) 
>   reasonable sorting on any arbitraty data even without collation 
>   support.
> 
> - Overflow behaviour undefined for signed types, and bitwise 
>   operators are undefined for negative values.
> 
> So basically if you deal with abitrary byte streams in some 
> arbitrary way as nginx do - 'unsigned char' is better choice.

Yes. I prefer to think about 'char *' as character stream (which are
unsigned by nature), but not as to a stream of small range singed
intergers. This way makes evident the comparisions, bitwise operations, etc.
However, this way requires typecasts in trivial cases, e.g.:

      u_char *p = (u_char *) "text";

But these cases are really trivial (as against to comparisons,
bitwise operations, etc.), are easy catched by compilers, and these
typecasts are just syntax sugar.


-- 
Igor Sysoev
http://sysoev.ru/en/




From maccaday at gmail.com  Wed Jul 15 14:13:04 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Wed, 15 Jul 2009 13:13:04 +0300
Subject: Why u_char* not char*
In-Reply-To: <20090715070612.GD51384@rambler-co.ru>
References: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com> <bd9320b30907141258s3986541ci30c1ca8088dd1913@mail.gmail.com> <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com> <4A5CF0FB.1040409@gmail.com> <20090715014113.GZ67302@mdounin.ru> <20090715070612.GD51384@rambler-co.ru>
Message-ID: <4A5DABB0.7020303@gmail.com>

Igor Sysoev wrote:
> On Wed, Jul 15, 2009 at 05:41:14AM +0400, Maxim Dounin wrote:
>
>   
>> Hello!
>>
>> On Tue, Jul 14, 2009 at 11:56:27PM +0300, Marcus Clyne wrote:
>>
>>     
>>> Hi,
>>>
>>> Why are strings in Nginx stored as u_char*'s and not char*'s pointers?   
>>> What's the advantage?
>>>       
>> I'm not sure why Igor choose it, but there are at least several 
>> reasons to use 'unsigned char' (aka u_char) instead of 'char' 
>> (which may be either signed or unsigned):
>>
>> - Constructs like
>>
>>     u_char   map[] = { 0, 0, 0, 1, 1, ... };
>>     u_char  *p;
>>
>>     ...
>>
>>     if (map[*p]) { ... }
>>
>>   work as expected for all possible character values without any 
>>   extra typecasting.
>>
>> - Comparision works in predictable way.  And you will get (mostly) 
>>   reasonable sorting on any arbitraty data even without collation 
>>   support.
>>
>> - Overflow behaviour undefined for signed types, and bitwise 
>>   operators are undefined for negative values.
>>
>> So basically if you deal with abitrary byte streams in some 
>> arbitrary way as nginx do - 'unsigned char' is better choice.
>>     
>
> Yes. I prefer to think about 'char *' as character stream (which are
> unsigned by nature), but not as to a stream of small range singed
> intergers. This way makes evident the comparisions, bitwise operations, etc.
> However, this way requires typecasts in trivial cases, e.g.:
>
>       u_char *p = (u_char *) "text";
>
> But these cases are really trivial (as against to comparisons,
> bitwise operations, etc.), are easy catched by compilers, and these
> typecasts are just syntax sugar.
>
>   

Thanks for the info (both of you).

Marcus.




From merlincorey at dc949.org  Wed Jul 15 15:57:15 2009
From: merlincorey at dc949.org (merlin corey)
Date: Wed, 15 Jul 2009 04:57:15 -0700
Subject: Why u_char* not char*
In-Reply-To: <4A5DABB0.7020303@gmail.com>
References: <77432c470907141114w7fbe080fj3e3608216138c813@mail.gmail.com>
	 <bd9320b30907141258s3986541ci30c1ca8088dd1913@mail.gmail.com>
	 <77432c470907141306s18aafc01i3cc320e6b251317c@mail.gmail.com>
	 <4A5CF0FB.1040409@gmail.com> <20090715014113.GZ67302@mdounin.ru>
	 <20090715070612.GD51384@rambler-co.ru> <4A5DABB0.7020303@gmail.com>
Message-ID: <e0af94b80907150457x4b8dc8er35b2fb727f2382b5@mail.gmail.com>

Indeed, it was illuminating!

Thanks,
Merlin




From miles at tinyapps.org  Wed Jul 15 20:25:56 2009
From: miles at tinyapps.org (TinyApps.Org)
Date: Wed, 15 Jul 2009 06:25:56 -1000
Subject: Redirect loop / too many redirects
Message-ID: <57B78091-3ED0-4DBC-988F-E64A4C01F212@tinyapps.org>

I am trying to redirect all requests for

/weblog/index.rss

to

/weblog/index.rss20

with this rule:

location /weblog/index.rss { rewrite /weblog/index.rss /weblog/ 
index.rss20 permanent; }

but I end up with an error message in the browser like:

Safari: Too many redirects occurred trying to open ?feed://example.org/weblog/index.rss 
?. This might occur if you open a page that is redirected to open  
another page which then is redirected to open the original page.

Firefox: Redirect Loop - Firefox has detected that the server is  
redirecting the request for this address in a way that will never  
complete.

All other redirect rules work - any idea why this one would fail?





From gmm at csdoc.com  Wed Jul 15 21:02:27 2009
From: gmm at csdoc.com (Gena Makhomed)
Date: Wed, 15 Jul 2009 20:02:27 +0300
Subject: Redirect loop / too many redirects
In-Reply-To: <57B78091-3ED0-4DBC-988F-E64A4C01F212@tinyapps.org>
References: <57B78091-3ED0-4DBC-988F-E64A4C01F212@tinyapps.org>
Message-ID: <664722396.20090715200227@csdoc.com>

On Wednesday, July 15, 2009 at 19:25:56, TinyApps.Org wrote:

TO> location /weblog/index.rss {
TO>     rewrite /weblog/index.rss /weblog/index.rss20 permanent;
TO> }

location = /weblog/index.rss {
    rewrite ^ /weblog/index.rss20 permanent;
}

TO> Firefox: Redirect Loop - Firefox has detected that the server is
TO> redirecting the request for this address in a way that will never  
TO> complete.

TO> All other redirect rules work - any idea why this one would fail?

url "/weblog/index.rss20" was matched by location "/weblog/index.rss"

location syntax: http://wiki.nginx.org/NginxHttpCoreModule#location

-- 
Best regards,
 Gena





From miles at tinyapps.org  Wed Jul 15 21:26:35 2009
From: miles at tinyapps.org (TinyApps.Org)
Date: Wed, 15 Jul 2009 07:26:35 -1000
Subject: Redirect loop / too many redirects
In-Reply-To: <664722396.20090715200227@csdoc.com>
References: <57B78091-3ED0-4DBC-988F-E64A4C01F212@tinyapps.org> <664722396.20090715200227@csdoc.com>
Message-ID: <43286079-5C19-4249-8DA8-824434B25AE6@tinyapps.org>

Awesome - thanks so much for the answer, Gena!
Just adding the equal sign after "location" did
the trick!

One last question: is the caret after "rewrite"
required? I read the location syntax page but
still was not clear on what function the caret
would serve when it follows "location = wherever
{ rewrite..."

Yours Gratefully,

Miles


On Jul 15, 2009, at 7:02 AM, Gena Makhomed wrote:

> On Wednesday, July 15, 2009 at 19:25:56, TinyApps.Org wrote:
>
> TO> location /weblog/index.rss {
> TO>     rewrite /weblog/index.rss /weblog/index.rss20 permanent;
> TO> }
>
> location = /weblog/index.rss {
>    rewrite ^ /weblog/index.rss20 permanent;
> }
>
> TO> Firefox: Redirect Loop - Firefox has detected that the server is
> TO> redirecting the request for this address in a way that will never
> TO> complete.
>
> TO> All other redirect rules work - any idea why this one would fail?
>
> url "/weblog/index.rss20" was matched by location "/weblog/index.rss"
>
> location syntax: http://wiki.nginx.org/NginxHttpCoreModule#location
>
> -- 
> Best regards,
> Gena
>
>





From gmm at csdoc.com  Wed Jul 15 22:06:52 2009
From: gmm at csdoc.com (Gena Makhomed)
Date: Wed, 15 Jul 2009 21:06:52 +0300
Subject: Redirect loop / too many redirects
In-Reply-To: <43286079-5C19-4249-8DA8-824434B25AE6@tinyapps.org>
References: <57B78091-3ED0-4DBC-988F-E64A4C01F212@tinyapps.org> <664722396.20090715200227@csdoc.com> <43286079-5C19-4249-8DA8-824434B25AE6@tinyapps.org>
Message-ID: <2910337946.20090715210652@csdoc.com>

On Wednesday, July 15, 2009 at 20:26:35, TinyApps.Org wrote:

TO> Just adding the equal sign after "location" did the trick!
TO> One last question: is the caret after "rewrite" required?

>> location = /weblog/index.rss {
>>    rewrite ^ /weblog/index.rss20 permanent;
>> }

caret is regexp. ( ^ Match the beginning of the line )

http://perldoc.perl.org/perlre.html#Regular-Expressions

yes, regexp here required by rewrite syntax:

    rewrite regex replacement flag

http://wiki.nginx.org/NginxHttpRewriteModule#rewrite

-- 
Best regards,
 Gena





From maccaday at gmail.com  Wed Jul 15 23:13:26 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Wed, 15 Jul 2009 22:13:26 +0300
Subject: Best way to get $request_filename
In-Reply-To: <43286079-5C19-4249-8DA8-824434B25AE6@tinyapps.org>
References: <57B78091-3ED0-4DBC-988F-E64A4C01F212@tinyapps.org> <664722396.20090715200227@csdoc.com> <43286079-5C19-4249-8DA8-824434B25AE6@tinyapps.org>
Message-ID: <4A5E2A56.4070006@gmail.com>

Hi,

What's the best way to get the variable $request_filename from a custom 
module?

Currently I save the index of the $request_filename variable and call 
ngx_http_get_indexed_variable (r, request_filename_var_index), but is 
there a better way?

Thanks,

Marcus.




From mdounin at mdounin.ru  Wed Jul 15 23:37:56 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 15 Jul 2009 23:37:56 +0400
Subject: Best way to get $request_filename
In-Reply-To: <4A5E2A56.4070006@gmail.com>
References: <57B78091-3ED0-4DBC-988F-E64A4C01F212@tinyapps.org> <664722396.20090715200227@csdoc.com> <43286079-5C19-4249-8DA8-824434B25AE6@tinyapps.org> <4A5E2A56.4070006@gmail.com>
Message-ID: <20090715193756.GC1050@mdounin.ru>

Hello!

On Wed, Jul 15, 2009 at 10:13:26PM +0300, Marcus Clyne wrote:

> Hi,
>
> What's the best way to get the variable $request_filename from a custom  
> module?
>
> Currently I save the index of the $request_filename variable and call  
> ngx_http_get_indexed_variable (r, request_filename_var_index), but is  
> there a better way?

If you need variable - using indexed one is the best choise.

For request filename you may want to consider using 
ngx_http_map_uri_to_path() directly though.  See static module (or 
gzip static, or flv, or request_filename variable get handler code) 
for examples.

Maxim Dounin




From maccaday at gmail.com  Thu Jul 16 02:28:13 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Thu, 16 Jul 2009 01:28:13 +0300
Subject: Best way to get $request_filename
In-Reply-To: <20090715193756.GC1050@mdounin.ru>
References: <57B78091-3ED0-4DBC-988F-E64A4C01F212@tinyapps.org> <664722396.20090715200227@csdoc.com> <43286079-5C19-4249-8DA8-824434B25AE6@tinyapps.org> <4A5E2A56.4070006@gmail.com> <20090715193756.GC1050@mdounin.ru>
Message-ID: <4A5E57FD.7080603@gmail.com>

Maxim Dounin wrote:
> Hello!
>
> On Wed, Jul 15, 2009 at 10:13:26PM +0300, Marcus Clyne wrote:
>
>   
>> Hi,
>>
>> What's the best way to get the variable $request_filename from a custom  
>> module?
>>
>> Currently I save the index of the $request_filename variable and call  
>> ngx_http_get_indexed_variable (r, request_filename_var_index), but is  
>> there a better way?
>>     
>
> If you need variable - using indexed one is the best choise.
>
> For request filename you may want to consider using 
> ngx_http_map_uri_to_path() directly though.  See static module (or 
> gzip static, or flv, or request_filename variable get handler code) 
> for examples.
>
> Maxim Dounin
>   
Thanks.




From maccaday at gmail.com  Thu Jul 16 03:25:28 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Thu, 16 Jul 2009 02:25:28 +0300
Subject: Daemon directory string
In-Reply-To: <20090715193756.GC1050@mdounin.ru>
References: <57B78091-3ED0-4DBC-988F-E64A4C01F212@tinyapps.org> <664722396.20090715200227@csdoc.com> <43286079-5C19-4249-8DA8-824434B25AE6@tinyapps.org> <4A5E2A56.4070006@gmail.com> <20090715193756.GC1050@mdounin.ru>
Message-ID: <4A5E6568.7000307@gmail.com>

Hi,

What's the best way to get the path of the directory that nginx was 
called from (as part of module development)?  Is this stored in a string 
somewhere?

Thanks,

Marcus.




From mdounin at mdounin.ru  Thu Jul 16 05:21:16 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 16 Jul 2009 05:21:16 +0400
Subject: Daemon directory string
In-Reply-To: <4A5E6568.7000307@gmail.com>
References: <57B78091-3ED0-4DBC-988F-E64A4C01F212@tinyapps.org> <664722396.20090715200227@csdoc.com> <43286079-5C19-4249-8DA8-824434B25AE6@tinyapps.org> <4A5E2A56.4070006@gmail.com> <20090715193756.GC1050@mdounin.ru> <4A5E6568.7000307@gmail.com>
Message-ID: <20090716012116.GD1050@mdounin.ru>

Hello!

On Thu, Jul 16, 2009 at 02:25:28AM +0300, Marcus Clyne wrote:

> Hi,
>
> What's the best way to get the path of the directory that nginx was  
> called from (as part of module development)?  Is this stored in a string  
> somewhere?

No.  You should use ngx_conf_full_name() to resolve paths to 
absolute ones.  It uses cycle->prefix (or cycle->conf_prefix), and 
this in turn is set to startup directory if there is no prefix 
(either compiled in or specified via -p switch).

Maxim Dounin




From nginx-forum at nginx.us  Thu Jul 16 09:31:22 2009
From: nginx-forum at nginx.us (gerryw)
Date: Thu, 16 Jul 2009 01:31:22 -0400
Subject: FastCGI application not receiving multi-part data
Message-ID: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>

Hello All,

I'm working on a FastCGI application the needs to support file upload. When a file is uploaded the FastCGI program is not receiving any data or envp other than METHOD. I think I have configured FastCGI correctly in the nginx config file, because other form submissions work.  Can anyone give me an idea what I could check?

nginx version: latest
FastCGI version: latest


Thanks,
Gerry

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4091,4091#msg-4091





From rhodes.daniel at gmail.com  Thu Jul 16 11:17:05 2009
From: rhodes.daniel at gmail.com (Daniel Rhodes)
Date: Thu, 16 Jul 2009 00:17:05 -0700
Subject: FastCGI application not receiving multi-part data
In-Reply-To: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
References: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
Message-ID: <2f2bd9a50907160017r2dc77dddgecefd4324cb50f77@mail.gmail.com>

Is your FastCGI running on a socket or a port? On Linux, it should be
a socket (e.g. unix:/tmp/php.sock) , but on FreeBSD it should be a
port (e.g. 127.0.0.1:60000). I found this to be the cause of uploads
not being passed back through fastcgi one time.

-- DR

On Wed, Jul 15, 2009 at 10:31 PM, gerryw<nginx-forum at nginx.us> wrote:
> Hello All,
>
> I'm working on a FastCGI application the needs to support file upload. When a file is uploaded the FastCGI program is not receiving any data or envp other than METHOD. I think I have configured FastCGI correctly in the nginx config file, because other form submissions work. ?Can anyone give me an idea what I could check?
>
> nginx version: latest
> FastCGI version: latest
>
>
> Thanks,
> Gerry
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4091,4091#msg-4091
>
>
>




From almir at almirkaric.com  Thu Jul 16 11:27:43 2009
From: almir at almirkaric.com (Almir Karic)
Date: Thu, 16 Jul 2009 00:27:43 -0700
Subject: FastCGI application not receiving multi-part data
In-Reply-To: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
References: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
Message-ID: <2b6a8c330907160027v42a5a519h60583d94f4df1426@mail.gmail.com>

I am running django via FCGI that has the file upload working just
fine :-), i doubt nginx is source of your problems. Did you remember
to add enctype="multipart/form-data"?


python/django hacker & sys admin
http://almirkaric.com & http://twitter.com/redduck666



On Wed, Jul 15, 2009 at 10:31 PM, gerryw<nginx-forum at nginx.us> wrote:
> Hello All,
>
> I'm working on a FastCGI application the needs to support file upload. When a file is uploaded the FastCGI program is not receiving any data or envp other than METHOD. I think I have configured FastCGI correctly in the nginx config file, because other form submissions work. ?Can anyone give me an idea what I could check?
>
> nginx version: latest
> FastCGI version: latest
>
>
> Thanks,
> Gerry
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4091,4091#msg-4091
>
>
>




From miles at tinyapps.org  Thu Jul 16 11:46:02 2009
From: miles at tinyapps.org (TinyApps.Org)
Date: Wed, 15 Jul 2009 21:46:02 -1000
Subject: Redirect loop / too many redirects
In-Reply-To: <2910337946.20090715210652@csdoc.com>
References: <57B78091-3ED0-4DBC-988F-E64A4C01F212@tinyapps.org> <664722396.20090715200227@csdoc.com> <43286079-5C19-4249-8DA8-824434B25AE6@tinyapps.org> <2910337946.20090715210652@csdoc.com>
Message-ID: <47CB2365-B309-4269-ADB1-A402C19E1C8E@tinyapps.org>

Thanks, Gena!

On Jul 15, 2009, at 8:06 AM, Gena Makhomed wrote:

> On Wednesday, July 15, 2009 at 20:26:35, TinyApps.Org wrote:
>
> TO> Just adding the equal sign after "location" did the trick!
> TO> One last question: is the caret after "rewrite" required?
>
>>> location = /weblog/index.rss {
>>>   rewrite ^ /weblog/index.rss20 permanent;
>>> }
>
> caret is regexp. ( ^ Match the beginning of the line )
>
> http://perldoc.perl.org/perlre.html#Regular-Expressions
>
> yes, regexp here required by rewrite syntax:
>
>    rewrite regex replacement flag
>
> http://wiki.nginx.org/NginxHttpRewriteModule#rewrite
>
> -- 
> Best regards,
> Gena
>
>





From nginx-forum at nginx.us  Thu Jul 16 12:55:00 2009
From: nginx-forum at nginx.us (bavery)
Date: Thu, 16 Jul 2009 04:55:00 -0400
Subject: problem w/ gzip when hiding Content-Type header from upstream server
In-Reply-To: <69e0c4acac418c641823f567866f9e3c.NginxMailingList@forum.nginx.org>
References: <69e0c4acac418c641823f567866f9e3c.NginxMailingList@forum.nginx.org>
Message-ID: <925f8f7428ee278a6300710bc88646ab.NginxMailingList@forum.nginx.org>

I did some more checking, and am now finding that other .js & .css files from the upstream server are not being compressed as well, except that these files simply are served from the upstream server with no content-type header at all. 

So why does nginx not recognize the file type it is handling based on mime-type configuration when dealing with proxied files?

Bryan

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4037,4098#msg-4098





From nginx-forum at nginx.us  Thu Jul 16 12:56:00 2009
From: nginx-forum at nginx.us (gerryw)
Date: Thu, 16 Jul 2009 04:56:00 -0400
Subject: FastCGI application not receiving multi-part data
In-Reply-To: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
References: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
Message-ID: <daa22bba438cdbda43920e285ad6f269.NginxMailingList@forum.nginx.org>

Hello All,

Daniel:
>Is your FastCGI running on a socket or a port? On Linux, it should be
>a socket (e.g. unix:/tmp/php.sock) , but on FreeBSD it should be a
>port (e.g. 127.0.0.1:60000). I found this to be the cause of uploads
>not being passed back through fastcgi one time.

I was using a port. When I switched to a unix:socket I started getting some data, but it's either garbage or incomplete, because the parser segfaults trying to parse it. Could it be some kind of buffer size issue? 

Almir:
> Did you remember to add enctype="multipart/form-data"?
Yes.

Thanks,
Gerry

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4091,4099#msg-4099





From nginx-forum at nginx.us  Thu Jul 16 13:16:16 2009
From: nginx-forum at nginx.us (gerryw)
Date: Thu, 16 Jul 2009 05:16:16 -0400
Subject: FastCGI application not receiving multi-part data
In-Reply-To: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
References: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
Message-ID: <fcc278a33303b7d8b9cfbf284cc42ce5.NginxMailingList@forum.nginx.org>

Hello All,

In order to eliminate the parser as the problem, I switched to cgicc. Unfortunately, I got the same result. I know that cgicc works, because I've used it with other web servers. I guess I'm still thinking the data is incomplete or doesn't match the length passed. Any thoughts?

Thanks,
Gerry

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4091,4100#msg-4100





From rhodes.daniel at gmail.com  Thu Jul 16 13:24:59 2009
From: rhodes.daniel at gmail.com (Daniel Rhodes)
Date: Thu, 16 Jul 2009 02:24:59 -0700
Subject: FastCGI application not receiving multi-part data
In-Reply-To: <daa22bba438cdbda43920e285ad6f269.NginxMailingList@forum.nginx.org>
References: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
	 <daa22bba438cdbda43920e285ad6f269.NginxMailingList@forum.nginx.org>
Message-ID: <2f2bd9a50907160224od8c29d4ge5ebc2ab6c83c5c7@mail.gmail.com>

I'm not familiar with that particular problem, although here are the
settings I use for the fcgi buffers (which has worked with me for
files > 1GB being passed on to PHP):

fastcgi_connect_timeout         60;
fastcgi_send_timeout            180;
fastcgi_read_timeout            180;
fastcgi_buffer_size             128k;
fastcgi_buffers                 4 256k;
fastcgi_busy_buffers_size       256k;
fastcgi_temp_file_write_size    256k;
fastcgi_intercept_errors        on;
fastcgi_pass_header             *;

There are also other values, like the document body size which should
be set. You can find information about that in the documentation.

On Thu, Jul 16, 2009 at 1:56 AM, gerryw<nginx-forum at nginx.us> wrote:
> Hello All,
>
> Daniel:
>>Is your FastCGI running on a socket or a port? On Linux, it should be
>>a socket (e.g. unix:/tmp/php.sock) , but on FreeBSD it should be a
>>port (e.g. 127.0.0.1:60000). I found this to be the cause of uploads
>>not being passed back through fastcgi one time.
>
> I was using a port. When I switched to a unix:socket I started getting some data, but it's either garbage or incomplete, because the parser segfaults trying to parse it. Could it be some kind of buffer size issue?
>
> Almir:
>> Did you remember to add enctype="multipart/form-data"?
> Yes.
>
> Thanks,
> Gerry
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4091,4099#msg-4099
>
>
>




From nginx-forum at nginx.us  Thu Jul 16 13:27:31 2009
From: nginx-forum at nginx.us (gerryw)
Date: Thu, 16 Jul 2009 05:27:31 -0400
Subject: FastCGI application not receiving multi-part data
In-Reply-To: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
References: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
Message-ID: <14a2ed3e7b6b55d3caacbc706609cefb.NginxMailingList@forum.nginx.org>

Hello All,

I also did a test with just the vanilla FastCGI API calls. The only env related variable I was able to get was "REQUEST_METHOD". None of the rest were set.

Thanks,
Gerry

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4091,4101#msg-4101





From support at oeko.net  Thu Jul 16 13:30:18 2009
From: support at oeko.net (Toni Mueller)
Date: Thu, 16 Jul 2009 11:30:18 +0200
Subject: 0.7.61: error_page 404 woes
In-Reply-To: <20090713195734.GD15437@rambler-co.ru>
References: <20090713170409.23831.qmail@oak.oeko.net> <20090713182225.GB15437@rambler-co.ru> <20090713184829.27178.qmail@oak.oeko.net> <20090713195734.GD15437@rambler-co.ru>
Message-ID: <20090716093019.12254.qmail@oak.oeko.net>


Hi,

On Mon, 13.07.2009 at 23:57:34 +0400, Igor Sysoev <is at rambler-co.ru> wrote:
> On Mon, Jul 13, 2009 at 08:48:29PM +0200, Toni Mueller wrote:
> > On Mon, 13.07.2009 at 22:22:25 +0400, Igor Sysoev <is at rambler-co.ru> wrote:
> > > On Mon, Jul 13, 2009 at 07:04:09PM +0200, Toni Mueller wrote:
> > > > error_page	404	/;
> > > > 
> > > > But this statement had no effect. I had to re-write the statement as
> > > > 
> > > > error_page	404	http://$server_name/;
> > > > 
> > > > to get the desired effect, but don't quite understand, why.
> > > 
> > > Because the first statement does an internal redirect to /,
> > > while the second one does an external redirect (302).
> > 
> > thanks for the quick answer, but I don't quite understand:
> > 
> > I already assumed that the second would cause an external redirect, but
> > why the first statement would not lead to an internal rewrite of the
> > URI and then try that through the remainder of the configuration, I
> > don't see.
> 
> What do you see in the first case ? You should see main page with
> unchanged nonexistent URI in browser.

in the first case, I see a standard 404 nginx error page. But I
expected nginx to display the same thing that I see in the second case
(I have a redirection for "/" to land somewhere else).


Kind regards,
--Toni++





From nginx-forum at nginx.us  Thu Jul 16 13:41:05 2009
From: nginx-forum at nginx.us (davidc)
Date: Thu, 16 Jul 2009 05:41:05 -0400
Subject: forum search
Message-ID: <7d0491bc23ed0a9469f1529222278736.NginxMailingList@forum.nginx.org>

This isn't specifically an nginx question but as the forum is served via nginx it could be.

When I search the forum for "perl variable" it returns a '502 Bad Gateway' response and
the version 'nginx/0.8.5'. This happens every time I try the search but not for other terms.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4102,4102#msg-4102





From support-nginx at oeko.net  Thu Jul 16 13:55:38 2009
From: support-nginx at oeko.net (Toni Mueller)
Date: Thu, 16 Jul 2009 11:55:38 +0200
Subject: Keep Alive piles up
In-Reply-To: <20090629201857.GA99873@mdounin.ru>
References: <20090629103818.GV66320@forum.nginx.org> <1ab82bc1f3e0954a2538288a4980621b.NginxMailingList@forum.nginx.org> <20090629144615.GC66320@forum.nginx.org> <c7d82fb47c39f588415104fda7fe1dc4.NginxMailingList@forum.nginx.org> <a8658651612ac2663240bc712eb60e42.NginxMailingList@forum.nginx.org> <20090629161004.GE66320@forum.nginx.org> <7b7119d7eebefa203cd21e74af6d9836.NginxMailingList@forum.nginx.org> <20090629182110.GF66320@forum.nginx.org> <1d8038ad189bdb81abb8eaea8438e35d.NginxMailingList@forum.nginx.org> <20090629201857.GA99873@mdounin.ru>
Message-ID: <20090716095538.13093.qmail@oak.oeko.net>


Hello!

On Tue, 30.06.2009 at 00:18:57 +0400, Maxim Dounin <mdounin at mdounin.ru> wrote:
> Looks like you assume that wiki == documentation.  It's simply not 
> true.

it seems that for those of us who can't read russian, it simply has to
be true because we don't have much of a choice.

> Yes, nested locations have drawbacks due to some inheritance bugs 
> (and hence they still aren't documented in official docs).  But 
> if's are in fact nested locations under the hood - and they have 

I have trouble understanding how if()s can be locations under the hood,
or how I could use variable testing (like eg. in geo-ip) without if()s.


Kind regards,
--Toni++





From nikon at puffy.pl  Thu Jul 16 16:06:34 2009
From: nikon at puffy.pl (Tomasz Pajor)
Date: Thu, 16 Jul 2009 14:06:34 +0200
Subject: fastcgi, try_files, problems
Message-ID: <4A5F17CA.8040009@puffy.pl>

Hello all,

I have a problem with proper configuration of my page.

What I want to achieve is that:
- http://domain.com/ should point to an upstream bucket of fastcgi apps.
- http://domain.com/administrator should be served by a fastcgi server 
on the same machine as balancer, so it should point to 127.0.0.1:3000 in 
this case
- i think there is a way to simplify the two backend.php entries
- all /js/ entries for domain.com should be served staticly
- static.domain.com should be served staticly

Don't know what am I doing wrong, but the debug says that when i go to 
http://domain.com/administrator it uses the location /administrator but 
then it's redirected to /index.php and it uses location /, so not as I 
intended.

Can You guys help me sort this out?

Configuration is as follows:

upstream apps {
    server 10.0.1.50:3000;
}

server {
    listen 80;
    server_name domain.com;
    error_log /var/log/nginx/domain-error.log debug;

    location / {
        root /disk0/vhosts/domain/public;
        try_files $uri $uri /index.php;
        fastcgi_pass apps;
        #fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include fastcgi_params;
    }

    location /administrator {
        root /disk0/vhosts/domain/public;
        try_files $uri $uri index.php;
        fastcgi_pass 127.0.0.1:3000;
        #fastcgi_index index.php;
        #fastcgi_param SCRIPT_FILENAME  
/disk0/vhosts/domain/public/index.php;
        fastcgi_param SCRIPT_FILENAME 
/disk0/vhosts/domain/public/$fastcgi_script_name;
        include fastcgi_params;
    }

    location /js/lib/xinha/plugins/ExtendedFileManager/backend.php {
        fastcgi_pass 127.0.0.1:3000;
        fastcgi_index backend.php;
        fastcgi_param SCRIPT_FILENAME  
/disk0/vhosts/domain/public/js/lib/xinha/plugins/ExtendedFileManager/backend.php;
        include fastcgi_params;
        access_log /var/log/nginx/backend1.log;
    }

    location /js/lib/xinha/plugins/ImageManager/backend.php {
        fastcgi_pass 127.0.0.1:3000;
        fastcgi_index backend.php;
        fastcgi_param SCRIPT_FILENAME  
/disk0/vhosts/domain/public/js/lib/xinha/plugins/ImageManager/backend.php;
        include fastcgi_params;
        access_log /var/log/nginx/backend2.log;
    }

    location ~ ^/(js)/  {
        root /disk0/vhosts/domain/public;
        expires 30d;
        access_log /var/log/nginx/js.log;
    }
}

server {
    listen 80;
    server_name static.domain.com;

    location / {
        root /disk0/vhosts/domain/static;
        access_log off;
        expires 30d;
    }
}

server {
    listen 80;
    server_name .domain2.com;

    location / {
        fastcgi_pass 127.0.0.1:3000;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME  
/disk0/vhosts/domain2/public/index.php;
        include       fastcgi_params;
    }
}




From is at rambler-co.ru  Thu Jul 16 16:31:41 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 16 Jul 2009 16:31:41 +0400
Subject: 0.7.61: error_page 404 woes
In-Reply-To: <20090716093019.12254.qmail@oak.oeko.net>
References: <20090713170409.23831.qmail@oak.oeko.net> <20090713182225.GB15437@rambler-co.ru> <20090713184829.27178.qmail@oak.oeko.net> <20090713195734.GD15437@rambler-co.ru> <20090716093019.12254.qmail@oak.oeko.net>
Message-ID: <20090716123141.GE90866@rambler-co.ru>

On Thu, Jul 16, 2009 at 11:30:18AM +0200, Toni Mueller wrote:

> 
> Hi,
> 
> On Mon, 13.07.2009 at 23:57:34 +0400, Igor Sysoev <is at rambler-co.ru> wrote:
> > On Mon, Jul 13, 2009 at 08:48:29PM +0200, Toni Mueller wrote:
> > > On Mon, 13.07.2009 at 22:22:25 +0400, Igor Sysoev <is at rambler-co.ru> wrote:
> > > > On Mon, Jul 13, 2009 at 07:04:09PM +0200, Toni Mueller wrote:
> > > > > error_page	404	/;
> > > > > 
> > > > > But this statement had no effect. I had to re-write the statement as
> > > > > 
> > > > > error_page	404	http://$server_name/;
> > > > > 
> > > > > to get the desired effect, but don't quite understand, why.
> > > > 
> > > > Because the first statement does an internal redirect to /,
> > > > while the second one does an external redirect (302).
> > > 
> > > thanks for the quick answer, but I don't quite understand:
> > > 
> > > I already assumed that the second would cause an external redirect, but
> > > why the first statement would not lead to an internal rewrite of the
> > > URI and then try that through the remainder of the configuration, I
> > > don't see.
> > 
> > What do you see in the first case ? You should see main page with
> > unchanged nonexistent URI in browser.
> 
> in the first case, I see a standard 404 nginx error page. But I
> expected nginx to display the same thing that I see in the second case
> (I have a redirection for "/" to land somewhere else).

Could you show your configuration ?


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Thu Jul 16 16:37:04 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 16 Jul 2009 16:37:04 +0400
Subject: Maxmind GeoIP City Module
In-Reply-To: <4A5336CD.9050308@theactivitypeople.co.uk>
References: <4A5336CD.9050308@theactivitypeople.co.uk>
Message-ID: <20090716123704.GF90866@rambler-co.ru>

On Tue, Jul 07, 2009 at 12:51:41PM +0100, Phillip Oldham wrote:

> We're in need of a GeoIP module which works with the current development 
> branch of nginx and can resolve an IP to City-level using Maxmind's 
> GeoIP Database (the .dat files). We use nginx extensively but don't have 
> experience in C to develop such a module in-house. Are there any module 
> developers on the list who would be interested in such a project?
> 
> We're flexible regarding the funding of development for such a module, 
> and also flexible on whether the finshed module is open-sourced and 
> released back to the community.
> 
> If anyone is interested please feel free to mail me off-list with any 
> thoughts/costs/etc.

The module is in the attached patch.

./configure ---with-http_geoip_module

nginx.conf:

http {

    geoip_country  path/to/GeoIP.dat;
    geoip_city     path/to/GeoLiteCity.dat;


You may use only one base or both bases.

Varaibles available with geoip_country base:

$geoip_country_code
$geoip_country_code3
$geoip_country_name

Varaibles available with geoip_city base:

$geoip_city_country_code
$geoip_city_country_code3
$geoip_city_country_name
$geoip_region
$geoip_city
$geoip_postal_code


-- 
Igor Sysoev
http://sysoev.ru/en/
-------------- next part --------------
Index: src/http/modules/ngx_http_geoip_module.c
===================================================================
--- src/http/modules/ngx_http_geoip_module.c	(revision 0)
+++ src/http/modules/ngx_http_geoip_module.c	(revision 0)
@@ -0,0 +1,360 @@
+
+/*
+ * Copyright (C) Igor Sysoev
+ */
+
+
+#include <ngx_config.h>
+#include <ngx_core.h>
+#include <ngx_http.h>
+
+#include <GeoIP.h>
+#include <GeoIPCity.h>
+
+
+typedef struct {
+    GeoIP      *country;
+    GeoIP      *city;
+} ngx_http_geoip_conf_t;
+
+
+typedef struct {
+    ngx_str_t  *name;
+    uintptr_t   data;
+} ngx_http_geoip_var_t;
+
+
+typedef const char *(*ngx_http_geoip_variable_handler_pt)(GeoIP *, u_long addr);
+
+static ngx_int_t ngx_http_geoip_country_variable(ngx_http_request_t *r,
+    ngx_http_variable_value_t *v, uintptr_t data);
+static ngx_int_t ngx_http_geoip_city_variable(ngx_http_request_t *r,
+    ngx_http_variable_value_t *v, uintptr_t data);
+
+static ngx_int_t ngx_http_geoip_add_variables(ngx_conf_t *cf);
+static void *ngx_http_geoip_create_conf(ngx_conf_t *cf);
+static char *ngx_http_geoip_country(ngx_conf_t *cf, ngx_command_t *cmd,
+    void *conf);
+static char *ngx_http_geoip_city(ngx_conf_t *cf, ngx_command_t *cmd,
+    void *conf);
+static void ngx_http_geoip_cleanup(void *data);
+
+
+static ngx_command_t  ngx_http_geoip_commands[] = {
+
+    { ngx_string("geoip_country"),
+      NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1,
+      ngx_http_geoip_country,
+      NGX_HTTP_MAIN_CONF_OFFSET,
+      0,
+      NULL },
+
+    { ngx_string("geoip_city"),
+      NGX_HTTP_MAIN_CONF|NGX_CONF_TAKE1,
+      ngx_http_geoip_city,
+      NGX_HTTP_MAIN_CONF_OFFSET,
+      0,
+      NULL },
+
+      ngx_null_command
+};
+
+
+static ngx_http_module_t  ngx_http_geoip_module_ctx = {
+    ngx_http_geoip_add_variables,          /* preconfiguration */
+    NULL,                                  /* postconfiguration */
+
+    ngx_http_geoip_create_conf,            /* create main configuration */
+    NULL,                                  /* init main configuration */
+
+    NULL,                                  /* create server configuration */
+    NULL,                                  /* merge server configuration */
+
+    NULL,                                  /* create location configuration */
+    NULL                                   /* merge location configuration */
+};
+
+
+ngx_module_t  ngx_http_geoip_module = {
+    NGX_MODULE_V1,
+    &ngx_http_geoip_module_ctx,            /* module context */
+    ngx_http_geoip_commands,               /* module directives */
+    NGX_HTTP_MODULE,                       /* module type */
+    NULL,                                  /* init master */
+    NULL,                                  /* init module */
+    NULL,                                  /* init process */
+    NULL,                                  /* init thread */
+    NULL,                                  /* exit thread */
+    NULL,                                  /* exit process */
+    NULL,                                  /* exit master */
+    NGX_MODULE_V1_PADDING
+};
+
+
+static ngx_http_variable_t  ngx_http_geoip_vars[] = {
+
+    { ngx_string("geoip_country_code"), NULL, ngx_http_geoip_country_variable,
+      (uintptr_t) GeoIP_country_code_by_ipnum, 0, 0 },
+
+    { ngx_string("geoip_country_code3"), NULL, ngx_http_geoip_country_variable,
+      (uintptr_t) GeoIP_country_code3_by_ipnum, 0, 0 },
+
+    { ngx_string("geoip_country_name"), NULL, ngx_http_geoip_country_variable,
+      (uintptr_t) GeoIP_country_name_by_ipnum, 0, 0 },
+
+    { ngx_string("geoip_city_country_code"), NULL, ngx_http_geoip_city_variable,
+      offsetof(GeoIPRecord, country_code), 0, 0 },
+
+    { ngx_string("geoip_city_country_code3"), NULL,
+      ngx_http_geoip_city_variable,
+      offsetof(GeoIPRecord, country_code3), 0, 0 },
+
+    { ngx_string("geoip_city_country_name"), NULL, ngx_http_geoip_city_variable,
+      offsetof(GeoIPRecord, country_name), 0, 0 },
+
+    { ngx_string("geoip_region"), NULL,
+      ngx_http_geoip_city_variable,
+      offsetof(GeoIPRecord, region), 0, 0 },
+
+    { ngx_string("geoip_city"), NULL,
+      ngx_http_geoip_city_variable,
+      offsetof(GeoIPRecord, city), 0, 0 },
+
+    { ngx_string("geoip_postal_code"), NULL,
+      ngx_http_geoip_city_variable,
+      offsetof(GeoIPRecord, postal_code), 0, 0 },
+
+    { ngx_null_string, NULL, NULL, 0, 0, 0 }
+};
+
+
+static ngx_int_t
+ngx_http_geoip_country_variable(ngx_http_request_t *r,
+    ngx_http_variable_value_t *v, uintptr_t data)
+{
+    ngx_http_geoip_variable_handler_pt  handler =
+        (ngx_http_geoip_variable_handler_pt) data;
+
+    u_long                  addr;
+    const char             *val;
+    struct sockaddr_in     *sin;
+    ngx_http_geoip_conf_t  *gcf;
+
+    gcf = ngx_http_get_module_main_conf(r, ngx_http_geoip_module);
+
+    if (gcf->country == NULL) {
+        goto not_found;
+    }
+
+    if (r->connection->sockaddr->sa_family != AF_INET) {
+        goto not_found;
+    }
+
+    sin = (struct sockaddr_in *) r->connection->sockaddr;
+    addr = ntohl(sin->sin_addr.s_addr);
+
+    val = handler(gcf->country, addr);
+
+    if (val == NULL) {
+        goto not_found;
+    }
+
+    v->len = ngx_strlen(val);
+    v->valid = 1;
+    v->no_cacheable = 0;
+    v->not_found = 0;
+    v->data = (u_char *) val;
+
+    return NGX_OK;
+
+not_found:
+
+    v->not_found = 1;
+
+    return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_http_geoip_city_variable(ngx_http_request_t *r,
+    ngx_http_variable_value_t *v, uintptr_t data)
+{
+    u_long                  addr;
+    char                   *val;
+    GeoIPRecord            *gr;
+    struct sockaddr_in     *sin;
+    ngx_http_geoip_conf_t  *gcf;
+
+    gcf = ngx_http_get_module_main_conf(r, ngx_http_geoip_module);
+
+    if (gcf->city == NULL) {
+        goto not_found;
+    }
+
+    if (r->connection->sockaddr->sa_family != AF_INET) {
+        goto not_found;
+    }
+
+    sin = (struct sockaddr_in *) r->connection->sockaddr;
+    addr = ntohl(sin->sin_addr.s_addr);
+
+    gr = GeoIP_record_by_ipnum(gcf->city, addr);
+
+    if (gr == NULL) {
+        goto not_found;
+    }
+
+    val = *(char **) ((char *) gr + data);
+
+    if (val == NULL) {
+        goto not_found;
+    }
+
+    v->len = ngx_strlen(val);
+    v->valid = 1;
+    v->no_cacheable = 0;
+    v->not_found = 0;
+    v->data = (u_char *) val;
+
+    return NGX_OK;
+
+not_found:
+
+    v->not_found = 1;
+
+    return NGX_OK;
+}
+
+
+static ngx_int_t
+ngx_http_geoip_add_variables(ngx_conf_t *cf)
+{
+    ngx_http_variable_t  *var, *v;
+
+    for (v = ngx_http_geoip_vars; v->name.len; v++) {
+        var = ngx_http_add_variable(cf, &v->name, v->flags);
+        if (var == NULL) {
+            return NGX_ERROR;
+        }
+
+        var->get_handler = v->get_handler;
+        var->data = v->data;
+    }
+
+    return NGX_OK;
+}
+
+
+static void *
+ngx_http_geoip_create_conf(ngx_conf_t *cf)
+{
+    ngx_pool_cleanup_t     *cln;
+    ngx_http_geoip_conf_t  *conf;
+
+    conf = ngx_pcalloc(cf->pool, sizeof(ngx_http_geoip_conf_t));
+    if (conf == NULL) {
+        return NULL;
+    }
+
+    cln = ngx_pool_cleanup_add(cf->pool, 0);
+    if (cln == NULL) {
+        return NULL;
+    }
+
+    cln->handler = ngx_http_geoip_cleanup;
+    cln->data = conf;
+
+    return conf;
+}
+
+
+static char *
+ngx_http_geoip_country(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{
+    ngx_http_geoip_conf_t  *gcf = conf;
+
+    ngx_str_t  *value;
+
+    if (gcf->country) {
+        return "is duplicate";
+    }
+
+    value = cf->args->elts;
+
+    gcf->country = GeoIP_open((char *) value[1].data, GEOIP_MEMORY_CACHE);
+
+    if (gcf->country == NULL) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "GeoIO_open(\"%V\") failed", &value[1]);
+
+        return NGX_CONF_ERROR;
+    }
+
+    switch (gcf->country->databaseType) {
+
+    case GEOIP_COUNTRY_EDITION:
+    case GEOIP_PROXY_EDITION:
+    case GEOIP_NETSPEED_EDITION:
+
+        return NGX_CONF_OK;
+
+    default:
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "invalid GeoIP database \"%V\" type:%d",
+                           &value[1], gcf->country->databaseType);
+        return NGX_CONF_ERROR;
+    }
+}
+
+
+static char *
+ngx_http_geoip_city(ngx_conf_t *cf, ngx_command_t *cmd, void *conf)
+{
+    ngx_http_geoip_conf_t  *gcf = conf;
+
+    ngx_str_t  *value;
+
+    if (gcf->city) {
+        return "is duplicate";
+    }
+
+    value = cf->args->elts;
+
+    gcf->city = GeoIP_open((char *) value[1].data, GEOIP_MEMORY_CACHE);
+
+    if (gcf->city == NULL) {
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "GeoIO_open(\"%V\") failed", &value[1]);
+
+        return NGX_CONF_ERROR;
+    }
+
+    switch (gcf->city->databaseType) {
+
+    case GEOIP_CITY_EDITION_REV0:
+    case GEOIP_CITY_EDITION_REV1:
+
+        return NGX_CONF_OK;
+
+    default:
+        ngx_conf_log_error(NGX_LOG_EMERG, cf, 0,
+                           "invalid GeoIP City database \"%V\" type:%d",
+                           &value[1], gcf->city->databaseType);
+        return NGX_CONF_ERROR;
+    }
+}
+
+
+static void
+ngx_http_geoip_cleanup(void *data)
+{
+    ngx_http_geoip_conf_t  *gcf = data;
+
+    if (gcf->country) {
+        GeoIP_delete(gcf->country);
+    }
+
+    if (gcf->city) {
+        GeoIP_delete(gcf->city);
+    }
+}
Index: auto/sources
===================================================================
--- auto/sources	(revision 2303)
+++ auto/sources	(working copy)
@@ -377,6 +377,10 @@
 HTTP_GEO_SRCS=src/http/modules/ngx_http_geo_module.c
 
 
+HTTP_GEOIP_MODULE=ngx_http_geoip_module
+HTTP_GEOIP_SRCS=src/http/modules/ngx_http_geoip_module.c
+
+
 HTTP_MAP_MODULE=ngx_http_map_module
 HTTP_MAP_SRCS=src/http/modules/ngx_http_map_module.c
 
Index: auto/options
===================================================================
--- auto/options	(revision 2303)
+++ auto/options	(working copy)
@@ -71,6 +71,7 @@
 HTTP_RANDOM_INDEX=NO
 HTTP_STATUS=NO
 HTTP_GEO=YES
+HTTP_GEOIP=NO
 HTTP_MAP=YES
 HTTP_REFERER=YES
 HTTP_REWRITE=YES
@@ -184,6 +185,7 @@
         --with-http_addition_module)     HTTP_ADDITION=YES          ;;
         --with-http_xslt_module)         HTTP_XSLT=YES              ;;
         --with-http_image_filter_module) HTTP_IMAGE_FILTER=YES      ;;
+        --with-http_geoip_module)        HTTP_GEOIP=YES             ;;
         --with-http_sub_module)          HTTP_SUB=YES               ;;
         --with-http_dav_module)          HTTP_DAV=YES               ;;
         --with-http_flv_module)          HTTP_FLV=YES               ;;
@@ -310,6 +312,7 @@
   --with-http_addition_module        enable ngx_http_addition_module
   --with-http_xslt_module            enable ngx_http_xslt_module
   --with-http_image_filter_module    enable ngx_http_image_filter_module
+  --with-http_geoip_module           enable ngx_http_geoip_link_module
   --with-http_sub_module             enable ngx_http_sub_module
   --with-http_dav_module             enable ngx_http_dav_module
   --with-http_flv_module             enable ngx_http_flv_module
Index: auto/lib/geoip/conf
===================================================================
--- auto/lib/geoip/conf	(revision 0)
+++ auto/lib/geoip/conf	(revision 0)
@@ -0,0 +1,78 @@
+
+# Copyright (C) Igor Sysoev
+
+
+    ngx_feature="GeoIP library"
+    ngx_feature_name=
+    ngx_feature_run=no
+    ngx_feature_incs=
+    ngx_feature_path=
+    ngx_feature_libs="-lGeoIP"
+    ngx_feature_test="GeoIP_open(NULL, 0)"
+    . auto/feature
+
+
+if [ $ngx_found = no ]; then
+
+    # FreeBSD port
+
+    ngx_feature="GeoIP library in /usr/local/"
+
+    if [ $NGX_RPATH = YES ]; then
+        ngx_feature_libs="-R/usr/local/lib -L/usr/local/lib -lGeoIP"
+    else
+        ngx_feature_libs="-L/usr/local/lib -lGeoIP"
+    fi
+
+    . auto/feature
+fi
+
+
+if [ $ngx_found = no ]; then
+
+    # NetBSD port
+
+    ngx_feature="GeoIP library in /usr/pkg/"
+    ngx_feature_path="/usr/pkg/include/"
+
+    if [ $NGX_RPATH = YES ]; then
+        ngx_feature_libs="-R/usr/pkg/lib -L/usr/pkg/lib -lGeoIP"
+    else
+        ngx_feature_libs="-L/usr/pkg/lib -lGeoIP"
+    fi
+
+    . auto/feature
+fi
+
+
+if [ $ngx_found = no ]; then
+
+    # MacPorts
+
+    ngx_feature="GeoIP library in /opt/local/"
+    ngx_feature_path="/opt/local/include"
+
+    if [ $NGX_RPATH = YES ]; then
+        ngx_feature_libs="-R/opt/local/lib -L/opt/local/lib -lGeoIP"
+    else
+        ngx_feature_libs="-L/opt/local/lib -lGeoIP"
+    fi
+
+    . auto/feature
+fi
+
+
+if [ $ngx_found = yes ]; then
+    CORE_LIBS="$CORE_LIBS $ngx_feature_libs"
+
+else
+
+cat << END
+
+$0: error: the GeoIP module requires the GeoIP library.
+You can either do not enable the module or install the library.
+
+END
+
+    exit 1
+fi
Index: auto/lib/conf
===================================================================
--- auto/lib/conf	(revision 2303)
+++ auto/lib/conf	(working copy)
@@ -67,6 +67,9 @@
     . auto/lib/perl/conf
 fi
 
+if [ $HTTP_GEOIP = YES ]; then
+    . auto/lib/geoip/conf
+fi
 if [ $NGX_GOOGLE_PERFTOOLS = YES ]; then
     . auto/lib/google-perftools/conf
 fi
Index: auto/modules
===================================================================
--- auto/modules	(revision 2303)
+++ auto/modules	(working copy)
@@ -240,6 +240,12 @@
     HTTP_SRCS="$HTTP_SRCS $HTTP_GEO_SRCS"
 fi
 
+if [ $HTTP_GEOIP = YES ]; then
+    have=NGX_HTTP_GEOIP . auto/have
+    HTTP_MODULES="$HTTP_MODULES $HTTP_GEOIP_MODULE"
+    HTTP_SRCS="$HTTP_SRCS $HTTP_GEOIP_SRCS"
+fi
+
 if [ $HTTP_MAP = YES ]; then
     have=NGX_HTTP_MAP . auto/have
     HTTP_MODULES="$HTTP_MODULES $HTTP_MAP_MODULE"

From mdounin at mdounin.ru  Thu Jul 16 16:41:59 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 16 Jul 2009 16:41:59 +0400
Subject: fastcgi, try_files, problems
In-Reply-To: <4A5F17CA.8040009@puffy.pl>
References: <4A5F17CA.8040009@puffy.pl>
Message-ID: <20090716124159.GI1050@mdounin.ru>

Hello!

On Thu, Jul 16, 2009 at 02:06:34PM +0200, Tomasz Pajor wrote:

> Hello all,
>
> I have a problem with proper configuration of my page.
>
> What I want to achieve is that:
> - http://domain.com/ should point to an upstream bucket of fastcgi apps.
> - http://domain.com/administrator should be served by a fastcgi server  
> on the same machine as balancer, so it should point to 127.0.0.1:3000 in  
> this case
> - i think there is a way to simplify the two backend.php entries
> - all /js/ entries for domain.com should be served staticly
> - static.domain.com should be served staticly
>
> Don't know what am I doing wrong, but the debug says that when i go to  
> http://domain.com/administrator it uses the location /administrator but  
> then it's redirected to /index.php and it uses location /, so not as I  
> intended.
>
> Can You guys help me sort this out?
>
> Configuration is as follows:
>
> upstream apps {
>    server 10.0.1.50:3000;
> }
>
> server {
>    listen 80;
>    server_name domain.com;
>    error_log /var/log/nginx/domain-error.log debug;
>
>    location / {
>        root /disk0/vhosts/domain/public;
>        try_files $uri $uri /index.php;

See no reasons to test $uri twice.

>        fastcgi_pass apps;
>        #fastcgi_index index.php;
>        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
>        include fastcgi_params;
>    }
>
>    location /administrator {
>        root /disk0/vhosts/domain/public;
>        try_files $uri $uri index.php;

You fallback to 'index.php' which is wrong as far as I see (it 
produces redirect to 'index.php' in case of no file found - it's 
simply invalid since has no leading '/').  Probably you mean to 
use 

         try_files $uri /administrator/index.php;

instead, and probably it's a good idea to specify separate 
location for /administrator/index.php to avoid internal 
redirection loop in case there will be no /administrator/index.php 
file.

>        fastcgi_pass 127.0.0.1:3000;
>        #fastcgi_index index.php;
>        #fastcgi_param SCRIPT_FILENAME   
> /disk0/vhosts/domain/public/index.php;
>        fastcgi_param SCRIPT_FILENAME  
> /disk0/vhosts/domain/public/$fastcgi_script_name;
>        include fastcgi_params;
>    }
>
>    location /js/lib/xinha/plugins/ExtendedFileManager/backend.php {
>        fastcgi_pass 127.0.0.1:3000;
>        fastcgi_index backend.php;
>        fastcgi_param SCRIPT_FILENAME   
> /disk0/vhosts/domain/public/js/lib/xinha/plugins/ExtendedFileManager/backend.php;
>        include fastcgi_params;
>        access_log /var/log/nginx/backend1.log;
>    }
>
>    location /js/lib/xinha/plugins/ImageManager/backend.php {
>        fastcgi_pass 127.0.0.1:3000;
>        fastcgi_index backend.php;
>        fastcgi_param SCRIPT_FILENAME   
> /disk0/vhosts/domain/public/js/lib/xinha/plugins/ImageManager/backend.php;
>        include fastcgi_params;
>        access_log /var/log/nginx/backend2.log;
>    }
>
>    location ~ ^/(js)/  {

Any reasons to use regex here?  It should be enough to use normal 

     location /js/ {

unless you want to render the above '/js/.../backend.php' locations 
useless.

Maxim Dounin

>        root /disk0/vhosts/domain/public;
>        expires 30d;
>        access_log /var/log/nginx/js.log;
>    }
> }
>
> server {
>    listen 80;
>    server_name static.domain.com;
>
>    location / {
>        root /disk0/vhosts/domain/static;
>        access_log off;
>        expires 30d;
>    }
> }
>
> server {
>    listen 80;
>    server_name .domain2.com;
>
>    location / {
>        fastcgi_pass 127.0.0.1:3000;
>        fastcgi_index index.php;
>        fastcgi_param SCRIPT_FILENAME   
> /disk0/vhosts/domain2/public/index.php;
>        include       fastcgi_params;
>    }
> }
>




From dick at fouter.net  Thu Jul 16 16:48:27 2009
From: dick at fouter.net (Dick Middleton)
Date: Thu, 16 Jul 2009 13:48:27 +0100
Subject: fastcgi, try_files, problems
In-Reply-To: <4A5F17CA.8040009@puffy.pl>
References: <4A5F17CA.8040009@puffy.pl>
Message-ID: <4A5F219B.5040504@fouter.net>

Tomasz Pajor wrote:

 > I have a problem with proper configuration of my page.

Coo!  Let me have a go.  I'm brand new to nginx so just testing my 
reading ability :)

> Don't know what am I doing wrong, but the debug says that when i go to 
> http://domain.com/administrator it uses the location /administrator but 
> then it's redirected to /index.php and it uses location /, so not as I 
> intended.

Is it the order of location directives:   location / satisfies 
/administrator before location /administrator

So change the order in config - am I right?

Dick





From maccaday at gmail.com  Thu Jul 16 16:52:43 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Thu, 16 Jul 2009 15:52:43 +0300
Subject: Daemon directory string
In-Reply-To: <20090716012116.GD1050@mdounin.ru>
References: <57B78091-3ED0-4DBC-988F-E64A4C01F212@tinyapps.org> <664722396.20090715200227@csdoc.com> <43286079-5C19-4249-8DA8-824434B25AE6@tinyapps.org> <4A5E2A56.4070006@gmail.com> <20090715193756.GC1050@mdounin.ru> <4A5E6568.7000307@gmail.com> <20090716012116.GD1050@mdounin.ru>
Message-ID: <4A5F229B.7080505@gmail.com>

Maxim Dounin wrote:
> Hello!
>
> On Thu, Jul 16, 2009 at 02:25:28AM +0300, Marcus Clyne wrote:
>
>   
>> Hi,
>>
>> What's the best way to get the path of the directory that nginx was  
>> called from (as part of module development)?  Is this stored in a string  
>> somewhere?
>>     
>
> No.  You should use ngx_conf_full_name() to resolve paths to 
> absolute ones.  It uses cycle->prefix (or cycle->conf_prefix), and 
> this in turn is set to startup directory if there is no prefix 
> (either compiled in or specified via -p switch).
>
> Maxim Dounin
>
>   
Thanks.




From is at rambler-co.ru  Thu Jul 16 16:51:35 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 16 Jul 2009 16:51:35 +0400
Subject: problem w/ gzip when hiding Content-Type header from upstream server
In-Reply-To: <925f8f7428ee278a6300710bc88646ab.NginxMailingList@forum.nginx.org>
References: <69e0c4acac418c641823f567866f9e3c.NginxMailingList@forum.nginx.org> <925f8f7428ee278a6300710bc88646ab.NginxMailingList@forum.nginx.org>
Message-ID: <20090716125135.GI90866@rambler-co.ru>

On Thu, Jul 16, 2009 at 04:55:00AM -0400, bavery wrote:

> I did some more checking, and am now finding that other .js & .css files from the upstream server are not being compressed as well, except that these files simply are served from the upstream server with no content-type header at all. 
> 
> So why does nginx not recognize the file type it is handling based on mime-type configuration when dealing with proxied files?

nginx think that upstream should set Content-Type by itself.

Probably I need to extend "add_header" to set content type:

   location /combined.css {
        proxy_pass ..
        proxy_hide_header Content-Type;
        add_header        Content-Type  text/css;

or implement "override_type" to set content-type based on mime.types file
or just string:

   location /combined.css {
        proxy_pass ..
        override_type     [on|off|mime-type];


-- 
Igor Sysoev
http://sysoev.ru/en/




From nikon at puffy.pl  Thu Jul 16 17:07:29 2009
From: nikon at puffy.pl (Tomasz Pajor)
Date: Thu, 16 Jul 2009 15:07:29 +0200
Subject: fastcgi, try_files, problems
In-Reply-To: <20090716124159.GI1050@mdounin.ru>
References: <4A5F17CA.8040009@puffy.pl> <20090716124159.GI1050@mdounin.ru>
Message-ID: <4A5F2611.8020009@puffy.pl>

Maxim Dounin wrote:
> Hello!
>
> On Thu, Jul 16, 2009 at 02:06:34PM +0200, Tomasz Pajor wrote:
>
>   
>> Hello all,
>>
>> I have a problem with proper configuration of my page.
>>
>> What I want to achieve is that:
>> - http://domain.com/ should point to an upstream bucket of fastcgi apps.
>> - http://domain.com/administrator should be served by a fastcgi server  
>> on the same machine as balancer, so it should point to 127.0.0.1:3000 in  
>> this case
>> - i think there is a way to simplify the two backend.php entries
>> - all /js/ entries for domain.com should be served staticly
>> - static.domain.com should be served staticly
>>
>> Don't know what am I doing wrong, but the debug says that when i go to  
>> http://domain.com/administrator it uses the location /administrator but  
>> then it's redirected to /index.php and it uses location /, so not as I  
>> intended.
>>
>> Can You guys help me sort this out?
>>
>> Configuration is as follows:
>>
>> upstream apps {
>>    server 10.0.1.50:3000;
>> }
>>
>> server {
>>    listen 80;
>>    server_name domain.com;
>>    error_log /var/log/nginx/domain-error.log debug;
>>
>>    location / {
>>        root /disk0/vhosts/domain/public;
>>        try_files $uri $uri /index.php;
>>     
>
> See no reasons to test $uri twice.
>
>   
>>        fastcgi_pass apps;
>>        #fastcgi_index index.php;
>>        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
>>        include fastcgi_params;
>>    }
>>
>>    location /administrator {
>>        root /disk0/vhosts/domain/public;
>>        try_files $uri $uri index.php;
>>     
>
> You fallback to 'index.php' which is wrong as far as I see (it 
> produces redirect to 'index.php' in case of no file found - it's 
> simply invalid since has no leading '/').  Probably you mean to 
> use 
>
>          try_files $uri /administrator/index.php;
>
> instead, and probably it's a good idea to specify separate 
> location for /administrator/index.php to avoid internal 
> redirection loop in case there will be no /administrator/index.php 
> file.
>   
There is no /administrator/index.php file.
I want to simply separate the administrator backend, and serve it from 
the same machine as balancer, because i've got all the gallery photos on 
this machine.
I'm migrating this from apache.

.htaccess says:
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} -s [OR]
RewriteCond %{REQUEST_FILENAME} -l [OR]
RewriteCond %{REQUEST_FILENAME} -d
RewriteRule ^.*$ - [NC,L]
RewriteRule ^.*$ index.php [NC,L]
>>        fastcgi_pass 127.0.0.1:3000;
>>        #fastcgi_index index.php;
>>        #fastcgi_param SCRIPT_FILENAME   
>> /disk0/vhosts/domain/public/index.php;
>>        fastcgi_param SCRIPT_FILENAME  
>> /disk0/vhosts/domain/public/$fastcgi_script_name;
>>        include fastcgi_params;
>>    }
>>
>>    location /js/lib/xinha/plugins/ExtendedFileManager/backend.php {
>>        fastcgi_pass 127.0.0.1:3000;
>>        fastcgi_index backend.php;
>>        fastcgi_param SCRIPT_FILENAME   
>> /disk0/vhosts/domain/public/js/lib/xinha/plugins/ExtendedFileManager/backend.php;
>>        include fastcgi_params;
>>        access_log /var/log/nginx/backend1.log;
>>    }
>>
>>    location /js/lib/xinha/plugins/ImageManager/backend.php {
>>        fastcgi_pass 127.0.0.1:3000;
>>        fastcgi_index backend.php;
>>        fastcgi_param SCRIPT_FILENAME   
>> /disk0/vhosts/domain/public/js/lib/xinha/plugins/ImageManager/backend.php;
>>        include fastcgi_params;
>>        access_log /var/log/nginx/backend2.log;
>>    }
>>
>>    location ~ ^/(js)/  {
>>     
>
> Any reasons to use regex here?  It should be enough to use normal 
>
>      location /js/ {
>
> unless you want to render the above '/js/.../backend.php' locations 
> useless.
>   
Yes the regex is useless in this case.
Is there any way of merging this to */backend.php locations?




From mdounin at mdounin.ru  Thu Jul 16 17:18:23 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 16 Jul 2009 17:18:23 +0400
Subject: fastcgi, try_files, problems
In-Reply-To: <4A5F219B.5040504@fouter.net>
References: <4A5F17CA.8040009@puffy.pl> <4A5F219B.5040504@fouter.net>
Message-ID: <20090716131822.GL1050@mdounin.ru>

Hello!

On Thu, Jul 16, 2009 at 01:48:27PM +0100, Dick Middleton wrote:

> Tomasz Pajor wrote:
>
> > I have a problem with proper configuration of my page.
>
> Coo!  Let me have a go.  I'm brand new to nginx so just testing my  
> reading ability :)
>
>> Don't know what am I doing wrong, but the debug says that when i go to  
>> http://domain.com/administrator it uses the location /administrator but 
>> then it's redirected to /index.php and it uses location /, so not as I  
>> intended.
>
> Is it the order of location directives:   location / satisfies  
> /administrator before location /administrator
>
> So change the order in config - am I right?

No.  For normal location (not regex) order doesn't matter, nginx 
always uses most specific (i.e. longest match).

See http://wiki.nginx.org/NginxHttpCoreModule#location for 
details.

Maxim Dounin




From grails at jmsd.co.uk  Thu Jul 16 17:33:43 2009
From: grails at jmsd.co.uk (John Moore)
Date: Thu, 16 Jul 2009 14:33:43 +0100
Subject: Simple permissions problem
Message-ID: <4A5F2C37.50101@jmsd.co.uk>

Sorry, this should be dead simple but it's not working for me...

I have a directory, called 'php', within my main directory which 
contains fragments of HTML to be included in my main pages (either by 
SSI or by PHP includes). I do not want any of these fragments to be 
directly accessible by a browser. That is, I want 
'http://www.mysite.com/php/fragment.html' to fail.

I have the following in my nginx.conf, but it doesn't work - 
'http://www.mysite.com/php/fragment.html' still brings up the fragment 
in the browser. What do I need to do? (And, on a completely separate 
note, do I have to specify the full path to the root in each of my 
hosts, or is there some shortcut for this)?

    server {
        server_name www.mysite.com;
        listen 80;
      
        location /php {
            root /var/www/nginx-default/www.mysite.com;
            deny all;
        }

  }


JM






From mdounin at mdounin.ru  Thu Jul 16 20:20:29 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 16 Jul 2009 20:20:29 +0400
Subject: Keep Alive piles up
In-Reply-To: <20090716095538.13093.qmail@oak.oeko.net>
References: <1ab82bc1f3e0954a2538288a4980621b.NginxMailingList@forum.nginx.org> <20090629144615.GC66320@forum.nginx.org> <c7d82fb47c39f588415104fda7fe1dc4.NginxMailingList@forum.nginx.org> <a8658651612ac2663240bc712eb60e42.NginxMailingList@forum.nginx.org> <20090629161004.GE66320@forum.nginx.org> <7b7119d7eebefa203cd21e74af6d9836.NginxMailingList@forum.nginx.org> <20090629182110.GF66320@forum.nginx.org> <1d8038ad189bdb81abb8eaea8438e35d.NginxMailingList@forum.nginx.org> <20090629201857.GA99873@mdounin.ru> <20090716095538.13093.qmail@oak.oeko.net>
Message-ID: <20090716162029.GO1050@mdounin.ru>

Hello!

On Thu, Jul 16, 2009 at 11:55:38AM +0200, Toni Mueller wrote:

> 
> Hello!
> 
> On Tue, 30.06.2009 at 00:18:57 +0400, Maxim Dounin <mdounin at mdounin.ru> wrote:
> > Looks like you assume that wiki == documentation.  It's simply not 
> > true.
> 
> it seems that for those of us who can't read russian, it simply has to
> be true because we don't have much of a choice.

It's probably a good idea to maintain translation of 
documentation somewhere, may be just change wiki policy for 
generic pages.  For now, feel free to use google translate or 
yahoo babelfish.

> > Yes, nested locations have drawbacks due to some inheritance bugs 
> > (and hence they still aren't documented in official docs).  But 
> > if's are in fact nested locations under the hood - and they have 
> 
> I have trouble understanding how if()s can be locations under the hood,
> or how I could use variable testing (like eg. in geo-ip) without if()s.

Looks like statements for me, not questions.  Anyway, here is some 
explanations:

1. Directive if() used inside location creates another location 
configuration object via ngx_http_add_location() (and then it's 
used in case if() condition passes), see 
src/http/modules/ngx_http_rewrite_module.c:ngx_http_rewrite_if() 
for details.

2. In some cases you can avoid using if()'s.  In some you can't.  
If you can - in most cases it's better choice to avoid.  If you 
can't - it's somethimes better to avoid the whole case then to use 
if().

Normally if's will work.  But somethimes they produce unexpected 
results or even coredumps.  The bad thing is that previously good 
configuration that uses if's may be rendered invalid just by 
adding some minor unrelated directives (or vice versa, good 
configuration without if's may be rendered invalid by adding 
unrelated if's).  Here are some examples:

1.

Good, try_files working as expected:

        location /try-files {
             try_files  /file  @fallback;
        }

Bad, try_files not working at all:

        location /if-try-files {
             try_files  /file  @fallback;

             set $true 1;

             if ($true) {
                 # nothing
             }
        }

2.

Good, works as expected:

        location /no-crash {

            set $true 1;

            if ($true) {
                # fastcgi_pass here
                fastcgi_pass  127.0.0.1:9000;
            }
        }

Bad, crashes:

        location /crash {

            set $true 1;

            if ($true) {
                # fastcgi_pass here
                fastcgi_pass  127.0.0.1:9000;
            }

            if ($true) {
                # no handler here
            }
        }

The other bad thing - it's not clear how to fix this without 
breaking compatibility.

Note that if() used inside server{} block and if() used inside 
location block are quite a different beasts.  While the former is 
limited to safe things and mostly harmless - latter is evil.  On 
the other hand, using server-scope if's is just inefficient if you 
need them only for some specific location.

Maxim Dounin




From mike503 at gmail.com  Thu Jul 16 20:42:53 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Thu, 16 Jul 2009 09:42:53 -0700
Subject: fastcgi, try_files, problems
In-Reply-To: <20090716124159.GI1050@mdounin.ru>
References: <4A5F17CA.8040009@puffy.pl> <20090716124159.GI1050@mdounin.ru>
Message-ID: <bd9320b30907160942n721b5fb0u47fbb3c712cdd172@mail.gmail.com>

On Thu, Jul 16, 2009 at 5:41 AM, Maxim Dounin<mdounin at mdounin.ru> wrote:

> See no reasons to test $uri twice.

I think it's a typo.

probably meant

try_files $uri $uri/ /index.php;




From mike503 at gmail.com  Thu Jul 16 20:46:08 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Thu, 16 Jul 2009 09:46:08 -0700
Subject: FastCGI application not receiving multi-part data
In-Reply-To: <14a2ed3e7b6b55d3caacbc706609cefb.NginxMailingList@forum.nginx.org>
References: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
	 <14a2ed3e7b6b55d3caacbc706609cefb.NginxMailingList@forum.nginx.org>
Message-ID: <bd9320b30907160946w6ec28c3ax628a70ca6ab01a0d@mail.gmail.com>

post your configuration

On Thu, Jul 16, 2009 at 2:27 AM, gerryw<nginx-forum at nginx.us> wrote:
> Hello All,
>
> I also did a test with just the vanilla FastCGI API calls. The only env related variable I was able to get was "REQUEST_METHOD". None of the rest were set.
>
> Thanks,
> Gerry
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4091,4101#msg-4101
>
>
>




From mdounin at mdounin.ru  Thu Jul 16 21:58:56 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 16 Jul 2009 21:58:56 +0400
Subject: fastcgi, try_files, problems
In-Reply-To: <4A5F2611.8020009@puffy.pl>
References: <4A5F17CA.8040009@puffy.pl> <20090716124159.GI1050@mdounin.ru> <4A5F2611.8020009@puffy.pl>
Message-ID: <20090716175856.GS1050@mdounin.ru>

Hello!

On Thu, Jul 16, 2009 at 03:07:29PM +0200, Tomasz Pajor wrote:

> Maxim Dounin wrote:
>> Hello!
>>
>> On Thu, Jul 16, 2009 at 02:06:34PM +0200, Tomasz Pajor wrote:
>>
>>   
>>> Hello all,
>>>
>>> I have a problem with proper configuration of my page.
>>>
>>> What I want to achieve is that:
>>> - http://domain.com/ should point to an upstream bucket of fastcgi apps.
>>> - http://domain.com/administrator should be served by a fastcgi 
>>> server  on the same machine as balancer, so it should point to 
>>> 127.0.0.1:3000 in  this case
>>> - i think there is a way to simplify the two backend.php entries
>>> - all /js/ entries for domain.com should be served staticly
>>> - static.domain.com should be served staticly
>>>
>>> Don't know what am I doing wrong, but the debug says that when i go 
>>> to  http://domain.com/administrator it uses the location 
>>> /administrator but  then it's redirected to /index.php and it uses 
>>> location /, so not as I  intended.
>>>
>>> Can You guys help me sort this out?
>>>
>>> Configuration is as follows:
>>>
>>> upstream apps {
>>>    server 10.0.1.50:3000;
>>> }
>>>
>>> server {
>>>    listen 80;
>>>    server_name domain.com;
>>>    error_log /var/log/nginx/domain-error.log debug;
>>>
>>>    location / {
>>>        root /disk0/vhosts/domain/public;
>>>        try_files $uri $uri /index.php;
>>>     
>>
>> See no reasons to test $uri twice.
>>
>>   
>>>        fastcgi_pass apps;
>>>        #fastcgi_index index.php;
>>>        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
>>>        include fastcgi_params;
>>>    }
>>>
>>>    location /administrator {
>>>        root /disk0/vhosts/domain/public;
>>>        try_files $uri $uri index.php;
>>>     
>>
>> You fallback to 'index.php' which is wrong as far as I see (it  
>> produces redirect to 'index.php' in case of no file found - it's  
>> simply invalid since has no leading '/').  Probably you mean to use 
>>
>>          try_files $uri /administrator/index.php;
>>
>> instead, and probably it's a good idea to specify separate location for 
>> /administrator/index.php to avoid internal redirection loop in case 
>> there will be no /administrator/index.php file.
>>   
> There is no /administrator/index.php file.
> I want to simply separate the administrator backend, and serve it from  
> the same machine as balancer, because i've got all the gallery photos on  
> this machine.

So there is no /disk0/vhosts/domain/public/administrator directory 
at all, am I right?

> I'm migrating this from apache.
>
> .htaccess says:
> RewriteEngine On
> RewriteCond %{REQUEST_FILENAME} -s [OR]
> RewriteCond %{REQUEST_FILENAME} -l [OR]
> RewriteCond %{REQUEST_FILENAME} -d
> RewriteRule ^.*$ - [NC,L]
> RewriteRule ^.*$ index.php [NC,L]

As far as I understand you basically need to pass everything to 
fastcgi while rewriting everything that doesn't exist to 
index.php?  Try something like this:

    root /disk0/vhosts/domain/public;

    fastcgi_index index.php;

    location / {
        try_files $uri $uri/ @fallback;
        fastcgi_pass apps;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        ...
    }

    location @fallback {
        fastcgi_pass apps;
        fastcgi_param SCRIPT_FILENAME $document_root/index.php;
        ...
    }

    location /administrator/ {
        rewrite ^/administrator(.*) $1 break;
        try_files $uri $uri/ @adminfallback;
        fastcgi_pass 127.0.0.1:3000;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        ...
    }

    location @adminfallback {
        fastcgi_pass 127.0.0.1:3000;
        fastcgi_param SCRIPT_FILENAME $document_root/index.php;
        ...
    }

>>>        fastcgi_pass 127.0.0.1:3000;
>>>        #fastcgi_index index.php;
>>>        #fastcgi_param SCRIPT_FILENAME    
>>> /disk0/vhosts/domain/public/index.php;
>>>        fastcgi_param SCRIPT_FILENAME   
>>> /disk0/vhosts/domain/public/$fastcgi_script_name;
>>>        include fastcgi_params;
>>>    }
>>>
>>>    location /js/lib/xinha/plugins/ExtendedFileManager/backend.php {
>>>        fastcgi_pass 127.0.0.1:3000;
>>>        fastcgi_index backend.php;
>>>        fastcgi_param SCRIPT_FILENAME    
>>> /disk0/vhosts/domain/public/js/lib/xinha/plugins/ExtendedFileManager/backend.php;
>>>        include fastcgi_params;
>>>        access_log /var/log/nginx/backend1.log;
>>>    }
>>>
>>>    location /js/lib/xinha/plugins/ImageManager/backend.php {
>>>        fastcgi_pass 127.0.0.1:3000;
>>>        fastcgi_index backend.php;
>>>        fastcgi_param SCRIPT_FILENAME    
>>> /disk0/vhosts/domain/public/js/lib/xinha/plugins/ImageManager/backend.php;
>>>        include fastcgi_params;
>>>        access_log /var/log/nginx/backend2.log;
>>>    }
>>>
>>>    location ~ ^/(js)/  {
>>>     
>>
>> Any reasons to use regex here?  It should be enough to use normal 
>>
>>      location /js/ {
>>
>> unless you want to render the above '/js/.../backend.php' locations  
>> useless.
>>   
> Yes the regex is useless in this case.
> Is there any way of merging this to */backend.php locations?

Do not understand question.  All 3 locations mentioned are quite 
different in your config - /js/ serves static, while backend.php's 
are passed to fastcgi (and one backend.php writes backend1.log, 
while other - backend2.log).  What do you mean by "merging"?

If you want to avoid duplicate parts of configuration - use 
include directive or inheritance from upper levels.

Maxim Dounin




From nginx-forum at nginx.us  Thu Jul 16 23:25:52 2009
From: nginx-forum at nginx.us (gerryw)
Date: Thu, 16 Jul 2009 15:25:52 -0400
Subject: FastCGI application not receiving multi-part data
In-Reply-To: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
References: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
Message-ID: <559101f3ab5f601283c1b723388acc62.NginxMailingList@forum.nginx.org>

Hello All,

It looks like the config options Daniel recommended are sending the data. I think the multipart data in this case is something that most of the C/C++ cgi libs are choking on. If I just read the data from stdin and dump it, I can see the data I need. I'm going to try writing my own little parser for this. I'm using the very cool Upload module, so I don't need the actual file data.

I appreciate the help y'all have given me with this. I'll come back and post the result.

Thanks,
Gerry

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4091,4125#msg-4125





From nginx-forum at nginx.us  Fri Jul 17 00:19:05 2009
From: nginx-forum at nginx.us (valve)
Date: Thu, 16 Jul 2009 16:19:05 -0400
Subject: issue with XSLT [0.8.x]
Message-ID: <ebb8331489b7bc0f0e6693da26203a3c.NginxMailingList@forum.nginx.org>

I'm having a weird issue with the XSLT module in nginx: after some random time, requesting an XSLT-transformed URL generates 500-errors. The errorlog tells me that the XML-document is not well formed, which it is.

It seems to be similar to an issue raised on the Russian maillinglist (http://www.lexa.ru/nginx-ru/msg25325.html ), although I'm not using FastCGI but just use static XML files as input for the XSLT-engine.

Running an strace or debugging with http_debug doesn't show anything weird as far as I can tell:

2009/07/16 21:49:34  16452#0: *65 http cl:-1 max:1048576
2009/07/16 21:49:34  16452#0: *65 generic phase: 2
2009/07/16 21:49:34  16452#0: *65 post rewrite phase: 3
2009/07/16 21:49:34  16452#0: *65 generic phase: 4
2009/07/16 21:49:34  16452#0: *65 generic phase: 5
2009/07/16 21:49:34  16452#0: *65 access phase: 6
2009/07/16 21:49:34  16452#0: *65 access phase: 7
2009/07/16 21:49:34  16452#0: *65 post access phase: 8
2009/07/16 21:49:34  16452#0: *65 content phase: 9
2009/07/16 21:49:34  16452#0: *65 open index "/var/www/allyourbass.org/htdocs/index.xml"
2009/07/16 21:49:34  16452#0: *65 internal redirect: "/index.xml?"
2009/07/16 21:49:34  16452#0: *65 http cl:-1 max:1048576
2009/07/16 21:49:34  16452#0: *65 generic phase: 2
2009/07/16 21:49:34  16452#0: *65 post rewrite phase: 3
2009/07/16 21:49:34  16452#0: *65 generic phase: 4
2009/07/16 21:49:34  16452#0: *65 generic phase: 5
2009/07/16 21:49:34  16452#0: *65 access phase: 6
2009/07/16 21:49:34  16452#0: *65 access phase: 7
2009/07/16 21:49:34  16452#0: *65 post access phase: 8
2009/07/16 21:49:34  16452#0: *65 content phase: 9
2009/07/16 21:49:34  16452#0: *65 content phase: 10
2009/07/16 21:49:34  16452#0: *65 content phase: 11
2009/07/16 21:49:34  16452#0: *65 http filename: "/var/www/allyourbass.org/htdocs/index.xml"
2009/07/16 21:49:34  16452#0: *65 http static fd: 16
2009/07/16 21:49:34  16452#0: *65 http set discard body
2009/07/16 21:49:34  16452#0: *65 xslt filter header
2009/07/16 21:49:34  16452#0: *65 http output filter "/index.xml?"
2009/07/16 21:49:34  16452#0: *65 copy filter: "/index.xml?"
2009/07/16 21:49:34  16452#0: *65 xslt filter body
2009/07/16 21:49:34  16452#0: *65 not well formed XML document while sending response to client, client: 83.161.41.147, server: klep.name, request: "GET / HTTP/1.1", host: "klep.name"
2009/07/16 21:49:34  16452#0: *65 http special response: 500, "/index.xml?"
2009/07/16 21:49:34  16452#0: *65 http set discard body
2009/07/16 21:49:34  16452#0: *65 xslt filter header
2009/07/16 21:49:34  16452#0: *65 HTTP/1.1 500 Internal Server Error
Server: nginx/0.8.5
Date: Thu, 16 Jul 2009 19:49:34 GMT
Content-Type: text/html
Content-Length: 192
Connection: close

2009/07/16 21:49:34  16452#0: *65 http write filter: l:0 f:0 s:161
2009/07/16 21:49:34  16452#0: *65 http output filter "/index.xml?"
2009/07/16 21:49:34  16452#0: *65 copy filter: "/index.xml?"
2009/07/16 21:49:34  16452#0: *65 xslt filter body
2009/07/16 21:49:34  16452#0: *65 http postpone filter "/index.xml?" 098EDFE0
2009/07/16 21:49:34  16452#0: *65 http write filter: l:1 f:0 s:353
2009/07/16 21:49:34  16452#0: *65 http write filter limit 0
2009/07/16 21:49:34  16452#0: *65 http write filter 00000000
2009/07/16 21:49:34  16452#0: *65 copy filter: 0 "/index.xml?"
2009/07/16 21:49:34  16452#0: *65 copy filter: -1 "/index.xml?"
2009/07/16 21:49:34  16452#0: *65 http finalize request: -1, "/index.xml?" 1
2009/07/16 21:49:34  16452#0: *65 http close request
2009/07/16 21:49:34  16452#0: *65 http log handler
2009/07/16 21:49:34  16452#0: *65 close http connection: 15


Some more info

$ nginx -V
nginx version: nginx/0.8.5
configure arguments: --with-http_xslt_module --with-mail --http-client-body-temp-path=/tmp/nginx/client-body-temp/ --http-proxy-temp-path=/tmp/nginx/proxy-temp/ --http-fastcgi-temp-path=/tmp/nginx/fastcgi-temp/ --with-md5-asm --with-sha1-asm --with-http_ssl_module --with-http_perl_module --with-http_sub_module --with-http_secure_link_module --prefix=/usr --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --pid-path=/var/run/nginx.pid --http-log-path=/var/log/nginx/access.log --with-debug



$ uname -a
Linux webserver 2.6.26-1-openvz-686 #1 SMP Sat Nov 8 21:19:32 UTC 2008 i686 GNU/Linux


Does anyone have any idea what might be the issue? I've looked through the code of the module but nothing strikes me as obviously wrong.

Regards,
Robert

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4128,4128#msg-4128





From theglobeisnowdigital at gmail.com  Fri Jul 17 01:02:40 2009
From: theglobeisnowdigital at gmail.com (Magdalena Glinkowski)
Date: Thu, 16 Jul 2009 14:02:40 -0700
Subject: HTTP_HEADER parsing, Documentation implies $http_range should work.
Message-ID: <432c29390907161402h21ced551ree053147c9f59b1@mail.gmail.com>

http://wiki.nginx.org/NginxHttpCoreModule#.24args

In the documentation above for the http_HEADER section, their is implication
that if I want "Range" from header,
I use "http_range" as the value, is this correct?

Magdalena
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090716/e19ebc74/attachment.html>

From yazz.atlas at gmail.com  Fri Jul 17 03:25:16 2009
From: yazz.atlas at gmail.com (Yazz D. Atlas)
Date: Thu, 16 Jul 2009 16:25:16 -0700
Subject: Help with autoindex on; missing slash for directories
In-Reply-To: <20090703084935.GY5360@mdounin.ru>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com> <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com> <20090701225352.GJ5360@mdounin.ru> <4A4CF604.5030508@gmail.com> <20090702192251.GX5360@mdounin.ru> <5bf4451d0907022055y33964155m9d49df06b2a3e9ed@mail.gmail.com> <20090703084935.GY5360@mdounin.ru>
Message-ID: <94C7F040-A04E-43C6-AF19-CA41F098240F@gmail.com>

Maxim,

Ok finally added the patch with the I believe the right stuff.  
Attached is the patch and the log file.

I just ran "GET http://localhost:88/static"

-Yazz

-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: patch-nginx-debug-autoindex-ver-02.txt
URL: <http://nginx.org/pipermail/nginx/attachments/20090716/63d276a6/attachment.txt>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: nginx-autoindex-debug.log
Type: application/octet-stream
Size: 12587 bytes
Desc: not available
URL: <http://nginx.org/pipermail/nginx/attachments/20090716/63d276a6/attachment.obj>
-------------- next part --------------



On Jul 3, 2009, at 1:49 AM, Maxim Dounin wrote:

> Hello!
>
> On Fri, Jul 03, 2009 at 11:55:22AM +0800, Joshua Zhu wrote:
>
>> Hi Maxim!
>>
>>> Could you please compile nginx with the attached simple patch and
>>> obtain debug log for autoindex request?
>>>
>>
>> IMHO, the ngx_log_debug1 in your patch should be changed to  
>> ngx_log_debug2 :)
>
> Yes, you are right, I missed it.  But it doesn't matter as long as  
> nginx
> compiled --with-debug.  And this in turn is required since I need
> this patch just for more verbose debug log on particular system. :)
>
> Maxim Dounin
>


From ek at kuramoto.org  Fri Jul 17 06:14:57 2009
From: ek at kuramoto.org (Kuramoto Eiji)
Date: Fri, 17 Jul 2009 11:14:57 +0900
Subject: issue with XSLT [0.8.x]
In-Reply-To: <ebb8331489b7bc0f0e6693da26203a3c.NginxMailingList@forum.nginx.org>
References: <ebb8331489b7bc0f0e6693da26203a3c.NginxMailingList@forum.nginx.org>
Message-ID: <r0zlb4kqce.wl%kuramoto@neu.co.jp>

I think it may be a bug.

well-formed status (ctx->ctxt->wellFormed) should check and save
before free xmlParserCtxtPtr. like this,

--- ngx_http_xslt_filter_module.c	29 May 2009 03:29:15 -0000	1.8
+++ ngx_http_xslt_filter_module.c	2 Jun 2009 08:15:28 -0000	1.9
@@ -273,6 +273,7 @@
 {
     ngx_chain_t                 *cl;
     ngx_http_xslt_filter_ctx_t  *ctx;
+    int wellFormed;
 
     ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
                    "xslt filter body");
@@ -312,9 +313,14 @@
             ctx->doc->extSubset = NULL;
 #endif
 
+	    /*
+	     * save well-formed status, so free ctx->ctxt in xmlFreeParserCtxt().
+	     */
+	    wellFormed = ctx->ctxt->wellFormed;
+
             xmlFreeParserCtxt(ctx->ctxt);
 
-            if (ctx->ctxt->wellFormed) {
+            if (wellFormed) {
                 return ngx_http_xslt_send(r, ctx,
                                        ngx_http_xslt_apply_stylesheet(r, ctx));
             }

 On Thu, 16 Jul 2009 16:19:05 -0400
    valve wrote:

 } I'm having a weird issue with the XSLT module in nginx: after some random time, requesting an XSLT-transformed URL generates 500-errors. The errorlog tells me that the XML-document is not well formed, which it is.
 } 
 } It seems to be similar to an issue raised on the Russian maillinglist (http://www.lexa.ru/nginx-ru/msg25325.html ), although I'm not using FastCGI but just use static XML files as input for the XSLT-engine.

- Kuramoto Eiji




From theglobeisnowdigital at gmail.com  Fri Jul 17 06:22:12 2009
From: theglobeisnowdigital at gmail.com (Magdalena)
Date: Thu, 16 Jul 2009 19:22:12 -0700
Subject: HTTP_HEADER parsing, Documentation implies $http_range should work.
In-Reply-To: <432c29390907161402h21ced551ree053147c9f59b1@mail.gmail.com>
References: <432c29390907161402h21ced551ree053147c9f59b1@mail.gmail.com>
Message-ID: <432c29390907161922l4aca756au111df8081332fe10@mail.gmail.com>

Didn't go through the first time.

---------- Forwarded message ----------
From: Magdalena <theglobeisnowdigital at gmail.com>
Date: Thu, Jul 16, 2009 at 2:02 PM
Subject: HTTP_HEADER parsing, Documentation implies $http_range should work.
To: nginx at sysoev.ru


http://wiki.nginx.org/NginxHttpCoreModule#.24args

In the documentation above for the http_HEADER section, their is implication
that if I want "Range" from header,
I use "http_range" as the value, is this correct?

Magdalena
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090716/3742e40b/attachment.html>

From mdounin at mdounin.ru  Fri Jul 17 06:23:21 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 17 Jul 2009 06:23:21 +0400
Subject: issue with XSLT [0.8.x]
In-Reply-To: <ebb8331489b7bc0f0e6693da26203a3c.NginxMailingList@forum.nginx.org>
References: <ebb8331489b7bc0f0e6693da26203a3c.NginxMailingList@forum.nginx.org>
Message-ID: <20090717022320.GU1050@mdounin.ru>

Hello!

On Thu, Jul 16, 2009 at 04:19:05PM -0400, valve wrote:

> I'm having a weird issue with the XSLT module in nginx: after some random time, requesting an XSLT-transformed URL generates 500-errors. The errorlog tells me that the XML-document is not well formed, which it is.
> 
> It seems to be similar to an issue raised on the Russian maillinglist (http://www.lexa.ru/nginx-ru/msg25325.html ), although I'm not using FastCGI but just use static XML files as input for the XSLT-engine.
> 
> Running an strace or debugging with http_debug doesn't show anything weird as far as I can tell:

Could you please show full debug log of such request (not only 
last lines) and with 'debug', not 'debug_http'?

Relevant debug log of successfull request may be usefull too.

Maxim Dounin

> 
> 2009/07/16 21:49:34  16452#0: *65 http cl:-1 max:1048576
> 2009/07/16 21:49:34  16452#0: *65 generic phase: 2
> 2009/07/16 21:49:34  16452#0: *65 post rewrite phase: 3
> 2009/07/16 21:49:34  16452#0: *65 generic phase: 4
> 2009/07/16 21:49:34  16452#0: *65 generic phase: 5
> 2009/07/16 21:49:34  16452#0: *65 access phase: 6
> 2009/07/16 21:49:34  16452#0: *65 access phase: 7
> 2009/07/16 21:49:34  16452#0: *65 post access phase: 8
> 2009/07/16 21:49:34  16452#0: *65 content phase: 9
> 2009/07/16 21:49:34  16452#0: *65 open index "/var/www/allyourbass.org/htdocs/index.xml"
> 2009/07/16 21:49:34  16452#0: *65 internal redirect: "/index.xml?"
> 2009/07/16 21:49:34  16452#0: *65 http cl:-1 max:1048576
> 2009/07/16 21:49:34  16452#0: *65 generic phase: 2
> 2009/07/16 21:49:34  16452#0: *65 post rewrite phase: 3
> 2009/07/16 21:49:34  16452#0: *65 generic phase: 4
> 2009/07/16 21:49:34  16452#0: *65 generic phase: 5
> 2009/07/16 21:49:34  16452#0: *65 access phase: 6
> 2009/07/16 21:49:34  16452#0: *65 access phase: 7
> 2009/07/16 21:49:34  16452#0: *65 post access phase: 8
> 2009/07/16 21:49:34  16452#0: *65 content phase: 9
> 2009/07/16 21:49:34  16452#0: *65 content phase: 10
> 2009/07/16 21:49:34  16452#0: *65 content phase: 11
> 2009/07/16 21:49:34  16452#0: *65 http filename: "/var/www/allyourbass.org/htdocs/index.xml"
> 2009/07/16 21:49:34  16452#0: *65 http static fd: 16
> 2009/07/16 21:49:34  16452#0: *65 http set discard body
> 2009/07/16 21:49:34  16452#0: *65 xslt filter header
> 2009/07/16 21:49:34  16452#0: *65 http output filter "/index.xml?"
> 2009/07/16 21:49:34  16452#0: *65 copy filter: "/index.xml?"
> 2009/07/16 21:49:34  16452#0: *65 xslt filter body
> 2009/07/16 21:49:34  16452#0: *65 not well formed XML document while sending response to client, client: 83.161.41.147, server: klep.name, request: "GET / HTTP/1.1", host: "klep.name"
> 2009/07/16 21:49:34  16452#0: *65 http special response: 500, "/index.xml?"
> 2009/07/16 21:49:34  16452#0: *65 http set discard body
> 2009/07/16 21:49:34  16452#0: *65 xslt filter header
> 2009/07/16 21:49:34  16452#0: *65 HTTP/1.1 500 Internal Server Error
> Server: nginx/0.8.5
> Date: Thu, 16 Jul 2009 19:49:34 GMT
> Content-Type: text/html
> Content-Length: 192
> Connection: close
> 
> 2009/07/16 21:49:34  16452#0: *65 http write filter: l:0 f:0 s:161
> 2009/07/16 21:49:34  16452#0: *65 http output filter "/index.xml?"
> 2009/07/16 21:49:34  16452#0: *65 copy filter: "/index.xml?"
> 2009/07/16 21:49:34  16452#0: *65 xslt filter body
> 2009/07/16 21:49:34  16452#0: *65 http postpone filter "/index.xml?" 098EDFE0
> 2009/07/16 21:49:34  16452#0: *65 http write filter: l:1 f:0 s:353
> 2009/07/16 21:49:34  16452#0: *65 http write filter limit 0
> 2009/07/16 21:49:34  16452#0: *65 http write filter 00000000
> 2009/07/16 21:49:34  16452#0: *65 copy filter: 0 "/index.xml?"
> 2009/07/16 21:49:34  16452#0: *65 copy filter: -1 "/index.xml?"
> 2009/07/16 21:49:34  16452#0: *65 http finalize request: -1, "/index.xml?" 1
> 2009/07/16 21:49:34  16452#0: *65 http close request
> 2009/07/16 21:49:34  16452#0: *65 http log handler
> 2009/07/16 21:49:34  16452#0: *65 close http connection: 15
> 
> 
> Some more info
> 
> $ nginx -V
> nginx version: nginx/0.8.5
> configure arguments: --with-http_xslt_module --with-mail --http-client-body-temp-path=/tmp/nginx/client-body-temp/ --http-proxy-temp-path=/tmp/nginx/proxy-temp/ --http-fastcgi-temp-path=/tmp/nginx/fastcgi-temp/ --with-md5-asm --with-sha1-asm --with-http_ssl_module --with-http_perl_module --with-http_sub_module --with-http_secure_link_module --prefix=/usr --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --pid-path=/var/run/nginx.pid --http-log-path=/var/log/nginx/access.log --with-debug
> 
> 
> 
> $ uname -a
> Linux webserver 2.6.26-1-openvz-686 #1 SMP Sat Nov 8 21:19:32 UTC 2008 i686 GNU/Linux
> 
> 
> Does anyone have any idea what might be the issue? I've looked through the code of the module but nothing strikes me as obviously wrong.
> 
> Regards,
> Robert
> 
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4128,4128#msg-4128
> 
> 




From mdounin at mdounin.ru  Fri Jul 17 06:25:01 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 17 Jul 2009 06:25:01 +0400
Subject: HTTP_HEADER parsing, Documentation implies $http_range should
	work.
In-Reply-To: <432c29390907161402h21ced551ree053147c9f59b1@mail.gmail.com>
References: <432c29390907161402h21ced551ree053147c9f59b1@mail.gmail.com>
Message-ID: <20090717022459.GV1050@mdounin.ru>

Hello!

On Thu, Jul 16, 2009 at 02:02:40PM -0700, Magdalena Glinkowski wrote:

> http://wiki.nginx.org/NginxHttpCoreModule#.24args
> 
> In the documentation above for the http_HEADER section, their is implication
> that if I want "Range" from header,
> I use "http_range" as the value, is this correct?

Yes, $http_range variable will give you value of Range header from 
http request.

Maxim Dounin




From mdounin at mdounin.ru  Fri Jul 17 07:01:00 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 17 Jul 2009 07:01:00 +0400
Subject: Help with autoindex on; missing slash for directories
In-Reply-To: <94C7F040-A04E-43C6-AF19-CA41F098240F@gmail.com>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com> <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com> <20090701225352.GJ5360@mdounin.ru> <4A4CF604.5030508@gmail.com> <20090702192251.GX5360@mdounin.ru> <5bf4451d0907022055y33964155m9d49df06b2a3e9ed@mail.gmail.com> <20090703084935.GY5360@mdounin.ru> <94C7F040-A04E-43C6-AF19-CA41F098240F@gmail.com>
Message-ID: <20090717030100.GW1050@mdounin.ru>

Hello!

On Thu, Jul 16, 2009 at 04:25:16PM -0700, Yazz D. Atlas wrote:

> Maxim,
>
> Ok finally added the patch with the I believe the right stuff. Attached 
> is the patch and the log file.
>
> I just ran "GET http://localhost:88/static"

Ok, thanx.  According to

2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: ".svn", type 4
2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "questionnaires", type 10
2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "site", type 10
2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "50x.html", type 8
2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "rev.txt", type 8
2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: ".", type 4
2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "protocols", type 10
2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "video", type 10
2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "..", type 4
2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "content", type 10

the only directories here are '.svn', '.' and '..'.  It's symlinks 
to directories that has no slash now.

I'll take a look how to fix this properly.

Maxim Dounin




From mdounin at mdounin.ru  Fri Jul 17 07:16:31 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 17 Jul 2009 07:16:31 +0400
Subject: issue with XSLT [0.8.x]
In-Reply-To: <r0zlb4kqce.wl%kuramoto@neu.co.jp>
References: <ebb8331489b7bc0f0e6693da26203a3c.NginxMailingList@forum.nginx.org> <r0zlb4kqce.wl%kuramoto@neu.co.jp>
Message-ID: <20090717031630.GX1050@mdounin.ru>

Hello!

On Fri, Jul 17, 2009 at 11:14:57AM +0900, Kuramoto Eiji wrote:

> I think it may be a bug.
> 
> well-formed status (ctx->ctxt->wellFormed) should check and save
> before free xmlParserCtxtPtr. like this,

Nice catch, thanks!

Maxim Dounin

> 
> --- ngx_http_xslt_filter_module.c	29 May 2009 03:29:15 -0000	1.8
> +++ ngx_http_xslt_filter_module.c	2 Jun 2009 08:15:28 -0000	1.9
> @@ -273,6 +273,7 @@
>  {
>      ngx_chain_t                 *cl;
>      ngx_http_xslt_filter_ctx_t  *ctx;
> +    int wellFormed;
>  
>      ngx_log_debug0(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
>                     "xslt filter body");
> @@ -312,9 +313,14 @@
>              ctx->doc->extSubset = NULL;
>  #endif
>  
> +	    /*
> +	     * save well-formed status, so free ctx->ctxt in xmlFreeParserCtxt().
> +	     */
> +	    wellFormed = ctx->ctxt->wellFormed;
> +
>              xmlFreeParserCtxt(ctx->ctxt);
>  
> -            if (ctx->ctxt->wellFormed) {
> +            if (wellFormed) {
>                  return ngx_http_xslt_send(r, ctx,
>                                         ngx_http_xslt_apply_stylesheet(r, ctx));
>              }
> 
>  On Thu, 16 Jul 2009 16:19:05 -0400
>     valve wrote:
> 
>  } I'm having a weird issue with the XSLT module in nginx: after some random time, requesting an XSLT-transformed URL generates 500-errors. The errorlog tells me that the XML-document is not well formed, which it is.
>  } 
>  } It seems to be similar to an issue raised on the Russian maillinglist (http://www.lexa.ru/nginx-ru/msg25325.html ), although I'm not using FastCGI but just use static XML files as input for the XSLT-engine.
> 
> - Kuramoto Eiji
> 




From nginx-forum at nginx.us  Fri Jul 17 08:52:58 2009
From: nginx-forum at nginx.us (gerryw)
Date: Fri, 17 Jul 2009 00:52:58 -0400
Subject: FastCGI application not receiving multi-part data
In-Reply-To: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
References: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
Message-ID: <041ea49c60be6459a3906f6759689c86.NginxMailingList@forum.nginx.org>

Hello All,

I have finally figured out what is happening, The are no envronment variables set.  For some reason getenv will return a bogus pointer at times, which will result in an invalid CONTENT_LENGTH and cause a segfault. Would there be any reason why these variables are not being set?

Thanks,
Gerry

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4091,4139#msg-4139





From nginx-forum at nginx.us  Fri Jul 17 10:34:26 2009
From: nginx-forum at nginx.us (valve)
Date: Fri, 17 Jul 2009 02:34:26 -0400
Subject: issue with XSLT [0.8.x]
In-Reply-To: <r0zlb4kqce.wl%kuramoto@forum.nginx.org>
References: <ebb8331489b7bc0f0e6693da26203a3c.NginxMailingList@forum.nginx.org> <r0zlb4kqce.wl%kuramoto@forum.nginx.org>
Message-ID: <1f4e311bb564250b5a5d639d8abb21d7.NginxMailingList@forum.nginx.org>

Kuramoto Eiji Wrote:
-------------------------------------------------------
> I think it may be a bug.
> 
> well-formed status (ctx->ctxt->wellFormed) should
> check and save
> before free xmlParserCtxtPtr. like this,

That sounds quite reasonable :)

I've applied your patch and will keep a close look on how it works.

Thx!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4128,4140#msg-4140





From is at rambler-co.ru  Fri Jul 17 12:46:52 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Fri, 17 Jul 2009 12:46:52 +0400
Subject: FastCGI application not receiving multi-part data
In-Reply-To: <041ea49c60be6459a3906f6759689c86.NginxMailingList@forum.nginx.org>
References: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org> <041ea49c60be6459a3906f6759689c86.NginxMailingList@forum.nginx.org>
Message-ID: <20090717084652.GC11563@rambler-co.ru>

On Fri, Jul 17, 2009 at 12:52:58AM -0400, gerryw wrote:

> Hello All,
> 
> I have finally figured out what is happening, The are no envronment variables set.  For some reason getenv will return a bogus pointer at times, which will result in an invalid CONTENT_LENGTH and cause a segfault. Would there be any reason why these variables are not being set?

It seems you did not set or include fastcgi_param's:

    include conf/fastcgi_params;


-- 
Igor Sysoev
http://sysoev.ru/en/




From theglobeisnowdigital at gmail.com  Fri Jul 17 13:18:30 2009
From: theglobeisnowdigital at gmail.com (Magdalena)
Date: Fri, 17 Jul 2009 02:18:30 -0700
Subject: HTTP_HEADER parsing, Documentation implies $http_range should 
	work.
In-Reply-To: <20090717022459.GV1050@mdounin.ru>
References: <432c29390907161402h21ced551ree053147c9f59b1@mail.gmail.com>
	 <20090717022459.GV1050@mdounin.ru>
Message-ID: <432c29390907170218j76f37714l7df244c043bb0e2@mail.gmail.com>

Thank you for your response. Strange it didnt appear to work in practice.
I used curl to send the test request, and curl interpreted it correctly
based on its trace log.

I am not having any issues with any other getparam variable accesses except
this one.
My fastcgi_params file declares mapping to be HTTP_RANGE $http_range and the
result I get is null char
from the local request state environment.

On Thu, Jul 16, 2009 at 7:25 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:

> Hello!
>
> On Thu, Jul 16, 2009 at 02:02:40PM -0700, Magdalena Glinkowski wrote:
>
> > http://wiki.nginx.org/NginxHttpCoreModule#.24args
> >
> > In the documentation above for the http_HEADER section, their is
> implication
> > that if I want "Range" from header,
> > I use "http_range" as the value, is this correct?
>
> Yes, $http_range variable will give you value of Range header from
> http request.
>
> Maxim Dounin
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090717/78694529/attachment.html>

From nikon at puffy.pl  Fri Jul 17 13:35:38 2009
From: nikon at puffy.pl (Tomasz Pajor)
Date: Fri, 17 Jul 2009 11:35:38 +0200
Subject: fastcgi, try_files, problems
In-Reply-To: <20090716175856.GS1050@mdounin.ru>
References: <4A5F17CA.8040009@puffy.pl> <20090716124159.GI1050@mdounin.ru> <4A5F2611.8020009@puffy.pl> <20090716175856.GS1050@mdounin.ru>
Message-ID: <4A6045EA.2020003@puffy.pl>

Maxim Dounin wrote:

  

>> There is no /administrator/index.php file.
>> I want to simply separate the administrator backend, and serve it from  
>> the same machine as balancer, because i've got all the gallery photos on  
>> this machine.
>>     
>
> So there is no /disk0/vhosts/domain/public/administrator directory 
> at all, am I right?
>   
No there isn't.
>   
>> I'm migrating this from apache.
>>
>> .htaccess says:
>> RewriteEngine On
>> RewriteCond %{REQUEST_FILENAME} -s [OR]
>> RewriteCond %{REQUEST_FILENAME} -l [OR]
>> RewriteCond %{REQUEST_FILENAME} -d
>> RewriteRule ^.*$ - [NC,L]
>> RewriteRule ^.*$ index.php [NC,L]
>>     
>
> As far as I understand you basically need to pass everything to 
> fastcgi while rewriting everything that doesn't exist to 
> index.php?  Try something like this:
>
>     root /disk0/vhosts/domain/public;
>
>     fastcgi_index index.php;
>
>     location / {
>         try_files $uri $uri/ @fallback;
>         fastcgi_pass apps;
>         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
>         ...
>     }
>
>     location @fallback {
>         fastcgi_pass apps;
>         fastcgi_param SCRIPT_FILENAME $document_root/index.php;
>         ...
>     }
>
>     location /administrator/ {
>         rewrite ^/administrator(.*) $1 break;
>         try_files $uri $uri/ @adminfallback;
>         fastcgi_pass 127.0.0.1:3000;
>         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
>         ...
>     }
>
>     location @adminfallback {
>         fastcgi_pass 127.0.0.1:3000;
>         fastcgi_param SCRIPT_FILENAME $document_root/index.php;
>         ...
>     }
>
>   
It works flawlessly thank You Maxim!




From is at rambler-co.ru  Fri Jul 17 13:49:10 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Fri, 17 Jul 2009 13:49:10 +0400
Subject: HTTP_HEADER parsing, Documentation implies $http_range should work.
In-Reply-To: <432c29390907170218j76f37714l7df244c043bb0e2@mail.gmail.com>
References: <432c29390907161402h21ced551ree053147c9f59b1@mail.gmail.com> <20090717022459.GV1050@mdounin.ru> <432c29390907170218j76f37714l7df244c043bb0e2@mail.gmail.com>
Message-ID: <20090717094910.GD11563@rambler-co.ru>

On Fri, Jul 17, 2009 at 02:18:30AM -0700, Magdalena wrote:

> Thank you for your response. Strange it didnt appear to work in practice.
> I used curl to send the test request, and curl interpreted it correctly
> based on its trace log.
> 
> I am not having any issues with any other getparam variable accesses except
> this one.
> My fastcgi_params file declares mapping to be HTTP_RANGE $http_range and the
> result I get is null char
> from the local request state environment.

You do not need to pass HTTP_RANGE specially, it is passed by default.

> On Thu, Jul 16, 2009 at 7:25 PM, Maxim Dounin <mdounin at mdounin.ru> wrote:
> 
> > Hello!
> >
> > On Thu, Jul 16, 2009 at 02:02:40PM -0700, Magdalena Glinkowski wrote:
> >
> > > http://wiki.nginx.org/NginxHttpCoreModule#.24args
> > >
> > > In the documentation above for the http_HEADER section, their is
> > implication
> > > that if I want "Range" from header,
> > > I use "http_range" as the value, is this correct?
> >
> > Yes, $http_range variable will give you value of Range header from
> > http request.
> >
> > Maxim Dounin


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Fri Jul 17 15:14:35 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Fri, 17 Jul 2009 15:14:35 +0400
Subject: Help with autoindex on; missing slash for directories
In-Reply-To: <20090717030100.GW1050@mdounin.ru>
References: <99e8cb160906302309q37c5b209o17fd68b1f52bbdb@mail.gmail.com> <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com> <20090701225352.GJ5360@mdounin.ru> <4A4CF604.5030508@gmail.com> <20090702192251.GX5360@mdounin.ru> <5bf4451d0907022055y33964155m9d49df06b2a3e9ed@mail.gmail.com> <20090703084935.GY5360@mdounin.ru> <94C7F040-A04E-43C6-AF19-CA41F098240F@gmail.com> <20090717030100.GW1050@mdounin.ru>
Message-ID: <20090717111435.GF11563@rambler-co.ru>

On Fri, Jul 17, 2009 at 07:01:00AM +0400, Maxim Dounin wrote:

> Hello!
> 
> On Thu, Jul 16, 2009 at 04:25:16PM -0700, Yazz D. Atlas wrote:
> 
> > Maxim,
> >
> > Ok finally added the patch with the I believe the right stuff. Attached 
> > is the patch and the log file.
> >
> > I just ran "GET http://localhost:88/static"
> 
> Ok, thanx.  According to
> 
> 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: ".svn", type 4
> 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "questionnaires", type 10
> 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "site", type 10
> 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "50x.html", type 8
> 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "rev.txt", type 8
> 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: ".", type 4
> 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "protocols", type 10
> 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "video", type 10
> 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "..", type 4
> 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "content", type 10
> 
> the only directories here are '.svn', '.' and '..'.  It's symlinks 
> to directories that has no slash now.
> 
> I'll take a look how to fix this properly.

I've reproduced this bug on FreeBSD too. Will look how to resolve this.


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Fri Jul 17 19:17:02 2009
From: nginx-forum at nginx.us (vburshteyn)
Date: Fri, 17 Jul 2009 11:17:02 -0400
Subject: nginx stats
Message-ID: <0790e45f1193ac6336ee6f65b06505ed.NginxMailingList@forum.nginx.org>

Hi,

I am just curious to find out what do you folks use to measure nginx performance, aka how many requests it is handling at any given time and such....


Thanks,

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4146,4146#msg-4146





From jerome at loyet.net  Fri Jul 17 19:24:50 2009
From: jerome at loyet.net (=?ISO-8859-1?B?Suly9G1lIExveWV0?=)
Date: Fri, 17 Jul 2009 17:24:50 +0200
Subject: nginx stats
In-Reply-To: <0790e45f1193ac6336ee6f65b06505ed.NginxMailingList@forum.nginx.org>
References: <0790e45f1193ac6336ee6f65b06505ed.NginxMailingList@forum.nginx.org>
Message-ID: <3bea96c40907170824j250b6924r7fece7f4ab68ae55@mail.gmail.com>

look at the stub status module: http://wiki.nginx.org/NginxHttpStubStatusModule

2009/7/17 vburshteyn <nginx-forum at nginx.us>:
> Hi,
>
> I am just curious to find out what do you folks use to measure nginx performance, aka how many requests it is handling at any given time and such....
>
>
> Thanks,
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4146,4146#msg-4146
>
>
>




From jim at ohlste.in  Fri Jul 17 19:37:40 2009
From: jim at ohlste.in (Jim Ohlstein)
Date: Fri, 17 Jul 2009 11:37:40 -0400
Subject: nginx stats
In-Reply-To: <0790e45f1193ac6336ee6f65b06505ed.NginxMailingList@forum.nginx.org>
References: <0790e45f1193ac6336ee6f65b06505ed.NginxMailingList@forum.nginx.org>
Message-ID: <4A609AC4.1060907@ohlste.in>

vburshteyn wrote:
> Hi,
>
> I am just curious to find out what do you folks use to measure nginx performance, aka how many requests it is handling at any given time and such....
>   
I use Munin -- http://munin.projects.linpro.no/ -- which has third party 
modules for nginx memory use, requests, and connections. You need to 
compile nginx "--with-http_stub_status_module" and have it enabled at 
the server level for the FQDN of your server.
>
> Thanks,
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4146,4146#msg-4146
>
>
>   
Jim





From antonio04 at gmail.com  Fri Jul 17 19:54:58 2009
From: antonio04 at gmail.com (Antonio L.)
Date: Fri, 17 Jul 2009 19:54:58 +0400
Subject: nginx stats
In-Reply-To: <4A609AC4.1060907@ohlste.in>
References: <0790e45f1193ac6336ee6f65b06505ed.NginxMailingList@forum.nginx.org>
	 <4A609AC4.1060907@ohlste.in>
Message-ID: <d37f2aa10907170854o64c12c52p61a38214e492267f@mail.gmail.com>

>
> I use Munin -- http://munin.projects.linpro.no/ -- which has third party
> modules for nginx memory use, requests, and connections. You need to compile
> nginx "--with-http_stub_status_module" and have it enabled at the server
> level for the FQDN of your server.


I use Munin too, but have also found the nginxstats.py script at
http://hostingfu.com/article/quick-nginx-status-script useful for testing or
on-demand command line monitoring of nginx servers (all of which must have
the status module enabled).

Antonio
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090717/57b39575/attachment.html>

From lists at ruby-forum.com  Fri Jul 17 19:57:26 2009
From: lists at ruby-forum.com (Sid Div)
Date: Fri, 17 Jul 2009 17:57:26 +0200
Subject: nginx picks default index.html
Message-ID: <c922224bd00e2ecc0d31b3b8a500103e@ruby-forum.com>

Hi,

I am new to ruby and nginx.
This links has some instructions which I followed.
Turns out that ngnix always picks up the index.html from /opt/nginx
directory
and not my application.

This is the server block in my /opt/nginx/nginx.conf

server {
        listen       80;
        server_name  domain.com;
        root /var/www/myapp/current/public;
        passenger_enabled on;
        index index.html index.htm;
        client_max_body_size 50M;

---snip---


In my /var/www/myapp/current directory I have the following:

$ ls
nginx  public  railsapp


when i type domain.com in the browser, I see "Welcome to nginx"

How to make nginx to point to myappl in /var/www/myapp/current/public
-- 
Posted via http://www.ruby-forum.com/.




From nginx-forum at nginx.us  Fri Jul 17 20:48:34 2009
From: nginx-forum at nginx.us (e123e123e123)
Date: Fri, 17 Jul 2009 12:48:34 -0400
Subject: PHP can't run under alias folder
Message-ID: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org>

Dear Friends :

I can run php , but have php problem when using alias folder , all *.php file display below text :
---------------------------
No input file specified. 
---------------------------
but all html file all are no problem.

pls help  and advise , i just try move to nginx . Thanks.





-----------------------------------------------------
below is nginx.conf
-----------------------------------------------------
..............

location /phpmyadmin/ {
        alias /home/httpd/html/phpmyadmin/;
        autoindex  on;
        index index.php index.shtml index.html index.htm;
        #auth_basic            "Restricted";
        #auth_basic_user_file  /var/www/htpasswd;
    }

location ~ ^/phpmyadmin/.+\.php$ {
      root /home/httpd/html;
      rewrite /phpmyadmin/(.*\.php?) /$1 break;
      fastcgi_pass  127.0.0.1:9000;
      fastcgi_index index.php;
      include fcgi.conf;
     fastcgi_param SCRIPT_FILENAME /home/httpd/html/phpmyadmin/$fastcgi_script_name;
    }

..............

-----------------------------------------------------
below is fcgi.conf
-----------------------------------------------------
fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx;

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4151,4151#msg-4151





From edhoprima at gmail.com  Fri Jul 17 20:59:29 2009
From: edhoprima at gmail.com (Edho P Arief)
Date: Fri, 17 Jul 2009 23:59:29 +0700
Subject: PHP can't run under alias folder
In-Reply-To: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org>
Message-ID: <a3780c060907170959o2eb36750k428e222b626976c6@mail.gmail.com>

On Fri, Jul 17, 2009 at 11:48 PM, e123e123e123<nginx-forum at nginx.us> wrote:
> Dear Friends :
>
> I can run php , but have php problem when using alias folder , all *.php file display below text :
> ---------------------------
> No input file specified.
> ---------------------------
> but all html file all are no problem.
>
> pls help ?and advise , i just try move to nginx . Thanks.
>
>
>
>
>
> -----------------------------------------------------
> below is nginx.conf
> -----------------------------------------------------
> ..............
>
> location /phpmyadmin/ {
> ? ? ? ?alias /home/httpd/html/phpmyadmin/;
> ? ? ? ?autoindex ?on;
> ? ? ? ?index index.php index.shtml index.html index.htm;
> ? ? ? ?#auth_basic ? ? ? ? ? ?"Restricted";
> ? ? ? ?#auth_basic_user_file ?/var/www/htpasswd;
> ? ?}
>
> location ~ ^/phpmyadmin/.+\.php$ {
> ? ? ?root /home/httpd/html;
> ? ? ?rewrite /phpmyadmin/(.*\.php?) /$1 break;
> ? ? ?fastcgi_pass ?127.0.0.1:9000;
> ? ? ?fastcgi_index index.php;
> ? ? ?include fcgi.conf;
> ? ? fastcgi_param SCRIPT_FILENAME /home/httpd/html/phpmyadmin/$fastcgi_script_name;
> ? ?}
>

location ~ ^/phpmyadmin/(.*\.php)$ {
  alias /home/httpd/html/phpmyadmin/$1;
  fastcgi_pass ...;
  fastcgi_index ...;
  include ...;
  fastcgi_param SCRIPT_FILENAME $request_filename;
}

> ..............
>
> -----------------------------------------------------
> below is fcgi.conf
> -----------------------------------------------------
> fastcgi_param ?GATEWAY_INTERFACE ?CGI/1.1;
> fastcgi_param ?SERVER_SOFTWARE ? ?nginx;
>
> fastcgi_param ?QUERY_STRING ? ? ? $query_string;
> fastcgi_param ?REQUEST_METHOD ? ? $request_method;
> fastcgi_param ?CONTENT_TYPE ? ? ? $content_type;
> fastcgi_param ?CONTENT_LENGTH ? ? $content_length;
>
> fastcgi_param ?SCRIPT_FILENAME ? ?$document_root$fastcgi_script_name;
> fastcgi_param ?SCRIPT_NAME ? ? ? ?$fastcgi_script_name;
> fastcgi_param ?REQUEST_URI ? ? ? ?$request_uri;
> fastcgi_param ?DOCUMENT_URI ? ? ? $document_uri;
> fastcgi_param ?DOCUMENT_ROOT ? ? ?$document_root;
> fastcgi_param ?SERVER_PROTOCOL ? ?$server_protocol;
>
> fastcgi_param ?REMOTE_ADDR ? ? ? ?$remote_addr;
> fastcgi_param ?REMOTE_PORT ? ? ? ?$remote_port;
> fastcgi_param ?SERVER_ADDR ? ? ? ?$server_addr;
> fastcgi_param ?SERVER_PORT ? ? ? ?$server_port;
> fastcgi_param ?SERVER_NAME ? ? ? ?$server_name;
>
> # PHP only, required if PHP was built with --enable-force-cgi-redirect
> fastcgi_param ?REDIRECT_STATUS ? ?200;
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4151,4151#msg-4151
>
>
>



-- 
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org




From frumentius at gmail.com  Fri Jul 17 22:18:47 2009
From: frumentius at gmail.com (Joe)
Date: Sat, 18 Jul 2009 01:18:47 +0700
Subject: nginx stats
In-Reply-To: <d37f2aa10907170854o64c12c52p61a38214e492267f@mail.gmail.com>
References: <0790e45f1193ac6336ee6f65b06505ed.NginxMailingList@forum.nginx.org>
	 <4A609AC4.1060907@ohlste.in>
	 <d37f2aa10907170854o64c12c52p61a38214e492267f@mail.gmail.com>
Message-ID: <f68f97510907171118h2258cf23yce3353a4ed596238@mail.gmail.com>

I am using status module and rrd.



Regards,
Joe



On Fri, Jul 17, 2009 at 10:54 PM, Antonio L. <antonio04 at gmail.com> wrote:

> I use Munin -- http://munin.projects.linpro.no/ -- which has third party
>> modules for nginx memory use, requests, and connections. You need to compile
>> nginx "--with-http_stub_status_module" and have it enabled at the server
>> level for the FQDN of your server.
>
>
> I use Munin too, but have also found the nginxstats.py script at
> http://hostingfu.com/article/quick-nginx-status-script useful for testing
> or on-demand command line monitoring of nginx servers (all of which must
> have the status module enabled).
>
> Antonio
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090718/2b3710ec/attachment.html>

From avleen at gmail.com  Fri Jul 17 23:59:12 2009
From: avleen at gmail.com (Avleen Vig)
Date: Fri, 17 Jul 2009 12:59:12 -0700
Subject: Another stats question (for upstreams)
Message-ID: <33c66c80907171259m414b0acct9dd2a6a588d4cca1@mail.gmail.com>

Hey guys :)

I need to measure the number of hits sent to each upstream{}, can anyone
think of a decent way to do this?

The ports used in each upstream{} block are different, so I suppose I could
count those in the log, but that's ugly.

Any suggestions?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090717/dcb4eba7/attachment.html>

From dick at fouter.net  Sat Jul 18 00:20:05 2009
From: dick at fouter.net (Dick Middleton)
Date: Fri, 17 Jul 2009 21:20:05 +0100
Subject: PHP can't run under alias folder
In-Reply-To: <a3780c060907170959o2eb36750k428e222b626976c6@mail.gmail.com>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org> <a3780c060907170959o2eb36750k428e222b626976c6@mail.gmail.com>
Message-ID: <4A60DCF5.1070203@fouter.net>

Edho P Arief wrote:
> location ~ ^/phpmyadmin/(.*\.php)$ {
>   alias /home/httpd/html/phpmyadmin/$1;
>   fastcgi_pass ...;
>   fastcgi_index ...;
>   include ...;
>   fastcgi_param SCRIPT_FILENAME $request_filename;

<DOCS>
The alias directive cannot be used inside a regex-specified location. If you 
need to do this you must use a combination of rewrite and root.
</DOCS>

Has this limitation been removed in v0.7.xxx ?

Dick






From nginx-forum at nginx.us  Sat Jul 18 03:06:30 2009
From: nginx-forum at nginx.us (gerryw)
Date: Fri, 17 Jul 2009 19:06:30 -0400
Subject: FastCGI application not receiving multi-part data
In-Reply-To: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
References: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
Message-ID: <2c9caf58a2a2059fef2afbadaffac888.NginxMailingList@forum.nginx.org>

Hello All,

Well... many hours later I am forced to give up on this. It would seem that there are some issues with the FastCGI implementation that PHP and the like must have worked around or their multipart form parser is very mature and robust. Unfortunately, php is not an option. I am working on a project that I can't delay any further. I really like nginx in general and I wish I could have used it. I appreciate those who tried to help. Maybe I can take another look when I don't have a deadline to meet.

BTW: The problem is not the fastcgi_param stuff. It has to do with the format of the multipart data. None of the current open source FastCGI compatible C libraries that I could find can parse it.

Thanks,
Gerry

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4091,4158#msg-4158





From maccaday at gmail.com  Sat Jul 18 03:17:43 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Sat, 18 Jul 2009 02:17:43 +0300
Subject: Resuming http request processing
In-Reply-To: <4A6045EA.2020003@puffy.pl>
References: <4A5F17CA.8040009@puffy.pl> <20090716124159.GI1050@mdounin.ru> <4A5F2611.8020009@puffy.pl> <20090716175856.GS1050@mdounin.ru> <4A6045EA.2020003@puffy.pl>
Message-ID: <4A610697.80902@gmail.com>

Hi,

I'm trying to write a module handler that does this:

handler is called
handler opens ngx connection (for later event notification) (i.e. using 
pipe() and ngx_get_connection())
handler sends info to another thread (to perform file-system tasks)
handler returns NGX_DONE

other thread processes the sent information
other thread sends event notification to Nginx event loop using the 
opened pipe

event callback function is executed by Nginx event loop
processing of request continues as though NGX_DECLINED was returned by 
handler in the first instance


I'm ok on all these steps, until the last one.  How can processing of a 
request be resumed at a later time? 

Thanks,

Marcus.




From edhoprima at gmail.com  Sat Jul 18 03:20:51 2009
From: edhoprima at gmail.com (Edho P Arief)
Date: Sat, 18 Jul 2009 06:20:51 +0700
Subject: PHP can't run under alias folder
In-Reply-To: <4A60DCF5.1070203@fouter.net>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org>
	 <a3780c060907170959o2eb36750k428e222b626976c6@mail.gmail.com>
	 <4A60DCF5.1070203@fouter.net>
Message-ID: <a3780c060907171620k7153198bg4bfc34480536ec2a@mail.gmail.com>

On Sat, Jul 18, 2009 at 3:20 AM, Dick Middleton<dick at fouter.net> wrote:
> Edho P Arief wrote:
>>
>> location ~ ^/phpmyadmin/(.*\.php)$ {
>> ?alias /home/httpd/html/phpmyadmin/$1;
>> ?fastcgi_pass ...;
>> ?fastcgi_index ...;
>> ?include ...;
>> ?fastcgi_param SCRIPT_FILENAME $request_filename;
>
> <DOCS>
> The alias directive cannot be used inside a regex-specified location. If you
> need to do this you must use a combination of rewrite and root.
> </DOCS>
>
> Has this limitation been removed in v0.7.xxx ?
>

yes.

-- 
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org




From nginx-forum at nginx.us  Sat Jul 18 04:16:40 2009
From: nginx-forum at nginx.us (smok3)
Date: Fri, 17 Jul 2009 20:16:40 -0400
Subject: auth_basic password problems
In-Reply-To: <4A5CFCD8.1040204@forum.nginx.org>
References: <4A5CFCD8.1040204@forum.nginx.org>
Message-ID: <1874a1e5b1cdb83fbd8272353674ca60.NginxMailingList@forum.nginx.org>





same behaviour with 0.8.5 on win xp.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4063,4163#msg-4163





From lists at ruby-forum.com  Sat Jul 18 05:48:21 2009
From: lists at ruby-forum.com (Phyo Lwin)
Date: Sat, 18 Jul 2009 03:48:21 +0200
Subject: dynamic reverse proxy , by mapping port
Message-ID: <e2ad59f1f6e3e765a4217f0f516cd86d@ruby-forum.com>

Hi all,

I am trying to make a dynamic reverse proxy which proxies the local
webservers on different ports

I try doing this way :


#user  nobody;
worker_processes  1;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    #gzip  on;


server {
     listen  0.0.0.0:8088;
     server_name  _;
     access_log  /var/log/nginx/proxy.access.log;

     location /
     {
     set $rd_port  $arg_port;
     proxy_pass      http://127.0.0.1:$rd_port$uri?port=$rd_port;
     proxy_set_header        Host    $proxy_host;

     }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   html;
        }
}

So when the page is requested using eg. http://10.0.0.1:8088/?port=12345
., it will redirect to http service running on 12345 . It work as expect
but only for one dynamic page / requested page, If that page have source
other static contents from its own it fails .

So to be make it possible need to put ?port=12345 on every links ,
images , etc.

How can i make it work as normally ?
-- 
Posted via http://www.ruby-forum.com/.




From jim at ohlste.in  Sat Jul 18 08:53:30 2009
From: jim at ohlste.in (Jim Ohlstein)
Date: Sat, 18 Jul 2009 00:53:30 -0400
Subject: Maxmind GeoIP City Module
In-Reply-To: <20090716123704.GF90866@rambler-co.ru>
References: <4A5336CD.9050308@theactivitypeople.co.uk> <20090716123704.GF90866@rambler-co.ru>
Message-ID: <4A61554A.7030402@ohlste.in>

Igor Sysoev wrote:
> On Tue, Jul 07, 2009 at 12:51:41PM +0100, Phillip Oldham wrote:
>
>   
>> We're in need of a GeoIP module which works with the current development 
>> branch of nginx and can resolve an IP to City-level using Maxmind's 
>> GeoIP Database (the .dat files). We use nginx extensively but don't have 
>> experience in C to develop such a module in-house. Are there any module 
>> developers on the list who would be interested in such a project?
>>
>> We're flexible regarding the funding of development for such a module, 
>> and also flexible on whether the finshed module is open-sourced and 
>> released back to the community.
>>
>> If anyone is interested please feel free to mail me off-list with any 
>> thoughts/costs/etc.
>>     
>
> The module is in the attached patch.
>   

Can you include the module with future distributions?
> ./configure ---with-http_geoip_module
>
> nginx.conf:
>
> http {
>
>     geoip_country  path/to/GeoIP.dat;
>     geoip_city     path/to/GeoLiteCity.dat;
>
>
> You may use only one base or both bases.
>
> Varaibles available with geoip_country base:
>
> $geoip_country_code
> $geoip_country_code3
> $geoip_country_name
>
> Varaibles available with geoip_city base:
>
> $geoip_city_country_code
> $geoip_city_country_code3
> $geoip_city_country_name
> $geoip_region
> $geoip_city
> $geoip_postal_code
>
>
>   
Jim





From khansen at charityweb.net  Sat Jul 18 09:28:12 2009
From: khansen at charityweb.net (Kurt Hansen)
Date: Sat, 18 Jul 2009 01:28:12 -0400
Subject: Trailing slash rewrite help
Message-ID: <4A615D6C.4000700@charityweb.net>

Hello,

I'm using nginx as a reverse proxy to a mod_perl backend server and am 
having trouble with my rewrite rule in the case of a missing trailing 
slash on a subdirectory.

For example, I want

www.example.com/action mapped to the example/action/ directory on the 
mod_perl server.

However, what happens is that www.example.com/action is mapped to 
example/example/action/

Here are  the relevant location directives where the rewrite is done:

     location /example/ {
        # root   html;
        index  index.htm;

        rewrite  ^/example(.*)/$ /example/$1/index.htm break;

        proxy_redirect off;
        proxy_pass http://cweb;
  }


     location / {
        # root   html;
        index  index.htm;

        rewrite  ^/$ /example/index.htm break;

        rewrite  ^/(.*) /example/$1 break;

        proxy_pass http://cweb;
    }

I think what is happening is that the rewrite comes out as 
/example/action then nginx adds the trailing slash and it gets run 
through the re-write again. I added the /example/ location directive so 
at least the right pages are displayed, but the URL comes back to the 
browser as www.example.com/example/action/

The nginx server is also an NFS server so the files reside on the nginx 
server. I've tried an if (-d $request_filename) but that doesn't work.

Any help would be greatly appreciated.

Thanks,

Kurt Hansen





From is at rambler-co.ru  Sat Jul 18 11:24:47 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sat, 18 Jul 2009 11:24:47 +0400
Subject: Trailing slash rewrite help
In-Reply-To: <4A615D6C.4000700@charityweb.net>
References: <4A615D6C.4000700@charityweb.net>
Message-ID: <20090718072447.GA34205@rambler-co.ru>

On Sat, Jul 18, 2009 at 01:28:12AM -0400, Kurt Hansen wrote:

> Hello,
> 
> I'm using nginx as a reverse proxy to a mod_perl backend server and am 
> having trouble with my rewrite rule in the case of a missing trailing 
> slash on a subdirectory.
> 
> For example, I want
> 
> www.example.com/action mapped to the example/action/ directory on the 
> mod_perl server.
> 
> However, what happens is that www.example.com/action is mapped to 
> example/example/action/
> 
> Here are  the relevant location directives where the rewrite is done:
> 
>     location /example/ {
>        # root   html;
>        index  index.htm;
> 
>        rewrite  ^/example(.*)/$ /example/$1/index.htm break;
> 
>        proxy_redirect off;
>        proxy_pass http://cweb;
>  }
> 
> 
>     location / {
>        # root   html;
>        index  index.htm;
> 
>        rewrite  ^/$ /example/index.htm break;
> 
>        rewrite  ^/(.*) /example/$1 break;
> 
>        proxy_pass http://cweb;
>    }
> 
> I think what is happening is that the rewrite comes out as 
> /example/action then nginx adds the trailing slash and it gets run 
> through the re-write again. I added the /example/ location directive so 
> at least the right pages are displayed, but the URL comes back to the 
> browser as www.example.com/example/action/
> 
> The nginx server is also an NFS server so the files reside on the nginx 
> server. I've tried an if (-d $request_filename) but that doesn't work.
> 
> Any help would be greatly appreciated.

Probably, you need just:

location / {
    proxy_pass http://cweb/example/;
}

Also, you need to set "Index index.htm" on mod_perl side.


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Sat Jul 18 11:26:07 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sat, 18 Jul 2009 11:26:07 +0400
Subject: Maxmind GeoIP City Module
In-Reply-To: <4A61554A.7030402@ohlste.in>
References: <4A5336CD.9050308@theactivitypeople.co.uk> <20090716123704.GF90866@rambler-co.ru> <4A61554A.7030402@ohlste.in>
Message-ID: <20090718072607.GB34205@rambler-co.ru>

On Sat, Jul 18, 2009 at 12:53:30AM -0400, Jim Ohlstein wrote:

> Igor Sysoev wrote:
> >On Tue, Jul 07, 2009 at 12:51:41PM +0100, Phillip Oldham wrote:
> >
> >  
> >>We're in need of a GeoIP module which works with the current development 
> >>branch of nginx and can resolve an IP to City-level using Maxmind's 
> >>GeoIP Database (the .dat files). We use nginx extensively but don't have 
> >>experience in C to develop such a module in-house. Are there any module 
> >>developers on the list who would be interested in such a project?
> >>
> >>We're flexible regarding the funding of development for such a module, 
> >>and also flexible on whether the finshed module is open-sourced and 
> >>released back to the community.
> >>
> >>If anyone is interested please feel free to mail me off-list with any 
> >>thoughts/costs/etc.
> >>    
> >
> >The module is in the attached patch.
> >  
> 
> Can you include the module with future distributions?

Yes, I will add in 0.8.6. I post it to know if other variables are needed ?

> >./configure ---with-http_geoip_module
> >
> >nginx.conf:
> >
> >http {
> >
> >    geoip_country  path/to/GeoIP.dat;
> >    geoip_city     path/to/GeoLiteCity.dat;
> >
> >
> >You may use only one base or both bases.
> >
> >Varaibles available with geoip_country base:
> >
> >$geoip_country_code
> >$geoip_country_code3
> >$geoip_country_name
> >
> >Varaibles available with geoip_city base:
> >
> >$geoip_city_country_code
> >$geoip_city_country_code3
> >$geoip_city_country_name
> >$geoip_region
> >$geoip_city
> >$geoip_postal_code
> >
> >
> >  
> Jim


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Sat Jul 18 11:30:29 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sat, 18 Jul 2009 11:30:29 +0400
Subject: PHP can't run under alias folder
In-Reply-To: <4A60DCF5.1070203@fouter.net>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org> <a3780c060907170959o2eb36750k428e222b626976c6@mail.gmail.com> <4A60DCF5.1070203@fouter.net>
Message-ID: <20090718073029.GC34205@rambler-co.ru>

On Fri, Jul 17, 2009 at 09:20:05PM +0100, Dick Middleton wrote:

> Edho P Arief wrote:
> >location ~ ^/phpmyadmin/(.*\.php)$ {
> >  alias /home/httpd/html/phpmyadmin/$1;
> >  fastcgi_pass ...;
> >  fastcgi_index ...;
> >  include ...;
> >  fastcgi_param SCRIPT_FILENAME $request_filename;
> 
> <DOCS>
> The alias directive cannot be used inside a regex-specified location. If 
> you need to do this you must use a combination of rewrite and root.
> </DOCS>
> 
> Has this limitation been removed in v0.7.xxx ?

Yes:

Changes with nginx 0.7.40                                        09 Mar 2009

    *) Feature: the "location" directive supports captures in regular 
       expressions.

    *) Feature: an "alias" directive with capture references may be used 
       inside a location given by a regular expression with captures.


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Sat Jul 18 12:15:34 2009
From: nginx-forum at nginx.us (e123e123e123)
Date: Sat, 18 Jul 2009 04:15:34 -0400
Subject: PHP can't run under alias folder
In-Reply-To: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org>
Message-ID: <c3a26fd82256af44a48b3ac5195a40b4.NginxMailingList@forum.nginx.org>

> location ~ ^/phpmyadmin/(.*\.php)$ {
> alias /home/httpd/html/phpmyadmin/$1;
> fastcgi_pass ...;
> fastcgi_index ...;
> include ...;
> fastcgi_param SCRIPT_FILENAME $request_filename;
> }


Thanks for your help , now can run already , but 1 problem is why alias folder can't display .gif or.png file ?
other not alias folder not this problem.

Thanaks.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4151,4171#msg-4171





From is at rambler-co.ru  Sat Jul 18 13:14:27 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sat, 18 Jul 2009 13:14:27 +0400
Subject: PHP can't run under alias folder
In-Reply-To: <c3a26fd82256af44a48b3ac5195a40b4.NginxMailingList@forum.nginx.org>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org> <c3a26fd82256af44a48b3ac5195a40b4.NginxMailingList@forum.nginx.org>
Message-ID: <20090718091427.GD34205@rambler-co.ru>

On Sat, Jul 18, 2009 at 04:15:34AM -0400, e123e123e123 wrote:

> > location ~ ^/phpmyadmin/(.*\.php)$ {
> > alias /home/httpd/html/phpmyadmin/$1;
> > fastcgi_pass ...;
> > fastcgi_index ...;
> > include ...;
> > fastcgi_param SCRIPT_FILENAME $request_filename;
> > }
> 
> 
> Thanks for your help , now can run already , but 1 problem is why alias folder can't display .gif or.png file ?
> other not alias folder not this problem.

Could you show configuration and say which gif/png are not showed ?


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Sat Jul 18 13:26:03 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sat, 18 Jul 2009 13:26:03 +0400
Subject: auth_basic password problems
In-Reply-To: <4A5CFCD8.1040204@tomvalentine.net>
References: <4A5CFCD8.1040204@tomvalentine.net>
Message-ID: <20090718092603.GF34205@rambler-co.ru>

On Tue, Jul 14, 2009 at 10:47:04PM +0100, nginx at tomvalentine.net wrote:

> Hi
> 
> The authentication on windows now seems to work, to an extent. No more 
> 500 errors! --> thanks!
> 
> However, I can not seem to get it to recognise the password supplied by 
> the user unless the user supplies the hashed password.
> 
> The attached htpasswd file was created by htpasswd in Linux (htpasswd in 
> Windows doesn't do crypt); and nginx 0.6.32 running in Linux has no 
> problems with it. But nginx 0.8.5 in Vista wont accept 'password' as the 
> password, it will only accept 'xGtGE5iXWkYCI'
> 
> E.g.
>   htpasswd -db /var/www/.htpasswd nginx2 password
> produced
>   nginx2:xGtGE5iXWkYCI
> and nginx accepts not 'password' but 'xGtGE5iXWkYCI' in Windows.
> 
> Sorry, couldn't be bothered compiling nginx for Linux (I need sleep now) 
> to see if it was Windows specific or version specific.
> 
> Any ideas?
> Tom

This is Windows only issue: since Windows has no Unix style crypt(3).
I will probably add Apache compatible SHA1 "{SHA}" or MD5 "$apr1$" password:
http://httpd.apache.org/docs/2.2/misc/password_encryptions.html


-- 
Igor Sysoev
http://sysoev.ru/en/




From catap+nginx at catap.ru  Sat Jul 18 15:47:45 2009
From: catap+nginx at catap.ru (Kirill A. Korinskiy)
Date: Sat, 18 Jul 2009 15:47:45 +0400
Subject: nginx stats
In-Reply-To: <0790e45f1193ac6336ee6f65b06505ed.NginxMailingList@forum.nginx.org>
References: <0790e45f1193ac6336ee6f65b06505ed.NginxMailingList@forum.nginx.org>
Message-ID: <87skguw6u6.wl%catap@catap.ru>

At Fri, 17 Jul 2009 11:17:02 -0400,
"vburshteyn" <nginx-forum at nginx.us> wrote:
> 
> Hi,
> 
> I am just curious to find out what do you folks use to measure nginx performance, aka how many requests it is handling at any given time and such....
> 

Hi

I have a one way: use my patches for nginx:
http://catap.ru/blog/2009/05/25/nginx-new-status/
http://catap.ru/blog/2009/07/17/nginx-status-by-url/

or just using my fork of nginx:
http://catap.ru/nginx-catap/

Now i'm write all information about my work for nginx only on
russian, but you can use google translate tools :).

Yes, i have a plans for tanslate all information to english. But
time... :)

-- 
wbr, Kirill




From nginx-forum at nginx.us  Sat Jul 18 17:44:03 2009
From: nginx-forum at nginx.us (e123e123e123)
Date: Sat, 18 Jul 2009 09:44:03 -0400
Subject: PHP can't run under alias folder
In-Reply-To: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org>
Message-ID: <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org>

example :

http://website1.website.com/abc.gif <--- can display .gif

http://website1.website.com/phpmyadmin/mylogo.gif   < ---- can't dispaly .gif

the config file  as below :


-----------------------------------------------------------------------------------------------
user  username username;
worker_processes 8;
error_log  /var/log/nginx_error.log  crit;
pid        /usr/local/webserver/nginx/nginx.pid;

#Specifies the value for maximum file descriptors that can be opened by this process.
worker_rlimit_nofile 51200;

events
{
  use epoll;
  worker_connections 51200;
}

http
{
  include       mime.types;
  default_type  application/octet-stream;
  server_names_hash_bucket_size 128;
  client_header_buffer_size 32k;
  large_client_header_buffers 4 32k;
  client_max_body_size 8m;
  sendfile on;
  tcp_nopush     on;
  keepalive_timeout 60;
  tcp_nodelay on;

  fastcgi_connect_timeout 300;
  fastcgi_send_timeout 300;
  fastcgi_read_timeout 300;
  fastcgi_buffer_size 64k;
  fastcgi_buffers 4 64k;
  fastcgi_busy_buffers_size 128k;
  fastcgi_temp_file_write_size 128k;

  gzip on;
  gzip_min_length  1k;
  gzip_buffers     4 16k;
  gzip_http_version 1.0;
  gzip_comp_level 2;
  gzip_types       text/plain application/x-javascript text/css application/xml;
  gzip_vary on;

  #limit_zone  crawler  $binary_remote_addr  10m;

  server
  {
    listen       80;
    server_name  website1.website.com;
    index index.html index.htm index.php;
    root  /home/httpd/html/website1;


location /phpmyadmin/ {
alias /home/httpd/html/phpmyadmin/;
index index.php index.html index.htm;
auth_basic            "Restricted";
auth_basic_user_file  /home/httpd/html/phpmyadmin/.htpasswd;
}

location ~ ^/phpmyadmin/(.*\.php)$ {
alias /home/httpd/html/phpmyadmin/$1;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
fastcgi_param SCRIPT_FILENAME $request_filename;
}

    location ~ .*\.(php|php5)?$
    {
      #fastcgi_pass  unix:/tmp/php-cgi.sock;
      fastcgi_pass  127.0.0.1:9000;
      fastcgi_index index.php;
      include fcgi.conf;
    }

    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
    {
      expires      30d;
    }

    location ~ .*\.(js|css)?$
    {
      expires      1h;
    }

   log_format  access  '$remote_addr - $remote_user [$time_local] "$request" '
              '$status $body_bytes_sent "$http_referer" '
              '"$http_user_agent" $http_x_forwarded_for';
    access_log  /var/log/access.log  access;
   }

}

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4151,4177#msg-4177





From edhoprima at gmail.com  Sat Jul 18 18:12:32 2009
From: edhoprima at gmail.com (Edho P Arief)
Date: Sat, 18 Jul 2009 21:12:32 +0700
Subject: PHP can't run under alias folder
In-Reply-To: <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org>
	 <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org>
Message-ID: <a3780c060907180712h71f85fb7p327eae2d59419c3b@mail.gmail.com>

On Sat, Jul 18, 2009 at 8:44 PM, e123e123e123<nginx-forum at nginx.us> wrote:
> location /phpmyadmin/ {
> alias /home/httpd/html/phpmyadmin/;
> index index.php index.html index.htm;
> auth_basic ? ? ? ? ? ?"Restricted";
> auth_basic_user_file ?/home/httpd/html/phpmyadmin/.htpasswd;
> }

        location ~ ^/phpmyadmin($|/.*) {
                 alias /home/httpd/html/phpmyadmin$1;
                 index index.php index.html index.htm;
                 auth_basic            "Restricted";
                 auth_basic_user_file  /home/httpd/html/phpmyadmin/.htpasswd;
        }


>
> location ~ ^/phpmyadmin/(.*\.php)$ {
> alias /home/httpd/html/phpmyadmin/$1;
> fastcgi_pass 127.0.0.1:9000;
> fastcgi_index index.php;
> include fcgi.conf;
> fastcgi_param SCRIPT_FILENAME $request_filename;
> }
>
> ? ?location ~ .*\.(php|php5)?$
> ? ?{
> ? ? ?#fastcgi_pass ?unix:/tmp/php-cgi.sock;
> ? ? ?fastcgi_pass ?127.0.0.1:9000;
> ? ? ?fastcgi_index index.php;
> ? ? ?include fcgi.conf;
> ? ?}
>
> ? ?location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
> ? ?{
> ? ? ?expires ? ? ?30d;
> ? ?}
>
> ? ?location ~ .*\.(js|css)?$
> ? ?{
> ? ? ?expires ? ? ?1h;
> ? ?}
>
> ? log_format ?access ?'$remote_addr - $remote_user [$time_local] "$request" '
> ? ? ? ? ? ? ?'$status $body_bytes_sent "$http_referer" '
> ? ? ? ? ? ? ?'"$http_user_agent" $http_x_forwarded_for';
> ? ?access_log ?/var/log/access.log ?access;
> ? }
>
> }
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4151,4177#msg-4177
>
>
>



-- 
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org




From is at rambler-co.ru  Sat Jul 18 18:09:09 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sat, 18 Jul 2009 18:09:09 +0400
Subject: PHP can't run under alias folder
In-Reply-To: <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org> <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org>
Message-ID: <20090718140909.GA39803@rambler-co.ru>

On Sat, Jul 18, 2009 at 09:44:03AM -0400, e123e123e123 wrote:

> example :
> 
> http://website1.website.com/abc.gif <--- can display .gif
> 
> http://website1.website.com/phpmyadmin/mylogo.gif   < ---- can't dispaly .gif
> 
> the config file  as below :

This is because these images are handled not in

    location /phpmyadmin/ {

but in regex location

    location ~ .*\.(php|php5)?$

since it has more priority. Look at
http://wiki.nginx.org/NginxHttpCoreModule#location
to see how nginx chooses location.

You need something like this:

    location ~ ^/phpmyadmin/(.*\.php)$ {
    }

    location ~ ^/phpmyadmin/ {
    }

Also, you do not need "alias" here.
These locations:

 location /phpmyadmin/ {
    alias /home/httpd/html/phpmyadmin/;

 location ~ ^/phpmyadmin/(.*\.php)$ {
    alias /home/httpd/html/phpmyadmin/$1;

should be changed to

 location /phpmyadmin/ {
    root /home/httpd/html;

 location ~ ^/phpmyadmin/.*\.php$ {
    root /home/httpd/html;

> 
> 
> -----------------------------------------------------------------------------------------------
> user  username username;
> worker_processes 8;
> error_log  /var/log/nginx_error.log  crit;
> pid        /usr/local/webserver/nginx/nginx.pid;
> 
> #Specifies the value for maximum file descriptors that can be opened by this process.
> worker_rlimit_nofile 51200;
> 
> events
> {
>   use epoll;
>   worker_connections 51200;
> }
> 
> http
> {
>   include       mime.types;
>   default_type  application/octet-stream;
>   server_names_hash_bucket_size 128;
>   client_header_buffer_size 32k;
>   large_client_header_buffers 4 32k;
>   client_max_body_size 8m;
>   sendfile on;
>   tcp_nopush     on;
>   keepalive_timeout 60;
>   tcp_nodelay on;
> 
>   fastcgi_connect_timeout 300;
>   fastcgi_send_timeout 300;
>   fastcgi_read_timeout 300;
>   fastcgi_buffer_size 64k;
>   fastcgi_buffers 4 64k;
>   fastcgi_busy_buffers_size 128k;
>   fastcgi_temp_file_write_size 128k;
> 
>   gzip on;
>   gzip_min_length  1k;
>   gzip_buffers     4 16k;
>   gzip_http_version 1.0;
>   gzip_comp_level 2;
>   gzip_types       text/plain application/x-javascript text/css application/xml;
>   gzip_vary on;
> 
>   #limit_zone  crawler  $binary_remote_addr  10m;
> 
>   server
>   {
>     listen       80;
>     server_name  website1.website.com;
>     index index.html index.htm index.php;
>     root  /home/httpd/html/website1;
> 
> 
> location /phpmyadmin/ {
> alias /home/httpd/html/phpmyadmin/;
> index index.php index.html index.htm;
> auth_basic            "Restricted";
> auth_basic_user_file  /home/httpd/html/phpmyadmin/.htpasswd;
> }
> 
> location ~ ^/phpmyadmin/(.*\.php)$ {
> alias /home/httpd/html/phpmyadmin/$1;
> fastcgi_pass 127.0.0.1:9000;
> fastcgi_index index.php;
> include fcgi.conf;
> fastcgi_param SCRIPT_FILENAME $request_filename;
> }
> 
>     location ~ .*\.(php|php5)?$
>     {
>       #fastcgi_pass  unix:/tmp/php-cgi.sock;
>       fastcgi_pass  127.0.0.1:9000;
>       fastcgi_index index.php;
>       include fcgi.conf;
>     }
> 
>     location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
>     {
>       expires      30d;
>     }
> 
>     location ~ .*\.(js|css)?$
>     {
>       expires      1h;
>     }
> 
>    log_format  access  '$remote_addr - $remote_user [$time_local] "$request" '
>               '$status $body_bytes_sent "$http_referer" '
>               '"$http_user_agent" $http_x_forwarded_for';
>     access_log  /var/log/access.log  access;
>    }
> 
> }
> 
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4151,4177#msg-4177
> 

-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Sat Jul 18 18:17:20 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sat, 18 Jul 2009 18:17:20 +0400
Subject: PHP can't run under alias folder
In-Reply-To: <20090718140909.GA39803@rambler-co.ru>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org> <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org> <20090718140909.GA39803@rambler-co.ru>
Message-ID: <20090718141720.GB39803@rambler-co.ru>

On Sat, Jul 18, 2009 at 06:09:09PM +0400, Igor Sysoev wrote:

> On Sat, Jul 18, 2009 at 09:44:03AM -0400, e123e123e123 wrote:
> 
> > example :
> > 
> > http://website1.website.com/abc.gif <--- can display .gif
> > 
> > http://website1.website.com/phpmyadmin/mylogo.gif   < ---- can't dispaly .gif
> > 
> > the config file  as below :
> 
> This is because these images are handled not in
> 
>     location /phpmyadmin/ {
> 
> but in regex location
> 
>     location ~ .*\.(php|php5)?$

Sorry, I meant this location:

     location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$

> since it has more priority. Look at
> http://wiki.nginx.org/NginxHttpCoreModule#location
> to see how nginx chooses location.
> 
> You need something like this:
> 
>     location ~ ^/phpmyadmin/(.*\.php)$ {
>     }
> 
>     location ~ ^/phpmyadmin/ {
>     }
> 
> Also, you do not need "alias" here.
> These locations:
> 
>  location /phpmyadmin/ {
>     alias /home/httpd/html/phpmyadmin/;
> 
>  location ~ ^/phpmyadmin/(.*\.php)$ {
>     alias /home/httpd/html/phpmyadmin/$1;
> 
> should be changed to
> 
>  location /phpmyadmin/ {
>     root /home/httpd/html;
> 
>  location ~ ^/phpmyadmin/.*\.php$ {
>     root /home/httpd/html;
> 
> > 
> > 
> > -----------------------------------------------------------------------------------------------
> > user  username username;
> > worker_processes 8;
> > error_log  /var/log/nginx_error.log  crit;
> > pid        /usr/local/webserver/nginx/nginx.pid;
> > 
> > #Specifies the value for maximum file descriptors that can be opened by this process.
> > worker_rlimit_nofile 51200;
> > 
> > events
> > {
> >   use epoll;
> >   worker_connections 51200;
> > }
> > 
> > http
> > {
> >   include       mime.types;
> >   default_type  application/octet-stream;
> >   server_names_hash_bucket_size 128;
> >   client_header_buffer_size 32k;
> >   large_client_header_buffers 4 32k;
> >   client_max_body_size 8m;
> >   sendfile on;
> >   tcp_nopush     on;
> >   keepalive_timeout 60;
> >   tcp_nodelay on;
> > 
> >   fastcgi_connect_timeout 300;
> >   fastcgi_send_timeout 300;
> >   fastcgi_read_timeout 300;
> >   fastcgi_buffer_size 64k;
> >   fastcgi_buffers 4 64k;
> >   fastcgi_busy_buffers_size 128k;
> >   fastcgi_temp_file_write_size 128k;
> > 
> >   gzip on;
> >   gzip_min_length  1k;
> >   gzip_buffers     4 16k;
> >   gzip_http_version 1.0;
> >   gzip_comp_level 2;
> >   gzip_types       text/plain application/x-javascript text/css application/xml;
> >   gzip_vary on;
> > 
> >   #limit_zone  crawler  $binary_remote_addr  10m;
> > 
> >   server
> >   {
> >     listen       80;
> >     server_name  website1.website.com;
> >     index index.html index.htm index.php;
> >     root  /home/httpd/html/website1;
> > 
> > 
> > location /phpmyadmin/ {
> > alias /home/httpd/html/phpmyadmin/;
> > index index.php index.html index.htm;
> > auth_basic            "Restricted";
> > auth_basic_user_file  /home/httpd/html/phpmyadmin/.htpasswd;
> > }
> > 
> > location ~ ^/phpmyadmin/(.*\.php)$ {
> > alias /home/httpd/html/phpmyadmin/$1;
> > fastcgi_pass 127.0.0.1:9000;
> > fastcgi_index index.php;
> > include fcgi.conf;
> > fastcgi_param SCRIPT_FILENAME $request_filename;
> > }
> > 
> >     location ~ .*\.(php|php5)?$
> >     {
> >       #fastcgi_pass  unix:/tmp/php-cgi.sock;
> >       fastcgi_pass  127.0.0.1:9000;
> >       fastcgi_index index.php;
> >       include fcgi.conf;
> >     }
> > 
> >     location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
> >     {
> >       expires      30d;
> >     }
> > 
> >     location ~ .*\.(js|css)?$
> >     {
> >       expires      1h;
> >     }
> > 
> >    log_format  access  '$remote_addr - $remote_user [$time_local] "$request" '
> >               '$status $body_bytes_sent "$http_referer" '
> >               '"$http_user_agent" $http_x_forwarded_for';
> >     access_log  /var/log/access.log  access;
> >    }
> > 
> > }
> > 
> > Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4151,4177#msg-4177
> > 
> 
> -- 
> Igor Sysoev
> http://sysoev.ru/en/

-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Sat Jul 18 18:53:13 2009
From: nginx-forum at nginx.us (e123e123e123)
Date: Sat, 18 Jul 2009 10:53:13 -0400
Subject: PHP can't run under alias folder
In-Reply-To: <20090718140909.GA39803@forum.nginx.org>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org> <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org> <20090718140909.GA39803@forum.nginx.org>
Message-ID: <cfbee725023405ee9e48261df1ded88f.NginxMailingList@forum.nginx.org>

sorry i just learn nginx 3 days only , so 

location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$

need change to what ??

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4151,4182#msg-4182





From edhoprima at gmail.com  Sat Jul 18 18:57:58 2009
From: edhoprima at gmail.com (Edho P Arief)
Date: Sat, 18 Jul 2009 21:57:58 +0700
Subject: PHP can't run under alias folder
In-Reply-To: <20090718141720.GB39803@rambler-co.ru>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org>
	 <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org>
	 <20090718140909.GA39803@rambler-co.ru>
	 <20090718141720.GB39803@rambler-co.ru>
Message-ID: <a3780c060907180757j6cb2cd92jda94a673d1c10ae@mail.gmail.com>

2009/7/18 Igor Sysoev <is at rambler-co.ru>:
> ? ? location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
>
>> since it has more priority. Look at
>> http://wiki.nginx.org/NginxHttpCoreModule#location
>> to see how nginx chooses location.
>>
>> You need something like this:

This configuration actually works:

http://pastebin.com/m5e7d322f

even though it has the location block for images

-- 
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org




From nginx-forum at nginx.us  Sat Jul 18 19:02:31 2009
From: nginx-forum at nginx.us (e123e123e123)
Date: Sat, 18 Jul 2009 11:02:31 -0400
Subject: PHP can't run under alias folder
In-Reply-To: <cfbee725023405ee9e48261df1ded88f.NginxMailingList@forum.nginx.org>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org> <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org> <20090718140909.GA39803@forum.nginx.org> <cfbee725023405ee9e48261df1ded88f.NginxMailingList@forum.nginx.org>
Message-ID: <63a22228e6ce5e854d109f833cdd7318.NginxMailingList@forum.nginx.org>

Hi edogawaconan :

i change to :

location ~ ^/phpmyadmin($|/.*) {
alias /home/httpd/html/phpmyadmin$1;
index index.php index.html index.htm;
auth_basic "Restricted";
auth_basic_user_file /home/httpd/html/phpmyadmin/.htpasswd;
}

gif /jpeg can display  but all php file show out all sources file . Thanks.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4151,4183#msg-4183





From nginx-forum at nginx.us  Sat Jul 18 19:04:45 2009
From: nginx-forum at nginx.us (edogawaconan)
Date: Sat, 18 Jul 2009 11:04:45 -0400
Subject: PHP can't run under alias folder
In-Reply-To: <63a22228e6ce5e854d109f833cdd7318.NginxMailingList@forum.nginx.org>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org> <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org> <20090718140909.GA39803@forum.nginx.org> <cfbee725023405ee9e48261df1ded88f.NginxMailingList@forum.nginx.org> <63a22228e6ce5e854d109f833cdd7318.NginxMailingList@forum.nginx.org>
Message-ID: <08a5681b44ce8fdc16e082a5d68c4ec3.NginxMailingList@forum.nginx.org>

Put the .php block before that

		location ~ ^/phpmyadmin/(.*\.php)$ {
			alias /home/httpd/html/phpmyadmin/$1;
			fastcgi_pass 127.0.0.1:9000;
			fastcgi_index index.php;
			include fcgi.conf;
			fastcgi_param SCRIPT_FILENAME $request_filename;
		}

		location ~ ^/phpmyadmin($|/.*) {
			alias /home/httpd/html/phpmyadmin$1;
			index index.php index.html index.htm;
			auth_basic "Restricted";
			auth_basic_user_file /home/httpd/html/phpmyadmin/.htpasswd;
		}


http://pastebin.com/m6de995ae

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4151,4184#msg-4184





From nginx-forum at nginx.us  Sat Jul 18 19:07:05 2009
From: nginx-forum at nginx.us (edogawaconan)
Date: Sat, 18 Jul 2009 11:07:05 -0400
Subject: PHP can't run under alias folder
In-Reply-To: <08a5681b44ce8fdc16e082a5d68c4ec3.NginxMailingList@forum.nginx.org>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org> <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org> <20090718140909.GA39803@forum.nginx.org> <cfbee725023405ee9e48261df1ded88f.NginxMailingList@forum.nginx.org> <63a22228e6ce5e854d109f833cdd7318.NginxMailingList@forum.nginx.org> <08a5681b44ce8fdc16e082a5d68c4ec3.NginxMailingList@forum.nginx.org>
Message-ID: <5b52acef89622be728caee196657f86c.NginxMailingList@forum.nginx.org>

Sorry, don't forget to add the auth to php block too or anyone can bypass the auth when accessing php files

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4151,4185#msg-4185





From nginx-forum at nginx.us  Sat Jul 18 19:19:17 2009
From: nginx-forum at nginx.us (e123e123e123)
Date: Sat, 18 Jul 2009 11:19:17 -0400
Subject: PHP can't run under alias folder
In-Reply-To: <63a22228e6ce5e854d109f833cdd7318.NginxMailingList@forum.nginx.org>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org> <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org> <20090718140909.GA39803@forum.nginx.org> <cfbee725023405ee9e48261df1ded88f.NginxMailingList@forum.nginx.org> <63a22228e6ce5e854d109f833cdd7318.NginxMailingList@forum.nginx.org>
Message-ID: <a11a284050e39150de663582500f0c83.NginxMailingList@forum.nginx.org>

Thanks for all Good Ngnix Supporter , now gif / jpeg can display already .

>> Sorry, don't forget to add the auth to php block too or anyone can bypass the auth when accessing php files
do u  mind , sorry my english not good :

location ~ ^/phpmyadmin/(.*\.php)$ {
alias /home/httpd/html/phpmyadmin/$1;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
fastcgi_param SCRIPT_FILENAME $request_filename;
}


change to 


location ~ ^/phpmyadmin/(.*\.php)$ {
alias /home/httpd/html/phpmyadmin/$1;
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fcgi.conf;
fastcgi_param SCRIPT_FILENAME $request_filename;
auth_basic "Restricted";
auth_basic_user_file /home/httpd/html/phpmyadmin/.htpasswd;
}

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4151,4189#msg-4189





From nginx-forum at nginx.us  Sat Jul 18 19:21:29 2009
From: nginx-forum at nginx.us (e123e123e123)
Date: Sat, 18 Jul 2009 11:21:29 -0400
Subject: PHP can't run under alias folder
In-Reply-To: <a11a284050e39150de663582500f0c83.NginxMailingList@forum.nginx.org>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org> <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org> <20090718140909.GA39803@forum.nginx.org> <cfbee725023405ee9e48261df1ded88f.NginxMailingList@forum.nginx.org> <63a22228e6ce5e854d109f833cdd7318.NginxMailingList@forum.nginx.org> <a11a284050e39150de663582500f0c83.NginxMailingList@forum.nginx.org>
Message-ID: <bbd62fd6f6e7ac4c5a5a8649a56f9257.NginxMailingList@forum.nginx.org>

another question ,

using 'alias' or 'root' is bestter ? or all is same ?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4151,4190#msg-4190





From jim at ohlste.in  Sat Jul 18 19:29:02 2009
From: jim at ohlste.in (Jim Ohlstein)
Date: Sat, 18 Jul 2009 11:29:02 -0400
Subject: Maxmind GeoIP City Module
In-Reply-To: <20090718072607.GB34205@rambler-co.ru>
References: <4A5336CD.9050308@theactivitypeople.co.uk> <20090716123704.GF90866@rambler-co.ru> <4A61554A.7030402@ohlste.in> <20090718072607.GB34205@rambler-co.ru>
Message-ID: <4A61EA3E.2030507@ohlste.in>

Igor Sysoev wrote:
> On Sat, Jul 18, 2009 at 12:53:30AM -0400, Jim Ohlstein wrote:
>
>   
>> Igor Sysoev wrote:
>>     
>>> On Tue, Jul 07, 2009 at 12:51:41PM +0100, Phillip Oldham wrote:
>>>
>>>  
>>>       
>>>> We're in need of a GeoIP module which works with the current development 
>>>> branch of nginx and can resolve an IP to City-level using Maxmind's 
>>>> GeoIP Database (the .dat files). We use nginx extensively but don't have 
>>>> experience in C to develop such a module in-house. Are there any module 
>>>> developers on the list who would be interested in such a project?
>>>>
>>>> We're flexible regarding the funding of development for such a module, 
>>>> and also flexible on whether the finshed module is open-sourced and 
>>>> released back to the community.
>>>>
>>>> If anyone is interested please feel free to mail me off-list with any 
>>>> thoughts/costs/etc.
>>>>    
>>>>         
>>> The module is in the attached patch.
>>>  
>>>       
>> Can you include the module with future distributions?
>>     
>
> Yes, I will add in 0.8.6. I post it to know if other variables are needed ?
>   
Thank you Igor, and thanks to those who provided the funding for 
enhancing the module. :)

I'm assuming (so correct me if I'm wrong) that $geoip_region would be a 
US state, Canadian province, German state, etc.

If so those are all that I need for my apps.
>   
>>> ./configure ---with-http_geoip_module
>>>
>>> nginx.conf:
>>>
>>> http {
>>>
>>>    geoip_country  path/to/GeoIP.dat;
>>>    geoip_city     path/to/GeoLiteCity.dat;
>>>
>>>
>>> You may use only one base or both bases.
>>>
>>> Varaibles available with geoip_country base:
>>>
>>> $geoip_country_code
>>> $geoip_country_code3
>>> $geoip_country_name
>>>
>>> Varaibles available with geoip_city base:
>>>
>>> $geoip_city_country_code
>>> $geoip_city_country_code3
>>> $geoip_city_country_name
>>> $geoip_region
>>> $geoip_city
>>> $geoip_postal_code
>>>
>>>
>>>  
>>>       
>> Jim
>>     
>
>
>   





From nginx-forum at nginx.us  Sat Jul 18 19:37:18 2009
From: nginx-forum at nginx.us (edogawaconan)
Date: Sat, 18 Jul 2009 11:37:18 -0400
Subject: PHP can't run under alias folder
In-Reply-To: <bbd62fd6f6e7ac4c5a5a8649a56f9257.NginxMailingList@forum.nginx.org>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org> <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org> <20090718140909.GA39803@forum.nginx.org> <cfbee725023405ee9e48261df1ded88f.NginxMailingList@forum.nginx.org> <63a22228e6ce5e854d109f833cdd7318.NginxMailingList@forum.nginx.org> <a11a284050e39150de663582500f0c83.NginxMailingList@forum.nginx.org> <bbd62fd6f6e7ac4c5a5a8649a56f9257.NginxMailingList@forum.nginx.org>
Message-ID: <7338683b46577bfe5e4ac7df336e0611.NginxMailingList@forum.nginx.org>

e123e123e123 Wrote:
-------------------------------------------------------
> another question ,
> 
> using 'alias' or 'root' is bestter ? or all is
> same ?

location /myalias {
  root /path/to;
}
the directory name in filesystem must be same as the one specified in location (in this case /path/to/myalias)

you can't make it work if you want location /anotheralias mapped to /path/to/myalias (must be /path/to/anotheralias) but you can do

location /anotheralias {
  alias /path/to/myalias;
}

But you must be careful when dealing with alias. Especially if you want to combine alias with try_files

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4151,4193#msg-4193





From glen at lumanau.web.id  Sat Jul 18 20:10:29 2009
From: glen at lumanau.web.id (Glen Lumanau)
Date: Sat, 18 Jul 2009 23:10:29 +0700
Subject: OpenX error
Message-ID: <000001ca07c2$4de62a20$e9b27e60$@web.id>

Hi there,

 

I have the same error like
http://forum.openx.org/index.php?s=235b643ebd3a9ef26ef16754b21b90f1&showtopi
c=503416093

 

May I know what value do I have to enter to fastcgi_params? Because i have
no clue

 

Thank's before

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090718/5962d50e/attachment.html>

From edhoprima at gmail.com  Sat Jul 18 20:25:20 2009
From: edhoprima at gmail.com (Edho P Arief)
Date: Sat, 18 Jul 2009 23:25:20 +0700
Subject: OpenX error
In-Reply-To: <000001ca07c2$4de62a20$e9b27e60$@web.id>
References: <000001ca07c2$4de62a20$e9b27e60$@web.id>
Message-ID: <a3780c060907180925u5d90feb9sbe95c443b174cd1a@mail.gmail.com>

On Sat, Jul 18, 2009 at 11:10 PM, Glen Lumanau<glen at lumanau.web.id> wrote:
> Hi there,
>
>
>
> I have the same error like
> http://forum.openx.org/index.php?s=235b643ebd3a9ef26ef16754b21b90f1&showtopic=503416093
>
>
>
> May I know what value do I have to enter to fastcgi_params? Because i have
> no clue
>
>
>
> Thank?s before

The default fastcgi_params should be fine.

-- 
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org




From glen at lumanau.web.id  Sat Jul 18 20:33:43 2009
From: glen at lumanau.web.id (Glen Lumanau)
Date: Sat, 18 Jul 2009 23:33:43 +0700
Subject: OpenX error
In-Reply-To: <a3780c060907180925u5d90feb9sbe95c443b174cd1a@mail.gmail.com>
References: <000001ca07c2$4de62a20$e9b27e60$@web.id> <a3780c060907180925u5d90feb9sbe95c443b174cd1a@mail.gmail.com>
Message-ID: <000501ca07c5$8f209770$ad61c650$@web.id>

Here's my default fastcgi_params

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

but it doesn't work at all

-----Original Message-----
From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of Edho P Arief
Sent: 18 Juli 2009 23:25
To: nginx at sysoev.ru
Subject: Re: OpenX error

On Sat, Jul 18, 2009 at 11:10 PM, Glen Lumanau<glen at lumanau.web.id> wrote:
> Hi there,
>
>
>
> I have the same error like
> http://forum.openx.org/index.php?s=235b643ebd3a9ef26ef16754b21b90f1&showtopic=503416093
>
>
>
> May I know what value do I have to enter to fastcgi_params? Because i have
> no clue
>
>
>
> Thank?s before

The default fastcgi_params should be fine.

-- 
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org





From mike503 at gmail.com  Sat Jul 18 22:30:47 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Sat, 18 Jul 2009 11:30:47 -0700
Subject: OpenX error
In-Reply-To: <000501ca07c5$8f209770$ad61c650$@web.id>
References: <000001ca07c2$4de62a20$e9b27e60$@web.id> <a3780c060907180925u5d90feb9sbe95c443b174cd1a@mail.gmail.com> <000501ca07c5$8f209770$ad61c650$@web.id>
Message-ID: <1196E052-632B-42DC-AB3F-015DC4975069@gmail.com>

Change the script_filename one to

$document_root$fastcgi_script_name



Sent from my iPhone

On Jul 18, 2009, at 9:33 AM, "Glen Lumanau" <glen at lumanau.web.id> wrote:

> Here's my default fastcgi_params
>
> fastcgi_param  QUERY_STRING       $query_string;
> fastcgi_param  REQUEST_METHOD     $request_method;
> fastcgi_param  CONTENT_TYPE       $content_type;
> fastcgi_param  CONTENT_LENGTH     $content_length;
>
> fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
> fastcgi_param  REQUEST_URI        $request_uri;
> fastcgi_param  DOCUMENT_URI       $document_uri;
> fastcgi_param  DOCUMENT_ROOT      $document_root;
> fastcgi_param  SERVER_PROTOCOL    $server_protocol;
>
> fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
> fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
>
> fastcgi_param  REMOTE_ADDR        $remote_addr;
> fastcgi_param  REMOTE_PORT        $remote_port;
> fastcgi_param  SERVER_ADDR        $server_addr;
> fastcgi_param  SERVER_PORT        $server_port;
> fastcgi_param  SERVER_NAME        $server_name;
>
> # PHP only, required if PHP was built with --enable-force-cgi-redirect
> fastcgi_param  REDIRECT_STATUS    200;
>
> but it doesn't work at all
>
> -----Original Message-----
> From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf  
> Of Edho P Arief
> Sent: 18 Juli 2009 23:25
> To: nginx at sysoev.ru
> Subject: Re: OpenX error
>
> On Sat, Jul 18, 2009 at 11:10 PM, Glen Lumanau<glen at lumanau.web.id>  
> wrote:
>> Hi there,
>>
>>
>>
>> I have the same error like
>> http://forum.openx.org/index.php?s=235b643ebd3a9ef26ef16754b21b90f1&showtopic=503416093
>>
>>
>>
>> May I know what value do I have to enter to fastcgi_params? Because  
>> i have
>> no clue
>>
>>
>>
>> Thank?s before
>
> The default fastcgi_params should be fine.
>
> -- 
> O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
>
>




From glen at lumanau.web.id  Sat Jul 18 23:19:07 2009
From: glen at lumanau.web.id (Glen Lumanau)
Date: Sun, 19 Jul 2009 02:19:07 +0700
Subject: OpenX error
In-Reply-To: <1196E052-632B-42DC-AB3F-015DC4975069@gmail.com>
References: <000001ca07c2$4de62a20$e9b27e60$@web.id> <a3780c060907180925u5d90feb9sbe95c443b174cd1a@mail.gmail.com> <000501ca07c5$8f209770$ad61c650$@web.id> <1196E052-632B-42DC-AB3F-015DC4975069@gmail.com>
Message-ID: <000001ca07dc$a23062c0$e6912840$@web.id>

It's already set

Here's the config
        location ~ .php$ {
           fastcgi_pass 127.0.0.1:9000;
           fastcgi_index index.php;
           fastcgi_buffer_size 128k;
           fastcgi_buffers 4 256k;
           fastcgi_param  SCRIPT_FILENAME
$document_root$fastcgi_script_name;
           include /etc/nginx/fastcgi_params;


Regards,

Glen Lumanau

-----Original Message-----
From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of
Michael Shadle
Sent: 19 Juli 2009 1:31
To: nginx at sysoev.ru
Cc: <nginx at sysoev.ru>
Subject: Re: OpenX error

Change the script_filename one to

$document_root$fastcgi_script_name



Sent from my iPhone

On Jul 18, 2009, at 9:33 AM, "Glen Lumanau" <glen at lumanau.web.id> wrote:

> Here's my default fastcgi_params
>
> fastcgi_param  QUERY_STRING       $query_string;
> fastcgi_param  REQUEST_METHOD     $request_method;
> fastcgi_param  CONTENT_TYPE       $content_type;
> fastcgi_param  CONTENT_LENGTH     $content_length;
>
> fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
> fastcgi_param  REQUEST_URI        $request_uri;
> fastcgi_param  DOCUMENT_URI       $document_uri;
> fastcgi_param  DOCUMENT_ROOT      $document_root;
> fastcgi_param  SERVER_PROTOCOL    $server_protocol;
>
> fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
> fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
>
> fastcgi_param  REMOTE_ADDR        $remote_addr;
> fastcgi_param  REMOTE_PORT        $remote_port;
> fastcgi_param  SERVER_ADDR        $server_addr;
> fastcgi_param  SERVER_PORT        $server_port;
> fastcgi_param  SERVER_NAME        $server_name;
>
> # PHP only, required if PHP was built with --enable-force-cgi-redirect
> fastcgi_param  REDIRECT_STATUS    200;
>
> but it doesn't work at all
>
> -----Original Message-----
> From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf  
> Of Edho P Arief
> Sent: 18 Juli 2009 23:25
> To: nginx at sysoev.ru
> Subject: Re: OpenX error
>
> On Sat, Jul 18, 2009 at 11:10 PM, Glen Lumanau<glen at lumanau.web.id>  
> wrote:
>> Hi there,
>>
>>
>>
>> I have the same error like
>>
http://forum.openx.org/index.php?s=235b643ebd3a9ef26ef16754b21b90f1&showtopi
c=503416093
>>
>>
>>
>> May I know what value do I have to enter to fastcgi_params? Because  
>> i have
>> no clue
>>
>>
>>
>> Thank?fs before
>
> The default fastcgi_params should be fine.
>
> -- 
> O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
>
>





From mike503 at gmail.com  Sat Jul 18 23:27:53 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Sat, 18 Jul 2009 12:27:53 -0700
Subject: OpenX error
In-Reply-To: <000001ca07dc$a23062c0$e6912840$@web.id>
References: <000001ca07c2$4de62a20$e9b27e60$@web.id>
	 <a3780c060907180925u5d90feb9sbe95c443b174cd1a@mail.gmail.com>
	 <000501ca07c5$8f209770$ad61c650$@web.id>
	 <1196E052-632B-42DC-AB3F-015DC4975069@gmail.com>
	 <000001ca07dc$a23062c0$e6912840$@web.id>
Message-ID: <bd9320b30907181227y24f7a7c6nb0a38a32078926bb@mail.gmail.com>

oops, misread SCRIPT_NAME as SCRIPT_FILENAME

just for giggles try this instead

location ~ \.php$ {


On Sat, Jul 18, 2009 at 12:19 PM, Glen Lumanau<glen at lumanau.web.id> wrote:
> It's already set
>
> Here's the config
> ? ? ? ?location ~ .php$ {
> ? ? ? ? ? fastcgi_pass 127.0.0.1:9000;
> ? ? ? ? ? fastcgi_index index.php;
> ? ? ? ? ? fastcgi_buffer_size 128k;
> ? ? ? ? ? fastcgi_buffers 4 256k;
> ? ? ? ? ? fastcgi_param ?SCRIPT_FILENAME
> $document_root$fastcgi_script_name;
> ? ? ? ? ? include /etc/nginx/fastcgi_params;
>
>
> Regards,
>
> Glen Lumanau
>
> -----Original Message-----
> From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of
> Michael Shadle
> Sent: 19 Juli 2009 1:31
> To: nginx at sysoev.ru
> Cc: <nginx at sysoev.ru>
> Subject: Re: OpenX error
>
> Change the script_filename one to
>
> $document_root$fastcgi_script_name
>
>
>
> Sent from my iPhone
>
> On Jul 18, 2009, at 9:33 AM, "Glen Lumanau" <glen at lumanau.web.id> wrote:
>
>> Here's my default fastcgi_params
>>
>> fastcgi_param ?QUERY_STRING ? ? ? $query_string;
>> fastcgi_param ?REQUEST_METHOD ? ? $request_method;
>> fastcgi_param ?CONTENT_TYPE ? ? ? $content_type;
>> fastcgi_param ?CONTENT_LENGTH ? ? $content_length;
>>
>> fastcgi_param ?SCRIPT_NAME ? ? ? ?$fastcgi_script_name;
>> fastcgi_param ?REQUEST_URI ? ? ? ?$request_uri;
>> fastcgi_param ?DOCUMENT_URI ? ? ? $document_uri;
>> fastcgi_param ?DOCUMENT_ROOT ? ? ?$document_root;
>> fastcgi_param ?SERVER_PROTOCOL ? ?$server_protocol;
>>
>> fastcgi_param ?GATEWAY_INTERFACE ?CGI/1.1;
>> fastcgi_param ?SERVER_SOFTWARE ? ?nginx/$nginx_version;
>>
>> fastcgi_param ?REMOTE_ADDR ? ? ? ?$remote_addr;
>> fastcgi_param ?REMOTE_PORT ? ? ? ?$remote_port;
>> fastcgi_param ?SERVER_ADDR ? ? ? ?$server_addr;
>> fastcgi_param ?SERVER_PORT ? ? ? ?$server_port;
>> fastcgi_param ?SERVER_NAME ? ? ? ?$server_name;
>>
>> # PHP only, required if PHP was built with --enable-force-cgi-redirect
>> fastcgi_param ?REDIRECT_STATUS ? ?200;
>>
>> but it doesn't work at all
>>
>> -----Original Message-----
>> From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf
>> Of Edho P Arief
>> Sent: 18 Juli 2009 23:25
>> To: nginx at sysoev.ru
>> Subject: Re: OpenX error
>>
>> On Sat, Jul 18, 2009 at 11:10 PM, Glen Lumanau<glen at lumanau.web.id>
>> wrote:
>>> Hi there,
>>>
>>>
>>>
>>> I have the same error like
>>>
> http://forum.openx.org/index.php?s=235b643ebd3a9ef26ef16754b21b90f1&showtopi
> c=503416093
>>>
>>>
>>>
>>> May I know what value do I have to enter to fastcgi_params? Because
>>> i have
>>> no clue
>>>
>>>
>>>
>>> Thank fs before
>>
>> The default fastcgi_params should be fine.
>>
>> --
>> O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
>>
>>
>
>
>




From glen at lumanau.web.id  Sat Jul 18 23:45:26 2009
From: glen at lumanau.web.id (Glen Lumanau)
Date: Sun, 19 Jul 2009 02:45:26 +0700
Subject: OpenX error
In-Reply-To: <bd9320b30907181227y24f7a7c6nb0a38a32078926bb@mail.gmail.com>
References: <000001ca07c2$4de62a20$e9b27e60$@web.id>	 <a3780c060907180925u5d90feb9sbe95c443b174cd1a@mail.gmail.com>	 <000501ca07c5$8f209770$ad61c650$@web.id>	 <1196E052-632B-42DC-AB3F-015DC4975069@gmail.com>	 <000001ca07dc$a23062c0$e6912840$@web.id> <bd9320b30907181227y24f7a7c6nb0a38a32078926bb@mail.gmail.com>
Message-ID: <000101ca07e0$4e74d9f0$eb5e8dd0$@web.id>

kurenai:/etc/nginx# cat fastcgi_params

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $document_root$fastcgi_script_name;

But no change :(


-----Original Message-----
From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of Michael Shadle
Sent: 19 Juli 2009 2:28
To: nginx at sysoev.ru
Subject: Re: OpenX error

oops, misread SCRIPT_NAME as SCRIPT_FILENAME

just for giggles try this instead

location ~ \.php$ {


On Sat, Jul 18, 2009 at 12:19 PM, Glen Lumanau<glen at lumanau.web.id> wrote:
> It's already set
>
> Here's the config
>        location ~ .php$ {
>           fastcgi_pass 127.0.0.1:9000;
>           fastcgi_index index.php;
>           fastcgi_buffer_size 128k;
>           fastcgi_buffers 4 256k;
>           fastcgi_param  SCRIPT_FILENAME
> $document_root$fastcgi_script_name;
>           include /etc/nginx/fastcgi_params;
>
>
> Regards,
>
> Glen Lumanau
>
> -----Original Message-----
> From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of
> Michael Shadle
> Sent: 19 Juli 2009 1:31
> To: nginx at sysoev.ru
> Cc: <nginx at sysoev.ru>
> Subject: Re: OpenX error
>
> Change the script_filename one to
>
> $document_root$fastcgi_script_name
>
>
>
> Sent from my iPhone
>
> On Jul 18, 2009, at 9:33 AM, "Glen Lumanau" <glen at lumanau.web.id> wrote:
>
>> Here's my default fastcgi_params
>>
>> fastcgi_param  QUERY_STRING       $query_string;
>> fastcgi_param  REQUEST_METHOD     $request_method;
>> fastcgi_param  CONTENT_TYPE       $content_type;
>> fastcgi_param  CONTENT_LENGTH     $content_length;
>>
>> fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
>> fastcgi_param  REQUEST_URI        $request_uri;
>> fastcgi_param  DOCUMENT_URI       $document_uri;
>> fastcgi_param  DOCUMENT_ROOT      $document_root;
>> fastcgi_param  SERVER_PROTOCOL    $server_protocol;
>>
>> fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
>> fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
>>
>> fastcgi_param  REMOTE_ADDR        $remote_addr;
>> fastcgi_param  REMOTE_PORT        $remote_port;
>> fastcgi_param  SERVER_ADDR        $server_addr;
>> fastcgi_param  SERVER_PORT        $server_port;
>> fastcgi_param  SERVER_NAME        $server_name;
>>
>> # PHP only, required if PHP was built with --enable-force-cgi-redirect
>> fastcgi_param  REDIRECT_STATUS    200;
>>
>> but it doesn't work at all
>>
>> -----Original Message-----
>> From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf
>> Of Edho P Arief
>> Sent: 18 Juli 2009 23:25
>> To: nginx at sysoev.ru
>> Subject: Re: OpenX error
>>
>> On Sat, Jul 18, 2009 at 11:10 PM, Glen Lumanau<glen at lumanau.web.id>
>> wrote:
>>> Hi there,
>>>
>>>
>>>
>>> I have the same error like
>>>
> http://forum.openx.org/index.php?s=235b643ebd3a9ef26ef16754b21b90f1&showtopi
> c=503416093
>>>
>>>
>>>
>>> May I know what value do I have to enter to fastcgi_params? Because
>>> i have
>>> no clue
>>>
>>>
>>>
>>> Thank fs before
>>
>> The default fastcgi_params should be fine.
>>
>> --
>> O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
>>
>>
>
>
>





From ankur655 at gmail.com  Sun Jul 19 00:34:43 2009
From: ankur655 at gmail.com (Ankur Gupta)
Date: Sat, 18 Jul 2009 13:34:43 -0700
Subject: Proxy pass and query string question
Message-ID: <864172ac0907181334le517708n7a61b450771d9d31@mail.gmail.com>

Hi,

1.  Is it possible to have proxy_pass be applicable to query_string variable
without using the location directive?  I was not able to make this work in
the configuration file.

  Specifically:

    if ($query_string ~* "a=1") {
           proxy_pass http://proxy1;
    }

   doesn't work unless its within a location directive

2.  If the location directive is necessary then how do I make it get past
the location directive if query string doesn't match?

  eg:

 location ~ /foo    {
    if ($query_string ~* "a=1") {
           proxy_pass http://proxy1;
    }
 }
    If query string doesn't match I want to go further and check against
other location directives etc. How can that be done?


Thanks,
Ankur
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090718/0ba83fe5/attachment.html>

From dick at fouter.net  Sun Jul 19 02:33:14 2009
From: dick at fouter.net (Dick Middleton)
Date: Sat, 18 Jul 2009 23:33:14 +0100
Subject: subdirs without trailing slash
Message-ID: <4A624DAA.1050508@fouter.net>

I want to make the following equivalent:

      http://example.com/mail/index.php
      http://example.com/mail/
      http://example.com/mail

The first two work OK but the last one I can't get to work.  With the 
following it gives 404 error in the logs but the browser says "No input file 
specified." :

   location ~* ^/(web)?mail/.+\.(jpg|jpeg|gif|css|png|js|ico|html)$ {
     root  /var/www;
   }

   location ~ ^/(web)?mail {
     root  /var/www;
     index index.php;
     fastcgi_index index.php;
     include my_fastcgi_params;
     fastcgi_pass localhost:8888;
   }

I've tried all sorts of variations of this including trying to rewrite the 
full uri in the last case.

The my_fastcgi_params include

fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;

What is the recommended way to configure this?

Dick






From piotr.sikora at frickle.com  Sun Jul 19 04:28:25 2009
From: piotr.sikora at frickle.com (Piotr Sikora)
Date: Sun, 19 Jul 2009 02:28:25 +0200
Subject: error pages: bug or feature?
Message-ID: <96E63829FA6E4E2B8AA39ECD43943B50@nightmare>

Hello,
I noticed that config:

server {
    location / {
        // doesn't exist, will result in 502
        proxy_pass    http://localhost:11111;
        error_page    502    @fetch;
    }
    location @fetch {
        proxy_pass    http://localhost:8080;
    }
}

will result in response from http://localhost:8080 and "502 Bad Gateway" 
status,
while config:

server {
    location / {
        // doesn't exist, will result in 502
        proxy_pass    http://localhost:11111;
        error_page    502    = @fetch;
    }
    location @fetch {
        proxy_pass    http://localhost:8080;
    }
}

will result in response from http://localhost:8080 and "200 OK" status.

The cause of this difference is '=' sign and the fact that 
ngx_http_core_error_page function sets overwrite to -1 in first case, and 
overwrite to 0 in second case.

Is passing original response status with headers and body from "error page" 
some kind of feature or is it a bug and error pages without '=' shouldn't be 
allowed at all?

Best regards,
Piotr Sikora < piotr.sikora at frickle.com >





From jim at ohlste.in  Sun Jul 19 09:00:31 2009
From: jim at ohlste.in (Jim Ohlstein)
Date: Sun, 19 Jul 2009 01:00:31 -0400
Subject: Cache logging
Message-ID: <4A62A86F.5060909@ohlste.in>

After the last thread I went through several iterations of cache logging 
and I'm getting good information from it.

One thing I noticed (not from these logs but from elsewhere) is that I 
was getting a fair number of "hotlink" requests for items that were in 
my cache. Thousands from the same IP's in fact. So I blocked those IP's 
but the links are still active and I'm seeing many requests for these 
items. The client is getting a 403 and that's how it's logged in the 
access log but $upstream_cache_status returns a dash ("-") which is not 
always very helpful. It would be more helpful if I could get a more 
descriptive log entry, like "BLOCKED" or "DENIED". Is that something 
that could be added in a future version?

Jim




From is at rambler-co.ru  Sun Jul 19 09:55:57 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sun, 19 Jul 2009 09:55:57 +0400
Subject: error pages: bug or feature?
In-Reply-To: <96E63829FA6E4E2B8AA39ECD43943B50@nightmare>
References: <96E63829FA6E4E2B8AA39ECD43943B50@nightmare>
Message-ID: <20090719055557.GA52106@rambler-co.ru>

On Sun, Jul 19, 2009 at 02:28:25AM +0200, Piotr Sikora wrote:

> Hello,
> I noticed that config:
> 
> server {
>    location / {
>        // doesn't exist, will result in 502
>        proxy_pass    http://localhost:11111;
>        error_page    502    @fetch;
>    }
>    location @fetch {
>        proxy_pass    http://localhost:8080;
>    }
> }
> 
> will result in response from http://localhost:8080 and "502 Bad Gateway" 
> status,
> while config:
> 
> server {
>    location / {
>        // doesn't exist, will result in 502
>        proxy_pass    http://localhost:11111;
>        error_page    502    = @fetch;
>    }
>    location @fetch {
>        proxy_pass    http://localhost:8080;
>    }
> }
> 
> will result in response from http://localhost:8080 and "200 OK" status.
> 
> The cause of this difference is '=' sign and the fact that 
> ngx_http_core_error_page function sets overwrite to -1 in first case, and 
> overwrite to 0 in second case.
> 
> Is passing original response status with headers and body from "error page" 
> some kind of feature or is it a bug and error pages without '=' shouldn't 
> be allowed at all?

This is not a bug and not a feature (if you mean a feature as "well known
and documentated bug"). This is intended behaviour:

http://wiki.nginx.org/NginxHttpCoreModule#error_page

Otherwise, you will not be able to show your custom static error_page's
with original response status, it would always return 200 response:

    error_page  404  /404.html;

    location = /404.html {
        root  /path/to/page;
    }


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Sun Jul 19 10:00:08 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sun, 19 Jul 2009 10:00:08 +0400
Subject: Cache logging
In-Reply-To: <4A62A86F.5060909@ohlste.in>
References: <4A62A86F.5060909@ohlste.in>
Message-ID: <20090719060008.GB52106@rambler-co.ru>

On Sun, Jul 19, 2009 at 01:00:31AM -0400, Jim Ohlstein wrote:

> After the last thread I went through several iterations of cache logging 
> and I'm getting good information from it.
> 
> One thing I noticed (not from these logs but from elsewhere) is that I 
> was getting a fair number of "hotlink" requests for items that were in 
> my cache. Thousands from the same IP's in fact. So I blocked those IP's 
> but the links are still active and I'm seeing many requests for these 
> items. The client is getting a 403 and that's how it's logged in the 
> access log but $upstream_cache_status returns a dash ("-") which is not 
> always very helpful. It would be more helpful if I could get a more 
> descriptive log entry, like "BLOCKED" or "DENIED". Is that something 
> that could be added in a future version?

The upstream cache module simply does not know about these requests.


-- 
Igor Sysoev
http://sysoev.ru/en/




From glen at lumanau.web.id  Sun Jul 19 10:08:38 2009
From: glen at lumanau.web.id (Glen Lumanau)
Date: Sun, 19 Jul 2009 06:08:38 +0000
Subject: OpenX error
In-Reply-To: <000101ca07e0$4e74d9f0$eb5e8dd0$@web.id>
References: <000001ca07c2$4de62a20$e9b27e60$@web.id>	 <a3780c060907180925u5d90feb9sbe95c443b174cd1a@mail.gmail.com>	 <000501ca07c5$8f209770$ad61c650$@web.id>	 <1196E052-632B-42DC-AB3F-015DC4975069@gmail.com>	 <000001ca07dc$a23062c0$e6912840$@web.id> <bd9320b30907181227y24f7a7c6nb0a38a32078926bb@mail.gmail.com><000101ca07e0$4e74d9f0$eb5e8dd0$@web.id>
Message-ID: <1320622342-1247983760-cardhu_decombobulator_blackberry.rim.net-1141134734-@bxe1017.bisx.prodap.on.blackberry>

Any fix for this please?


Best Regards,

Glen Lumanau


-----Original Message-----
From: "Glen Lumanau" <glen at lumanau.web.id>

Date: Sun, 19 Jul 2009 02:45:26 
To: <nginx at sysoev.ru>
Subject: RE: OpenX error


kurenai:/etc/nginx# cat fastcgi_params

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $document_root$fastcgi_script_name;

But no change :(


-----Original Message-----
From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of Michael Shadle
Sent: 19 Juli 2009 2:28
To: nginx at sysoev.ru
Subject: Re: OpenX error

oops, misread SCRIPT_NAME as SCRIPT_FILENAME

just for giggles try this instead

location ~ \.php$ {


On Sat, Jul 18, 2009 at 12:19 PM, Glen Lumanau<glen at lumanau.web.id> wrote:
> It's already set
>
> Here's the config
>        location ~ .php$ {
>           fastcgi_pass 127.0.0.1:9000;
>           fastcgi_index index.php;
>           fastcgi_buffer_size 128k;
>           fastcgi_buffers 4 256k;
>           fastcgi_param  SCRIPT_FILENAME
> $document_root$fastcgi_script_name;
>           include /etc/nginx/fastcgi_params;
>
>
> Regards,
>
> Glen Lumanau
>
> -----Original Message-----
> From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of
> Michael Shadle
> Sent: 19 Juli 2009 1:31
> To: nginx at sysoev.ru
> Cc: <nginx at sysoev.ru>
> Subject: Re: OpenX error
>
> Change the script_filename one to
>
> $document_root$fastcgi_script_name
>
>
>
> Sent from my iPhone
>
> On Jul 18, 2009, at 9:33 AM, "Glen Lumanau" <glen at lumanau.web.id> wrote:
>
>> Here's my default fastcgi_params
>>
>> fastcgi_param  QUERY_STRING       $query_string;
>> fastcgi_param  REQUEST_METHOD     $request_method;
>> fastcgi_param  CONTENT_TYPE       $content_type;
>> fastcgi_param  CONTENT_LENGTH     $content_length;
>>
>> fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
>> fastcgi_param  REQUEST_URI        $request_uri;
>> fastcgi_param  DOCUMENT_URI       $document_uri;
>> fastcgi_param  DOCUMENT_ROOT      $document_root;
>> fastcgi_param  SERVER_PROTOCOL    $server_protocol;
>>
>> fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
>> fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
>>
>> fastcgi_param  REMOTE_ADDR        $remote_addr;
>> fastcgi_param  REMOTE_PORT        $remote_port;
>> fastcgi_param  SERVER_ADDR        $server_addr;
>> fastcgi_param  SERVER_PORT        $server_port;
>> fastcgi_param  SERVER_NAME        $server_name;
>>
>> # PHP only, required if PHP was built with --enable-force-cgi-redirect
>> fastcgi_param  REDIRECT_STATUS    200;
>>
>> but it doesn't work at all
>>
>> -----Original Message-----
>> From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf
>> Of Edho P Arief
>> Sent: 18 Juli 2009 23:25
>> To: nginx at sysoev.ru
>> Subject: Re: OpenX error
>>
>> On Sat, Jul 18, 2009 at 11:10 PM, Glen Lumanau<glen at lumanau.web.id>
>> wrote:
>>> Hi there,
>>>
>>>
>>>
>>> I have the same error like
>>>
> http://forum.openx.org/index.php?s=235b643ebd3a9ef26ef16754b21b90f1&showtopi
> c=503416093
>>>
>>>
>>>
>>> May I know what value do I have to enter to fastcgi_params? Because
>>> i have
>>> no clue
>>>
>>>
>>>
>>> Thank fs before
>>
>> The default fastcgi_params should be fine.
>>
>> --
>> O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
>>
>>
>
>
>


From edhoprima at gmail.com  Sun Jul 19 10:36:00 2009
From: edhoprima at gmail.com (Edho P Arief)
Date: Sun, 19 Jul 2009 13:36:00 +0700
Subject: OpenX error
In-Reply-To: <1320622342-1247983760-cardhu_decombobulator_blackberry.rim.net-1141134734-@bxe1017.bisx.prodap.on.blackberry>
References: <000001ca07c2$4de62a20$e9b27e60$@web.id>
	 <a3780c060907180925u5d90feb9sbe95c443b174cd1a@mail.gmail.com>
	 <000501ca07c5$8f209770$ad61c650$@web.id>
	 <1196E052-632B-42DC-AB3F-015DC4975069@gmail.com>
	 <000001ca07dc$a23062c0$e6912840$@web.id>
	 <bd9320b30907181227y24f7a7c6nb0a38a32078926bb@mail.gmail.com>
	 <000101ca07e0$4e74d9f0$eb5e8dd0$@web.id>
	 <1320622342-1247983760-cardhu_decombobulator_blackberry.rim.net-1141134734-@bxe1017.bisx.prodap.on.blackberry>
Message-ID: <a3780c060907182336r3e44ddd9ie35b78a43b03bad7@mail.gmail.com>

On Sun, Jul 19, 2009 at 1:08 PM, Glen Lumanau<glen at lumanau.web.id> wrote:
> Any fix for this please?
>
>

what's the output on phpinfo()?

-- 
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org




From piotr.sikora at frickle.com  Sun Jul 19 10:56:55 2009
From: piotr.sikora at frickle.com (Piotr Sikora)
Date: Sun, 19 Jul 2009 08:56:55 +0200
Subject: error pages: bug or feature?
References: <96E63829FA6E4E2B8AA39ECD43943B50@nightmare> <20090719055557.GA52106@rambler-co.ru>
Message-ID: <6BDB096BCA064217A8FCF19EDEB0C2AB@nightmare>

> This is not a bug and not a feature (if you mean a feature as "well known
> and documentated bug"). This is intended behaviour:

By feature I meant "intended behaviour" ;)

> http://wiki.nginx.org/NginxHttpCoreModule#error_page
>
> Otherwise, you will not be able to show your custom static error_page's
> with original response status, it would always return 200 response:
>
>    error_page  404  /404.html;
>
>    location = /404.html {
>        root  /path/to/page;
>    }

Of course, you're right. Next time I'll read documentation first, instead of 
trying to find not existing bugs in the code... Sorry for the noise!

Best regards,
Piotr Sikora < piotr.sikora at frickle.com >





From brice+nginx at daysofwonder.com  Sun Jul 19 13:23:34 2009
From: brice+nginx at daysofwonder.com (Brice Figureau)
Date: Sun, 19 Jul 2009 11:23:34 +0200
Subject: Nginx secure link module with TTL
Message-ID: <4A62E616.5060402@daysofwonder.com>

Hi,

I'm proud to announce the release of a nginx patch (not an external 
module) to add an expiration system to the nginx secure link module 
system. The idea is to attach a timestamp to the url, and nginx can 
check the url has expired (in which case the access to the download is 
denied).

All the gory details, including the patch, and with examples and PHP 
snippets to compute the HMAC and the full url are in my blog article:
http://www.masterzen.fr/2009/07/18/nginx-secure-link-module-with-ttl/

Igor: I'd really like this patch to be merged to nginx, I'm ready to 
help if you're interested. The patch is small, and works in production 
on several site with load without any issue. Nginx configuration is 
completely compatible with secure link deployement without TTL.
Also I'm really sure there a lots of people wanting this feature (a 
quick check of the archive seems to reveal this).

Thanks,
--
Brice Figureau
My Blog: http://www.masterzen.fr/




From is at rambler-co.ru  Sun Jul 19 13:27:48 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sun, 19 Jul 2009 13:27:48 +0400
Subject: OpenX error
In-Reply-To: <1320622342-1247983760-cardhu_decombobulator_blackberry.rim.net-1141134734-@bxe1017.bisx.prodap.on.blackberry>
References: <000001ca07c2$4de62a20$e9b27e60$@web.id> <a3780c060907180925u5d90feb9sbe95c443b174cd1a@mail.gmail.com> <000501ca07c5$8f209770$ad61c650$@web.id> <1196E052-632B-42DC-AB3F-015DC4975069@gmail.com> <000001ca07dc$a23062c0$e6912840$@web.id> <1320622342-1247983760-cardhu_decombobulator_blackberry.rim.net-1141134734-@bxe1017.bisx.prodap.on.blackberry>
Message-ID: <20090719092748.GC52106@rambler-co.ru>

On Sun, Jul 19, 2009 at 06:08:38AM +0000, Glen Lumanau wrote:

> Any fix for this please?

I have looked in php-5.0.5 sources and have found that PHP_SELF is set
to "SG(request_info).request_uri" value. The .request_uri set to

  if (cgi.fix_pathinfo)
      SCRIPT_NAME

  } else {
      if (PATH_INFO exists) 
          PATH_INFO

      } else {
          SCRIPT_NAME
      }
  }


And it seems that SCRIPT_NAME should be without $document_root.

> Best Regards,
> 
> Glen Lumanau
> 
> 
> -----Original Message-----
> From: "Glen Lumanau" <glen at lumanau.web.id>
> 
> Date: Sun, 19 Jul 2009 02:45:26 
> To: <nginx at sysoev.ru>
> Subject: RE: OpenX error
> 
> 
> kurenai:/etc/nginx# cat fastcgi_params
> 
> fastcgi_param  QUERY_STRING       $query_string;
> fastcgi_param  REQUEST_METHOD     $request_method;
> fastcgi_param  CONTENT_TYPE       $content_type;
> fastcgi_param  CONTENT_LENGTH     $content_length;
> 
> fastcgi_param  SCRIPT_NAME        $document_root$fastcgi_script_name;
> 
> But no change :(
> 
> 
> -----Original Message-----
> From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of Michael Shadle
> Sent: 19 Juli 2009 2:28
> To: nginx at sysoev.ru
> Subject: Re: OpenX error
> 
> oops, misread SCRIPT_NAME as SCRIPT_FILENAME
> 
> just for giggles try this instead
> 
> location ~ \.php$ {
> 
> 
> On Sat, Jul 18, 2009 at 12:19 PM, Glen Lumanau<glen at lumanau.web.id> wrote:
> > It's already set
> >
> > Here's the config
> >        location ~ .php$ {
> >           fastcgi_pass 127.0.0.1:9000;
> >           fastcgi_index index.php;
> >           fastcgi_buffer_size 128k;
> >           fastcgi_buffers 4 256k;
> >           fastcgi_param  SCRIPT_FILENAME
> > $document_root$fastcgi_script_name;
> >           include /etc/nginx/fastcgi_params;
> >
> >
> > Regards,
> >
> > Glen Lumanau
> >
> > -----Original Message-----
> > From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf Of
> > Michael Shadle
> > Sent: 19 Juli 2009 1:31
> > To: nginx at sysoev.ru
> > Cc: <nginx at sysoev.ru>
> > Subject: Re: OpenX error
> >
> > Change the script_filename one to
> >
> > $document_root$fastcgi_script_name
> >
> >
> >
> > Sent from my iPhone
> >
> > On Jul 18, 2009, at 9:33 AM, "Glen Lumanau" <glen at lumanau.web.id> wrote:
> >
> >> Here's my default fastcgi_params
> >>
> >> fastcgi_param  QUERY_STRING       $query_string;
> >> fastcgi_param  REQUEST_METHOD     $request_method;
> >> fastcgi_param  CONTENT_TYPE       $content_type;
> >> fastcgi_param  CONTENT_LENGTH     $content_length;
> >>
> >> fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
> >> fastcgi_param  REQUEST_URI        $request_uri;
> >> fastcgi_param  DOCUMENT_URI       $document_uri;
> >> fastcgi_param  DOCUMENT_ROOT      $document_root;
> >> fastcgi_param  SERVER_PROTOCOL    $server_protocol;
> >>
> >> fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
> >> fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
> >>
> >> fastcgi_param  REMOTE_ADDR        $remote_addr;
> >> fastcgi_param  REMOTE_PORT        $remote_port;
> >> fastcgi_param  SERVER_ADDR        $server_addr;
> >> fastcgi_param  SERVER_PORT        $server_port;
> >> fastcgi_param  SERVER_NAME        $server_name;
> >>
> >> # PHP only, required if PHP was built with --enable-force-cgi-redirect
> >> fastcgi_param  REDIRECT_STATUS    200;
> >>
> >> but it doesn't work at all
> >>
> >> -----Original Message-----
> >> From: owner-nginx at sysoev.ru [mailto:owner-nginx at sysoev.ru] On Behalf
> >> Of Edho P Arief
> >> Sent: 18 Juli 2009 23:25
> >> To: nginx at sysoev.ru
> >> Subject: Re: OpenX error
> >>
> >> On Sat, Jul 18, 2009 at 11:10 PM, Glen Lumanau<glen at lumanau.web.id>
> >> wrote:
> >>> Hi there,
> >>>
> >>>
> >>>
> >>> I have the same error like
> >>>
> > http://forum.openx.org/index.php?s=235b643ebd3a9ef26ef16754b21b90f1&showtopi
> > c=503416093
> >>>
> >>>
> >>>
> >>> May I know what value do I have to enter to fastcgi_params? Because
> >>> i have
> >>> no clue
> >>>
> >>>
> >>>
> >>> Thank fs before
> >>
> >> The default fastcgi_params should be fine.
> >>
> >> --
> >> O< ascii ribbon campaign - stop html mail - www.asciiribbon.org
> >>
> >>
> >
> >
> >
> 

-- 
Igor Sysoev
http://sysoev.ru/en/




From gabe at vtunnel.com  Sun Jul 19 13:54:34 2009
From: gabe at vtunnel.com (Gabriel Ramuglia)
Date: Sun, 19 Jul 2009 02:54:34 -0700
Subject: nginx caching
Message-ID: <932ea6c90907190254v34c5511x379860575f379203@mail.gmail.com>

Hi,

I've been using nginx for a while now to proxy flv videos via youtube,
to good effect. However, the site that I'm accessing to proxy videos,
I'm having problems being able to access their site in bulk, so I've
decided to start caching things locally so as not to hit the remote
server so often. I'm doing this in squid, and, for a variety of
reasons, using the url_rewriter function to help out. My urls change
every hour, but the video they refer to does not, so I have to use the
rewriter to make sure the cache stays relevant.

Now, the problem is, squid is using something like 60% of one core of
cpu doing something like 200 megabit / s of bandwidth. This is on top
of the fact that squid has to pass cache misses off to nginx, which is
using another 20% or so (of one core, again) cpu use. Obviously if I
could cut squid out of the equation this would be ideal.

Is there a way in nginx to use the same functionality as the
url_rewriter in squid? Is there a tutorial or other helpful links on
doing caching in nginx?

Thanks,
Gabe




From nginx-forum at nginx.us  Sun Jul 19 14:18:12 2009
From: nginx-forum at nginx.us (valve)
Date: Sun, 19 Jul 2009 06:18:12 -0400
Subject: issue with XSLT [0.8.x]
In-Reply-To: <1f4e311bb564250b5a5d639d8abb21d7.NginxMailingList@forum.nginx.org>
References: <ebb8331489b7bc0f0e6693da26203a3c.NginxMailingList@forum.nginx.org> <r0zlb4kqce.wl%kuramoto@forum.nginx.org> <1f4e311bb564250b5a5d639d8abb21d7.NginxMailingList@forum.nginx.org>
Message-ID: <ce97e6b05ce3b56ada274989ead10676.NginxMailingList@forum.nginx.org>

valve Wrote:
-------------------------------------------------------
> I've applied your patch and will keep a close look
> on how it works.

It's been a couple of days now, and it still works, whereas before it would start acting up within a few hours. Seems that it did the trick!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4128,4217#msg-4217





From is at rambler-co.ru  Sun Jul 19 14:56:33 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sun, 19 Jul 2009 14:56:33 +0400
Subject: nginx caching
In-Reply-To: <932ea6c90907190254v34c5511x379860575f379203@mail.gmail.com>
References: <932ea6c90907190254v34c5511x379860575f379203@mail.gmail.com>
Message-ID: <20090719105633.GD52106@rambler-co.ru>

On Sun, Jul 19, 2009 at 02:54:34AM -0700, Gabriel Ramuglia wrote:

> Hi,
> 
> I've been using nginx for a while now to proxy flv videos via youtube,
> to good effect. However, the site that I'm accessing to proxy videos,
> I'm having problems being able to access their site in bulk, so I've
> decided to start caching things locally so as not to hit the remote
> server so often. I'm doing this in squid, and, for a variety of
> reasons, using the url_rewriter function to help out. My urls change
> every hour, but the video they refer to does not, so I have to use the
> rewriter to make sure the cache stays relevant.
> 
> Now, the problem is, squid is using something like 60% of one core of
> cpu doing something like 200 megabit / s of bandwidth. This is on top
> of the fact that squid has to pass cache misses off to nginx, which is
> using another 20% or so (of one core, again) cpu use. Obviously if I
> could cut squid out of the equation this would be ideal.
> 
> Is there a way in nginx to use the same functionality as the
> url_rewriter in squid? Is there a tutorial or other helpful links on
> doing caching in nginx?

http://wiki.nginx.org/NginxHttpProxyModule#proxy_cache

http {
   proxy_cache_path   /spool/nginx/cache levels=1:2
                      keys_zone=cache:10m
                      inactive=3h;

   server {

       location / {
           proxy_pass   ...;

           proxy_cache            cache;
           proxy_cache_valid      200 24h;
           proxy_cache_use_stale  error timeout invalid_header updating
                                  http_500 http_502 http_503 http_504;

           proxy_ignore_headers   Expires Cache-Control;
       }

As to url_rewriter, it's depend on functionality: you may use simple
"rewrite" or complex "perl_set":
http://wiki.nginx.org/NginxEmbeddedPerlModule


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Sun Jul 19 15:04:29 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sun, 19 Jul 2009 15:04:29 +0400
Subject: subdirs without trailing slash
In-Reply-To: <4A624DAA.1050508@fouter.net>
References: <4A624DAA.1050508@fouter.net>
Message-ID: <20090719110429.GF52106@rambler-co.ru>

On Sat, Jul 18, 2009 at 11:33:14PM +0100, Dick Middleton wrote:

> I want to make the following equivalent:
> 
>      http://example.com/mail/index.php
>      http://example.com/mail/
>      http://example.com/mail
> 
> The first two work OK but the last one I can't get to work.  With the 
> following it gives 404 error in the logs but the browser says "No input 
> file specified." :
> 
>   location ~* ^/(web)?mail/.+\.(jpg|jpeg|gif|css|png|js|ico|html)$ {
>     root  /var/www;
>   }
> 
>   location ~ ^/(web)?mail {
>     root  /var/www;
>     index index.php;
>     fastcgi_index index.php;
>     include my_fastcgi_params;
>     fastcgi_pass localhost:8888;
>   }
> 
> I've tried all sorts of variations of this including trying to rewrite the 
> full uri in the last case.
> 
> The my_fastcgi_params include
> 
> fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
> fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
> 
> What is the recommended way to configure this?

If you set

   location /mail/ {
       fastcgi_pass localhost:8888;
       ...
   }

and request "/mail" then nginx will return external redirect to "/mail/".

If you do not want the redirect, then

   location = /mail {
       fastcgi_pass   localhost:8888;
       fastcgi_param  SCRIPT_FILENAME    $document_root/index.php;
       fastcgi_param  SCRIPT_NAME        /index.php;
       root           /var/www;
   }

   location /mail/ {
       fastcgi_pass   localhost:8888;
       fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
       fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
       fastcgi_index  index.php;
       root           /var/www;
   }


-- 
Igor Sysoev
http://sysoev.ru/en/




From gabe at vtunnel.com  Sun Jul 19 15:21:35 2009
From: gabe at vtunnel.com (Gabriel Ramuglia)
Date: Sun, 19 Jul 2009 04:21:35 -0700
Subject: nginx caching
In-Reply-To: <20090719105633.GD52106@rambler-co.ru>
References: <932ea6c90907190254v34c5511x379860575f379203@mail.gmail.com>
	 <20090719105633.GD52106@rambler-co.ru>
Message-ID: <932ea6c90907190421n37ac6057j915d75e5890cce79@mail.gmail.com>

thanks, i didn't know that embedded perl could be used this way,
that's a great help.

2009/7/19 Igor Sysoev <is at rambler-co.ru>:
> On Sun, Jul 19, 2009 at 02:54:34AM -0700, Gabriel Ramuglia wrote:
>
>> Hi,
>>
>> I've been using nginx for a while now to proxy flv videos via youtube,
>> to good effect. However, the site that I'm accessing to proxy videos,
>> I'm having problems being able to access their site in bulk, so I've
>> decided to start caching things locally so as not to hit the remote
>> server so often. I'm doing this in squid, and, for a variety of
>> reasons, using the url_rewriter function to help out. My urls change
>> every hour, but the video they refer to does not, so I have to use the
>> rewriter to make sure the cache stays relevant.
>>
>> Now, the problem is, squid is using something like 60% of one core of
>> cpu doing something like 200 megabit / s of bandwidth. This is on top
>> of the fact that squid has to pass cache misses off to nginx, which is
>> using another 20% or so (of one core, again) cpu use. Obviously if I
>> could cut squid out of the equation this would be ideal.
>>
>> Is there a way in nginx to use the same functionality as the
>> url_rewriter in squid? Is there a tutorial or other helpful links on
>> doing caching in nginx?
>
> http://wiki.nginx.org/NginxHttpProxyModule#proxy_cache
>
> http {
> ? proxy_cache_path ? /spool/nginx/cache levels=1:2
> ? ? ? ? ? ? ? ? ? ? ?keys_zone=cache:10m
> ? ? ? ? ? ? ? ? ? ? ?inactive=3h;
>
> ? server {
>
> ? ? ? location / {
> ? ? ? ? ? proxy_pass ? ...;
>
> ? ? ? ? ? proxy_cache ? ? ? ? ? ?cache;
> ? ? ? ? ? proxy_cache_valid ? ? ?200 24h;
> ? ? ? ? ? proxy_cache_use_stale ?error timeout invalid_header updating
> ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?http_500 http_502 http_503 http_504;
>
> ? ? ? ? ? proxy_ignore_headers ? Expires Cache-Control;
> ? ? ? }
>
> As to url_rewriter, it's depend on functionality: you may use simple
> "rewrite" or complex "perl_set":
> http://wiki.nginx.org/NginxEmbeddedPerlModule
>
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
>




From is at rambler-co.ru  Sun Jul 19 15:24:37 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sun, 19 Jul 2009 15:24:37 +0400
Subject: PHP can't run under alias folder
In-Reply-To: <cfbee725023405ee9e48261df1ded88f.NginxMailingList@forum.nginx.org>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org> <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org> <20090718140909.GA39803@forum.nginx.org> <cfbee725023405ee9e48261df1ded88f.NginxMailingList@forum.nginx.org>
Message-ID: <20090719112437.GH52106@rambler-co.ru>

On Sat, Jul 18, 2009 at 10:53:13AM -0400, e123e123e123 wrote:

> sorry i just learn nginx 3 days only , so 
> 
> location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
> 
> need change to what ??

You need just to set

 location ~ /phpmyadmin/.*\.(gif|jpg|jpeg|png|bmp|swf)$

before

 location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Sun Jul 19 15:26:17 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sun, 19 Jul 2009 15:26:17 +0400
Subject: PHP can't run under alias folder
In-Reply-To: <bbd62fd6f6e7ac4c5a5a8649a56f9257.NginxMailingList@forum.nginx.org>
References: <496aab6a56916af4a43c40fe19fbf661.NginxMailingList@forum.nginx.org> <b0dd20831df2e9a5edd06abdfa5821dd.NginxMailingList@forum.nginx.org> <20090718140909.GA39803@forum.nginx.org> <cfbee725023405ee9e48261df1ded88f.NginxMailingList@forum.nginx.org> <63a22228e6ce5e854d109f833cdd7318.NginxMailingList@forum.nginx.org> <a11a284050e39150de663582500f0c83.NginxMailingList@forum.nginx.org> <bbd62fd6f6e7ac4c5a5a8649a56f9257.NginxMailingList@forum.nginx.org>
Message-ID: <20090719112617.GI52106@rambler-co.ru>

On Sat, Jul 18, 2009 at 11:21:29AM -0400, e123e123e123 wrote:

> another question ,
> 
> using 'alias' or 'root' is bestter ? or all is same ?

"root" is better. "alias" is more generic, but you should not
use "alias" where "root" is enough.


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Sun Jul 19 15:28:04 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sun, 19 Jul 2009 15:28:04 +0400
Subject: Maxmind GeoIP City Module
In-Reply-To: <4A61EA3E.2030507@ohlste.in>
References: <4A5336CD.9050308@theactivitypeople.co.uk> <20090716123704.GF90866@rambler-co.ru> <4A61554A.7030402@ohlste.in> <20090718072607.GB34205@rambler-co.ru> <4A61EA3E.2030507@ohlste.in>
Message-ID: <20090719112804.GJ52106@rambler-co.ru>

On Sat, Jul 18, 2009 at 11:29:02AM -0400, Jim Ohlstein wrote:

> Igor Sysoev wrote:
> >On Sat, Jul 18, 2009 at 12:53:30AM -0400, Jim Ohlstein wrote:
> >
> >  
> >>Igor Sysoev wrote:
> >>    
> >>>On Tue, Jul 07, 2009 at 12:51:41PM +0100, Phillip Oldham wrote:
> >>>
> >>> 
> >>>      
> >>>>We're in need of a GeoIP module which works with the current 
> >>>>development branch of nginx and can resolve an IP to City-level using 
> >>>>Maxmind's GeoIP Database (the .dat files). We use nginx extensively but 
> >>>>don't have experience in C to develop such a module in-house. Are there 
> >>>>any module developers on the list who would be interested in such a 
> >>>>project?
> >>>>
> >>>>We're flexible regarding the funding of development for such a module, 
> >>>>and also flexible on whether the finshed module is open-sourced and 
> >>>>released back to the community.
> >>>>
> >>>>If anyone is interested please feel free to mail me off-list with any 
> >>>>thoughts/costs/etc.
> >>>>   
> >>>>        
> >>>The module is in the attached patch.
> >>> 
> >>>      
> >>Can you include the module with future distributions?
> >>    
> >
> >Yes, I will add in 0.8.6. I post it to know if other variables are needed ?
> >  
> Thank you Igor, and thanks to those who provided the funding for 
> enhancing the module. :)

The module was created without funding :) It takes just 3 hours.

> I'm assuming (so correct me if I'm wrong) that $geoip_region would be a 
> US state, Canadian province, German state, etc.

Yes, see http://www.maxmind.com/app/fips10_4


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Sun Jul 19 15:32:24 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sun, 19 Jul 2009 15:32:24 +0400
Subject: nginx caching
In-Reply-To: <932ea6c90907190421n37ac6057j915d75e5890cce79@mail.gmail.com>
References: <932ea6c90907190254v34c5511x379860575f379203@mail.gmail.com> <20090719105633.GD52106@rambler-co.ru> <932ea6c90907190421n37ac6057j915d75e5890cce79@mail.gmail.com>
Message-ID: <20090719113224.GK52106@rambler-co.ru>

On Sun, Jul 19, 2009 at 04:21:35AM -0700, Gabriel Ramuglia wrote:

> thanks, i didn't know that embedded perl could be used this way,
> that's a great help.

You may use

perl_set  $backend_url  'sub { return "http://youtube_backend/url" }';

proxy_pass  $backend_url;

Also, it better to add

     upstream youtube_backend {
          server ...;
          server ...;
          server ...;
     }

to disable resolving on run-time.


> 2009/7/19 Igor Sysoev <is at rambler-co.ru>:
> > On Sun, Jul 19, 2009 at 02:54:34AM -0700, Gabriel Ramuglia wrote:
> >
> >> Hi,
> >>
> >> I've been using nginx for a while now to proxy flv videos via youtube,
> >> to good effect. However, the site that I'm accessing to proxy videos,
> >> I'm having problems being able to access their site in bulk, so I've
> >> decided to start caching things locally so as not to hit the remote
> >> server so often. I'm doing this in squid, and, for a variety of
> >> reasons, using the url_rewriter function to help out. My urls change
> >> every hour, but the video they refer to does not, so I have to use the
> >> rewriter to make sure the cache stays relevant.
> >>
> >> Now, the problem is, squid is using something like 60% of one core of
> >> cpu doing something like 200 megabit / s of bandwidth. This is on top
> >> of the fact that squid has to pass cache misses off to nginx, which is
> >> using another 20% or so (of one core, again) cpu use. Obviously if I
> >> could cut squid out of the equation this would be ideal.
> >>
> >> Is there a way in nginx to use the same functionality as the
> >> url_rewriter in squid? Is there a tutorial or other helpful links on
> >> doing caching in nginx?
> >
> > http://wiki.nginx.org/NginxHttpProxyModule#proxy_cache
> >
> > http {
> > ? proxy_cache_path ? /spool/nginx/cache levels=1:2
> > ? ? ? ? ? ? ? ? ? ? ?keys_zone=cache:10m
> > ? ? ? ? ? ? ? ? ? ? ?inactive=3h;
> >
> > ? server {
> >
> > ? ? ? location / {
> > ? ? ? ? ? proxy_pass ? ...;
> >
> > ? ? ? ? ? proxy_cache ? ? ? ? ? ?cache;
> > ? ? ? ? ? proxy_cache_valid ? ? ?200 24h;
> > ? ? ? ? ? proxy_cache_use_stale ?error timeout invalid_header updating
> > ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ?http_500 http_502 http_503 http_504;
> >
> > ? ? ? ? ? proxy_ignore_headers ? Expires Cache-Control;
> > ? ? ? }
> >
> > As to url_rewriter, it's depend on functionality: you may use simple
> > "rewrite" or complex "perl_set":
> > http://wiki.nginx.org/NginxEmbeddedPerlModule
> >
> >
> > --
> > Igor Sysoev
> > http://sysoev.ru/en/
> >
> >

-- 
Igor Sysoev
http://sysoev.ru/en/




From mike503 at gmail.com  Sun Jul 19 16:22:42 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Sun, 19 Jul 2009 05:22:42 -0700
Subject: RFC: "global" location functionality
Message-ID: <bd9320b30907190522t64124e8akd5f453bb6b97c82a@mail.gmail.com>

Igor,
right now any time you have to protect a location, you have to put in
a second location block for php. You've said yourself this isn't a
highly suggested method.

I've also run into issues where my expires headers can sometimes
conflict with things...

would there be some way to implement some sort of global location
block method? perhaps it gets applied -after- the normal location
logic, and has a new marker?

that way we could safely apply things like expires headers or a php
block -after- any sort of locations are defined. below the php block
should be unnecessary as it should inherit from the parent but it
doesn't. i've got some more complex setups too that get hard to
support due to having regexps and "stop processing" instructions in
place, but without them the site doesn't work properly, etc...

server {
        listen 80;
        server_name foo.com;
        index index.php index.html;
        root /home/foo/docroot.com;
        include /etc/nginx/defaults.conf;
       location ~* \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
           expires max;
       }
        location ^~ /blog/wp-admin {
                auth_basic "wordpress";
                auth_basic_user_file /path/to/.htpasswd;
                location ~ \.php$ {
                        fastcgi_pass 127.0.0.1:11000;
                }
        }
       location ~ \.php$ {
                fastcgi_pass 127.0.0.1:11000;
        }
}

Maybe instead have something like this, which would apply this
location block -after- all others are done...

       location :~ \.php$ {
                fastcgi_pass 127.0.0.1:11000;
        }

I picked ":" randomly. Not sure what the best thing is. ^~* are taken,
# is comments, $ is variables, @ is named location, + - & % : ?  are
the only chars left I can think, unless you somehow figured out how to
make it use a keyword like

location :~ \.php$ global {

but I don't know how that will work...

Just an idea. Would simplify configuration a lot. I wind up hitting
the expires stuff a lot when it should be matching another location
instead, but because it's a .js file, it doesn't, so I have to wind up
nesting the expires stuff inside of the location block...

This would help solve some of my issues with locations. That's
probably the most complicated thing in nginx.




From kaspars at konstruktors.com  Sun Jul 19 21:45:07 2009
From: kaspars at konstruktors.com (Kaspars)
Date: Sun, 19 Jul 2009 20:45:07 +0300
Subject: variables in "include" for vhost specific config files
Message-ID: <4A635BA3.5000301@konstruktors.com>

Privet Igor and dear list members,

I am trying to create a flexible virtual host environment, where each 
host could have their own config.nginx file.

In sites-available/default I have:

server {
         listen   80 default;
         server_name _;
         server_name_in_redirect off;

         set $vhost_path /var/www/vhosts;

         root    $vhost_path/$host;
         index   index.php index.html index.htm;

         # THE IMPORTANT BIT: vhost specific config files, for rewrites, 
etc.
         include /var/www/vhosts/$host/config.nginx;

         [...]
}


'root' directive works fine, but the 'include' doesn't like the $host 
variable in it.

I would like to avoid using server { ... } for each of the individual 
hosts, in order to have global php settings.

What would be the best way to approach this?

Any pointers and suggestions are very welcome.

Regards,
Kaspars

p.s. using nginx 0.6.32-3 on debian lenny.




From dick at fouter.net  Sun Jul 19 22:18:04 2009
From: dick at fouter.net (Dick Middleton)
Date: Sun, 19 Jul 2009 19:18:04 +0100
Subject: subdirs without trailing slash
In-Reply-To: <20090719110429.GF52106@rambler-co.ru>
References: <4A624DAA.1050508@fouter.net> <20090719110429.GF52106@rambler-co.ru>
Message-ID: <4A63635C.4010202@fouter.net>

Igor Sysoev wrote:

>> I want to make the following equivalent:
>>
>>      http://example.com/mail/index.php
>>      http://example.com/mail/
>>      http://example.com/mail

>> What is the recommended way to configure this?
> 
> If you set
> 
>    location /mail/ {
>        fastcgi_pass localhost:8888;
>        ...
>    }
> 
> and request "/mail" then nginx will return external redirect to "/mail/".

It's so easy when you know how.

Many thanks

Dick




From cliff at develix.com  Mon Jul 20 01:01:43 2009
From: cliff at develix.com (Cliff Wells)
Date: Sun, 19 Jul 2009 14:01:43 -0700
Subject: sysoev.ru and rambler.ru dns servers not responding?
Message-ID: <1248037303.3626.28.camel@portable-evil>

Is it just me?   I can't get to any nginx.org domain at this point.

Cliff

-- 
http://www.google.com/search?q=vonage+sucks





From leccine at gmail.com  Mon Jul 20 02:08:38 2009
From: leccine at gmail.com (=?ISO-8859-1?B?SXN0duFu?=)
Date: Sun, 19 Jul 2009 23:08:38 +0100
Subject: sysoev.ru and rambler.ru dns servers not responding?
In-Reply-To: <1248037303.3626.28.camel@portable-evil>
References: <1248037303.3626.28.camel@portable-evil>
Message-ID: <b8592ed80907191508k11d1df9ds2bfc0ef562f4ea60@mail.gmail.com>

works for me

l at test:~$host nginx.org NS.SYSOEV.RU
Using domain server:
Name: NS.SYSOEV.RU
Address: 81.19.69.70#53
Aliases:

nginx.org has address 81.19.69.70
nginx.org mail is handled by 10 mail.nginx.com.



On Sun, Jul 19, 2009 at 10:01 PM, Cliff Wells <cliff at develix.com> wrote:

> Is it just me?   I can't get to any nginx.org domain at this point.
>
> Cliff
>
> --
> http://www.google.com/search?q=vonage+sucks
>
>
>


-- 
the sun shines for all
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090719/bc9a6793/attachment.html>

From cliff at develix.com  Mon Jul 20 02:39:32 2009
From: cliff at develix.com (Cliff Wells)
Date: Sun, 19 Jul 2009 15:39:32 -0700
Subject: sysoev.ru and rambler.ru dns servers not responding?
In-Reply-To: <b8592ed80907191508k11d1df9ds2bfc0ef562f4ea60@mail.gmail.com>
References: <1248037303.3626.28.camel@portable-evil>
	 <b8592ed80907191508k11d1df9ds2bfc0ef562f4ea60@mail.gmail.com>
Message-ID: <1248043172.3626.30.camel@portable-evil>

Yes, they came back online a bit ago. 

Cliff

On Sun, 2009-07-19 at 23:08 +0100, Istv?n wrote:
> works for me
> 
> l at test:~$host nginx.org NS.SYSOEV.RU
> Using domain server:
> Name: NS.SYSOEV.RU
> Address: 81.19.69.70#53
> Aliases:
> 
> 
> nginx.org has address 81.19.69.70
> nginx.org mail is handled by 10 mail.nginx.com.
> 
> 
> 
> 
> 
> 
> On Sun, Jul 19, 2009 at 10:01 PM, Cliff Wells <cliff at develix.com>
> wrote:
>         Is it just me?   I can't get to any nginx.org domain at this
>         point.
>         
>         Cliff
>         
>         --
>         http://www.google.com/search?q=vonage+sucks
>         
>         
> 
> 
> 
> -- 
> the sun shines for all
> 
-- 
http://www.google.com/search?q=vonage+sucks





From iberkner at gmail.com  Mon Jul 20 04:03:03 2009
From: iberkner at gmail.com (Ilan Berkner)
Date: Sun, 19 Jul 2009 20:03:03 -0400
Subject: sysoev.ru and rambler.ru dns servers not responding?
In-Reply-To: <1248037303.3626.28.camel@portable-evil>
References: <1248037303.3626.28.camel@portable-evil>
Message-ID: <77432c470907191703t3529db1egccf2bd278eda1c50@mail.gmail.com>

does not work for me...

On Sun, Jul 19, 2009 at 5:01 PM, Cliff Wells <cliff at develix.com> wrote:

> Is it just me?   I can't get to any nginx.org domain at this point.
>
> Cliff
>
> --
> http://www.google.com/search?q=vonage+sucks
>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090719/0626ee6c/attachment.html>

From nginx-forum at nginx.us  Mon Jul 20 10:46:30 2009
From: nginx-forum at nginx.us (supergui)
Date: Mon, 20 Jul 2009 02:46:30 -0400
Subject: Write a speed-limit module, any suggestion?
Message-ID: <480af9173978e8c2913c8a6a11dbbdfa.NginxMailingList@forum.nginx.org>

I want to write a module to transfer files to client, but it need to limit the speed of transfer.
how can i implement it ? 

it is likely that i should output one buffer per time, and then check the avg speed before, if expire the setting speed what should i do then?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4234,4234#msg-4234





From is at rambler-co.ru  Mon Jul 20 12:32:54 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Mon, 20 Jul 2009 12:32:54 +0400
Subject: nginx-0.8.6
Message-ID: <20090720083254.GD76413@rambler-co.ru>

Changes with nginx 0.8.6                                         20 Jul 2009

    *) Feature: the ngx_http_geoip_module.

    *) Bugfix: XSLT filter may fail with message "not well formed XML 
       document" for valid XML document.
       Thanks to Kuramoto Eiji.

    *) Bugfix: now in MacOSX, Cygwin, and nginx/Windows locations given by 
       a regular expression are always tested in case insensitive mode.

    *) Bugfix: now nginx/Windows ignores trailing dots in URI.
       Thanks to Hugo Leisink.

    *) Bugfix: name of file specified in --conf-path was not honored during 
       installation; the bug had appeared in 0.6.6.
       Thanks to Maxim Dounin.


-- 
Igor Sysoev
http://sysoev.ru/en/




From juergen.gotteswinter at internetx.de  Mon Jul 20 13:08:23 2009
From: juergen.gotteswinter at internetx.de (=?UTF-8?B?SW50ZXJOZXRYIC0gSsO8cmdlbiBHb3R0ZXN3aW50ZXI=?=)
Date: Mon, 20 Jul 2009 11:08:23 +0200
Subject: nginx-0.8.6
In-Reply-To: <20090720083254.GD76413@rambler-co.ru>
References: <20090720083254.GD76413@rambler-co.ru>
Message-ID: <4A643407.3080804@internetx.de>

Hello

Updated the SuSE RPMS in the opensuse-buildservice to 0.8.6

http://download.opensuse.org/repositories/server:/http/

Regards,


On 07/20/2009 10:32 AM, Igor Sysoev wrote:
> Changes with nginx 0.8.6                                         20 Jul 2009
>
>      *) Feature: the ngx_http_geoip_module.
>
>      *) Bugfix: XSLT filter may fail with message "not well formed XML
>         document" for valid XML document.
>         Thanks to Kuramoto Eiji.
>
>      *) Bugfix: now in MacOSX, Cygwin, and nginx/Windows locations given by
>         a regular expression are always tested in case insensitive mode.
>
>      *) Bugfix: now nginx/Windows ignores trailing dots in URI.
>         Thanks to Hugo Leisink.
>
>      *) Bugfix: name of file specified in --conf-path was not honored during
>         installation; the bug had appeared in 0.6.6.
>         Thanks to Maxim Dounin.
>
>
>    

-- 
InterNetX GmbH
Maximilianstrasse 6
D-93047 Regensburg

Tel. +49 941 59559-480
Fax  +49 941 59559-245

Gesch?ftsf?hrer/CEO: Thomas M?rz
Amtsgericht Regensburg, HRB 7142





From systems at goballistic.co.uk  Mon Jul 20 13:58:37 2009
From: systems at goballistic.co.uk (Systems Maintenance)
Date: Mon, 20 Jul 2009 10:58:37 +0100
Subject: Maxmind GeoIP City Module
In-Reply-To: <4A61EA3E.2030507@ohlste.in>
References: <4A5336CD.9050308@theactivitypeople.co.uk> <20090716123704.GF90866@rambler-co.ru> <4A61554A.7030402@ohlste.in> <20090718072607.GB34205@rambler-co.ru> <4A61EA3E.2030507@ohlste.in>
Message-ID: <4A643FCD.2090305@goballistic.co.uk>

Jim Ohlstein wrote:
> Thank you Igor, and thanks to those who provided the funding for 
> enhancing the module. :)
Heh, we didn't even get chance! Igor is just too fast!




From dgunchev at gmail.com  Mon Jul 20 14:09:22 2009
From: dgunchev at gmail.com (Doncho Gunchev)
Date: Mon, 20 Jul 2009 13:09:22 +0300
Subject: nginx ssl_prefer_server_ciphers and MSIE 7.x core dump
Message-ID: <92fda3a30907200309l1592cb99n268bfff489671098@mail.gmail.com>

Hello,

First of all many thanks for nginx.

I have a machine where 'ssl_prefer_server_ciphers on;' plus Internet
Explorer 7 (win 2003/XP) causes segmentation fault in Kerberos
libraries:
--- cut ---
Program received signal SIGSEGV, Segmentation fault.
0x00000036b7e610a2 in krb5_is_referral_realm () from /usr/lib64/libkrb5.so.3
(gdb) bt
#0  0x00000036b7e610a2 in krb5_is_referral_realm () from /usr/lib64/libkrb5.so.3
#1  0x00000036b7e48ade in krb5_kt_get_entry () from /usr/lib64/libkrb5.so.3
#2  0x00000036b963862e in kssl_keytab_is_available () from /lib64/libssl.so.6
#3  0x00000036b961e2d5 in ssl3_choose_cipher () from /lib64/libssl.so.6
#4  0x00000036b9619a7b in ssl3_get_client_hello () from /lib64/libssl.so.6
--- cut ---
The host OS is RHEL 5.3 fully updated. I tried 32 and 64 bit versions
from 0.6.32 to 0.6.38 with and without perl. The CPU is Intel(R)
Xeon(R) CPU E5410 @ 2.33GHz. Exactly the same binary works on other
machines (including KVM virtual ones) on CentOS 5.3 fully updated and
I was using it on another machine with RHEL (have no access to that
one any more).

Can I help further? Can I disable all kerberos related stuff in the
meantime somehow?

-- 
  BR,
    Doncho Gunchev




From kaspars at konstruktors.com  Mon Jul 20 14:40:49 2009
From: kaspars at konstruktors.com (Kaspars Dambis)
Date: Mon, 20 Jul 2009 13:40:49 +0300
Subject: variables in "include"
Message-ID: <4A6449B1.1060107@konstruktors.com>

I am trying to create a flexible virtual host environment, where each 
host could have their own config.nginx file.

In sites-available/default I have:

server {
         listen   80 default;
         server_name _;
         server_name_in_redirect off;

         set $vhost_path /var/www/vhosts;

         root    $vhost_path/$host;
         index   index.php index.html index.htm;

         # THE IMPORTANT BIT: vhost specific config files, for rewrites, 
etc.
         include /var/www/vhosts/$host/config.nginx;

         [...]
}


'root' directive works fine, but the 'include' doesn't like the $host 
variable in it.

I would like to avoid using server { ... } for each of the individual 
hosts, in order to have global php settings.

What would be the best way to approach this?

Any pointers and suggestions are very welcome.

Regards,
Kaspars

p.s. using nginx 0.6.32-3 on debian lenny.




From maccaday at gmail.com  Mon Jul 20 16:56:27 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Mon, 20 Jul 2009 15:56:27 +0300
Subject: variables in "include"
In-Reply-To: <4A6449B1.1060107@konstruktors.com>
References: <4A6449B1.1060107@konstruktors.com>
Message-ID: <4A64697B.5060109@gmail.com>

Hi Kaspars,

Kaspars Dambis wrote:
>
> 'root' directive works fine, but the 'include' doesn't like the $host 
> variable in it.
The include directive is a server-start-time directive, and as such 
doesn't analyse variables as given with $xxx.  This has probably been 
done for at least two reasons - speed and configuration checking.

If the config files were analysed at runtime (like .htaccess files on 
Apache), that would slow things down.  Also, if the configuration file 
is wrong, what do you do?  Better to control it all at start time.
>
> I would like to avoid using server { ... } for each of the individual 
> hosts, in order to have global php settings.
>
> What would be the best way to approach this?
Depending on your configuration, you might be able to define one (or a 
few) server{} configurations, and use variables in other places than the 
'include' directive.  The server_name can take multiple values and 
wildcards, but many other settings can also take variables. 

If you need specific configurations for each server, then you can't 
really get around having a separate server{} block for each one (though 
you might be able to group them). 

One possible method:

nginx.conf :

# main settings (server-wide configuration)
...
http {
include      sites/all.conf;
}

sites/all.conf :

# just a list of all the servers you want to include (separating this 
from the main nginx.conf file might be useful for maintenance)

include      sites/site1;
include      sites/site2;
...

in each of the sites/site[n] files:

server {

include   global_settings.conf;      # this includes all php and other 
settings

# server-specific configurations
...
}

global_settings.conf :

# php settings could go here


Each time a new server was added, you'd need to add the relative 
'include site/site[n];' to the sites list and re-load the server 
configuration (you'd probably want to use the USR1 signal which just 
re-reads/loads the configuration, rather than fully reloading the 
software binary as a graceful restart would do).  This can be done using 
a shell-script, which you'd need to call somehow when you needed to.

If you have a great many hosts, then you may want to have a wildcard 
default server which would take all domains, then if a few hosts have 
more specific settings, to put them in separate server{} blocks.

Hope this is helpful.

Marcus.




From gabe at vtunnel.com  Mon Jul 20 18:27:10 2009
From: gabe at vtunnel.com (Gabriel Ramuglia)
Date: Mon, 20 Jul 2009 07:27:10 -0700
Subject: Write a speed-limit module, any suggestion?
In-Reply-To: <480af9173978e8c2913c8a6a11dbbdfa.NginxMailingList@forum.nginx.org>
References: <480af9173978e8c2913c8a6a11dbbdfa.NginxMailingList@forum.nginx.org>
Message-ID: <932ea6c90907200727t68397421g9c748f233e2783de@mail.gmail.com>

There is a rate limit option you can set if you are using reproxy_url.
There's a header you can set that is supposed to limit the rate of the
download to whatever you set. So I would look over the documentation
for reproxy_url and see if that will work for you.

On Sun, Jul 19, 2009 at 11:46 PM, supergui<nginx-forum at nginx.us> wrote:
> I want to write a module to transfer files to client, but it need to limit the speed of transfer.
> how can i implement it ?
>
> it is likely that i should output one buffer per time, and then check the avg speed before, if expire the setting speed what should i do then?
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4234,4234#msg-4234
>
>
>




From khansen at charityweb.net  Mon Jul 20 19:14:06 2009
From: khansen at charityweb.net (Kurt Hansen)
Date: Mon, 20 Jul 2009 11:14:06 -0400
Subject: Trailing slash rewrite help
In-Reply-To: <20090718072447.GA34205@rambler-co.ru>
References: <4A615D6C.4000700@charityweb.net> <20090718072447.GA34205@rambler-co.ru>
Message-ID: <4A6489BE.1010504@charityweb.net>


Igor Sysoev wrote:
> On Sat, Jul 18, 2009 at 01:28:12AM -0400, Kurt Hansen wrote:
>   
>> Hello,
>>
>> I'm using nginx as a reverse proxy to a mod_perl backend server and am 
>> having trouble with my rewrite rule in the case of a missing trailing 
>> slash on a subdirectory.
>>
>> For example, I want
>>
>> www.example.com/action mapped to the example/action/ directory on the 
>> mod_perl server.
>>
>>
>>     
>
> Probably, you need just:
>
> location / {
>     proxy_pass http://cweb/example/;
> }
>
> Also, you need to set "Index index.htm" on mod_perl side.
>
>   
Thanks, Igor, that did the trick!

Thought I was missing something simple...

Key, too, was getting the mod_perl server to specify the index.htm 
rather than the nginx server. I used a rewrite rule to do that because 
my apache/mod_perl with HTML::Mason setup doesn't handle the 
DirectoryIndex quite right.

Take care,

Kurt




From kaspars at konstruktors.com  Mon Jul 20 23:24:45 2009
From: kaspars at konstruktors.com (Kaspars)
Date: Mon, 20 Jul 2009 22:24:45 +0300
Subject: variables in "include"
In-Reply-To: <4A64697B.5060109@gmail.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com>
Message-ID: <4A64C47D.6090509@konstruktors.com>

Marcus, thank you very much for explaining how things are meant to work 
in nginx.

> If the config files were analysed at runtime (like .htaccess files on 
> Apache), that would slow things down.  Also, if the configuration file 
> is wrong, what do you do?  Better to control it all at start time.
I agree, there are lot of benefits of not having any runtime file access 
action going on. It would be interesting to do some testing on how this 
affects the performance.

> If you need specific configurations for each server, then you can't 
> really get around having a separate server{} block for each one 
> (though you might be able to group them).
> One possible method: [...]
I have set it up almost exactly like you described and it works very well.

Thank you once again.

Regards,
Kaspars





From maccaday at gmail.com  Mon Jul 20 23:54:53 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Mon, 20 Jul 2009 22:54:53 +0300
Subject: variables in "include"
In-Reply-To: <4A64C47D.6090509@konstruktors.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com> <4A64C47D.6090509@konstruktors.com>
Message-ID: <4A64CB8D.9060708@gmail.com>

Hi Kaspars,

Kaspars wrote:
> Marcus, thank you very much for explaining how things are meant to 
> work in nginx.
You're welcome.
>
>> If the config files were analysed at runtime (like .htaccess files on 
>> Apache), that would slow things down.  Also, if the configuration 
>> file is wrong, what do you do?  Better to control it all at start time.
> I agree, there are lot of benefits of not having any runtime file 
> access action going on. It would be interesting to do some testing on 
> how this affects the performance.
Litespeed, which is an asynchronous event-driven (like Nginx), very fast 
webserver that is largely Apache-compatible allows Apache-style 
.htaccess files to be used on a per-directory basis, and caches them in 
memory.  Although this does have a performance hit, it's still very 
fast, and with the right design, it needn't necessarily have a huge 
impact on performance if implemented in Nginx.  It shouldn't be too hard 
to implement, but Igor may not want to include code that does it in the 
main source.
>
>> If you need specific configurations for each server, then you can't 
>> really get around having a separate server{} block for each one 
>> (though you might be able to group them).
>> One possible method: [...]
> I have set it up almost exactly like you described and it works very 
> well.
I'm glad it works well.

Marcus.






From mike503 at gmail.com  Tue Jul 21 00:52:59 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Mon, 20 Jul 2009 13:52:59 -0700
Subject: variables in "include"
In-Reply-To: <4A64CB8D.9060708@gmail.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com>
	 <4A64C47D.6090509@konstruktors.com> <4A64CB8D.9060708@gmail.com>
Message-ID: <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com>

i agree. i think there should be an htaccess on; type deal, and instead of going

/
/home
/home/foo
/home/foo/bar
/home/foo/bar/foo.com

in the search path, it should start in the document root. in php 5.3,
they actually take the file path being requested, and then go
backwards from there, down to the document root level.

so

http://foo.com/1/2/3/

would chekc for

/home/foo/bar/foo.com/1/2/3/
/home/foo/bar/foo.com/1/2/
/home/foo/bar/foo.com/1/
/home/foo/bar/foo.com/

maybe also have a cache and a configuration item of how much memory to
dedicate to the cache...

htaccess on;
htaccess_file_name .htaccess;
htaccess_cache_size shared:htaccess:10m;
htaccess_cache_time 15s;

or something?

On Mon, Jul 20, 2009 at 12:54 PM, Marcus Clyne<maccaday at gmail.com> wrote:
> Hi Kaspars,
>
> Kaspars wrote:
>>
>> Marcus, thank you very much for explaining how things are meant to work in
>> nginx.
>
> You're welcome.
>>
>>> If the config files were analysed at runtime (like .htaccess files on
>>> Apache), that would slow things down. ?Also, if the configuration file is
>>> wrong, what do you do? ?Better to control it all at start time.
>>
>> I agree, there are lot of benefits of not having any runtime file access
>> action going on. It would be interesting to do some testing on how this
>> affects the performance.
>
> Litespeed, which is an asynchronous event-driven (like Nginx), very fast
> webserver that is largely Apache-compatible allows Apache-style .htaccess
> files to be used on a per-directory basis, and caches them in memory.
> ?Although this does have a performance hit, it's still very fast, and with
> the right design, it needn't necessarily have a huge impact on performance
> if implemented in Nginx. ?It shouldn't be too hard to implement, but Igor
> may not want to include code that does it in the main source.
>>
>>> If you need specific configurations for each server, then you can't
>>> really get around having a separate server{} block for each one (though you
>>> might be able to group them).
>>> One possible method: [...]
>>
>> I have set it up almost exactly like you described and it works very well.
>
> I'm glad it works well.
>
> Marcus.
>
>
>
>




From kaspars at konstruktors.com  Tue Jul 21 01:25:08 2009
From: kaspars at konstruktors.com (Kaspars)
Date: Tue, 21 Jul 2009 00:25:08 +0300
Subject: variables in "include"
In-Reply-To: <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com>	 <4A64C47D.6090509@konstruktors.com> <4A64CB8D.9060708@gmail.com> <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com>
Message-ID: <4A64E0B4.9020907@konstruktors.com>

>
> http://foo.com/1/2/3/
>
> would chekc for
>
> /home/foo/bar/foo.com/1/2/3/
> /home/foo/bar/foo.com/1/2/
> /home/foo/bar/foo.com/1/
> /home/foo/bar/foo.com/
>    

Or we could use the existing "location" feature:

location /1 { ... }
location /1/2 { ... }

in *one* base config.nginx file at /home/foo/bar/foo.com/config.nginx, 
and then we could save even more of the precious runtime processing.

Kaspars




From mike503 at gmail.com  Tue Jul 21 01:52:49 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Mon, 20 Jul 2009 14:52:49 -0700
Subject: variables in "include"
In-Reply-To: <4A64E0B4.9020907@konstruktors.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com>
	 <4A64C47D.6090509@konstruktors.com> <4A64CB8D.9060708@gmail.com>
	 <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com>
	 <4A64E0B4.9020907@konstruktors.com>
Message-ID: <bd9320b30907201452s329dcf60n49cbe1f8319ef4df@mail.gmail.com>

that would require server level configuration still... the idea is to
give the users a way to configure things on their own.

On Mon, Jul 20, 2009 at 2:25 PM, Kaspars<kaspars at konstruktors.com> wrote:
>>
>> http://foo.com/1/2/3/
>>
>> would chekc for
>>
>> /home/foo/bar/foo.com/1/2/3/
>> /home/foo/bar/foo.com/1/2/
>> /home/foo/bar/foo.com/1/
>> /home/foo/bar/foo.com/
>>
>
> Or we could use the existing "location" feature:
>
> location /1 { ... }
> location /1/2 { ... }
>
> in *one* base config.nginx file at /home/foo/bar/foo.com/config.nginx, and
> then we could save even more of the precious runtime processing.
>
> Kaspars
>
>




From maccaday at gmail.com  Tue Jul 21 02:13:53 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Tue, 21 Jul 2009 01:13:53 +0300
Subject: variables in "include"
In-Reply-To: <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com>	 <4A64C47D.6090509@konstruktors.com> <4A64CB8D.9060708@gmail.com> <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com>
Message-ID: <4A64EC21.3020208@gmail.com>

Michael Shadle wrote:
> i agree. i think there should be an htaccess on; type deal, and instead of going
>
> /
> /home
> /home/foo
> /home/foo/bar
> /home/foo/bar/foo.com
>
> in the search path, it should start in the document root. in php 5.3,
> they actually take the file path being requested, and then go
> backwards from there, down to the document root level.
>
> so
>
> http://foo.com/1/2/3/
>
> would chekc for
>
> /home/foo/bar/foo.com/1/2/3/
> /home/foo/bar/foo.com/1/2/
> /home/foo/bar/foo.com/1/
> /home/foo/bar/foo.com/
>
>   
That would be overall less efficient, since if you had htaccess-like 
files, you would always want to check the uppermost level (because it 
might say to ignore htaccess files lower down).  If it did, then you 
will have checked lower-level htaccess files unnecessarily.
> maybe also have a cache and a configuration item of how much memory to
> dedicate to the cache...
>
> htaccess on;
> htaccess_file_name .htaccess;
> htaccess_cache_size shared:htaccess:10m;
> htaccess_cache_time 15s;
>   
Wrt caching, any valid htaccess files would probably want to be cached 
permanently until any files were htaccess updated (i.e. not re-read 
after 15s of not reading as might be the case here).  You'd only want to 
stat the file, then only if it's changed, re-load the config.  The 
directive would then be less a cache time directive, but a 'don't stat 
the file to see if it's changed within this time' directive. 

Not sure if that's what you meant or not.

Obviously, you'd want to be statting/loading the file asynchronously, so 
as not to block the server whilst it was happening. 

You'd probably also want to specify which directives would be 
permissible - perhaps on a module-by-module basis - which would only be 
specifiable in the main config files.

Cheers,

Marcus.






From kaspars at konstruktors.com  Tue Jul 21 02:22:22 2009
From: kaspars at konstruktors.com (Kaspars)
Date: Tue, 21 Jul 2009 01:22:22 +0300
Subject: variables in "include"
In-Reply-To: <bd9320b30907201452s329dcf60n49cbe1f8319ef4df@mail.gmail.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com>	 <4A64C47D.6090509@konstruktors.com> <4A64CB8D.9060708@gmail.com>	 <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com>	 <4A64E0B4.9020907@konstruktors.com> <bd9320b30907201452s329dcf60n49cbe1f8319ef4df@mail.gmail.com>
Message-ID: <4A64EE1E.2040007@konstruktors.com>

>
> that would require server level configuration still... the idea is to
> give the users a way to configure things on their own.
>    
I agree. My suggestion was to allow only one config file per host in a 
defined location instead of unlimited amount of config files in all 
possible locations.




From mike503 at gmail.com  Tue Jul 21 02:25:27 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Mon, 20 Jul 2009 15:25:27 -0700
Subject: variables in "include"
In-Reply-To: <4A64EC21.3020208@gmail.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com>
	 <4A64C47D.6090509@konstruktors.com> <4A64CB8D.9060708@gmail.com>
	 <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com>
	 <4A64EC21.3020208@gmail.com>
Message-ID: <bd9320b30907201525i68f528e8hcb970af43448fae2@mail.gmail.com>

On Mon, Jul 20, 2009 at 3:13 PM, Marcus Clyne<maccaday at gmail.com> wrote:

> That would be overall less efficient, since if you had htaccess-like files,
> you would always want to check the uppermost level (because it might say to
> ignore htaccess files lower down). ?If it did, then you will have checked
> lower-level htaccess files unnecessarily.

I'm not sure; I think it might be interesting to ask the PHP folks why
they decided to do it that way. if I'm protecting phpMyAdmin for
example, it will find my .htaccess file quicker one way vs. the other
depending on how nested it is.

> Wrt caching, any valid htaccess files would probably want to be cached
> permanently until any files were htaccess updated (i.e. not re-read after
> 15s of not reading as might be the case here). ?You'd only want to stat the
> file, then only if it's changed, re-load the config. ?The directive would
> then be less a cache time directive, but a 'don't stat the file to see if
> it's changed within this time' directive.
> Not sure if that's what you meant or not.

yeah. hmm. i didn't think that all the way though. caching the
existence (or lack of) for 15 seconds before it invalidates itself
wouldn't be useful. it wouldn't be very good. i don't know how
expensive a basic stat call is. of course, that's why htaccess on;
could be allowed in any location block, so you could limit the amount
of overhead if you wish.

> Obviously, you'd want to be statting/loading the file asynchronously, so as
> not to block the server whilst it was happening.
> You'd probably also want to specify which directives would be permissible -
> perhaps on a module-by-module basis - which would only be specifiable in the
> main config files.

of course. my main thing is for auth blocks.

php overrides can be handled with htscanner (pre 5.3) or php 5.3.




From mike503 at gmail.com  Tue Jul 21 02:29:36 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Mon, 20 Jul 2009 15:29:36 -0700
Subject: variables in "include"
In-Reply-To: <4A64EE1E.2040007@konstruktors.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com>
	 <4A64C47D.6090509@konstruktors.com> <4A64CB8D.9060708@gmail.com>
	 <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com>
	 <4A64E0B4.9020907@konstruktors.com>
	 <bd9320b30907201452s329dcf60n49cbe1f8319ef4df@mail.gmail.com>
	 <4A64EE1E.2040007@konstruktors.com>
Message-ID: <bd9320b30907201529t226336a3o1cb91816521b9a04@mail.gmail.com>

On Mon, Jul 20, 2009 at 3:22 PM, Kaspars<kaspars at konstruktors.com> wrote:

> I agree. My suggestion was to allow only one config file per host in a
> defined location instead of unlimited amount of config files in all possible
> locations.

that is another way to look into it. a site-wide .htaccess. however,
if multiple people are collaborating on a single site and some people
don't have access to that single site config file...

it could be done today, technically just by doing

include /home/mike/foo/mike.com/nginx.config;

the problem is that gives them a ton of control, and also if the file
is removed i think nginx will not be able to start. there is no
configuration macro to test the existence of a file and included it
conditionally.




From kaspars at konstruktors.com  Tue Jul 21 02:45:30 2009
From: kaspars at konstruktors.com (Kaspars)
Date: Tue, 21 Jul 2009 01:45:30 +0300
Subject: variables in "include"
In-Reply-To: <4A64EC21.3020208@gmail.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com>	 <4A64C47D.6090509@konstruktors.com> <4A64CB8D.9060708@gmail.com> <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com> <4A64EC21.3020208@gmail.com>
Message-ID: <4A64F38A.1020809@konstruktors.com>

> Wrt caching, any valid htaccess files would probably want to be cached 
> permanently until any files were htaccess updated (i.e. not re-read 
> after 15s of not reading as might be the case here).  You'd only want 
> to stat the file, then only if it's changed, re-load the config.  The 
> directive would then be less a cache time directive, but a 'don't stat 
> the file to see if it's changed within this time' directive.
> Not sure if that's what you meant or not.

Exactly, Marcus -- something like 'stat' at a defined time interval 
could be the best solution.




From kaspars at konstruktors.com  Tue Jul 21 02:48:28 2009
From: kaspars at konstruktors.com (Kaspars)
Date: Tue, 21 Jul 2009 01:48:28 +0300
Subject: variables in "include"
In-Reply-To: <bd9320b30907201529t226336a3o1cb91816521b9a04@mail.gmail.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com>	 <4A64C47D.6090509@konstruktors.com> <4A64CB8D.9060708@gmail.com>	 <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com>	 <4A64E0B4.9020907@konstruktors.com>	 <bd9320b30907201452s329dcf60n49cbe1f8319ef4df@mail.gmail.com>	 <4A64EE1E.2040007@konstruktors.com> <bd9320b30907201529t226336a3o1cb91816521b9a04@mail.gmail.com>
Message-ID: <4A64F43C.7060109@konstruktors.com>

>
> include /home/mike/foo/mike.com/nginx.config;
>    

Currently you can use

include /home/mike/foo/*/nginx.config;

which will not break if no nginx.config are found.






From kaspars at konstruktors.com  Tue Jul 21 02:54:24 2009
From: kaspars at konstruktors.com (Kaspars)
Date: Tue, 21 Jul 2009 01:54:24 +0300
Subject: variables in "include"
In-Reply-To: <bd9320b30907201529t226336a3o1cb91816521b9a04@mail.gmail.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com>	 <4A64C47D.6090509@konstruktors.com> <4A64CB8D.9060708@gmail.com>	 <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com>	 <4A64E0B4.9020907@konstruktors.com>	 <bd9320b30907201452s329dcf60n49cbe1f8319ef4df@mail.gmail.com>	 <4A64EE1E.2040007@konstruktors.com> <bd9320b30907201529t226336a3o1cb91816521b9a04@mail.gmail.com>
Message-ID: <4A64F5A0.7080503@konstruktors.com>

> the problem is that gives them a ton of control, and also if the file 
> is removed i think nginx will not be able to start. there is no 
> configuration macro to test the existence of a file and included it 
> conditionally.

The problem is that currently for every change in nginx.conf you have to 
restart the server. That's why something like:

/home/var/vhosts/*/nginx.config

doesn't make sense, as it requires a restart (or a silent re-read of the 
config file).





From mike503 at gmail.com  Tue Jul 21 03:01:17 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Mon, 20 Jul 2009 16:01:17 -0700
Subject: variables in "include"
In-Reply-To: <4A64F5A0.7080503@konstruktors.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com>
	 <4A64C47D.6090509@konstruktors.com> <4A64CB8D.9060708@gmail.com>
	 <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com>
	 <4A64E0B4.9020907@konstruktors.com>
	 <bd9320b30907201452s329dcf60n49cbe1f8319ef4df@mail.gmail.com>
	 <4A64EE1E.2040007@konstruktors.com>
	 <bd9320b30907201529t226336a3o1cb91816521b9a04@mail.gmail.com>
	 <4A64F5A0.7080503@konstruktors.com>
Message-ID: <bd9320b30907201601y6a3c0452qb48e977a1d818917@mail.gmail.com>

that too! didn't even think about that, duh :)

i think having a limited htaccess support module would be great, and
for the most part, i think servers can handle a few extra stat calls
cached appropriately (doesn't the filesystem have caching type things,
or inotify/dnotify/kernel notifications, etc)

scaling that is probably a lot easier especially if it can be turned
on/off by location {} too.

On Mon, Jul 20, 2009 at 3:54 PM, Kaspars<kaspars at konstruktors.com> wrote:
>> the problem is that gives them a ton of control, and also if the file is
>> removed i think nginx will not be able to start. there is no configuration
>> macro to test the existence of a file and included it conditionally.
>
> The problem is that currently for every change in nginx.conf you have to
> restart the server. That's why something like:
>
> /home/var/vhosts/*/nginx.config
>
> doesn't make sense, as it requires a restart (or a silent re-read of the
> config file).
>
>
>




From maccaday at gmail.com  Tue Jul 21 03:52:08 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Tue, 21 Jul 2009 02:52:08 +0300
Subject: variables in "include"
In-Reply-To: <bd9320b30907201525i68f528e8hcb970af43448fae2@mail.gmail.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com>	 <4A64C47D.6090509@konstruktors.com> <4A64CB8D.9060708@gmail.com>	 <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com>	 <4A64EC21.3020208@gmail.com> <bd9320b30907201525i68f528e8hcb970af43448fae2@mail.gmail.com>
Message-ID: <4A650328.10709@gmail.com>


>> That would be overall less efficient, since if you had htaccess-like files,
>> you would always want to check the uppermost level (because it might say to
>> ignore htaccess files lower down).  If it did, then you will have checked
>> lower-level htaccess files unnecessarily.
>>     
>
> I'm not sure; I think it might be interesting to ask the PHP folks why
> they decided to do it that way. if I'm protecting phpMyAdmin for
> example, it will find my .htaccess file quicker one way vs. the other
> depending on how nested it is.
>
>   
The point is that for proper security, you'd want to be able to turn off 
htaccess to lower levels in the higher levels.  In order to find the 
higher levels, you'd need to search the highest order directories, 
starting with where the location where htaccess has been enabled.  If 
you must read the highest-level directory's htaccess file, but not 
necessarily the lower-levels' ones, then it makes sense to start at the top.

Wrt PHP, I've not tried it out so I'm not sure precisely how it works.  
I'm assuming that all directories are searched, though, and that 
lower-levels override higher levels.  In that case, it makes sense to 
start at the bottom, since then you will only set each option once - if 
you discover the option at a higher level, then you don't need to save 
it, because you already have an option that is more specific.  It makes 
sense to do it this way if you don't need the option to prevent parsing 
of options in lower directories, but with server-level htaccess files, 
you would want that.
>
> yeah. hmm. i didn't think that all the way though. caching the
> existence (or lack of) for 15 seconds before it invalidates itself
> wouldn't be useful. it wouldn't be very good. i don't know how
> expensive a basic stat call is. of course, that's why htaccess on;
> could be allowed in any location block, so you could limit the amount
> of overhead if you wish.
>   
The stat call wouldn't be a big overhead if carried out asynchronously, 
but would really slow down the server if it wasn't.


Marcus.




From mike503 at gmail.com  Tue Jul 21 04:01:43 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Mon, 20 Jul 2009 17:01:43 -0700
Subject: variables in "include"
In-Reply-To: <4A650328.10709@gmail.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com>
	 <4A64C47D.6090509@konstruktors.com> <4A64CB8D.9060708@gmail.com>
	 <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com>
	 <4A64EC21.3020208@gmail.com>
	 <bd9320b30907201525i68f528e8hcb970af43448fae2@mail.gmail.com>
	 <4A650328.10709@gmail.com>
Message-ID: <bd9320b30907201701k27aba32bk6a95f42d9abb9d81@mail.gmail.com>

On Mon, Jul 20, 2009 at 4:52 PM, Marcus Clyne<maccaday at gmail.com> wrote:

> Wrt PHP, I've not tried it out so I'm not sure precisely how it works. ?I'm
> assuming that all directories are searched, though, and that lower-levels
> override higher levels. ?In that case, it makes sense to start at the
> bottom, since then you will only set each option once - if you discover the
> option at a higher level, then you don't need to save it, because you
> already have an option that is more specific. ?It makes sense to do it this
> way if you don't need the option to prevent parsing of options in lower
> directories, but with server-level htaccess files, you would want that.

i was explained that it searches for cwd/current dir, and then down to
the document root in that order. i am not sure if it stops once it
hits a file though or continues. i want to say it stops. i might be
wrong. i got the explanation on IRC and actually asked to try to write
it up so they could post it but i didn't think about asking about the
stopping-on-finding-a-file deal.

> The stat call wouldn't be a big overhead if carried out asynchronously, but
> would really slow down the server if it wasn't.

okay, then make it async :)




From maccaday at gmail.com  Tue Jul 21 05:10:00 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Tue, 21 Jul 2009 04:10:00 +0300
Subject: variables in "include"
In-Reply-To: <bd9320b30907201701k27aba32bk6a95f42d9abb9d81@mail.gmail.com>
References: <4A6449B1.1060107@konstruktors.com> <4A64697B.5060109@gmail.com>	 <4A64C47D.6090509@konstruktors.com> <4A64CB8D.9060708@gmail.com>	 <bd9320b30907201352xcf0b985jc4353a663b51728e@mail.gmail.com>	 <4A64EC21.3020208@gmail.com>	 <bd9320b30907201525i68f528e8hcb970af43448fae2@mail.gmail.com>	 <4A650328.10709@gmail.com> <bd9320b30907201701k27aba32bk6a95f42d9abb9d81@mail.gmail.com>
Message-ID: <4A651568.1090505@gmail.com>


>> The stat call wouldn't be a big overhead if carried out asynchronously, but
>> would really slow down the server if it wasn't.
>>     
> okay, then make it async :)
>   
If only implementing it could be as easy as making it so in 5 words. :-) 




From nginx-forum at nginx.us  Tue Jul 21 06:56:35 2009
From: nginx-forum at nginx.us (chenon)
Date: Mon, 20 Jul 2009 22:56:35 -0400
Subject: build on MSVC
Message-ID: <1fa3b143bace84b6652f0e6f6db24fc7.NginxMailingList@forum.nginx.org>

Hi,

    I tried to build Nginx on MSVC just now, but failed to do that.
Is there a Makefile or project file for nginx to build by MSVC? 
Or any building guild available?
Thanks a lot :)

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4263,4263#msg-4263





From nginx-forum at nginx.us  Tue Jul 21 10:06:38 2009
From: nginx-forum at nginx.us (chenon)
Date: Tue, 21 Jul 2009 02:06:38 -0400
Subject: build on MSVC
In-Reply-To: <1fa3b143bace84b6652f0e6f6db24fc7.NginxMailingList@forum.nginx.org>
References: <1fa3b143bace84b6652f0e6f6db24fc7.NginxMailingList@forum.nginx.org>
Message-ID: <1b391e793a3e2483c459b45d4933f492.NginxMailingList@forum.nginx.org>

oh, hehe, I see!
I got an posix version, and there's no ngx_win32_config.h and os/win32 folder found.

Can anybody give me a win32 copy of Nginx? Thanks...

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4263,4264#msg-4264





From nginx-forum at nginx.us  Tue Jul 21 10:25:04 2009
From: nginx-forum at nginx.us (supergui)
Date: Tue, 21 Jul 2009 02:25:04 -0400
Subject: how to set timer?
Message-ID: <0e96d43ade091f18dbb98f62f9445495.NginxMailingList@forum.nginx.org>

//////////////////////////////////////////////////////////////////////////////////////////////////////////
gdrive_timer_wev.handler=test_timer;
ngx_add_timer(&gdrive_timer_wev, 5); 

static
void test_timer(ngx_event_t *wev)
{
        ngx_log_error(NGX_LOG_DEBUG, wev->log, 0, "timer out");
}
/////////////////////////////////////////////////////////////////////////////////////////////////////////

i want to set a timer in nginx's main loop, but why this make not any effect?
how to set the timer?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4265,4265#msg-4265





From cliff at develix.com  Tue Jul 21 11:35:40 2009
From: cliff at develix.com (Cliff Wells)
Date: Tue, 21 Jul 2009 00:35:40 -0700
Subject: build on MSVC
In-Reply-To: <1b391e793a3e2483c459b45d4933f492.NginxMailingList@forum.nginx.org>
References: 	 <1fa3b143bace84b6652f0e6f6db24fc7.NginxMailingList@forum.nginx.org>
	 <1b391e793a3e2483c459b45d4933f492.NginxMailingList@forum.nginx.org>
Message-ID: <1248161740.3626.360.camel@portable-evil>

On Tue, 2009-07-21 at 02:06 -0400, chenon wrote:
> oh, hehe, I see!
> I got an posix version, and there's no ngx_win32_config.h and os/win32 folder found.
> 
> Can anybody give me a win32 copy of Nginx? Thanks...


http://wiki.nginx.org/NginxInstall

As stated in the above, you can't currently build the win32 version from
source.  Just use the binary provided.

Regards,
Cliff

-- 
http://www.google.com/search?q=vonage+sucks





From phill at theactivitypeople.co.uk  Tue Jul 21 12:01:22 2009
From: phill at theactivitypeople.co.uk (Phillip Oldham)
Date: Tue, 21 Jul 2009 09:01:22 +0100
Subject: Maxmind GeoIP City Module
In-Reply-To: <20090716123704.GF90866@rambler-co.ru>
References: <4A5336CD.9050308@theactivitypeople.co.uk> <20090716123704.GF90866@rambler-co.ru>
Message-ID: <4A6575D2.1020908@theactivitypeople.co.uk>

Igor Sysoev wrote:
> The module is in the attached patch.
>
> ./configure ---with-http_geoip_module
>
> nginx.conf:
>
> http {
>
>     geoip_country  path/to/GeoIP.dat;
>     geoip_city     path/to/GeoLiteCity.dat;
>
>
> You may use only one base or both bases.
>
> Varaibles available with geoip_country base:
>
> $geoip_country_code
> $geoip_country_code3
> $geoip_country_name
>
> Varaibles available with geoip_city base:
>
> $geoip_city_country_code
> $geoip_city_country_code3
> $geoip_city_country_name
> $geoip_region
> $geoip_city
> $geoip_postal_code
>   
I've updated the wiki accordingly.




From support-nginx at oeko.net  Tue Jul 21 12:21:00 2009
From: support-nginx at oeko.net (Toni Mueller)
Date: Tue, 21 Jul 2009 10:21:00 +0200
Subject: FastCGI application not receiving multi-part data
In-Reply-To: <2c9caf58a2a2059fef2afbadaffac888.NginxMailingList@forum.nginx.org>
References: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org> <2c9caf58a2a2059fef2afbadaffac888.NginxMailingList@forum.nginx.org>
Message-ID: <20090721082100.16512.qmail@oak.oeko.net>


Hi,

On Fri, 17.07.2009 at 19:06:30 -0400, gerryw <nginx-forum at nginx.us> wrote:
> seem that there are some issues with the FastCGI implementation that
> PHP and the like must have worked around or their multipart form
> parser is very mature and robust.

FWIW, I found nginx's handling of FastCGI "mature enough" after
upgrading to 0.7.61. At least, it enabled me to run MovableType behind
it, which I didn't manage to do before.

You did set variables like client_body_temp_path?

> BTW: The problem is not the fastcgi_param stuff. It has to do with
> the format of the multipart data. None of the current open source
> FastCGI compatible C libraries that I could find can parse it.

It would be nice to know more about the application and data you're
working with.


Kind regards,
--Toni++




From support-nginx at oeko.net  Tue Jul 21 12:32:35 2009
From: support-nginx at oeko.net (Toni Mueller)
Date: Tue, 21 Jul 2009 10:32:35 +0200
Subject: 0.7.61: error_page 404 woes
In-Reply-To: <20090716123141.GE90866@rambler-co.ru>
References: <20090713170409.23831.qmail@oak.oeko.net> <20090713182225.GB15437@rambler-co.ru> <20090713184829.27178.qmail@oak.oeko.net> <20090713195734.GD15437@rambler-co.ru> <20090716093019.12254.qmail@oak.oeko.net> <20090716123141.GE90866@rambler-co.ru>
Message-ID: <20090721083235.16765.qmail@oak.oeko.net>


Hi,

On Thu, 16.07.2009 at 16:31:41 +0400, Igor Sysoev <is at rambler-co.ru> wrote:
> On Thu, Jul 16, 2009 at 11:30:18AM +0200, Toni Mueller wrote:
> > On Mon, 13.07.2009 at 23:57:34 +0400, Igor Sysoev <is at rambler-co.ru> wrote:
> > > On Mon, Jul 13, 2009 at 08:48:29PM +0200, Toni Mueller wrote:
> > > > On Mon, 13.07.2009 at 22:22:25 +0400, Igor Sysoev <is at rambler-co.ru> wrote:
> > > > > On Mon, Jul 13, 2009 at 07:04:09PM +0200, Toni Mueller wrote:
> > > > > > error_page	404	/;
> > > > > > 
> > > > > > But this statement had no effect. I had to re-write the statement as
> > > > > > 
> > > > > > error_page	404	http://$server_name/;


> > in the first case, I see a standard 404 nginx error page. But I
> > expected nginx to display the same thing that I see in the second case
> > (I have a redirection for "/" to land somewhere else).
> 
> Could you show your configuration ?

sure, in parts. The website has a top level directory that contains only a
subdirectory for a language code, so people getting there should be redirected
to the appropriate subdirectory (currently only one).

Here are the relevant parts (logging configuration etc. snipped):


    server {
	...

	root		/....;

        error_page      404     http://$server_name/;

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This was formerly "error_page 404 /;"

        location = / {
                rewrite .       http://$server_name/de-de/;
        }

^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
This is the simple-minded redirection mentioned above. Later
on, this should be expanded to other languages.


        ...

    }




Kind regards,
--Toni++





From is at rambler-co.ru  Tue Jul 21 13:05:53 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Tue, 21 Jul 2009 13:05:53 +0400
Subject: variables in "include" for vhost specific config files
In-Reply-To: <4A635BA3.5000301@konstruktors.com>
References: <4A635BA3.5000301@konstruktors.com>
Message-ID: <20090721090553.GC10257@rambler-co.ru>

On Sun, Jul 19, 2009 at 08:45:07PM +0300, Kaspars wrote:

> Privet Igor and dear list members,
> 
> I am trying to create a flexible virtual host environment, where each 
> host could have their own config.nginx file.
> 
> In sites-available/default I have:
> 
> server {
>         listen   80 default;
>         server_name _;
>         server_name_in_redirect off;
> 
>         set $vhost_path /var/www/vhosts;
> 
>         root    $vhost_path/$host;
>         index   index.php index.html index.htm;
> 
>         # THE IMPORTANT BIT: vhost specific config files, for rewrites, 
> etc.
>         include /var/www/vhosts/$host/config.nginx;
> 
>         [...]
> }
> 
> 
> 'root' directive works fine, but the 'include' doesn't like the $host 
> variable in it.
> 
> I would like to avoid using server { ... } for each of the individual 
> hosts, in order to have global php settings.
> 
> What would be the best way to approach this?
> 
> Any pointers and suggestions are very welcome.
> 
> Regards,
> Kaspars
> 
> p.s. using nginx 0.6.32-3 on debian lenny.

As it was already discussed, nginx "include"s files on start time,
while "root", etc. substitute variable values on run time.

As to global php settings, you may use

http {

     # here you may set any fastcgi settings expect fastcgi_pass,
     # and they will be inherited in all servers and locations.
     fastcgi_index  ...
     fastcgi_param  ...

     server {
         ...

         location \.php$ {
             fastcgi_pass   ...;
         }
     }

     server {
         ...

         location \.php$ {
             fastcgi_pass   ...;
         }
     }

My personal paractice is always to use separate servers since it allows
to change their configuration without risk to break others.


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Tue Jul 21 13:09:38 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Tue, 21 Jul 2009 13:09:38 +0400
Subject: nginx ssl_prefer_server_ciphers and MSIE 7.x core dump
In-Reply-To: <92fda3a30907200309l1592cb99n268bfff489671098@mail.gmail.com>
References: <92fda3a30907200309l1592cb99n268bfff489671098@mail.gmail.com>
Message-ID: <20090721090938.GD10257@rambler-co.ru>

On Mon, Jul 20, 2009 at 01:09:22PM +0300, Doncho Gunchev wrote:

> Hello,
> 
> First of all many thanks for nginx.
> 
> I have a machine where 'ssl_prefer_server_ciphers on;' plus Internet
> Explorer 7 (win 2003/XP) causes segmentation fault in Kerberos
> libraries:
> --- cut ---
> Program received signal SIGSEGV, Segmentation fault.
> 0x00000036b7e610a2 in krb5_is_referral_realm () from /usr/lib64/libkrb5.so.3
> (gdb) bt
> #0  0x00000036b7e610a2 in krb5_is_referral_realm () from /usr/lib64/libkrb5.so.3
> #1  0x00000036b7e48ade in krb5_kt_get_entry () from /usr/lib64/libkrb5.so.3
> #2  0x00000036b963862e in kssl_keytab_is_available () from /lib64/libssl.so.6
> #3  0x00000036b961e2d5 in ssl3_choose_cipher () from /lib64/libssl.so.6
> #4  0x00000036b9619a7b in ssl3_get_client_hello () from /lib64/libssl.so.6
> --- cut ---
> The host OS is RHEL 5.3 fully updated. I tried 32 and 64 bit versions
> from 0.6.32 to 0.6.38 with and without perl. The CPU is Intel(R)
> Xeon(R) CPU E5410 @ 2.33GHz. Exactly the same binary works on other
> machines (including KVM virtual ones) on CentOS 5.3 fully updated and
> I was using it on another machine with RHEL (have no access to that
> one any more).
> 
> Can I help further? Can I disable all kerberos related stuff in the
> meantime somehow?

Could you confirm that "ssl_prefer_server_ciphers off" does not cause
faults ?

As to disabling kerberos you may try to build OpenSSL statically
with nginx:

./configure --with-openssl=/path/to/openssl/sources --with-openssl-opt=no-krb5


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Tue Jul 21 13:22:29 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Tue, 21 Jul 2009 13:22:29 +0400
Subject: Trailing slash rewrite help
In-Reply-To: <4A6489BE.1010504@charityweb.net>
References: <4A615D6C.4000700@charityweb.net> <20090718072447.GA34205@rambler-co.ru> <4A6489BE.1010504@charityweb.net>
Message-ID: <20090721092229.GE10257@rambler-co.ru>

On Mon, Jul 20, 2009 at 11:14:06AM -0400, Kurt Hansen wrote:

> 
> Igor Sysoev wrote:
> >On Sat, Jul 18, 2009 at 01:28:12AM -0400, Kurt Hansen wrote:
> >  
> >>Hello,
> >>
> >>I'm using nginx as a reverse proxy to a mod_perl backend server and am 
> >>having trouble with my rewrite rule in the case of a missing trailing 
> >>slash on a subdirectory.
> >>
> >>For example, I want
> >>
> >>www.example.com/action mapped to the example/action/ directory on the 
> >>mod_perl server.
> >>
> >>
> >>    
> >
> >Probably, you need just:
> >
> >location / {
> >    proxy_pass http://cweb/example/;
> >}
> >
> >Also, you need to set "Index index.htm" on mod_perl side.
> >
> >  
> Thanks, Igor, that did the trick!
> 
> Thought I was missing something simple...
> 
> Key, too, was getting the mod_perl server to specify the index.htm 
> rather than the nginx server. I used a rewrite rule to do that because 
> my apache/mod_perl with HTML::Mason setup doesn't handle the 
> DirectoryIndex quite right.

It should work, what do you see when you request "/" or "/action/" ?


-- 
Igor Sysoev
http://sysoev.ru/en/




From support-nginx at oeko.net  Tue Jul 21 14:04:00 2009
From: support-nginx at oeko.net (Toni Mueller)
Date: Tue, 21 Jul 2009 12:04:00 +0200
Subject: nginx stats
In-Reply-To: <87skguw6u6.wl%catap@catap.ru>
References: <0790e45f1193ac6336ee6f65b06505ed.NginxMailingList@forum.nginx.org> <87skguw6u6.wl%catap@catap.ru>
Message-ID: <20090721100400.20855.qmail@oak.oeko.net>


Hi,

On Sat, 18.07.2009 at 15:47:45 +0400, Kirill A. Korinskiy <catap+nginx at catap.ru> wrote:
> or just using my fork of nginx:
> http://catap.ru/nginx-catap/

this stuck into my eye. Why did you fork nginx, please?


Kind regards,
--Toni++




From nginx-forum at nginx.us  Tue Jul 21 15:09:42 2009
From: nginx-forum at nginx.us (chenon)
Date: Tue, 21 Jul 2009 07:09:42 -0400
Subject: build on MSVC
In-Reply-To: <1248161740.3626.360.camel@forum.nginx.org>
References: <1fa3b143bace84b6652f0e6f6db24fc7.NginxMailingList@forum.nginx.org> <1b391e793a3e2483c459b45d4933f492.NginxMailingList@forum.nginx.org> <1248161740.3626.360.camel@forum.nginx.org>
Message-ID: <18d0af3b2ebfcfc0417a5c6f0be8e8d4.NginxMailingList@forum.nginx.org>

Cliff Wells Wrote:
-------------------------------------------------------
> As stated in the above, you can't currently build
> the win32 version from
> source.  Just use the binary provided.
> 

To build it by MSVC is just because I want to embed my application into Nginx as a module,
which seems unacceptable now.
Anyway, thank you, Cliff!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4263,4276#msg-4276





From maccaday at gmail.com  Tue Jul 21 16:13:04 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Tue, 21 Jul 2009 15:13:04 +0300
Subject: build on MSVC
In-Reply-To: <1248161740.3626.360.camel@portable-evil>
References: <1fa3b143bace84b6652f0e6f6db24fc7.NginxMailingList@forum.nginx.org>	 <1b391e793a3e2483c459b45d4933f492.NginxMailingList@forum.nginx.org> <1248161740.3626.360.camel@portable-evil>
Message-ID: <4A65B0D0.8040604@gmail.com>


> http://wiki.nginx.org/NginxInstall
>
> As stated in the above, you can't currently build the win32 version from
> source.  Just use the binary provided.
>   
Any details on when the Windows source will be available?

Thanks,

Marcus.




From johan at bergstroem.nu  Tue Jul 21 16:34:20 2009
From: johan at bergstroem.nu (=?ISO-8859-1?Q?Johan_Bergstr=F6m?=)
Date: Tue, 21 Jul 2009 14:34:20 +0200
Subject: HTTP Purge support for (fastcgi|proxy)_cache
Message-ID: <4D966844-DD91-446C-A818-504C00FAE531@bergstroem.nu>

Hey guys (and girls)

We're using fastcgi_cache/proxy_cache quite extensively at our sites,  
and are in dire need of purging content from our cache. Explicit files  
will do in our case, but I clearly see the point of wildcards. The  
only config option I can think of (except modifying parts related to  
proxy_cache and fastcgi_cache such as proxy_cache_methods) is some  
kind of "allow_purge" ACL that is similar to the allow-directive  
already found in Nginx.

We can offer funding for such a feature if feasible assuming this is  
open sourced and preferably ends up in upstream if Igor sees fit.  
Please contact me off list for further discussion if you're interested!

Thanks,
Johan Bergstr?m



From dgunchev at gmail.com  Tue Jul 21 17:29:34 2009
From: dgunchev at gmail.com (Doncho Gunchev)
Date: Tue, 21 Jul 2009 16:29:34 +0300
Subject: nginx ssl_prefer_server_ciphers and MSIE 7.x core dump
In-Reply-To: <20090721090938.GD10257@rambler-co.ru>
References: <92fda3a30907200309l1592cb99n268bfff489671098@mail.gmail.com>
	 <20090721090938.GD10257@rambler-co.ru>
Message-ID: <92fda3a30907210629m4b90d0e6j63c698459a1d689@mail.gmail.com>

2009/7/21 Igor Sysoev <is at rambler-co.ru>:
> On Mon, Jul 20, 2009 at 01:09:22PM +0300, Doncho Gunchev wrote:
>
>> Hello,
>>
>> First of all many thanks for nginx.
>>
>> I have a machine where 'ssl_prefer_server_ciphers on;' plus Internet
>> Explorer 7 (win 2003/XP) causes segmentation fault in Kerberos
>> libraries:
>> --- cut ---
>> Program received signal SIGSEGV, Segmentation fault.
>> 0x00000036b7e610a2 in krb5_is_referral_realm () from /usr/lib64/libkrb5.so.3
>> (gdb) bt
>> #0 ?0x00000036b7e610a2 in krb5_is_referral_realm () from /usr/lib64/libkrb5.so.3
>> #1 ?0x00000036b7e48ade in krb5_kt_get_entry () from /usr/lib64/libkrb5.so.3
>> #2 ?0x00000036b963862e in kssl_keytab_is_available () from /lib64/libssl.so.6
>> #3 ?0x00000036b961e2d5 in ssl3_choose_cipher () from /lib64/libssl.so.6
>> #4 ?0x00000036b9619a7b in ssl3_get_client_hello () from /lib64/libssl.so.6
>> --- cut ---
>> The host OS is RHEL 5.3 fully updated. I tried 32 and 64 bit versions
>> from 0.6.32 to 0.6.38 with and without perl. The CPU is Intel(R)
>> Xeon(R) CPU E5410 @ 2.33GHz. Exactly the same binary works on other
>> machines (including KVM virtual ones) on CentOS 5.3 fully updated and
>> I was using it on another machine with RHEL (have no access to that
>> one any more).
>>
>> Can I help further? Can I disable all kerberos related stuff in the
>> meantime somehow?
>
> Could you confirm that "ssl_prefer_server_ciphers off" does not cause
> faults ?

Yes, that's the way I'm using it currently.

>
> As to disabling kerberos you may try to build OpenSSL statically
> with nginx:
>
> ./configure --with-openssl=/path/to/openssl/sources --with-openssl-opt=no-krb5

Thank you, will try ASAP :)

>
> --
> Igor Sysoev
> http://sysoev.ru/en/


-- 
  BR,
    Doncho Gunchev




From jg at internetx.de  Tue Jul 21 17:51:53 2009
From: jg at internetx.de (Juergen Gotteswinter)
Date: Tue, 21 Jul 2009 15:51:53 +0200
Subject: Syslog
Message-ID: <4A65C7F9.2060603@internetx.de>

Hello,

is there a syslog patch for nginx 0.7.XX available, too? i need remote 
syslog support ... or is there any other solution for this?

Greets

Juergen




From khansen at charityweb.net  Tue Jul 21 18:07:12 2009
From: khansen at charityweb.net (Kurt Hansen)
Date: Tue, 21 Jul 2009 10:07:12 -0400
Subject: Trailing slash rewrite help
In-Reply-To: <20090721092229.GE10257@rambler-co.ru>
References: <4A615D6C.4000700@charityweb.net> <20090718072447.GA34205@rambler-co.ru> <4A6489BE.1010504@charityweb.net> <20090721092229.GE10257@rambler-co.ru>
Message-ID: <4A65CB90.4010804@charityweb.net>

Hello,

Igor Sysoev wrote:
> On Mon, Jul 20, 2009 at 11:14:06AM -0400, Kurt Hansen wrote:
>
>   
>> Igor Sysoev wrote:
>>     
>>> On Sat, Jul 18, 2009 at 01:28:12AM -0400, Kurt Hansen wrote:
>>>  
>>>       
>>>> Hello,
>>>>
>>>> I'm using nginx as a reverse proxy to a mod_perl backend server and am 
>>>> having trouble with my rewrite rule in the case of a missing trailing 
>>>> slash on a subdirectory.
>>>>
>>>> For example, I want
>>>>
>>>> www.example.com/action mapped to the example/action/ directory on the 
>>>> mod_perl server.
>>>>
>>>>
>>>>    
>>>>         
>>> Probably, you need just:
>>>
>>> location / {
>>>    proxy_pass http://cweb/example/;It 
>>> }
>>>
>>> Also, you need to set "Index index.htm" on mod_perl side.
>>>
>>>  
>>>       
>> Thanks, Igor, that did the trick!
>>
>> Thought I was missing something simple...
>>
>> Key, too, was getting the mod_perl server to specify the index.htm 
>> rather than the nginx server. I used a rewrite rule to do that because 
>> my apache/mod_perl with HTML::Mason setup doesn't handle the 
>> DirectoryIndex quite right.
>>     
>
> It should work, what do you see when you request "/" or "/action/" ?
>
>   
Yes, the proxy_pass change did work! Sorry I was a bit unclear. :-) I 
didn't mean for you to spend any more time on this.

My further explanation was primarily for folks who might be using the 
same setup as I am and looking through the archives.

No need to respond any further, Igor. You fixed the problem already! :-)

Take care,

Kurt




From mjaw at ikp.pl  Tue Jul 21 19:03:55 2009
From: mjaw at ikp.pl (=?UTF-8?Q?Miros=C5=82aw?= Jaworski)
Date: Tue, 21 Jul 2009 17:03:55 +0200
Subject: Can't make nginx to cache
Message-ID: <1248188635.4076.211.camel@mjaw-laptop>

Hi

Hello for the first time.

Intended config: nginx as caching reverse proxy. 

nginx version: 0.7.61

Direct connect to backend:

$ telnet 192.168.10.18 80
Trying 192.168.10.18...
Connected to 192.168.10.18.
Escape character is '^]'.
GET / HTTP/1.1
Host: www.xyz.pl

HTTP/1.1 200 OK
Date: Tue, 21 Jul 2009 13:06:01 GMT
Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-2ubuntu4.2 with Suhosin-Patch
X-Powered-By: PHP/5.2.6-2ubuntu4.2
Vary: Accept-Encoding
Content-Length: 22
Content-Type: text/html

ksjdhfksjdhfksjaghfksa
Connection closed by foreign host.


Connect to fronted ( nginx ):
 
$ telnet A.B.C.D 80
Trying A.B.C.D...
Connected to A.B.C.D.
Escape character is '^]'.
GET / HTTP/1.1
Host: www.xyz.pl

HTTP/1.1 200 OK
Server: nginx
Date: Tue, 21 Jul 2009 13:06:56 GMT
Content-Type: text/html
Connection: keep-alive
X-Powered-By: PHP/5.2.6-2ubuntu4.2
Vary: Accept-Encoding
Content-Length: 22

ksjdhfksjdhfksjaghfksa


nginx config:
----------------------------------------------------------------------
worker_processes  4;

events {
    worker_connections  2048;
}

http {
    include       mime.types;
    default_type  application/octet-stream;

    server_tokens off;

    client_body_temp_path  /opt/nginx/client_temp 1 2;
    proxy_temp_path        /opt/nginx/proxy_temp 1 2;
    fastcgi_temp_path      /opt/nginx/fastcgi_temp 1 2;

    proxy_cache_path       /opt/nginx/cache/A.B.C.D levels=1:2
keys_zone=one:10m;

    log_format  main  '$remote_addr - $remote_user [$time_local]
"$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    sendfile        on;

    keepalive_timeout  65;
    server {
        listen       A.B.C.D;
        server_name  localhost;
        access_log  /var/log/nginx/A.B.C.D.access.log  main;
        location / {
            proxy_pass         http://192.168.10.18:80/;
            proxy_redirect     off;

            proxy_cache        one;

            proxy_pass_header  Set-Cookie;

            proxy_set_header   Host             $host;
            proxy_set_header   X-Real-IP        $remote_addr;
            proxy_set_header   X-Forwarded-For
$proxy_add_x_forwarded_for;
        }
    }

}
----------------------------------------------------------------------

I don't see anything preventing caching, but cache ( path given by
proxy_cache_path ) remains empty :|

$ ls -al  /opt/nginx/cache/A.B.C.D
total 4
drwxr-xr-x  2 www  www  512 Jul 21 12:13 .
drwxr-xr-x  9 www  www  512 Jul 21 12:13 ..

Should i do something more?

Regards

MJ

-- 
Miros?aw "Psyborg" Jaworski
GCS/IT d- s+:+ a C++$ UBI++++$ P+++$ L- E--- W++(+++)$ N++ o+ K- w-- O-
M- V- PS+ PE++ Y+ PGP t 5? X+ R++ !tv b++(+++) DI++ D+ G e* h++ r+++ y?
    "Voltaire: It is dangerous to be right when the government is wrong."





From staff at krecio.pl  Tue Jul 21 19:49:22 2009
From: staff at krecio.pl (Grzegorz Sienko)
Date: Tue, 21 Jul 2009 17:49:22 +0200
Subject: Write a speed-limit module, any suggestion?
In-Reply-To: <932ea6c90907200727t68397421g9c748f233e2783de@mail.gmail.com>
References: <480af9173978e8c2913c8a6a11dbbdfa.NginxMailingList@forum.nginx.org>
	 <932ea6c90907200727t68397421g9c748f233e2783de@mail.gmail.com>
Message-ID: <54994d3f0907210849jf2d18fdqdba3d090a9f22ca1@mail.gmail.com>

Something like this? http://wiki.nginx.org/NginxHttpCoreModule#limit_rate

2009/7/20 Gabriel Ramuglia <gabe at vtunnel.com>:
> There is a rate limit option you can set if you are using reproxy_url.
> There's a header you can set that is supposed to limit the rate of the
> download to whatever you set. So I would look over the documentation
> for reproxy_url and see if that will work for you.
>
> On Sun, Jul 19, 2009 at 11:46 PM, supergui<nginx-forum at nginx.us> wrote:
>> I want to write a module to transfer files to client, but it need to limit the speed of transfer.
>> how can i implement it ?
>>
>> it is likely that i should output one buffer per time, and then check the avg speed before, if expire the setting speed what should i do then?
>>
>> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4234,4234#msg-4234
>>
>>
>>
>
>




From nginx-forum at nginx.us  Tue Jul 21 19:55:27 2009
From: nginx-forum at nginx.us (vburshteyn)
Date: Tue, 21 Jul 2009 11:55:27 -0400
Subject: fail over
Message-ID: <ae6558e6af2513eec7ce036dd0a68b13.NginxMailingList@forum.nginx.org>

Hi, folks, i am back with more info requests.

Does anybody have NGINX in fail over mode?  in case if one server fails then the other one will take over.  I know there are tons of tools to monitor for hardware failure, but i was just curious if anybody has something to monitor software level.

Thanks,

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4283,4283#msg-4283





From mike503 at gmail.com  Tue Jul 21 20:57:48 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Tue, 21 Jul 2009 09:57:48 -0700
Subject: variables in "include" for vhost specific config files
In-Reply-To: <20090721090553.GC10257@rambler-co.ru>
References: <4A635BA3.5000301@konstruktors.com>
	 <20090721090553.GC10257@rambler-co.ru>
Message-ID: <bd9320b30907210957h53a7311en359fe56555024e23@mail.gmail.com>

2009/7/21 Igor Sysoev <is at rambler-co.ru>:

> http {
>
> ? ? # here you may set any fastcgi settings expect fastcgi_pass,
> ? ? # and they will be inherited in all servers and locations.
> ? ? fastcgi_index ?...
> ? ? fastcgi_param ?...

The only negative about this is (how Maxim described it) any "array"
type configuration item like fastcgi_param will be reset if you set
this globally, but then add a new index somewhere else.

I set all my fastcgi_params globally in the past, but then I needed to
set fastcgi_param HTTPS on; just for a single server block - and what
happens is the entire set gets reset to nothing besides the HTTPS one.
I thought it would override a value (which it appears to properly) or
add a value.

Of course, one could just set fastcgi_param HTTPS off; and then just
override it on the server, but it is something to caution people
about, unless that behavior has been modified (this was recent though)

Also, I had my fastcgi_params set globally and it appears that my
Django setup (I believe it was) wanted a couple different params and
did not like me defaulting fastcgi_index index.php (which was set
globally), so I wound up doing the separate fastcgi_params config file
(I should call it php.conf) and including it inside of every location
block for php. That guarantees I can add new items like HTTPS on too -
the array structure isn't killed if it is inside of the same location
block it seems...




From brice+nginx at daysofwonder.com  Tue Jul 21 22:02:05 2009
From: brice+nginx at daysofwonder.com (Brice Figureau)
Date: Tue, 21 Jul 2009 20:02:05 +0200
Subject: New SSL features for Nginx.
Message-ID: <4A66029D.8000705@daysofwonder.com>

Hi,

For Puppet[1] Nginx deployement (that is using Nginx as a front-end 
load-balancers to puppetmasters[2]), I had to create the following two 
patches, to match Apache behaviour:

  * The first patch allows:
   + a new variant of ssl_client_verify: optional. In this mode, if the 
client sends a certificate it is verified, but if the client doesn't 
send a certificate, the connection is authorized too.

   + a new variable: $ssl_client_verify which contains, either NONE, 
SUCCESS or FAILURE depending on the verification status. It can be used 
to send information to the upstream about the client verification.

  * The second patch adds CRL support to the client certificate 
verification:

   ssl_crl /path/to/crl.pem;

  Nginx then verifies the client certificate hasn't been revoked in the 
given CRL before allowing the connection to proceed.

For access to the patches, please see my last blog article:
http://www.masterzen.fr/2009/07/21/new-ssl-features-for-nginx/

It would be great if those patches could be merged in the official Nginx 
source tree.

Thanks,

[1]: http://reductivelabs.com/products/puppet/
[2]: http://reductivelabs.com/trac/puppet/wiki/UsingMongrelNginx
--
Brice Figureau
My Blog: http://www.masterzen.fr/




From mdounin at mdounin.ru  Tue Jul 21 22:08:06 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 21 Jul 2009 22:08:06 +0400
Subject: Help with autoindex on; missing slash for directories
In-Reply-To: <20090717111435.GF11563@rambler-co.ru>
References: <20090701093047.GC5360@mdounin.ru> <4A4B935D.3030803@gmail.com> <20090701225352.GJ5360@mdounin.ru> <4A4CF604.5030508@gmail.com> <20090702192251.GX5360@mdounin.ru> <5bf4451d0907022055y33964155m9d49df06b2a3e9ed@mail.gmail.com> <20090703084935.GY5360@mdounin.ru> <94C7F040-A04E-43C6-AF19-CA41F098240F@gmail.com> <20090717030100.GW1050@mdounin.ru> <20090717111435.GF11563@rambler-co.ru>
Message-ID: <20090721180806.GK1240@mdounin.ru>

Hello!

On Fri, Jul 17, 2009 at 03:14:35PM +0400, Igor Sysoev wrote:

> On Fri, Jul 17, 2009 at 07:01:00AM +0400, Maxim Dounin wrote:
> 
> > Hello!
> > 
> > On Thu, Jul 16, 2009 at 04:25:16PM -0700, Yazz D. Atlas wrote:
> > 
> > > Maxim,
> > >
> > > Ok finally added the patch with the I believe the right stuff. Attached 
> > > is the patch and the log file.
> > >
> > > I just ran "GET http://localhost:88/static"
> > 
> > Ok, thanx.  According to
> > 
> > 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: ".svn", type 4
> > 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "questionnaires", type 10
> > 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "site", type 10
> > 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "50x.html", type 8
> > 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "rev.txt", type 8
> > 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: ".", type 4
> > 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "protocols", type 10
> > 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "video", type 10
> > 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "..", type 4
> > 2009/07/16 16:16:10 [debug] 20579#0: *2 http autoindex file: "content", type 10
> > 
> > the only directories here are '.svn', '.' and '..'.  It's symlinks 
> > to directories that has no slash now.
> > 
> > I'll take a look how to fix this properly.
> 
> I've reproduced this bug on FreeBSD too. Will look how to resolve this.

Attached patch fixes the problem.  It also fixes typo (DT_LINK 
instead of DT_LNK, not used in code) and removes Linux special 
case as dirent.d_type may be unset on other systems too (e.g. 
cd9660 on FreeBSD).

Also I've changed DT_UNKNOWN check to explicit one (instead of 
implicitly checking for 0) - on all systems I've seen it's 0, but 
AFAIK it's not guaranteed.

This patch was shamelessly tested with The CSRG Archives CD-ROM 1 
as shipped by Marshall Kirk McKusick.  :)

Maxim Dounin
-------------- next part --------------
diff -ur nginx-0.8.6-orig/src/os/unix/ngx_files.h nginx-0.8.6/src/os/unix/ngx_files.h
--- nginx-0.8.6-orig/src/os/unix/ngx_files.h	2009-07-21 21:10:06.000000000 +0400
+++ nginx-0.8.6/src/os/unix/ngx_files.h	2009-07-21 21:49:43.000000000 +0400
@@ -207,24 +207,20 @@
 
 #if (NGX_HAVE_D_TYPE)
 
-#if (NGX_LINUX)
-
-/* XFS on Linux does not set dirent.d_type */
+/*
+ * some filesystems (including XFS on Linux and cd9660 on FreeBSD)
+ * does not report dirent.d_type
+ */
 
 #define ngx_de_is_dir(dir)                                                   \
-    (((dir)->type) ? ((dir)->type == DT_DIR) : (S_ISDIR((dir)->info.st_mode)))
+    (((dir)->type == DT_UNKNOWN || (dir)->type == DT_LNK) ?                  \
+        (S_ISDIR((dir)->info.st_mode)) : ((dir)->type == DT_DIR))
 #define ngx_de_is_file(dir)                                                  \
-    (((dir)->type) ? ((dir)->type == DT_REG) : (S_ISREG((dir)->info.st_mode)))
+    (((dir)->type == DT_UNKNOWN || (dir)->type == DT_LNK) ?                  \
+        (S_ISREG((dir)->info.st_mode)) : ((dir)->type == DT_REG))
 #define ngx_de_is_link(dir)                                                  \
-    (((dir)->type) ? ((dir)->type == DT_LINK) : (S_ISLNK((dir)->info.st_mode)))
-
-#else
-
-#define ngx_de_is_dir(dir)       ((dir)->type == DT_DIR)
-#define ngx_de_is_file(dir)      ((dir)->type == DT_REG)
-#define ngx_de_is_link(dir)      ((dir)->type == DT_LINK)
-
-#endif /* NGX_LINUX */
+    (((dir)->type == DT_UNKNOWN) ?                                           \
+        (S_ISLNK((dir)->info.st_mode)) : ((dir)->type == DT_LNK))
 
 #else
 

From mike503 at gmail.com  Tue Jul 21 22:37:06 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Tue, 21 Jul 2009 11:37:06 -0700
Subject: Directory index limits
Message-ID: <bd9320b30907211137j6eb291b8j67d498691bf28e03@mail.gmail.com>

The text is being truncated on very long files/dirs - and it does not
appear there is any option to make it longer or just be the entire
length.

Seems like a pretty simple change. I think Apache handles it properly
- just let the browser wordwrap them...

For example:
http://runtests.syncevolution.org/2009-07-18-16-54/head-evolution-testing/11-zyb/




From nginx-forum at nginx.us  Tue Jul 21 22:48:51 2009
From: nginx-forum at nginx.us (chrisnx)
Date: Tue, 21 Jul 2009 14:48:51 -0400
Subject: nginx proxy "504 Gateway Time-Out"
Message-ID: <dbbcd8586d0bdc8aaf77a4dc2a75cd9d.NginxMailingList@forum.nginx.org>

Hi!

I'm trying to proxy a location to a backend COMET server. The COMET server holds long connections, and as such, I need nginx to proxy the connection indefinitely.

However, I always get a "504 Gateway Time-Out" after about a minute. Does anyone know why? Help would be greatly appreciated.

Here's my site conf:


upstream comet {
  server 127.0.0.1:8000;
}

            location /comet_long_polling {
                # passes the request to node.js
                proxy_pass http://comet;
                break;

            }   



Here's my proxy.conf:


    proxy_redirect              off;                                                                                                                         
    proxy_set_header            Host $host;
    proxy_set_header            X-Real-IP $remote_addr;
    proxy_set_header            X-Forwarded-For $proxy_add_x_forwarded_for;
    client_max_body_size        10m;
    client_body_buffer_size     128k;
    proxy_connect_timeout       6000;
    proxy_send_timeout          6000;
    proxy_read_timeout          6000;
    proxy_buffer_size           4k;
    proxy_buffers               4 32k;
    proxy_busy_buffers_size     64k;
    proxy_temp_file_write_size  64k;
    send_timeout                6000;
    proxy_buffering             off;
                                                             



Thanks,
Chris

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4290,4290#msg-4290





From mdounin at mdounin.ru  Tue Jul 21 23:04:41 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 21 Jul 2009 23:04:41 +0400
Subject: nginx proxy "504 Gateway Time-Out"
In-Reply-To: <dbbcd8586d0bdc8aaf77a4dc2a75cd9d.NginxMailingList@forum.nginx.org>
References: <dbbcd8586d0bdc8aaf77a4dc2a75cd9d.NginxMailingList@forum.nginx.org>
Message-ID: <20090721190440.GL1240@mdounin.ru>

Hello!

On Tue, Jul 21, 2009 at 02:48:51PM -0400, chrisnx wrote:

> Hi!
> 
> I'm trying to proxy a location to a backend COMET server. The COMET server holds long connections, and as such, I need nginx to proxy the connection indefinitely.
> 
> However, I always get a "504 Gateway Time-Out" after about a minute. Does anyone know why? Help would be greatly appreciated.

http://wiki.nginx.org/NginxHttpProxyModule#proxy_read_timeout

Maxim Dounin




From gabe at vtunnel.com  Tue Jul 21 23:29:35 2009
From: gabe at vtunnel.com (Gabriel Ramuglia)
Date: Tue, 21 Jul 2009 12:29:35 -0700
Subject: Can't make nginx to cache
In-Reply-To: <1248188635.4076.211.camel@mjaw-laptop>
References: <1248188635.4076.211.camel@mjaw-laptop>
Message-ID: <932ea6c90907211229v67fec193w5f08395a5c249ccc@mail.gmail.com>

Edit your php script to send caching headers

"X-Powered-By: PHP/5.2.6-2ubuntu4.2"

PHP by default does not send headers that would cause a browser or
cache to decide that a result was cachable. This makes sense, as php
is a dynamic language and the same url could return something
dramatically different every time.

2009/7/21 Miros?aw Jaworski <mjaw at ikp.pl>:
> Hi
>
> Hello for the first time.
>
> Intended config: nginx as caching reverse proxy.
>
> nginx version: 0.7.61
>
> Direct connect to backend:
>
> $ telnet 192.168.10.18 80
> Trying 192.168.10.18...
> Connected to 192.168.10.18.
> Escape character is '^]'.
> GET / HTTP/1.1
> Host: www.xyz.pl
>
> HTTP/1.1 200 OK
> Date: Tue, 21 Jul 2009 13:06:01 GMT
> Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-2ubuntu4.2 with Suhosin-Patch
> X-Powered-By: PHP/5.2.6-2ubuntu4.2
> Vary: Accept-Encoding
> Content-Length: 22
> Content-Type: text/html
>
> ksjdhfksjdhfksjaghfksa
> Connection closed by foreign host.
>
>
> Connect to fronted ( nginx ):
>
> $ telnet A.B.C.D 80
> Trying A.B.C.D...
> Connected to A.B.C.D.
> Escape character is '^]'.
> GET / HTTP/1.1
> Host: www.xyz.pl
>
> HTTP/1.1 200 OK
> Server: nginx
> Date: Tue, 21 Jul 2009 13:06:56 GMT
> Content-Type: text/html
> Connection: keep-alive
> X-Powered-By: PHP/5.2.6-2ubuntu4.2
> Vary: Accept-Encoding
> Content-Length: 22
>
> ksjdhfksjdhfksjaghfksa
>
>
> nginx config:
> ----------------------------------------------------------------------
> worker_processes ?4;
>
> events {
> ? ?worker_connections ?2048;
> }
>
> http {
> ? ?include ? ? ? mime.types;
> ? ?default_type ?application/octet-stream;
>
> ? ?server_tokens off;
>
> ? ?client_body_temp_path ?/opt/nginx/client_temp 1 2;
> ? ?proxy_temp_path ? ? ? ?/opt/nginx/proxy_temp 1 2;
> ? ?fastcgi_temp_path ? ? ?/opt/nginx/fastcgi_temp 1 2;
>
> ? ?proxy_cache_path ? ? ? /opt/nginx/cache/A.B.C.D levels=1:2
> keys_zone=one:10m;
>
> ? ?log_format ?main ?'$remote_addr - $remote_user [$time_local]
> "$request" '
> ? ? ? ? ? ? ? ? ? ? ?'$status $body_bytes_sent "$http_referer" '
> ? ? ? ? ? ? ? ? ? ? ?'"$http_user_agent" "$http_x_forwarded_for"';
>
> ? ?sendfile ? ? ? ?on;
>
> ? ?keepalive_timeout ?65;
> ? ?server {
> ? ? ? ?listen ? ? ? A.B.C.D;
> ? ? ? ?server_name ?localhost;
> ? ? ? ?access_log ?/var/log/nginx/A.B.C.D.access.log ?main;
> ? ? ? ?location / {
> ? ? ? ? ? ?proxy_pass ? ? ? ? http://192.168.10.18:80/;
> ? ? ? ? ? ?proxy_redirect ? ? off;
>
> ? ? ? ? ? ?proxy_cache ? ? ? ?one;
>
> ? ? ? ? ? ?proxy_pass_header ?Set-Cookie;
>
> ? ? ? ? ? ?proxy_set_header ? Host ? ? ? ? ? ? $host;
> ? ? ? ? ? ?proxy_set_header ? X-Real-IP ? ? ? ?$remote_addr;
> ? ? ? ? ? ?proxy_set_header ? X-Forwarded-For
> $proxy_add_x_forwarded_for;
> ? ? ? ?}
> ? ?}
>
> }
> ----------------------------------------------------------------------
>
> I don't see anything preventing caching, but cache ( path given by
> proxy_cache_path ) remains empty :|
>
> $ ls -al ?/opt/nginx/cache/A.B.C.D
> total 4
> drwxr-xr-x ?2 www ?www ?512 Jul 21 12:13 .
> drwxr-xr-x ?9 www ?www ?512 Jul 21 12:13 ..
>
> Should i do something more?
>
> Regards
>
> MJ
>
> --
> Miros?aw "Psyborg" Jaworski
> GCS/IT d- s+:+ a C++$ UBI++++$ P+++$ L- E--- W++(+++)$ N++ o+ K- w-- O-
> M- V- PS+ PE++ Y+ PGP t 5? X+ R++ !tv b++(+++) DI++ D+ G e* h++ r+++ y?
> ? ?"Voltaire: It is dangerous to be right when the government is wrong."
>
>
>




From dave at cheney.net  Wed Jul 22 02:15:52 2009
From: dave at cheney.net (Dave Cheney)
Date: Wed, 22 Jul 2009 08:15:52 +1000
Subject: HTTP Purge support for (fastcgi|proxy)_cache
In-Reply-To: <4D966844-DD91-446C-A818-504C00FAE531@bergstroem.nu>
References: <4D966844-DD91-446C-A818-504C00FAE531@bergstroem.nu>
Message-ID: <E6642727-5DB1-40BA-9963-A361E99D242B@cheney.net>

Hi Johan,

Can you not just delete the cache files on disk ?

Cheers

Dave

On 21/07/2009, at 10:34 PM, Johan Bergstr?m wrote:

> Hey guys (and girls)
>
> We're using fastcgi_cache/proxy_cache quite extensively at our  
> sites, and are in dire need of purging content from our cache.  
> Explicit files will do in our case, but I clearly see the point of  
> wildcards. The only config option I can think of (except modifying  
> parts related to proxy_cache and fastcgi_cache such as  
> proxy_cache_methods) is some kind of "allow_purge" ACL that is  
> similar to the allow-directive already found in Nginx.
>
> We can offer funding for such a feature if feasible assuming this is  
> open sourced and preferably ends up in upstream if Igor sees fit.  
> Please contact me off list for further discussion if you're  
> interested!
>
> Thanks,
> Johan Bergstr?m





From cliff at develix.com  Tue Jul 21 23:36:03 2009
From: cliff at develix.com (Cliff Wells)
Date: Tue, 21 Jul 2009 12:36:03 -0700
Subject: build on MSVC
In-Reply-To: <4A65B0D0.8040604@gmail.com>
References: 	 <1fa3b143bace84b6652f0e6f6db24fc7.NginxMailingList@forum.nginx.org>
	 <1b391e793a3e2483c459b45d4933f492.NginxMailingList@forum.nginx.org>
	 <1248161740.3626.360.camel@portable-evil>  <4A65B0D0.8040604@gmail.com>
Message-ID: <1248204963.3626.1054.camel@portable-evil>

On Tue, 2009-07-21 at 15:13 +0300, Marcus Clyne wrote:
> > http://wiki.nginx.org/NginxInstall
> >
> > As stated in the above, you can't currently build the win32 version from
> > source.  Just use the binary provided.
> >   
> Any details on when the Windows source will be available?

Only Igor can answer that.   His explanation is that the build process
for Windows is too complicated at this point and he doesn't want to
support people trying to build it themselves until the process is
cleaned up.

Regards,
Cliff
-- 
http://www.google.com/search?q=vonage+sucks





From ianevans at digitalhit.com  Wed Jul 22 03:39:45 2009
From: ianevans at digitalhit.com (Ian M. Evans)
Date: Tue, 21 Jul 2009 19:39:45 -0400
Subject: cgi recommendations
Message-ID: <4A6651C1.5040804@digitalhit.com>

I have just a couple of small cgi programs that I use for some mail 
admin functions. Barely ever use them.

Is there a small footprint web server that could handle just those 
pages? I guess I'd put it behind nginx so nginx could handle the SSL.




From nginx-forum at nginx.us  Wed Jul 22 03:50:51 2009
From: nginx-forum at nginx.us (gerryw)
Date: Tue, 21 Jul 2009 19:50:51 -0400
Subject: FastCGI application not receiving multi-part data
In-Reply-To: <20090721082100.16512.qmail@forum.nginx.org>
References: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org> <2c9caf58a2a2059fef2afbadaffac888.NginxMailingList@forum.nginx.org> <20090721082100.16512.qmail@forum.nginx.org>
Message-ID: <9edec3fa754124c3560627e3259ab1f1.NginxMailingList@forum.nginx.org>

Hello All,

I have finally figured out what the problem was. For some reason when the local unix: socket was created there was an OS issue that was corrupting the data that nginx was writing to the socket. The problem was solved by specifyng an alternate location for the file. I am very happy to find that this was not an nginx issue, because I really wanted to use it.

I do have one other question though. I'm trying to find some docs that talk about multiple fcgi application instances and how nginx balances requests between them. Does anyone know where I could find some info on this?

BTW: My fcgi application is written in C++ using the fcgi library. I am also making use of the upload module.

Thanks,
Gerry

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4091,4297#msg-4297





From mike503 at gmail.com  Wed Jul 22 04:03:32 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Tue, 21 Jul 2009 17:03:32 -0700
Subject: cgi recommendations
In-Reply-To: <4A6651C1.5040804@digitalhit.com>
References: <4A6651C1.5040804@digitalhit.com>
Message-ID: <bd9320b30907211703m255991fclc00e0df11dc14475@mail.gmail.com>

thttpd, apache ...

On Tue, Jul 21, 2009 at 4:39 PM, Ian M. Evans<ianevans at digitalhit.com> wrote:
> I have just a couple of small cgi programs that I use for some mail admin
> functions. Barely ever use them.
>
> Is there a small footprint web server that could handle just those pages? I
> guess I'd put it behind nginx so nginx could handle the SSL.
>
>




From mike503 at gmail.com  Wed Jul 22 04:03:41 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Tue, 21 Jul 2009 17:03:41 -0700
Subject: cgi recommendations
In-Reply-To: <4A6651C1.5040804@digitalhit.com>
References: <4A6651C1.5040804@digitalhit.com>
Message-ID: <bd9320b30907211703r2a0e48a5n9f332976f406ee1e@mail.gmail.com>

or fcgiwrap

On Tue, Jul 21, 2009 at 4:39 PM, Ian M. Evans<ianevans at digitalhit.com> wrote:
> I have just a couple of small cgi programs that I use for some mail admin
> functions. Barely ever use them.
>
> Is there a small footprint web server that could handle just those pages? I
> guess I'd put it behind nginx so nginx could handle the SSL.
>
>




From nginx-forum at nginx.us  Wed Jul 22 07:02:01 2009
From: nginx-forum at nginx.us (supergui)
Date: Tue, 21 Jul 2009 23:02:01 -0400
Subject: Write a speed-limit module, any suggestion?
In-Reply-To: <54994d3f0907210849jf2d18fdqdba3d090a9f22ca1@forum.nginx.org>
References: <480af9173978e8c2913c8a6a11dbbdfa.NginxMailingList@forum.nginx.org> <932ea6c90907200727t68397421g9c748f233e2783de@mail.gmail.com> <54994d3f0907210849jf2d18fdqdba3d090a9f22ca1@forum.nginx.org>
Message-ID: <ceafbd973809223a8f6d5f972f6bf9a4.NginxMailingList@forum.nginx.org>

Thanks very much Grzegorz Sienko.  But perhaps there is some differences of my case, i have to change the rate at running time, that is i have to control the rate in my own module code.  And i have my own file system to read file, so i have to do every thing from reading file from my file system to write stream at controled rate to the client. I have just found there is a timer in nginx that maybe do help for me, that is i write a buffer to client and check the rate, if expire i just need to  add a timer to be called to continue after a piece of time(e.g 100ms), and then write next buffer. Repeatly do that, untill i write the total file.

But i have some difficulties in the timer, i add a test timer to it ,but it never run my handler?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4234,4304#msg-4304





From juergen.gotteswinter at internetx.de  Wed Jul 22 11:15:51 2009
From: juergen.gotteswinter at internetx.de (=?UTF-8?B?SW50ZXJOZXRYIC0gSsO8cmdlbiBHb3R0ZXN3aW50ZXI=?=)
Date: Wed, 22 Jul 2009 09:15:51 +0200
Subject: fail over
In-Reply-To: <ae6558e6af2513eec7ce036dd0a68b13.NginxMailingList@forum.nginx.org>
References: <ae6558e6af2513eec7ce036dd0a68b13.NginxMailingList@forum.nginx.org>
Message-ID: <4A66BCA7.30007@internetx.de>

Hello,

we use nginx in combination with keepalived to get failover capability.


www.keepalived.org

to get nginx working with keepalived we hat to set the following sysctl 
parameter:

/etc/sysctl.conf

net.ipv4.ip_nonlocal_bind = 1

Regards

Juergen

On 07/21/2009 05:55 PM, vburshteyn wrote:
> Hi, folks, i am back with more info requests.
>
> Does anybody have NGINX in fail over mode?  in case if one server fails then the other one will take over.  I know there are tons of tools to monitor for hardware failure, but i was just curious if anybody has something to monitor software level.
>
> Thanks,
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4283,4283#msg-4283
>
>
>
>    





From is at rambler-co.ru  Wed Jul 22 11:23:26 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 22 Jul 2009 11:23:26 +0400
Subject: fail over
In-Reply-To: <ae6558e6af2513eec7ce036dd0a68b13.NginxMailingList@forum.nginx.org>
References: <ae6558e6af2513eec7ce036dd0a68b13.NginxMailingList@forum.nginx.org>
Message-ID: <20090722072326.GB36608@rambler-co.ru>

On Tue, Jul 21, 2009 at 11:55:27AM -0400, vburshteyn wrote:

> Hi, folks, i am back with more info requests.
> 
> Does anybody have NGINX in fail over mode?  in case if one server fails then the other one will take over.  I know there are tons of tools to monitor for hardware failure, but i was just curious if anybody has something to monitor software level.

nginx supports fail over for upstreams, but if you mean fail over between
two or more peer nginxes, then it is not supported. This is actually not
nginx's task at all.


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Wed Jul 22 11:34:09 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 22 Jul 2009 11:34:09 +0400
Subject: cgi recommendations
In-Reply-To: <bd9320b30907211703m255991fclc00e0df11dc14475@mail.gmail.com>
References: <4A6651C1.5040804@digitalhit.com> <bd9320b30907211703m255991fclc00e0df11dc14475@mail.gmail.com>
Message-ID: <20090722073409.GC36608@rambler-co.ru>

On Tue, Jul 21, 2009 at 05:03:32PM -0700, Michael Shadle wrote:

> thttpd, apache ...

http://acme.com/software/mini_httpd/

> On Tue, Jul 21, 2009 at 4:39 PM, Ian M. Evans<ianevans at digitalhit.com> wrote:
> > I have just a couple of small cgi programs that I use for some mail admin
> > functions. Barely ever use them.
> >
> > Is there a small footprint web server that could handle just those pages? I
> > guess I'd put it behind nginx so nginx could handle the SSL.


-- 
Igor Sysoev
http://sysoev.ru/en/




From piotr.sikora at frickle.com  Wed Jul 22 11:42:32 2009
From: piotr.sikora at frickle.com (Piotr Sikora)
Date: Wed, 22 Jul 2009 09:42:32 +0200
Subject: HTTP Purge support for (fastcgi|proxy)_cache
References: <4D966844-DD91-446C-A818-504C00FAE531@bergstroem.nu>
Message-ID: <A980A5D04B8A4E57868AFAD3A9293A8B@nightmare>

Hello,
I'm reaching out in response to your post on nginx's mailing list.

I'm interested in developing purging feature for nginx's cache. Since I run 
my own software development company, we are talking about funded development 
here.

>From what I understand, you'd like to allow IPs from "allow_purge" to 
request:
---
PURGE /some/content HTTP/1.1
Host: www.website.com
---
and receive either 200 OK, 403 Forbidden or 404 Not Found.

Is that correct? Does this cover all functionality that you would like to 
get?

Would you prefer to see this as "standalone module" or patch / modification 
for existing nginx code?

My company is located and registered in Poland, and I believe that yours is 
in Sweden, so you can get intra-EU invoice, as long as you can provide valid 
EU-VAT number.

Best regards,
Piotr Sikora < piotr.sikora at frickle.com >





From tkeyser at emediavillage.com  Wed Jul 22 12:00:07 2009
From: tkeyser at emediavillage.com (Tom Keyser)
Date: Wed, 22 Jul 2009 01:00:07 -0700
Subject: Ngnix and firewall in the same box
Message-ID: <4A66C707.3090000@emediavillage.com>

I want to build a firewall box and use Nginx as a http load balancer and
page cache.

Any suggestions for the firewall part of the box.. IPCop and pfSense are
closed systems, tooo bad.

Thanks in advance,
Tom





From jdub at bethesignal.org  Wed Jul 22 12:01:18 2009
From: jdub at bethesignal.org (Jeff Waugh)
Date: Wed, 22 Jul 2009 18:01:18 +1000
Subject: cgi recommendations
In-Reply-To: <4A6651C1.5040804@digitalhit.com>
References: <4A6651C1.5040804@digitalhit.com>
Message-ID: <20090722080118.GJ3297@node.waugh.id.au>

<quote who="Ian M. Evans">

> I have just a couple of small cgi programs that I use for some mail  admin
> functions. Barely ever use them.
>
> Is there a small footprint web server that could handle just those  pages?
> I guess I'd put it behind nginx so nginx could handle the SSL.

I quite like boa <http://www.boa.org/> for precisely this purpose (CGI only,
behind nginx). :-)

- Jeff

-- 
linux.conf.au 2010: Wellington, NZ                http://www.lca2010.org.nz/
 
      "Trying to get a PC to analyse one of the most abstract forms of
   language - the poem - is like trying to drill for oil with a banana."
                               - The Register




From johan at bergstroem.nu  Wed Jul 22 12:04:01 2009
From: johan at bergstroem.nu (=?ISO-8859-1?Q?Johan_Bergstr=F6m?=)
Date: Wed, 22 Jul 2009 10:04:01 +0200
Subject: HTTP Purge support for (fastcgi|proxy)_cache
In-Reply-To: <E6642727-5DB1-40BA-9963-A361E99D242B@cheney.net>
References: <4D966844-DD91-446C-A818-504C00FAE531@bergstroem.nu> <E6642727-5DB1-40BA-9963-A361E99D242B@cheney.net>
Message-ID: <EE85362C-005E-4DB1-A081-7EE352391B16@bergstroem.nu>

Hello,

On Jul 22, 2009, at 24:15 , Dave Cheney wrote:

> Hi Johan,
>
> Can you not just delete the cache files on disk ?

We tried this but encountered problems, so we're currently populating  
the nginx cache from python in the cases where we need purging instead  
of pulling stuff trough nginx.

>
> Cheers
>
> Dave
>
> On 21/07/2009, at 10:34 PM, Johan Bergstr?m wrote:
>
>> Hey guys (and girls)
>>
>> We're using fastcgi_cache/proxy_cache quite extensively at our  
>> sites, and are in dire need of purging content from our cache.  
>> Explicit files will do in our case, but I clearly see the point of  
>> wildcards. The only config option I can think of (except modifying  
>> parts related to proxy_cache and fastcgi_cache such as  
>> proxy_cache_methods) is some kind of "allow_purge" ACL that is  
>> similar to the allow-directive already found in Nginx.
>>
>> We can offer funding for such a feature if feasible assuming this  
>> is open sourced and preferably ends up in upstream if Igor sees  
>> fit. Please contact me off list for further discussion if you're  
>> interested!
>>
>> Thanks,
>> Johan Bergstr?m
>
>





From nginx-forum at nginx.us  Wed Jul 22 12:21:56 2009
From: nginx-forum at nginx.us (supergui)
Date: Wed, 22 Jul 2009 04:21:56 -0400
Subject: how to set timer?
In-Reply-To: <0e96d43ade091f18dbb98f62f9445495.NginxMailingList@forum.nginx.org>
References: <0e96d43ade091f18dbb98f62f9445495.NginxMailingList@forum.nginx.org>
Message-ID: <af7dba3eece4e483c4faa6ced80007f2.NginxMailingList@forum.nginx.org>

////////////////////////////////////////////////////////////////////////////////////////////////////////////
static ngx_event_t gdrive_timer_wev;
static ngx_connection_t  dumb;

ngx_int_t ngx_http_gdrive_init_process(ngx_cycle_t *cycle) 
{
   ngx_log_error(NGX_LOG_DEBUG, cycle->log, 0, "set gdrive timer");
   gdrive_timer_wev.handler=test_timer;
   gdrive_timer_wev.log=cycle->log;
   gdrive_timer_wev.data=&dumb;
   dumb.fd=(ngx_socket_t)-1;
   ngx_add_timer(&gdrive_timer_wev, 5000);
   return NGX_OK;
}

static
void test_timer(ngx_event_t *wev)
{
        ngx_log_error(NGX_LOG_DEBUG, wev->log, 0, "gdrive timer out");
        //printf("print time out\n");
}
////////////////////////////////////////////////////////////////////////////////////////////////////////////


why this doesn't work?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4265,4311#msg-4311





From ds at netcar24.com  Wed Jul 22 12:27:40 2009
From: ds at netcar24.com (Daniel Schlenzig)
Date: Wed, 22 Jul 2009 10:27:40 +0200
Subject: SSL session cache
Message-ID: <B86FB6FA34F1D4EF7B6D222C@dagobert.netcar24.lan>

Hello,

I'm currently in the process of evaluating nginx as an alternative for a 
apache setup. With apache I am using the SSL session caching based on 
distcache with memcached as backend interface. In nginx I have not  found 
anything comparable. Well, there exists SSL session caching but only on a 
worker/process basis.

Are there any patches to support a "cluster" wide - i.e. with several 
servers - caching of the SSL session data?

Regards,
Daniel







From edhoprima at gmail.com  Wed Jul 22 12:27:22 2009
From: edhoprima at gmail.com (Edho P Arief)
Date: Wed, 22 Jul 2009 15:27:22 +0700
Subject: cgi recommendations
In-Reply-To: <20090722080118.GJ3297@node.waugh.id.au>
References: <4A6651C1.5040804@digitalhit.com>
	 <20090722080118.GJ3297@node.waugh.id.au>
Message-ID: <a3780c060907220127q1b4f352ia6d9f581f3ff2ed5@mail.gmail.com>

On Wed, Jul 22, 2009 at 3:01 PM, Jeff Waugh<jdub at bethesignal.org> wrote:
> <quote who="Ian M. Evans">
>
>> I have just a couple of small cgi programs that I use for some mail ?admin
>> functions. Barely ever use them.
>>
>> Is there a small footprint web server that could handle just those ?pages?
>> I guess I'd put it behind nginx so nginx could handle the SSL.
>
> I quite like boa <http://www.boa.org/> for precisely this purpose (CGI only,
> behind nginx). :-)
>

...how about fcgiwrap?

http://nginx.localdomain.pl/wiki/FcgiWrap


-- 
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org




From is at rambler-co.ru  Wed Jul 22 12:44:22 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 22 Jul 2009 12:44:22 +0400
Subject: New SSL features for Nginx.
In-Reply-To: <4A66029D.8000705@daysofwonder.com>
References: <4A66029D.8000705@daysofwonder.com>
Message-ID: <20090722084422.GH36608@rambler-co.ru>

On Tue, Jul 21, 2009 at 08:02:05PM +0200, Brice Figureau wrote:

> Hi,
> 
> For Puppet[1] Nginx deployement (that is using Nginx as a front-end 
> load-balancers to puppetmasters[2]), I had to create the following two 
> patches, to match Apache behaviour:
> 
>  * The first patch allows:
>   + a new variant of ssl_client_verify: optional. In this mode, if the 
> client sends a certificate it is verified, but if the client doesn't 
> send a certificate, the connection is authorized too.
> 
>   + a new variable: $ssl_client_verify which contains, either NONE, 
> SUCCESS or FAILURE depending on the verification status. It can be used 
> to send information to the upstream about the client verification.
> 
>  * The second patch adds CRL support to the client certificate 
> verification:
> 
>   ssl_crl /path/to/crl.pem;
> 
>  Nginx then verifies the client certificate hasn't been revoked in the 
> given CRL before allowing the connection to proceed.
> 
> For access to the patches, please see my last blog article:
> http://www.masterzen.fr/2009/07/21/new-ssl-features-for-nginx/
> 
> It would be great if those patches could be merged in the official Nginx 
> source tree.

Thank you, I have looked the patches, it was really surpise for me that
OpenSSL 0.9.7 supports CRL. I read in old enough book "Network Security
with OpenSSL" written when 0.9.7 was being developed, that OpenSSL has
no built-in CRL support. Then I have looked in Apache's mod_ssl sources and
its CRL support seemed to me very heavy: mod_ssl does a lot of useless
operations. I think that it's enough to store hash of only public key of
all CRL certificates (including intermediate ones). Have you looked
how CRL is implemented in OpenSSL ?


-- 
Igor Sysoev
http://sysoev.ru/en/




From jdub at bethesignal.org  Wed Jul 22 12:57:47 2009
From: jdub at bethesignal.org (Jeff Waugh)
Date: Wed, 22 Jul 2009 18:57:47 +1000
Subject: Keeping up-to-date with nginx in Ubuntu
Message-ID: <20090722085747.GK3297@node.waugh.id.au>

Hi all,

For those of you using Ubuntu 8.04.x LTS (the most recent long-term support
release of Ubuntu), I am maintaining up-to-date packages of the nginx stable
and devel branches in my Launchpad PPA.

I run both branches on production machines using these packages, so have an
incentive to keep them fresh and working. :-)

  https://launchpad.net/~jdub/+archive/ppa (tracking nginx 0.7.x atm)

  https://launchpad.net/~jdub/+archive/devel (tracking nginx 0.8.x atm)

(They're branched from the Debian and Ubuntu packages, and I intend to push
changes back to their maintainers where appropriate.)

Enjoy!

Thanks,

- Jeff

-- 
linux.conf.au 2010: Wellington, NZ                http://www.lca2010.org.nz/
 
     "Imagine a four million line code base that is based on C++, uses
    threads, a hundred shared libraries, and is over a gigabyte in size
   when built and then point a debugger at it that was designed to debug
                   GNU sed." - Chris Blizzard on Mozilla




From is at rambler-co.ru  Wed Jul 22 13:09:22 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 22 Jul 2009 13:09:22 +0400
Subject: SSL session cache
In-Reply-To: <B86FB6FA34F1D4EF7B6D222C@dagobert.netcar24.lan>
References: <B86FB6FA34F1D4EF7B6D222C@dagobert.netcar24.lan>
Message-ID: <20090722090922.GI36608@rambler-co.ru>

On Wed, Jul 22, 2009 at 10:27:40AM +0200, Daniel Schlenzig wrote:

> Hello,
> 
> I'm currently in the process of evaluating nginx as an alternative for a 
> apache setup. With apache I am using the SSL session caching based on 
> distcache with memcached as backend interface. In nginx I have not  found 
> anything comparable. Well, there exists SSL session caching but only on a 
> worker/process basis.
> 
> Are there any patches to support a "cluster" wide - i.e. with several 
> servers - caching of the SSL session data?

nginx supports SSL session cache shared between workers:

     ssl_session_cache    shared:SSL:10m;

However, with nginx you may use long keep-alive connections and less number
of hosts as compared to Apache setup.


-- 
Igor Sysoev
http://sysoev.ru/en/




From brice+nginx at daysofwonder.com  Wed Jul 22 14:21:23 2009
From: brice+nginx at daysofwonder.com (Brice Figureau)
Date: Wed, 22 Jul 2009 12:21:23 +0200
Subject: New SSL features for Nginx.
In-Reply-To: <20090722084422.GH36608@rambler-co.ru>
References: <4A66029D.8000705@daysofwonder.com>
	 <20090722084422.GH36608@rambler-co.ru>
Message-ID: <1248258083.21421.13.camel@arsenic.daysofwonder.com>

Hi Igor,

On Wed, 2009-07-22 at 12:44 +0400, Igor Sysoev wrote:
> On Tue, Jul 21, 2009 at 08:02:05PM +0200, Brice Figureau wrote:
> 
> > Hi,
> > 
> > For Puppet[1] Nginx deployement (that is using Nginx as a front-end 
> > load-balancers to puppetmasters[2]), I had to create the following two 
> > patches, to match Apache behaviour:
> > 
> >  * The first patch allows:
> >   + a new variant of ssl_client_verify: optional. In this mode, if the 
> > client sends a certificate it is verified, but if the client doesn't 
> > send a certificate, the connection is authorized too.
> > 
> >   + a new variable: $ssl_client_verify which contains, either NONE, 
> > SUCCESS or FAILURE depending on the verification status. It can be used 
> > to send information to the upstream about the client verification.
> > 
> >  * The second patch adds CRL support to the client certificate 
> > verification:
> > 
> >   ssl_crl /path/to/crl.pem;
> > 
> >  Nginx then verifies the client certificate hasn't been revoked in the 
> > given CRL before allowing the connection to proceed.
> > 
> > For access to the patches, please see my last blog article:
> > http://www.masterzen.fr/2009/07/21/new-ssl-features-for-nginx/
> > 
> > It would be great if those patches could be merged in the official Nginx 
> > source tree.
> 
> Thank you, I have looked the patches, it was really surpise for me that
> OpenSSL 0.9.7 supports CRL. I read in old enough book "Network Security
> with OpenSSL" written when 0.9.7 was being developed, that OpenSSL has
> no built-in CRL support. 

Ah, ok. I based all my development on OpenSSL 0.9.8, since that's what
I'm building Nginx againt. And definitely there is CRL support.
Is OpenSSL 0.9.7 a strict dependency for Nginx?

> Then I have looked in Apache's mod_ssl sources and
> its CRL support seemed to me very heavy: mod_ssl does a lot of useless
> operations.

Which ones?
What I don't get is why they're doing the CRL verification themselves.
I found this comment in the code:
     * OpenSSL provides the general mechanism to deal with CRLs but does
not
     * use them automatically when verifying certificates, so we do it
     * explicitly here. We will check the CRL for the currently checked
     * certificate, if there is such a CRL in the store.

This seems wrong to me, as I already tested, and it works fine at least
in version 0.9.8.

> I think that it's enough to store hash of only public key of
> all CRL certificates (including intermediate ones). 

Why reinvent the wheel?
The CRL is a standard thing (see RFC 3280), and basically this is a DER
encoded ASN1 structure containing the list of the revoked certificates
serial number, signed by the CA cert.

> Have you looked
> how CRL is implemented in OpenSSL ?

Yes, I did. It is pretty extensive, and matches RFC3280.

I'll fetch OpenSSL 0.9.7 to see if it supports or not CRL, but I'd be
suprised it wouldn't.

Thanks for reviewing the patch (at least the first one could be merged,
isn't it?).
-- 
Brice Figureau
My Blog: http://www.masterzen.fr/





From brice+nginx at daysofwonder.com  Wed Jul 22 15:39:57 2009
From: brice+nginx at daysofwonder.com (Brice Figureau)
Date: Wed, 22 Jul 2009 13:39:57 +0200
Subject: New SSL features for Nginx.
In-Reply-To: <1248258083.21421.13.camel@arsenic.daysofwonder.com>
References: <4A66029D.8000705@daysofwonder.com>
	 <20090722084422.GH36608@rambler-co.ru>
	 <1248258083.21421.13.camel@arsenic.daysofwonder.com>
Message-ID: <1248262797.21421.17.camel@arsenic.daysofwonder.com>

On Wed, 2009-07-22 at 12:21 +0200, Brice Figureau wrote:
> Hi Igor,
> 
> On Wed, 2009-07-22 at 12:44 +0400, Igor Sysoev wrote:
> > On Tue, Jul 21, 2009 at 08:02:05PM +0200, Brice Figureau wrote:
> > 
> > > Hi,
> > > 
> > > For Puppet[1] Nginx deployement (that is using Nginx as a front-end 
> > > load-balancers to puppetmasters[2]), I had to create the following two 
> > > patches, to match Apache behaviour:
> > > 
> > >  * The first patch allows:
> > >   + a new variant of ssl_client_verify: optional. In this mode, if the 
> > > client sends a certificate it is verified, but if the client doesn't 
> > > send a certificate, the connection is authorized too.
> > > 
> > >   + a new variable: $ssl_client_verify which contains, either NONE, 
> > > SUCCESS or FAILURE depending on the verification status. It can be used 
> > > to send information to the upstream about the client verification.
> > > 
> > >  * The second patch adds CRL support to the client certificate 
> > > verification:
> > > 
> > >   ssl_crl /path/to/crl.pem;
> > > 
> > >  Nginx then verifies the client certificate hasn't been revoked in the 
> > > given CRL before allowing the connection to proceed.
> > > 
> > > For access to the patches, please see my last blog article:
> > > http://www.masterzen.fr/2009/07/21/new-ssl-features-for-nginx/
> > > 
> > > It would be great if those patches could be merged in the official Nginx 
> > > source tree.
> > 
> > Thank you, I have looked the patches, it was really surpise for me that
> > OpenSSL 0.9.7 supports CRL. I read in old enough book "Network Security
> > with OpenSSL" written when 0.9.7 was being developed, that OpenSSL has
> > no built-in CRL support. 
> 
> Ah, ok. I based all my development on OpenSSL 0.9.8, since that's what
> I'm building Nginx againt. And definitely there is CRL support.
> Is OpenSSL 0.9.7 a strict dependency for Nginx?
> 
> > Then I have looked in Apache's mod_ssl sources and
> > its CRL support seemed to me very heavy: mod_ssl does a lot of useless
> > operations.
> 
> Which ones?
> What I don't get is why they're doing the CRL verification themselves.
> I found this comment in the code:
>      * OpenSSL provides the general mechanism to deal with CRLs but does
> not
>      * use them automatically when verifying certificates, so we do it
>      * explicitly here. We will check the CRL for the currently checked
>      * certificate, if there is such a CRL in the store.
> 
> This seems wrong to me, as I already tested, and it works fine at least
> in version 0.9.8.
> 
> > I think that it's enough to store hash of only public key of
> > all CRL certificates (including intermediate ones). 
> 
> Why reinvent the wheel?
> The CRL is a standard thing (see RFC 3280), and basically this is a DER
> encoded ASN1 structure containing the list of the revoked certificates
> serial number, signed by the CA cert.
> 
> > Have you looked
> > how CRL is implemented in OpenSSL ?
> 
> Yes, I did. It is pretty extensive, and matches RFC3280.
> 
> I'll fetch OpenSSL 0.9.7 to see if it supports or not CRL, but I'd be
> suprised it wouldn't.

Good news! 
I checked the OpenSSL Changelog and CRL verification has been added in
version 0.9.7. So if Nginx requires this version (and up), which is I
think what it does, then my CRL patch is enough to get CRL support for
Nginx :-)

Thanks,
-- 
Brice Figureau
My Blog: http://www.masterzen.fr/





From is at rambler-co.ru  Wed Jul 22 16:16:19 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 22 Jul 2009 16:16:19 +0400
Subject: New SSL features for Nginx.
In-Reply-To: <1248258083.21421.13.camel@arsenic.daysofwonder.com>
References: <4A66029D.8000705@daysofwonder.com> <20090722084422.GH36608@rambler-co.ru> <1248258083.21421.13.camel@arsenic.daysofwonder.com>
Message-ID: <20090722121619.GO36608@rambler-co.ru>

On Wed, Jul 22, 2009 at 12:21:23PM +0200, Brice Figureau wrote:

> Hi Igor,
> 
> On Wed, 2009-07-22 at 12:44 +0400, Igor Sysoev wrote:
> > On Tue, Jul 21, 2009 at 08:02:05PM +0200, Brice Figureau wrote:
> > 
> > > Hi,
> > > 
> > > For Puppet[1] Nginx deployement (that is using Nginx as a front-end 
> > > load-balancers to puppetmasters[2]), I had to create the following two 
> > > patches, to match Apache behaviour:
> > > 
> > >  * The first patch allows:
> > >   + a new variant of ssl_client_verify: optional. In this mode, if the 
> > > client sends a certificate it is verified, but if the client doesn't 
> > > send a certificate, the connection is authorized too.
> > > 
> > >   + a new variable: $ssl_client_verify which contains, either NONE, 
> > > SUCCESS or FAILURE depending on the verification status. It can be used 
> > > to send information to the upstream about the client verification.
> > > 
> > >  * The second patch adds CRL support to the client certificate 
> > > verification:
> > > 
> > >   ssl_crl /path/to/crl.pem;
> > > 
> > >  Nginx then verifies the client certificate hasn't been revoked in the 
> > > given CRL before allowing the connection to proceed.
> > > 
> > > For access to the patches, please see my last blog article:
> > > http://www.masterzen.fr/2009/07/21/new-ssl-features-for-nginx/
> > > 
> > > It would be great if those patches could be merged in the official Nginx 
> > > source tree.
> > 
> > Thank you, I have looked the patches, it was really surpise for me that
> > OpenSSL 0.9.7 supports CRL. I read in old enough book "Network Security
> > with OpenSSL" written when 0.9.7 was being developed, that OpenSSL has
> > no built-in CRL support. 
> 
> Ah, ok. I based all my development on OpenSSL 0.9.8, since that's what
> I'm building Nginx againt. And definitely there is CRL support.
> Is OpenSSL 0.9.7 a strict dependency for Nginx?

No. I think this code should be just "#ifdef'ed X509_V_FLAG_CRL_CHECK".

> > Then I have looked in Apache's mod_ssl sources and
> > its CRL support seemed to me very heavy: mod_ssl does a lot of useless
> > operations.
> 
> Which ones?
> What I don't get is why they're doing the CRL verification themselves.

Because mod_ssl were developed before 0.9.7.

> I found this comment in the code:
>      * OpenSSL provides the general mechanism to deal with CRLs but does
> not
>      * use them automatically when verifying certificates, so we do it
>      * explicitly here. We will check the CRL for the currently checked
>      * certificate, if there is such a CRL in the store.
> 
> This seems wrong to me, as I already tested, and it works fine at least
> in version 0.9.8.

Yes, this implementation. However, I made mistake: it's not too heavy as
it seemed to me first time I have looked.

> > I think that it's enough to store hash of only public key of
> > all CRL certificates (including intermediate ones). 
> 
> Why reinvent the wheel?
> The CRL is a standard thing (see RFC 3280), and basically this is a DER
> encoded ASN1 structure containing the list of the revoked certificates
> serial number, signed by the CA cert.
> 
> > Have you looked
> > how CRL is implemented in OpenSSL ?
> 
> Yes, I did. It is pretty extensive, and matches RFC3280.
> 
> I'll fetch OpenSSL 0.9.7 to see if it supports or not CRL, but I'd be
> suprised it wouldn't.
> 
> Thanks for reviewing the patch (at least the first one could be merged,
> isn't it?).

Probabaly, I will commit the patches in next 0.8.7.


-- 
Igor Sysoev
http://sysoev.ru/en/




From matt.goodall at gmail.com  Wed Jul 22 16:51:27 2009
From: matt.goodall at gmail.com (Matt Goodall)
Date: Wed, 22 Jul 2009 13:51:27 +0100
Subject: Keeping up-to-date with nginx in Ubuntu
In-Reply-To: <20090722085747.GK3297@node.waugh.id.au>
References: <20090722085747.GK3297@node.waugh.id.au>
Message-ID: <214c385b0907220551n22e77efft64d9ec8d7cf26b44@mail.gmail.com>

2009/7/22 Jeff Waugh <jdub at bethesignal.org>:
> Hi all,
>
> For those of you using Ubuntu 8.04.x LTS (the most recent long-term support
> release of Ubuntu), I am maintaining up-to-date packages of the nginx stable
> and devel branches in my Launchpad PPA.
>
> I run both branches on production machines using these packages, so have an
> incentive to keep them fresh and working. :-)
>
> ?https://launchpad.net/~jdub/+archive/ppa (tracking nginx 0.7.x atm)
>
> ?https://launchpad.net/~jdub/+archive/devel (tracking nginx 0.8.x atm)
>
> (They're branched from the Debian and Ubuntu packages, and I intend to push
> changes back to their maintainers where appropriate.)
>
> Enjoy!

Oh, I will! Thank you so much for creating this, debs just make things
that little bit easier :).

FYI, both versions are missing the default site's root directory,
/var/www/nginx-default. I don't know if you care enough to fix it for
the PPA, it certainly doesn't bother me. (Actually tested on 9.04
although I don't think that matters as the directory is missing from
the .deb package anyway.)

- Matt




From is at rambler-co.ru  Wed Jul 22 18:52:33 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 22 Jul 2009 18:52:33 +0400
Subject: New SSL features for Nginx.
In-Reply-To: <1248258083.21421.13.camel@arsenic.daysofwonder.com>
References: <4A66029D.8000705@daysofwonder.com> <20090722084422.GH36608@rambler-co.ru> <1248258083.21421.13.camel@arsenic.daysofwonder.com>
Message-ID: <20090722145233.GV36608@rambler-co.ru>

On Wed, Jul 22, 2009 at 12:21:23PM +0200, Brice Figureau wrote:

> Hi Igor,
> 
> On Wed, 2009-07-22 at 12:44 +0400, Igor Sysoev wrote:
> > On Tue, Jul 21, 2009 at 08:02:05PM +0200, Brice Figureau wrote:
> > 
> > > Hi,
> > > 
> > > For Puppet[1] Nginx deployement (that is using Nginx as a front-end 
> > > load-balancers to puppetmasters[2]), I had to create the following two 
> > > patches, to match Apache behaviour:
> > > 
> > >  * The first patch allows:
> > >   + a new variant of ssl_client_verify: optional. In this mode, if the 
> > > client sends a certificate it is verified, but if the client doesn't 
> > > send a certificate, the connection is authorized too.
> > > 
> > >   + a new variable: $ssl_client_verify which contains, either NONE, 
> > > SUCCESS or FAILURE depending on the verification status. It can be used 
> > > to send information to the upstream about the client verification.
> > > 
> > >  * The second patch adds CRL support to the client certificate 
> > > verification:
> > > 
> > >   ssl_crl /path/to/crl.pem;
> > > 
> > >  Nginx then verifies the client certificate hasn't been revoked in the 
> > > given CRL before allowing the connection to proceed.
> > > 
> > > For access to the patches, please see my last blog article:
> > > http://www.masterzen.fr/2009/07/21/new-ssl-features-for-nginx/
> > > 
> > > It would be great if those patches could be merged in the official Nginx 
> > > source tree.

> Thanks for reviewing the patch (at least the first one could be merged,
> isn't it?).

Could you test the attached slightly changed first patch ?


-- 
Igor Sysoev
http://sysoev.ru/en/
-------------- next part --------------
Index: src/http/ngx_http_request.c
===================================================================
--- src/http/ngx_http_request.c	(revision 2313)
+++ src/http/ngx_http_request.c	(working copy)
@@ -1524,7 +1524,7 @@
 
         sscf = ngx_http_get_module_srv_conf(r, ngx_http_ssl_module);
 
-        if (sscf->verify == 1) {
+        if (sscf->verify) {
             rc = SSL_get_verify_result(c->ssl->connection);
 
             if (rc != X509_V_OK) {
@@ -1539,20 +1539,22 @@
                 return;
             }
 
-            cert = SSL_get_peer_certificate(c->ssl->connection);
+            if (sscf->verify == 1) {
+                cert = SSL_get_peer_certificate(c->ssl->connection);
 
-            if (cert == NULL) {
-                ngx_log_error(NGX_LOG_INFO, c->log, 0,
-                              "client sent no required SSL certificate");
+                if (cert == NULL) {
+                    ngx_log_error(NGX_LOG_INFO, c->log, 0,
+                                  "client sent no required SSL certificate");
 
-                ngx_ssl_remove_cached_session(sscf->ssl.ctx,
+                    ngx_ssl_remove_cached_session(sscf->ssl.ctx,
                                        (SSL_get0_session(c->ssl->connection)));
 
-                ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT);
-                return;
+                    ngx_http_finalize_request(r, NGX_HTTPS_NO_CERT);
+                    return;
+                }
+
+                X509_free(cert);
             }
-
-            X509_free(cert);
         }
     }
 
Index: src/http/modules/ngx_http_ssl_module.c
===================================================================
--- src/http/modules/ngx_http_ssl_module.c	(revision 2313)
+++ src/http/modules/ngx_http_ssl_module.c	(working copy)
@@ -52,7 +52,7 @@
 static ngx_conf_enum_t  ngx_http_ssl_verify[] = {
     { ngx_string("off"), 0 },
     { ngx_string("on"), 1 },
-    { ngx_string("ask"), 2 },
+    { ngx_string("optional"), 2 },
     { ngx_null_string, 0 }
 };
 
@@ -206,6 +206,9 @@
     { ngx_string("ssl_client_serial"), NULL, ngx_http_ssl_variable,
       (uintptr_t) ngx_ssl_get_serial_number, NGX_HTTP_VAR_CHANGEABLE, 0 },
 
+    { ngx_string("ssl_client_verify"), NULL, ngx_http_ssl_variable,
+      (uintptr_t) ngx_ssl_get_client_verify, NGX_HTTP_VAR_CHANGEABLE, 0 },
+
     { ngx_null_string, NULL, NULL, 0, 0, 0 }
 };
 
Index: src/event/ngx_event_openssl.c
===================================================================
--- src/event/ngx_event_openssl.c	(revision 2313)
+++ src/event/ngx_event_openssl.c	(working copy)
@@ -2108,6 +2108,35 @@
 }
 
 
+ngx_int_t
+ngx_ssl_get_client_verify(ngx_connection_t *c, ngx_pool_t *pool, ngx_str_t *s)
+{
+    X509  *cert;
+
+    if (SSL_get_verify_result(c->ssl->connection) != X509_V_OK) {
+        s->len = sizeof("FAILED") - 1;
+        s->data = (u_char *) "FAILED";
+
+        return NGX_OK;
+    }
+
+    cert = SSL_get_peer_certificate(c->ssl->connection);
+
+    if (cert) {
+        s->len = sizeof("SUCCESS") - 1;
+        s->data = (u_char *) "SUCCESS";
+
+    } else {
+        s->len = sizeof("NONE") - 1;
+        s->data = (u_char *) "NONE";
+    }
+
+    X509_free(cert);
+
+    return NGX_OK;
+}
+
+
 static void *
 ngx_openssl_create_conf(ngx_cycle_t *cycle)
 {
Index: src/event/ngx_event_openssl.h
===================================================================
--- src/event/ngx_event_openssl.h	(revision 2313)
+++ src/event/ngx_event_openssl.h	(working copy)
@@ -131,6 +131,8 @@
     ngx_str_t *s);
 ngx_int_t ngx_ssl_get_serial_number(ngx_connection_t *c, ngx_pool_t *pool,
     ngx_str_t *s);
+ngx_int_t ngx_ssl_get_client_verify(ngx_connection_t *c, ngx_pool_t *pool,
+    ngx_str_t *s);
 
 
 ngx_int_t ngx_ssl_handshake(ngx_connection_t *c);

From nginx-forum at nginx.us  Wed Jul 22 19:41:35 2009
From: nginx-forum at nginx.us (jason.giedymin)
Date: Wed, 22 Jul 2009 11:41:35 -0400
Subject: Just sent a tiny contribution
Message-ID: <315824b996fda99ab5e1bd71116fcba8.NginxMailingList@forum.nginx.org>

Just sent a tiny contribution.  When our projects actually go live I'd
be glad to send more.  We are NGINX fans and love it!

Honestly, I can't see starting any serious web project without it...

- Jason Giedymin
AcronymLabs.com

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4328,4328#msg-4328





From brice+nginx at daysofwonder.com  Wed Jul 22 21:15:54 2009
From: brice+nginx at daysofwonder.com (Brice Figureau)
Date: Wed, 22 Jul 2009 19:15:54 +0200
Subject: New SSL features for Nginx.
In-Reply-To: <20090722145233.GV36608@rambler-co.ru>
References: <4A66029D.8000705@daysofwonder.com> <20090722084422.GH36608@rambler-co.ru> <1248258083.21421.13.camel@arsenic.daysofwonder.com> <20090722145233.GV36608@rambler-co.ru>
Message-ID: <4A67494A.1090003@daysofwonder.com>

On 22/07/09 16:52, Igor Sysoev wrote:
> On Wed, Jul 22, 2009 at 12:21:23PM +0200, Brice Figureau wrote:
> 
>> Hi Igor,
>>
>> On Wed, 2009-07-22 at 12:44 +0400, Igor Sysoev wrote:
>>> On Tue, Jul 21, 2009 at 08:02:05PM +0200, Brice Figureau wrote:
>>>
>>>> Hi,
>>>>
>>>> For Puppet[1] Nginx deployement (that is using Nginx as a front-end 
>>>> load-balancers to puppetmasters[2]), I had to create the following two 
>>>> patches, to match Apache behaviour:
>>>>
>>>>  * The first patch allows:
>>>>   + a new variant of ssl_client_verify: optional. In this mode, if the 
>>>> client sends a certificate it is verified, but if the client doesn't 
>>>> send a certificate, the connection is authorized too.
>>>>
>>>>   + a new variable: $ssl_client_verify which contains, either NONE, 
>>>> SUCCESS or FAILURE depending on the verification status. It can be used 
>>>> to send information to the upstream about the client verification.
>>>>
>>>>  * The second patch adds CRL support to the client certificate 
>>>> verification:
>>>>
>>>>   ssl_crl /path/to/crl.pem;
>>>>
>>>>  Nginx then verifies the client certificate hasn't been revoked in the 
>>>> given CRL before allowing the connection to proceed.
>>>>
>>>> For access to the patches, please see my last blog article:
>>>> http://www.masterzen.fr/2009/07/21/new-ssl-features-for-nginx/
>>>>
>>>> It would be great if those patches could be merged in the official Nginx 
>>>> source tree.
> 
>> Thanks for reviewing the patch (at least the first one could be merged,
>> isn't it?).
> 
> Could you test the attached slightly changed first patch ?

It works fine, and passes all my tests.

Thanks,
--
Brice Figureau
My Blog: http://www.masterzen.fr/




From brice+nginx at daysofwonder.com  Wed Jul 22 21:20:39 2009
From: brice+nginx at daysofwonder.com (Brice Figureau)
Date: Wed, 22 Jul 2009 19:20:39 +0200
Subject: New SSL features for Nginx.
In-Reply-To: <20090722121619.GO36608@rambler-co.ru>
References: <4A66029D.8000705@daysofwonder.com> <20090722084422.GH36608@rambler-co.ru> <1248258083.21421.13.camel@arsenic.daysofwonder.com> <20090722121619.GO36608@rambler-co.ru>
Message-ID: <4A674A67.1090800@daysofwonder.com>

On 22/07/09 14:16, Igor Sysoev wrote:
> On Wed, Jul 22, 2009 at 12:21:23PM +0200, Brice Figureau wrote:
> 
>> Hi Igor,
>>
>> On Wed, 2009-07-22 at 12:44 +0400, Igor Sysoev wrote:
>>> On Tue, Jul 21, 2009 at 08:02:05PM +0200, Brice Figureau wrote:
>>>
>>>> Hi,
>>>>
>>>> For Puppet[1] Nginx deployement (that is using Nginx as a front-end 
>>>> load-balancers to puppetmasters[2]), I had to create the following two 
>>>> patches, to match Apache behaviour:
>>>>
>>>>  * The first patch allows:
>>>>   + a new variant of ssl_client_verify: optional. In this mode, if the 
>>>> client sends a certificate it is verified, but if the client doesn't 
>>>> send a certificate, the connection is authorized too.
>>>>
>>>>   + a new variable: $ssl_client_verify which contains, either NONE, 
>>>> SUCCESS or FAILURE depending on the verification status. It can be used 
>>>> to send information to the upstream about the client verification.
>>>>
>>>>  * The second patch adds CRL support to the client certificate 
>>>> verification:
>>>>
>>>>   ssl_crl /path/to/crl.pem;
>>>>
>>>>  Nginx then verifies the client certificate hasn't been revoked in the 
>>>> given CRL before allowing the connection to proceed.
>>>>
>>>> For access to the patches, please see my last blog article:
>>>> http://www.masterzen.fr/2009/07/21/new-ssl-features-for-nginx/
>>>>
>>>> It would be great if those patches could be merged in the official Nginx 
>>>> source tree.
>>> Thank you, I have looked the patches, it was really surpise for me that
>>> OpenSSL 0.9.7 supports CRL. I read in old enough book "Network Security
>>> with OpenSSL" written when 0.9.7 was being developed, that OpenSSL has
>>> no built-in CRL support. 
>> Ah, ok. I based all my development on OpenSSL 0.9.8, since that's what
>> I'm building Nginx againt. And definitely there is CRL support.
>> Is OpenSSL 0.9.7 a strict dependency for Nginx?
> 
> No. I think this code should be just "#ifdef'ed X509_V_FLAG_CRL_CHECK".

I'm OK with this. BTW, I checked and CRL support was added in 0.9.7.

>>> Then I have looked in Apache's mod_ssl sources and
>>> its CRL support seemed to me very heavy: mod_ssl does a lot of useless
>>> operations.
>> Which ones?
>> What I don't get is why they're doing the CRL verification themselves.
> 
> Because mod_ssl were developed before 0.9.7.

Yes, I do think so. But it's error-prone and certainly less efficient.

>> I found this comment in the code:
>>      * OpenSSL provides the general mechanism to deal with CRLs but does
>> not
>>      * use them automatically when verifying certificates, so we do it
>>      * explicitly here. We will check the CRL for the currently checked
>>      * certificate, if there is such a CRL in the store.
>>
>> This seems wrong to me, as I already tested, and it works fine at least
>> in version 0.9.8.
> 
> Yes, this implementation. However, I made mistake: it's not too heavy as
> it seemed to me first time I have looked.
> 
>>> I think that it's enough to store hash of only public key of
>>> all CRL certificates (including intermediate ones). 
>> Why reinvent the wheel?
>> The CRL is a standard thing (see RFC 3280), and basically this is a DER
>> encoded ASN1 structure containing the list of the revoked certificates
>> serial number, signed by the CA cert.
>>
>>> Have you looked
>>> how CRL is implemented in OpenSSL ?
>> Yes, I did. It is pretty extensive, and matches RFC3280.
>>
>> I'll fetch OpenSSL 0.9.7 to see if it supports or not CRL, but I'd be
>> suprised it wouldn't.

0.9.7 definitely supports CRL verification.

>> Thanks for reviewing the patch (at least the first one could be merged,
>> isn't it?).
> 
> Probabaly, I will commit the patches in next 0.8.7.

Will you merge the CRL one (feel free to rewrite it if you prefer), too ?

Thanks,
--
Brice Figureau
My Blog: http://www.masterzen.fr/




From michael.baudino at acrelec.com  Wed Jul 22 21:38:16 2009
From: michael.baudino at acrelec.com (Michael Baudino)
Date: Wed, 22 Jul 2009 19:38:16 +0200
Subject: worker_process & blockend IO
Message-ID: <h47iq9$8s1$1@ger.gmane.org>

Hello,

I'm using nginx 0.7.59 on a Debian unstable machine to serve huge files
(300+ MB) from 2 different filesystems : one  is local, the other is
nfs-mounted over an ADSL link.

The nfs filesystem is sooooo slow !
To reduce IO latency, I'm using worker_process 16 (single CPU, though).

How does nginx handles workers ?
Does it choose a worker randomly for each connection ?
Or does it connect to the same worker until it has reached its
worker_connections limit then connect to the next worker ?
In that case, should I set a very low worker_connection to force it to
change worker often ? (I tried it but I got a lot of "worker_connections
are not enough while connecting to upstream")


Thanks in advance.





From gabe at vtunnel.com  Wed Jul 22 22:31:29 2009
From: gabe at vtunnel.com (Gabriel Ramuglia)
Date: Wed, 22 Jul 2009 11:31:29 -0700
Subject: worker_process & blockend IO
In-Reply-To: <h47iq9$8s1$1@ger.gmane.org>
References: <h47iq9$8s1$1@ger.gmane.org>
Message-ID: <932ea6c90907221131k5bdddc02r27b312814511a404@mail.gmail.com>

I think it goes without saying that this is hardly a good idea,
serving files that are accessed remotely via ADSL.... My understanding
however is that nginx is designed to be non-blocking everywhere
possible, and I would assume the worker connections would get
distributed more or less evenly, but I'd be happy to hear an official
answer on this as well.

On Wed, Jul 22, 2009 at 10:38 AM, Michael
Baudino<michael.baudino at acrelec.com> wrote:
> Hello,
>
> I'm using nginx 0.7.59 on a Debian unstable machine to serve huge files
> (300+ MB) from 2 different filesystems : one ?is local, the other is
> nfs-mounted over an ADSL link.
>
> The nfs filesystem is sooooo slow !
> To reduce IO latency, I'm using worker_process 16 (single CPU, though).
>
> How does nginx handles workers ?
> Does it choose a worker randomly for each connection ?
> Or does it connect to the same worker until it has reached its
> worker_connections limit then connect to the next worker ?
> In that case, should I set a very low worker_connection to force it to
> change worker often ? (I tried it but I got a lot of "worker_connections
> are not enough while connecting to upstream")
>
>
> Thanks in advance.
>
>
>




From is at rambler-co.ru  Wed Jul 22 22:38:40 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 22 Jul 2009 22:38:40 +0400
Subject: Just sent a tiny contribution
In-Reply-To: <315824b996fda99ab5e1bd71116fcba8.NginxMailingList@forum.nginx.org>
References: <315824b996fda99ab5e1bd71116fcba8.NginxMailingList@forum.nginx.org>
Message-ID: <20090722183840.GA55612@rambler-co.ru>

On Wed, Jul 22, 2009 at 11:41:35AM -0400, jason.giedymin wrote:

> Just sent a tiny contribution.  When our projects actually go live I'd
> be glad to send more.  We are NGINX fans and love it!
> 
> Honestly, I can't see starting any serious web project without it...
> 
> - Jason Giedymin
> AcronymLabs.com

Thank you very much!


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Wed Jul 22 22:38:59 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 22 Jul 2009 22:38:59 +0400
Subject: New SSL features for Nginx.
In-Reply-To: <4A67494A.1090003@daysofwonder.com>
References: <4A66029D.8000705@daysofwonder.com> <20090722084422.GH36608@rambler-co.ru> <1248258083.21421.13.camel@arsenic.daysofwonder.com> <20090722145233.GV36608@rambler-co.ru> <4A67494A.1090003@daysofwonder.com>
Message-ID: <20090722183859.GB55612@rambler-co.ru>

On Wed, Jul 22, 2009 at 07:15:54PM +0200, Brice Figureau wrote:

> On 22/07/09 16:52, Igor Sysoev wrote:
> >On Wed, Jul 22, 2009 at 12:21:23PM +0200, Brice Figureau wrote:
> >
> >>Hi Igor,
> >>
> >>On Wed, 2009-07-22 at 12:44 +0400, Igor Sysoev wrote:
> >>>On Tue, Jul 21, 2009 at 08:02:05PM +0200, Brice Figureau wrote:
> >>>
> >>>>Hi,
> >>>>
> >>>>For Puppet[1] Nginx deployement (that is using Nginx as a front-end 
> >>>>load-balancers to puppetmasters[2]), I had to create the following two 
> >>>>patches, to match Apache behaviour:
> >>>>
> >>>> * The first patch allows:
> >>>>  + a new variant of ssl_client_verify: optional. In this mode, if the 
> >>>>client sends a certificate it is verified, but if the client doesn't 
> >>>>send a certificate, the connection is authorized too.
> >>>>
> >>>>  + a new variable: $ssl_client_verify which contains, either NONE, 
> >>>>SUCCESS or FAILURE depending on the verification status. It can be used 
> >>>>to send information to the upstream about the client verification.
> >>>>
> >>>> * The second patch adds CRL support to the client certificate 
> >>>>verification:
> >>>>
> >>>>  ssl_crl /path/to/crl.pem;
> >>>>
> >>>> Nginx then verifies the client certificate hasn't been revoked in the 
> >>>>given CRL before allowing the connection to proceed.
> >>>>
> >>>>For access to the patches, please see my last blog article:
> >>>>http://www.masterzen.fr/2009/07/21/new-ssl-features-for-nginx/
> >>>>
> >>>>It would be great if those patches could be merged in the official 
> >>>>Nginx source tree.
> >
> >>Thanks for reviewing the patch (at least the first one could be merged,
> >>isn't it?).
> >
> >Could you test the attached slightly changed first patch ?
> 
> It works fine, and passes all my tests.

OK.


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Wed Jul 22 22:43:20 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 22 Jul 2009 22:43:20 +0400
Subject: New SSL features for Nginx.
In-Reply-To: <4A674A67.1090800@daysofwonder.com>
References: <4A66029D.8000705@daysofwonder.com> <20090722084422.GH36608@rambler-co.ru> <1248258083.21421.13.camel@arsenic.daysofwonder.com> <20090722121619.GO36608@rambler-co.ru> <4A674A67.1090800@daysofwonder.com>
Message-ID: <20090722184320.GC55612@rambler-co.ru>

On Wed, Jul 22, 2009 at 07:20:39PM +0200, Brice Figureau wrote:

> On 22/07/09 14:16, Igor Sysoev wrote:
> >On Wed, Jul 22, 2009 at 12:21:23PM +0200, Brice Figureau wrote:
> >
> >>Hi Igor,
> >>
> >>On Wed, 2009-07-22 at 12:44 +0400, Igor Sysoev wrote:
> >>>On Tue, Jul 21, 2009 at 08:02:05PM +0200, Brice Figureau wrote:
> >>>
> >>>>Hi,
> >>>>
> >>>>For Puppet[1] Nginx deployement (that is using Nginx as a front-end 
> >>>>load-balancers to puppetmasters[2]), I had to create the following two 
> >>>>patches, to match Apache behaviour:
> >>>>
> >>>> * The first patch allows:
> >>>>  + a new variant of ssl_client_verify: optional. In this mode, if the 
> >>>>client sends a certificate it is verified, but if the client doesn't 
> >>>>send a certificate, the connection is authorized too.
> >>>>
> >>>>  + a new variable: $ssl_client_verify which contains, either NONE, 
> >>>>SUCCESS or FAILURE depending on the verification status. It can be used 
> >>>>to send information to the upstream about the client verification.
> >>>>
> >>>> * The second patch adds CRL support to the client certificate 
> >>>>verification:
> >>>>
> >>>>  ssl_crl /path/to/crl.pem;
> >>>>
> >>>> Nginx then verifies the client certificate hasn't been revoked in the 
> >>>>given CRL before allowing the connection to proceed.
> >>>>
> >>>>For access to the patches, please see my last blog article:
> >>>>http://www.masterzen.fr/2009/07/21/new-ssl-features-for-nginx/
> >>>>
> >>>>It would be great if those patches could be merged in the official 
> >>>>Nginx source tree.
> >>>Thank you, I have looked the patches, it was really surpise for me that
> >>>OpenSSL 0.9.7 supports CRL. I read in old enough book "Network Security
> >>>with OpenSSL" written when 0.9.7 was being developed, that OpenSSL has
> >>>no built-in CRL support. 
> >>Ah, ok. I based all my development on OpenSSL 0.9.8, since that's what
> >>I'm building Nginx againt. And definitely there is CRL support.
> >>Is OpenSSL 0.9.7 a strict dependency for Nginx?
> >
> >No. I think this code should be just "#ifdef'ed X509_V_FLAG_CRL_CHECK".
> 
> I'm OK with this. BTW, I checked and CRL support was added in 0.9.7.
> 
> >>>Then I have looked in Apache's mod_ssl sources and
> >>>its CRL support seemed to me very heavy: mod_ssl does a lot of useless
> >>>operations.
> >>Which ones?
> >>What I don't get is why they're doing the CRL verification themselves.
> >
> >Because mod_ssl were developed before 0.9.7.
> 
> Yes, I do think so. But it's error-prone and certainly less efficient.
> 
> >>I found this comment in the code:
> >>     * OpenSSL provides the general mechanism to deal with CRLs but does
> >>not
> >>     * use them automatically when verifying certificates, so we do it
> >>     * explicitly here. We will check the CRL for the currently checked
> >>     * certificate, if there is such a CRL in the store.
> >>
> >>This seems wrong to me, as I already tested, and it works fine at least
> >>in version 0.9.8.
> >
> >Yes, this implementation. However, I made mistake: it's not too heavy as
> >it seemed to me first time I have looked.
> >
> >>>I think that it's enough to store hash of only public key of
> >>>all CRL certificates (including intermediate ones). 
> >>Why reinvent the wheel?
> >>The CRL is a standard thing (see RFC 3280), and basically this is a DER
> >>encoded ASN1 structure containing the list of the revoked certificates
> >>serial number, signed by the CA cert.
> >>
> >>>Have you looked
> >>>how CRL is implemented in OpenSSL ?
> >>Yes, I did. It is pretty extensive, and matches RFC3280.
> >>
> >>I'll fetch OpenSSL 0.9.7 to see if it supports or not CRL, but I'd be
> >>suprised it wouldn't.
> 
> 0.9.7 definitely supports CRL verification.

Yes. When I mentioned the book, I meant that CRL were not supported
at least in 0.9.6.

> >>Thanks for reviewing the patch (at least the first one could be merged,
> >>isn't it?).
> >
> >Probabaly, I will commit the patches in next 0.8.7.
> 
> Will you merge the CRL one (feel free to rewrite it if you prefer), too ?

Yes, the single issue is name of directive: ssl_crl. Should it be longer and
more expressive ? Apache has SSLCARevocationFile.


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Wed Jul 22 22:48:02 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 22 Jul 2009 22:48:02 +0400
Subject: worker_process & blockend IO
In-Reply-To: <h47iq9$8s1$1@ger.gmane.org>
References: <h47iq9$8s1$1@ger.gmane.org>
Message-ID: <20090722184802.GD55612@rambler-co.ru>

On Wed, Jul 22, 2009 at 07:38:16PM +0200, Michael Baudino wrote:

> Hello,
> 
> I'm using nginx 0.7.59 on a Debian unstable machine to serve huge files
> (300+ MB) from 2 different filesystems : one  is local, the other is
> nfs-mounted over an ADSL link.
> 
> The nfs filesystem is sooooo slow !
> To reduce IO latency, I'm using worker_process 16 (single CPU, though).
> 
> How does nginx handles workers ?
> Does it choose a worker randomly for each connection ?
> Or does it connect to the same worker until it has reached its
> worker_connections limit then connect to the next worker ?
> In that case, should I set a very low worker_connection to force it to
> change worker often ? (I tried it but I got a lot of "worker_connections
> are not enough while connecting to upstream")

workers get connection randomly.
NFS I/O is blocking and it's better to set up second nginx on remote host
and to use proxy:

   client > nginx/local fs
                 /proxy    > ADSL > nginx/local fs


-- 
Igor Sysoev
http://sysoev.ru/en/




From brice+nginx at daysofwonder.com  Wed Jul 22 23:13:55 2009
From: brice+nginx at daysofwonder.com (Brice Figureau)
Date: Wed, 22 Jul 2009 21:13:55 +0200
Subject: New SSL features for Nginx.
In-Reply-To: <20090722184320.GC55612@rambler-co.ru>
References: <4A66029D.8000705@daysofwonder.com> <20090722084422.GH36608@rambler-co.ru> <1248258083.21421.13.camel@arsenic.daysofwonder.com> <20090722121619.GO36608@rambler-co.ru> <4A674A67.1090800@daysofwonder.com> <20090722184320.GC55612@rambler-co.ru>
Message-ID: <4A6764F3.4080303@daysofwonder.com>

On 22/07/09 20:43, Igor Sysoev wrote:
> On Wed, Jul 22, 2009 at 07:20:39PM +0200, Brice Figureau wrote:
> 
>> On 22/07/09 14:16, Igor Sysoev wrote:
>>> On Wed, Jul 22, 2009 at 12:21:23PM +0200, Brice Figureau wrote:
>>>
>>>> Hi Igor,
>>>>
>>>> On Wed, 2009-07-22 at 12:44 +0400, Igor Sysoev wrote:
>>>>> On Tue, Jul 21, 2009 at 08:02:05PM +0200, Brice Figureau wrote:
>>>>>
>>>>>> Hi,
>>>>>>
>>>>>> For Puppet[1] Nginx deployement (that is using Nginx as a front-end 
>>>>>> load-balancers to puppetmasters[2]), I had to create the following two 
>>>>>> patches, to match Apache behaviour:
>>>>>>
>>>>>> * The first patch allows:
>>>>>>  + a new variant of ssl_client_verify: optional. In this mode, if the 
>>>>>> client sends a certificate it is verified, but if the client doesn't 
>>>>>> send a certificate, the connection is authorized too.
>>>>>>
>>>>>>  + a new variable: $ssl_client_verify which contains, either NONE, 
>>>>>> SUCCESS or FAILURE depending on the verification status. It can be used 
>>>>>> to send information to the upstream about the client verification.
>>>>>>
>>>>>> * The second patch adds CRL support to the client certificate 
>>>>>> verification:
>>>>>>
>>>>>>  ssl_crl /path/to/crl.pem;
>>>>>>
>>>>>> Nginx then verifies the client certificate hasn't been revoked in the 
>>>>>> given CRL before allowing the connection to proceed.
>>>>>>
>>>>>> For access to the patches, please see my last blog article:
>>>>>> http://www.masterzen.fr/2009/07/21/new-ssl-features-for-nginx/
>>>>>>
>>>>>> It would be great if those patches could be merged in the official 
>>>>>> Nginx source tree.
>>>>> Thank you, I have looked the patches, it was really surpise for me that
>>>>> OpenSSL 0.9.7 supports CRL. I read in old enough book "Network Security
>>>>> with OpenSSL" written when 0.9.7 was being developed, that OpenSSL has
>>>>> no built-in CRL support. 
>>>> Ah, ok. I based all my development on OpenSSL 0.9.8, since that's what
>>>> I'm building Nginx againt. And definitely there is CRL support.
>>>> Is OpenSSL 0.9.7 a strict dependency for Nginx?
>>> No. I think this code should be just "#ifdef'ed X509_V_FLAG_CRL_CHECK".
>> I'm OK with this. BTW, I checked and CRL support was added in 0.9.7.
>>
>>>>> Then I have looked in Apache's mod_ssl sources and
>>>>> its CRL support seemed to me very heavy: mod_ssl does a lot of useless
>>>>> operations.
>>>> Which ones?
>>>> What I don't get is why they're doing the CRL verification themselves.
>>> Because mod_ssl were developed before 0.9.7.
>> Yes, I do think so. But it's error-prone and certainly less efficient.
>>
>>>> I found this comment in the code:
>>>>     * OpenSSL provides the general mechanism to deal with CRLs but does
>>>> not
>>>>     * use them automatically when verifying certificates, so we do it
>>>>     * explicitly here. We will check the CRL for the currently checked
>>>>     * certificate, if there is such a CRL in the store.
>>>>
>>>> This seems wrong to me, as I already tested, and it works fine at least
>>>> in version 0.9.8.
>>> Yes, this implementation. However, I made mistake: it's not too heavy as
>>> it seemed to me first time I have looked.
>>>
>>>>> I think that it's enough to store hash of only public key of
>>>>> all CRL certificates (including intermediate ones). 
>>>> Why reinvent the wheel?
>>>> The CRL is a standard thing (see RFC 3280), and basically this is a DER
>>>> encoded ASN1 structure containing the list of the revoked certificates
>>>> serial number, signed by the CA cert.
>>>>
>>>>> Have you looked
>>>>> how CRL is implemented in OpenSSL ?
>>>> Yes, I did. It is pretty extensive, and matches RFC3280.
>>>>
>>>> I'll fetch OpenSSL 0.9.7 to see if it supports or not CRL, but I'd be
>>>> suprised it wouldn't.
>> 0.9.7 definitely supports CRL verification.
> 
> Yes. When I mentioned the book, I meant that CRL were not supported
> at least in 0.9.6.
> 
>>>> Thanks for reviewing the patch (at least the first one could be merged,
>>>> isn't it?).
>>> Probabaly, I will commit the patches in next 0.8.7.
>> Will you merge the CRL one (feel free to rewrite it if you prefer), too ?
> 
> Yes, the single issue is name of directive: ssl_crl. Should it be longer and
> more expressive ? Apache has SSLCARevocationFile.

Yes, the name is not very good but the other alternatives I thought 
about were too long:
ssl_certificate_revocation
ssl_ca_revocation
ssl_ca_certificate_revocation

Maybe the best one is: ssl_ca_revocation?
But that'd be the only directive with CA in it, although that's what's 
is really the ssl_client_certificate one.

So maybe, last try: ssl_client_revocation would be really better.

What do you think?
-- 
Brice Figureau
My Blog: http://www.masterzen.fr/




From brice+nginx at daysofwonder.com  Wed Jul 22 23:21:26 2009
From: brice+nginx at daysofwonder.com (Brice Figureau)
Date: Wed, 22 Jul 2009 21:21:26 +0200
Subject: how to set timer?
In-Reply-To: <af7dba3eece4e483c4faa6ced80007f2.NginxMailingList@forum.nginx.org>
References: <0e96d43ade091f18dbb98f62f9445495.NginxMailingList@forum.nginx.org> <af7dba3eece4e483c4faa6ced80007f2.NginxMailingList@forum.nginx.org>
Message-ID: <4A6766B6.7030603@daysofwonder.com>

On 22/07/09 10:21, supergui wrote:
> ////////////////////////////////////////////////////////////////////////////////////////////////////////////
> static ngx_event_t gdrive_timer_wev;
> static ngx_connection_t  dumb;
> 
> ngx_int_t ngx_http_gdrive_init_process(ngx_cycle_t *cycle) 
> {
>    ngx_log_error(NGX_LOG_DEBUG, cycle->log, 0, "set gdrive timer");
>    gdrive_timer_wev.handler=test_timer;
>    gdrive_timer_wev.log=cycle->log;
>    gdrive_timer_wev.data=&dumb;
>    dumb.fd=(ngx_socket_t)-1;
>    ngx_add_timer(&gdrive_timer_wev, 5000);
>    return NGX_OK;
> }
> 
> static
> void test_timer(ngx_event_t *wev)
> {
>         ngx_log_error(NGX_LOG_DEBUG, wev->log, 0, "gdrive timer out");
>         //printf("print time out\n");
> }
> ////////////////////////////////////////////////////////////////////////////////////////////////////////////
> 
> 
> why this doesn't work?

I don't know, but you can have a look to my upload progress module which 
uses some timers (and even re-triggered ones):

http://github.com/masterzen/nginx-upload-progress-module/tree/master

Maybe that can help you.
--
Brice Figureau
My Blog: http://www.masterzen.fr/




From is at rambler-co.ru  Wed Jul 22 23:24:20 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 22 Jul 2009 23:24:20 +0400
Subject: New SSL features for Nginx.
In-Reply-To: <4A6764F3.4080303@daysofwonder.com>
References: <4A66029D.8000705@daysofwonder.com> <20090722084422.GH36608@rambler-co.ru> <1248258083.21421.13.camel@arsenic.daysofwonder.com> <20090722121619.GO36608@rambler-co.ru> <4A674A67.1090800@daysofwonder.com> <20090722184320.GC55612@rambler-co.ru> <4A6764F3.4080303@daysofwonder.com>
Message-ID: <20090722192420.GE55612@rambler-co.ru>

On Wed, Jul 22, 2009 at 09:13:55PM +0200, Brice Figureau wrote:

> On 22/07/09 20:43, Igor Sysoev wrote:
> >On Wed, Jul 22, 2009 at 07:20:39PM +0200, Brice Figureau wrote:
> >
> >>On 22/07/09 14:16, Igor Sysoev wrote:
> >>>On Wed, Jul 22, 2009 at 12:21:23PM +0200, Brice Figureau wrote:
> >>>
> >>>>Hi Igor,
> >>>>
> >>>>On Wed, 2009-07-22 at 12:44 +0400, Igor Sysoev wrote:
> >>>>>On Tue, Jul 21, 2009 at 08:02:05PM +0200, Brice Figureau wrote:
> >>>>>
> >>>>>>Hi,
> >>>>>>
> >>>>>>For Puppet[1] Nginx deployement (that is using Nginx as a front-end 
> >>>>>>load-balancers to puppetmasters[2]), I had to create the following 
> >>>>>>two patches, to match Apache behaviour:
> >>>>>>
> >>>>>>* The first patch allows:
> >>>>>> + a new variant of ssl_client_verify: optional. In this mode, if the 
> >>>>>>client sends a certificate it is verified, but if the client doesn't 
> >>>>>>send a certificate, the connection is authorized too.
> >>>>>>
> >>>>>> + a new variable: $ssl_client_verify which contains, either NONE, 
> >>>>>>SUCCESS or FAILURE depending on the verification status. It can be 
> >>>>>>used to send information to the upstream about the client 
> >>>>>>verification.
> >>>>>>
> >>>>>>* The second patch adds CRL support to the client certificate 
> >>>>>>verification:
> >>>>>>
> >>>>>> ssl_crl /path/to/crl.pem;
> >>>>>>
> >>>>>>Nginx then verifies the client certificate hasn't been revoked in the 
> >>>>>>given CRL before allowing the connection to proceed.
> >>>>>>
> >>>>>>For access to the patches, please see my last blog article:
> >>>>>>http://www.masterzen.fr/2009/07/21/new-ssl-features-for-nginx/
> >>>>>>
> >>>>>>It would be great if those patches could be merged in the official 
> >>>>>>Nginx source tree.
> >>>>>Thank you, I have looked the patches, it was really surpise for me that
> >>>>>OpenSSL 0.9.7 supports CRL. I read in old enough book "Network Security
> >>>>>with OpenSSL" written when 0.9.7 was being developed, that OpenSSL has
> >>>>>no built-in CRL support. 
> >>>>Ah, ok. I based all my development on OpenSSL 0.9.8, since that's what
> >>>>I'm building Nginx againt. And definitely there is CRL support.
> >>>>Is OpenSSL 0.9.7 a strict dependency for Nginx?
> >>>No. I think this code should be just "#ifdef'ed X509_V_FLAG_CRL_CHECK".
> >>I'm OK with this. BTW, I checked and CRL support was added in 0.9.7.
> >>
> >>>>>Then I have looked in Apache's mod_ssl sources and
> >>>>>its CRL support seemed to me very heavy: mod_ssl does a lot of useless
> >>>>>operations.
> >>>>Which ones?
> >>>>What I don't get is why they're doing the CRL verification themselves.
> >>>Because mod_ssl were developed before 0.9.7.
> >>Yes, I do think so. But it's error-prone and certainly less efficient.
> >>
> >>>>I found this comment in the code:
> >>>>    * OpenSSL provides the general mechanism to deal with CRLs but does
> >>>>not
> >>>>    * use them automatically when verifying certificates, so we do it
> >>>>    * explicitly here. We will check the CRL for the currently checked
> >>>>    * certificate, if there is such a CRL in the store.
> >>>>
> >>>>This seems wrong to me, as I already tested, and it works fine at least
> >>>>in version 0.9.8.
> >>>Yes, this implementation. However, I made mistake: it's not too heavy as
> >>>it seemed to me first time I have looked.
> >>>
> >>>>>I think that it's enough to store hash of only public key of
> >>>>>all CRL certificates (including intermediate ones). 
> >>>>Why reinvent the wheel?
> >>>>The CRL is a standard thing (see RFC 3280), and basically this is a DER
> >>>>encoded ASN1 structure containing the list of the revoked certificates
> >>>>serial number, signed by the CA cert.
> >>>>
> >>>>>Have you looked
> >>>>>how CRL is implemented in OpenSSL ?
> >>>>Yes, I did. It is pretty extensive, and matches RFC3280.
> >>>>
> >>>>I'll fetch OpenSSL 0.9.7 to see if it supports or not CRL, but I'd be
> >>>>suprised it wouldn't.
> >>0.9.7 definitely supports CRL verification.
> >
> >Yes. When I mentioned the book, I meant that CRL were not supported
> >at least in 0.9.6.
> >
> >>>>Thanks for reviewing the patch (at least the first one could be merged,
> >>>>isn't it?).
> >>>Probabaly, I will commit the patches in next 0.8.7.
> >>Will you merge the CRL one (feel free to rewrite it if you prefer), too ?
> >
> >Yes, the single issue is name of directive: ssl_crl. Should it be longer 
> >and
> >more expressive ? Apache has SSLCARevocationFile.
> 
> Yes, the name is not very good but the other alternatives I thought 
> about were too long:
> ssl_certificate_revocation
> ssl_ca_revocation
> ssl_ca_certificate_revocation
> 
> Maybe the best one is: ssl_ca_revocation?
> But that'd be the only directive with CA in it, although that's what's 
> is really the ssl_client_certificate one.
> 
> So maybe, last try: ssl_client_revocation would be really better.
> 
> What do you think?

Probably, ssl_client_revocation is better.
Question to native speakers: should it be ssl_client_revocationS ?


-- 
Igor Sysoev
http://sysoev.ru/en/




From grangier at gmail.com  Thu Jul 23 00:31:59 2009
From: grangier at gmail.com (xgdlm)
Date: Wed, 22 Jul 2009 22:31:59 +0200
Subject: Syslog
In-Reply-To: <4A65C7F9.2060603@internetx.de>
References: <4A65C7F9.2060603@internetx.de>
Message-ID: <DFB9D72E-2493-476D-882E-53BF062D9A8A@gmail.com>


Le 21 juil. 09 ? 15:51, Juergen Gotteswinter a ?crit :

> Hello,
>
> is there a syslog patch for nginx 0.7.XX available, too? i need  
> remote syslog support ... or is there any other solution for this?

here is a syslog patch for 0.7.34 (credit to Marlon de Boer for  
original patch)

http://1cafe.fr/portage/www-servers/nginx/files/syslog-0.7.34.patch

I don't know if it works on other versions of the 0.7 branch.
I've been using this patch without anyproblem... but I use it very  
special setup :

** Nginx proxy servers are using regular nginx log feature (access and  
error)
** Nginx application server are patched for syslog logging but ..  
access log is set to off and I __only__ log critical errors to  
syslog ...

xav 



From brice+nginx at daysofwonder.com  Thu Jul 23 01:17:54 2009
From: brice+nginx at daysofwonder.com (Brice Figureau)
Date: Wed, 22 Jul 2009 23:17:54 +0200
Subject: New SSL features for Nginx.
In-Reply-To: <20090722192420.GE55612@rambler-co.ru>
References: <4A66029D.8000705@daysofwonder.com> <20090722084422.GH36608@rambler-co.ru> <1248258083.21421.13.camel@arsenic.daysofwonder.com> <20090722121619.GO36608@rambler-co.ru> <4A674A67.1090800@daysofwonder.com> <20090722184320.GC55612@rambler-co.ru> <4A6764F3.4080303@daysofwonder.com> <20090722192420.GE55612@rambler-co.ru>
Message-ID: <4A678202.7000805@daysofwonder.com>

On 22/07/09 21:24, Igor Sysoev wrote:
> On Wed, Jul 22, 2009 at 09:13:55PM +0200, Brice Figureau wrote:
> 
>> On 22/07/09 20:43, Igor Sysoev wrote:
>>> On Wed, Jul 22, 2009 at 07:20:39PM +0200, Brice Figureau wrote:
>>>
>>>> On 22/07/09 14:16, Igor Sysoev wrote:
>>>>> On Wed, Jul 22, 2009 at 12:21:23PM +0200, Brice Figureau wrote:
>>>>>
>>>>>> Hi Igor,
>>>>>>
>>>>>> On Wed, 2009-07-22 at 12:44 +0400, Igor Sysoev wrote:
>>>>>>> On Tue, Jul 21, 2009 at 08:02:05PM +0200, Brice Figureau wrote:
>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> For Puppet[1] Nginx deployement (that is using Nginx as a front-end 
>>>>>>>> load-balancers to puppetmasters[2]), I had to create the following 
>>>>>>>> two patches, to match Apache behaviour:
>>>>>>>>
>>>>>>>> * The first patch allows:
>>>>>>>> + a new variant of ssl_client_verify: optional. In this mode, if the 
>>>>>>>> client sends a certificate it is verified, but if the client doesn't 
>>>>>>>> send a certificate, the connection is authorized too.
>>>>>>>>
>>>>>>>> + a new variable: $ssl_client_verify which contains, either NONE, 
>>>>>>>> SUCCESS or FAILURE depending on the verification status. It can be 
>>>>>>>> used to send information to the upstream about the client 
>>>>>>>> verification.
>>>>>>>>
>>>>>>>> * The second patch adds CRL support to the client certificate 
>>>>>>>> verification:
>>>>>>>>
>>>>>>>> ssl_crl /path/to/crl.pem;
>>>>>>>>
>>>>>>>> Nginx then verifies the client certificate hasn't been revoked in the 
>>>>>>>> given CRL before allowing the connection to proceed.
>>>>>>>>
>>>>>>>> For access to the patches, please see my last blog article:
>>>>>>>> http://www.masterzen.fr/2009/07/21/new-ssl-features-for-nginx/
>>>>>>>>
>>>>>>>> It would be great if those patches could be merged in the official 
>>>>>>>> Nginx source tree.
>>>>>>> Thank you, I have looked the patches, it was really surpise for me that
>>>>>>> OpenSSL 0.9.7 supports CRL. I read in old enough book "Network Security
>>>>>>> with OpenSSL" written when 0.9.7 was being developed, that OpenSSL has
>>>>>>> no built-in CRL support. 
>>>>>> Ah, ok. I based all my development on OpenSSL 0.9.8, since that's what
>>>>>> I'm building Nginx againt. And definitely there is CRL support.
>>>>>> Is OpenSSL 0.9.7 a strict dependency for Nginx?
>>>>> No. I think this code should be just "#ifdef'ed X509_V_FLAG_CRL_CHECK".
>>>> I'm OK with this. BTW, I checked and CRL support was added in 0.9.7.
>>>>
>>>>>>> Then I have looked in Apache's mod_ssl sources and
>>>>>>> its CRL support seemed to me very heavy: mod_ssl does a lot of useless
>>>>>>> operations.
>>>>>> Which ones?
>>>>>> What I don't get is why they're doing the CRL verification themselves.
>>>>> Because mod_ssl were developed before 0.9.7.
>>>> Yes, I do think so. But it's error-prone and certainly less efficient.
>>>>
>>>>>> I found this comment in the code:
>>>>>>    * OpenSSL provides the general mechanism to deal with CRLs but does
>>>>>> not
>>>>>>    * use them automatically when verifying certificates, so we do it
>>>>>>    * explicitly here. We will check the CRL for the currently checked
>>>>>>    * certificate, if there is such a CRL in the store.
>>>>>>
>>>>>> This seems wrong to me, as I already tested, and it works fine at least
>>>>>> in version 0.9.8.
>>>>> Yes, this implementation. However, I made mistake: it's not too heavy as
>>>>> it seemed to me first time I have looked.
>>>>>
>>>>>>> I think that it's enough to store hash of only public key of
>>>>>>> all CRL certificates (including intermediate ones). 
>>>>>> Why reinvent the wheel?
>>>>>> The CRL is a standard thing (see RFC 3280), and basically this is a DER
>>>>>> encoded ASN1 structure containing the list of the revoked certificates
>>>>>> serial number, signed by the CA cert.
>>>>>>
>>>>>>> Have you looked
>>>>>>> how CRL is implemented in OpenSSL ?
>>>>>> Yes, I did. It is pretty extensive, and matches RFC3280.
>>>>>>
>>>>>> I'll fetch OpenSSL 0.9.7 to see if it supports or not CRL, but I'd be
>>>>>> suprised it wouldn't.
>>>> 0.9.7 definitely supports CRL verification.
>>> Yes. When I mentioned the book, I meant that CRL were not supported
>>> at least in 0.9.6.
>>>
>>>>>> Thanks for reviewing the patch (at least the first one could be merged,
>>>>>> isn't it?).
>>>>> Probabaly, I will commit the patches in next 0.8.7.
>>>> Will you merge the CRL one (feel free to rewrite it if you prefer), too ?
>>> Yes, the single issue is name of directive: ssl_crl. Should it be longer 
>>> and
>>> more expressive ? Apache has SSLCARevocationFile.
>> Yes, the name is not very good but the other alternatives I thought 
>> about were too long:
>> ssl_certificate_revocation
>> ssl_ca_revocation
>> ssl_ca_certificate_revocation
>>
>> Maybe the best one is: ssl_ca_revocation?
>> But that'd be the only directive with CA in it, although that's what's 
>> is really the ssl_client_certificate one.
>>
>> So maybe, last try: ssl_client_revocation would be really better.
>>
>> What do you think?
> 
> Probably, ssl_client_revocation is better.
> Question to native speakers: should it be ssl_client_revocationS ?

My idea was that this directive was an abbrevation of 
ssl_client_revocation_file, so the 's' wasn't needed. But I'm not a 
native speaker, or in fact I'm a native speaker, but not of English :-)
--
Brice Figureau
My Blog: http://www.masterzen.fr/




From nginx-forum at nginx.us  Thu Jul 23 04:26:30 2009
From: nginx-forum at nginx.us (vburshteyn)
Date: Wed, 22 Jul 2009 20:26:30 -0400
Subject: /location and or IF statment
Message-ID: <2cecb8b1d63b259d5d5effb9a2aae24c.NginxMailingList@forum.nginx.org>

hey folks, i got a quick question

basically my issue is this.  the main site is mysite.com

so 

location  / {  works great

but then i have a.mysite.com/boxoffice

when there is /boxoffice the A variable can be a large number of things and each has its own redirect path (damn i love legacy crap)

so when i do something like

location ~ a.mysite.com
or Location ^ a.mystie.com 

it does not see it and just sends me the location /
what am i doing wrong, also what is the most efficient way of doing this, since i have about 50 different redirects?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4346,4346#msg-4346





From mike503 at gmail.com  Thu Jul 23 04:35:36 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Wed, 22 Jul 2009 17:35:36 -0700
Subject: /location and or IF statment
In-Reply-To: <2cecb8b1d63b259d5d5effb9a2aae24c.NginxMailingList@forum.nginx.org>
References: <2cecb8b1d63b259d5d5effb9a2aae24c.NginxMailingList@forum.nginx.org>
Message-ID: <bd9320b30907221735j56b284c7r737f1fc3647c100@mail.gmail.com>

location doesn't work on hosts, only on paths/etc.

On Wed, Jul 22, 2009 at 5:26 PM, vburshteyn<nginx-forum at nginx.us> wrote:
> hey folks, i got a quick question
>
> basically my issue is this. ?the main site is mysite.com
>
> so
>
> location ?/ { ?works great
>
> but then i have a.mysite.com/boxoffice
>
> when there is /boxoffice the A variable can be a large number of things and each has its own redirect path (damn i love legacy crap)
>
> so when i do something like
>
> location ~ a.mysite.com
> or Location ^ a.mystie.com
>
> it does not see it and just sends me the location /
> what am i doing wrong, also what is the most efficient way of doing this, since i have about 50 different redirects?
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4346,4346#msg-4346
>
>
>




From jdub at bethesignal.org  Thu Jul 23 04:37:01 2009
From: jdub at bethesignal.org (Jeff Waugh)
Date: Thu, 23 Jul 2009 10:37:01 +1000
Subject: Watching nginx upstreams with collectd
Message-ID: <20090723003701.GN3297@node.waugh.id.au>

Hi all,

Thought some of you might find this handy -- a blog post about monitoring
usage and performance of nginx upstreams using collectd (which already has
pretty nice direct stats acquisition from nginx itself):

http://bethesignal.org/blog/2009/07/22/watching-nginx-upstreams-with-collectd/

Useful for anyone using proxy_pass or fastcgi_pass.

Thanks,

- Jeff

-- 
linux.conf.au 2010: Wellington, NZ                http://www.lca2010.org.nz/
 
   "2.4.1ac17 is full of innovations and should be used with caution." -
                             Linux Weekly News




From tkeyser at emediavillage.com  Thu Jul 23 04:50:59 2009
From: tkeyser at emediavillage.com (Tom Keyser)
Date: Wed, 22 Jul 2009 17:50:59 -0700
Subject: Vyatta firewall with Nginx
In-Reply-To: <4A678202.7000805@daysofwonder.com>
References: <4A66029D.8000705@daysofwonder.com> <20090722084422.GH36608@rambler-co.ru> <1248258083.21421.13.camel@arsenic.daysofwonder.com> <20090722121619.GO36608@rambler-co.ru> <4A674A67.1090800@daysofwonder.com> <20090722184320.GC55612@rambler-co.ru> <4A6764F3.4080303@daysofwonder.com> <20090722192420.GE55612@rambler-co.ru> <4A678202.7000805@daysofwonder.com>
Message-ID: <4A67B3F3.5010705@emediavillage.com>

Anyone have any experience running Nginx on a Vyatta firewall? Its using 
32bit debian OS but allows you to get root access and install other 
programs. Does Nginx run on 32bit Debian?




From glen at lumanau.web.id  Thu Jul 23 04:59:55 2009
From: glen at lumanau.web.id (Glen Lumanau)
Date: Thu, 23 Jul 2009 00:59:55 +0000
Subject: Vyatta firewall with Nginx
Message-ID: <1524107253-1248310929-cardhu_decombobulator_blackberry.rim.net-653693507-@bxe1017.bisx.prodap.on.blackberry>

Yes nginx can be run on 32bit or 64bit OS

------Original Message------
From: Tom Keyser
Sender: owner-nginx at sysoev.ru
To: nginx at sysoev.ru
ReplyTo: nginx at sysoev.ru
Subject: Vyatta firewall with Nginx
Sent: Jul 23, 2009 7:50 AM

Anyone have any experience running Nginx on a Vyatta firewall? Its using 
32bit debian OS but allows you to get root access and install other 
programs. Does Nginx run on 32bit Debian?




Best Regards,

Glen Lumanau





From nginx-forum at nginx.us  Thu Jul 23 05:05:14 2009
From: nginx-forum at nginx.us (vburshteyn)
Date: Wed, 22 Jul 2009 21:05:14 -0400
Subject: /location and or IF statment
In-Reply-To: <bd9320b30907221735j56b284c7r737f1fc3647c100@forum.nginx.org>
References: <2cecb8b1d63b259d5d5effb9a2aae24c.NginxMailingList@forum.nginx.org> <bd9320b30907221735j56b284c7r737f1fc3647c100@forum.nginx.org>
Message-ID: <394e536ac2490666c717b59f77e9b5fb.NginxMailingList@forum.nginx.org>

so what should i use?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4346,4349#msg-4349





From mike503 at gmail.com  Thu Jul 23 05:19:02 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Wed, 22 Jul 2009 18:19:02 -0700
Subject: /location and or IF statment
In-Reply-To: <394e536ac2490666c717b59f77e9b5fb.NginxMailingList@forum.nginx.org>
References: <2cecb8b1d63b259d5d5effb9a2aae24c.NginxMailingList@forum.nginx.org>
	 <bd9320b30907221735j56b284c7r737f1fc3647c100@forum.nginx.org>
	 <394e536ac2490666c717b59f77e9b5fb.NginxMailingList@forum.nginx.org>
Message-ID: <bd9320b30907221819j41055940ye7eacae96f0ff20b@mail.gmail.com>

most likely igor would say separate server {} blocks


On Wed, Jul 22, 2009 at 6:05 PM, vburshteyn<nginx-forum at nginx.us> wrote:
> so what should i use?
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4346,4349#msg-4349
>
>
>




From nginx-forum at nginx.us  Thu Jul 23 05:55:57 2009
From: nginx-forum at nginx.us (vburshteyn)
Date: Wed, 22 Jul 2009 21:55:57 -0400
Subject: /location and or IF statment
In-Reply-To: <2cecb8b1d63b259d5d5effb9a2aae24c.NginxMailingList@forum.nginx.org>
References: <2cecb8b1d63b259d5d5effb9a2aae24c.NginxMailingList@forum.nginx.org>
Message-ID: <e43c8c1eaf2347ca784fcb7b7979752b.NginxMailingList@forum.nginx.org>

so in that case one more stupid question (sorry i am windows tech who is making the switch)

so if i have a statment like

location ~* (a|b) the search will terminate as soon as it finds either a or b.  how can i set it up to say ( a and b)?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4346,4353#msg-4353





From lists at ruby-forum.com  Thu Jul 23 06:10:48 2009
From: lists at ruby-forum.com (Paul Hamann)
Date: Thu, 23 Jul 2009 04:10:48 +0200
Subject: Rewrite: fixing Metadot Kluginess
Message-ID: <7b1e41a50bd08e857e77f6e900ba35f7@ruby-forum.com>

Greetings.  I'm implementing portal software called Metadot.  It was
orginally Perl -- ported to Rails about 1 yr ago.  There's a bunch of
Perl-isms and silliness that makes it somewhat dependent on Apache2 /
fcgi.

I'm trying to use Nginx to proxy/balance dynamic requests to multiple
Apache2/Passenger servers.  I want Nginx to serve up all static content
so that Aapche2 can serve just rails.  They put attachments and images
in a separate directory outside the rails root.  Then they pre-pended
the filename with 8 digits made up of zeros and the file's id.  I want
to rewrite specific file formats to their actual filenames and dirs.

Example for user uploaded images. {png | ico | jpg | gif | etc.....}

request comes in as: /__metadot__/image_library/image.gif

maps to: ../../metadot-on-rails-attachments/00000001/00000022-image.gif

22 is the file id and image.gif is the [already unique] filename.
metadot-on-rails-attachments is at the same level as the rails root, not
inside it.

Please help! I've been lost on this all day.

Thanks! Paul
-- 
Posted via http://www.ruby-forum.com/.




From lists at ruby-forum.com  Thu Jul 23 06:12:51 2009
From: lists at ruby-forum.com (Paul Hamann)
Date: Thu, 23 Jul 2009 04:12:51 +0200
Subject: Rewrite: fixing Metadot Kluginess
In-Reply-To: <7b1e41a50bd08e857e77f6e900ba35f7@ruby-forum.com>
References: <7b1e41a50bd08e857e77f6e900ba35f7@ruby-forum.com>
Message-ID: <b07d3dfe7aae0647da635a67fd829d38@ruby-forum.com>

Ooops.  One more thing.  As far as I can tell, the 00000001 directory is 
a constant. (I know -- silly, right?)
-- 
Posted via http://www.ruby-forum.com/.




From emiddleton at bebear.net  Thu Jul 23 06:26:47 2009
From: emiddleton at bebear.net (Edward Middleton)
Date: Thu, 23 Jul 2009 11:26:47 +0900
Subject: New SSL features for Nginx.
In-Reply-To: <20090722184320.GC55612@rambler-co.ru>
References: <4A66029D.8000705@daysofwonder.com> <20090722084422.GH36608@rambler-co.ru> <1248258083.21421.13.camel@arsenic.daysofwonder.com> <20090722121619.GO36608@rambler-co.ru> <4A674A67.1090800@daysofwonder.com> <20090722184320.GC55612@rambler-co.ru>
Message-ID: <4A67CA67.1000704@bebear.net>

Igor Sysoev wrote:
> Brice Figureau wrote:
>   
>> Will you merge the CRL one (feel free to rewrite it if you prefer), too ?
>>     
>
> Yes, the single issue is name of directive: ssl_crl. Should it be longer and
> more expressive ? Apache has SSLCARevocationFile.
>   

I think the original argument is better.  Anyone who uses a CRL[1] is
going to know what it is.  If you call the command something else they
have to search the manual to find out what you have chosen to called
it.  In my opinion it would be better to call it ssl_crl_file so that it
is obvious it expects a file path.

Edward

1. http://tools.ietf.org/html/rfc5280




From cliff at develix.com  Thu Jul 23 07:22:53 2009
From: cliff at develix.com (Cliff Wells)
Date: Wed, 22 Jul 2009 20:22:53 -0700
Subject: New SSL features for Nginx.
In-Reply-To: <4A67CA67.1000704@bebear.net>
References: <4A66029D.8000705@daysofwonder.com>
	 <20090722084422.GH36608@rambler-co.ru>
	 <1248258083.21421.13.camel@arsenic.daysofwonder.com>
	 <20090722121619.GO36608@rambler-co.ru> <4A674A67.1090800@daysofwonder.com>
	 <20090722184320.GC55612@rambler-co.ru>  <4A67CA67.1000704@bebear.net>
Message-ID: <1248319373.15572.1.camel@portable-evil>

On Thu, 2009-07-23 at 11:26 +0900, Edward Middleton wrote:
> Igor Sysoev wrote:
> > Brice Figureau wrote:
> >   
> >> Will you merge the CRL one (feel free to rewrite it if you prefer), too ?
> >>     
> >
> > Yes, the single issue is name of directive: ssl_crl. Should it be longer and
> > more expressive ? Apache has SSLCARevocationFile.
> >   
> 
> I think the original argument is better.  Anyone who uses a CRL[1] is
> going to know what it is.  If you call the command something else they
> have to search the manual to find out what you have chosen to called
> it.  In my opinion it would be better to call it ssl_crl_file so that it
> is obvious it expects a file path.

I agree with this reasoning.   Making the name longer isn't going to
reduce the need to refer to the documentation and "crl" seems to be the
key word people will be searching for.

Cliff

-- 
http://www.google.com/search?q=vonage+sucks





From is at rambler-co.ru  Thu Jul 23 11:08:38 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 23 Jul 2009 11:08:38 +0400
Subject: New SSL features for Nginx.
In-Reply-To: <4A67CA67.1000704@bebear.net>
References: <4A66029D.8000705@daysofwonder.com> <20090722084422.GH36608@rambler-co.ru> <1248258083.21421.13.camel@arsenic.daysofwonder.com> <20090722121619.GO36608@rambler-co.ru> <4A674A67.1090800@daysofwonder.com> <20090722184320.GC55612@rambler-co.ru> <4A67CA67.1000704@bebear.net>
Message-ID: <20090723070838.GA67525@rambler-co.ru>

On Thu, Jul 23, 2009 at 11:26:47AM +0900, Edward Middleton wrote:

> Igor Sysoev wrote:
> > Brice Figureau wrote:
> >   
> >> Will you merge the CRL one (feel free to rewrite it if you prefer), too ?
> >>     
> >
> > Yes, the single issue is name of directive: ssl_crl. Should it be longer and
> > more expressive ? Apache has SSLCARevocationFile.
> >   
> 
> I think the original argument is better.  Anyone who uses a CRL[1] is
> going to know what it is.  If you call the command something else they
> have to search the manual to find out what you have chosen to called
> it.  In my opinion it would be better to call it ssl_crl_file so that it
> is obvious it expects a file path.

It's seems you are right. CRL became well known abbreviation as SSL itself.


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Thu Jul 23 11:14:02 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 23 Jul 2009 11:14:02 +0400
Subject: Rewrite: fixing Metadot Kluginess
In-Reply-To: <7b1e41a50bd08e857e77f6e900ba35f7@ruby-forum.com>
References: <7b1e41a50bd08e857e77f6e900ba35f7@ruby-forum.com>
Message-ID: <20090723071402.GB67525@rambler-co.ru>

On Thu, Jul 23, 2009 at 04:10:48AM +0200, Paul Hamann wrote:

> Greetings.  I'm implementing portal software called Metadot.  It was
> orginally Perl -- ported to Rails about 1 yr ago.  There's a bunch of
> Perl-isms and silliness that makes it somewhat dependent on Apache2 /
> fcgi.
> 
> I'm trying to use Nginx to proxy/balance dynamic requests to multiple
> Apache2/Passenger servers.  I want Nginx to serve up all static content
> so that Aapche2 can serve just rails.  They put attachments and images
> in a separate directory outside the rails root.  Then they pre-pended
> the filename with 8 digits made up of zeros and the file's id.  I want
> to rewrite specific file formats to their actual filenames and dirs.
> 
> Example for user uploaded images. {png | ico | jpg | gif | etc.....}
> 
> request comes in as: /__metadot__/image_library/image.gif
> 
> maps to: ../../metadot-on-rails-attachments/00000001/00000022-image.gif
> 
> 22 is the file id and image.gif is the [already unique] filename.
> metadot-on-rails-attachments is at the same level as the rails root, not
> inside it.
> 
> Please help! I've been lost on this all day.

If only backend knows how to map URI to file system, you may
proxy such request to the backend and the backend should return

X-Accel-Redirect: /metadot-on-rails-attachments/00000001/00000022-image.gif

However, I prefer direct mapping without backend participation.


-- 
Igor Sysoev
http://sysoev.ru/en/




From marlon at hyves.nl  Thu Jul 23 11:19:05 2009
From: marlon at hyves.nl (Marlon de Boer)
Date: Thu, 23 Jul 2009 09:19:05 +0200
Subject: Syslog
In-Reply-To: <DFB9D72E-2493-476D-882E-53BF062D9A8A@gmail.com>
References: <4A65C7F9.2060603@internetx.de> <DFB9D72E-2493-476D-882E-53BF062D9A8A@gmail.com>
Message-ID: <4A680EE9.4040904@hyves.nl>

xgdlm wrote:
> 
> Le 21 juil. 09 ? 15:51, Juergen Gotteswinter a ?crit :
> 
>> Hello,
>>
>> is there a syslog patch for nginx 0.7.XX available, too? i need remote
>> syslog support ... or is there any other solution for this?
> 
> here is a syslog patch for 0.7.34 (credit to Marlon de Boer for original
> patch)
> 
> http://1cafe.fr/portage/www-servers/nginx/files/syslog-0.7.34.patch
> 
> I don't know if it works on other versions of the 0.7 branch.
> I've been using this patch without anyproblem... but I use it very
> special setup :
> 
> ** Nginx proxy servers are using regular nginx log feature (access and
> error)
> ** Nginx application server are patched for syslog logging but .. access
> log is set to off and I __only__ log critical errors to syslog ...
> 
> xav

I've send an email about this couple of days ago:

There is a patch @ http://bugs.gentoo.org/attachment.cgi?id=197180.

Thanks to Ben Taitelbaum for making it 0.7 / 0.8 compatible.

Regards
Marlon





From zhuzhaoyuan at gmail.com  Thu Jul 23 11:41:58 2009
From: zhuzhaoyuan at gmail.com (Joshua Zhu)
Date: Thu, 23 Jul 2009 15:41:58 +0800
Subject: /location and or IF statment
In-Reply-To: <e43c8c1eaf2347ca784fcb7b7979752b.NginxMailingList@forum.nginx.org>
References: <2cecb8b1d63b259d5d5effb9a2aae24c.NginxMailingList@forum.nginx.org>
	 <e43c8c1eaf2347ca784fcb7b7979752b.NginxMailingList@forum.nginx.org>
Message-ID: <5bf4451d0907230041x2cb69a87r15f0346e8d14a940@mail.gmail.com>

1) Use multiple server blocks, as what Michael suggested.
2) Use variables, e.g.:
        location ~* (a|b) {
            set $var $1;
            rewrite ^ /test$var.html break;
        }
   Please see http://wiki.nginx.org/NginxHttpRewriteModule for more
information :)


On Thu, Jul 23, 2009 at 9:55 AM, vburshteyn<nginx-forum at nginx.us> wrote:
> so in that case one more stupid question (sorry i am windows tech who is making the switch)
>
> so if i have a statment like
>
> location ~* (a|b) the search will terminate as soon as it finds either a or b. ?how can i set it up to say ( a and b)?
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4346,4353#msg-4353
>
>
>

-- 
Joshua Zhu




From nginx-forum at nginx.us  Thu Jul 23 11:53:44 2009
From: nginx-forum at nginx.us (mrginx)
Date: Thu, 23 Jul 2009 03:53:44 -0400
Subject: Compiling nginx with openssl on Debian Lenny
Message-ID: <054bd8e9e65d77c547b08e6b464289ca.NginxMailingList@forum.nginx.org>

Hi,

I'm trying to compile nginx-0.7.61 with openssl on my Debian 5.0 machine without any success.
I have installed all necessary libs using 
aptitude install libpcre3 libpcre3-dev libpcrecpp0  zlib1g-dev libssl-dev libgd2-xpm-dev


This is my configure line:


./configure \
--prefix=/usr \
--conf-path=/etc/nginx/nginx.conf \
--sbin-path=/usr/sbin \
--http-log-path=/var/log/nginx/access.log \
--error-log-path=/var/log/nginx/error.log \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/lock/nginx.lock \
--http-client-body-temp-path=/var/lib/nginx/body \
--http-proxy-temp-path=/var/lib/nginx/proxy \
--http-fastcgi-temp-path=/var/tmp/nginx/fastcgi \
--with-ipv6 \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_image_filter_module \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_gzip_static_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-md5-asm \
--with-sha1-asm \
--with-openssl=/usr/include \
--with-sha1=/usr/lib \
--with-zlib-asm=pentiumpro \
--with-cpu-opt=pentium4


Everything goes smoothly and I get:


Configuration summary
  + using system PCRE library
  + using OpenSSL library: /usr/include
  + md5: using OpenSSL library
  + using sha1 library: /usr/lib
  + using system zlib library

  nginx path prefix: "/usr"
  nginx binary file: "/usr/sbin"
  nginx configuration prefix: "/etc/nginx"
  nginx configuration file: "/etc/nginx/nginx.conf"
  nginx pid file: "/var/run/nginx.pid"
  nginx error log file: "/var/log/nginx/error.log"
  nginx http access log file: "/var/log/nginx/access.log"
  nginx http client request body temporary files: "/var/lib/nginx/body"
  nginx http proxy temporary files: "/var/lib/nginx/proxy"
  nginx http fastcgi temporary files: "/var/tmp/nginx/fastcgi"


BUT, when I run make I get:


make -f objs/Makefile
make[1]: Entering directory `/home/jayzee/Desktop/nginx-0.7.61'
cd /usr/include \
	&& make clean \
	&& ./config --prefix=/usr/include/openssl no-shared  no-threads \
	&& make \
	&& make install
make[2]: Entering directory `/usr/include'
make[2]: *** No rule to make target `clean'.  Stop.
make[2]: Leaving directory `/usr/include'
make[1]: ***  Error 2
make[1]: Leaving directory `/home/jayzee/Desktop/nginx-0.7.61'
make: ***  Error 2


help??

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4361,4361#msg-4361





From michael.baudino at acrelec.com  Thu Jul 23 11:58:43 2009
From: michael.baudino at acrelec.com (Michael Baudino)
Date: Thu, 23 Jul 2009 09:58:43 +0200
Subject: worker_process & blockend IO
In-Reply-To: <20090722184802.GD55612@rambler-co.ru>
References: <h47iq9$8s1$1@ger.gmane.org> <20090722184802.GD55612@rambler-co.ru>
Message-ID: <h4957n$4oi$1@ger.gmane.org>

Igor Sysoev wrote:
> On Wed, Jul 22, 2009 at 07:38:16PM +0200, Michael Baudino wrote:
> 
>> Hello,
>>
>> I'm using nginx 0.7.59 on a Debian unstable machine to serve huge files
>> (300+ MB) from 2 different filesystems : one  is local, the other is
>> nfs-mounted over an ADSL link.
>>
>> The nfs filesystem is sooooo slow !
>> To reduce IO latency, I'm using worker_process 16 (single CPU, though).
>>
>> How does nginx handles workers ?
>> Does it choose a worker randomly for each connection ?
>> Or does it connect to the same worker until it has reached its
>> worker_connections limit then connect to the next worker ?
>> In that case, should I set a very low worker_connection to force it to
>> change worker often ? (I tried it but I got a lot of "worker_connections
>> are not enough while connecting to upstream")
> 
> workers get connection randomly.
> NFS I/O is blocking and it's better to set up second nginx on remote host
> and to use proxy:
> 
>    client > nginx/local fs
>                  /proxy    > ADSL > nginx/local fs
> 


Hi Igor,

Actually I though that proxying to the remote host would be blocking too...
I will try this solution and let you know asap.

Thanks for your fast answer, as usual.

-- 
Mike
KameHouse Prod.





From is at rambler-co.ru  Thu Jul 23 11:55:26 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 23 Jul 2009 11:55:26 +0400
Subject: Compiling nginx with openssl on Debian Lenny
In-Reply-To: <054bd8e9e65d77c547b08e6b464289ca.NginxMailingList@forum.nginx.org>
References: <054bd8e9e65d77c547b08e6b464289ca.NginxMailingList@forum.nginx.org>
Message-ID: <20090723075526.GD67525@rambler-co.ru>

On Thu, Jul 23, 2009 at 03:53:44AM -0400, mrginx wrote:

> Hi,
> 
> I'm trying to compile nginx-0.7.61 with openssl on my Debian 5.0 machine without any success.
> I have installed all necessary libs using 
> aptitude install libpcre3 libpcre3-dev libpcrecpp0  zlib1g-dev libssl-dev libgd2-xpm-dev
> 
> 
> This is my configure line:
> 
> 
> ./configure \
> --prefix=/usr \
> --conf-path=/etc/nginx/nginx.conf \
> --sbin-path=/usr/sbin \
> --http-log-path=/var/log/nginx/access.log \
> --error-log-path=/var/log/nginx/error.log \
> --pid-path=/var/run/nginx.pid \
> --lock-path=/var/lock/nginx.lock \
> --http-client-body-temp-path=/var/lib/nginx/body \
> --http-proxy-temp-path=/var/lib/nginx/proxy \
> --http-fastcgi-temp-path=/var/tmp/nginx/fastcgi \
> --with-ipv6 \
> --with-http_ssl_module \
> --with-http_realip_module \
> --with-http_addition_module \
> --with-http_image_filter_module \
> --with-http_sub_module \
> --with-http_dav_module \
> --with-http_flv_module \
> --with-http_gzip_static_module \
> --with-http_secure_link_module \
> --with-http_stub_status_module \
> --with-md5-asm \
> --with-sha1-asm \
> --with-openssl=/usr/include \
> --with-sha1=/usr/lib \
> --with-zlib-asm=pentiumpro \
> --with-cpu-opt=pentium4
> 
> 
> Everything goes smoothly and I get:
> 
> 
> Configuration summary
>   + using system PCRE library
>   + using OpenSSL library: /usr/include
>   + md5: using OpenSSL library
>   + using sha1 library: /usr/lib
>   + using system zlib library
> 
>   nginx path prefix: "/usr"
>   nginx binary file: "/usr/sbin"
>   nginx configuration prefix: "/etc/nginx"
>   nginx configuration file: "/etc/nginx/nginx.conf"
>   nginx pid file: "/var/run/nginx.pid"
>   nginx error log file: "/var/log/nginx/error.log"
>   nginx http access log file: "/var/log/nginx/access.log"
>   nginx http client request body temporary files: "/var/lib/nginx/body"
>   nginx http proxy temporary files: "/var/lib/nginx/proxy"
>   nginx http fastcgi temporary files: "/var/tmp/nginx/fastcgi"
> 
> 
> BUT, when I run make I get:
> 
> 
> make -f objs/Makefile
> make[1]: Entering directory `/home/jayzee/Desktop/nginx-0.7.61'
> cd /usr/include \
> 	&& make clean \
> 	&& ./config --prefix=/usr/include/openssl no-shared  no-threads \
> 	&& make \
> 	&& make install
> make[2]: Entering directory `/usr/include'
> make[2]: *** No rule to make target `clean'.  Stop.
> make[2]: Leaving directory `/usr/include'
> make[1]: ***  Error 2
> make[1]: Leaving directory `/home/jayzee/Desktop/nginx-0.7.61'
> make: ***  Error 2

./configure --help | grep with-openssl=
  --with-openssl=DIR                 set path to OpenSSL library sources

I doubt that you have OpenSSL sources in /usr/include.
The same story with --with-sha1=/usr/lib

You just need to omit
 --with-md5-asm \
 --with-sha1-asm \
 --with-openssl=/usr/include \
 --with-sha1=/usr/lib \
 --with-zlib-asm=pentiumpro \


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Thu Jul 23 11:57:10 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 23 Jul 2009 11:57:10 +0400
Subject: New SSL features for Nginx.
In-Reply-To: <4A674A67.1090800@daysofwonder.com>
References: <4A66029D.8000705@daysofwonder.com> <20090722084422.GH36608@rambler-co.ru> <1248258083.21421.13.camel@arsenic.daysofwonder.com> <20090722121619.GO36608@rambler-co.ru> <4A674A67.1090800@daysofwonder.com>
Message-ID: <20090723075710.GE67525@rambler-co.ru>

On Wed, Jul 22, 2009 at 07:20:39PM +0200, Brice Figureau wrote:

> >>Thanks for reviewing the patch (at least the first one could be merged,
> >>isn't it?).
> >
> >Probabaly, I will commit the patches in next 0.8.7.
> 
> Will you merge the CRL one (feel free to rewrite it if you prefer), too ?

Could you test the attached patch ?


-- 
Igor Sysoev
http://sysoev.ru/en/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: patch.ssl.crl
Type: application/x-pkcs7-crl
Size: 4011 bytes
Desc: not available
URL: <http://nginx.org/pipermail/nginx/attachments/20090723/0c2b79b4/attachment.crl>

From is at rambler-co.ru  Thu Jul 23 12:04:21 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 23 Jul 2009 12:04:21 +0400
Subject: worker_process & blockend IO
In-Reply-To: <h4957n$4oi$1@ger.gmane.org>
References: <h47iq9$8s1$1@ger.gmane.org> <20090722184802.GD55612@rambler-co.ru> <h4957n$4oi$1@ger.gmane.org>
Message-ID: <20090723080421.GF67525@rambler-co.ru>

On Thu, Jul 23, 2009 at 09:58:43AM +0200, Michael Baudino wrote:

> Igor Sysoev wrote:
> > On Wed, Jul 22, 2009 at 07:38:16PM +0200, Michael Baudino wrote:
> > 
> >> Hello,
> >>
> >> I'm using nginx 0.7.59 on a Debian unstable machine to serve huge files
> >> (300+ MB) from 2 different filesystems : one  is local, the other is
> >> nfs-mounted over an ADSL link.
> >>
> >> The nfs filesystem is sooooo slow !
> >> To reduce IO latency, I'm using worker_process 16 (single CPU, though).
> >>
> >> How does nginx handles workers ?
> >> Does it choose a worker randomly for each connection ?
> >> Or does it connect to the same worker until it has reached its
> >> worker_connections limit then connect to the next worker ?
> >> In that case, should I set a very low worker_connection to force it to
> >> change worker often ? (I tried it but I got a lot of "worker_connections
> >> are not enough while connecting to upstream")
> > 
> > workers get connection randomly.
> > NFS I/O is blocking and it's better to set up second nginx on remote host
> > and to use proxy:
> > 
> >    client > nginx/local fs
> >                  /proxy    > ADSL > nginx/local fs
> > 
> 
> 
> Hi Igor,
> 
> Actually I though that proxying to the remote host would be blocking too...

No, that proxying allows to handle single worker thousands connections.
They may be slow, but they will run simultaneously, while using NFS worker
will blocking on single I/O.

> I will try this solution and let you know asap.


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Thu Jul 23 12:30:58 2009
From: nginx-forum at nginx.us (mrginx)
Date: Thu, 23 Jul 2009 04:30:58 -0400
Subject: Compiling nginx with openssl on Debian Lenny
In-Reply-To: <054bd8e9e65d77c547b08e6b464289ca.NginxMailingList@forum.nginx.org>
References: <054bd8e9e65d77c547b08e6b464289ca.NginxMailingList@forum.nginx.org>
Message-ID: <ac2aca9ab429d57a44bbdecdfd488e57.NginxMailingList@forum.nginx.org>

Thanks a lot Igor!

BTW, will the OpenSSL support still be compiled in?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4361,4367#msg-4367





From is at rambler-co.ru  Thu Jul 23 12:34:52 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 23 Jul 2009 12:34:52 +0400
Subject: Compiling nginx with openssl on Debian Lenny
In-Reply-To: <ac2aca9ab429d57a44bbdecdfd488e57.NginxMailingList@forum.nginx.org>
References: <054bd8e9e65d77c547b08e6b464289ca.NginxMailingList@forum.nginx.org> <ac2aca9ab429d57a44bbdecdfd488e57.NginxMailingList@forum.nginx.org>
Message-ID: <20090723083452.GG67525@rambler-co.ru>

On Thu, Jul 23, 2009 at 04:30:58AM -0400, mrginx wrote:

> Thanks a lot Igor!
> 
> BTW, will the OpenSSL support still be compiled in?

Yes, if you set --with-http_ssl_module


-- 
Igor Sysoev
http://sysoev.ru/en/




From jg at internetx.de  Thu Jul 23 12:50:48 2009
From: jg at internetx.de (Juergen Gotteswinter)
Date: Thu, 23 Jul 2009 10:50:48 +0200
Subject: Syslog
In-Reply-To: <4A680EE9.4040904@hyves.nl>
References: <4A65C7F9.2060603@internetx.de> <DFB9D72E-2493-476D-882E-53BF062D9A8A@gmail.com> <4A680EE9.4040904@hyves.nl>
Message-ID: <4A682468.2090902@internetx.de>

On 07/23/2009 09:19 AM, Marlon de Boer wrote:
> xgdlm wrote:
>    
>> Le 21 juil. 09 ? 15:51, Juergen Gotteswinter a ?crit :
>>
>>      
>>> Hello,
>>>
>>> is there a syslog patch for nginx 0.7.XX available, too? i need remote
>>> syslog support ... or is there any other solution for this?
>>>        
>> here is a syslog patch for 0.7.34 (credit to Marlon de Boer for original
>> patch)
>>
>> http://1cafe.fr/portage/www-servers/nginx/files/syslog-0.7.34.patch
>>
>> I don't know if it works on other versions of the 0.7 branch.
>> I've been using this patch without anyproblem... but I use it very
>> special setup :
>>
>> ** Nginx proxy servers are using regular nginx log feature (access and
>> error)
>> ** Nginx application server are patched for syslog logging but .. access
>> log is set to off and I __only__ log critical errors to syslog ...
>>
>> xav
>>      
> I've send an email about this couple of days ago:
>
> There is a patch @ http://bugs.gentoo.org/attachment.cgi?id=197180.
>
> Thanks to Ben Taitelbaum for making it 0.7 / 0.8 compatible.
>
> Regards
> Marlon
>
>
>
>    

Thanks to both of you :)

Regards

Juergen

-- 
InterNetX GmbH
Maximilianstrasse 6
D-93047 Regensburg

Tel. +49 941 59559-480
Fax  +49 941 59559-245

Gesch?ftsf?hrer/CEO: Thomas M?rz
Amtsgericht Regensburg, HRB 7142





From nginx-forum at nginx.us  Thu Jul 23 13:31:01 2009
From: nginx-forum at nginx.us (matija)
Date: Thu, 23 Jul 2009 05:31:01 -0400
Subject: Auth_basic 500 error
In-Reply-To: <20090709195954.GE80653@forum.nginx.org>
References: <4A56322E.6020703@tomvalentine.net> <20090709195954.GE80653@forum.nginx.org>
Message-ID: <a8dc14bee2d1335dc70bb2fc4f4d843f.NginxMailingList@forum.nginx.org>

I also thought that this was a bug, but after complete lookup at nginx.conf file, I found that I had not-existing 404 error_page(s) which cause internal redirection cycle for my 500 Internal page error. Try to comment that one, worked for me.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3945,4370#msg-4370





From nginx-forum at nginx.us  Thu Jul 23 13:32:02 2009
From: nginx-forum at nginx.us (matija)
Date: Thu, 23 Jul 2009 05:32:02 -0400
Subject: Auth_basic 500 error
In-Reply-To: <20090709195954.GE80653@forum.nginx.org>
References: <4A56322E.6020703@tomvalentine.net> <20090709195954.GE80653@forum.nginx.org>
Message-ID: <680ed7f643e9a0d3885f8c41a57a29e7.NginxMailingList@forum.nginx.org>

I also thought that this was a bug, but after complete lookup at nginx.conf file, I found that I had not-existing 404 error_page(s) which cause internal redirection cycle for my 500 Internal page error. Try to comment that one, worked for me.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3945,4371#msg-4371





From nginx.mailinglist at xinio.info  Thu Jul 23 13:50:12 2009
From: nginx.mailinglist at xinio.info (nginx.mailinglist)
Date: Thu, 23 Jul 2009 10:50:12 +0100
Subject: authentication being passed to php
Message-ID: <807a83ca0907230250j504360c7tab4b053a22ae8fb6@mail.gmail.com>

Hello
just a quick question

in lighttpd i was able to pass the username and pass from the url to php
backend

but nothing happens in nginx?

let me explain


lets say you have a URL like this

http://userX:passY at example.com/bleh.php


i expect my php backend to have user and pass entries in the $_SERVER
variable as happens with lighttpd

am i missing something with nginx? is it even possible?


Regards
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090723/31651197/attachment.html>

From is at rambler-co.ru  Thu Jul 23 13:52:18 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 23 Jul 2009 13:52:18 +0400
Subject: authentication being passed to php
In-Reply-To: <807a83ca0907230250j504360c7tab4b053a22ae8fb6@mail.gmail.com>
References: <807a83ca0907230250j504360c7tab4b053a22ae8fb6@mail.gmail.com>
Message-ID: <20090723095218.GJ67525@rambler-co.ru>

On Thu, Jul 23, 2009 at 10:50:12AM +0100, nginx.mailinglist wrote:

> Hello
> just a quick question
> 
> in lighttpd i was able to pass the username and pass from the url to php
> backend
> 
> but nothing happens in nginx?
> 
> let me explain
> 
> 
> lets say you have a URL like this
> 
> http://userX:passY at example.com/bleh.php
> 
> 
> i expect my php backend to have user and pass entries in the $_SERVER
> variable as happens with lighttpd
> 
> am i missing something with nginx? is it even possible?

$echo userX:passY | perl -MMIME::Base64 -lne 'print encode_base64 $_'
dXNlclg6cGFzc1k=

      proxy_pass http://example.com/bleh.php;
      proxy_set_header  Authorization "Basic dXNlclg6cGFzc1k=";


-- 
Igor Sysoev
http://sysoev.ru/en/




From nunomagalhaes at eu.ipp.pt  Thu Jul 23 13:57:43 2009
From: nunomagalhaes at eu.ipp.pt (=?UTF-8?Q?Nuno_Magalh=C3=A3es?=)
Date: Thu, 23 Jul 2009 10:57:43 +0100
Subject: Compiling nginx with openssl on Debian Lenny
In-Reply-To: <20090723083452.GG67525@rambler-co.ru>
References: <054bd8e9e65d77c547b08e6b464289ca.NginxMailingList@forum.nginx.org> 
	<ac2aca9ab429d57a44bbdecdfd488e57.NginxMailingList@forum.nginx.org> 
	<20090723083452.GG67525@rambler-co.ru>
Message-ID: <6b1504c40907230257v1c168f7dr7f8ae3b082f525ed@mail.gmail.com>

You could also try checkinstall instead of make install, it'll make a
.deb for you, so you can later do whatever you want to nginx, just as
if you had installed it through aptitude. Just make sure to give it a
high version number so it won't get "upgraded", or pin it.




From nginx.mailinglist at xinio.info  Thu Jul 23 14:22:19 2009
From: nginx.mailinglist at xinio.info (nginx.mailinglist)
Date: Thu, 23 Jul 2009 11:22:19 +0100
Subject: authentication being passed to php
In-Reply-To: <20090723095218.GJ67525@rambler-co.ru>
References: <807a83ca0907230250j504360c7tab4b053a22ae8fb6@mail.gmail.com>
	 <20090723095218.GJ67525@rambler-co.ru>
Message-ID: <807a83ca0907230322r1cfd9eado247a18bdfbfbc7c1@mail.gmail.com>

Thank you
I see that works fine for that particular user:pass combo

but (sorry to be a pain)

that means i have to encode the user:pass combination into the config file

what happens if there are thousands of user:pass combinations?

how can this info be dynamically passed to the php backend for
authentication to occur there (by looking up in a database for example)?

i cant be updating the config file everytime a new user is added that can be
crazy especially if there are thousands or more users

Regards

edit: i google and found this old email conversation on nginx mailinglist
http://markmail.org/message/tl7h2fclizgptwnr#query:NGINX%20PHP%20AUTHENTICATION+page:1+mid:f3xw2gjllat6urff+state:results

2009/7/23 Igor Sysoev <is at rambler-co.ru>

> On Thu, Jul 23, 2009 at 10:50:12AM +0100, nginx.mailinglist wrote:
>
> > Hello
> > just a quick question
> >
> > in lighttpd i was able to pass the username and pass from the url to php
> > backend
> >
> > but nothing happens in nginx?
> >
> > let me explain
> >
> >
> > lets say you have a URL like this
> >
> > http://userX:passY at example.com/bleh.php
> >
> >
> > i expect my php backend to have user and pass entries in the $_SERVER
> > variable as happens with lighttpd
> >
> > am i missing something with nginx? is it even possible?
>
> $echo userX:passY | perl -MMIME::Base64 -lne 'print encode_base64 $_'
> dXNlclg6cGFzc1k=
>
>      proxy_pass http://example.com/bleh.php;
>      proxy_set_header  Authorization "Basic dXNlclg6cGFzc1k=";
>
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090723/8809ff76/attachment.html>

From is at rambler-co.ru  Thu Jul 23 14:43:15 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 23 Jul 2009 14:43:15 +0400
Subject: authentication being passed to php
In-Reply-To: <807a83ca0907230322r1cfd9eado247a18bdfbfbc7c1@mail.gmail.com>
References: <807a83ca0907230250j504360c7tab4b053a22ae8fb6@mail.gmail.com> <20090723095218.GJ67525@rambler-co.ru> <807a83ca0907230322r1cfd9eado247a18bdfbfbc7c1@mail.gmail.com>
Message-ID: <20090723104315.GK67525@rambler-co.ru>

On Thu, Jul 23, 2009 at 11:22:19AM +0100, nginx.mailinglist wrote:

> Thank you
> I see that works fine for that particular user:pass combo
> 
> but (sorry to be a pain)
> 
> that means i have to encode the user:pass combination into the config file
> 
> what happens if there are thousands of user:pass combinations?
> 
> how can this info be dynamically passed to the php backend for
> authentication to occur there (by looking up in a database for example)?
> 
> i cant be updating the config file everytime a new user is added that can be
> crazy especially if there are thousands or more users
> 
> Regards
> 
> edit: i google and found this old email conversation on nginx mailinglist
> http://markmail.org/message/tl7h2fclizgptwnr#query:NGINX%20PHP%20AUTHENTICATION+page:1+mid:f3xw2gjllat6urff+state:results

I do not understand your problem.
nginx passes client's user:pass in Authorization header transparently.

> 2009/7/23 Igor Sysoev <is at rambler-co.ru>
> 
> > On Thu, Jul 23, 2009 at 10:50:12AM +0100, nginx.mailinglist wrote:
> >
> > > Hello
> > > just a quick question
> > >
> > > in lighttpd i was able to pass the username and pass from the url to php
> > > backend
> > >
> > > but nothing happens in nginx?
> > >
> > > let me explain
> > >
> > >
> > > lets say you have a URL like this
> > >
> > > http://userX:passY at example.com/bleh.php
> > >
> > >
> > > i expect my php backend to have user and pass entries in the $_SERVER
> > > variable as happens with lighttpd
> > >
> > > am i missing something with nginx? is it even possible?
> >
> > $echo userX:passY | perl -MMIME::Base64 -lne 'print encode_base64 $_'
> > dXNlclg6cGFzc1k=
> >
> >      proxy_pass http://example.com/bleh.php;
> >      proxy_set_header  Authorization "Basic dXNlclg6cGFzc1k=";
> >
> >
> > --
> > Igor Sysoev
> > http://sysoev.ru/en/
> >
> >

-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx.mailinglist at xinio.info  Thu Jul 23 14:57:06 2009
From: nginx.mailinglist at xinio.info (nginx.mailinglist)
Date: Thu, 23 Jul 2009 11:57:06 +0100
Subject: authentication being passed to php
In-Reply-To: <20090723104315.GK67525@rambler-co.ru>
References: <807a83ca0907230250j504360c7tab4b053a22ae8fb6@mail.gmail.com>
	 <20090723095218.GJ67525@rambler-co.ru>
	 <807a83ca0907230322r1cfd9eado247a18bdfbfbc7c1@mail.gmail.com>
	 <20090723104315.GK67525@rambler-co.ru>
Message-ID: <807a83ca0907230357m2b54b60cm4a4cb62443376551@mail.gmail.com>

Hi Igor
its ok i got it working now!

all i have to do was add this to my config


*fastcgi_pass_header ** **Authorization;*


i wasn't testing the HTTP request properly so wasn't seeing the results
expected

Thank you very much!
made my work day




2009/7/23 Igor Sysoev <is at rambler-co.ru>

> On Thu, Jul 23, 2009 at 11:22:19AM +0100, nginx.mailinglist wrote:
>
> > Thank you
> > I see that works fine for that particular user:pass combo
> >
> > but (sorry to be a pain)
> >
> > that means i have to encode the user:pass combination into the config
> file
> >
> > what happens if there are thousands of user:pass combinations?
> >
> > how can this info be dynamically passed to the php backend for
> > authentication to occur there (by looking up in a database for example)?
> >
> > i cant be updating the config file everytime a new user is added that can
> be
> > crazy especially if there are thousands or more users
> >
> > Regards
> >
> > edit: i google and found this old email conversation on nginx mailinglist
> >
> http://markmail.org/message/tl7h2fclizgptwnr#query:NGINX%20PHP%20AUTHENTICATION+page:1+mid:f3xw2gjllat6urff+state:results
>
> I do not understand your problem.
> nginx passes client's user:pass in Authorization header transparently.
>
> > 2009/7/23 Igor Sysoev <is at rambler-co.ru>
> >
> > > On Thu, Jul 23, 2009 at 10:50:12AM +0100, nginx.mailinglist wrote:
> > >
> > > > Hello
> > > > just a quick question
> > > >
> > > > in lighttpd i was able to pass the username and pass from the url to
> php
> > > > backend
> > > >
> > > > but nothing happens in nginx?
> > > >
> > > > let me explain
> > > >
> > > >
> > > > lets say you have a URL like this
> > > >
> > > > http://userX:passY at example.com/bleh.php
> > > >
> > > >
> > > > i expect my php backend to have user and pass entries in the $_SERVER
> > > > variable as happens with lighttpd
> > > >
> > > > am i missing something with nginx? is it even possible?
> > >
> > > $echo userX:passY | perl -MMIME::Base64 -lne 'print encode_base64 $_'
> > > dXNlclg6cGFzc1k=
> > >
> > >      proxy_pass http://example.com/bleh.php;
> > >      proxy_set_header  Authorization "Basic dXNlclg6cGFzc1k=";
> > >
> > >
> > > --
> > > Igor Sysoev
> > > http://sysoev.ru/en/
> > >
> > >
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090723/51488b03/attachment.html>

From is at rambler-co.ru  Thu Jul 23 14:57:13 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 23 Jul 2009 14:57:13 +0400
Subject: authentication being passed to php
In-Reply-To: <807a83ca0907230357m2b54b60cm4a4cb62443376551@mail.gmail.com>
References: <807a83ca0907230250j504360c7tab4b053a22ae8fb6@mail.gmail.com> <20090723095218.GJ67525@rambler-co.ru> <807a83ca0907230322r1cfd9eado247a18bdfbfbc7c1@mail.gmail.com> <20090723104315.GK67525@rambler-co.ru> <807a83ca0907230357m2b54b60cm4a4cb62443376551@mail.gmail.com>
Message-ID: <20090723105713.GL67525@rambler-co.ru>

On Thu, Jul 23, 2009 at 11:57:06AM +0100, nginx.mailinglist wrote:

> Hi Igor
> its ok i got it working now!
> 
> all i have to do was add this to my config
> 
> 
> *fastcgi_pass_header ** **Authorization;*
> 
> 
> i wasn't testing the HTTP request properly so wasn't seeing the results
> expected

fastcgi_pass_header passes headers from backend to client.
It can not resolve your issue.

> Thank you very much!
> made my work day
> 
> 
> 
> 
> 2009/7/23 Igor Sysoev <is at rambler-co.ru>
> 
> > On Thu, Jul 23, 2009 at 11:22:19AM +0100, nginx.mailinglist wrote:
> >
> > > Thank you
> > > I see that works fine for that particular user:pass combo
> > >
> > > but (sorry to be a pain)
> > >
> > > that means i have to encode the user:pass combination into the config
> > file
> > >
> > > what happens if there are thousands of user:pass combinations?
> > >
> > > how can this info be dynamically passed to the php backend for
> > > authentication to occur there (by looking up in a database for example)?
> > >
> > > i cant be updating the config file everytime a new user is added that can
> > be
> > > crazy especially if there are thousands or more users
> > >
> > > Regards
> > >
> > > edit: i google and found this old email conversation on nginx mailinglist
> > >
> > http://markmail.org/message/tl7h2fclizgptwnr#query:NGINX%20PHP%20AUTHENTICATION+page:1+mid:f3xw2gjllat6urff+state:results
> >
> > I do not understand your problem.
> > nginx passes client's user:pass in Authorization header transparently.
> >
> > > 2009/7/23 Igor Sysoev <is at rambler-co.ru>
> > >
> > > > On Thu, Jul 23, 2009 at 10:50:12AM +0100, nginx.mailinglist wrote:
> > > >
> > > > > Hello
> > > > > just a quick question
> > > > >
> > > > > in lighttpd i was able to pass the username and pass from the url to
> > php
> > > > > backend
> > > > >
> > > > > but nothing happens in nginx?
> > > > >
> > > > > let me explain
> > > > >
> > > > >
> > > > > lets say you have a URL like this
> > > > >
> > > > > http://userX:passY at example.com/bleh.php
> > > > >
> > > > >
> > > > > i expect my php backend to have user and pass entries in the $_SERVER
> > > > > variable as happens with lighttpd
> > > > >
> > > > > am i missing something with nginx? is it even possible?
> > > >
> > > > $echo userX:passY | perl -MMIME::Base64 -lne 'print encode_base64 $_'
> > > > dXNlclg6cGFzc1k=
> > > >
> > > >      proxy_pass http://example.com/bleh.php;
> > > >      proxy_set_header  Authorization "Basic dXNlclg6cGFzc1k=";
> > > >
> > > >
> > > > --
> > > > Igor Sysoev
> > > > http://sysoev.ru/en/
> > > >
> > > >
> >
> > --
> > Igor Sysoev
> > http://sysoev.ru/en/
> >
> >

-- 
Igor Sysoev
http://sysoev.ru/en/




From leccine at gmail.com  Thu Jul 23 15:13:40 2009
From: leccine at gmail.com (=?ISO-8859-1?B?SXN0duFu?=)
Date: Thu, 23 Jul 2009 04:13:40 -0700
Subject: authentication being passed to php
In-Reply-To: <20090723104315.GK67525@rambler-co.ru>
References: <807a83ca0907230250j504360c7tab4b053a22ae8fb6@mail.gmail.com>
	 <20090723095218.GJ67525@rambler-co.ru>
	 <807a83ca0907230322r1cfd9eado247a18bdfbfbc7c1@mail.gmail.com>
	 <20090723104315.GK67525@rambler-co.ru>
Message-ID: <b8592ed80907230413i218b88a3l460783d5e1921058@mail.gmail.com>

he is mixing up two different things

http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html

14.8 Authorization

      A user agent that wishes to authenticate itself with a server--
      usually, but not necessarily, after receiving a 401 response--does
      so by including an Authorization request-header field with the
      request.  The Authorization field value consists of credentials
      containing the authentication information of the user agent for
      the realm of the resource being requested.

          Authorization  = "Authorization" ":" credentials

      HTTP access authentication is described in "HTTP Authentication:
      Basic and Digest Access Authentication" [43]
<http://www.w3.org/Protocols/rfc2616/rfc2616-sec17.html#bib43>. If a
request is
      authenticated and a realm specified, the same credentials SHOULD
      be valid for all other requests within this realm (assuming that
      the authentication scheme itself does not require otherwise, such
      as credentials that vary according to a challenge value or using
      synchronized clocks).

      When a shared cache (see section 13.7) receives a request
      containing an Authorization field, it MUST NOT return the
      corresponding response as a reply to any other request, unless one
      of the following specific exceptions holds:

      1. If the response includes the "s-maxage" cache-control
         directive, the cache MAY use that response in replying to a
         subsequent request. But (if the specified maximum age has
         passed) a proxy cache MUST first revalidate it with the origin
         server, using the request-headers from the new request to allow
         the origin server to authenticate the new request. (This is the
         defined behavior for s-maxage.) If the response includes "s-
         maxage=0", the proxy MUST always revalidate it before re-using
         it.

      2. If the response includes the "must-revalidate" cache-control
         directive, the cache MAY use that response in replying to a
         subsequent request. But if the response is stale, all caches
         MUST first revalidate it with the origin server, using the
         request-headers from the new request to allow the origin server
         to authenticate the new request.

      3. If the response includes the "public" cache-control directive,
         it MAY be returned in reply to any subsequent request.



2009/7/23 Igor Sysoev <is at rambler-co.ru>

> On Thu, Jul 23, 2009 at 11:22:19AM +0100, nginx.mailinglist wrote:
>
> > Thank you
> > I see that works fine for that particular user:pass combo
> >
> > but (sorry to be a pain)
> >
> > that means i have to encode the user:pass combination into the config
> file
> >
> > what happens if there are thousands of user:pass combinations?
> >
> > how can this info be dynamically passed to the php backend for
> > authentication to occur there (by looking up in a database for example)?
> >
> > i cant be updating the config file everytime a new user is added that can
> be
> > crazy especially if there are thousands or more users
> >
> > Regards
> >
> > edit: i google and found this old email conversation on nginx mailinglist
> >
> http://markmail.org/message/tl7h2fclizgptwnr#query:NGINX%20PHP%20AUTHENTICATION+page:1+mid:f3xw2gjllat6urff+state:results
>
> I do not understand your problem.
> nginx passes client's user:pass in Authorization header transparently.
>
> > 2009/7/23 Igor Sysoev <is at rambler-co.ru>
> >
> > > On Thu, Jul 23, 2009 at 10:50:12AM +0100, nginx.mailinglist wrote:
> > >
> > > > Hello
> > > > just a quick question
> > > >
> > > > in lighttpd i was able to pass the username and pass from the url to
> php
> > > > backend
> > > >
> > > > but nothing happens in nginx?
> > > >
> > > > let me explain
> > > >
> > > >
> > > > lets say you have a URL like this
> > > >
> > > > http://userX:passY at example.com/bleh.php
> > > >
> > > >
> > > > i expect my php backend to have user and pass entries in the $_SERVER
> > > > variable as happens with lighttpd
> > > >
> > > > am i missing something with nginx? is it even possible?
> > >
> > > $echo userX:passY | perl -MMIME::Base64 -lne 'print encode_base64 $_'
> > > dXNlclg6cGFzc1k=
> > >
> > >      proxy_pass http://example.com/bleh.php;
> > >      proxy_set_header  Authorization "Basic dXNlclg6cGFzc1k=";
> > >
> > >
> > > --
> > > Igor Sysoev
> > > http://sysoev.ru/en/
> > >
> > >
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
>


-- 
the sun shines for all
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090723/4d701030/attachment.html>

From michal.mach at gmail.com  Thu Jul 23 15:13:47 2009
From: michal.mach at gmail.com (Michal Mach)
Date: Thu, 23 Jul 2009 13:13:47 +0200
Subject: Possible rewrite regular expression bug?
In-Reply-To: <20080624180134.GA26001@rambler-co.ru>
References: <9597c7907c9c594089449dd7315214b0@ruby-forum.com>
	 <200806231144.34381.roxis@list.ru>
	 <718aa3ce19bafc416f77eb9dbfb7dc04@ruby-forum.com>
	 <0e1b127a2bf266d3a3ae699bdcdac48c@ruby-forum.com>
	 <200806231657.01744.roxis@list.ru>
	 <03a3f9744c3cc3d3df13309e3c1119f5@ruby-forum.com>
	 <9fcc348aad7580740e001ac208dc79cd@ruby-forum.com>
	 <20080624180134.GA26001@rambler-co.ru>
Message-ID: <5ce37eec0907230413r5bad94e3v99a8b60bf982907f@mail.gmail.com>

I don't know if this is related to the issues mentioned here, but when we
have rewrite rule like
rewrite ^/arch/(.*) /cgi-bin/open_cache.pl?file=$1 last;

and url

/arch/person2.php%2525253F%25252526st%2525253D1013880915.1.html.html

then in nginx 0.5 this will be passed to the cgi as

GET
/cgi-bin/open_cache.pl?file=person2.php%2525253F%25252526st%2525253D1013880915.1.html.html
HTTP/1.0

But in nginx 0.6 (maybe even in higher versions) is this url passed as

GET
/cgi-bin/open_cache.pl?basefile=person2.php%25253F%252526st%25253D1013880915.1.html.html
HTTP/1.0

As you can see some of the chars where unescaped.

2008/6/24 Igor Sysoev <is at rambler-co.ru>

> On Tue, Jun 24, 2008 at 06:03:51PM +0200, Peter Hoang wrote:
>
> > Furthermore, it seems like NGINX seems to decode the parameter in
> > rewrite rules. For example, I have the following rule:
> >
> >       if ($args ~ ^q=([^&]+)$) {
> >         set $q $1;
> >         rewrite ^/j /cms/q-$q.html? permanent;
> >       }
> >
> > Now if I enter the http://localhost/j?q=c%2B%2B then NGINX will redirect
> > me to http://localhost/cms/q-c++.html . I was expected that the final
> > url would be http://localhost/cms/q-%2B%2B.html. Is there a way to
> > prevent this from happening? Thanks.
>
> It had been implemented long ago in 0.3.10:
>
>    *) Bugfix: the "rewrite" directive did not unescape URI part in
>       redirect, now it is unescaped except the %00-%25 and %7F-%FF
>       characters.
>
> Why do you need "c%2B%2B" in URL ? "c++" is valid unambiguous URL part.
>
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090723/07ee0d8a/attachment.html>

From nginx.mailinglist at xinio.info  Thu Jul 23 15:29:01 2009
From: nginx.mailinglist at xinio.info (nginx.mailinglist)
Date: Thu, 23 Jul 2009 12:29:01 +0100
Subject: authentication being passed to php
In-Reply-To: <b8592ed80907230413i218b88a3l460783d5e1921058@mail.gmail.com>
References: <807a83ca0907230250j504360c7tab4b053a22ae8fb6@mail.gmail.com>
	 <20090723095218.GJ67525@rambler-co.ru>
	 <807a83ca0907230322r1cfd9eado247a18bdfbfbc7c1@mail.gmail.com>
	 <20090723104315.GK67525@rambler-co.ru>
	 <b8592ed80907230413i218b88a3l460783d5e1921058@mail.gmail.com>
Message-ID: <807a83ca0907230429s484007b8r371d5b802b4eaeef@mail.gmail.com>

Hmm
sorry for mix up i think i confused myself

whatever happened i now get the following entries in my php's $_SERVER


[HTTP_AUTHORIZATION] => Basic dGVzdDEyMzphYmM1Njc=
[PHP_AUTH_USER] => test123
[PHP_AUTH_PW] => abc567


which is exactly what i wanted, i can take the above values now and perfrom
authentication against the database

sorry for all the confusion
i dont think this was an issue at all in first place
just my tests were wrong

thanks for the prompt help



On Thu, Jul 23, 2009 at 12:13 PM, Istv?n <leccine at gmail.com> wrote:

> he is mixing up two different things
>
> http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
>
> 14.8 Authorization
>
>       A user agent that wishes to authenticate itself with a server--
>       usually, but not necessarily, after receiving a 401 response--does
>       so by including an Authorization request-header field with the
>
>       request.  The Authorization field value consists of credentials
>       containing the authentication information of the user agent for
>       the realm of the resource being requested.
>
>           Authorization  = "Authorization" ":" credentials
>
>       HTTP access authentication is described in "HTTP Authentication:
>       Basic and Digest Access Authentication" [43] <http://www.w3.org/Protocols/rfc2616/rfc2616-sec17.html#bib43>. If a request is
>
>       authenticated and a realm specified, the same credentials SHOULD
>       be valid for all other requests within this realm (assuming that
>       the authentication scheme itself does not require otherwise, such
>
>       as credentials that vary according to a challenge value or using
>       synchronized clocks).
>
>       When a shared cache (see section 13.7) receives a request
>       containing an Authorization field, it MUST NOT return the
>       corresponding response as a reply to any other request, unless one
>       of the following specific exceptions holds:
>
>       1. If the response includes the "s-maxage" cache-control
>          directive, the cache MAY use that response in replying to a
>          subsequent request. But (if the specified maximum age has
>
>          passed) a proxy cache MUST first revalidate it with the origin
>          server, using the request-headers from the new request to allow
>          the origin server to authenticate the new request. (This is the
>
>          defined behavior for s-maxage.) If the response includes "s-
>          maxage=0", the proxy MUST always revalidate it before re-using
>          it.
>
>       2. If the response includes the "must-revalidate" cache-control
>          directive, the cache MAY use that response in replying to a
>          subsequent request. But if the response is stale, all caches
>
>          MUST first revalidate it with the origin server, using the
>          request-headers from the new request to allow the origin server
>          to authenticate the new request.
>
>       3. If the response includes the "public" cache-control directive,
>          it MAY be returned in reply to any subsequent request.
>
>
>
> 2009/7/23 Igor Sysoev <is at rambler-co.ru>
>
>> On Thu, Jul 23, 2009 at 11:22:19AM +0100, nginx.mailinglist wrote:
>>
>> > Thank you
>> > I see that works fine for that particular user:pass combo
>> >
>> > but (sorry to be a pain)
>> >
>> > that means i have to encode the user:pass combination into the config
>> file
>> >
>> > what happens if there are thousands of user:pass combinations?
>> >
>> > how can this info be dynamically passed to the php backend for
>> > authentication to occur there (by looking up in a database for example)?
>> >
>> > i cant be updating the config file everytime a new user is added that
>> can be
>> > crazy especially if there are thousands or more users
>> >
>> > Regards
>> >
>> > edit: i google and found this old email conversation on nginx
>> mailinglist
>> >
>> http://markmail.org/message/tl7h2fclizgptwnr#query:NGINX%20PHP%20AUTHENTICATION+page:1+mid:f3xw2gjllat6urff+state:results
>>
>> I do not understand your problem.
>> nginx passes client's user:pass in Authorization header transparently.
>>
>> > 2009/7/23 Igor Sysoev <is at rambler-co.ru>
>> >
>> > > On Thu, Jul 23, 2009 at 10:50:12AM +0100, nginx.mailinglist wrote:
>> > >
>> > > > Hello
>> > > > just a quick question
>> > > >
>> > > > in lighttpd i was able to pass the username and pass from the url to
>> php
>> > > > backend
>> > > >
>> > > > but nothing happens in nginx?
>> > > >
>> > > > let me explain
>> > > >
>> > > >
>> > > > lets say you have a URL like this
>> > > >
>> > > > http://userX:passY at example.com/bleh.php
>> > > >
>> > > >
>> > > > i expect my php backend to have user and pass entries in the
>> $_SERVER
>> > > > variable as happens with lighttpd
>> > > >
>> > > > am i missing something with nginx? is it even possible?
>> > >
>> > > $echo userX:passY | perl -MMIME::Base64 -lne 'print encode_base64 $_'
>> > > dXNlclg6cGFzc1k=
>> > >
>> > >      proxy_pass http://example.com/bleh.php;
>> > >      proxy_set_header  Authorization "Basic dXNlclg6cGFzc1k=";
>> > >
>> > >
>> > > --
>> > > Igor Sysoev
>> > > http://sysoev.ru/en/
>> > >
>> > >
>>
>> --
>> Igor Sysoev
>> http://sysoev.ru/en/
>>
>>
>
>
> --
> the sun shines for all
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090723/29c1afb2/attachment.html>

From brice+nginx at daysofwonder.com  Thu Jul 23 15:33:17 2009
From: brice+nginx at daysofwonder.com (Brice Figureau)
Date: Thu, 23 Jul 2009 13:33:17 +0200
Subject: New SSL features for Nginx.
In-Reply-To: <20090723075710.GE67525@rambler-co.ru>
References: <4A66029D.8000705@daysofwonder.com>
	 <20090722084422.GH36608@rambler-co.ru>
	 <1248258083.21421.13.camel@arsenic.daysofwonder.com>
	 <20090722121619.GO36608@rambler-co.ru> <4A674A67.1090800@daysofwonder.com>
	 <20090723075710.GE67525@rambler-co.ru>
Message-ID: <1248348797.1340.17.camel@arsenic.daysofwonder.com>

On Thu, 2009-07-23 at 11:57 +0400, Igor Sysoev wrote:
> On Wed, Jul 22, 2009 at 07:20:39PM +0200, Brice Figureau wrote:
> 
> > >>Thanks for reviewing the patch (at least the first one could be merged,
> > >>isn't it?).
> > >
> > >Probabaly, I will commit the patches in next 0.8.7.
> > 
> > Will you merge the CRL one (feel free to rewrite it if you prefer), too ?
> 
> Could you test the attached patch ?

It works fine, all my CRL tests are passing.

Thanks!
-- 
Brice Figureau
My Blog: http://www.masterzen.fr/





From merlincorey at dc949.org  Thu Jul 23 15:42:22 2009
From: merlincorey at dc949.org (merlin corey)
Date: Thu, 23 Jul 2009 04:42:22 -0700
Subject: nginx stats
In-Reply-To: <20090721100400.20855.qmail@oak.oeko.net>
References: <0790e45f1193ac6336ee6f65b06505ed.NginxMailingList@forum.nginx.org>
	 <87skguw6u6.wl%catap@catap.ru>
	 <20090721100400.20855.qmail@oak.oeko.net>
Message-ID: <e0af94b80907230442y32e8cca7s60ee8a985e9e5975@mail.gmail.com>

Toni,

http://translate.google.com/translate?hl=en&ie=UTF-8&sl=ru&tl=en&u=http://catap.ru/nginx-catap/&prev=_t

"My Fork web-server nginx. ??????? ????????? ??? ??????? -- ?????
????????????? ???? ?? ???????? ??? ????? ? ???????? ????? ? ???
???????? ? ?????? ?? ??? ??????, ??? ????????? ??????. The reason for
the appearance of its simple - the author of the original code does
not include my patches in the main branch, and for convenience I have
collected them all together as a separate project."

-- Merlin

On 7/21/09, Toni Mueller <support-nginx at oeko.net> wrote:
>
> Hi,
>
> On Sat, 18.07.2009 at 15:47:45 +0400, Kirill A. Korinskiy
> <catap+nginx at catap.ru> wrote:
>> or just using my fork of nginx:
>> http://catap.ru/nginx-catap/
>
> this stuck into my eye. Why did you fork nginx, please?
>
>
> Kind regards,
> --Toni++
>
>




From merlincorey at dc949.org  Thu Jul 23 15:57:00 2009
From: merlincorey at dc949.org (merlin corey)
Date: Thu, 23 Jul 2009 04:57:00 -0700
Subject: FastCGI application not receiving multi-part data
In-Reply-To: <9edec3fa754124c3560627e3259ab1f1.NginxMailingList@forum.nginx.org>
References: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
	 <2c9caf58a2a2059fef2afbadaffac888.NginxMailingList@forum.nginx.org>
	 <20090721082100.16512.qmail@forum.nginx.org>
	 <9edec3fa754124c3560627e3259ab1f1.NginxMailingList@forum.nginx.org>
Message-ID: <e0af94b80907230457p374fd046m84ca9b7e1dd26d15@mail.gmail.com>

Gerry,

Sounds like you want to make use of the upstream module (
http://wiki.nginx.org/NginxHttpUpstreamModule ); something like this
should work:

upstream supercpp {
  server   backend1.example.com    weight=5;
  server   127.0.0.1:8080          max_fails=3  fail_timeout=30s;
  server   unix:/tmp/backend3;
}

Substituing of course your backends and weight settings (if
necessary).  Minimal for you might be like:

upstream supercpp {
  server unix:/tmp/back0;
  server unix:/tmp/back1;
  ...
}

Then later, when you need to pass off to it, you simply refer to the
upstream group by name like so:

fastcgi_pass supercpp;

Thanks,
Merlin

On 7/21/09, gerryw <nginx-forum at nginx.us> wrote:
> Hello All,
>
> I have finally figured out what the problem was. For some reason when the
> local unix: socket was created there was an OS issue that was corrupting the
> data that nginx was writing to the socket. The problem was solved by
> specifyng an alternate location for the file. I am very happy to find that
> this was not an nginx issue, because I really wanted to use it.
>
> I do have one other question though. I'm trying to find some docs that talk
> about multiple fcgi application instances and how nginx balances requests
> between them. Does anyone know where I could find some info on this?
>
> BTW: My fcgi application is written in C++ using the fcgi library. I am also
> making use of the upload module.
>
> Thanks,
> Gerry
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4091,4297#msg-4297
>
>
>




From leccine at gmail.com  Thu Jul 23 16:01:49 2009
From: leccine at gmail.com (=?ISO-8859-1?B?SXN0duFu?=)
Date: Thu, 23 Jul 2009 05:01:49 -0700
Subject: authentication being passed to php
In-Reply-To: <807a83ca0907230429s484007b8r371d5b802b4eaeef@mail.gmail.com>
References: <807a83ca0907230250j504360c7tab4b053a22ae8fb6@mail.gmail.com>
	 <20090723095218.GJ67525@rambler-co.ru>
	 <807a83ca0907230322r1cfd9eado247a18bdfbfbc7c1@mail.gmail.com>
	 <20090723104315.GK67525@rambler-co.ru>
	 <b8592ed80907230413i218b88a3l460783d5e1921058@mail.gmail.com>
	 <807a83ca0907230429s484007b8r371d5b802b4eaeef@mail.gmail.com>
Message-ID: <b8592ed80907230501n7568ae54xe27189c9a89ce1fd@mail.gmail.com>

no worries

;)

On Thu, Jul 23, 2009 at 4:29 AM, nginx.mailinglist <
nginx.mailinglist at xinio.info> wrote:

> Hmm
> sorry for mix up i think i confused myself
>
> whatever happened i now get the following entries in my php's $_SERVER
>
>
> [HTTP_AUTHORIZATION] => Basic dGVzdDEyMzphYmM1Njc=
> [PHP_AUTH_USER] => test123
> [PHP_AUTH_PW] => abc567
>
>
> which is exactly what i wanted, i can take the above values now and perfrom
> authentication against the database
>
> sorry for all the confusion
> i dont think this was an issue at all in first place
> just my tests were wrong
>
> thanks for the prompt help
>
>
>
> On Thu, Jul 23, 2009 at 12:13 PM, Istv?n <leccine at gmail.com> wrote:
>
>> he is mixing up two different things
>>
>> http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
>>
>> 14.8 Authorization
>>
>>       A user agent that wishes to authenticate itself with a server--
>>       usually, but not necessarily, after receiving a 401 response--does
>>       so by including an Authorization request-header field with the
>>
>>
>>       request.  The Authorization field value consists of credentials
>>       containing the authentication information of the user agent for
>>       the realm of the resource being requested.
>>
>>           Authorization  = "Authorization" ":" credentials
>>
>>       HTTP access authentication is described in "HTTP Authentication:
>>       Basic and Digest Access Authentication" [43] <http://www.w3.org/Protocols/rfc2616/rfc2616-sec17.html#bib43>. If a request is
>>
>>
>>       authenticated and a realm specified, the same credentials SHOULD
>>       be valid for all other requests within this realm (assuming that
>>       the authentication scheme itself does not require otherwise, such
>>
>>
>>       as credentials that vary according to a challenge value or using
>>       synchronized clocks).
>>
>>       When a shared cache (see section 13.7) receives a request
>>       containing an Authorization field, it MUST NOT return the
>>       corresponding response as a reply to any other request, unless one
>>       of the following specific exceptions holds:
>>
>>        1. If the response includes the "s-maxage" cache-control
>>          directive, the cache MAY use that response in replying to a
>>          subsequent request. But (if the specified maximum age has
>>
>>
>>          passed) a proxy cache MUST first revalidate it with the origin
>>          server, using the request-headers from the new request to allow
>>          the origin server to authenticate the new request. (This is the
>>
>>
>>          defined behavior for s-maxage.) If the response includes "s-
>>          maxage=0", the proxy MUST always revalidate it before re-using
>>          it.
>>
>>       2. If the response includes the "must-revalidate" cache-control
>>          directive, the cache MAY use that response in replying to a
>>          subsequent request. But if the response is stale, all caches
>>
>>
>>          MUST first revalidate it with the origin server, using the
>>          request-headers from the new request to allow the origin server
>>          to authenticate the new request.
>>
>>       3. If the response includes the "public" cache-control directive,
>>          it MAY be returned in reply to any subsequent request.
>>
>>
>>
>> 2009/7/23 Igor Sysoev <is at rambler-co.ru>
>>
>>> On Thu, Jul 23, 2009 at 11:22:19AM +0100, nginx.mailinglist wrote:
>>>
>>> > Thank you
>>> > I see that works fine for that particular user:pass combo
>>> >
>>> > but (sorry to be a pain)
>>> >
>>> > that means i have to encode the user:pass combination into the config
>>> file
>>> >
>>> > what happens if there are thousands of user:pass combinations?
>>> >
>>> > how can this info be dynamically passed to the php backend for
>>> > authentication to occur there (by looking up in a database for
>>> example)?
>>> >
>>> > i cant be updating the config file everytime a new user is added that
>>> can be
>>> > crazy especially if there are thousands or more users
>>> >
>>> > Regards
>>> >
>>> > edit: i google and found this old email conversation on nginx
>>> mailinglist
>>> >
>>> http://markmail.org/message/tl7h2fclizgptwnr#query:NGINX%20PHP%20AUTHENTICATION+page:1+mid:f3xw2gjllat6urff+state:results
>>>
>>> I do not understand your problem.
>>> nginx passes client's user:pass in Authorization header transparently.
>>>
>>> > 2009/7/23 Igor Sysoev <is at rambler-co.ru>
>>> >
>>> > > On Thu, Jul 23, 2009 at 10:50:12AM +0100, nginx.mailinglist wrote:
>>> > >
>>> > > > Hello
>>> > > > just a quick question
>>> > > >
>>> > > > in lighttpd i was able to pass the username and pass from the url
>>> to php
>>> > > > backend
>>> > > >
>>> > > > but nothing happens in nginx?
>>> > > >
>>> > > > let me explain
>>> > > >
>>> > > >
>>> > > > lets say you have a URL like this
>>> > > >
>>> > > > http://userX:passY at example.com/bleh.php
>>> > > >
>>> > > >
>>> > > > i expect my php backend to have user and pass entries in the
>>> $_SERVER
>>> > > > variable as happens with lighttpd
>>> > > >
>>> > > > am i missing something with nginx? is it even possible?
>>> > >
>>> > > $echo userX:passY | perl -MMIME::Base64 -lne 'print encode_base64 $_'
>>> > > dXNlclg6cGFzc1k=
>>> > >
>>> > >      proxy_pass http://example.com/bleh.php;
>>> > >      proxy_set_header  Authorization "Basic dXNlclg6cGFzc1k=";
>>> > >
>>> > >
>>> > > --
>>> > > Igor Sysoev
>>> > > http://sysoev.ru/en/
>>> > >
>>> > >
>>>
>>> --
>>> Igor Sysoev
>>> http://sysoev.ru/en/
>>>
>>>
>>
>>
>> --
>> the sun shines for all
>>
>
>


-- 
the sun shines for all
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090723/c60ea928/attachment.html>

From merlincorey at dc949.org  Thu Jul 23 16:12:17 2009
From: merlincorey at dc949.org (merlin corey)
Date: Thu, 23 Jul 2009 05:12:17 -0700
Subject: fail over
In-Reply-To: <20090722072326.GB36608@rambler-co.ru>
References: <ae6558e6af2513eec7ce036dd0a68b13.NginxMailingList@forum.nginx.org>
	 <20090722072326.GB36608@rambler-co.ru>
Message-ID: <e0af94b80907230512m5dd6180fw16ceaac059dd354f@mail.gmail.com>

You can use any kind of load balancer, hardware or software based,
including free ones like HAProxy to accomplish this task that is
rightly not NginX's

On 7/22/09, Igor Sysoev <is at rambler-co.ru> wrote:
> On Tue, Jul 21, 2009 at 11:55:27AM -0400, vburshteyn wrote:
>
>> Hi, folks, i am back with more info requests.
>>
>> Does anybody have NGINX in fail over mode?  in case if one server fails
>> then the other one will take over.  I know there are tons of tools to
>> monitor for hardware failure, but i was just curious if anybody has
>> something to monitor software level.
>
> nginx supports fail over for upstreams, but if you mean fail over between
> two or more peer nginxes, then it is not supported. This is actually not
> nginx's task at all.
>
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
>




From merlincorey at dc949.org  Thu Jul 23 16:15:17 2009
From: merlincorey at dc949.org (merlin corey)
Date: Thu, 23 Jul 2009 05:15:17 -0700
Subject: fail over
In-Reply-To: <e0af94b80907230512m5dd6180fw16ceaac059dd354f@mail.gmail.com>
References: <ae6558e6af2513eec7ce036dd0a68b13.NginxMailingList@forum.nginx.org>
	 <20090722072326.GB36608@rambler-co.ru>
	 <e0af94b80907230512m5dd6180fw16ceaac059dd354f@mail.gmail.com>
Message-ID: <e0af94b80907230515q64bed70et717dfb95a01f8ec8@mail.gmail.com>

Also, there are various tools for redundancy among the OS platforms in
case you want true failover and not to ever pass to backup unless main
is down.  These tools may include but not necessarily be limited to
things like CARP in BSD, heartbeat, the previously mentioned
keepalived, etc.

Apologies for double short posts, but I am on my way to bed :).

On 7/23/09, merlin corey <merlincorey at dc949.org> wrote:
> You can use any kind of load balancer, hardware or software based,
> including free ones like HAProxy to accomplish this task that is
> rightly not NginX's
>
> On 7/22/09, Igor Sysoev <is at rambler-co.ru> wrote:
>> On Tue, Jul 21, 2009 at 11:55:27AM -0400, vburshteyn wrote:
>>
>>> Hi, folks, i am back with more info requests.
>>>
>>> Does anybody have NGINX in fail over mode?  in case if one server fails
>>> then the other one will take over.  I know there are tons of tools to
>>> monitor for hardware failure, but i was just curious if anybody has
>>> something to monitor software level.
>>
>> nginx supports fail over for upstreams, but if you mean fail over between
>> two or more peer nginxes, then it is not supported. This is actually not
>> nginx's task at all.
>>
>>
>> --
>> Igor Sysoev
>> http://sysoev.ru/en/
>>
>>
>




From mjaw at ikp.pl  Thu Jul 23 16:52:05 2009
From: mjaw at ikp.pl (=?UTF-8?Q?Miros=C5=82aw?= Jaworski)
Date: Thu, 23 Jul 2009 14:52:05 +0200
Subject: Can't make nginx to cache
In-Reply-To: <932ea6c90907211229v67fec193w5f08395a5c249ccc@mail.gmail.com>
References: <1248188635.4076.211.camel@mjaw-laptop>
	 <932ea6c90907211229v67fec193w5f08395a5c249ccc@mail.gmail.com>
Message-ID: <1248353525.4660.135.camel@mjaw-laptop>

On Tue, 2009-07-21 at 12:29 -0700, Gabriel Ramuglia wrote:
> Edit your php script to send caching headers
> 
> "X-Powered-By: PHP/5.2.6-2ubuntu4.2"
> 
> PHP by default does not send headers that would cause a browser or
> cache to decide that a result was cachable. This makes sense, as php
> is a dynamic language and the same url could return something
> dramatically different every time.

I find this explanation very unlikely:
- nginx source doesn't show any dependence on (not) caching based on
  X-Powered-By header
- nginx can ignore caching-specific headers ( proxy_ignore_headers ),
  X-Powered-By is not on the list
- it doesn't cache static files too:

Direct connect to backend:

$ telnet 192.168.10.18 80
Trying 192.168.10.18...
Connected to 192.168.10.18.
Escape character is '^]'.
GET /test.html HTTP/1.1
Host: www.xyz.pl

HTTP/1.1 200 OK
Date: Thu, 23 Jul 2009 11:52:23 GMT
Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-2ubuntu4.2 with Suhosin-Patch
mod_ssl/2.2.9 OpenSSL/0.9.8g
Last-Modified: Thu, 23 Jul 2009 11:52:10 GMT
ETag: "cca18-5-46f5e1e220e80"
Accept-Ranges: bytes
Content-Length: 5
Vary: Accept-Encoding
Content-Type: text/html

test
Connection closed by foreign host.


Connect to frontend ( nginx ):
$ telnet A.B.C.D 80
Trying A.B.C.D...
Connected to A.B.C.D.
Escape character is '^]'.
GET /test.html HTTP/1.1
Host: www.xyz.pl

HTTP/1.1 200 OK
Server: nginx
Date: Thu, 23 Jul 2009 11:55:00 GMT
Content-Type: text/html
Connection: keep-alive
Last-Modified: Thu, 23 Jul 2009 11:52:10 GMT
ETag: "cca18-5-46f5e1e220e80"
Accept-Ranges: bytes
Content-Length: 5
Vary: Accept-Encoding

test
Connection closed by foreign host.

  Cache is still empty.

- last but not least, my initial post didn't come from some single
  object testing, it's a tiny part of broader picture, which is:
  - old environment
    - squid as caching reverse proxy, lots of caching ( without it old
      environment would be dead due to lack of backends capacity )
    - some virtual machines ( backends ) with numerous web services
      with tens of thousands documents, including thousands of static
      files ( graphics css js ) with noticeable traffic ( billions 
      visits per month )
  - new environment
    - nginx as caching(?) reverse proxy
    - 1:1 copy of all virtual machines from 'old environment'
  - new environment receives production traffic for couple days already
  - anytime i check it, nginx cache has _zero_ objects inside ( there's
    not even one nested directory inside cache path it should create )

Therefore i believe i lack something to effectively turn the caching on.

Regards

MJ

-- 
Miros?aw "Psyborg" Jaworski
GCS/IT d- s+:+ a C++$ UBI++++$ P+++$ L- E--- W++(+++)$ N++ o+ K- w-- O-
M- V- PS+ PE++ Y+ PGP t 5? X+ R++ !tv b++(+++) DI++ D+ G e* h++ r+++ y?
            "Experience is a good school, but the fees are high."





From catap+nginx at catap.ru  Thu Jul 23 17:09:57 2009
From: catap+nginx at catap.ru (Kirill A. Korinskiy)
Date: Thu, 23 Jul 2009 17:09:57 +0400
Subject: nginx stats
In-Reply-To: <e0af94b80907230442y32e8cca7s60ee8a985e9e5975@mail.gmail.com>
References: <0790e45f1193ac6336ee6f65b06505ed.NginxMailingList@forum.nginx.org>
	<87skguw6u6.wl%catap@catap.ru>
	<20090721100400.20855.qmail@oak.oeko.net>
	<e0af94b80907230442y32e8cca7s60ee8a985e9e5975@mail.gmail.com>
Message-ID: <87k51zv93u.wl%catap@catap.ru>

At Thu, 23 Jul 2009 04:42:22 -0700,
merlin corey <merlincorey at dc949.org> wrote:
> 
> Toni,
> 
> http://translate.google.com/translate?hl=en&ie=UTF-8&sl=ru&tl=en&u=http://catap.ru/nginx-catap/&prev=_t
> 
> "My Fork web-server nginx. ??????? ????????? ??? ??????? -- ?????
> ????????????? ???? ?? ???????? ??? ????? ? ???????? ????? ? ???
> ???????? ? ?????? ?? ??? ??????, ??? ????????? ??????. The reason for
> the appearance of its simple - the author of the original code does
> not include my patches in the main branch, and for convenience I have
> collected them all together as a separate project."
> 

it's work for me! :) Try again now :)

-- 
wbr, Kirill




From mdounin at mdounin.ru  Thu Jul 23 17:15:47 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 23 Jul 2009 17:15:47 +0400
Subject: Can't make nginx to cache
In-Reply-To: <1248353525.4660.135.camel@mjaw-laptop>
References: <1248188635.4076.211.camel@mjaw-laptop> <932ea6c90907211229v67fec193w5f08395a5c249ccc@mail.gmail.com> <1248353525.4660.135.camel@mjaw-laptop>
Message-ID: <20090723131547.GQ1240@mdounin.ru>

Hello!

On Thu, Jul 23, 2009 at 02:52:05PM +0200, Miros?aw Jaworski wrote:

[...]

> Direct connect to backend:
> 
> $ telnet 192.168.10.18 80
> Trying 192.168.10.18...
> Connected to 192.168.10.18.
> Escape character is '^]'.
> GET /test.html HTTP/1.1
> Host: www.xyz.pl
> 
> HTTP/1.1 200 OK
> Date: Thu, 23 Jul 2009 11:52:23 GMT
> Server: Apache/2.2.9 (Ubuntu) PHP/5.2.6-2ubuntu4.2 with Suhosin-Patch
> mod_ssl/2.2.9 OpenSSL/0.9.8g
> Last-Modified: Thu, 23 Jul 2009 11:52:10 GMT
> ETag: "cca18-5-46f5e1e220e80"
> Accept-Ranges: bytes
> Content-Length: 5
> Vary: Accept-Encoding
> Content-Type: text/html

[...]

There is no cache control headers in backend reply (Expires, 
Cache-Control, X-Accel-Expires), so you have to explicitly specify 
time to cache various replies via proxy_cache_valid directive.

See http://wiki.nginx.org/NginxHttpProxyModule#proxy_cache_valid  
for details.

Maxim Dounin




From nginx-forum at nginx.us  Thu Jul 23 19:03:32 2009
From: nginx-forum at nginx.us (meal)
Date: Thu, 23 Jul 2009 11:03:32 -0400
Subject: another rewrite problem
Message-ID: <6cd863d51963516d30b417c3f3f31da5.NginxMailingList@forum.nginx.org>

I've got address like http://profil.domain.tld/profil,ID,username.html  

And  rewrite rule like this:

rewrite ^/profil,([0-9]+)(,.*).html$ /profil.html?aId=showuser&uId=$1 last;

Ofc, I've enabled  debug log to see what location it use, and it's using ~ \.html$ (which are FastCGI parsed php files).

The problem is, that it is looking for file profil,any_number,username.html  in root directory.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4391,4391#msg-4391





From theglobeisnowdigital at gmail.com  Thu Jul 23 20:50:02 2009
From: theglobeisnowdigital at gmail.com (Magdalena)
Date: Thu, 23 Jul 2009 09:50:02 -0700
Subject: HTTP_RANGE field, has anyone used it successfully? Just need a yes or 
	no.
Message-ID: <432c29390907230950g9b6f655i5907a097d423df99@mail.gmail.com>

Has anyone used the fastcgi to get the "range" header field from the http? I
believe there is a bug associated with it.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090723/24bc34c0/attachment.html>

From mike503 at gmail.com  Thu Jul 23 22:24:19 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Thu, 23 Jul 2009 11:24:19 -0700
Subject: HTTP_RANGE field, has anyone used it successfully? Just need a 
	yes or no.
In-Reply-To: <432c29390907230950g9b6f655i5907a097d423df99@mail.gmail.com>
References: <432c29390907230950g9b6f655i5907a097d423df99@mail.gmail.com>
Message-ID: <bd9320b30907231124i59bb878bxf713dba8eb0ace8b@mail.gmail.com>

i get these in PHP just fine, it seems to work okay.

$_SERVER['HTTP_CONTENT_RANGE']
$_SERVER['HTTP_CONTENT_DISPOSITION']


On Thu, Jul 23, 2009 at 9:50 AM,
Magdalena<theglobeisnowdigital at gmail.com> wrote:
> Has anyone used the fastcgi to get the "range" header field from the http? I
> believe there is a bug associated with it.
>




From marcin.operacz at comtica.pl  Thu Jul 23 23:17:00 2009
From: marcin.operacz at comtica.pl (Marcin Operacz)
Date: Thu, 23 Jul 2009 21:17:00 +0200
Subject: server side include, UTF-8 problem
Message-ID: <07265522-5BAF-48C4-A746-3C420F54C2CF@comtica.pl>

Hello,

We have some problems with server side including of UTF-8 files, can  
you please confirm that this is impossible to make nginx include UTF-8  
text files (the ones that have 'ef bb bf' on the first 3 chars of the  
file)? If this is possible please give me some advice on what should I  
look to make this work.

Regards,

-- 
Marcin





From marcin.operacz at gmail.com  Thu Jul 23 23:14:18 2009
From: marcin.operacz at gmail.com (Marcin Operacz)
Date: Thu, 23 Jul 2009 21:14:18 +0200
Subject: server side include, UTF-8 problem
Message-ID: <FB787F40-6246-4025-93AC-1E40EBC64141@gmail.com>

Hello,

We have some problems with server side including of UTF-8 files, can  
you please confirm that this is impossible to make nginx include UTF-8  
text files (the ones that have 'ef bb bf' on the first 3 chars of the  
file)? If this is possible please give me some advice on what should I  
look to make this work.

Regards,

Marcin




From mike503 at gmail.com  Thu Jul 23 23:27:42 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Thu, 23 Jul 2009 12:27:42 -0700
Subject: server side include, UTF-8 problem
In-Reply-To: <FB787F40-6246-4025-93AC-1E40EBC64141@gmail.com>
References: <FB787F40-6246-4025-93AC-1E40EBC64141@gmail.com>
Message-ID: <bd9320b30907231227q395e7c75hfacc9e06315d48e@mail.gmail.com>

i think that 3 char signature is considered the "utf8 BOM"

On Thu, Jul 23, 2009 at 12:14 PM, Marcin
Operacz<marcin.operacz at gmail.com> wrote:
> Hello,
>
> We have some problems with server side including of UTF-8 files, can you
> please confirm that this is impossible to make nginx include UTF-8 text
> files (the ones that have 'ef bb bf' on the first 3 chars of the file)? If
> this is possible please give me some advice on what should I look to make
> this work.
>
> Regards,
>
> Marcin
>
>




From cliff at develix.com  Thu Jul 23 23:38:33 2009
From: cliff at develix.com (Cliff Wells)
Date: Thu, 23 Jul 2009 12:38:33 -0700
Subject: server side include, UTF-8 problem
In-Reply-To: <FB787F40-6246-4025-93AC-1E40EBC64141@gmail.com>
References: <FB787F40-6246-4025-93AC-1E40EBC64141@gmail.com>
Message-ID: <1248377913.23748.12.camel@portable-evil>

On Thu, 2009-07-23 at 21:14 +0200, Marcin Operacz wrote:
> Hello,
> 
> We have some problems with server side including of UTF-8 files, can  
> you please confirm that this is impossible to make nginx include UTF-8  
> text files (the ones that have 'ef bb bf' on the first 3 chars of the  
> file)?

Just for clarification, that's known as a BOM (byte order mark).   It's
(sometimes) allowed but definitely not needed for UTF-8, and as noted
below, can cause issues for some software:

http://unicode.org/faq/utf_bom.html#bom5

>  If this is possible please give me some advice on what should I  
> look to make this work.

No idea if it is expected to work in Nginx or not.  Perhaps the easiest
solution would be to edit the files in something that doesn't generate
the BOM.

Regards,
Cliff

-- 
http://www.google.com/search?q=vonage+sucks





From mdounin at mdounin.ru  Thu Jul 23 23:48:47 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 23 Jul 2009 23:48:47 +0400
Subject: server side include, UTF-8 problem
In-Reply-To: <FB787F40-6246-4025-93AC-1E40EBC64141@gmail.com>
References: <FB787F40-6246-4025-93AC-1E40EBC64141@gmail.com>
Message-ID: <20090723194846.GW1240@mdounin.ru>

Hello!

On Thu, Jul 23, 2009 at 09:14:18PM +0200, Marcin Operacz wrote:

> Hello,
>
> We have some problems with server side including of UTF-8 files, can you 
> please confirm that this is impossible to make nginx include UTF-8 text 
> files (the ones that have 'ef bb bf' on the first 3 chars of the file)? 
> If this is possible please give me some advice on what should I look to 
> make this work.

nginx is 8-bit clean and doesn't care what you include.  It can 
happily include even binary files.

I guess your problem is that something after nginx isn't happy 
with utf-8 bom in the middle of the text.  Not sure if it's 
allowed according to utf-8 spec, but anyway it doesn't looks like 
nginx problem for me.

Maxim Dounin




From nginx-forum at nginx.us  Fri Jul 24 00:24:50 2009
From: nginx-forum at nginx.us (gerryw)
Date: Thu, 23 Jul 2009 16:24:50 -0400
Subject: FastCGI application not receiving multi-part data
In-Reply-To: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
References: <6474272efa8edf4f503a18f5fe75a2cf.NginxMailingList@forum.nginx.org>
Message-ID: <c4c1b05a847a4fbd19067386710efe55.NginxMailingList@forum.nginx.org>

Hi,

Merlin:
> Sounds like you want to make use of the upstream module...

Thanks! This is exactly what I was looking for.


Thanks,
Gerry

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4091,4400#msg-4400





From nginx-forum at nginx.us  Fri Jul 24 02:47:34 2009
From: nginx-forum at nginx.us (meto)
Date: Thu, 23 Jul 2009 18:47:34 -0400
Subject: Keeping up-to-date with nginx in Ubuntu
In-Reply-To: <20090722085747.GK3297@forum.nginx.org>
References: <20090722085747.GK3297@forum.nginx.org>
Message-ID: <ffa897af8af85619da310c1f1897e7a7.NginxMailingList@forum.nginx.org>

You can try also my repo https://launchpad.net/~meto/+archive/nconfig/ additionally i've got PHP with PHP-FPM. In free time i'm working on PHP 5.3

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4319,4401#msg-4401





From mike503 at gmail.com  Fri Jul 24 03:11:01 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Thu, 23 Jul 2009 16:11:01 -0700
Subject: Keeping up-to-date with nginx in Ubuntu
In-Reply-To: <ffa897af8af85619da310c1f1897e7a7.NginxMailingList@forum.nginx.org>
References: <20090722085747.GK3297@forum.nginx.org>
	 <ffa897af8af85619da310c1f1897e7a7.NginxMailingList@forum.nginx.org>
Message-ID: <bd9320b30907231611m4312e878of7adf23c04b49d7a@mail.gmail.com>

There's a patch out for 5.3.

I will probably be announcing the new version oh PHP-FPM soon, been
waiting on Andrei's "okay" first in case he has some different code
he'd like to start with; but it will no longer be a patch and can work
standalone from PHP, so packaging it will be much easier :)

On Thu, Jul 23, 2009 at 3:47 PM, meto<nginx-forum at nginx.us> wrote:
> You can try also my repo https://launchpad.net/~meto/+archive/nconfig/ additionally i've got PHP with PHP-FPM. In free time i'm working on PHP 5.3
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4319,4401#msg-4401
>
>
>




From lists at ruby-forum.com  Fri Jul 24 03:22:53 2009
From: lists at ruby-forum.com (Fernando Perez)
Date: Fri, 24 Jul 2009 01:22:53 +0200
Subject: Plenty close_wait
Message-ID: <f6290602fa0b50e248f9211efb3be6d7@ruby-forum.com>

Hi,

Recently I am having a Rails app which become unresponsive after some
time. Typing $ netstat -anp shows plenty CLOSE_WAIT connections.

What's happening? Is my box hacked? Is someone trying to take it down?
Can I configure Nginx to force closing crap connections?

Thanks for your help.
-- 
Posted via http://www.ruby-forum.com/.




From lists at ruby-forum.com  Fri Jul 24 03:22:10 2009
From: lists at ruby-forum.com (Fernando Perez)
Date: Fri, 24 Jul 2009 01:22:10 +0200
Subject: Plenty close_wait in netstat -anp
Message-ID: <ce86720fbbb8eaf7476772e0a21571e0@ruby-forum.com>

Hi,

Recently I am having a Rails app which become unresponsive after some
time. Typing $ netstat -anp shows plenty CLOSE_WAIT connections.

What's happening? Is my box hacked? Is someone trying to take it down?
Can I configure Nginx to force closing crap connections?

Thanks for your help.
-- 
Posted via http://www.ruby-forum.com/.




From lists at ruby-forum.com  Fri Jul 24 03:22:28 2009
From: lists at ruby-forum.com (Fernando Perez)
Date: Fri, 24 Jul 2009 01:22:28 +0200
Subject: Plenty close_wait in netstat -anp
Message-ID: <ce86720fbbb8eaf7476772e0a21571e0@ruby-forum.com>

Hi,

Recently I am having a Rails app which become unresponsive after some
time. Typing $ netstat -anp shows plenty CLOSE_WAIT connections.

What's happening? Is my box hacked? Is someone trying to take it down?
Can I configure Nginx to force closing crap connections?

Thanks for your help.
-- 
Posted via http://www.ruby-forum.com/.




From merlincorey at dc949.org  Fri Jul 24 03:51:34 2009
From: merlincorey at dc949.org (merlin corey)
Date: Thu, 23 Jul 2009 16:51:34 -0700
Subject: Keeping up-to-date with nginx in Ubuntu
In-Reply-To: <bd9320b30907231611m4312e878of7adf23c04b49d7a@mail.gmail.com>
References: <20090722085747.GK3297@forum.nginx.org>
	 <ffa897af8af85619da310c1f1897e7a7.NginxMailingList@forum.nginx.org>
	 <bd9320b30907231611m4312e878of7adf23c04b49d7a@mail.gmail.com>
Message-ID: <e0af94b80907231651x3673ba8eh303cd6bc80a40a51@mail.gmail.com>

If you're on Debian you can try using checkinstall method:
http://www.debian-administration.org/articles/147

-- Merlin

On Thu, Jul 23, 2009 at 4:11 PM, Michael Shadle<mike503 at gmail.com> wrote:
> There's a patch out for 5.3.
>
> I will probably be announcing the new version oh PHP-FPM soon, been
> waiting on Andrei's "okay" first in case he has some different code
> he'd like to start with; but it will no longer be a patch and can work
> standalone from PHP, so packaging it will be much easier :)
>
> On Thu, Jul 23, 2009 at 3:47 PM, meto<nginx-forum at nginx.us> wrote:
>> You can try also my repo https://launchpad.net/~meto/+archive/nconfig/ additionally i've got PHP with PHP-FPM. In free time i'm working on PHP 5.3
>>
>> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4319,4401#msg-4401
>>
>>
>>
>
>




From theglobeisnowdigital at gmail.com  Fri Jul 24 04:20:27 2009
From: theglobeisnowdigital at gmail.com (Magdalena)
Date: Thu, 23 Jul 2009 17:20:27 -0700
Subject: HTTP_RANGE field, has anyone used it successfully? Just need a 
	yes or no.
In-Reply-To: <bd9320b30907231124i59bb878bxf713dba8eb0ace8b@mail.gmail.com>
References: <432c29390907230950g9b6f655i5907a097d423df99@mail.gmail.com>
	 <bd9320b30907231124i59bb878bxf713dba8eb0ace8b@mail.gmail.com>
Message-ID: <432c29390907231720k12696e82g306f03b5f859303e@mail.gmail.com>

Thanks for your feedback I've been using HTTP_RANGE and HTTP_CONTENT_RANGE
is the answer, big thanks.

On Thu, Jul 23, 2009 at 11:24 AM, Michael Shadle <mike503 at gmail.com> wrote:

> i get these in PHP just fine, it seems to work okay.
>
> $_SERVER['HTTP_CONTENT_RANGE']
> $_SERVER['HTTP_CONTENT_DISPOSITION']
>
>
> On Thu, Jul 23, 2009 at 9:50 AM,
> Magdalena<theglobeisnowdigital at gmail.com> wrote:
> > Has anyone used the fastcgi to get the "range" header field from the
> http? I
> > believe there is a bug associated with it.
> >
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090723/5d30871c/attachment.html>

From nginx-forum at nginx.us  Fri Jul 24 04:37:11 2009
From: nginx-forum at nginx.us (supergui)
Date: Thu, 23 Jul 2009 20:37:11 -0400
Subject: how to set timer?
In-Reply-To: <0e96d43ade091f18dbb98f62f9445495.NginxMailingList@forum.nginx.org>
References: <0e96d43ade091f18dbb98f62f9445495.NginxMailingList@forum.nginx.org>
Message-ID: <1d426a08aeb874bc93b7ec8132369e0f.NginxMailingList@forum.nginx.org>

////////////////////////////////////////////////////////////////////////////////////////////////////////////
static ngx_event_t gdrive_timer_wev;
static ngx_connection_t  dumb;

ngx_int_t ngx_http_gdrive_init_process(ngx_cycle_t *cycle) 
{
   ngx_log_error(NGX_LOG_DEBUG, cycle->log, 0, "set gdrive timer");
   gdrive_timer_wev.handler=test_timer;
   gdrive_timer_wev.log=cycle->log;
   gdrive_timer_wev.data=&dumb;
   dumb.fd=(ngx_socket_t)-1;
   ngx_add_timer(&gdrive_timer_wev, 5000);
   return NGX_OK;
}

static
void test_timer(ngx_event_t *wev)
{
        ngx_log_error(NGX_LOG_DEBUG, wev->log, 0, "gdrive timer out");
        //printf("print time out\n");
}
////////////////////////////////////////////////////////////////////////////////////////////////////////////


why this doesn't work?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4265,4312#msg-4312





From zhuzhaoyuan at gmail.com  Fri Jul 24 05:37:10 2009
From: zhuzhaoyuan at gmail.com (Joshua Zhu)
Date: Fri, 24 Jul 2009 09:37:10 +0800
Subject: Plenty close_wait
In-Reply-To: <f6290602fa0b50e248f9211efb3be6d7@ruby-forum.com>
References: <f6290602fa0b50e248f9211efb3be6d7@ruby-forum.com>
Message-ID: <5bf4451d0907231837g6ae27abah68a6ad87039ae8f4@mail.gmail.com>

Hi!

Were those connections opened by nginx or your own application? In
most cases, long duration of CLOSE_WAIT suggests that there might be a
bug, i.e., someone forgot to close(1) the socket after use.

P.S. You can visit
http://blog.zhuzhaoyuan.com/2009/03/a-word-on-time_wait-and-close_wait/
for more details of the CLOSE_WAIT state.

Cheers!


On Fri, Jul 24, 2009 at 7:22 AM, Fernando Perez<lists at ruby-forum.com> wrote:
> Hi,
>
> Recently I am having a Rails app which become unresponsive after some
> time. Typing $ netstat -anp shows plenty CLOSE_WAIT connections.
>
> What's happening? Is my box hacked? Is someone trying to take it down?
> Can I configure Nginx to force closing crap connections?
>
> Thanks for your help.
> --
> Posted via http://www.ruby-forum.com/.
>
>


-- 
Joshua Zhu




From nginx-forum at nginx.us  Fri Jul 24 07:08:26 2009
From: nginx-forum at nginx.us (supergui)
Date: Thu, 23 Jul 2009 23:08:26 -0400
Subject: ngx_output_http_filter problem
Message-ID: <3a45dbd99f7bbb0ccb82ec06a554b365.NginxMailingList@forum.nginx.org>

i just call ngx_output_http_filter to write my stream to the client, but i need to know exactly when and how much bytes is written to the client, and i need to record the moment, is there any method?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4415,4415#msg-4415





From zhuzhaoyuan at gmail.com  Fri Jul 24 07:23:49 2009
From: zhuzhaoyuan at gmail.com (Joshua Zhu)
Date: Fri, 24 Jul 2009 11:23:49 +0800
Subject: ngx_output_http_filter problem
In-Reply-To: <3a45dbd99f7bbb0ccb82ec06a554b365.NginxMailingList@forum.nginx.org>
References: <3a45dbd99f7bbb0ccb82ec06a554b365.NginxMailingList@forum.nginx.org>
Message-ID: <5bf4451d0907232023m2ef37406r1ccbc22757b4f7d9@mail.gmail.com>

Hi,

$bytes_sent:
r->connection->sent

$body_bytes_sent:
r->connection->sent - r->header_size


On Fri, Jul 24, 2009 at 11:08 AM, supergui<nginx-forum at nginx.us> wrote:
> i just call ngx_output_http_filter to write my stream to the client, but i need to know exactly when and how much bytes is written to the client, and i need to record the moment, is there any method?
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4415,4415#msg-4415
>
>

Regards!

-- 
Joshua Zhu




From nginx-forum at nginx.us  Fri Jul 24 10:53:39 2009
From: nginx-forum at nginx.us (supergui)
Date: Fri, 24 Jul 2009 02:53:39 -0400
Subject: how to set timer?
In-Reply-To: <0e96d43ade091f18dbb98f62f9445495.NginxMailingList@forum.nginx.org>
References: <0e96d43ade091f18dbb98f62f9445495.NginxMailingList@forum.nginx.org>
Message-ID: <9ec4e330d3e3a233253d2b650c7c378a.NginxMailingList@forum.nginx.org>

Thank your Brice Figureau, i have solved it now with your help~~

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4265,4417#msg-4417





From is at rambler-co.ru  Fri Jul 24 11:54:08 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Fri, 24 Jul 2009 11:54:08 +0400
Subject: HTTP_RANGE field, has anyone used it successfully? Just need a yes or no.
In-Reply-To: <bd9320b30907231124i59bb878bxf713dba8eb0ace8b@mail.gmail.com>
References: <432c29390907230950g9b6f655i5907a097d423df99@mail.gmail.com> <bd9320b30907231124i59bb878bxf713dba8eb0ace8b@mail.gmail.com>
Message-ID: <20090724075408.GB2643@rambler-co.ru>

On Thu, Jul 23, 2009 at 11:24:19AM -0700, Michael Shadle wrote:

> i get these in PHP just fine, it seems to work okay.
> 
> $_SERVER['HTTP_CONTENT_RANGE']
> $_SERVER['HTTP_CONTENT_DISPOSITION']

Does PHP get these values from client request ?
As far as I know, browsers do not send these headers.

> On Thu, Jul 23, 2009 at 9:50 AM,
> Magdalena<theglobeisnowdigital at gmail.com> wrote:
> > Has anyone used the fastcgi to get the "range" header field from the http? I
> > believe there is a bug associated with it.


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Fri Jul 24 13:06:57 2009
From: nginx-forum at nginx.us (climbor)
Date: Fri, 24 Jul 2009 05:06:57 -0400
Subject: why "if" can not be used within "if"?
Message-ID: <f616044785be5b67ab14fb4d4d4e8fce.NginxMailingList@forum.nginx.org>

Hello everyone,

I just noticed that "If" can only be used in very limited situations. It is far from the first impression it gave to me. So I did some code reading and found the reason. After adding NGX_HTTP_LIF_CONF flag to ngx_command_t "if", it worked. Then I can write some more complex rule set.

But I just wandering whether this could bring any consequence -- such as make nginx unstable or bring performance penalty?

Any clue will be appreciated.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4419,4419#msg-4419





From mike503 at gmail.com  Fri Jul 24 13:53:35 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Fri, 24 Jul 2009 02:53:35 -0700
Subject: HTTP_RANGE field, has anyone used it successfully? Just need a yes or no.
In-Reply-To: <20090724075408.GB2643@rambler-co.ru>
References: <432c29390907230950g9b6f655i5907a097d423df99@mail.gmail.com> <bd9320b30907231124i59bb878bxf713dba8eb0ace8b@mail.gmail.com> <20090724075408.GB2643@rambler-co.ru>
Message-ID: <E6C1A7D8-8112-4099-B5C1-DFFAD6E9CF76@gmail.com>

Sorry. I should have noted that. They come from our google gears based  
uploader which sends those headers although I believe it is standard  
headers for an app to send that should be dealing with content ranges  
and such.

Sent from my iPhone

On Jul 24, 2009, at 12:54 AM, Igor Sysoev <is at rambler-co.ru> wrote:

> On Thu, Jul 23, 2009 at 11:24:19AM -0700, Michael Shadle wrote:
>
>> i get these in PHP just fine, it seems to work okay.
>>
>> $_SERVER['HTTP_CONTENT_RANGE']
>> $_SERVER['HTTP_CONTENT_DISPOSITION']
>
> Does PHP get these values from client request ?
> As far as I know, browsers do not send these headers.
>
>> On Thu, Jul 23, 2009 at 9:50 AM,
>> Magdalena<theglobeisnowdigital at gmail.com> wrote:
>>> Has anyone used the fastcgi to get the "range" header field from  
>>> the http? I
>>> believe there is a bug associated with it.
>
>
> -- 
> Igor Sysoev
> http://sysoev.ru/en/
>




From is at rambler-co.ru  Fri Jul 24 14:51:57 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Fri, 24 Jul 2009 14:51:57 +0400
Subject: why "if" can not be used within "if"?
In-Reply-To: <f616044785be5b67ab14fb4d4d4e8fce.NginxMailingList@forum.nginx.org>
References: <f616044785be5b67ab14fb4d4d4e8fce.NginxMailingList@forum.nginx.org>
Message-ID: <20090724105157.GJ2643@rambler-co.ru>

On Fri, Jul 24, 2009 at 05:06:57AM -0400, climbor wrote:

> Hello everyone,
> 
> I just noticed that "If" can only be used in very limited situations. It is far from the first impression it gave to me. So I did some code reading and found the reason. After adding NGX_HTTP_LIF_CONF flag to ngx_command_t "if", it worked. Then I can write some more complex rule set.
> 
> But I just wandering whether this could bring any consequence -- such as make nginx unstable or bring performance penalty?
> 
> Any clue will be appreciated.

Currently "if" is ugly hack.


-- 
Igor Sysoev
http://sysoev.ru/en/




From nikon at puffy.pl  Fri Jul 24 19:02:21 2009
From: nikon at puffy.pl (Tomasz Pajor)
Date: Fri, 24 Jul 2009 17:02:21 +0200
Subject: memory corruption
Message-ID: <4A69CCFD.4060400@puffy.pl>

Hello,

I keep getting this errors in error_log.
http://puffy.pl/errorlog

my config is:
nginx 0.7.61
./configure  --add-module=../nginx-static-etags/ 
--prefix=/usr/local/nginx  --http-proxy-temp-path=/cache/proxy_tmp  
--pid-path=/var/run/nginx.pid --conf-path=/etc/nginx/nginx.conf

any idea?

--
Tomasz Pajor




From nginx-forum at nginx.us  Fri Jul 24 19:21:38 2009
From: nginx-forum at nginx.us (armiswip)
Date: Fri, 24 Jul 2009 11:21:38 -0400
Subject: How to write this rewrite???
Message-ID: <1bf9048699e22489fe64a47a07de6451.NginxMailingList@forum.nginx.org>

Hi, guys and Igor Sysoev!

This is Apache's format, how to write in nginx???  Thanks a lot.


Order allow,deny
Deny from All
Satisfy All


php_value session.use_cookies 0
php_value session.use_trans_sid 1
php_value arg_separator.output "&amp;"

php_value magic_quotes_gpc 0
php_value magic_quotes_runtime 0
php_value magic_quotes_sybase 0

php_flag register_argc_argv Off

php_flag register_globals Off

php_flag display_errors Off
php_value error_reporting 0
php_flag log_errors Off

Options -Indexes
AddDefaultCharset UTF-8
php_value default_charset UTF-8

RewriteEngine on
RewriteRule ^(*)/?$ index.php?ver=$1 
RewriteRule ^menu/(*)/([0-9]*)/(*)/(*)/?$ menu.php?ver=1$&nickname=$2&password=$3&action=$4 
RewriteRule ^go/(*)/([0-9]*)/(*)/?$ go.php?ver=$1&nickname=$2&password=$3 
RewriteRule ^kto/(*)/?$ kto.php?ver=$1 
RewriteRule ^menu/(*)/(*)/?$ menu.php?ver=$1&nocache=$2 
RewriteRule ^menu/(*)/?$ menu.php?ver=$1 
RewriteRule ^dobav/(*)/?$ dobav.php?ver=$1 
RewriteRule ^dobavst/(*)/?$ dobavst.php?ver=$1 

RewriteRule ^dobavpriv/(*)/?$ dobavpriv.php?ver=$1 

RewriteRule ^dobavs/(*)/?$ dobavs.php?ver=$1 
RewriteRule ^lichvstr/(*)/?$ lichvstr.php?ver=$1 
RewriteRule ^dobav/(*)/(*)/?$ dobav.php?ver=$1&case=$2 
RewriteRule ^dobavst/(*)/(*)/?$ dobavst.php?ver=$1&case=$2 

RewriteRule ^dobavpriv/(*)/(*)/?$ dobavpriv.php?ver=$1&case=$2 

RewriteRule ^dobavs/(*)/(*)/?$ dobavs.php?ver=$1&case=$2 
RewriteRule ^lichvstr/(*)/(*)/?$ lichvstr.php?ver=$1&case=$2 
RewriteRule ^news/(*)/(*)/?$ news.php?ver=$1&nid=$2 
RewriteRule ^obyav/(*)/(*)/?$ obyav.php?ver=$1&nid=$2 
RewriteRule ^art/(*)/(*)/?$ art.php?ver=$1&nomer=$2 
RewriteRule ^arts/(*)/(*)/?$ arts.php?ver=$1&nomer=$2 
RewriteRule ^artv/(*)/(*)/?$ artv.php?ver=$1&nomer=$2 
RewriteRule ^info/(*)/(*)/(*)/?$ info.php?uid=$1&ver=$2&act=$3 
RewriteRule ^search/(*)/(*)/?$ search.php?ref=$1&ver=$2 
RewriteRule ^vstrechi/(*)/(*)/(*)/?$ vstrechi.php?ver=$1&case=$2&nomer=$3 
RewriteRule ^gazeta/(*)/(*)/(*)/?$ gazeta.php?ver=$1&case=$2&nomer=$3 
RewriteRule ^stixi/(*)/(*)/(*)/?$ stixi.php?ver=$1&case=$2&nomer=$3 



RewriteRule ^history/(*)/(*)/(*)/?$ history.php?ver=$1&rid=$2&nocache=$3 
RewriteRule ^history/(*)/(*)/(*)/(*)/?$ history.php?ver=$1&rid=$2&s=$3&nocache=$4 
RewriteRule ^room/(*)/(*)/(*)/(*)/(*)/?$ room.php?ver=$1&rid=$2&z=$3&msg=$4&nocache=$5 
RewriteRule ^letters/(*)/(*)/?$ letters.php?ver=$1&mod=$2 
RewriteRule ^adletters/(*)/(*)/?$ adletters.php?ver=$1&mod=$2 

RewriteRule ^room/(*)/(*)/(*)/?$ room.php?ver=$1&rid=$2&nocache=$3 
RewriteRule ^add/(*)/(*)/(*)/?$ add.php?ver=$1&rid=$2&nocache=$3 
RewriteRule ^room/(*)/(*)/(*)/(*)/?$ room.php?ver=$1&rid=$2&act=$3&nocache=$4 
RewriteRule ^mroom/(*)/(*)/(*)/?$ mroom.php?ver=$1&rid=$2&nocache=$3 
RewriteRule ^intim/(*)/(*)/(*)/?$ intim.php?ver=$1&key=$2&nocache=$3 
RewriteRule ^intim/(*)/(*)/?$ intim.php?ver=$1&nocache=$2 
RewriteRule ^key/(*)/(*)/?$ key.php?ver=$1&act=invalid 
RewriteRule ^intim/(*)/(*)/(*)/?$ intim.php?ver=$1&key=$2&nocache=$3 
RewriteRule ^intim/(*)/(*)/(*)/(*)/(*)/?$ intim.php?ver=$1&key=$2&z=$3&msg=$4&nocache=$5 
RewriteRule ^ihistory/(*)/(*)/(*)/?$ ihistory.php?ver=$1&key=$2&nocache=$3 
RewriteRule ^info/(*)/(*)/(*)/(*)/?$ info.php?ver=$1&rid=$2&nocache=$3&uid=$4 
RewriteRule ^info/(*)/(*)/(*)/(*)/(*)/?$ info.php?ver=$1&rid=$2&uid=$3&nocache=$4&act=$5 
RewriteRule ^infoi/(*)/(*)/(*)/(*)/?$ infoi.php?ver=$1&key=$2&nocache=$3&uid=$4 
RewriteRule ^infoi/(*)/(*)/(*)/(*)/(*)/?$ infoi.php?ver=$1&key=$2&uid=$3&nocache=$4&act=$5 
RewriteRule ^addi/(*)/(*)/(*)/?$ addi.php?ver=$1&key=$2&nocache=$3 
RewriteRule ^fotko/(*)/(*)/?$ fotko.php?ver=$1&uid=$2 

RewriteRule ^videot/(*)/(*)/?$ videot.php?ver=$1&uid=$2 


RewriteRule ^info/(*)/(*)/?$ info.php?act=$1&site=$2 
RewriteRule ^ignor/(*)/(*)/(*)/?$ ignor.php?ver=$1&mod=$2&uid=$3 
RewriteRule ^room/(*)/(*)/(*)/(*)/?$ room.php?ver=$1&rid=$2&nocache=$3&to=$4 
RewriteRule ^rules/(*)/?$ rules.php?ver=$1 
RewriteRule ^rules/(*)/(*)/?$ rules.php?ver=$1&action=$2 
RewriteRule ^registration/(*)/(*)/?$ registration.php?ver=$1&nocache=$2 
RewriteRule ^registration/(*)/(*)/(*)/?$ registration.php?ver=$1&asp=$2&nocache=$3 
RewriteRule ^gazeta/(*)/?$ gazeta.php?ver=$1 
RewriteRule ^stixi/(*)/?$ stixi.php?ver=$1 
RewriteRule ^vstrechi/(*)/?$ vstrechi.php?ver=$1 
RewriteRule ^faq/(*)/(*)/?$ faq.php?ver=$1&mod=$2 
RewriteRule ^stats/(*)/?$ stats.php?ver=$1 
RewriteRule ^allnews/(*)/?$ allnews.php?ver=$1 
RewriteRule ^meets/(*)/?$ meets.php?ver=$1 
RewriteRule ^kabinet/(*)/?$ kabinet.php?ver=$1 
RewriteRule ^letters/(*)/?$ letters.php?ver=$1 
RewriteRule ^bank/(*)/?$ bank.php?ver=$1 
RewriteRule ^magazin/(*)/?$ magazin.php?ver=$1 
RewriteRule ^galery/(*)/(*)/?$ galery.php?ver=$1&page=$2 

RewriteRule ^videogalery/(*)/(*)/?$ videogalery.php?ver=$1&page=$2 
RewriteRule ^videogalery/(*)/?$ videogalery.php?ver=$1 

RewriteRule ^galery/(*)/?$ galery.php?ver=$1 
RewriteRule ^online/(*)/?$ online.php?ver=$1 
RewriteRule ^search/(*)/?$ search.php?ver=$1 
RewriteRule ^games/dice/(*)/?$ games/dice.php?ver=$1 
RewriteRule ^games/ugadaika/(*)/?$ games/ugadaika.php?ver=$1 
RewriteRule ^embassies/(*)/?$ embassies.php?ver=$1 
RewriteRule ^unlim/(*)/(*)/?$ unlim.php?rid=$1&ver=$2 
RewriteRule ^room/(*)/(*)/?$ room.php?rid=$1&ver=$2 
RewriteRule ^room/(*)/(*)/(*)/?$ room.php?rid=$1&ver=$2&ref=$3 
RewriteRule ^key/(*)/?$ key.php?ver=$1 
RewriteRule ^faq/(*)/?$ faq.php?ver=$1 
RewriteRule ^faq/(*)/(*)/?$ faq.php?ver=$1&mod=$1& 
RewriteRule ^(*)/(*)/?$ index.php?ver=$1&act=$2 

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4423,4423#msg-4423





From jim at ohlste.in  Fri Jul 24 20:04:53 2009
From: jim at ohlste.in (Jim Ohlstein)
Date: Fri, 24 Jul 2009 12:04:53 -0400
Subject: How to write this rewrite???
In-Reply-To: <1bf9048699e22489fe64a47a07de6451.NginxMailingList@forum.nginx.org>
References: <1bf9048699e22489fe64a47a07de6451.NginxMailingList@forum.nginx.org>
Message-ID: <4A69DBA5.3070706@ohlste.in>

armiswip wrote:
> Hi, guys and Igor Sysoev!
>
> This is Apache's format, how to write in nginx???  Thanks a lot.
>
>
> Order allow,deny
> Deny from All
> Satisfy All
>
>
> php_value session.use_cookies 0
> php_value session.use_trans_sid 1
> php_value arg_separator.output "&amp;"
>
> php_value magic_quotes_gpc 0
> php_value magic_quotes_runtime 0
> php_value magic_quotes_sybase 0
>
> php_flag register_argc_argv Off
>
> php_flag register_globals Off
>
> php_flag display_errors Off
> php_value error_reporting 0
> php_flag log_errors Off
>
> Options -Indexes
> AddDefaultCharset UTF-8
> php_value default_charset UTF-8
>
> RewriteEngine on
> RewriteRule ^(*)/?$ index.php?ver=$1 
> RewriteRule ^menu/(*)/([0-9]*)/(*)/(*)/?$ menu.php?ver=1$&nickname=$2&password=$3&action=$4 
> RewriteRule ^go/(*)/([0-9]*)/(*)/?$ go.php?ver=$1&nickname=$2&password=$3 
> RewriteRule ^kto/(*)/?$ kto.php?ver=$1 
> RewriteRule ^menu/(*)/(*)/?$ menu.php?ver=$1&nocache=$2 
> RewriteRule ^menu/(*)/?$ menu.php?ver=$1 
> RewriteRule ^dobav/(*)/?$ dobav.php?ver=$1 
> RewriteRule ^dobavst/(*)/?$ dobavst.php?ver=$1 
>
> RewriteRule ^dobavpriv/(*)/?$ dobavpriv.php?ver=$1 
>
> RewriteRule ^dobavs/(*)/?$ dobavs.php?ver=$1 
> RewriteRule ^lichvstr/(*)/?$ lichvstr.php?ver=$1 
> RewriteRule ^dobav/(*)/(*)/?$ dobav.php?ver=$1&case=$2 
> RewriteRule ^dobavst/(*)/(*)/?$ dobavst.php?ver=$1&case=$2 
>
> RewriteRule ^dobavpriv/(*)/(*)/?$ dobavpriv.php?ver=$1&case=$2 
>
> RewriteRule ^dobavs/(*)/(*)/?$ dobavs.php?ver=$1&case=$2 
> RewriteRule ^lichvstr/(*)/(*)/?$ lichvstr.php?ver=$1&case=$2 
> RewriteRule ^news/(*)/(*)/?$ news.php?ver=$1&nid=$2 
> RewriteRule ^obyav/(*)/(*)/?$ obyav.php?ver=$1&nid=$2 
> RewriteRule ^art/(*)/(*)/?$ art.php?ver=$1&nomer=$2 
> RewriteRule ^arts/(*)/(*)/?$ arts.php?ver=$1&nomer=$2 
> RewriteRule ^artv/(*)/(*)/?$ artv.php?ver=$1&nomer=$2 
> RewriteRule ^info/(*)/(*)/(*)/?$ info.php?uid=$1&ver=$2&act=$3 
> RewriteRule ^search/(*)/(*)/?$ search.php?ref=$1&ver=$2 
> RewriteRule ^vstrechi/(*)/(*)/(*)/?$ vstrechi.php?ver=$1&case=$2&nomer=$3 
> RewriteRule ^gazeta/(*)/(*)/(*)/?$ gazeta.php?ver=$1&case=$2&nomer=$3 
> RewriteRule ^stixi/(*)/(*)/(*)/?$ stixi.php?ver=$1&case=$2&nomer=$3 
>
>
>
> RewriteRule ^history/(*)/(*)/(*)/?$ history.php?ver=$1&rid=$2&nocache=$3 
> RewriteRule ^history/(*)/(*)/(*)/(*)/?$ history.php?ver=$1&rid=$2&s=$3&nocache=$4 
> RewriteRule ^room/(*)/(*)/(*)/(*)/(*)/?$ room.php?ver=$1&rid=$2&z=$3&msg=$4&nocache=$5 
> RewriteRule ^letters/(*)/(*)/?$ letters.php?ver=$1&mod=$2 
> RewriteRule ^adletters/(*)/(*)/?$ adletters.php?ver=$1&mod=$2 
>
> RewriteRule ^room/(*)/(*)/(*)/?$ room.php?ver=$1&rid=$2&nocache=$3 
> RewriteRule ^add/(*)/(*)/(*)/?$ add.php?ver=$1&rid=$2&nocache=$3 
> RewriteRule ^room/(*)/(*)/(*)/(*)/?$ room.php?ver=$1&rid=$2&act=$3&nocache=$4 
> RewriteRule ^mroom/(*)/(*)/(*)/?$ mroom.php?ver=$1&rid=$2&nocache=$3 
> RewriteRule ^intim/(*)/(*)/(*)/?$ intim.php?ver=$1&key=$2&nocache=$3 
> RewriteRule ^intim/(*)/(*)/?$ intim.php?ver=$1&nocache=$2 
> RewriteRule ^key/(*)/(*)/?$ key.php?ver=$1&act=invalid 
> RewriteRule ^intim/(*)/(*)/(*)/?$ intim.php?ver=$1&key=$2&nocache=$3 
> RewriteRule ^intim/(*)/(*)/(*)/(*)/(*)/?$ intim.php?ver=$1&key=$2&z=$3&msg=$4&nocache=$5 
> RewriteRule ^ihistory/(*)/(*)/(*)/?$ ihistory.php?ver=$1&key=$2&nocache=$3 
> RewriteRule ^info/(*)/(*)/(*)/(*)/?$ info.php?ver=$1&rid=$2&nocache=$3&uid=$4 
> RewriteRule ^info/(*)/(*)/(*)/(*)/(*)/?$ info.php?ver=$1&rid=$2&uid=$3&nocache=$4&act=$5 
> RewriteRule ^infoi/(*)/(*)/(*)/(*)/?$ infoi.php?ver=$1&key=$2&nocache=$3&uid=$4 
> RewriteRule ^infoi/(*)/(*)/(*)/(*)/(*)/?$ infoi.php?ver=$1&key=$2&uid=$3&nocache=$4&act=$5 
> RewriteRule ^addi/(*)/(*)/(*)/?$ addi.php?ver=$1&key=$2&nocache=$3 
> RewriteRule ^fotko/(*)/(*)/?$ fotko.php?ver=$1&uid=$2 
>
> RewriteRule ^videot/(*)/(*)/?$ videot.php?ver=$1&uid=$2 
>
>
> RewriteRule ^info/(*)/(*)/?$ info.php?act=$1&site=$2 
> RewriteRule ^ignor/(*)/(*)/(*)/?$ ignor.php?ver=$1&mod=$2&uid=$3 
> RewriteRule ^room/(*)/(*)/(*)/(*)/?$ room.php?ver=$1&rid=$2&nocache=$3&to=$4 
> RewriteRule ^rules/(*)/?$ rules.php?ver=$1 
> RewriteRule ^rules/(*)/(*)/?$ rules.php?ver=$1&action=$2 
> RewriteRule ^registration/(*)/(*)/?$ registration.php?ver=$1&nocache=$2 
> RewriteRule ^registration/(*)/(*)/(*)/?$ registration.php?ver=$1&asp=$2&nocache=$3 
> RewriteRule ^gazeta/(*)/?$ gazeta.php?ver=$1 
> RewriteRule ^stixi/(*)/?$ stixi.php?ver=$1 
> RewriteRule ^vstrechi/(*)/?$ vstrechi.php?ver=$1 
> RewriteRule ^faq/(*)/(*)/?$ faq.php?ver=$1&mod=$2 
> RewriteRule ^stats/(*)/?$ stats.php?ver=$1 
> RewriteRule ^allnews/(*)/?$ allnews.php?ver=$1 
> RewriteRule ^meets/(*)/?$ meets.php?ver=$1 
> RewriteRule ^kabinet/(*)/?$ kabinet.php?ver=$1 
> RewriteRule ^letters/(*)/?$ letters.php?ver=$1 
> RewriteRule ^bank/(*)/?$ bank.php?ver=$1 
> RewriteRule ^magazin/(*)/?$ magazin.php?ver=$1 
> RewriteRule ^galery/(*)/(*)/?$ galery.php?ver=$1&page=$2 
>
> RewriteRule ^videogalery/(*)/(*)/?$ videogalery.php?ver=$1&page=$2 
> RewriteRule ^videogalery/(*)/?$ videogalery.php?ver=$1 
>
> RewriteRule ^galery/(*)/?$ galery.php?ver=$1 
> RewriteRule ^online/(*)/?$ online.php?ver=$1 
> RewriteRule ^search/(*)/?$ search.php?ver=$1 
> RewriteRule ^games/dice/(*)/?$ games/dice.php?ver=$1 
> RewriteRule ^games/ugadaika/(*)/?$ games/ugadaika.php?ver=$1 
> RewriteRule ^embassies/(*)/?$ embassies.php?ver=$1 
> RewriteRule ^unlim/(*)/(*)/?$ unlim.php?rid=$1&ver=$2 
> RewriteRule ^room/(*)/(*)/?$ room.php?rid=$1&ver=$2 
> RewriteRule ^room/(*)/(*)/(*)/?$ room.php?rid=$1&ver=$2&ref=$3 
> RewriteRule ^key/(*)/?$ key.php?ver=$1 
> RewriteRule ^faq/(*)/?$ faq.php?ver=$1 
> RewriteRule ^faq/(*)/(*)/?$ faq.php?ver=$1&mod=$1& 
> RewriteRule ^(*)/(*)/?$ index.php?ver=$1&act=$2 
>   

The php configs you will need to put in your php.ini file.

The nginx rewrites can be generated at 
http://www.anilcetin.com/convert-apache-htaccess-to-nginx/ .

I think that you may want to add [L] to the end of each rule before 
using that tool or insert "last" before the semicolon at the end of each 
rule so nginx stops processing when it finds a match.

> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4423,4423#msg-4423
>
>
>   
Jim





From nginx-forum at nginx.us  Fri Jul 24 20:29:16 2009
From: nginx-forum at nginx.us (vburshteyn)
Date: Fri, 24 Jul 2009 12:29:16 -0400
Subject: selective caching
Message-ID: <7311c3b2bd741b7cf96b07b0f4fb4a3a.NginxMailingList@forum.nginx.org>

hey folks

so i am using cache to great effect to cache and speed the site.

I am just curious is there a way to do selective caching?  it is imperitive that i keep one stupid URL from caching.  Is that possible?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4425,4425#msg-4425





From mdounin at mdounin.ru  Fri Jul 24 20:38:13 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 24 Jul 2009 20:38:13 +0400
Subject: selective caching
In-Reply-To: <7311c3b2bd741b7cf96b07b0f4fb4a3a.NginxMailingList@forum.nginx.org>
References: <7311c3b2bd741b7cf96b07b0f4fb4a3a.NginxMailingList@forum.nginx.org>
Message-ID: <20090724163812.GC1240@mdounin.ru>

Hello!

On Fri, Jul 24, 2009 at 12:29:16PM -0400, vburshteyn wrote:

> so i am using cache to great effect to cache and speed the site.
> 
> I am just curious is there a way to do selective caching?  it is imperitive that i keep one stupid URL from caching.  Is that possible?

Just configure different locations for urls you want to be cached 
and urls you don't want to.  E.g.

    location / {
        proxy_pass http://...

        # cache everything here
        proxy_cache blah;
        ...
    }

    location /do-not-cache-here {
        proxy_pass http://...
    }

See http://wiki.nginx.org/NginxHttpCoreModule#location for details 
about locations.

Maxim Dounin




From mdounin at mdounin.ru  Fri Jul 24 20:47:24 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 24 Jul 2009 20:47:24 +0400
Subject: memory corruption
In-Reply-To: <4A69CCFD.4060400@puffy.pl>
References: <4A69CCFD.4060400@puffy.pl>
Message-ID: <20090724164722.GD1240@mdounin.ru>

Hello!

On Fri, Jul 24, 2009 at 05:02:21PM +0200, Tomasz Pajor wrote:

> Hello,
>
> I keep getting this errors in error_log.
> http://puffy.pl/errorlog
>
> my config is:
> nginx 0.7.61
> ./configure  --add-module=../nginx-static-etags/  
> --prefix=/usr/local/nginx  --http-proxy-temp-path=/cache/proxy_tmp   
> --pid-path=/var/run/nginx.pid --conf-path=/etc/nginx/nginx.conf
>
> any idea?

Could you please try to reproduce problem with official modules 
only and --with-debug?

Maxim Dounin




From nginx at 2xlp.com  Fri Jul 24 22:52:30 2009
From: nginx at 2xlp.com (Jonathan Vanasco)
Date: Fri, 24 Jul 2009 14:52:30 -0400
Subject: bug: POST to static page causes 405
In-Reply-To: <20080520170233.GA17326@calomel.org>
References: <370586.70909.qm@web46311.mail.sp1.yahoo.com> <20080520170233.GA17326@calomel.org>
Message-ID: <A64EADCE-317F-43EB-8E32-4C1457513563@2xlp.com>

doing a POST to a static page will cause a 405

you can test by just posting to a dynamic and static page as such ( -d  
key=value sends data as a POST )

works:
	curl -v -d1=1 http://site.com/dynamic.php

works:
	curl -v  http://site.com/static.html

405:
	curl -v -d1=1 http://site.com/static.html

one could also test via a html form , but that's easier !

I'd consider this a bug, because many 3rd party sites -- such as  
facebook applications -- will POST everything.


// Jonathan Vanasco

e. jonathan at 2xlp.com
w. http://findmeon.com/user/jvanasco
blog. http://destructuring.net

|   -   -   -   -   -   -   -   -   -   -
|   Founder/CEO - FindMeOn, Inc.
|      FindMeOn.com - The cure for Multiple Web Personality Disorder
|   -   -   -   -   -   -   -   -   -   -
|   CTO - ArtWeLove, LLC
|      ArtWeLove.com - Explore Art On Your Own Terms
|   -   -   -   -   -   -   -   -   -   -
|      RoadSound.com - Tools for Bands, Stuff for Fans
|   -   -   -   -   -   -   -   -   -   -

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090724/869c7b5a/attachment.html>

From cliff at develix.com  Fri Jul 24 23:15:37 2009
From: cliff at develix.com (Cliff Wells)
Date: Fri, 24 Jul 2009 12:15:37 -0700
Subject: How to solve the problem of "405 not allowed"?
In-Reply-To: <20090527084617.GD60957@rambler-co.ru>
References: 	 <c1b6567d6676f62cdcd658d71a9151cc.NginxMailingList@forum.nginx.org>
	 <20090527084617.GD60957@rambler-co.ru>
Message-ID: <1248462937.15244.146.camel@portable-evil>

On Wed, 2009-05-27 at 12:46 +0400, Igor Sysoev wrote:
> On Wed, May 27, 2009 at 03:17:49AM -0400, peacock wrote:
> 
> > When I post when a JavaScript file, "405 not allowed" error will appear.
> > 
> > if use proxy, it can work.
> > 
> >         error_page   405 =200 @405;
> >         location @405 {
> >             root  /htdocs;
> >             proxy_pass   http://localhost:8080;
> >         }
> > 
> > 
> > but I do not want to use proxy, just want to use Nginx, can to achieve it?
> 
> Try the attached patch, it allows to POST to static files.
> Probably I will include it in 0.8.0.

Hi Igor,

I take it this patch not included?

Cliff

-- 
http://www.google.com/search?q=vonage+sucks





From is at rambler-co.ru  Fri Jul 24 23:25:25 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Fri, 24 Jul 2009 23:25:25 +0400
Subject: How to solve the problem of "405 not allowed"?
In-Reply-To: <1248462937.15244.146.camel@portable-evil>
References: <c1b6567d6676f62cdcd658d71a9151cc.NginxMailingList@forum.nginx.org> <20090527084617.GD60957@rambler-co.ru> <1248462937.15244.146.camel@portable-evil>
Message-ID: <20090724192525.GA15010@rambler-co.ru>

On Fri, Jul 24, 2009 at 12:15:37PM -0700, Cliff Wells wrote:

> On Wed, 2009-05-27 at 12:46 +0400, Igor Sysoev wrote:
> > On Wed, May 27, 2009 at 03:17:49AM -0400, peacock wrote:
> > 
> > > When I post when a JavaScript file, "405 not allowed" error will appear.
> > > 
> > > if use proxy, it can work.
> > > 
> > >         error_page   405 =200 @405;
> > >         location @405 {
> > >             root  /htdocs;
> > >             proxy_pass   http://localhost:8080;
> > >         }
> > > 
> > > 
> > > but I do not want to use proxy, just want to use Nginx, can to achieve it?
> > 
> > Try the attached patch, it allows to POST to static files.
> > Probably I will include it in 0.8.0.
> 
> Hi Igor,
> 
> I take it this patch not included?

No. Here is updated for 0.8.6 version.


-- 
Igor Sysoev
http://sysoev.ru/en/
-------------- next part --------------
Index: src/http/ngx_http_request.c
===================================================================
--- src/http/ngx_http_request.c	(revision 2319)
+++ src/http/ngx_http_request.c	(working copy)
@@ -2273,6 +2273,19 @@
         r->lingering_time = ngx_time() + (time_t) (clcf->lingering_time / 1000);
         ngx_add_timer(rev, clcf->lingering_timeout);
         return;
+
+    } else {
+
+        r->expect_tested = 1;
+
+        if (ngx_http_discard_request_body(r) != NGX_OK) {
+            ngx_http_close_connection(c);
+            return;
+        }
+
+        if (r->discard_body) {
+            return;
+        }
     }
 
     c->log->action = "closing request";
Index: src/http/ngx_http_core_module.c
===================================================================
--- src/http/ngx_http_core_module.c	(revision 2319)
+++ src/http/ngx_http_core_module.c	(working copy)
@@ -2061,9 +2061,7 @@
     ngx_http_clear_accept_ranges(sr);
     ngx_http_clear_last_modified(sr);
 
-    sr->request_body = r->request_body;
-
-    sr->method = NGX_HTTP_GET;
+    sr->method = r->method;
     sr->http_version = r->http_version;
 
     sr->request_line = r->request_line;
@@ -2081,7 +2079,7 @@
     sr->waited = (flags & NGX_HTTP_SUBREQUEST_WAITED) != 0;
 
     sr->unparsed_uri = r->unparsed_uri;
-    sr->method_name = ngx_http_core_get_method;
+    sr->method_name = r->method_name;
     sr->http_protocol = r->http_protocol;
 
     ngx_http_set_exten(sr);
Index: src/http/ngx_http_upstream.c
===================================================================
--- src/http/ngx_http_upstream.c	(revision 2319)
+++ src/http/ngx_http_upstream.c	(working copy)
@@ -391,8 +391,8 @@
         }
     }
 
-    if (r->request_body) {
-        u->request_bufs = r->request_body->bufs;
+    if (r->main->request_body) {
+        u->request_bufs = r->main->request_body->bufs;
     }
 
 #if (NGX_HTTP_CACHE)
@@ -957,9 +957,10 @@
 static void
 ngx_http_upstream_connect(ngx_http_request_t *r, ngx_http_upstream_t *u)
 {
-    ngx_int_t          rc;
-    ngx_time_t        *tp;
-    ngx_connection_t  *c;
+    ngx_int_t                 rc;
+    ngx_time_t               *tp;
+    ngx_connection_t         *c;
+    ngx_http_request_body_t  *rb;
 
     r->connection->log->action = "connecting to upstream";
 
@@ -1043,14 +1044,14 @@
         }
     }
 
-    if (r->request_body
-        && r->request_body->buf
-        && r->request_body->temp_file
-        && r == r->main)
-    {
+    rb = r->main->request_body;
+
+    if (r == r->main && rb && rb->buf && rb->temp_file) {
+
         /*
-         * the r->request_body->buf can be reused for one request only,
-         * the subrequests should allocate their own temporay bufs
+         * the r->main->request_body->buf can be reused in ngx_output_chain()
+         * for reading file in single request only, therefore
+         * subrequests should allocate their own temporary bufs
          */
 
         u->output.free = ngx_alloc_chain_link(r->pool);
@@ -1060,13 +1061,13 @@
             return;
         }
 
-        u->output.free->buf = r->request_body->buf;
+        u->output.free->buf = rb->buf;
         u->output.free->next = NULL;
         u->output.allocated = 1;
 
-        r->request_body->buf->pos = r->request_body->buf->start;
-        r->request_body->buf->last = r->request_body->buf->start;
-        r->request_body->buf->tag = u->output.tag;
+        rb->buf->pos = rb->buf->start;
+        rb->buf->last = rb->buf->start;
+        rb->buf->tag = u->output.tag;
     }
 
     u->request_sent = 0;
@@ -1187,8 +1188,8 @@
 
     /* reinit the subrequest's ngx_output_chain() context */
 
-    if (r->request_body && r->request_body->temp_file
-        && r != r->main && u->output.buf)
+    if (r != r->main && u->output.buf
+        && r->main->request_body && r->main->request_body->temp_file)
     {
         u->output.free = ngx_alloc_chain_link(r->pool);
         if (u->output.free == NULL) {
@@ -1893,6 +1894,7 @@
     ngx_int_t                  rc;
     ngx_event_pipe_t          *p;
     ngx_connection_t          *c;
+    ngx_http_request_body_t   *rb;
     ngx_http_core_loc_conf_t  *clcf;
 
     rc = ngx_http_send_header(r);
@@ -1925,9 +1927,11 @@
 
     u->header_sent = 1;
 
-    if (r->request_body && r->request_body->temp_file) {
-        ngx_pool_run_cleanup_file(r->pool, r->request_body->temp_file->file.fd);
-        r->request_body->temp_file->file.fd = NGX_INVALID_FILE;
+    rb = r->main->request_body;
+
+    if (rb && rb->temp_file) {
+        ngx_pool_run_cleanup_file(r->pool, rb->temp_file->file.fd);
+        rb->temp_file->file.fd = NGX_INVALID_FILE;
     }
 
     clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
Index: src/http/ngx_http_request_body.c
===================================================================
--- src/http/ngx_http_request_body.c	(revision 2319)
+++ src/http/ngx_http_request_body.c	(working copy)
@@ -20,7 +20,7 @@
 
 /*
  * on completion ngx_http_read_client_request_body() adds to
- * r->request_body->bufs one or two bufs:
+ * r->main->request_body->bufs one or two bufs:
  *    *) one memory buf that was preread in r->header_in;
  *    *) one memory or file buf that contains the rest of the body
  */
@@ -34,44 +34,47 @@
     ngx_buf_t                 *b;
     ngx_chain_t               *cl, **next;
     ngx_temp_file_t           *tf;
+    ngx_http_request_t        *mr;
     ngx_http_request_body_t   *rb;
     ngx_http_core_loc_conf_t  *clcf;
 
-    if (r->request_body || r->discard_body) {
+    mr = r->main;
+
+    if (mr->request_body || mr->discard_body) {
         post_handler(r);
         return NGX_OK;
     }
 
-    if (ngx_http_test_expect(r) != NGX_OK) {
+    if (ngx_http_test_expect(mr) != NGX_OK) {
         return NGX_HTTP_INTERNAL_SERVER_ERROR;
     }
 
-    rb = ngx_pcalloc(r->pool, sizeof(ngx_http_request_body_t));
+    rb = ngx_pcalloc(mr->pool, sizeof(ngx_http_request_body_t));
     if (rb == NULL) {
         return NGX_HTTP_INTERNAL_SERVER_ERROR;
     }
 
-    r->request_body = rb;
+    mr->request_body = rb;
 
-    if (r->headers_in.content_length_n < 0) {
+    if (mr->headers_in.content_length_n < 0) {
         post_handler(r);
         return NGX_OK;
     }
 
     clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
 
-    if (r->headers_in.content_length_n == 0) {
+    if (mr->headers_in.content_length_n == 0) {
 
         if (r->request_body_in_file_only) {
-            tf = ngx_pcalloc(r->pool, sizeof(ngx_temp_file_t));
+            tf = ngx_pcalloc(mr->pool, sizeof(ngx_temp_file_t));
             if (tf == NULL) {
                 return NGX_HTTP_INTERNAL_SERVER_ERROR;
             }
 
             tf->file.fd = NGX_INVALID_FILE;
-            tf->file.log = r->connection->log;
+            tf->file.log = mr->connection->log;
             tf->path = clcf->client_body_temp_path;
-            tf->pool = r->pool;
+            tf->pool = mr->pool;
             tf->warn = "a client request body is buffered to a temporary file";
             tf->log_level = r->request_body_file_log_level;
             tf->persistent = r->request_body_in_persistent_file;
@@ -106,27 +109,27 @@
      *     rb->rest = 0;
      */
 
-    preread = r->header_in->last - r->header_in->pos;
+    preread = mr->header_in->last - mr->header_in->pos;
 
     if (preread) {
 
         /* there is the pre-read part of the request body */
 
-        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, mr->connection->log, 0,
                        "http client request body preread %uz", preread);
 
-        b = ngx_calloc_buf(r->pool);
+        b = ngx_calloc_buf(mr->pool);
         if (b == NULL) {
             return NGX_HTTP_INTERNAL_SERVER_ERROR;
         }
 
         b->temporary = 1;
-        b->start = r->header_in->pos;
-        b->pos = r->header_in->pos;
-        b->last = r->header_in->last;
-        b->end = r->header_in->end;
+        b->start = mr->header_in->pos;
+        b->pos = mr->header_in->pos;
+        b->last = mr->header_in->last;
+        b->end = mr->header_in->end;
 
-        rb->bufs = ngx_alloc_chain_link(r->pool);
+        rb->bufs = ngx_alloc_chain_link(mr->pool);
         if (rb->bufs == NULL) {
             return NGX_HTTP_INTERNAL_SERVER_ERROR;
         }
@@ -136,15 +139,15 @@
 
         rb->buf = b;
 
-        if ((off_t) preread >= r->headers_in.content_length_n) {
+        if ((off_t) preread >= mr->headers_in.content_length_n) {
 
             /* the whole request body was pre-read */
 
-            r->header_in->pos += (size_t) r->headers_in.content_length_n;
-            r->request_length += r->headers_in.content_length_n;
+            mr->header_in->pos += (size_t) mr->headers_in.content_length_n;
+            mr->request_length += mr->headers_in.content_length_n;
 
-            if (r->request_body_in_file_only) {
-                if (ngx_http_write_request_body(r, rb->bufs) != NGX_OK) {
+            if (mr->request_body_in_file_only) {
+                if (ngx_http_write_request_body(mr, rb->bufs) != NGX_OK) {
                     return NGX_HTTP_INTERNAL_SERVER_ERROR;
                 }
             }
@@ -158,11 +161,11 @@
          * to not consider the body as pipelined request in
          * ngx_http_set_keepalive()
          */
-        r->header_in->pos = r->header_in->last;
+        mr->header_in->pos = mr->header_in->last;
 
-        r->request_length += preread;
+        mr->request_length += preread;
 
-        rb->rest = r->headers_in.content_length_n - preread;
+        rb->rest = mr->headers_in.content_length_n - preread;
 
         if (rb->rest <= (off_t) (b->end - b->last)) {
 
@@ -179,7 +182,7 @@
 
     } else {
         b = NULL;
-        rb->rest = r->headers_in.content_length_n;
+        rb->rest = mr->headers_in.content_length_n;
         next = &rb->bufs;
     }
 
@@ -200,12 +203,12 @@
         b = NULL;
     }
 
-    rb->buf = ngx_create_temp_buf(r->pool, size);
+    rb->buf = ngx_create_temp_buf(mr->pool, size);
     if (rb->buf == NULL) {
         return NGX_HTTP_INTERNAL_SERVER_ERROR;
     }
 
-    cl = ngx_alloc_chain_link(r->pool);
+    cl = ngx_alloc_chain_link(mr->pool);
     if (cl == NULL) {
         return NGX_HTTP_INTERNAL_SERVER_ERROR;
     }
@@ -250,7 +253,7 @@
     rc = ngx_http_do_read_client_request_body(r);
 
     if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
-        ngx_http_finalize_request(r, rc);
+        ngx_http_finalize_request(r->main, rc);
     }
 }
 
@@ -262,11 +265,13 @@
     ssize_t                    n;
     ngx_buf_t                 *b;
     ngx_connection_t          *c;
+    ngx_http_request_t        *mr;
     ngx_http_request_body_t   *rb;
     ngx_http_core_loc_conf_t  *clcf;
 
     c = r->connection;
-    rb = r->request_body;
+    mr = r->main;
+    rb = mr->request_body;
 
     ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0,
                    "http read client request body");
@@ -275,7 +280,7 @@
         for ( ;; ) {
             if (rb->buf->last == rb->buf->end) {
 
-                if (ngx_http_write_request_body(r, rb->to_write) != NGX_OK) {
+                if (ngx_http_write_request_body(mr, rb->to_write) != NGX_OK) {
                     return NGX_HTTP_INTERNAL_SERVER_ERROR;
                 }
 
@@ -310,7 +315,7 @@
 
             rb->buf->last += n;
             rb->rest -= n;
-            r->request_length += n;
+            mr->request_length += n;
 
             if (rb->rest == 0) {
                 break;
@@ -348,7 +353,7 @@
 
         /* save the last part */
 
-        if (ngx_http_write_request_body(r, rb->to_write) != NGX_OK) {
+        if (ngx_http_write_request_body(mr, rb->to_write) != NGX_OK) {
             return NGX_HTTP_INTERNAL_SERVER_ERROR;
         }
 
Index: src/http/ngx_http_variables.c
===================================================================
--- src/http/ngx_http_variables.c	(revision 2319)
+++ src/http/ngx_http_variables.c	(working copy)
@@ -1540,17 +1540,21 @@
 ngx_http_variable_request_body_file(ngx_http_request_t *r,
     ngx_http_variable_value_t *v, uintptr_t data)
 {
-    if (r->request_body == NULL || r->request_body->temp_file == NULL) {
+    ngx_http_request_body_t  *rb;
+
+    rb = r->request_body;
+
+    if (rb == NULL || rb->temp_file == NULL) {
         v->not_found = 1;
 
         return NGX_OK;
     }
 
-    v->len = r->request_body->temp_file->file.name.len;
+    v->len = rb->temp_file->file.name.len;
     v->valid = 1;
     v->no_cacheable = 0;
     v->not_found = 0;
-    v->data = r->request_body->temp_file->file.name.data;
+    v->data = rb->temp_file->file.name.data;
 
     return NGX_OK;
 }
Index: src/http/modules/ngx_http_dav_module.c
===================================================================
--- src/http/modules/ngx_http_dav_module.c	(revision 2319)
+++ src/http/modules/ngx_http_dav_module.c	(working copy)
@@ -219,7 +219,7 @@
     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
                    "http put filename: \"%s\"", path.data);
 
-    temp = &r->request_body->temp_file->file.name;
+    temp = &r->main->request_body->temp_file->file.name;
 
     if (ngx_file_info(path.data, &fi) == NGX_FILE_ERROR) {
         status = NGX_HTTP_CREATED;
@@ -258,7 +258,7 @@
 
         if (date != NGX_ERROR) {
             ext.time = date;
-            ext.fd = r->request_body->temp_file->file.fd;
+            ext.fd = r->main->request_body->temp_file->file.fd;
         }
     }
 
Index: src/http/modules/ngx_http_static_module.c
===================================================================
--- src/http/modules/ngx_http_static_module.c	(revision 2319)
+++ src/http/modules/ngx_http_static_module.c	(working copy)
@@ -196,14 +196,13 @@
 
 #endif
 
-    if (r->method & NGX_HTTP_POST) {
-        return NGX_HTTP_NOT_ALLOWED;
-    }
+    if (r->method & (NGX_HTTP_GET|NGX_HTTP_HEAD)) {
 
-    rc = ngx_http_discard_request_body(r);
+        rc = ngx_http_discard_request_body(r);
 
-    if (rc != NGX_OK) {
-        return rc;
+        if (rc != NGX_OK) {
+            return rc;
+        }
     }
 
     log->action = "sending response to client";
Index: src/http/modules/perl/nginx.xs
===================================================================
--- src/http/modules/perl/nginx.xs	(revision 2319)
+++ src/http/modules/perl/nginx.xs	(working copy)
@@ -384,25 +384,25 @@
     CODE:
 
     dXSTARG;
-    ngx_http_request_t  *r;
-    size_t               len;
+    ngx_http_request_t       *r;
+    ngx_http_request_body_t  *rb;
+    size_t                    len;
 
     ngx_http_perl_set_request(r);
 
-    if (r->request_body == NULL
-        || r->request_body->temp_file
-        || r->request_body->bufs == NULL)
-    {
+    rb = r->main->request_body;
+
+    if (rb == NULL || rb->temp_file || rb->bufs == NULL) {
         XSRETURN_UNDEF;
     }
 
-    len = r->request_body->bufs->buf->last - r->request_body->bufs->buf->pos;
+    len = rb->bufs->buf->last - rb->bufs->buf->pos;
 
     if (len == 0) {
         XSRETURN_UNDEF;
     }
 
-    ngx_http_perl_set_targ(r->request_body->bufs->buf->pos, len);
+    ngx_http_perl_set_targ(rb->bufs->buf->pos, len);
 
     ST(0) = TARG;
 
@@ -412,16 +412,19 @@
     CODE:
 
     dXSTARG;
-    ngx_http_request_t  *r;
+    ngx_http_request_t       *r;
+    ngx_http_request_body_t  *rb;
 
     ngx_http_perl_set_request(r);
 
-    if (r->request_body == NULL || r->request_body->temp_file == NULL) {
+    rb = r->main->request_body;
+
+    if (rb == NULL || rb->temp_file == NULL) {
         XSRETURN_UNDEF;
     }
 
-    ngx_http_perl_set_targ(r->request_body->temp_file->file.name.data,
-                           r->request_body->temp_file->file.name.len);
+    ngx_http_perl_set_targ(rb->temp_file->file.name.data,
+                           rb->temp_file->file.name.len);
 
     ST(0) = TARG;
 

From jhancock at shellshadow.com  Sat Jul 25 00:16:42 2009
From: jhancock at shellshadow.com (Jon Hancock)
Date: Fri, 24 Jul 2009 16:16:42 -0400
Subject: ssl config problems binding to specific IP
Message-ID: <cb6b51e20907241316q6bd21d5h741f3b6d33152db6@mail.gmail.com>

using nginx 0.7.61
  server {
server_name mydomain.com;
listen 80;
listen 443 default ssl;
...
}

works!!!

When I use IP addresses, I get problems:

  server {
server_name mydomain.com;
listen 192.168.0.11:80;
listen 192.168.0.11:443 default ssl;
...
}

When I add the IP address, HTTPS works, but HTTP requests give me:  404 Bad
Request - The Plain HTTP request was sent to HTTPS port

I need to specify the IP so I can have another server block for a second SSL
server
Any ideas?
thanks, Jon
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090724/2c64fb30/attachment.html>

From nick.pearson at gmail.com  Sat Jul 25 00:35:59 2009
From: nick.pearson at gmail.com (Nick Pearson)
Date: Fri, 24 Jul 2009 15:35:59 -0500
Subject: ssl config problems binding to specific IP
In-Reply-To: <cb6b51e20907241316q6bd21d5h741f3b6d33152db6@mail.gmail.com>
References: <cb6b51e20907241316q6bd21d5h741f3b6d33152db6@mail.gmail.com>
Message-ID: <ec5918120907241335v352e6dc5h6915041a84655400@mail.gmail.com>

I believe the preferred way is still to use separate server blocks for
http and https.

server {
  server_name mydomain.com;
  listen 192.168.0.11:80;
  ...
}

server {
  server_name mydomain.com;
  listen 192.168.0.11:443;
  ssl on;
  ...
}

The error is probably caused by having "ssl on" for http requests.
I've seen people asking about putting the ssl config inside an "if",
but I don't think that's preferred.

Nick



On Fri, Jul 24, 2009 at 3:16 PM, Jon Hancock<jhancock at shellshadow.com> wrote:
> using nginx 0.7.61
>   server {
> server_name mydomain.com;
> listen 80;
> listen 443 default ssl;
> ...
> }
> works!!!
> When I use IP addresses, I get problems:
>   server {
> server_name mydomain.com;
> listen 192.168.0.11:80;
> listen 192.168.0.11:443 default ssl;
> ...
> }
> When I add the IP address, HTTPS works, but HTTP requests give me:  404 Bad
> Request - The Plain HTTP request was sent to HTTPS port
> I need to specify the IP so I can have another server block for a second SSL
> server
> Any ideas?
> thanks, Jon




From jonathan at 2xlp.com  Sat Jul 25 01:00:55 2009
From: jonathan at 2xlp.com (Jonathan Vanasco)
Date: Fri, 24 Jul 2009 17:00:55 -0400
Subject: How to solve the problem of "405 not allowed"?
In-Reply-To: <1248462937.15244.146.camel@portable-evil>
References: <c1b6567d6676f62cdcd658d71a9151cc.NginxMailingList@forum.nginx.org> <20090527084617.GD60957@rambler-co.ru> <1248462937.15244.146.camel@portable-evil>
Message-ID: <AA4C7FE4-6DD8-4577-87D6-501CD231E7E6@2xlp.com>

ah!
thanks.

i see a few threads for this title as "405"; i was searching POST



On Jul 24, 2009, at 3:15 PM, Cliff Wells wrote:

> On Wed, 2009-05-27 at 12:46 +0400, Igor Sysoev wrote:
>> On Wed, May 27, 2009 at 03:17:49AM -0400, peacock wrote:
>>
>>> When I post when a JavaScript file, "405 not allowed" error will  
>>> appear.
>>>
>>> if use proxy, it can work.
>>>
>>>        error_page   405 =200 @405;
>>>        location @405 {
>>>            root  /htdocs;
>>>            proxy_pass   http://localhost:8080;
>>>        }
>>>
>>>
>>> but I do not want to use proxy, just want to use Nginx, can to  
>>> achieve it?
>>
>> Try the attached patch, it allows to POST to static files.
>> Probably I will include it in 0.8.0.
>
> Hi Igor,
>
> I take it this patch not included?
>
> Cliff
>
> -- 
> http://www.google.com/search?q=vonage+sucks
>
>





From jerome at loyet.net  Sat Jul 25 02:46:46 2009
From: jerome at loyet.net (=?ISO-8859-1?B?Suly9G1lIExveWV0?=)
Date: Sat, 25 Jul 2009 00:46:46 +0200
Subject: selective caching
In-Reply-To: <20090724163812.GC1240@mdounin.ru>
References: <7311c3b2bd741b7cf96b07b0f4fb4a3a.NginxMailingList@forum.nginx.org>
	 <20090724163812.GC1240@mdounin.ru>
Message-ID: <3bea96c40907241546i61b5d2b9y2b310fe0542cb77a@mail.gmail.com>

2009/7/24 Maxim Dounin <mdounin at mdounin.ru>:
> Hello!
>
> On Fri, Jul 24, 2009 at 12:29:16PM -0400, vburshteyn wrote:
>
>> so i am using cache to great effect to cache and speed the site.
>>
>> I am just curious is there a way to do selective caching? ?it is imperitive that i keep one stupid URL from caching. ?Is that possible?

yes use proxy_cache none;

>
> Just configure different locations for urls you want to be cached
> and urls you don't want to. ?E.g.
>
> ? ?location / {
> ? ? ? ?proxy_pass http://...
>
> ? ? ? ?# cache everything here
> ? ? ? ?proxy_cache blah;
> ? ? ? ?...
> ? ?}
>
> ? ?location /do-not-cache-here {
> ? ? ? ?proxy_pass http://...
          proxy_cache none;
> ? ?}
>
> See http://wiki.nginx.org/NginxHttpCoreModule#location for details
> about locations.
>
> Maxim Dounin
>
>




From tkeyser at emediavillage.com  Sat Jul 25 02:51:15 2009
From: tkeyser at emediavillage.com (Tom Keyser)
Date: Fri, 24 Jul 2009 15:51:15 -0700
Subject: Anyone with experience installing Nginx in a Vyatta firewall box
  (Debian 4.2.3-2)
In-Reply-To: <6b1504c40907230257v1c168f7dr7f8ae3b082f525ed@mail.gmail.com>
References: <054bd8e9e65d77c547b08e6b464289ca.NginxMailingList@forum.nginx.org> 	<ac2aca9ab429d57a44bbdecdfd488e57.NginxMailingList@forum.nginx.org> 	<20090723083452.GG67525@rambler-co.ru> <6b1504c40907230257v1c168f7dr7f8ae3b082f525ed@mail.gmail.com>
Message-ID: <4A6A3AE3.3040007@emediavillage.com>


Running
Linux version 2.6.26-1-486-vyatta (root at vyatta) (gcc version 4.2.3 (Debian 4.2.3-2)
Its a Vyatta 5 firewall box

Having problems installing Nginx.

./configure: error: C compiler gcc is not found
problem is cant find gcc to install

MY SOURCES.LIST
deb http://packages.vyatta.com/vyatta stable main # community #
deb http://http.us.debian.org/debian stable main

Any assistance is appreciated. I am new to debian. I am used to centos

thanks





From mike503 at gmail.com  Sat Jul 25 03:01:48 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Fri, 24 Jul 2009 16:01:48 -0700
Subject: Anyone with experience installing Nginx in a Vyatta firewall box 
	(Debian 4.2.3-2)
In-Reply-To: <4A6A3AE3.3040007@emediavillage.com>
References: <054bd8e9e65d77c547b08e6b464289ca.NginxMailingList@forum.nginx.org>
	 <ac2aca9ab429d57a44bbdecdfd488e57.NginxMailingList@forum.nginx.org>
	 <20090723083452.GG67525@rambler-co.ru>
	 <6b1504c40907230257v1c168f7dr7f8ae3b082f525ed@mail.gmail.com>
	 <4A6A3AE3.3040007@emediavillage.com>
Message-ID: <bd9320b30907241601w7867509fna9cdc18dbcd56a92@mail.gmail.com>

apt-get install build-essential

not sure what else... nginx might -require- some other libs too.

apt-cache search whatever

will help you search for what you need

On Fri, Jul 24, 2009 at 3:51 PM, Tom Keyser<tkeyser at emediavillage.com> wrote:
>
> Running
> Linux version 2.6.26-1-486-vyatta (root at vyatta) (gcc version 4.2.3 (Debian
> 4.2.3-2)
> Its a Vyatta 5 firewall box
>
> Having problems installing Nginx.
>
> ./configure: error: C compiler gcc is not found
> problem is cant find gcc to install
>
> MY SOURCES.LIST
> deb http://packages.vyatta.com/vyatta stable main # community #
> deb http://http.us.debian.org/debian stable main
>
> Any assistance is appreciated. I am new to debian. I am used to centos
>
> thanks
>
>
>




From mdounin at mdounin.ru  Sat Jul 25 03:09:25 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Sat, 25 Jul 2009 03:09:25 +0400
Subject: selective caching
In-Reply-To: <3bea96c40907241546i61b5d2b9y2b310fe0542cb77a@mail.gmail.com>
References: <7311c3b2bd741b7cf96b07b0f4fb4a3a.NginxMailingList@forum.nginx.org> <20090724163812.GC1240@mdounin.ru> <3bea96c40907241546i61b5d2b9y2b310fe0542cb77a@mail.gmail.com>
Message-ID: <20090724230925.GE1240@mdounin.ru>

Hello!

On Sat, Jul 25, 2009 at 12:46:46AM +0200, J?r?me Loyet wrote:

> 2009/7/24 Maxim Dounin <mdounin at mdounin.ru>:
> > Hello!
> >
> > On Fri, Jul 24, 2009 at 12:29:16PM -0400, vburshteyn wrote:
> >
> >> so i am using cache to great effect to cache and speed the site.
> >>
> >> I am just curious is there a way to do selective caching? ?it is imperitive that i keep one stupid URL from caching. ?Is that possible?
> 
> yes use proxy_cache none;

Have you tried?

There is nothing specifal in "none" used as proxy_cache argument.  
If you want to clear proxy_cache inherited from upper levels you 
should use "off" instead.

But this isn't needed in the example below as there is no 
inherited proxy_cache.

Maxim Dounin

> 
> >
> > Just configure different locations for urls you want to be cached
> > and urls you don't want to. ?E.g.
> >
> > ? ?location / {
> > ? ? ? ?proxy_pass http://...
> >
> > ? ? ? ?# cache everything here
> > ? ? ? ?proxy_cache blah;
> > ? ? ? ?...
> > ? ?}
> >
> > ? ?location /do-not-cache-here {
> > ? ? ? ?proxy_pass http://...
>           proxy_cache none;
> > ? ?}
> >
> > See http://wiki.nginx.org/NginxHttpCoreModule#location for details
> > about locations.
> >
> > Maxim Dounin
> >
> >
> 




From jerome at loyet.net  Sat Jul 25 03:34:51 2009
From: jerome at loyet.net (=?ISO-8859-1?B?Suly9G1lIExveWV0?=)
Date: Sat, 25 Jul 2009 01:34:51 +0200
Subject: selective caching
In-Reply-To: <20090724230925.GE1240@mdounin.ru>
References: <7311c3b2bd741b7cf96b07b0f4fb4a3a.NginxMailingList@forum.nginx.org>
	 <20090724163812.GC1240@mdounin.ru>
	 <3bea96c40907241546i61b5d2b9y2b310fe0542cb77a@mail.gmail.com>
	 <20090724230925.GE1240@mdounin.ru>
Message-ID: <3bea96c40907241634q27bc3decvfa34b7906d3bb508@mail.gmail.com>

2009/7/25 Maxim Dounin <mdounin at mdounin.ru>:
> Hello!
>
> On Sat, Jul 25, 2009 at 12:46:46AM +0200, J?r?me Loyet wrote:
>
>> 2009/7/24 Maxim Dounin <mdounin at mdounin.ru>:
>> > Hello!
>> >
>> > On Fri, Jul 24, 2009 at 12:29:16PM -0400, vburshteyn wrote:
>> >
>> >> so i am using cache to great effect to cache and speed the site.
>> >>
>> >> I am just curious is there a way to do selective caching? ?it is imperitive that i keep one stupid URL from caching. ?Is that possible?
>>
>> yes use proxy_cache none;
>
> Have you tried?
>
> There is nothing specifal in "none" used as proxy_cache argument.
> If you want to clear proxy_cache inherited from upper levels you
> should use "off" instead.

Yes you're right, my souvenirs were wrong. I meant "proxy_cache off;".

>
> But this isn't needed in the example below as there is no
> inherited proxy_cache.

You're right again :) I'm sorry my eyes are not going well tonight.

>
> Maxim Dounin
>
>>
>> >
>> > Just configure different locations for urls you want to be cached
>> > and urls you don't want to. ?E.g.
>> >
>> > ? ?location / {
>> > ? ? ? ?proxy_pass http://...
>> >
>> > ? ? ? ?# cache everything here
>> > ? ? ? ?proxy_cache blah;
>> > ? ? ? ?...
>> > ? ?}
>> >
>> > ? ?location /do-not-cache-here {
>> > ? ? ? ?proxy_pass http://...
>> ? ? ? ? ? proxy_cache none;
>> > ? ?}
>> >
>> > See http://wiki.nginx.org/NginxHttpCoreModule#location for details
>> > about locations.
>> >
>> > Maxim Dounin
>> >
>> >
>>
>
>




From kowalski.michal at gmail.com  Sat Jul 25 07:19:38 2009
From: kowalski.michal at gmail.com (Michal Kowalski)
Date: Sat, 25 Jul 2009 05:19:38 +0200
Subject: Anyone with experience installing Nginx in a Vyatta firewall box 
	(Debian 4.2.3-2)
In-Reply-To: <4A6A3AE3.3040007@emediavillage.com>
References: <054bd8e9e65d77c547b08e6b464289ca.NginxMailingList@forum.nginx.org>
	 <ac2aca9ab429d57a44bbdecdfd488e57.NginxMailingList@forum.nginx.org>
	 <20090723083452.GG67525@rambler-co.ru>
	 <6b1504c40907230257v1c168f7dr7f8ae3b082f525ed@mail.gmail.com>
	 <4A6A3AE3.3040007@emediavillage.com>
Message-ID: <57fdd180907242019s2f7fe0a3s514a25e2f7989006@mail.gmail.com>

On Sat, Jul 25, 2009 at 12:51 AM, Tom Keyser<tkeyser at emediavillage.com> wrote:
>
> Running
> Linux version 2.6.26-1-486-vyatta (root at vyatta) (gcc version 4.2.3 (Debian
> 4.2.3-2)
> Its a Vyatta 5 firewall box
>
> Having problems installing Nginx.
>
> ./configure: error: C compiler gcc is not found
> problem is cant find gcc to install
>

looking at or posting your config.log may be of use, too... if
problem(s) still persist.

mk
-- 
(let* ((mk "Micha? Kowalski") (sig `(lambda () ,mk))) ((eval sig)))




From shri at devlib.org  Sat Jul 25 10:35:28 2009
From: shri at devlib.org (Shri @ DevLib.Org)
Date: Sat, 25 Jul 2009 14:35:28 +0800
Subject: Ngix not picking up the index file.... after upgrade
References: <054bd8e9e65d77c547b08e6b464289ca.NginxMailingList@forum.nginx.org> <ac2aca9ab429d57a44bbdecdfd488e57.NginxMailingList@forum.nginx.org> <20090723083452.GG67525@rambler-co.ru> <6b1504c40907230257v1c168f7dr7f8ae3b082f525ed@mail.gmail.com> <4A6A3AE3.3040007@emediavillage.com> <57fdd180907242019s2f7fe0a3s514a25e2f7989006@mail.gmail.com>
Message-ID: <FF725280827443F6B2FED5D71B7BA1FA@shridesk>

I have had this working for ever and some how after the upgrade to 0.8.x it 
seems to have stopped working.

The following config results in the http://www.hostname.com/classifieds/ not 
working.

http://www.hostname.com/classifieds/index.php pulls up the correct file.

What am I missing? (Yes, I do need path_info to be set correctly)

       location /classifieds/(.+\.php)(/.+)$ {
                set $script $uri;
                set $path_info "";
                if ($uri ~ "(.+\.php)(/.+)") {
                        set $script $1;
                        set $path_info $2;
                }

                fastcgi_param  SCRIPT_FILENAME 
/site/expat/oct08$fastcgi_script_name;
                fastcgi_pass   phpbackend;
                fastcgi_param  PATH_INFO    $path_info;
                include        fastcgi_params;
        }

Help please. :)

Regards,
Shri





From tkeyser at emediavillage.com  Sat Jul 25 10:48:09 2009
From: tkeyser at emediavillage.com (Tom Keyser)
Date: Fri, 24 Jul 2009 23:48:09 -0700
Subject: Anyone with experience installing Nginx in a Vyatta firewall
 box 	(Debian 4.2.3-2)
In-Reply-To: <57fdd180907242019s2f7fe0a3s514a25e2f7989006@mail.gmail.com>
References: <054bd8e9e65d77c547b08e6b464289ca.NginxMailingList@forum.nginx.org>	 <ac2aca9ab429d57a44bbdecdfd488e57.NginxMailingList@forum.nginx.org>	 <20090723083452.GG67525@rambler-co.ru>	 <6b1504c40907230257v1c168f7dr7f8ae3b082f525ed@mail.gmail.com>	 <4A6A3AE3.3040007@emediavillage.com> <57fdd180907242019s2f7fe0a3s514a25e2f7989006@mail.gmail.com>
Message-ID: <4A6AAAA9.2050708@emediavillage.com>

Cant find a config.log on the disk.. where might I find it?

vyatta:~# ls -la /var/log/
total 852
drwxr-xr-x 13 root     root       4096 Jul 24 23:14 .
drwxr-xr-x 16 root     root       4096 Feb 27 03:26 ..
drwxr-xr-x  2 root     root       4096 Feb 27 03:20 apt
-rw-r--r--  1 root     root      12830 Jul 24 22:57 aptitude
-rw-r-----  1 root     adm           0 Feb 27 03:26 auth.log
-rw-r-----  1 root     adm          31 Feb 27 03:20 boot
-rw-r--r--  1 root     root      22738 Feb 27 03:20 bootstrap.log
-rw-rw-r--  1 root     utmp       2304 Jul 25 06:44 btmp
-rw-r-----  1 root     adm           0 Feb 27 03:26 daemon.log
-rw-r-----  1 root     adm           0 Feb 27 03:26 debug
-rw-r--r--  1 root     root        979 Jul 24 23:14 dhcpd.leases
-rw-r--r--  1 root     root       2486 Jul 24 23:14 dhcpd.leases~
-rw-r--r--  1 root     root         36 Jul 24 20:38 dhcpd.status
-rw-r-----  1 root     adm       18750 Jul 24 23:14 dmesg
-rw-r-----  1 root     adm       18750 Jul 24 23:10 dmesg.0
-rw-r-----  1 root     adm        6449 Jul 24 16:38 dmesg.1.gz
-rw-r-----  1 root     adm        6362 Jul 24 03:43 dmesg.2.gz
-rw-r-----  1 root     adm        6366 Jul 23 20:11 dmesg.3.gz
-rw-r-----  1 root     adm        6368 Jul 23 19:07 dmesg.4.gz
-rw-r--r--  1 dnsmasq  root        485 Jul 24 23:14 dnsmasq.log
-rw-r-----  1 root     adm      302692 Jul 24 22:09 dpkg.log
-rw-r--r--  1 root     root      24024 Jul 24 23:15 faillog
drwxr-xr-x  2 root     root       4096 Feb 27 03:20 fsck
-rw-r-----  1 root     adm           0 Feb 27 03:26 kern.log
-rw-rw-r--  1 root     utmp     292292 Jul 25 06:45 lastlog
drwxr-x---  2 www-data www-data   4096 May 12  2008 lighttpd
-rw-r-----  1 root     adm           0 Feb 27 03:26 lpr.log
-rw-r-----  1 root     adm           0 Feb 27 03:26 mail.err
-rw-r-----  1 root     adm           0 Feb 27 03:26 mail.info
-rw-r-----  1 root     adm           0 Feb 27 03:26 mail.log
-rw-r-----  1 root     adm           0 Feb 27 03:26 mail.warn
-rw-r-----  1 root     adm      162030 Jul 25 06:44 messages
drwxr-sr-x  2 news     news       4096 Feb 27 03:26 news
drwxr-xr-x  2 ntp      ntp        4096 Jul 16  2008 ntpstats
-rw-r--r--  1 root     root          0 Feb 27 03:23 pycentral.log
drwxr-s---  2 snort    adm        4096 Feb 27 03:21 snort
drwxr-xr-x  2 proxy    adm        4096 Jul 23  2008 squid
drwxr-xr-x  2 proxy    proxy      4096 Jul 25 00:00 squid3
-rw-r-----  1 root     adm           0 Feb 27 03:26 syslog
drwxr-xr-x  2 root     root       4096 Feb 27 03:26 user
-rw-r-----  1 root     adm           0 Feb 27 03:26 user.log
drwxr-xr-x  2 root     root       4096 Feb 27 03:26 vrrpd
drwxr-xr-x  3 root     root       4096 Feb 27 03:22 vyatta
-rw-r--r--  1 root     root        994 Jul 24 23:14 wanrouter
-rw-rw-r--  1 root     utmp     147456 Jul 25 06:45 wtmp


Michal Kowalski wrote:
> On Sat, Jul 25, 2009 at 12:51 AM, Tom Keyser<tkeyser at emediavillage.com> wrote:
>   
>> Running
>> Linux version 2.6.26-1-486-vyatta (root at vyatta) (gcc version 4.2.3 (Debian
>> 4.2.3-2)
>> Its a Vyatta 5 firewall box
>>
>> Having problems installing Nginx.
>>
>> ./configure: error: C compiler gcc is not found
>> problem is cant find gcc to install
>>
>>     
>
> looking at or posting your config.log may be of use, too... if
> problem(s) still persist.
>
> mk
>   





From is at rambler-co.ru  Sat Jul 25 11:06:51 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sat, 25 Jul 2009 11:06:51 +0400
Subject: Ngix not picking up the index file.... after upgrade
In-Reply-To: <FF725280827443F6B2FED5D71B7BA1FA@shridesk>
References: <054bd8e9e65d77c547b08e6b464289ca.NginxMailingList@forum.nginx.org> <ac2aca9ab429d57a44bbdecdfd488e57.NginxMailingList@forum.nginx.org> <20090723083452.GG67525@rambler-co.ru> <6b1504c40907230257v1c168f7dr7f8ae3b082f525ed@mail.gmail.com> <4A6A3AE3.3040007@emediavillage.com> <57fdd180907242019s2f7fe0a3s514a25e2f7989006@mail.gmail.com> <FF725280827443F6B2FED5D71B7BA1FA@shridesk>
Message-ID: <20090725070651.GA21804@rambler-co.ru>

On Sat, Jul 25, 2009 at 02:35:28PM +0800, Shri @ DevLib.Org wrote:

> I have had this working for ever and some how after the upgrade to 0.8.x it 
> seems to have stopped working.
> 
> The following config results in the http://www.hostname.com/classifieds/ 
> not working.
> 
> http://www.hostname.com/classifieds/index.php pulls up the correct file.

Probably, you need:

    location / {
        ...
        index  index.php;
    }


> What am I missing? (Yes, I do need path_info to be set correctly)
> 
>       location /classifieds/(.+\.php)(/.+)$ {
>                set $script $uri;
>                set $path_info "";
>                if ($uri ~ "(.+\.php)(/.+)") {
>                        set $script $1;
>                        set $path_info $2;
>                }
> 
>                fastcgi_param  SCRIPT_FILENAME 
> /site/expat/oct08$fastcgi_script_name;
>                fastcgi_pass   phpbackend;
>                fastcgi_param  PATH_INFO    $path_info;
>                include        fastcgi_params;
>        }
> 
> Help please. :)

Where do you use $script ?

Now you can use:

   location ~ /classifieds/(.+\.php)(/.+)$ {

       fastcgi_split_path_info ^(.+\.php)(/.+);

       fastcgi_param  SCRIPT_FILENAME /site/expat/oct08$fastcgi_script_name;
       fastcgi_param  PATH_INFO    $fastcgi_path_info;

       fastcgi_pass   phpbackend;
       include        fastcgi_params;
   }


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Sat Jul 25 11:23:56 2009
From: nginx-forum at nginx.us (anomalizer)
Date: Sat, 25 Jul 2009 03:23:56 -0400
Subject: selective caching
In-Reply-To: <7311c3b2bd741b7cf96b07b0f4fb4a3a.NginxMailingList@forum.nginx.org>
References: <7311c3b2bd741b7cf96b07b0f4fb4a3a.NginxMailingList@forum.nginx.org>
Message-ID: <f65c37f2e74e4c74002b55ea8f6fae15.NginxMailingList@forum.nginx.org>

How about setting the appropriate caching headers in the upstream for that one page?
Eg:
Cache-Control: no-store
Expires:  Thu, 01 Dec 1984 16:00:00 GMT

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4425,4444#msg-4444





From is at rambler-co.ru  Sat Jul 25 11:28:29 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sat, 25 Jul 2009 11:28:29 +0400
Subject: selective caching
In-Reply-To: <f65c37f2e74e4c74002b55ea8f6fae15.NginxMailingList@forum.nginx.org>
References: <7311c3b2bd741b7cf96b07b0f4fb4a3a.NginxMailingList@forum.nginx.org> <f65c37f2e74e4c74002b55ea8f6fae15.NginxMailingList@forum.nginx.org>
Message-ID: <20090725072829.GB21804@rambler-co.ru>

On Sat, Jul 25, 2009 at 03:23:56AM -0400, anomalizer wrote:

> How about setting the appropriate caching headers in the upstream for that one page?
> Eg:
> Cache-Control: no-store
> Expires:  Thu, 01 Dec 1984 16:00:00 GMT

Yes, yuo may control caching using these headers.
However, currently, nginx supports only "no-cache" and "max-age=###" values
in "Cache-Control.


-- 
Igor Sysoev
http://sysoev.ru/en/




From shri at devlib.org  Sat Jul 25 11:34:37 2009
From: shri at devlib.org (Shri @ DevLib.Org)
Date: Sat, 25 Jul 2009 15:34:37 +0800
Subject: Ngix not picking up the index file.... after upgrade
References: <054bd8e9e65d77c547b08e6b464289ca.NginxMailingList@forum.nginx.org> <ac2aca9ab429d57a44bbdecdfd488e57.NginxMailingList@forum.nginx.org> <20090723083452.GG67525@rambler-co.ru> <6b1504c40907230257v1c168f7dr7f8ae3b082f525ed@mail.gmail.com> <4A6A3AE3.3040007@emediavillage.com> <57fdd180907242019s2f7fe0a3s514a25e2f7989006@mail.gmail.com> <FF725280827443F6B2FED5D71B7BA1FA@shridesk> <20090725070651.GA21804@rambler-co.ru>
Message-ID: <A697C8F619C849A396615916F3C1A4A7@shridesk>

Might be better for me to paste the config here. I think months of 
modifications might have left it corrupted.

    server {

        listen 80;
        server_name  www.hostname.com hostname.com ;
        root /site/expat/oct08;
        index index.php;

        if ($host !~ ^www\.hostname\.com$) {
                rewrite ^.+ http://www.hostname.com$uri permanent;
                break;
        }

        location / {
                rewrite ^/index.php(.*)$ http://www.hostname.com/ permanent;
                try_files      $uri  @wordpress;
        }

        location ~* \.(css|js|ico|swf|gif)$ {
                access_log      off;
                expires         30d;
        }

        location /classifieds/(.+\.php)(/.+)$ {
                set $script $uri;
                set $path_info "";
                if ($uri ~ "(.+\.php)(/.+)") {
                        set $script $1;
                        set $path_info $2;
                }
                fastcgi_index  index.php;
                fastcgi_param  SCRIPT_FILENAME 
/site/expat/oct08$fastcgi_script_name;
                fastcgi_pass   phpbackend;
                fastcgi_param  PATH_INFO    $path_info;
                include        fastcgi_params;
        }

        location ~ \.php {
                set $script $uri;
                set $path_info "";
                if ($uri ~ "(.+\.php)(/.+)") {
                        set $script $1;
                        set $path_info $2;
                }

                fastcgi_index  index.php;
                fastcgi_param  SCRIPT_FILENAME 
/site/expat/oct08$fastcgi_script_name;
                fastcgi_pass   phpbackend;
                fastcgi_param  PATH_INFO    $path_info;
                include        fastcgi_params;
        }

        location @wordpress {
                fastcgi_param  SCRIPT_FILENAME  /site/expat/oct08/index.php;
                fastcgi_pass   phpbackend;
                include        fastcgi_params;
        }
}
----- Original Message ----- 
From: "Igor Sysoev" <is at rambler-co.ru>
To: <nginx at sysoev.ru>
Sent: Saturday, July 25, 2009 3:06 PM
Subject: Re: Ngix not picking up the index file.... after upgrade


> On Sat, Jul 25, 2009 at 02:35:28PM +0800, Shri @ DevLib.Org wrote:
>
>> I have had this working for ever and some how after the upgrade to 0.8.x 
>> it
>> seems to have stopped working.
>>
>> The following config results in the http://www.hostname.com/classifieds/
>> not working.
>>
>> http://www.hostname.com/classifieds/index.php pulls up the correct file.
>
> Probably, you need:
>
>    location / {
>        ...
>        index  index.php;
>    }
>
>
>> What am I missing? (Yes, I do need path_info to be set correctly)
>>
>>       location /classifieds/(.+\.php)(/.+)$ {
>>                set $script $uri;
>>                set $path_info "";
>>                if ($uri ~ "(.+\.php)(/.+)") {
>>                        set $script $1;
>>                        set $path_info $2;
>>                }
>>
>>                fastcgi_param  SCRIPT_FILENAME
>> /site/expat/oct08$fastcgi_script_name;
>>                fastcgi_pass   phpbackend;
>>                fastcgi_param  PATH_INFO    $path_info;
>>                include        fastcgi_params;
>>        }
>>
>> Help please. :)
>
> Where do you use $script ?
>
> Now you can use:
>
>   location ~ /classifieds/(.+\.php)(/.+)$ {
>
>       fastcgi_split_path_info ^(.+\.php)(/.+);
>
>       fastcgi_param  SCRIPT_FILENAME 
> /site/expat/oct08$fastcgi_script_name;
>       fastcgi_param  PATH_INFO    $fastcgi_path_info;
>
>       fastcgi_pass   phpbackend;
>       include        fastcgi_params;
>   }
>
>
> -- 
> Igor Sysoev
> http://sysoev.ru/en/
>
> 





From shri at devlib.org  Sat Jul 25 12:06:12 2009
From: shri at devlib.org (Shri @ DevLib.Org)
Date: Sat, 25 Jul 2009 16:06:12 +0800
Subject: Ngix not picking up the index file.... after upgrade
Message-ID: <88E483FF6FED4020B5C82AF58EE238D6@shridesk>

This seems to have fixed it.

        location /classifieds/ {
                index index.php;
        }

   location ~ /classifieds/(.+\.php)(/.+)$ {
       fastcgi_split_path_info ^(.+\.php)(/.+);
       fastcgi_param  SCRIPT_FILENAME /site/expat/oct08$fastcgi_script_name;
       fastcgi_param  PATH_INFO    $fastcgi_path_info;
       fastcgi_pass   phpbackend;
       include        fastcgi_params;
   }



----- Original Message ----- 
From: "Shri @ DevLib.Org" <shri at devlib.org>
To: <nginx at sysoev.ru>
Sent: Saturday, July 25, 2009 3:34 PM
Subject: Re: Ngix not picking up the index file.... after upgrade


> Might be better for me to paste the config here. I think months of 
> modifications might have left it corrupted.
>
>    server {
>
>        listen 80;
>        server_name  www.hostname.com hostname.com ;
>        root /site/expat/oct08;
>        index index.php;
>
>        if ($host !~ ^www\.hostname\.com$) {
>                rewrite ^.+ http://www.hostname.com$uri permanent;
>                break;
>        }
>
>        location / {
>                rewrite ^/index.php(.*)$ http://www.hostname.com/ 
> permanent;
>                try_files      $uri  @wordpress;
>        }
>
>        location ~* \.(css|js|ico|swf|gif)$ {
>                access_log      off;
>                expires         30d;
>        }
>
>        location /classifieds/(.+\.php)(/.+)$ {
>                set $script $uri;
>                set $path_info "";
>                if ($uri ~ "(.+\.php)(/.+)") {
>                        set $script $1;
>                        set $path_info $2;
>                }
>                fastcgi_index  index.php;
>                fastcgi_param  SCRIPT_FILENAME 
> /site/expat/oct08$fastcgi_script_name;
>                fastcgi_pass   phpbackend;
>                fastcgi_param  PATH_INFO    $path_info;
>                include        fastcgi_params;
>        }
>
>        location ~ \.php {
>                set $script $uri;
>                set $path_info "";
>                if ($uri ~ "(.+\.php)(/.+)") {
>                        set $script $1;
>                        set $path_info $2;
>                }
>
>                fastcgi_index  index.php;
>                fastcgi_param  SCRIPT_FILENAME 
> /site/expat/oct08$fastcgi_script_name;
>                fastcgi_pass   phpbackend;
>                fastcgi_param  PATH_INFO    $path_info;
>                include        fastcgi_params;
>        }
>
>        location @wordpress {
>                fastcgi_param  SCRIPT_FILENAME 
> /site/expat/oct08/index.php;
>                fastcgi_pass   phpbackend;
>                include        fastcgi_params;
>        }
> }
> ----- Original Message ----- 
> From: "Igor Sysoev" <is at rambler-co.ru>
> To: <nginx at sysoev.ru>
> Sent: Saturday, July 25, 2009 3:06 PM
> Subject: Re: Ngix not picking up the index file.... after upgrade
>
>
>> On Sat, Jul 25, 2009 at 02:35:28PM +0800, Shri @ DevLib.Org wrote:
>>
>>> I have had this working for ever and some how after the upgrade to 0.8.x 
>>> it
>>> seems to have stopped working.
>>>
>>> The following config results in the http://www.hostname.com/classifieds/
>>> not working.
>>>
>>> http://www.hostname.com/classifieds/index.php pulls up the correct file.
>>
>> Probably, you need:
>>
>>    location / {
>>        ...
>>        index  index.php;
>>    }
>>
>>
>>> What am I missing? (Yes, I do need path_info to be set correctly)
>>>
>>>       location /classifieds/(.+\.php)(/.+)$ {
>>>                set $script $uri;
>>>                set $path_info "";
>>>                if ($uri ~ "(.+\.php)(/.+)") {
>>>                        set $script $1;
>>>                        set $path_info $2;
>>>                }
>>>
>>>                fastcgi_param  SCRIPT_FILENAME
>>> /site/expat/oct08$fastcgi_script_name;
>>>                fastcgi_pass   phpbackend;
>>>                fastcgi_param  PATH_INFO    $path_info;
>>>                include        fastcgi_params;
>>>        }
>>>
>>> Help please. :)
>>
>> Where do you use $script ?
>>
>> Now you can use:
>>
>>   location ~ /classifieds/(.+\.php)(/.+)$ {
>>
>>       fastcgi_split_path_info ^(.+\.php)(/.+);
>>
>>       fastcgi_param  SCRIPT_FILENAME 
>> /site/expat/oct08$fastcgi_script_name;
>>       fastcgi_param  PATH_INFO    $fastcgi_path_info;
>>
>>       fastcgi_pass   phpbackend;
>>       include        fastcgi_params;
>>   }
>>
>>
>> -- 
>> Igor Sysoev
>> http://sysoev.ru/en/
>>
>>
> 





From tkeyser at emediavillage.com  Sat Jul 25 12:50:44 2009
From: tkeyser at emediavillage.com (Tom Keyser)
Date: Sat, 25 Jul 2009 01:50:44 -0700
Subject: debian package  for version > 0.6.32
In-Reply-To: <88E483FF6FED4020B5C82AF58EE238D6@shridesk>
References: <88E483FF6FED4020B5C82AF58EE238D6@shridesk>
Message-ID: <4A6AC764.6040305@emediavillage.com>

Anyone know where I can find a newer debian package that is not in SID? 
Or is installing the one in SID safe?




From nginx.list at daevel.fr  Sat Jul 25 13:36:47 2009
From: nginx.list at daevel.fr (Olivier B.)
Date: Sat, 25 Jul 2009 11:36:47 +0200
Subject: debian package  for version > 0.6.32
In-Reply-To: <4A6AC764.6040305@emediavillage.com>
References: <88E483FF6FED4020B5C82AF58EE238D6@shridesk> <4A6AC764.6040305@emediavillage.com>
Message-ID: <4A6AD22F.60008@daevel.fr>

Tom Keyser a ?crit :
> Anyone know where I can find a newer debian package that is not in 
> SID? Or is installing the one in SID safe?
>
Hi,

you can recompile the package for a Lenny for example :

 > aptitude install build-essential devscripts debian-keyring fakeroot
 >
 > dget http://ftp.de.debian.org/debian/pool/main/n/nginx/nginx_0.7.59-1.dsc
 > cd nginx*
 > fakeroot dpkg-buildpackage
 > ls -l ../*.deb


Olivier




From tkeyser at emediavillage.com  Sat Jul 25 14:21:46 2009
From: tkeyser at emediavillage.com (Tom Keyser)
Date: Sat, 25 Jul 2009 03:21:46 -0700
Subject: debian package  for version > 0.6.32
In-Reply-To: <4A6AD22F.60008@daevel.fr>
References: <88E483FF6FED4020B5C82AF58EE238D6@shridesk> <4A6AC764.6040305@emediavillage.com> <4A6AD22F.60008@daevel.fr>
Message-ID: <4A6ADCBA.7060706@emediavillage.com>

Unfortunately, I don't have a machine I can compile it on.. I'm running 
a Vyatta firewall and cant get the compiler to install, but fortunately 
can install packages.

Olivier B. wrote:
> Tom Keyser a ?crit :
>> Anyone know where I can find a newer debian package that is not in 
>> SID? Or is installing the one in SID safe?
>>
> Hi,
>
> you can recompile the package for a Lenny for example :
>
> > aptitude install build-essential devscripts debian-keyring fakeroot
> >
> > dget 
> http://ftp.de.debian.org/debian/pool/main/n/nginx/nginx_0.7.59-1.dsc
> > cd nginx*
> > fakeroot dpkg-buildpackage
> > ls -l ../*.deb
>
>
> Olivier
>





From tkeyser at emediavillage.com  Sat Jul 25 15:25:45 2009
From: tkeyser at emediavillage.com (Tom Keyser)
Date: Sat, 25 Jul 2009 04:25:45 -0700
Subject: debian package  for version > 0.6.32
In-Reply-To: <4A6ADCBA.7060706@emediavillage.com>
References: <88E483FF6FED4020B5C82AF58EE238D6@shridesk> <4A6AC764.6040305@emediavillage.com> <4A6AD22F.60008@daevel.fr> <4A6ADCBA.7060706@emediavillage.com>
Message-ID: <4A6AEBB9.4090307@emediavillage.com>

Also, I am running Debian 4.2.3-2 so, I expect it needs to be compiled 
etch? is that correct?

Tom Keyser wrote:
> Unfortunately, I don't have a machine I can compile it on.. I'm 
> running a Vyatta firewall and cant get the compiler to install, but 
> fortunately can install packages.
>
> Olivier B. wrote:
>> Tom Keyser a ?crit :
>>> Anyone know where I can find a newer debian package that is not in 
>>> SID? Or is installing the one in SID safe?
>>>
>> Hi,
>>
>> you can recompile the package for a Lenny for example :
>>
>> > aptitude install build-essential devscripts debian-keyring fakeroot
>> >
>> > dget 
>> http://ftp.de.debian.org/debian/pool/main/n/nginx/nginx_0.7.59-1.dsc
>> > cd nginx*
>> > fakeroot dpkg-buildpackage
>> > ls -l ../*.deb
>>
>>
>> Olivier
>>
>
>





From joe at hazardcell.com  Sat Jul 25 15:41:50 2009
From: joe at hazardcell.com (Joe Jacobs)
Date: Sat, 25 Jul 2009 12:41:50 +0100
Subject: 'Content-Length' header for POSTs
Message-ID: <cf5b5650907250441o4f40b221v541279081a2f01e2@mail.gmail.com>

In v0.7.25, POSTs without the 'Content-Length' header were allowed. I've got
v0.7.61 installed but POSTs without the 'Content-Length' header still aren't
allowed. Any ideas why?

Cheers,
Joe Jacobs
http://joejacobs.org/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090725/9a2e9ee9/attachment.html>

From merlincorey at dc949.org  Sat Jul 25 15:50:43 2009
From: merlincorey at dc949.org (merlin corey)
Date: Sat, 25 Jul 2009 04:50:43 -0700
Subject: why "if" can not be used within "if"?
In-Reply-To: <20090724105157.GJ2643@rambler-co.ru>
References: <f616044785be5b67ab14fb4d4d4e8fce.NginxMailingList@forum.nginx.org>
	 <20090724105157.GJ2643@rambler-co.ru>
Message-ID: <e0af94b80907250450tc498aa5k2ccfdfea35a976b8@mail.gmail.com>

2009/7/24 Igor Sysoev <is at rambler-co.ru>:
> Currently "if" is ugly hack.

To very slightly expand upon what Igor said, here is my understanding.
 If is an ugly hack that essentially (within a location, anyway) is
actually another psuedo-location (I think you'll see this too if you
look into code more).  On the flip side, this means many ifs can (and
should) be replaced by use of location directives in combination with
try_files directives.  Finally, and a little more philosophically, in
general the nginx configuration is a nice declarative statement about
your sites' layouts; on the other hand, "if" is an imperative
statement that breaks from this flow and is somewhat out of place.

Unfortunately, currently, there are some things you can only do with
an if.  For those cases, I ask you, do you really want a much more
complicated configuration?  Seems to me simplest is best, especially
when you have to use if!  Debugging issues with ifs I remember being
not a lot of fun in 0.6.x - try_files made it so I don't have to do
that anymore in 0.7.x and above and I am happier for it!  Good luck,
nonetheless.

-- Merlin




From nginx.list at daevel.fr  Sat Jul 25 15:56:08 2009
From: nginx.list at daevel.fr (Olivier B.)
Date: Sat, 25 Jul 2009 13:56:08 +0200
Subject: debian package  for version > 0.6.32
In-Reply-To: <4A6AEBB9.4090307@emediavillage.com>
References: <88E483FF6FED4020B5C82AF58EE238D6@shridesk> <4A6AC764.6040305@emediavillage.com> <4A6AD22F.60008@daevel.fr> <4A6ADCBA.7060706@emediavillage.com> <4A6AEBB9.4090307@emediavillage.com>
Message-ID: <4A6AF2D8.7020008@daevel.fr>

The procedure is the same, for Etch, Lenny or Squeeze.

Olivier

Tom Keyser a ?crit :
> Also, I am running Debian 4.2.3-2 so, I expect it needs to be compiled 
> etch? is that correct?
>
> Tom Keyser wrote:
>> Unfortunately, I don't have a machine I can compile it on.. I'm 
>> running a Vyatta firewall and cant get the compiler to install, but 
>> fortunately can install packages.
>>
>> Olivier B. wrote:
>>> Tom Keyser a ?crit :
>>>> Anyone know where I can find a newer debian package that is not in 
>>>> SID? Or is installing the one in SID safe?
>>>>
>>> Hi,
>>>
>>> you can recompile the package for a Lenny for example :
>>>
>>> > aptitude install build-essential devscripts debian-keyring fakeroot
>>> >
>>> > dget 
>>> http://ftp.de.debian.org/debian/pool/main/n/nginx/nginx_0.7.59-1.dsc
>>> > cd nginx*
>>> > fakeroot dpkg-buildpackage
>>> > ls -l ../*.deb
>>>
>>>
>>> Olivier
>>>
>>
>>
>
>





From merlincorey at dc949.org  Sat Jul 25 15:58:17 2009
From: merlincorey at dc949.org (merlin corey)
Date: Sat, 25 Jul 2009 04:58:17 -0700
Subject: ssl config problems binding to specific IP
In-Reply-To: <ec5918120907241335v352e6dc5h6915041a84655400@mail.gmail.com>
References: <cb6b51e20907241316q6bd21d5h741f3b6d33152db6@mail.gmail.com>
	 <ec5918120907241335v352e6dc5h6915041a84655400@mail.gmail.com>
Message-ID: <e0af94b80907250458u39ac358fy978c1d3c9cfd5bb2@mail.gmail.com>

On Fri, Jul 24, 2009 at 1:35 PM, Nick Pearson<nick.pearson at gmail.com> wrote:
> I believe the preferred way is still to use separate server blocks for
I'm pretty sure (because I brought up an SSL issue recently) that now
the preferred way is to use the default ssl method when the server
blocks are going to be exactly alike.  There is the benefit of
flexibility in configuration if you keep them separate, and
apparently, it still works a bit better that way.

-- Merlin




From merlincorey at dc949.org  Sat Jul 25 16:04:41 2009
From: merlincorey at dc949.org (merlin corey)
Date: Sat, 25 Jul 2009 05:04:41 -0700
Subject: debian package for version > 0.6.32
In-Reply-To: <4A6AEBB9.4090307@emediavillage.com>
References: <88E483FF6FED4020B5C82AF58EE238D6@shridesk>
	 <4A6AC764.6040305@emediavillage.com> <4A6AD22F.60008@daevel.fr>
	 <4A6ADCBA.7060706@emediavillage.com>
	 <4A6AEBB9.4090307@emediavillage.com>
Message-ID: <e0af94b80907250504n75a00f8ak5ffb9063a1033cb1@mail.gmail.com>

On Sat, Jul 25, 2009 at 4:25 AM, Tom Keyser<tkeyser at emediavillage.com> wrote:
> Also, I am running Debian 4.2.3-2 so, I expect it needs to be compiled etch?
> is that correct?

Yes, you basically need another etch install (VM should be fine) with
buildessential that you make the debian package on.  You might also
need to ensure it is the same architecture as the other, I am not sure
what you are doing exactly (and it's kind of out of band for this list
- the debian specific stuff, I mean).

-- Merlin

>
> Tom Keyser wrote:
>>
>> Unfortunately, I don't have a machine I can compile it on.. I'm running a
>> Vyatta firewall and cant get the compiler to install, but fortunately can
>> install packages.
>>
>> Olivier B. wrote:
>>>
>>> Tom Keyser a ?crit :
>>>>
>>>> Anyone know where I can find a newer debian package that is not in SID?
>>>> Or is installing the one in SID safe?
>>>>
>>> Hi,
>>>
>>> you can recompile the package for a Lenny for example :
>>>
>>> > aptitude install build-essential devscripts debian-keyring fakeroot
>>> >
>>> > dget
>>> > http://ftp.de.debian.org/debian/pool/main/n/nginx/nginx_0.7.59-1.dsc
>>> > cd nginx*
>>> > fakeroot dpkg-buildpackage
>>> > ls -l ../*.deb
>>>
>>>
>>> Olivier
>>>
>>
>>
>
>
>




From kowalski.michal at gmail.com  Sat Jul 25 16:43:19 2009
From: kowalski.michal at gmail.com (Michal Kowalski)
Date: Sat, 25 Jul 2009 14:43:19 +0200
Subject: Anyone with experience installing Nginx in a Vyatta firewall box 
	(Debian 4.2.3-2)
In-Reply-To: <4A6AAAA9.2050708@emediavillage.com>
References: <054bd8e9e65d77c547b08e6b464289ca.NginxMailingList@forum.nginx.org>
	 <ac2aca9ab429d57a44bbdecdfd488e57.NginxMailingList@forum.nginx.org>
	 <20090723083452.GG67525@rambler-co.ru>
	 <6b1504c40907230257v1c168f7dr7f8ae3b082f525ed@mail.gmail.com>
	 <4A6A3AE3.3040007@emediavillage.com>
	 <57fdd180907242019s2f7fe0a3s514a25e2f7989006@mail.gmail.com>
	 <4A6AAAA9.2050708@emediavillage.com>
Message-ID: <57fdd180907250543x75792170qf016b5a3ccad14ff@mail.gmail.com>

On Sat, Jul 25, 2009 at 8:48 AM, Tom Keyser<tkeyser at emediavillage.com> wrote:
> Cant find a config.log on the disk.. where might I find it?
>

ah, sorry for "twitching" with standard configure lingo. nginx's
configure seems to log its progress in objs/autoconf.err file, looking
from its root source directory.

mk
-- 
(let* ((mk "Micha? Kowalski") (sig `(lambda () ,mk))) ((eval sig)))




From joe at hazardcell.com  Sat Jul 25 20:05:59 2009
From: joe at hazardcell.com (Joe Jacobs)
Date: Sat, 25 Jul 2009 17:05:59 +0100
Subject: 'Content-Length' header for POSTs
In-Reply-To: <cf5b5650907250441o4f40b221v541279081a2f01e2@mail.gmail.com>
References: <cf5b5650907250441o4f40b221v541279081a2f01e2@mail.gmail.com>
Message-ID: <cf5b5650907250905t4d9f461k5fd2567ece8ebe3f@mail.gmail.com>

FYI, this is the request that is received by the server.

2009/07/25 15:41:04 [debug] 29780#0: *10 http request line: "POST
/test.php HTTP/1.1"
2009/07/25 15:41:04 [debug] 29780#0: *10 http uri: "/test.php"
2009/07/25 15:41:04 [debug] 29780#0: *10 http args: ""
2009/07/25 15:41:04 [debug] 29780#0: *10 http exten: "sync"
2009/07/25 15:41:04 [debug] 29780#0: *10 http process request header line
2009/07/25 15:41:04 [debug] 29780#0: *10 http header: "framecode: x"
2009/07/25 15:41:04 [debug] 29780#0: *10 http header: "framepin: y"
2009/07/25 15:41:04 [debug] 29780#0: *10 http header: "User-Agent:
ALP.SYNC.CLIENT.1.0"
2009/07/25 15:41:04 [debug] 29780#0: *10 http header: "Content-Type:
text/xml-alp"
2009/07/25 15:41:04 [debug] 29780#0: *10 http header:
"Transfer-Encoding: chunked"
2009/07/25 15:41:04 [debug] 29780#0: *10 http header: "Connection: Keep-Alive"
2009/07/25 15:41:04 [debug] 29780#0: *10 http header: "Host: example.com"
2009/07/25 15:41:04 [debug] 29780#0: *10 http header done
2009/07/25 15:41:04 [info] 29780#0: *10 client sent
"Transfer-Encoding: chunked" header while reading client request
headers, client: 12.34.56.78, server: example.com, request: "POST
/test.php HTTP/1.1", host: "example.com"
2009/07/25 15:41:04 [debug] 29780#0: *10 http finalize request: 411,
"/test.php" 1
2009/07/25 15:41:04 [debug] 29780#0: *10 event timer del: 25: 2996007162
2009/07/25 15:41:04 [debug] 29780#0: *10 http special response: 411, "/test.php"
2009/07/25 15:41:04 [debug] 29780#0: *10 http set discard body
2009/07/25 15:41:04 [debug] 29780#0: *10 HTTP/1.1 411 Length Required
Server: nginx/0.7.61
Date: Sat, 25 Jul 2009 15:41:04 GMT
Content-Type: text/html
Content-Length: 181
Connection: close

Is the error coming up because the content-length isn't 0?




From valery+nginxen at grid.net.ru  Sat Jul 25 21:22:11 2009
From: valery+nginxen at grid.net.ru (Valery Kholodkov)
Date: Sat, 25 Jul 2009 19:22:11 +0200
Subject: mogilefs module 1.0.2
Message-ID: <4A6B3F43.3090505@grid.net.ru>


Changes in version 1.0.2 (July 25 2009):
  * Added feature: directive mogilefs_methods and support for PUT and 
DELETE methods
  * Added feature: dynamic evaluation of tracker name
  * Added feature: ability to pass noverify parameter to tracker

The first 2 features were commissioned by GG Network SA (gadu-gadu.pl). 
These features allow write access to MogileFS using nginx, as well as 
locating of tracker dynamically. The Gadu-Gadu developers were very kind 
to test these features. Hopefully there are no major issues.

The noverify parameter instructs MogileFS tracker to avoid querying the 
database for location of files if possible and use cached results, thus 
eliminating some of the database server load.

The details on the following page:
http://www.grid.net.ru/nginx/mogilefs.en.html

Feel free to contact me if you have problems with this!

-- 
Best regards,
Valery Kholodkov




From mike503 at gmail.com  Sat Jul 25 23:56:55 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Sat, 25 Jul 2009 12:56:55 -0700
Subject: mogilefs module 1.0.2
In-Reply-To: <4A6B3F43.3090505@grid.net.ru>
References: <4A6B3F43.3090505@grid.net.ru>
Message-ID: <bd9320b30907251256v7027b40fp81247eb14907e444@mail.gmail.com>

So this means this module now handles the DAV requests as well, so it
can be a mogstored node?

nginx technically already supported that :) However this could be more
efficient, etc. I'm wondering if I am understanding this properly.

On Sat, Jul 25, 2009 at 10:22 AM, Valery
Kholodkov<valery+nginxen at grid.net.ru> wrote:
>
> Changes in version 1.0.2 (July 25 2009):
> ?* Added feature: directive mogilefs_methods and support for PUT and DELETE
> methods
> ?* Added feature: dynamic evaluation of tracker name
> ?* Added feature: ability to pass noverify parameter to tracker
>
> The first 2 features were commissioned by GG Network SA (gadu-gadu.pl).
> These features allow write access to MogileFS using nginx, as well as
> locating of tracker dynamically. The Gadu-Gadu developers were very kind to
> test these features. Hopefully there are no major issues.
>
> The noverify parameter instructs MogileFS tracker to avoid querying the
> database for location of files if possible and use cached results, thus
> eliminating some of the database server load.
>
> The details on the following page:
> http://www.grid.net.ru/nginx/mogilefs.en.html
>
> Feel free to contact me if you have problems with this!
>
> --
> Best regards,
> Valery Kholodkov
>
>




From valery+nginxen at grid.net.ru  Sun Jul 26 01:20:29 2009
From: valery+nginxen at grid.net.ru (Valery Kholodkov)
Date: Sat, 25 Jul 2009 23:20:29 +0200
Subject: mogilefs module 1.0.2
In-Reply-To: <bd9320b30907251256v7027b40fp81247eb14907e444@mail.gmail.com>
References: <4A6B3F43.3090505@grid.net.ru> <bd9320b30907251256v7027b40fp81247eb14907e444@mail.gmail.com>
Message-ID: <4A6B771D.40302@grid.net.ru>

Yes, but making a mogstored node out of it is a bad idea.

Michael Shadle wrote:
> So this means this module now handles the DAV requests as well, so it
> can be a mogstored node?
> 
> nginx technically already supported that :) However this could be more
> efficient, etc. I'm wondering if I am understanding this properly.
> 
> On Sat, Jul 25, 2009 at 10:22 AM, Valery
> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>> Changes in version 1.0.2 (July 25 2009):
>>  * Added feature: directive mogilefs_methods and support for PUT and DELETE
>> methods
>>  * Added feature: dynamic evaluation of tracker name
>>  * Added feature: ability to pass noverify parameter to tracker
>>
>> The first 2 features were commissioned by GG Network SA (gadu-gadu.pl).
>> These features allow write access to MogileFS using nginx, as well as
>> locating of tracker dynamically. The Gadu-Gadu developers were very kind to
>> test these features. Hopefully there are no major issues.
>>
>> The noverify parameter instructs MogileFS tracker to avoid querying the
>> database for location of files if possible and use cached results, thus
>> eliminating some of the database server load.
>>
>> The details on the following page:
>> http://www.grid.net.ru/nginx/mogilefs.en.html
>>
>> Feel free to contact me if you have problems with this!

-- 
Best regards,
Valery Kholodkov




From mike503 at gmail.com  Sun Jul 26 01:44:11 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Sat, 25 Jul 2009 14:44:11 -0700
Subject: mogilefs module 1.0.2
In-Reply-To: <4A6B771D.40302@grid.net.ru>
References: <4A6B3F43.3090505@grid.net.ru> <bd9320b30907251256v7027b40fp81247eb14907e444@mail.gmail.com> <4A6B771D.40302@grid.net.ru>
Message-ID: <958C81A0-DC51-4D98-832B-0D0723F4DD56@gmail.com>

Just for discussion sake why is that? I actually have the same  
instance of nginx with two separate http{} blocks. One for mogstored  
and one for normal web serving. It might even be possible to have it  
under the same http block. I never looked into it that much.

I guess explaining the pros and cons of doing it that way vs. Using  
the module would be good info to know.

Sent from my iPhone

On Jul 25, 2009, at 2:20 PM, Valery Kholodkov <valery+nginxen at grid.net.ru 
 > wrote:

> Yes, but making a mogstored node out of it is a bad idea.
>
> Michael Shadle wrote:
>> So this means this module now handles the DAV requests as well, so it
>> can be a mogstored node?
>> nginx technically already supported that :) However this could be  
>> more
>> efficient, etc. I'm wondering if I am understanding this properly.
>> On Sat, Jul 25, 2009 at 10:22 AM, Valery
>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>> Changes in version 1.0.2 (July 25 2009):
>>> * Added feature: directive mogilefs_methods and support for PUT  
>>> and DELETE
>>> methods
>>> * Added feature: dynamic evaluation of tracker name
>>> * Added feature: ability to pass noverify parameter to tracker
>>>
>>> The first 2 features were commissioned by GG Network SA (gadu-gadu.pl 
>>> ).
>>> These features allow write access to MogileFS using nginx, as well  
>>> as
>>> locating of tracker dynamically. The Gadu-Gadu developers were  
>>> very kind to
>>> test these features. Hopefully there are no major issues.
>>>
>>> The noverify parameter instructs MogileFS tracker to avoid  
>>> querying the
>>> database for location of files if possible and use cached results,  
>>> thus
>>> eliminating some of the database server load.
>>>
>>> The details on the following page:
>>> http://www.grid.net.ru/nginx/mogilefs.en.html
>>>
>>> Feel free to contact me if you have problems with this!
>
> -- 
> Best regards,
> Valery Kholodkov
>




From ianevans at digitalhit.com  Sun Jul 26 03:47:59 2009
From: ianevans at digitalhit.com (Ian M. Evans)
Date: Sat, 25 Jul 2009 19:47:59 -0400
Subject: cgi recommendations
In-Reply-To: <a3780c060907220127q1b4f352ia6d9f581f3ff2ed5@mail.gmail.com>
References: <4A6651C1.5040804@digitalhit.com>	 <20090722080118.GJ3297@node.waugh.id.au> <a3780c060907220127q1b4f352ia6d9f581f3ff2ed5@mail.gmail.com>
Message-ID: <4A6B99AF.7050700@digitalhit.com>

Thanks for all the suggestions guys!




From nginx-forum at nginx.us  Sun Jul 26 06:09:08 2009
From: nginx-forum at nginx.us (wolfenstock)
Date: Sat, 25 Jul 2009 22:09:08 -0400
Subject: error_log and $host?
Message-ID: <e22a670c77f737ceb3df8e49802f2b8d.NginxMailingList@forum.nginx.org>

any chance to get this to work.  access_log accepts the variable but the error_log spits out an error.  Is this by design?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4467,4467#msg-4467





From merlincorey at dc949.org  Sun Jul 26 11:14:54 2009
From: merlincorey at dc949.org (merlin corey)
Date: Sun, 26 Jul 2009 00:14:54 -0700
Subject: error_log and $host?
In-Reply-To: <e22a670c77f737ceb3df8e49802f2b8d.NginxMailingList@forum.nginx.org>
References: <e22a670c77f737ceb3df8e49802f2b8d.NginxMailingList@forum.nginx.org>
Message-ID: <e0af94b80907260014m56030ed5h18ee8a68788e7247@mail.gmail.com>

Currently this is the way things work, yes.  If it is by specific
design, I would guess only Igor can you give you a true answer.

Generally I have seen Igor and others recommending against the use of
catch-all servers with variables everywhere, but I understand that to
some people this is the path of least resistance (though it always
seems to me they end up putting forth more effort trying to make
complicated configurations that work with all hosts).  With that in
mind, I don't know if this is high up on the list of things to get
done soon, and again Igor would know best, but you could always try
sponsoring the change if this is mission critical for you.

-- Merlin

On Sat, Jul 25, 2009 at 7:09 PM, wolfenstock<nginx-forum at nginx.us> wrote:
> any chance to get this to work. ?access_log accepts the variable but the error_log spits out an error. ?Is this by design?
>
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4467,4467#msg-4467
>
>
>




From lists at ruby-forum.com  Sun Jul 26 18:42:55 2009
From: lists at ruby-forum.com (Mitchua Mitchua)
Date: Sun, 26 Jul 2009 16:42:55 +0200
Subject: Upstream fail over?
In-Reply-To: <e0af94b80906260233l6c7b1156u7ea741b0daf3d40f@mail.gmail.com>
References: <d2f801544aeb0ff32eb00e11a64c9b5b.NginxMailingList@forum.nginx.org> <e0af94b80906260233l6c7b1156u7ea741b0daf3d40f@mail.gmail.com>
Message-ID: <a22cf9c84adb70f8a6b4780b6203853f@ruby-forum.com>

merlin corey wrote:
> Hello,
> 
> Yes, very easily with 0.7.x and above.  It would be something like
> below ( check http://wiki.nginx.org/NginxHttpCoreModule#try_files )
> 
> location / {
>   try_files @varnish @application;
> }
> 
> location @varnish {
>   // proxy to varnish
> }
> 
> location @application {
>   // proxy to application
> }
> 
> -- Merlin

I tried a config like this on 0.8.6 and I found that all requests ended 
up going to the @application proxy, skipping the @varnish proxy 
entirely. Am I doing something wrong?

Here's a sample of my config:

upstream varnishservers
{
  server 10.1.1.1:80;
}


upstream originservers
{
  server 10.1.1.2:80;
  server 10.1.1.2:80;
}

server
{
     listen       8080;
  server_name _;
  server_name_in_redirect  off;

    location /
  {
    try_files @vanish @origin;
  }
  location @varnish
  {
    proxy_pass http://varnishservers;
    proxy_set_header Host $host;
    proxy_connect_timeout 3;
    proxy_next_upstream error timeout;
  }

  location @origin
  {
    proxy_pass http://originservers;
    proxy_set_header Host $host;
    proxy_connect_timeout 3;
    proxy_next_upstream error timeout;
  }

}

Thanks!
-- 
Posted via http://www.ruby-forum.com/.




From nginx-forum at nginx.us  Sun Jul 26 20:05:45 2009
From: nginx-forum at nginx.us (wolfenstock)
Date: Sun, 26 Jul 2009 12:05:45 -0400
Subject: error_log and $host?
In-Reply-To: <e22a670c77f737ceb3df8e49802f2b8d.NginxMailingList@forum.nginx.org>
References: <e22a670c77f737ceb3df8e49802f2b8d.NginxMailingList@forum.nginx.org>
Message-ID: <4c1a87a2d5d3f0d5bd49f4fc018eac17.NginxMailingList@forum.nginx.org>

hrm...  I do not think the $hosts variable is bad.  You use it to give your existing domain hierarchy an error log in that folder for that domain. This is what I have for the access_log.  Without the working $host in the error_log I would have to separately write each domain again to put it in it's subfolder.  Not very productive.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4467,4471#msg-4471





From apseudoutopia at gmail.com  Sun Jul 26 22:07:28 2009
From: apseudoutopia at gmail.com (APseudoUtopia)
Date: Sun, 26 Jul 2009 14:07:28 -0400
Subject: Alias in Nginx Config
Message-ID: <27ade5280907261107y4e2b4dd7x92d42cf24eccd454@mail.gmail.com>

Hey list,

How does one create an alias in nginx? Here's my setup:

My web-root is /usr/local/www/main. It's a copy of a SVN repo, so I
cannot manually add any folders in there.
I want to make an alias from domain.com/wiki to /usr/local/www/wiki.
I've tried the following code:

location = /wiki {
alias /usr/local/www/wiki;
}

But this isn't working. nginx is returning a "404" error. Here's the
whole config for the server block:

server {
    set $web_root /usr/local/www/main;

    listen x.x.x.x:443 default accept_filter=httpready;
    server_name domain.tld;
    access_log /var/log/httpd/nginx.access.ssl.log main buffer=4k;
    root $web_root;

    # www redirect
    if ($host ~* www\.(.*)) {
        rewrite ^(.*)$ https://domain.tld$1 permanent;
    }

    ssl on;
    ssl_certificate /usr/local/etc/nginx/ssl.crt;
    ssl_certificate_key /usr/local/etc/nginx/ssl.key;
    ssl_ciphers -ALL:!ADH:!NULL:!aNULL:!eNULL:HIGH;
    ssl_prefer_server_ciphers on;
    ssl_protocols SSLv3 TLSv1;
    ssl_verify_client off;
    ssl_verify_depth 1;
    ssl_session_cache shared:NGXSSL:1m;
    ssl_session_timeout 5m;

    # Wiki
    location = /wiki/ {
        alias /usr/local/www/skittles_wiki/;
    }

    location ~ .*\.php$ {
        try_files $uri /404.html;
        fastcgi_index index.php;
        fastcgi_ignore_client_abort off;
        fastcgi_intercept_errors off;
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_read_timeout 10; # sec to wait for php-cgi to return data
        fastcgi_param SCRIPT_FILENAME $web_root$fastcgi_script_name;
        include /usr/local/etc/nginx/fastcgi_params;
    }
}




From is at rambler-co.ru  Sun Jul 26 23:25:45 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Sun, 26 Jul 2009 23:25:45 +0400
Subject: Alias in Nginx Config
In-Reply-To: <27ade5280907261107y4e2b4dd7x92d42cf24eccd454@mail.gmail.com>
References: <27ade5280907261107y4e2b4dd7x92d42cf24eccd454@mail.gmail.com>
Message-ID: <20090726192545.GB48529@rambler-co.ru>

On Sun, Jul 26, 2009 at 02:07:28PM -0400, APseudoUtopia wrote:

> Hey list,
> 
> How does one create an alias in nginx? Here's my setup:
> 
> My web-root is /usr/local/www/main. It's a copy of a SVN repo, so I
> cannot manually add any folders in there.
> I want to make an alias from domain.com/wiki to /usr/local/www/wiki.
> I've tried the following code:
> 
> location = /wiki {
> alias /usr/local/www/wiki;
> }
> 
> But this isn't working. nginx is returning a "404" error. Here's the
> whole config for the server block:
> 
> server {
>     set $web_root /usr/local/www/main;
> 
>     listen x.x.x.x:443 default accept_filter=httpready;
>     server_name domain.tld;
>     access_log /var/log/httpd/nginx.access.ssl.log main buffer=4k;
>     root $web_root;
> 
>     # www redirect
>     if ($host ~* www\.(.*)) {
>         rewrite ^(.*)$ https://domain.tld$1 permanent;
>     }
> 
>     ssl on;
>     ssl_certificate /usr/local/etc/nginx/ssl.crt;
>     ssl_certificate_key /usr/local/etc/nginx/ssl.key;
>     ssl_ciphers -ALL:!ADH:!NULL:!aNULL:!eNULL:HIGH;
>     ssl_prefer_server_ciphers on;
>     ssl_protocols SSLv3 TLSv1;
>     ssl_verify_client off;
>     ssl_verify_depth 1;
>     ssl_session_cache shared:NGXSSL:1m;
>     ssl_session_timeout 5m;
> 
>     # Wiki
>     location = /wiki/ {
>         alias /usr/local/www/skittles_wiki/;
>     }
> 
>     location ~ .*\.php$ {
>         try_files $uri /404.html;
>         fastcgi_index index.php;
>         fastcgi_ignore_client_abort off;
>         fastcgi_intercept_errors off;
>         fastcgi_pass 127.0.0.1:9000;
>         fastcgi_read_timeout 10; # sec to wait for php-cgi to return data
>         fastcgi_param SCRIPT_FILENAME $web_root$fastcgi_script_name;
>         include /usr/local/etc/nginx/fastcgi_params;
>     }
> }

Frist, this

     # www redirect
     if ($host ~* www\.(.*)) {
         rewrite ^(.*)$ https://domain.tld$1 permanent;
     }

should be written as separate server:

server {
     server_name www.domain.tld;

     rewrite ^(.*)$ https://domain.tld$1 permanent;
}

Second, "set" in

     set $web_root /usr/local/www/main;
     ...
     root $web_root;
     ...
         fastcgi_param SCRIPT_FILENAME $web_root$fastcgi_script_name;

is just waste of CPU cycles and should be changed to

     root /usr/local/www/main;
     ...
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

As to wiki, you need to omit "=":

     location /wiki/ {
         alias /usr/local/www/skittles_wiki/;
     }


-- 
Igor Sysoev
http://sysoev.ru/en/




From nunomagalhaes at eu.ipp.pt  Mon Jul 27 00:08:25 2009
From: nunomagalhaes at eu.ipp.pt (=?UTF-8?Q?Nuno_Magalh=C3=A3es?=)
Date: Sun, 26 Jul 2009 21:08:25 +0100
Subject: Content negotiation?
Message-ID: <6b1504c40907261308i497b50f0r2e7c43ff28a9f52e@mail.gmail.com>

Hi,

According to [1] i assume nginx doesn0t support content negotiation
yet. (With a simple test it - 0.7.59 - replied with a 404.) Is this
true? If so, is it planned for the near future? If not, are there any
workarounds?

Thanks,
Nuno Magalh?es

[1] http://wiki.nginx.org/NginxFeatureRequests

-- 
()  ascii ribbon campaign - against html e-mail
/\  ascii-rubanda kampajno - kontra? html-a retpo?to




From mdounin at mdounin.ru  Mon Jul 27 00:56:00 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Mon, 27 Jul 2009 00:56:00 +0400
Subject: Upstream fail over?
In-Reply-To: <a22cf9c84adb70f8a6b4780b6203853f@ruby-forum.com>
References: <d2f801544aeb0ff32eb00e11a64c9b5b.NginxMailingList@forum.nginx.org> <e0af94b80906260233l6c7b1156u7ea741b0daf3d40f@mail.gmail.com> <a22cf9c84adb70f8a6b4780b6203853f@ruby-forum.com>
Message-ID: <20090726205559.GF1240@mdounin.ru>

Hello!

On Sun, Jul 26, 2009 at 04:42:55PM +0200, Mitchua Mitchua wrote:

> merlin corey wrote:
> > Hello,
> > 
> > Yes, very easily with 0.7.x and above.  It would be something like
> > below ( check http://wiki.nginx.org/NginxHttpCoreModule#try_files )
> > 
> > location / {
> >   try_files @varnish @application;
> > }
> > 
> > location @varnish {
> >   // proxy to varnish
> > }
> > 
> > location @application {
> >   // proxy to application
> > }
> > 
> > -- Merlin
> 
> I tried a config like this on 0.8.6 and I found that all requests ended 
> up going to the @application proxy, skipping the @varnish proxy 
> entirely. Am I doing something wrong?

No, merlin's suggestion was misleading, try_files doesn't work 
this way - it checks static files existance and fallbacks last uri
if no one was found, e.g.

    location / {
        try_files /file1.html /file1.en.html @fallback;
    }

    location @fallback {
        proxy_pass ...
    }

For your task you should use error_page based fallback, e.g. to 
catch 404 errors from varnish and pass them to application use 
something like this:

    location / {
        error_page  404  = @fallback;
        proxy_intercept_errors on;

        # proxy to varnish
        proxy_pass ...;
    }

    location @fallback {
        # proxy to application
        proxy_pass ...;
    }

Maxim Dounin




From maccaday at gmail.com  Mon Jul 27 05:30:53 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Mon, 27 Jul 2009 04:30:53 +0300
Subject: Upstream fail over?
In-Reply-To: <20090726205559.GF1240@mdounin.ru>
References: <d2f801544aeb0ff32eb00e11a64c9b5b.NginxMailingList@forum.nginx.org> <e0af94b80906260233l6c7b1156u7ea741b0daf3d40f@mail.gmail.com> <a22cf9c84adb70f8a6b4780b6203853f@ruby-forum.com> <20090726205559.GF1240@mdounin.ru>
Message-ID: <4A6D034D.4050701@gmail.com>

Hi Merlin,

It appears you're trying to do :

HTTP > Nginx > Varnish > (back to Nginx as failsafe) > application.

Apart from the fact that try_files won't work with the config you 
mentioned, I think you should probably be trying to use a different 
application stack (or at least use them in a different way).  One of the 
below options are probably better:

HTTP > Varnish > application         (Varnish has its own load-balancing 
and failover for connections to backends)
HTTP > Varnish > Nginx (load-balancing) > application
HTTP > Varnish > HAProxy > application      (HAProxy will typically 
out-perform Nginx when all you need to do is to load-balance)
HTTP > HAProxy > Varnish [> HAProxy] > application   (Very-high load and 
failsafe - only need initial load-balancing with a very large number of 
requests per second)
HTTP > Nginx (cache) > application      (use the proxy cache feature in 
Nginx, proxying to the application with a cache-miss)

If you have a normal load, then probably the first or the last of these 
suggestions would probably be best for you.  If you will have more than 
a couple of application servers, then I would probably recommend the 
last (i.e. using Nginx to cache, since I believe Nginx performs 
load-balancing better than Varnish at this time, though you can do more 
with VCL than you can with Nginx's conf files. 

Hope this is useful,

Marcus.


>   
>> merlin corey wrote:
>>     
>>> Hello,
>>>
>>> Yes, very easily with 0.7.x and above.  It would be something like
>>> below ( check http://wiki.nginx.org/NginxHttpCoreModule#try_files )
>>>
>>> location / {
>>>   try_files @varnish @application;
>>> }
>>>
>>> location @varnish {
>>>   // proxy to varnish
>>> }
>>>
>>> location @application {
>>>   // proxy to application
>>> }
>>>
>>> -- Merlin
>>>       





From nginx-forum at nginx.us  Mon Jul 27 06:57:23 2009
From: nginx-forum at nginx.us (climbor)
Date: Sun, 26 Jul 2009 22:57:23 -0400
Subject: why "if" can not be used within "if"?
In-Reply-To: <f616044785be5b67ab14fb4d4d4e8fce.NginxMailingList@forum.nginx.org>
References: <f616044785be5b67ab14fb4d4d4e8fce.NginxMailingList@forum.nginx.org>
Message-ID: <d3ea1640126b19f7aa473ae27e589685.NginxMailingList@forum.nginx.org>

Thanks for the replies.

Yeah, I surely preferred simple configuration. I just wish that
with if we can organize compares and processes into a tree
to accelerate the processing. I kind of like the idea of "if". It
make nginx more powerful and flexible.

And I also noticed the overhead of context and script engine.
I have not figured out whether these overheads will consume
the processing time "tree like if" have saved. I'll do more tests.
Also the try_files which I have ignored. Thanks Merlin.

Maybe the context overhead is necessary. But the compare
result can be cached. lighttpd have such mechanism.

BTW,
I didn't quite follow Igor. Will "if" vanish or improved in the 
future versions?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4419,4478#msg-4478





From is at rambler-co.ru  Mon Jul 27 10:19:39 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Mon, 27 Jul 2009 10:19:39 +0400
Subject: Content negotiation?
In-Reply-To: <6b1504c40907261308i497b50f0r2e7c43ff28a9f52e@mail.gmail.com>
References: <6b1504c40907261308i497b50f0r2e7c43ff28a9f52e@mail.gmail.com>
Message-ID: <20090727061939.GC57057@rambler-co.ru>

On Sun, Jul 26, 2009 at 09:08:25PM +0100, Nuno Magalh??es wrote:

> According to [1] i assume nginx doesn0t support content negotiation
> yet. (With a simple test it - 0.7.59 - replied with a 404.) Is this
> true? If so, is it planned for the near future? If not, are there any
> workarounds?
>
> Thanks,
> Nuno Magalh??es
> 
> [1] http://wiki.nginx.org/NginxFeatureRequests

nginx does not support content negotiation since I never saw working
content negotiation setups, at least in Russia. Could you show good
examples ?


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Mon Jul 27 12:47:45 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Mon, 27 Jul 2009 12:47:45 +0400
Subject: Upstream fail over?
In-Reply-To: <d2f801544aeb0ff32eb00e11a64c9b5b.NginxMailingList@forum.nginx.org>
References: <d2f801544aeb0ff32eb00e11a64c9b5b.NginxMailingList@forum.nginx.org>
Message-ID: <20090727084745.GB60821@rambler-co.ru>

On Tue, Jun 23, 2009 at 10:48:41AM -0400, MortenP wrote:

> Is it possible to have nginx proxy to upstream_a and if that fails then default to upstream_b?
> 
> What I would like to accomplish is to have a Varnish upstream, and if that's down, then nginx should just proxy to the application backend directly. 

   upstream ups {
       server  upstream_a;
       server  upstream_b backup;
   }

However, probably you may omit Varnish and use nginx's proxy cache.


-- 
Igor Sysoev
http://sysoev.ru/en/




From valery+nginxen at grid.net.ru  Mon Jul 27 13:48:57 2009
From: valery+nginxen at grid.net.ru (Valery Kholodkov)
Date: Mon, 27 Jul 2009 10:48:57 +0100 (BST)
Subject: mogilefs module 1.0.2
In-Reply-To: <958C81A0-DC51-4D98-832B-0D0723F4DD56@gmail.com>
Message-ID: <6178383.98961248688137196.JavaMail.root@zone.mtgsy.net>


This is to use nginx as a frontend to MogileFS and hide interaction with the tracker while store files.

----- Michael Shadle <mike503 at gmail.com> wrote:
> Just for discussion sake why is that? I actually have the same  
> instance of nginx with two separate http{} blocks. One for mogstored  
> and one for normal web serving. It might even be possible to have it  
> under the same http block. I never looked into it that much.
> 
> I guess explaining the pros and cons of doing it that way vs. Using  
> the module would be good info to know.
> 
> Sent from my iPhone
> 
> On Jul 25, 2009, at 2:20 PM, Valery Kholodkov <valery+nginxen at grid.net.ru 
>  > wrote:
> 
> > Yes, but making a mogstored node out of it is a bad idea.
> >
> > Michael Shadle wrote:
> >> So this means this module now handles the DAV requests as well, so it
> >> can be a mogstored node?
> >> nginx technically already supported that :) However this could be  
> >> more
> >> efficient, etc. I'm wondering if I am understanding this properly.
> >> On Sat, Jul 25, 2009 at 10:22 AM, Valery
> >> Kholodkov<valery+nginxen at grid.net.ru> wrote:
> >>> Changes in version 1.0.2 (July 25 2009):
> >>> * Added feature: directive mogilefs_methods and support for PUT  
> >>> and DELETE
> >>> methods
> >>> * Added feature: dynamic evaluation of tracker name
> >>> * Added feature: ability to pass noverify parameter to tracker
> >>>
> >>> The first 2 features were commissioned by GG Network SA (gadu-gadu.pl 
> >>> ).
> >>> These features allow write access to MogileFS using nginx, as well  
> >>> as
> >>> locating of tracker dynamically. The Gadu-Gadu developers were  
> >>> very kind to
> >>> test these features. Hopefully there are no major issues.
> >>>
> >>> The noverify parameter instructs MogileFS tracker to avoid  
> >>> querying the
> >>> database for location of files if possible and use cached results,  
> >>> thus
> >>> eliminating some of the database server load.
> >>>
> >>> The details on the following page:
> >>> http://www.grid.net.ru/nginx/mogilefs.en.html
> >>>
> >>> Feel free to contact me if you have problems with this!
> >
> > -- 
> > Best regards,
> > Valery Kholodkov
> >
> 

-- 
-- 
Regards,
Valery Kholodkov




From is at rambler-co.ru  Mon Jul 27 13:47:49 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Mon, 27 Jul 2009 13:47:49 +0400
Subject: mogilefs module 1.0.2
In-Reply-To: <958C81A0-DC51-4D98-832B-0D0723F4DD56@gmail.com>
References: <4A6B3F43.3090505@grid.net.ru> <bd9320b30907251256v7027b40fp81247eb14907e444@mail.gmail.com> <4A6B771D.40302@grid.net.ru> <958C81A0-DC51-4D98-832B-0D0723F4DD56@gmail.com>
Message-ID: <20090727094749.GE60821@rambler-co.ru>

On Sat, Jul 25, 2009 at 02:44:11PM -0700, Michael Shadle wrote:

> Just for discussion sake why is that? I actually have the same  
> instance of nginx with two separate http{} blocks. One for mogstored  

Do you mean

http {
    ...
}

http {
    ...
}

in one configuration ? This setup is not supported (and never supposed to
be supported) and may lead to unexpected results.

> and one for normal web serving. It might even be possible to have it  
> under the same http block. I never looked into it that much.
> 
> I guess explaining the pros and cons of doing it that way vs. Using  
> the module would be good info to know.
> 
> Sent from my iPhone
> 
> On Jul 25, 2009, at 2:20 PM, Valery Kholodkov <valery+nginxen at grid.net.ru 
> > wrote:
> 
> >Yes, but making a mogstored node out of it is a bad idea.
> >
> >Michael Shadle wrote:
> >>So this means this module now handles the DAV requests as well, so it
> >>can be a mogstored node?
> >>nginx technically already supported that :) However this could be  
> >>more
> >>efficient, etc. I'm wondering if I am understanding this properly.
> >>On Sat, Jul 25, 2009 at 10:22 AM, Valery
> >>Kholodkov<valery+nginxen at grid.net.ru> wrote:
> >>>Changes in version 1.0.2 (July 25 2009):
> >>>* Added feature: directive mogilefs_methods and support for PUT  
> >>>and DELETE
> >>>methods
> >>>* Added feature: dynamic evaluation of tracker name
> >>>* Added feature: ability to pass noverify parameter to tracker
> >>>
> >>>The first 2 features were commissioned by GG Network SA (gadu-gadu.pl 
> >>>).
> >>>These features allow write access to MogileFS using nginx, as well  
> >>>as
> >>>locating of tracker dynamically. The Gadu-Gadu developers were  
> >>>very kind to
> >>>test these features. Hopefully there are no major issues.
> >>>
> >>>The noverify parameter instructs MogileFS tracker to avoid  
> >>>querying the
> >>>database for location of files if possible and use cached results,  
> >>>thus
> >>>eliminating some of the database server load.
> >>>
> >>>The details on the following page:
> >>>http://www.grid.net.ru/nginx/mogilefs.en.html
> >>>
> >>>Feel free to contact me if you have problems with this!
> >
> >-- 
> >Best regards,
> >Valery Kholodkov
> >

-- 
Igor Sysoev
http://sysoev.ru/en/




From nunomagalhaes at eu.ipp.pt  Mon Jul 27 15:39:23 2009
From: nunomagalhaes at eu.ipp.pt (=?UTF-8?Q?Nuno_Magalh=C3=A3es?=)
Date: Mon, 27 Jul 2009 12:39:23 +0100
Subject: Content negotiation?
In-Reply-To: <20090727061939.GC57057@rambler-co.ru>
References: <6b1504c40907261308i497b50f0r2e7c43ff28a9f52e@mail.gmail.com> 
	<20090727061939.GC57057@rambler-co.ru>
Message-ID: <6b1504c40907270439h2f161363l713d74f09fa0c049@mail.gmail.com>

> nginx does not support content negotiation since I never saw working
> content negotiation setups, at least in Russia. Could you show good
> examples ?

I have just started learning about content negotiation, so i am no
expert by any measure. This is the little i found so far:

This W3 site [1] briefly explains it and provides links to other
related sites as well as to this japanese site [2], which supports
content negotiation (for language). There's also another site [3]
which covers the issue and has examples... for Apache.

Most examples i found cover content negotiation for multi-language
sites, although the concept can be used for any type of file.

Hope this helps somehow...

Thanks,
Nuno Magalh?es

[1] http://www.w3.org/QA/2006/02/content_negotiation.html
[2] http://www.tokyoartbeat.com/
[3] http://www.cs.tut.fi/~jkorpela/multi/

-- 
()  ascii-rubanda kampajno - kontra? html-a retpo?to
/\  ascii ribbon campaign - against html e-mail




From frumentius at gmail.com  Mon Jul 27 15:53:00 2009
From: frumentius at gmail.com (Joe)
Date: Mon, 27 Jul 2009 18:53:00 +0700
Subject: Nginx for performance, with suhosin
Message-ID: <f68f97510907270453r1e4682b4ua9ac6782b8a7435b@mail.gmail.com>

Hello,

I am installing nginx for performance, is suhosin really needed for
security?
With suhosin patch seems no trouble.
But with suhosin installed extension, canary mismatch on efree() - heap
overflow detected found 3-15 daily.

I want to remove suhosin patch and extension without any aware of security
problem.

I have googling around, many people doesn't use suhosin.

Thank You in advance.

Regards,
Joe
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090727/50a042e7/attachment.html>

From nunomagalhaes at eu.ipp.pt  Mon Jul 27 16:25:28 2009
From: nunomagalhaes at eu.ipp.pt (=?UTF-8?Q?Nuno_Magalh=C3=A3es?=)
Date: Mon, 27 Jul 2009 13:25:28 +0100
Subject: Content negotiation?
In-Reply-To: <6b1504c40907270439h2f161363l713d74f09fa0c049@mail.gmail.com>
References: <6b1504c40907261308i497b50f0r2e7c43ff28a9f52e@mail.gmail.com> 
	<20090727061939.GC57057@rambler-co.ru> <6b1504c40907270439h2f161363l713d74f09fa0c049@mail.gmail.com>
Message-ID: <6b1504c40907270525q47d03571r2e06ea5fe26539fa@mail.gmail.com>

www.debian.org also uses content-negotiation




From thepixeldeveloper at googlemail.com  Mon Jul 27 18:40:38 2009
From: thepixeldeveloper at googlemail.com (Mathew Davies)
Date: Mon, 27 Jul 2009 15:40:38 +0100
Subject: Nginx for performance, with suhosin
In-Reply-To: <f68f97510907270453r1e4682b4ua9ac6782b8a7435b@mail.gmail.com>
References: <f68f97510907270453r1e4682b4ua9ac6782b8a7435b@mail.gmail.com>
Message-ID: <16b7ceee0907270740x54b6135cr2db449e5abb84ac1@mail.gmail.com>

Umm, Sohshin is for PHP and wont affect your NGinx performance. You
should be asking this on the PHP mailing list.

2009/7/27 Joe <frumentius at gmail.com>:
> Hello,
>
> I am installing nginx for performance, is suhosin really needed for
> security?
> With suhosin patch seems no trouble.
> But with suhosin installed extension, canary mismatch on efree() - heap
> overflow detected found 3-15 daily.
>
> I want to remove suhosin patch and extension without any aware of security
> problem.
>
> I have googling around, many people doesn't use suhosin.
>
> Thank You in advance.
>
> Regards,
> Joe
>



-- 
Kind Regards,
Mathew Davies - Managing Director
The Pixel Developer




From is at rambler-co.ru  Mon Jul 27 19:34:37 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Mon, 27 Jul 2009 19:34:37 +0400
Subject: nginx-0.8.7
Message-ID: <20090727153437.GI60821@rambler-co.ru>

Changes with nginx 0.8.7                                         27 Jul 2009

    *) Change: minimum supported OpenSSL version is 0.9.7.

    *) Change: the "ask" parameter of the "ssl_verify_client" directive was 
       changed to the "optional" parameter and now it checks a client 
       certificate if it was offered.
       Thanks to Brice Figureau.

    *) Feature: the $ssl_client_verify variable.
       Thanks to Brice Figureau.

    *) Feature: the "ssl_crl" directive.
       Thanks to Brice Figureau.

    *) Feature: the "proxy" parameter of the "geo" directive.

    *) Feature: the "image_filter" directive supports variables for setting 
       size.

    *) Bugfix: the $ssl_client_cert variable usage corrupted memory; the 
       bug had appeared in 0.7.7.
       Thanks to Sergey Zhuravlev.

    *) Bugfix: "proxy_pass_header" and "fastcgi_pass_header" directives did 
       not pass to a client the "X-Accel-Redirect", "X-Accel-Limit-Rate", 
       "X-Accel-Buffering", and "X-Accel-Charset" lines from backend 
       response header.
       Thanks to Maxim Dounin.

    *) Bugfix: in handling "Last-Modified" and "Accept-Ranges" backend 
       response header lines; the bug had appeared in 0.7.44.
       Thanks to Maxim Dounin.

    *) Bugfix: the "[alert] zero size buf" error if subrequest returns an 
       empty response; the bug had appeared in 0.8.5.


-- 
Igor Sysoev
http://sysoev.ru/en/




From mike503 at gmail.com  Mon Jul 27 19:57:30 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Mon, 27 Jul 2009 08:57:30 -0700
Subject: mogilefs module 1.0.2
In-Reply-To: <20090727094749.GE60821@rambler-co.ru>
References: <4A6B3F43.3090505@grid.net.ru>
	 <bd9320b30907251256v7027b40fp81247eb14907e444@mail.gmail.com>
	 <4A6B771D.40302@grid.net.ru>
	 <958C81A0-DC51-4D98-832B-0D0723F4DD56@gmail.com>
	 <20090727094749.GE60821@rambler-co.ru>
Message-ID: <bd9320b30907270857p3d32e32evdf77885d4b946c44@mail.gmail.com>

Oh. You're right. It is server {} blocks already, not http {}.

I don't know why I thought I had two different server blocks.

2009/7/27 Igor Sysoev <is at rambler-co.ru>:
> On Sat, Jul 25, 2009 at 02:44:11PM -0700, Michael Shadle wrote:
>
>> Just for discussion sake why is that? I actually have the same
>> instance of nginx with two separate http{} blocks. One for mogstored
>
> Do you mean
>
> http {
> ? ?...
> }
>
> http {
> ? ?...
> }
>
> in one configuration ? This setup is not supported (and never supposed to
> be supported) and may lead to unexpected results.
>
>> and one for normal web serving. It might even be possible to have it
>> under the same http block. I never looked into it that much.
>>
>> I guess explaining the pros and cons of doing it that way vs. Using
>> the module would be good info to know.
>>
>> Sent from my iPhone
>>
>> On Jul 25, 2009, at 2:20 PM, Valery Kholodkov <valery+nginxen at grid.net.ru
>> > wrote:
>>
>> >Yes, but making a mogstored node out of it is a bad idea.
>> >
>> >Michael Shadle wrote:
>> >>So this means this module now handles the DAV requests as well, so it
>> >>can be a mogstored node?
>> >>nginx technically already supported that :) However this could be
>> >>more
>> >>efficient, etc. I'm wondering if I am understanding this properly.
>> >>On Sat, Jul 25, 2009 at 10:22 AM, Valery
>> >>Kholodkov<valery+nginxen at grid.net.ru> wrote:
>> >>>Changes in version 1.0.2 (July 25 2009):
>> >>>* Added feature: directive mogilefs_methods and support for PUT
>> >>>and DELETE
>> >>>methods
>> >>>* Added feature: dynamic evaluation of tracker name
>> >>>* Added feature: ability to pass noverify parameter to tracker
>> >>>
>> >>>The first 2 features were commissioned by GG Network SA (gadu-gadu.pl
>> >>>).
>> >>>These features allow write access to MogileFS using nginx, as well
>> >>>as
>> >>>locating of tracker dynamically. The Gadu-Gadu developers were
>> >>>very kind to
>> >>>test these features. Hopefully there are no major issues.
>> >>>
>> >>>The noverify parameter instructs MogileFS tracker to avoid
>> >>>querying the
>> >>>database for location of files if possible and use cached results,
>> >>>thus
>> >>>eliminating some of the database server load.
>> >>>
>> >>>The details on the following page:
>> >>>http://www.grid.net.ru/nginx/mogilefs.en.html
>> >>>
>> >>>Feel free to contact me if you have problems with this!
>> >
>> >--
>> >Best regards,
>> >Valery Kholodkov
>> >
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
>




From mike503 at gmail.com  Mon Jul 27 19:59:32 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Mon, 27 Jul 2009 08:59:32 -0700
Subject: mogilefs module 1.0.2
In-Reply-To: <6178383.98961248688137196.JavaMail.root@zone.mtgsy.net>
References: <958C81A0-DC51-4D98-832B-0D0723F4DD56@gmail.com>
	 <6178383.98961248688137196.JavaMail.root@zone.mtgsy.net>
Message-ID: <bd9320b30907270859j83c9c24uc69fc86a2dcbe0e6@mail.gmail.com>

Ah, so the module does all the work, instead of the client contacting
the tracker, and the tracker using the nginx-based mogstored; this
actually takes the file itself and pushes it into the mogilefs system
for you?

I suppose that's a pretty cool feature then. Anything to keep
configuration light and usability the easiest.

On Mon, Jul 27, 2009 at 2:48 AM, Valery
Kholodkov<valery+nginxen at grid.net.ru> wrote:
>
> This is to use nginx as a frontend to MogileFS and hide interaction with the tracker while store files.
>
> ----- Michael Shadle <mike503 at gmail.com> wrote:
>> Just for discussion sake why is that? I actually have the same
>> instance of nginx with two separate http{} blocks. One for mogstored
>> and one for normal web serving. It might even be possible to have it
>> under the same http block. I never looked into it that much.
>>
>> I guess explaining the pros and cons of doing it that way vs. Using
>> the module would be good info to know.
>>
>> Sent from my iPhone
>>
>> On Jul 25, 2009, at 2:20 PM, Valery Kholodkov <valery+nginxen at grid.net.ru
>> ?> wrote:
>>
>> > Yes, but making a mogstored node out of it is a bad idea.
>> >
>> > Michael Shadle wrote:
>> >> So this means this module now handles the DAV requests as well, so it
>> >> can be a mogstored node?
>> >> nginx technically already supported that :) However this could be
>> >> more
>> >> efficient, etc. I'm wondering if I am understanding this properly.
>> >> On Sat, Jul 25, 2009 at 10:22 AM, Valery
>> >> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>> >>> Changes in version 1.0.2 (July 25 2009):
>> >>> * Added feature: directive mogilefs_methods and support for PUT
>> >>> and DELETE
>> >>> methods
>> >>> * Added feature: dynamic evaluation of tracker name
>> >>> * Added feature: ability to pass noverify parameter to tracker
>> >>>
>> >>> The first 2 features were commissioned by GG Network SA (gadu-gadu.pl
>> >>> ).
>> >>> These features allow write access to MogileFS using nginx, as well
>> >>> as
>> >>> locating of tracker dynamically. The Gadu-Gadu developers were
>> >>> very kind to
>> >>> test these features. Hopefully there are no major issues.
>> >>>
>> >>> The noverify parameter instructs MogileFS tracker to avoid
>> >>> querying the
>> >>> database for location of files if possible and use cached results,
>> >>> thus
>> >>> eliminating some of the database server load.
>> >>>
>> >>> The details on the following page:
>> >>> http://www.grid.net.ru/nginx/mogilefs.en.html
>> >>>
>> >>> Feel free to contact me if you have problems with this!
>> >
>> > --
>> > Best regards,
>> > Valery Kholodkov
>> >
>>
>
> --
> --
> Regards,
> Valery Kholodkov
>
>




From nginx-forum at nginx.us  Mon Jul 27 20:59:08 2009
From: nginx-forum at nginx.us (bard)
Date: Mon, 27 Jul 2009 12:59:08 -0400
Subject: Emulate mod_auth_mysql in nginx?
In-Reply-To: <009601c9a686$42880a10$c7981e30$@com>
References: <009601c9a686$42880a10$c7981e30$@com>
Message-ID: <dc0dda26228614edd4a091fe1d635a9a.NginxMailingList@forum.nginx.org>

Floren Munteanu Wrote:
-------------------------------------------------------
> > From: Igor Sysoev 
> > Posted At: Monday, March 16, 2009 7:05 AM
> > I have almost ready async mysql interface for
> nginx,
> > that can be used here.
> 
> When do you think it will be available?

Seconded!  It would be very useful, are there still plans to release it?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,12,4490#msg-4490





From valery+nginxen at grid.net.ru  Mon Jul 27 21:48:10 2009
From: valery+nginxen at grid.net.ru (Valery Kholodkov)
Date: Mon, 27 Jul 2009 19:48:10 +0200
Subject: mogilefs module 1.0.2
In-Reply-To: <bd9320b30907270859j83c9c24uc69fc86a2dcbe0e6@mail.gmail.com>
References: <958C81A0-DC51-4D98-832B-0D0723F4DD56@gmail.com>	 <6178383.98961248688137196.JavaMail.root@zone.mtgsy.net> <bd9320b30907270859j83c9c24uc69fc86a2dcbe0e6@mail.gmail.com>
Message-ID: <4A6DE85A.2080403@grid.net.ru>

Hello Michael!

Michael Shadle wrote:
> Ah, so the module does all the work, instead of the client contacting
> the tracker, and the tracker using the nginx-based mogstored; this
> actually takes the file itself and pushes it into the mogilefs system
> for you?

Yes, this is what it was written for.

> I suppose that's a pretty cool feature then. Anything to keep
> configuration light and usability the easiest.
> 
> On Mon, Jul 27, 2009 at 2:48 AM, Valery
> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>> This is to use nginx as a frontend to MogileFS and hide interaction with the tracker while store files.
>>
>> ----- Michael Shadle <mike503 at gmail.com> wrote:
>>> Just for discussion sake why is that? I actually have the same
>>> instance of nginx with two separate http{} blocks. One for mogstored
>>> and one for normal web serving. It might even be possible to have it
>>> under the same http block. I never looked into it that much.
>>>
>>> I guess explaining the pros and cons of doing it that way vs. Using
>>> the module would be good info to know.
>>>
>>> Sent from my iPhone
>>>
>>> On Jul 25, 2009, at 2:20 PM, Valery Kholodkov <valery+nginxen at grid.net.ru
>>>  > wrote:
>>>
>>>> Yes, but making a mogstored node out of it is a bad idea.
>>>>
>>>> Michael Shadle wrote:
>>>>> So this means this module now handles the DAV requests as well, so it
>>>>> can be a mogstored node?
>>>>> nginx technically already supported that :) However this could be
>>>>> more
>>>>> efficient, etc. I'm wondering if I am understanding this properly.
>>>>> On Sat, Jul 25, 2009 at 10:22 AM, Valery
>>>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>>>>> Changes in version 1.0.2 (July 25 2009):
>>>>>> * Added feature: directive mogilefs_methods and support for PUT
>>>>>> and DELETE
>>>>>> methods
>>>>>> * Added feature: dynamic evaluation of tracker name
>>>>>> * Added feature: ability to pass noverify parameter to tracker
>>>>>>
>>>>>> The first 2 features were commissioned by GG Network SA (gadu-gadu.pl
>>>>>> ).
>>>>>> These features allow write access to MogileFS using nginx, as well
>>>>>> as
>>>>>> locating of tracker dynamically. The Gadu-Gadu developers were
>>>>>> very kind to
>>>>>> test these features. Hopefully there are no major issues.
>>>>>>
>>>>>> The noverify parameter instructs MogileFS tracker to avoid
>>>>>> querying the
>>>>>> database for location of files if possible and use cached results,
>>>>>> thus
>>>>>> eliminating some of the database server load.
>>>>>>
>>>>>> The details on the following page:
>>>>>> http://www.grid.net.ru/nginx/mogilefs.en.html
>>>>>>
>>>>>> Feel free to contact me if you have problems with this!

-- 
Best regards,
Valery Kholodkov




From thepixeldeveloper at googlemail.com  Mon Jul 27 22:50:14 2009
From: thepixeldeveloper at googlemail.com (Mathew Davies)
Date: Mon, 27 Jul 2009 19:50:14 +0100
Subject: nginx-0.8.7
In-Reply-To: <20090727153437.GI60821@rambler-co.ru>
References: <20090727153437.GI60821@rambler-co.ru>
Message-ID: <16b7ceee0907271150j52b97b29h19ae69eb1a578a73@mail.gmail.com>

Thank you Igor.

Much appreciated.

2009/7/27 Igor Sysoev <is at rambler-co.ru>:
> Changes with nginx 0.8.7 ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? ? 27 Jul 2009
>
> ? ?*) Change: minimum supported OpenSSL version is 0.9.7.
>
> ? ?*) Change: the "ask" parameter of the "ssl_verify_client" directive was
> ? ? ? changed to the "optional" parameter and now it checks a client
> ? ? ? certificate if it was offered.
> ? ? ? Thanks to Brice Figureau.
>
> ? ?*) Feature: the $ssl_client_verify variable.
> ? ? ? Thanks to Brice Figureau.
>
> ? ?*) Feature: the "ssl_crl" directive.
> ? ? ? Thanks to Brice Figureau.
>
> ? ?*) Feature: the "proxy" parameter of the "geo" directive.
>
> ? ?*) Feature: the "image_filter" directive supports variables for setting
> ? ? ? size.
>
> ? ?*) Bugfix: the $ssl_client_cert variable usage corrupted memory; the
> ? ? ? bug had appeared in 0.7.7.
> ? ? ? Thanks to Sergey Zhuravlev.
>
> ? ?*) Bugfix: "proxy_pass_header" and "fastcgi_pass_header" directives did
> ? ? ? not pass to a client the "X-Accel-Redirect", "X-Accel-Limit-Rate",
> ? ? ? "X-Accel-Buffering", and "X-Accel-Charset" lines from backend
> ? ? ? response header.
> ? ? ? Thanks to Maxim Dounin.
>
> ? ?*) Bugfix: in handling "Last-Modified" and "Accept-Ranges" backend
> ? ? ? response header lines; the bug had appeared in 0.7.44.
> ? ? ? Thanks to Maxim Dounin.
>
> ? ?*) Bugfix: the "[alert] zero size buf" error if subrequest returns an
> ? ? ? empty response; the bug had appeared in 0.8.5.
>
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
>



-- 
Kind Regards,
Mathew Davies - Managing Director
The Pixel Developer




From jdub at bethesignal.org  Tue Jul 28 04:17:47 2009
From: jdub at bethesignal.org (Jeff Waugh)
Date: Tue, 28 Jul 2009 10:17:47 +1000
Subject: Content negotiation?
In-Reply-To: <20090727061939.GC57057@rambler-co.ru>
References: <6b1504c40907261308i497b50f0r2e7c43ff28a9f52e@mail.gmail.com> <20090727061939.GC57057@rambler-co.ru>
Message-ID: <20090728001747.GO3297@node.waugh.id.au>

<quote who="Igor Sysoev">

> nginx does not support content negotiation since I never saw working
> content negotiation setups, at least in Russia. Could you show good
> examples ?

One very simple but useful form of content negotiation is the ability to
supply files according to the preferred mime types. For instance:

  http://www.example.com/images/logo -> server provides logo.gif or logo.png
  depending on what the browser provides in the Accepts header.

Then there's conneg for all kinds of other things like languages, but this
might be a good first step for nginx.

- Jeff

-- 
linux.conf.au 2010: Wellington, NZ                http://www.lca2010.org.nz/
 
     Broken hearts rarely come with "Some Assembly Required" stickers.




From jdub at bethesignal.org  Tue Jul 28 04:44:44 2009
From: jdub at bethesignal.org (Jeff Waugh)
Date: Tue, 28 Jul 2009 10:44:44 +1000
Subject: nginx-0.8.7
In-Reply-To: <20090727153437.GI60821@rambler-co.ru>
References: <20090727153437.GI60821@rambler-co.ru>
Message-ID: <20090728004444.GA31717@node.waugh.id.au>

<quote who="Igor Sysoev">

> Changes with nginx 0.8.7                                         27 Jul 2009

Thanks Igor -- 0.8.7 is now available in my development PPA:

  https://launchpad.net/~jdub/+archive/devel

- Jeff

-- 
linux.conf.au 2010: Wellington, NZ                http://www.lca2010.org.nz/
 
                    GNOME. Vorsprung durch Einfachheit.




From joe at hazardcell.com  Tue Jul 28 06:14:54 2009
From: joe at hazardcell.com (Joe Jacobs)
Date: Tue, 28 Jul 2009 03:14:54 +0100
Subject: 'Content-Length' header for POSTs
In-Reply-To: <cf5b5650907250905t4d9f461k5fd2567ece8ebe3f@mail.gmail.com>
References: <cf5b5650907250441o4f40b221v541279081a2f01e2@mail.gmail.com>
	 <cf5b5650907250905t4d9f461k5fd2567ece8ebe3f@mail.gmail.com>
Message-ID: <cf5b5650907271914k48b97920nc4e8485c0a71a6fb@mail.gmail.com>

anyone?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090728/d44c7923/attachment.html>

From nginx-forum at nginx.us  Tue Jul 28 06:20:37 2009
From: nginx-forum at nginx.us (climbor)
Date: Mon, 27 Jul 2009 22:20:37 -0400
Subject: Content negotiation?
In-Reply-To: <6b1504c40907261308i497b50f0r2e7c43ff28a9f52e@forum.nginx.org>
References: <6b1504c40907261308i497b50f0r2e7c43ff28a9f52e@forum.nginx.org>
Message-ID: <b0efab05da0d4cfa0e75cc886f950af1.NginxMailingList@forum.nginx.org>

Maybe a rewrite rule can help you I guess.
Good luck.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4475,4495#msg-4495





From iberkner at gmail.com  Tue Jul 28 07:37:35 2009
From: iberkner at gmail.com (Ilan Berkner)
Date: Mon, 27 Jul 2009 23:37:35 -0400
Subject: If I could get some help in optimizing my nginx configuration... ?
Message-ID: <77432c470907272037h139c6686k37a87f37ba63080f@mail.gmail.com>

Thank you in advance for taking a look at this configuration:

http://pastebin.com/m4893b5cf

Really simple configuration, we have a dedicated web server connected to a
dedicated data server.  We're about to see our seasonal spike so I was
hoping to run it by the group and see if there are any suggestions?

We're running a Joomla site with SEF turned on so the URL rewrite is
necessary.

Thanks!
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090727/a5426f86/attachment.html>

From daniel at telesat.co.jp  Tue Jul 28 08:10:11 2009
From: daniel at telesat.co.jp (Daniel)
Date: Tue, 28 Jul 2009 13:10:11 +0900
Subject: mogilefs module 1.0.2
In-Reply-To: <4A6DE85A.2080403@grid.net.ru>
References: <958C81A0-DC51-4D98-832B-0D0723F4DD56@gmail.com>	 <6178383.98961248688137196.JavaMail.root@zone.mtgsy.net> <bd9320b30907270859j83c9c24uc69fc86a2dcbe0e6@mail.gmail.com> <4A6DE85A.2080403@grid.net.ru>
Message-ID: <4A6E7A23.5000801@telesat.co.jp>

Hi Valery,

I just installed the module and recompiled nginx, set the config file as 
in the example from your site.  Now i can download the files from 
reverse proxy directly.  Very Cool.  Thanks a lot.
Can you give us examples of the config to push files into the mogilefs 
storage?.
> Yes, but making a mogstored node out of it is a bad idea.
I'm using nginx as a mogstored frontend without problems.

Tuqui

Valery Kholodkov ????????:
> Hello Michael!
>
> Michael Shadle wrote:
>> Ah, so the module does all the work, instead of the client contacting
>> the tracker, and the tracker using the nginx-based mogstored; this
>> actually takes the file itself and pushes it into the mogilefs system
>> for you?
>
> Yes, this is what it was written for.
>
>> I suppose that's a pretty cool feature then. Anything to keep
>> configuration light and usability the easiest.
>>
>> On Mon, Jul 27, 2009 at 2:48 AM, Valery
>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>> This is to use nginx as a frontend to MogileFS and hide interaction 
>>> with the tracker while store files.
>>>
>>> ----- Michael Shadle <mike503 at gmail.com> wrote:
>>>> Just for discussion sake why is that? I actually have the same
>>>> instance of nginx with two separate http{} blocks. One for mogstored
>>>> and one for normal web serving. It might even be possible to have it
>>>> under the same http block. I never looked into it that much.
>>>>
>>>> I guess explaining the pros and cons of doing it that way vs. Using
>>>> the module would be good info to know.
>>>>
>>>> Sent from my iPhone
>>>>
>>>> On Jul 25, 2009, at 2:20 PM, Valery Kholodkov 
>>>> <valery+nginxen at grid.net.ru
>>>>  > wrote:
>>>>
>>>>> Yes, but making a mogstored node out of it is a bad idea.
>>>>>
>>>>> Michael Shadle wrote:
>>>>>> So this means this module now handles the DAV requests as well, 
>>>>>> so it
>>>>>> can be a mogstored node?
>>>>>> nginx technically already supported that :) However this could be
>>>>>> more
>>>>>> efficient, etc. I'm wondering if I am understanding this properly.
>>>>>> On Sat, Jul 25, 2009 at 10:22 AM, Valery
>>>>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>>>>>> Changes in version 1.0.2 (July 25 2009):
>>>>>>> * Added feature: directive mogilefs_methods and support for PUT
>>>>>>> and DELETE
>>>>>>> methods
>>>>>>> * Added feature: dynamic evaluation of tracker name
>>>>>>> * Added feature: ability to pass noverify parameter to tracker
>>>>>>>
>>>>>>> The first 2 features were commissioned by GG Network SA 
>>>>>>> (gadu-gadu.pl
>>>>>>> ).
>>>>>>> These features allow write access to MogileFS using nginx, as well
>>>>>>> as
>>>>>>> locating of tracker dynamically. The Gadu-Gadu developers were
>>>>>>> very kind to
>>>>>>> test these features. Hopefully there are no major issues.
>>>>>>>
>>>>>>> The noverify parameter instructs MogileFS tracker to avoid
>>>>>>> querying the
>>>>>>> database for location of files if possible and use cached results,
>>>>>>> thus
>>>>>>> eliminating some of the database server load.
>>>>>>>
>>>>>>> The details on the following page:
>>>>>>> http://www.grid.net.ru/nginx/mogilefs.en.html
>>>>>>>
>>>>>>> Feel free to contact me if you have problems with this!
>


-- 
*********************************************************
??? ????
????????????????????
?900-0036 ????????5??2?1?
????????6F
Tel : 098-942-5575
Fax : 098-942-5574
URL : www.telesat.co.jp
      www.netfan.ne.jp
Mail : daniel at telesat.co.jp
*********************************************************
Daniel Nakasone
Marine System Associates, Inc.
Address : 5-2-1 Makiminato Annex 6F
          Urasoe City,
          Okinawa Japan 900-0036
Tel : +81-98-942-5575
Fax : +81-98-942-5574
URL : www.telesat.co.jp
      www.netfan.ne.jp
Mail : daniel at telesat.co.jp
*********************************************************





From peacech at gmail.com  Tue Jul 28 08:14:09 2009
From: peacech at gmail.com (Charles)
Date: Tue, 28 Jul 2009 11:14:09 +0700
Subject: Offline documentation (CHM)
Message-ID: <f749b5840907272114l7aee2e4ey8b6e5d4566df7469@mail.gmail.com>

Hi,

I have compiled a chm from the nginx wiki site. You can download it here:

http://www.mediafire.com/?jv2gueicmnn




From chanceycn at gmail.com  Tue Jul 28 09:17:17 2009
From: chanceycn at gmail.com (=?utf-8?B?Q2hhbmNleQ==?=)
Date: Tue, 28 Jul 2009 13:17:17 +0800
Subject: =?utf-8?B?UmU6IE9mZmxpbmUgZG9jdW1lbnRhdGlvbiAoQ0hNKQ==?=
References: <f749b5840907272114l7aee2e4ey8b6e5d4566df7469@mail.gmail.com>
Message-ID: <200907281317137651854@gmail.com>

Great! But i cann't conntect this link from china,
I use proxy to connected it ,but cann't download.
Could you offer another linke please?

2009-07-28 



Chancey 



???? Charles 
????? 2009-07-28  12:17:34 
???? nginx 
??? 
??? Offline documentation (CHM) 
 
Hi,
I have compiled a chm from the nginx wiki site. You can download it here:
http://www.mediafire.com/?jv2gueicmnn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090728/2d792cce/attachment.html>

From chanceycn at gmail.com  Tue Jul 28 09:22:38 2009
From: chanceycn at gmail.com (=?utf-8?B?Q2hhbmNleQ==?=)
Date: Tue, 28 Jul 2009 13:22:38 +0800
Subject: =?utf-8?B?UmU6IFJlOiBPZmZsaW5lIGRvY3VtZW50YXRpb24gKENITSk=?=
References: <f749b5840907272114l7aee2e4ey8b6e5d4566df7469@mail.gmail.com>,
 <200907281317137651854@gmail.com>
Message-ID: <200907281322365461173@gmail.com>

um..

if the filesize isn't large and you don't mind, you can send email to me
thanks.

2009-07-28 



Chancey 



???? Chancey 
????? 2009-07-28  13:17:13 
???? nginx 
??? 
??? Re: Offline documentation (CHM) 
Great! But i cann't conntect this link from china,
I use proxy to connected it ,but cann't download.
Could you offer another linke please?

2009-07-28 



Chancey 



???? Charles 
????? 2009-07-28  12:17:34 
???? nginx 
??? 
??? Offline documentation (CHM) 
Hi,
I have compiled a chm from the nginx wiki site. You can download it here:
http://www.mediafire.com/?jv2gueicmnn
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090728/383545fb/attachment.html>

From hendrik.hardeman at hotmail.com  Tue Jul 28 09:42:07 2009
From: hendrik.hardeman at hotmail.com (Hendrik Hardeman)
Date: Tue, 28 Jul 2009 11:12:07 +0530
Subject: Offline documentation (CHM)
In-Reply-To: <200907281322365461173@gmail.com>
References: <f749b5840907272114l7aee2e4ey8b6e5d4566df7469@mail.gmail.com>,
 <200907281317137651854@gmail.com>  <200907281322365461173@gmail.com>
Message-ID: <BAY137-W115B3B75FB8701BE0597B18E150@phx.gbl>


have downloaded and will email

 

Hendrik


 


Date: Tue, 28 Jul 2009 13:22:38 +0800
From: chanceycn at gmail.com
To: nginx at sysoev.ru
Subject: Re: Re: Offline documentation (CHM)








um..
 
if the filesize isn't large and you don't mind, you can send email to me
thanks.
 
2009-07-28 


Chancey 


???? Chancey 
????? 2009-07-28  13:17:13 
???? nginx 
??? 
??? Re: Offline documentation (CHM) 


Great! But i cann't conntect this link from china,
I use proxy to connected it ,but cann't download.
Could you offer another linke please?
 
2009-07-28 


Chancey 


???? Charles 
????? 2009-07-28  12:17:34 
???? nginx 
??? 
??? Offline documentation (CHM) 


Hi,

I have compiled a chm from the nginx wiki site. You can download it here:

http://www.mediafire.com/?jv2gueicmnn

_________________________________________________________________
With Windows Live, you can organize, edit, and share your photos.
http://www.microsoft.com/india/windows/windowslive/products/photo-gallery-edit.aspx
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090728/ae01bc9b/attachment.html>

From nginx-forum at nginx.us  Tue Jul 28 09:43:57 2009
From: nginx-forum at nginx.us (holstebm)
Date: Tue, 28 Jul 2009 01:43:57 -0400
Subject: try_files problem
Message-ID: <27e1e346bb11d91ee243a6d31a094fde.NginxMailingList@forum.nginx.org>

I can't get the following to work and, after reading and re-reading all the documentation I could find, am not sure if this is a bug or a restriction.

try_files @nocache @cache;

The thought here is @nocache will succeed if a cookie is present and @cache will succeed if not.

The problem is, the first argument seems to be ignored.  I say that because, if I change JUST the try_files without changing any other lines in the configuration I get two different results.  In each case, the final argument in the try_files is always reached...cache displaying correctly when there is no cookie and a blank page if there is a cookie while try_files @cache @nocache displays correctly when there is a cookie but a blank page if there is not.

So is this a restriction or a bug on using internal locations in try_files?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4504,4504#msg-4504





From valery+nginxen at grid.net.ru  Tue Jul 28 09:51:45 2009
From: valery+nginxen at grid.net.ru (Valery Kholodkov)
Date: Tue, 28 Jul 2009 07:51:45 +0200
Subject: mogilefs module 1.0.2
In-Reply-To: <4A6E7A23.5000801@telesat.co.jp>
References: <958C81A0-DC51-4D98-832B-0D0723F4DD56@gmail.com>	 <6178383.98961248688137196.JavaMail.root@zone.mtgsy.net> <bd9320b30907270859j83c9c24uc69fc86a2dcbe0e6@mail.gmail.com> <4A6DE85A.2080403@grid.net.ru> <4A6E7A23.5000801@telesat.co.jp>
Message-ID: <4A6E91F1.6070603@grid.net.ru>

Daniel wrote:
> Hi Valery,
> 
> I just installed the module and recompiled nginx, set the config file as 
> in the example from your site.  Now i can download the files from 
> reverse proxy directly.  Very Cool.  Thanks a lot.
> Can you give us examples of the config to push files into the mogilefs 
> storage?.

location /upload/ {
   mogilefs_tracker tracker;
   mogilefs_domain domain;
   mogilefs_methods PUT;
   mogilefs_pass {
     proxy_pass $mogilefs_path;
   }
}

>> Yes, but making a mogstored node out of it is a bad idea.
> I'm using nginx as a mogstored frontend without problems.

It wasn't about nginx, it was about using nginx+mogilefs module as 
storage node.

> 
> Tuqui
> 
> Valery Kholodkov ????????:
>> Hello Michael!
>>
>> Michael Shadle wrote:
>>> Ah, so the module does all the work, instead of the client contacting
>>> the tracker, and the tracker using the nginx-based mogstored; this
>>> actually takes the file itself and pushes it into the mogilefs system
>>> for you?
>>
>> Yes, this is what it was written for.
>>
>>> I suppose that's a pretty cool feature then. Anything to keep
>>> configuration light and usability the easiest.
>>>
>>> On Mon, Jul 27, 2009 at 2:48 AM, Valery
>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>>> This is to use nginx as a frontend to MogileFS and hide interaction 
>>>> with the tracker while store files.
>>>>
>>>> ----- Michael Shadle <mike503 at gmail.com> wrote:
>>>>> Just for discussion sake why is that? I actually have the same
>>>>> instance of nginx with two separate http{} blocks. One for mogstored
>>>>> and one for normal web serving. It might even be possible to have it
>>>>> under the same http block. I never looked into it that much.
>>>>>
>>>>> I guess explaining the pros and cons of doing it that way vs. Using
>>>>> the module would be good info to know.
>>>>>
>>>>> Sent from my iPhone
>>>>>
>>>>> On Jul 25, 2009, at 2:20 PM, Valery Kholodkov 
>>>>> <valery+nginxen at grid.net.ru
>>>>>  > wrote:
>>>>>
>>>>>> Yes, but making a mogstored node out of it is a bad idea.
>>>>>>
>>>>>> Michael Shadle wrote:
>>>>>>> So this means this module now handles the DAV requests as well, 
>>>>>>> so it
>>>>>>> can be a mogstored node?
>>>>>>> nginx technically already supported that :) However this could be
>>>>>>> more
>>>>>>> efficient, etc. I'm wondering if I am understanding this properly.
>>>>>>> On Sat, Jul 25, 2009 at 10:22 AM, Valery
>>>>>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>>>>>>> Changes in version 1.0.2 (July 25 2009):
>>>>>>>> * Added feature: directive mogilefs_methods and support for PUT
>>>>>>>> and DELETE
>>>>>>>> methods
>>>>>>>> * Added feature: dynamic evaluation of tracker name
>>>>>>>> * Added feature: ability to pass noverify parameter to tracker
>>>>>>>>
>>>>>>>> The first 2 features were commissioned by GG Network SA 
>>>>>>>> (gadu-gadu.pl
>>>>>>>> ).
>>>>>>>> These features allow write access to MogileFS using nginx, as well
>>>>>>>> as
>>>>>>>> locating of tracker dynamically. The Gadu-Gadu developers were
>>>>>>>> very kind to
>>>>>>>> test these features. Hopefully there are no major issues.
>>>>>>>>
>>>>>>>> The noverify parameter instructs MogileFS tracker to avoid
>>>>>>>> querying the
>>>>>>>> database for location of files if possible and use cached results,
>>>>>>>> thus
>>>>>>>> eliminating some of the database server load.
>>>>>>>>
>>>>>>>> The details on the following page:
>>>>>>>> http://www.grid.net.ru/nginx/mogilefs.en.html
>>>>>>>>
>>>>>>>> Feel free to contact me if you have problems with this!
>>
> 
> 


-- 
Best regards,
Valery Kholodkov




From chanceycn at gmail.com  Tue Jul 28 09:53:58 2009
From: chanceycn at gmail.com (Chancey)
Date: Tue, 28 Jul 2009 13:53:58 +0800
Subject: Offline documentation (CHM)
References: <f749b5840907272114l7aee2e4ey8b6e5d4566df7469@mail.gmail.com>,
 <200907281317137651854@gmail.com>,
 <200907281322365461173@gmail.com>,
 <BAY137-W115B3B75FB8701BE0597B18E150@phx.gbl>
Message-ID: <200907281353563754973@gmail.com>

Thanks a lot


2009-07-28 



Chancey 



???? Hendrik Hardeman 
????? 2009-07-28  13:47:02 
???? nginx at sysoev.ru 
??? 
??? RE: Offline documentation (CHM) 
 
have downloaded and will email
 
Hendrik

 


Date: Tue, 28 Jul 2009 13:22:38 +0800
From: chanceycn at gmail.com
To: nginx at sysoev.ru
Subject: Re: Re: Offline documentation (CHM)


um..

if the filesize isn't large and you don't mind, you can send email to me
thanks.

2009-07-28 



Chancey 



???? Chancey 
????? 2009-07-28  13:17:13 
???? nginx 
??? 
??? Re: Offline documentation (CHM) 
Great! But i cann't conntect this link from china,
I use proxy to connected it ,but cann't download.
Could you offer another linke please?

2009-07-28 



Chancey 



???? Charles 
????? 2009-07-28  12:17:34 
???? nginx 
??? 
??? Offline documentation (CHM) 
Hi,
I have compiled a chm from the nginx wiki site. You can download it here:
http://www.mediafire.com/?jv2gueicmnn



With Windows Live, you can organize, edit, and share your photos. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090728/763e8d9b/attachment.html>

From mike503 at gmail.com  Tue Jul 28 10:04:14 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Mon, 27 Jul 2009 23:04:14 -0700
Subject: mogilefs module 1.0.2
In-Reply-To: <4A6E91F1.6070603@grid.net.ru>
References: <958C81A0-DC51-4D98-832B-0D0723F4DD56@gmail.com>	 <6178383.98961248688137196.JavaMail.root@zone.mtgsy.net> <bd9320b30907270859j83c9c24uc69fc86a2dcbe0e6@mail.gmail.com> <4A6DE85A.2080403@grid.net.ru> <4A6E7A23.5000801@telesat.co.jp> <4A6E91F1.6070603@grid.net.ru>
Message-ID: <2E2A0C89-8663-48A3-B5FE-91D7C807D8E8@gmail.com>

This doesn't put the file on the server you're communicating with  
right? It still uses the tracker to determine the proper node to store  
the file on right?

Sent from my iPhone

On Jul 27, 2009, at 10:51 PM, Valery Kholodkov <valery+nginxen at grid.net.ru 
 > wrote:

> Daniel wrote:
>> Hi Valery,
>> I just installed the module and recompiled nginx, set the config  
>> file as in the example from your site.  Now i can download the  
>> files from reverse proxy directly.  Very Cool.  Thanks a lot.
>> Can you give us examples of the config to push files into the  
>> mogilefs storage?.
>
> location /upload/ {
>  mogilefs_tracker tracker;
>  mogilefs_domain domain;
>  mogilefs_methods PUT;
>  mogilefs_pass {
>    proxy_pass $mogilefs_path;
>  }
> }
>
>>> Yes, but making a mogstored node out of it is a bad idea.
>> I'm using nginx as a mogstored frontend without problems.
>
> It wasn't about nginx, it was about using nginx+mogilefs module as  
> storage node.
>
>> Tuqui
>> Valery Kholodkov ????????:
>>> Hello Michael!
>>>
>>> Michael Shadle wrote:
>>>> Ah, so the module does all the work, instead of the client  
>>>> contacting
>>>> the tracker, and the tracker using the nginx-based mogstored; this
>>>> actually takes the file itself and pushes it into the mogilefs  
>>>> system
>>>> for you?
>>>
>>> Yes, this is what it was written for.
>>>
>>>> I suppose that's a pretty cool feature then. Anything to keep
>>>> configuration light and usability the easiest.
>>>>
>>>> On Mon, Jul 27, 2009 at 2:48 AM, Valery
>>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>>>> This is to use nginx as a frontend to MogileFS and hide  
>>>>> interaction with the tracker while store files.
>>>>>
>>>>> ----- Michael Shadle <mike503 at gmail.com> wrote:
>>>>>> Just for discussion sake why is that? I actually have the same
>>>>>> instance of nginx with two separate http{} blocks. One for  
>>>>>> mogstored
>>>>>> and one for normal web serving. It might even be possible to  
>>>>>> have it
>>>>>> under the same http block. I never looked into it that much.
>>>>>>
>>>>>> I guess explaining the pros and cons of doing it that way vs.  
>>>>>> Using
>>>>>> the module would be good info to know.
>>>>>>
>>>>>> Sent from my iPhone
>>>>>>
>>>>>> On Jul 25, 2009, at 2:20 PM, Valery Kholodkov <valery+nginxen at grid.net.ru
>>>>>> > wrote:
>>>>>>
>>>>>>> Yes, but making a mogstored node out of it is a bad idea.
>>>>>>>
>>>>>>> Michael Shadle wrote:
>>>>>>>> So this means this module now handles the DAV requests as  
>>>>>>>> well, so it
>>>>>>>> can be a mogstored node?
>>>>>>>> nginx technically already supported that :) However this  
>>>>>>>> could be
>>>>>>>> more
>>>>>>>> efficient, etc. I'm wondering if I am understanding this  
>>>>>>>> properly.
>>>>>>>> On Sat, Jul 25, 2009 at 10:22 AM, Valery
>>>>>>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>>>>>>>> Changes in version 1.0.2 (July 25 2009):
>>>>>>>>> * Added feature: directive mogilefs_methods and support for  
>>>>>>>>> PUT
>>>>>>>>> and DELETE
>>>>>>>>> methods
>>>>>>>>> * Added feature: dynamic evaluation of tracker name
>>>>>>>>> * Added feature: ability to pass noverify parameter to tracker
>>>>>>>>>
>>>>>>>>> The first 2 features were commissioned by GG Network SA (gadu-gadu.pl
>>>>>>>>> ).
>>>>>>>>> These features allow write access to MogileFS using nginx,  
>>>>>>>>> as well
>>>>>>>>> as
>>>>>>>>> locating of tracker dynamically. The Gadu-Gadu developers were
>>>>>>>>> very kind to
>>>>>>>>> test these features. Hopefully there are no major issues.
>>>>>>>>>
>>>>>>>>> The noverify parameter instructs MogileFS tracker to avoid
>>>>>>>>> querying the
>>>>>>>>> database for location of files if possible and use cached  
>>>>>>>>> results,
>>>>>>>>> thus
>>>>>>>>> eliminating some of the database server load.
>>>>>>>>>
>>>>>>>>> The details on the following page:
>>>>>>>>> http://www.grid.net.ru/nginx/mogilefs.en.html
>>>>>>>>>
>>>>>>>>> Feel free to contact me if you have problems with this!
>>>
>
>
> -- 
> Best regards,
> Valery Kholodkov
>




From mike503 at gmail.com  Tue Jul 28 10:07:39 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Mon, 27 Jul 2009 23:07:39 -0700
Subject: mogilefs module 1.0.2
In-Reply-To: <4A6E91F1.6070603@grid.net.ru>
References: <958C81A0-DC51-4D98-832B-0D0723F4DD56@gmail.com>	 <6178383.98961248688137196.JavaMail.root@zone.mtgsy.net> <bd9320b30907270859j83c9c24uc69fc86a2dcbe0e6@mail.gmail.com> <4A6DE85A.2080403@grid.net.ru> <4A6E7A23.5000801@telesat.co.jp> <4A6E91F1.6070603@grid.net.ru>
Message-ID: <DCA51584-8D7B-4E7B-BAE4-A45E249F8703@gmail.com>

Are there any limitations on file size?

What's the largest you've tested with?

Can the domain be an nginx $variable?

Where does $mogilefs_path come from? Is that a field that comes from  
the upload form? Perhaps that negates the need for the last question  
then... Although it allows the client to mess with the post field and  
alter the location.

Sent from my iPhone

On Jul 27, 2009, at 10:51 PM, Valery Kholodkov <valery+nginxen at grid.net.ru 
 > wrote:

> Daniel wrote:
>> Hi Valery,
>> I just installed the module and recompiled nginx, set the config  
>> file as in the example from your site.  Now i can download the  
>> files from reverse proxy directly.  Very Cool.  Thanks a lot.
>> Can you give us examples of the config to push files into the  
>> mogilefs storage?.
>
> location /upload/ {
>  mogilefs_tracker tracker;
>  mogilefs_domain domain;
>  mogilefs_methods PUT;
>  mogilefs_pass {
>    proxy_pass $mogilefs_path;
>  }
> }
>
>>> Yes, but making a mogstored node out of it is a bad idea.
>> I'm using nginx as a mogstored frontend without problems.
>
> It wasn't about nginx, it was about using nginx+mogilefs module as  
> storage node.
>
>> Tuqui
>> Valery Kholodkov ????????:
>>> Hello Michael!
>>>
>>> Michael Shadle wrote:
>>>> Ah, so the module does all the work, instead of the client  
>>>> contacting
>>>> the tracker, and the tracker using the nginx-based mogstored; this
>>>> actually takes the file itself and pushes it into the mogilefs  
>>>> system
>>>> for you?
>>>
>>> Yes, this is what it was written for.
>>>
>>>> I suppose that's a pretty cool feature then. Anything to keep
>>>> configuration light and usability the easiest.
>>>>
>>>> On Mon, Jul 27, 2009 at 2:48 AM, Valery
>>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>>>> This is to use nginx as a frontend to MogileFS and hide  
>>>>> interaction with the tracker while store files.
>>>>>
>>>>> ----- Michael Shadle <mike503 at gmail.com> wrote:
>>>>>> Just for discussion sake why is that? I actually have the same
>>>>>> instance of nginx with two separate http{} blocks. One for  
>>>>>> mogstored
>>>>>> and one for normal web serving. It might even be possible to  
>>>>>> have it
>>>>>> under the same http block. I never looked into it that much.
>>>>>>
>>>>>> I guess explaining the pros and cons of doing it that way vs.  
>>>>>> Using
>>>>>> the module would be good info to know.
>>>>>>
>>>>>> Sent from my iPhone
>>>>>>
>>>>>> On Jul 25, 2009, at 2:20 PM, Valery Kholodkov <valery+nginxen at grid.net.ru
>>>>>> > wrote:
>>>>>>
>>>>>>> Yes, but making a mogstored node out of it is a bad idea.
>>>>>>>
>>>>>>> Michael Shadle wrote:
>>>>>>>> So this means this module now handles the DAV requests as  
>>>>>>>> well, so it
>>>>>>>> can be a mogstored node?
>>>>>>>> nginx technically already supported that :) However this  
>>>>>>>> could be
>>>>>>>> more
>>>>>>>> efficient, etc. I'm wondering if I am understanding this  
>>>>>>>> properly.
>>>>>>>> On Sat, Jul 25, 2009 at 10:22 AM, Valery
>>>>>>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>>>>>>>> Changes in version 1.0.2 (July 25 2009):
>>>>>>>>> * Added feature: directive mogilefs_methods and support for  
>>>>>>>>> PUT
>>>>>>>>> and DELETE
>>>>>>>>> methods
>>>>>>>>> * Added feature: dynamic evaluation of tracker name
>>>>>>>>> * Added feature: ability to pass noverify parameter to tracker
>>>>>>>>>
>>>>>>>>> The first 2 features were commissioned by GG Network SA (gadu-gadu.pl
>>>>>>>>> ).
>>>>>>>>> These features allow write access to MogileFS using nginx,  
>>>>>>>>> as well
>>>>>>>>> as
>>>>>>>>> locating of tracker dynamically. The Gadu-Gadu developers were
>>>>>>>>> very kind to
>>>>>>>>> test these features. Hopefully there are no major issues.
>>>>>>>>>
>>>>>>>>> The noverify parameter instructs MogileFS tracker to avoid
>>>>>>>>> querying the
>>>>>>>>> database for location of files if possible and use cached  
>>>>>>>>> results,
>>>>>>>>> thus
>>>>>>>>> eliminating some of the database server load.
>>>>>>>>>
>>>>>>>>> The details on the following page:
>>>>>>>>> http://www.grid.net.ru/nginx/mogilefs.en.html
>>>>>>>>>
>>>>>>>>> Feel free to contact me if you have problems with this!
>>>
>
>
> -- 
> Best regards,
> Valery Kholodkov
>




From valery+nginxen at grid.net.ru  Tue Jul 28 10:14:54 2009
From: valery+nginxen at grid.net.ru (Valery Kholodkov)
Date: Tue, 28 Jul 2009 08:14:54 +0200
Subject: mogilefs module 1.0.2
In-Reply-To: <2E2A0C89-8663-48A3-B5FE-91D7C807D8E8@gmail.com>
References: <958C81A0-DC51-4D98-832B-0D0723F4DD56@gmail.com>	 <6178383.98961248688137196.JavaMail.root@zone.mtgsy.net> <bd9320b30907270859j83c9c24uc69fc86a2dcbe0e6@mail.gmail.com> <4A6DE85A.2080403@grid.net.ru> <4A6E7A23.5000801@telesat.co.jp> <4A6E91F1.6070603@grid.net.ru> <2E2A0C89-8663-48A3-B5FE-91D7C807D8E8@gmail.com>
Message-ID: <4A6E975E.6090301@grid.net.ru>

Michael Shadle wrote:
> This doesn't put the file on the server you're communicating with right?

Technically, it uses server you are communicating with as a temporary
storage and then creates a single replica on the first node provided by
tracker using PUT request.

> It still uses the tracker to determine the proper node to store the file 
> on right?

Right.

> 
> Sent from my iPhone
> 
> On Jul 27, 2009, at 10:51 PM, Valery Kholodkov 
> <valery+nginxen at grid.net.ru> wrote:
> 
>> Daniel wrote:
>>> Hi Valery,
>>> I just installed the module and recompiled nginx, set the config file 
>>> as in the example from your site.  Now i can download the files from 
>>> reverse proxy directly.  Very Cool.  Thanks a lot.
>>> Can you give us examples of the config to push files into the 
>>> mogilefs storage?.
>>
>> location /upload/ {
>>  mogilefs_tracker tracker;
>>  mogilefs_domain domain;
>>  mogilefs_methods PUT;
>>  mogilefs_pass {
>>    proxy_pass $mogilefs_path;
>>  }
>> }
>>
>>>> Yes, but making a mogstored node out of it is a bad idea.
>>> I'm using nginx as a mogstored frontend without problems.
>>
>> It wasn't about nginx, it was about using nginx+mogilefs module as 
>> storage node.
>>
>>> Tuqui
>>> Valery Kholodkov ????????:
>>>> Hello Michael!
>>>>
>>>> Michael Shadle wrote:
>>>>> Ah, so the module does all the work, instead of the client contacting
>>>>> the tracker, and the tracker using the nginx-based mogstored; this
>>>>> actually takes the file itself and pushes it into the mogilefs system
>>>>> for you?
>>>>
>>>> Yes, this is what it was written for.
>>>>
>>>>> I suppose that's a pretty cool feature then. Anything to keep
>>>>> configuration light and usability the easiest.
>>>>>
>>>>> On Mon, Jul 27, 2009 at 2:48 AM, Valery
>>>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>>>>> This is to use nginx as a frontend to MogileFS and hide 
>>>>>> interaction with the tracker while store files.
>>>>>>
>>>>>> ----- Michael Shadle <mike503 at gmail.com> wrote:
>>>>>>> Just for discussion sake why is that? I actually have the same
>>>>>>> instance of nginx with two separate http{} blocks. One for mogstored
>>>>>>> and one for normal web serving. It might even be possible to have it
>>>>>>> under the same http block. I never looked into it that much.
>>>>>>>
>>>>>>> I guess explaining the pros and cons of doing it that way vs. Using
>>>>>>> the module would be good info to know.
>>>>>>>
>>>>>>> Sent from my iPhone
>>>>>>>
>>>>>>> On Jul 25, 2009, at 2:20 PM, Valery Kholodkov 
>>>>>>> <valery+nginxen at grid.net.ru
>>>>>>> > wrote:
>>>>>>>
>>>>>>>> Yes, but making a mogstored node out of it is a bad idea.
>>>>>>>>
>>>>>>>> Michael Shadle wrote:
>>>>>>>>> So this means this module now handles the DAV requests as well, 
>>>>>>>>> so it
>>>>>>>>> can be a mogstored node?
>>>>>>>>> nginx technically already supported that :) However this could be
>>>>>>>>> more
>>>>>>>>> efficient, etc. I'm wondering if I am understanding this properly.
>>>>>>>>> On Sat, Jul 25, 2009 at 10:22 AM, Valery
>>>>>>>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>>>>>>>>> Changes in version 1.0.2 (July 25 2009):
>>>>>>>>>> * Added feature: directive mogilefs_methods and support for PUT
>>>>>>>>>> and DELETE
>>>>>>>>>> methods
>>>>>>>>>> * Added feature: dynamic evaluation of tracker name
>>>>>>>>>> * Added feature: ability to pass noverify parameter to tracker
>>>>>>>>>>
>>>>>>>>>> The first 2 features were commissioned by GG Network SA 
>>>>>>>>>> (gadu-gadu.pl
>>>>>>>>>> ).
>>>>>>>>>> These features allow write access to MogileFS using nginx, as 
>>>>>>>>>> well
>>>>>>>>>> as
>>>>>>>>>> locating of tracker dynamically. The Gadu-Gadu developers were
>>>>>>>>>> very kind to
>>>>>>>>>> test these features. Hopefully there are no major issues.
>>>>>>>>>>
>>>>>>>>>> The noverify parameter instructs MogileFS tracker to avoid
>>>>>>>>>> querying the
>>>>>>>>>> database for location of files if possible and use cached 
>>>>>>>>>> results,
>>>>>>>>>> thus
>>>>>>>>>> eliminating some of the database server load.
>>>>>>>>>>
>>>>>>>>>> The details on the following page:
>>>>>>>>>> http://www.grid.net.ru/nginx/mogilefs.en.html
>>>>>>>>>>
>>>>>>>>>> Feel free to contact me if you have problems with this!
>>>>
>>
>>
>> -- 
>> Best regards,
>> Valery Kholodkov
>>
> 


-- 
Best regards,
Valery Kholodkov




From valery+nginxen at grid.net.ru  Tue Jul 28 10:21:56 2009
From: valery+nginxen at grid.net.ru (Valery Kholodkov)
Date: Tue, 28 Jul 2009 08:21:56 +0200
Subject: mogilefs module 1.0.2
In-Reply-To: <DCA51584-8D7B-4E7B-BAE4-A45E249F8703@gmail.com>
References: <958C81A0-DC51-4D98-832B-0D0723F4DD56@gmail.com>	 <6178383.98961248688137196.JavaMail.root@zone.mtgsy.net> <bd9320b30907270859j83c9c24uc69fc86a2dcbe0e6@mail.gmail.com> <4A6DE85A.2080403@grid.net.ru> <4A6E7A23.5000801@telesat.co.jp> <4A6E91F1.6070603@grid.net.ru> <DCA51584-8D7B-4E7B-BAE4-A45E249F8703@gmail.com>
Message-ID: <4A6E9904.5010209@grid.net.ru>

Michael Shadle wrote:
> Are there any limitations on file size?

None that I know. But chunked upload is not supported yet.

> What's the largest you've tested with?

I tested with 30Mb raw files from my camera.

> Can the domain be an nginx $variable?

No. What do you need it for?

> Where does $mogilefs_path come from?

It is the first path returned by the tracker.

> Is that a field that comes from the 
> upload form?

No.

> Perhaps that negates the need for the last question then... 
> Although it allows the client to mess with the post field and alter the 
> location.

Remember that you do PUT request, not a POST request.

> 
> Sent from my iPhone
> 
> On Jul 27, 2009, at 10:51 PM, Valery Kholodkov 
> <valery+nginxen at grid.net.ru> wrote:
> 
>> Daniel wrote:
>>> Hi Valery,
>>> I just installed the module and recompiled nginx, set the config file 
>>> as in the example from your site.  Now i can download the files from 
>>> reverse proxy directly.  Very Cool.  Thanks a lot.
>>> Can you give us examples of the config to push files into the 
>>> mogilefs storage?.
>>
>> location /upload/ {
>>  mogilefs_tracker tracker;
>>  mogilefs_domain domain;
>>  mogilefs_methods PUT;
>>  mogilefs_pass {
>>    proxy_pass $mogilefs_path;
>>  }
>> }
>>
>>>> Yes, but making a mogstored node out of it is a bad idea.
>>> I'm using nginx as a mogstored frontend without problems.
>>
>> It wasn't about nginx, it was about using nginx+mogilefs module as 
>> storage node.
>>
>>> Tuqui
>>> Valery Kholodkov ????????:
>>>> Hello Michael!
>>>>
>>>> Michael Shadle wrote:
>>>>> Ah, so the module does all the work, instead of the client contacting
>>>>> the tracker, and the tracker using the nginx-based mogstored; this
>>>>> actually takes the file itself and pushes it into the mogilefs system
>>>>> for you?
>>>>
>>>> Yes, this is what it was written for.
>>>>
>>>>> I suppose that's a pretty cool feature then. Anything to keep
>>>>> configuration light and usability the easiest.
>>>>>
>>>>> On Mon, Jul 27, 2009 at 2:48 AM, Valery
>>>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>>>>> This is to use nginx as a frontend to MogileFS and hide 
>>>>>> interaction with the tracker while store files.
>>>>>>
>>>>>> ----- Michael Shadle <mike503 at gmail.com> wrote:
>>>>>>> Just for discussion sake why is that? I actually have the same
>>>>>>> instance of nginx with two separate http{} blocks. One for mogstored
>>>>>>> and one for normal web serving. It might even be possible to have it
>>>>>>> under the same http block. I never looked into it that much.
>>>>>>>
>>>>>>> I guess explaining the pros and cons of doing it that way vs. Using
>>>>>>> the module would be good info to know.
>>>>>>>
>>>>>>> Sent from my iPhone
>>>>>>>
>>>>>>> On Jul 25, 2009, at 2:20 PM, Valery Kholodkov 
>>>>>>> <valery+nginxen at grid.net.ru
>>>>>>> > wrote:
>>>>>>>
>>>>>>>> Yes, but making a mogstored node out of it is a bad idea.
>>>>>>>>
>>>>>>>> Michael Shadle wrote:
>>>>>>>>> So this means this module now handles the DAV requests as well, 
>>>>>>>>> so it
>>>>>>>>> can be a mogstored node?
>>>>>>>>> nginx technically already supported that :) However this could be
>>>>>>>>> more
>>>>>>>>> efficient, etc. I'm wondering if I am understanding this properly.
>>>>>>>>> On Sat, Jul 25, 2009 at 10:22 AM, Valery
>>>>>>>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>>>>>>>>> Changes in version 1.0.2 (July 25 2009):
>>>>>>>>>> * Added feature: directive mogilefs_methods and support for PUT
>>>>>>>>>> and DELETE
>>>>>>>>>> methods
>>>>>>>>>> * Added feature: dynamic evaluation of tracker name
>>>>>>>>>> * Added feature: ability to pass noverify parameter to tracker
>>>>>>>>>>
>>>>>>>>>> The first 2 features were commissioned by GG Network SA 
>>>>>>>>>> (gadu-gadu.pl
>>>>>>>>>> ).
>>>>>>>>>> These features allow write access to MogileFS using nginx, as 
>>>>>>>>>> well
>>>>>>>>>> as
>>>>>>>>>> locating of tracker dynamically. The Gadu-Gadu developers were
>>>>>>>>>> very kind to
>>>>>>>>>> test these features. Hopefully there are no major issues.
>>>>>>>>>>
>>>>>>>>>> The noverify parameter instructs MogileFS tracker to avoid
>>>>>>>>>> querying the
>>>>>>>>>> database for location of files if possible and use cached 
>>>>>>>>>> results,
>>>>>>>>>> thus
>>>>>>>>>> eliminating some of the database server load.
>>>>>>>>>>
>>>>>>>>>> The details on the following page:
>>>>>>>>>> http://www.grid.net.ru/nginx/mogilefs.en.html
>>>>>>>>>>
>>>>>>>>>> Feel free to contact me if you have problems with this!

-- 
Best regards,
Valery Kholodkov




From meiry242 at gmail.com  Tue Jul 28 10:39:37 2009
From: meiry242 at gmail.com (Meir Yanovich)
Date: Tue, 28 Jul 2009 09:39:37 +0300
Subject: how to write module ( beginners )
Message-ID: <c30def490907272339v22286113w43137731d68b1dc6@mail.gmail.com>

Hello all
i like to base my comet application with nginx , and i like to build module
that will handle the requests from the client
and will respond to them , i do not want to use php.
can you please point me to tutorials on writing plugins/modules for nginx (
i can't find any in the web )
Thanks
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090728/382a6504/attachment.html>

From is at rambler-co.ru  Tue Jul 28 11:02:16 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Tue, 28 Jul 2009 11:02:16 +0400
Subject: Content negotiation?
In-Reply-To: <20090728001747.GO3297@node.waugh.id.au>
References: <6b1504c40907261308i497b50f0r2e7c43ff28a9f52e@mail.gmail.com> <20090727061939.GC57057@rambler-co.ru> <20090728001747.GO3297@node.waugh.id.au>
Message-ID: <20090728070216.GD82436@rambler-co.ru>

On Tue, Jul 28, 2009 at 10:17:47AM +1000, Jeff Waugh wrote:

> <quote who="Igor Sysoev">
> 
> > nginx does not support content negotiation since I never saw working
> > content negotiation setups, at least in Russia. Could you show good
> > examples ?
> 
> One very simple but useful form of content negotiation is the ability to
> supply files according to the preferred mime types. For instance:
> 
>   http://www.example.com/images/logo -> server provides logo.gif or logo.png
>   depending on what the browser provides in the Accepts header.

I'm not sure that using content negotiation for images is good thing:
all modern browsers understand basic mime types, and these images must
be uncachable on transit proxies.

> Then there's conneg for all kinds of other things like languages, but this
> might be a good first step for nginx.

The question is how many people set (or have by default) right language
in browsers ?


-- 
Igor Sysoev
http://sysoev.ru/en/




From zhuzhaoyuan at gmail.com  Tue Jul 28 11:19:08 2009
From: zhuzhaoyuan at gmail.com (Joshua Zhu)
Date: Tue, 28 Jul 2009 15:19:08 +0800
Subject: how to write module ( beginners )
In-Reply-To: <c30def490907272339v22286113w43137731d68b1dc6@mail.gmail.com>
References: <c30def490907272339v22286113w43137731d68b1dc6@mail.gmail.com>
Message-ID: <5bf4451d0907280019k386d8d94ofdb24edd39bcaf9b@mail.gmail.com>

Hi Meir,

Have you read Emiller's Guide To Nginx Module Development?
http://www.evanmiller.org/nginx-modules-guide.html

On Tue, Jul 28, 2009 at 2:39 PM, Meir Yanovich<meiry242 at gmail.com> wrote:
> Hello all
> i like to base my comet application with nginx , and i like to build module
> that will handle the requests from the client
> and will respond to them , i do not want to use php.
> can you please point me to tutorials on writing plugins/modules for nginx (
> i can't find any in the web )
> Thanks
>

Regards!

-- 
Joshua Zhu




From cliff at develix.com  Tue Jul 28 11:29:28 2009
From: cliff at develix.com (Cliff Wells)
Date: Tue, 28 Jul 2009 00:29:28 -0700
Subject: Offline documentation (CHM)
In-Reply-To: <f749b5840907272114l7aee2e4ey8b6e5d4566df7469@mail.gmail.com>
References: <f749b5840907272114l7aee2e4ey8b6e5d4566df7469@mail.gmail.com>
Message-ID: <1248766168.15244.225.camel@portable-evil>

If you don't mind, you could upload it to the wiki and link it from
there.

Cliff

On Tue, 2009-07-28 at 11:14 +0700, Charles wrote:
> Hi,
> 
> I have compiled a chm from the nginx wiki site. You can download it here:
> 
> http://www.mediafire.com/?jv2gueicmnn
> 
-- 
http://www.google.com/search?q=vonage+sucks





From mike503 at gmail.com  Tue Jul 28 11:38:50 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Tue, 28 Jul 2009 00:38:50 -0700
Subject: mogilefs module 1.0.2
In-Reply-To: <4A6E9904.5010209@grid.net.ru>
References: <958C81A0-DC51-4D98-832B-0D0723F4DD56@gmail.com>	 <6178383.98961248688137196.JavaMail.root@zone.mtgsy.net> <bd9320b30907270859j83c9c24uc69fc86a2dcbe0e6@mail.gmail.com> <4A6DE85A.2080403@grid.net.ru> <4A6E7A23.5000801@telesat.co.jp> <4A6E91F1.6070603@grid.net.ru> <DCA51584-8D7B-4E7B-BAE4-A45E249F8703@gmail.com> <4A6E9904.5010209@grid.net.ru>
Message-ID: <DC8DE022-3506-41DC-BDB9-561AFA198D6D@gmail.com>



On Jul 27, 2009, at 11:21 PM, Valery Kholodkov <valery+nginxen at grid.net.ru 
 > wrote:
>
>
> Remember that you do PUT request, not a POST request.

So there still needs to be some sort of handler between this and the  
end user, technically. Yes? I got confused and was thinking the end  
user could directly upload to this (hence asking about dynamic and  
variable things)

>
>> Sent from my iPhone




From mike503 at gmail.com  Tue Jul 28 11:41:23 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Tue, 28 Jul 2009 00:41:23 -0700
Subject: mogilefs module 1.0.2
In-Reply-To: <4A6E975E.6090301@grid.net.ru>
References: <958C81A0-DC51-4D98-832B-0D0723F4DD56@gmail.com>	 <6178383.98961248688137196.JavaMail.root@zone.mtgsy.net> <bd9320b30907270859j83c9c24uc69fc86a2dcbe0e6@mail.gmail.com> <4A6DE85A.2080403@grid.net.ru> <4A6E7A23.5000801@telesat.co.jp> <4A6E91F1.6070603@grid.net.ru> <2E2A0C89-8663-48A3-B5FE-91D7C807D8E8@gmail.com> <4A6E975E.6090301@grid.net.ru>
Message-ID: <3DEDDBC4-B8AD-4496-BE98-AA41430776F1@gmail.com>



Sent from my iPhone

On Jul 27, 2009, at 11:14 PM, Valery Kholodkov <valery+nginxen at grid.net.ru 
 > wrote:

> Michael Shadle wrote:
>> This doesn't put the file on the server you're communicating with  
>> right?
>
> Technically, it uses server you are communicating with as a temporary
> storage and then creates a single replica on the first node provided  
> by
> tracker using PUT request.

I'm not sure if this is something you have to handle or the mogilefs  
infrastructure does, but if you have defined multiple replicas for a  
specific domain does this work like it should (I would assume that it  
would return multiple nodes then)? Is it your modules responsibility  
or does the tracker and it's processes handle distributing the files  
amongst the other replicas?


>
>> It still uses the tracker to determine the proper node to store the  
>> file
>> on right?
>
> Right.
>
>>
>> Sent from my iPhone
>>
>> On Jul 27, 2009, at 10:51 PM, Valery Kholodkov
>> <valery+nginxen at grid.net.ru> wrote:
>>
>>> Daniel wrote:
>>>> Hi Valery,
>>>> I just installed the module and recompiled nginx, set the config  
>>>> file
>>>> as in the example from your site.  Now i can download the files  
>>>> from
>>>> reverse proxy directly.  Very Cool.  Thanks a lot.
>>>> Can you give us examples of the config to push files into the
>>>> mogilefs storage?.
>>>
>>> location /upload/ {
>>> mogilefs_tracker tracker;
>>> mogilefs_domain domain;
>>> mogilefs_methods PUT;
>>> mogilefs_pass {
>>>   proxy_pass $mogilefs_path;
>>> }
>>> }
>>>
>>>>> Yes, but making a mogstored node out of it is a bad idea.
>>>> I'm using nginx as a mogstored frontend without problems.
>>>
>>> It wasn't about nginx, it was about using nginx+mogilefs module as
>>> storage node.
>>>
>>>> Tuqui
>>>> Valery Kholodkov ????????:
>>>>> Hello Michael!
>>>>>
>>>>> Michael Shadle wrote:
>>>>>> Ah, so the module does all the work, instead of the client  
>>>>>> contacting
>>>>>> the tracker, and the tracker using the nginx-based mogstored;  
>>>>>> this
>>>>>> actually takes the file itself and pushes it into the mogilefs  
>>>>>> system
>>>>>> for you?
>>>>>
>>>>> Yes, this is what it was written for.
>>>>>
>>>>>> I suppose that's a pretty cool feature then. Anything to keep
>>>>>> configuration light and usability the easiest.
>>>>>>
>>>>>> On Mon, Jul 27, 2009 at 2:48 AM, Valery
>>>>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>>>>>> This is to use nginx as a frontend to MogileFS and hide
>>>>>>> interaction with the tracker while store files.
>>>>>>>
>>>>>>> ----- Michael Shadle <mike503 at gmail.com> wrote:
>>>>>>>> Just for discussion sake why is that? I actually have the same
>>>>>>>> instance of nginx with two separate http{} blocks. One for  
>>>>>>>> mogstored
>>>>>>>> and one for normal web serving. It might even be possible to  
>>>>>>>> have it
>>>>>>>> under the same http block. I never looked into it that much.
>>>>>>>>
>>>>>>>> I guess explaining the pros and cons of doing it that way vs.  
>>>>>>>> Using
>>>>>>>> the module would be good info to know.
>>>>>>>>
>>>>>>>> Sent from my iPhone
>>>>>>>>
>>>>>>>> On Jul 25, 2009, at 2:20 PM, Valery Kholodkov
>>>>>>>> <valery+nginxen at grid.net.ru
>>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Yes, but making a mogstored node out of it is a bad idea.
>>>>>>>>>
>>>>>>>>> Michael Shadle wrote:
>>>>>>>>>> So this means this module now handles the DAV requests as  
>>>>>>>>>> well,
>>>>>>>>>> so it
>>>>>>>>>> can be a mogstored node?
>>>>>>>>>> nginx technically already supported that :) However this  
>>>>>>>>>> could be
>>>>>>>>>> more
>>>>>>>>>> efficient, etc. I'm wondering if I am understanding this  
>>>>>>>>>> properly.
>>>>>>>>>> On Sat, Jul 25, 2009 at 10:22 AM, Valery
>>>>>>>>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
>>>>>>>>>>> Changes in version 1.0.2 (July 25 2009):
>>>>>>>>>>> * Added feature: directive mogilefs_methods and support  
>>>>>>>>>>> for PUT
>>>>>>>>>>> and DELETE
>>>>>>>>>>> methods
>>>>>>>>>>> * Added feature: dynamic evaluation of tracker name
>>>>>>>>>>> * Added feature: ability to pass noverify parameter to  
>>>>>>>>>>> tracker
>>>>>>>>>>>
>>>>>>>>>>> The first 2 features were commissioned by GG Network SA
>>>>>>>>>>> (gadu-gadu.pl
>>>>>>>>>>> ).
>>>>>>>>>>> These features allow write access to MogileFS using nginx,  
>>>>>>>>>>> as
>>>>>>>>>>> well
>>>>>>>>>>> as
>>>>>>>>>>> locating of tracker dynamically. The Gadu-Gadu developers  
>>>>>>>>>>> were
>>>>>>>>>>> very kind to
>>>>>>>>>>> test these features. Hopefully there are no major issues.
>>>>>>>>>>>
>>>>>>>>>>> The noverify parameter instructs MogileFS tracker to avoid
>>>>>>>>>>> querying the
>>>>>>>>>>> database for location of files if possible and use cached
>>>>>>>>>>> results,
>>>>>>>>>>> thus
>>>>>>>>>>> eliminating some of the database server load.
>>>>>>>>>>>
>>>>>>>>>>> The details on the following page:
>>>>>>>>>>> http://www.grid.net.ru/nginx/mogilefs.en.html
>>>>>>>>>>>
>>>>>>>>>>> Feel free to contact me if you have problems with this!
>>>>>
>>>
>>>
>>> -- 
>>> Best regards,
>>> Valery Kholodkov
>>>
>>
>
>
> -- 
> Best regards,
> Valery Kholodkov
>




From juergen.gotteswinter at internetx.de  Tue Jul 28 12:02:59 2009
From: juergen.gotteswinter at internetx.de (=?UTF-8?B?SW50ZXJOZXRYIC0gSsO8cmdlbiBHb3R0ZXN3aW50ZXI=?=)
Date: Tue, 28 Jul 2009 10:02:59 +0200
Subject: nginx-0.8.7
In-Reply-To: <20090727153437.GI60821@rambler-co.ru>
References: <20090727153437.GI60821@rambler-co.ru>
Message-ID: <4A6EB0B3.6050503@internetx.de>

Hello,

the SuSE RPMS are updated to 0.8.7, too

ftp://ftp5.gwdg.de/pub/opensuse/repositories/server%3A/http/

Greetings

Juergen

Igor Sysoev wrote:
> Changes with nginx 0.8.7                                         27 Jul 2009
> 
>     *) Change: minimum supported OpenSSL version is 0.9.7.
> 
>     *) Change: the "ask" parameter of the "ssl_verify_client" directive was 
>        changed to the "optional" parameter and now it checks a client 
>        certificate if it was offered.
>        Thanks to Brice Figureau.
> 
>     *) Feature: the $ssl_client_verify variable.
>        Thanks to Brice Figureau.
> 
>     *) Feature: the "ssl_crl" directive.
>        Thanks to Brice Figureau.
> 
>     *) Feature: the "proxy" parameter of the "geo" directive.
> 
>     *) Feature: the "image_filter" directive supports variables for setting 
>        size.
> 
>     *) Bugfix: the $ssl_client_cert variable usage corrupted memory; the 
>        bug had appeared in 0.7.7.
>        Thanks to Sergey Zhuravlev.
> 
>     *) Bugfix: "proxy_pass_header" and "fastcgi_pass_header" directives did 
>        not pass to a client the "X-Accel-Redirect", "X-Accel-Limit-Rate", 
>        "X-Accel-Buffering", and "X-Accel-Charset" lines from backend 
>        response header.
>        Thanks to Maxim Dounin.
> 
>     *) Bugfix: in handling "Last-Modified" and "Accept-Ranges" backend 
>        response header lines; the bug had appeared in 0.7.44.
>        Thanks to Maxim Dounin.
> 
>     *) Bugfix: the "[alert] zero size buf" error if subrequest returns an 
>        empty response; the bug had appeared in 0.8.5.
> 
> 

-- 
InterNetX GmbH
Maximilianstrasse 6
D-93047 Regensburg

Tel. +49 941 59559-480
Fax  +49 941 59559-245

Gesch?ftsf?hrer/CEO: Thomas M?rz
Amtsgericht Regensburg, HRB 7142




From jeff at robotparade.com.au  Tue Jul 28 11:37:56 2009
From: jeff at robotparade.com.au (Jeff Waugh)
Date: Tue, 28 Jul 2009 17:37:56 +1000
Subject: Content negotiation?
In-Reply-To: <20090728070216.GD82436@rambler-co.ru>
References: <6b1504c40907261308i497b50f0r2e7c43ff28a9f52e@mail.gmail.com> <20090727061939.GC57057@rambler-co.ru> <20090728001747.GO3297@node.waugh.id.au> <20090728070216.GD82436@rambler-co.ru>
Message-ID: <20090728073756.GB31717@node.waugh.id.au>

<quote who="Igor Sysoev">

> > One very simple but useful form of content negotiation is the ability to
> > supply files according to the preferred mime types. For instance:
> > 
> >   http://www.example.com/images/logo -> server provides logo.gif or
> >   logo.png depending on what the browser provides in the Accepts header.
> 
> I'm not sure that using content negotiation for images is good thing: all
> modern browsers understand basic mime types, and these images must be
> uncachable on transit proxies.

Not if you add a "Vary: Accept" header. Keep in mind that the MIME type is
provided by the server based on the image it chose to serve, negotiated
based on what the client claims to support/prefer. It's not a MIME issue.

> > Then there's conneg for all kinds of other things like languages, but
> > this might be a good first step for nginx.
> 
> The question is how many people set (or have by default) right language in
> browsers ?

Not sure, but some sites do use it as part of their language selection
criteria (in addition to geoip and manual selection).

- Jeff

-- 
Robot Parade                                  http://www.robotparade.com.au/
 
  m. +61 423 989 818     b. http://bethesignal.org/     p. +61 2 9043 2940  




From mdounin at mdounin.ru  Tue Jul 28 12:30:26 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 28 Jul 2009 12:30:26 +0400
Subject: 'Content-Length' header for POSTs
In-Reply-To: <cf5b5650907271914k48b97920nc4e8485c0a71a6fb@mail.gmail.com>
References: <cf5b5650907250441o4f40b221v541279081a2f01e2@mail.gmail.com> <cf5b5650907250905t4d9f461k5fd2567ece8ebe3f@mail.gmail.com> <cf5b5650907271914k48b97920nc4e8485c0a71a6fb@mail.gmail.com>
Message-ID: <20090728083025.GL1240@mdounin.ru>

Hello!

On Tue, Jul 28, 2009 at 03:14:54AM +0100, Joe Jacobs wrote:

> anyone?

Qouting original log:

> 2009/07/25 15:41:04 [debug] 29780#0: *10 http header: "Transfer-Encoding: chunked"

As it was told several times here: nginx does not support chunked 
transfer encoding in client requests.  Error 411 is expected.

Maxim Dounin




From mdounin at mdounin.ru  Tue Jul 28 12:59:16 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 28 Jul 2009 12:59:16 +0400
Subject: try_files problem
In-Reply-To: <27e1e346bb11d91ee243a6d31a094fde.NginxMailingList@forum.nginx.org>
References: <27e1e346bb11d91ee243a6d31a094fde.NginxMailingList@forum.nginx.org>
Message-ID: <20090728085915.GM1240@mdounin.ru>

Hello!

On Tue, Jul 28, 2009 at 01:43:57AM -0400, holstebm wrote:

> I can't get the following to work and, after reading and re-reading all the documentation I could find, am not sure if this is a bug or a restriction.
> 
> try_files @nocache @cache;
> 
> The thought here is @nocache will succeed if a cookie is present and @cache will succeed if not.

Try_files doesn't work this way.  It checks *files* and uses 
fallback in no one was found:

try_files /file1 /file2 @fallback;

Looks like

http://wiki.nginx.org/NginxHttpCoreModule#try_files 

has wrong description and should be re-translated from scratch. 
For a while use original documentation in Russian:

http://sysoev.ru/nginx/docs/http/ngx_http_core_module.html#try_files

(try google translate if you have problems with Russian).

Maxim Dounin

> 
> The problem is, the first argument seems to be ignored.  I say that because, if I change JUST the try_files without changing any other lines in the configuration I get two different results.  In each case, the final argument in the try_files is always reached...cache displaying correctly when there is no cookie and a blank page if there is a cookie while try_files @cache @nocache displays correctly when there is a cookie but a blank page if there is not.
> 
> So is this a restriction or a bug on using internal locations in try_files?
> 
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4504,4504#msg-4504
> 
> 




From mdounin at mdounin.ru  Tue Jul 28 13:12:27 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Tue, 28 Jul 2009 13:12:27 +0400
Subject: try_files problem
In-Reply-To: <20090728085915.GM1240@mdounin.ru>
References: <27e1e346bb11d91ee243a6d31a094fde.NginxMailingList@forum.nginx.org> <20090728085915.GM1240@mdounin.ru>
Message-ID: <20090728091226.GN1240@mdounin.ru>

Hello!

On Tue, Jul 28, 2009 at 12:59:15PM +0400, Maxim Dounin wrote:

> Hello!
> 
> On Tue, Jul 28, 2009 at 01:43:57AM -0400, holstebm wrote:
> 
> > I can't get the following to work and, after reading and re-reading all the documentation I could find, am not sure if this is a bug or a restriction.
> > 
> > try_files @nocache @cache;
> > 
> > The thought here is @nocache will succeed if a cookie is present and @cache will succeed if not.
> 
> Try_files doesn't work this way.  It checks *files* and uses 
> fallback in no one was found:
> 
> try_files /file1 /file2 @fallback;
> 
> Looks like
> 
> http://wiki.nginx.org/NginxHttpCoreModule#try_files 
> 
> has wrong description and should be re-translated from scratch. 

Just a note: it looks like description was changed to wrong one by 
Merlincorey at 2009-07-14.  I've reverted this change and at least 
it doesn't plain wrong now.

Note that original documentation has much more examples and covers 
a bit more features of try_files (testing directories, ability to 
return error code in 0.7.51+).  So we still need good translation 
here.

Maxim Dounin

> For a while use original documentation in Russian:
> 
> http://sysoev.ru/nginx/docs/http/ngx_http_core_module.html#try_files
> 
> (try google translate if you have problems with Russian).
> 
> Maxim Dounin
> 
> > 
> > The problem is, the first argument seems to be ignored.  I say that because, if I change JUST the try_files without changing any other lines in the configuration I get two different results.  In each case, the final argument in the try_files is always reached...cache displaying correctly when there is no cookie and a blank page if there is a cookie while try_files @cache @nocache displays correctly when there is a cookie but a blank page if there is not.
> > 
> > So is this a restriction or a bug on using internal locations in try_files?
> > 
> > Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4504,4504#msg-4504
> > 
> > 




From is at rambler-co.ru  Tue Jul 28 13:56:36 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Tue, 28 Jul 2009 13:56:36 +0400
Subject: 'Content-Length' header for POSTs
In-Reply-To: <cf5b5650907250905t4d9f461k5fd2567ece8ebe3f@mail.gmail.com>
References: <cf5b5650907250441o4f40b221v541279081a2f01e2@mail.gmail.com> <cf5b5650907250905t4d9f461k5fd2567ece8ebe3f@mail.gmail.com>
Message-ID: <20090728095636.GC86638@rambler-co.ru>

On Sat, Jul 25, 2009 at 05:05:59PM +0100, Joe Jacobs wrote:

> FYI, this is the request that is received by the server.
> 
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http request line: "POST
> /test.php HTTP/1.1"
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http uri: "/test.php"
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http args: ""
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http exten: "sync"
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http process request header line
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http header: "framecode: x"
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http header: "framepin: y"
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http header: "User-Agent:
> ALP.SYNC.CLIENT.1.0"
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http header: "Content-Type:
> text/xml-alp"
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http header:
> "Transfer-Encoding: chunked"
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http header: "Connection: Keep-Alive"
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http header: "Host: example.com"
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http header done
> 2009/07/25 15:41:04 [info] 29780#0: *10 client sent
> "Transfer-Encoding: chunked" header while reading client request
> headers, client: 12.34.56.78, server: example.com, request: "POST
> /test.php HTTP/1.1", host: "example.com"
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http finalize request: 411,
> "/test.php" 1
> 2009/07/25 15:41:04 [debug] 29780#0: *10 event timer del: 25: 2996007162
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http special response: 411, "/test.php"
> 2009/07/25 15:41:04 [debug] 29780#0: *10 http set discard body
> 2009/07/25 15:41:04 [debug] 29780#0: *10 HTTP/1.1 411 Length Required
> Server: nginx/0.7.61
> Date: Sat, 25 Jul 2009 15:41:04 GMT
> Content-Type: text/html
> Content-Length: 181
> Connection: close
> 
> Is the error coming up because the content-length isn't 0?

Are you sure that such requests were handled by 0.7.25 ?
nginx never supported a chunked client body.


-- 
Igor Sysoev
http://sysoev.ru/en/




From joe at hazardcell.com  Tue Jul 28 14:25:41 2009
From: joe at hazardcell.com (Joe Jacobs)
Date: Tue, 28 Jul 2009 11:25:41 +0100
Subject: 'Content-Length' header for POSTs
In-Reply-To: <20090728095636.GC86638@rambler-co.ru>
References: <cf5b5650907250441o4f40b221v541279081a2f01e2@mail.gmail.com>
	 <cf5b5650907250905t4d9f461k5fd2567ece8ebe3f@mail.gmail.com>
	 <20090728095636.GC86638@rambler-co.ru>
Message-ID: <cf5b5650907280325y69232153rd1d21fd16a0729f8@mail.gmail.com>

Thank you for the replies Maxim and Igor.

I have version 0.7.61 installed. My query was actually regarding the
following change in version 0.7.25

*) Change: now POSTs without "Content-Length" header line are allowed.
>
>
Shouldn't this mean that the request in my previous email be valid?

Cheers,
Joe Jacobs
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090728/4bce75db/attachment.html>

From valery+nginxen at grid.net.ru  Tue Jul 28 14:45:50 2009
From: valery+nginxen at grid.net.ru (Valery Kholodkov)
Date: Tue, 28 Jul 2009 11:45:50 +0100 (BST)
Subject: mogilefs module 1.0.2
In-Reply-To: <3DEDDBC4-B8AD-4496-BE98-AA41430776F1@gmail.com>
Message-ID: <10070418.181248777950714.JavaMail.root@zone.mtgsy.net>


----- Michael Shadle <mike503 at gmail.com> wrote:
> 
> 
> Sent from my iPhone
> 
> On Jul 27, 2009, at 11:14 PM, Valery Kholodkov <valery+nginxen at grid.net.ru 
>  > wrote:
> 
> > Michael Shadle wrote:
> >> This doesn't put the file on the server you're communicating with  
> >> right?
> >
> > Technically, it uses server you are communicating with as a temporary
> > storage and then creates a single replica on the first node provided  
> > by
> > tracker using PUT request.
> 
> I'm not sure if this is something you have to handle or the mogilefs  
> infrastructure does, but if you have defined multiple replicas for a  
> specific domain does this work like it should (I would assume that it  
> would return multiple nodes then)? Is it your modules responsibility  
> or does the tracker and it's processes handle distributing the files  
> amongst the other replicas?

No, at the moment it makes only one replica, but I plan to implement replication at desired minimal number of nodes simultaneously.

> 
> 
> >
> >> It still uses the tracker to determine the proper node to store the  
> >> file
> >> on right?
> >
> > Right.
> >
> >>
> >> Sent from my iPhone
> >>
> >> On Jul 27, 2009, at 10:51 PM, Valery Kholodkov
> >> <valery+nginxen at grid.net.ru> wrote:
> >>
> >>> Daniel wrote:
> >>>> Hi Valery,
> >>>> I just installed the module and recompiled nginx, set the config  
> >>>> file
> >>>> as in the example from your site.  Now i can download the files  
> >>>> from
> >>>> reverse proxy directly.  Very Cool.  Thanks a lot.
> >>>> Can you give us examples of the config to push files into the
> >>>> mogilefs storage?.
> >>>
> >>> location /upload/ {
> >>> mogilefs_tracker tracker;
> >>> mogilefs_domain domain;
> >>> mogilefs_methods PUT;
> >>> mogilefs_pass {
> >>>   proxy_pass $mogilefs_path;
> >>> }
> >>> }
> >>>
> >>>>> Yes, but making a mogstored node out of it is a bad idea.
> >>>> I'm using nginx as a mogstored frontend without problems.
> >>>
> >>> It wasn't about nginx, it was about using nginx+mogilefs module as
> >>> storage node.
> >>>
> >>>> Tuqui
> >>>> Valery Kholodkov ????????:
> >>>>> Hello Michael!
> >>>>>
> >>>>> Michael Shadle wrote:
> >>>>>> Ah, so the module does all the work, instead of the client  
> >>>>>> contacting
> >>>>>> the tracker, and the tracker using the nginx-based mogstored;  
> >>>>>> this
> >>>>>> actually takes the file itself and pushes it into the mogilefs  
> >>>>>> system
> >>>>>> for you?
> >>>>>
> >>>>> Yes, this is what it was written for.
> >>>>>
> >>>>>> I suppose that's a pretty cool feature then. Anything to keep
> >>>>>> configuration light and usability the easiest.
> >>>>>>
> >>>>>> On Mon, Jul 27, 2009 at 2:48 AM, Valery
> >>>>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
> >>>>>>> This is to use nginx as a frontend to MogileFS and hide
> >>>>>>> interaction with the tracker while store files.
> >>>>>>>
> >>>>>>> ----- Michael Shadle <mike503 at gmail.com> wrote:
> >>>>>>>> Just for discussion sake why is that? I actually have the same
> >>>>>>>> instance of nginx with two separate http{} blocks. One for  
> >>>>>>>> mogstored
> >>>>>>>> and one for normal web serving. It might even be possible to  
> >>>>>>>> have it
> >>>>>>>> under the same http block. I never looked into it that much.
> >>>>>>>>
> >>>>>>>> I guess explaining the pros and cons of doing it that way vs.  
> >>>>>>>> Using
> >>>>>>>> the module would be good info to know.
> >>>>>>>>
> >>>>>>>> Sent from my iPhone
> >>>>>>>>
> >>>>>>>> On Jul 25, 2009, at 2:20 PM, Valery Kholodkov
> >>>>>>>> <valery+nginxen at grid.net.ru
> >>>>>>>>> wrote:
> >>>>>>>>
> >>>>>>>>> Yes, but making a mogstored node out of it is a bad idea.
> >>>>>>>>>
> >>>>>>>>> Michael Shadle wrote:
> >>>>>>>>>> So this means this module now handles the DAV requests as  
> >>>>>>>>>> well,
> >>>>>>>>>> so it
> >>>>>>>>>> can be a mogstored node?
> >>>>>>>>>> nginx technically already supported that :) However this  
> >>>>>>>>>> could be
> >>>>>>>>>> more
> >>>>>>>>>> efficient, etc. I'm wondering if I am understanding this  
> >>>>>>>>>> properly.
> >>>>>>>>>> On Sat, Jul 25, 2009 at 10:22 AM, Valery
> >>>>>>>>>> Kholodkov<valery+nginxen at grid.net.ru> wrote:
> >>>>>>>>>>> Changes in version 1.0.2 (July 25 2009):
> >>>>>>>>>>> * Added feature: directive mogilefs_methods and support  
> >>>>>>>>>>> for PUT
> >>>>>>>>>>> and DELETE
> >>>>>>>>>>> methods
> >>>>>>>>>>> * Added feature: dynamic evaluation of tracker name
> >>>>>>>>>>> * Added feature: ability to pass noverify parameter to  
> >>>>>>>>>>> tracker
> >>>>>>>>>>>
> >>>>>>>>>>> The first 2 features were commissioned by GG Network SA
> >>>>>>>>>>> (gadu-gadu.pl
> >>>>>>>>>>> ).
> >>>>>>>>>>> These features allow write access to MogileFS using nginx,  
> >>>>>>>>>>> as
> >>>>>>>>>>> well
> >>>>>>>>>>> as
> >>>>>>>>>>> locating of tracker dynamically. The Gadu-Gadu developers  
> >>>>>>>>>>> were
> >>>>>>>>>>> very kind to
> >>>>>>>>>>> test these features. Hopefully there are no major issues.
> >>>>>>>>>>>
> >>>>>>>>>>> The noverify parameter instructs MogileFS tracker to avoid
> >>>>>>>>>>> querying the
> >>>>>>>>>>> database for location of files if possible and use cached
> >>>>>>>>>>> results,
> >>>>>>>>>>> thus
> >>>>>>>>>>> eliminating some of the database server load.
> >>>>>>>>>>>
> >>>>>>>>>>> The details on the following page:
> >>>>>>>>>>> http://www.grid.net.ru/nginx/mogilefs.en.html
> >>>>>>>>>>>
> >>>>>>>>>>> Feel free to contact me if you have problems with this!
> >>>>>
> >>>
> >>>
> >>> -- 
> >>> Best regards,
> >>> Valery Kholodkov
> >>>
> >>
> >
> >
> > -- 
> > Best regards,
> > Valery Kholodkov
> >
> 

-- 
-- 
Regards,
Valery Kholodkov




From valery+nginxen at grid.net.ru  Tue Jul 28 14:55:17 2009
From: valery+nginxen at grid.net.ru (Valery Kholodkov)
Date: Tue, 28 Jul 2009 11:55:17 +0100 (BST)
Subject: mogilefs module 1.0.2
In-Reply-To: <DC8DE022-3506-41DC-BDB9-561AFA198D6D@gmail.com>
Message-ID: <15925554.211248778517254.JavaMail.root@zone.mtgsy.net>


----- Michael Shadle <mike503 at gmail.com> wrote:
> 
> 
> On Jul 27, 2009, at 11:21 PM, Valery Kholodkov <valery+nginxen at grid.net.ru 
>  > wrote:
> >
> >
> > Remember that you do PUT request, not a POST request.
> 
> So there still needs to be some sort of handler between this and the  
> end user, technically. Yes? I got confused and was thinking the end  
> user could directly upload to this (hence asking about dynamic and  
> variable things)

Well, the end user can upload directly to this as soon as it does via PUT request. Nginx already provides all necessary validations for PUT requests.

For POST requests I plan to implement a module which does conversion from POST to PUT internally in nginx. This will allow implementing a scalable web storage entirely on nginx. This module will be able to work with your partial upload thingy as well.

-- 
Regards,
Valery Kholodkov




From is at rambler-co.ru  Tue Jul 28 15:22:05 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Tue, 28 Jul 2009 15:22:05 +0400
Subject: 'Content-Length' header for POSTs
In-Reply-To: <cf5b5650907280325y69232153rd1d21fd16a0729f8@mail.gmail.com>
References: <cf5b5650907250441o4f40b221v541279081a2f01e2@mail.gmail.com> <cf5b5650907250905t4d9f461k5fd2567ece8ebe3f@mail.gmail.com> <20090728095636.GC86638@rambler-co.ru> <cf5b5650907280325y69232153rd1d21fd16a0729f8@mail.gmail.com>
Message-ID: <20090728112205.GD86638@rambler-co.ru>

On Tue, Jul 28, 2009 at 11:25:41AM +0100, Joe Jacobs wrote:

> Thank you for the replies Maxim and Igor.
> 
> I have version 0.7.61 installed. My query was actually regarding the
> following change in version 0.7.25
> 
> *) Change: now POSTs without "Content-Length" header line are allowed.
> >
> >
> Shouldn't this mean that the request in my previous email be valid?

No, this means that before nginx supported POSTs without body only with
"Content-Length: 0" header line. Since 0.7.25 nginx supports such POSTs
without the header. However, nginx never supported chunked client bodies.


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Tue Jul 28 16:18:05 2009
From: nginx-forum at nginx.us (vburshteyn)
Date: Tue, 28 Jul 2009 08:18:05 -0400
Subject: proxy issue
Message-ID: <44fde6cad7a2ff68703ed3229f696aeb.NginxMailingList@forum.nginx.org>

hey folks,

our of curiosity why is it when i change this line to have a new folder half the time it properly creates the new directory with all the subfolders the other time it does not.  It seems like hit or miss.  proxy_cache_path /etc/nginx/cacheBK levels=1:2 keys_zone=one:3000m max_size=5000m;

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4529,4529#msg-4529





From is at rambler-co.ru  Tue Jul 28 16:22:32 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Tue, 28 Jul 2009 16:22:32 +0400
Subject: proxy issue
In-Reply-To: <44fde6cad7a2ff68703ed3229f696aeb.NginxMailingList@forum.nginx.org>
References: <44fde6cad7a2ff68703ed3229f696aeb.NginxMailingList@forum.nginx.org>
Message-ID: <20090728122232.GF86638@rambler-co.ru>

On Tue, Jul 28, 2009 at 08:18:05AM -0400, vburshteyn wrote:

> hey folks,
> 
> our of curiosity why is it when i change this line to have a new folder half the time it properly creates the new directory with all the subfolders the other time it does not.  It seems like hit or miss.  proxy_cache_path /etc/nginx/cacheBK levels=1:2 keys_zone=one:3000m max_size=5000m;

Is anything in error_log ?


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Tue Jul 28 17:04:49 2009
From: nginx-forum at nginx.us (vburshteyn)
Date: Tue, 28 Jul 2009 09:04:49 -0400
Subject: proxy issue
In-Reply-To: <20090728122232.GF86638@forum.nginx.org>
References: <44fde6cad7a2ff68703ed3229f696aeb.NginxMailingList@forum.nginx.org> <20090728122232.GF86638@forum.nginx.org>
Message-ID: <b450e6a171b38f459c9d1eaa7920e7ec.NginxMailingList@forum.nginx.org>

2009/07/28 12:45:33  17429#0: mmap(MAP_ANON|MAP_SHARED, 3145728000) failed (12: Cannot allocate memory)

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4529,4531#msg-4531





From is at rambler-co.ru  Tue Jul 28 17:05:49 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Tue, 28 Jul 2009 17:05:49 +0400
Subject: proxy issue
In-Reply-To: <b450e6a171b38f459c9d1eaa7920e7ec.NginxMailingList@forum.nginx.org>
References: <44fde6cad7a2ff68703ed3229f696aeb.NginxMailingList@forum.nginx.org> <20090728122232.GF86638@forum.nginx.org> <b450e6a171b38f459c9d1eaa7920e7ec.NginxMailingList@forum.nginx.org>
Message-ID: <20090728130549.GI86638@rambler-co.ru>

On Tue, Jul 28, 2009 at 09:04:49AM -0400, vburshteyn wrote:

> 2009/07/28 12:45:33  17429#0: mmap(MAP_ANON|MAP_SHARED, 3145728000) failed (12: Cannot allocate memory)

It seems you have no additional 3G on the host.
You need to decrease shared memory size, actually you do not need 3G.


-- 
Igor Sysoev
http://sysoev.ru/en/




From nunomagalhaes at eu.ipp.pt  Tue Jul 28 17:10:56 2009
From: nunomagalhaes at eu.ipp.pt (=?UTF-8?Q?Nuno_Magalh=C3=A3es?=)
Date: Tue, 28 Jul 2009 14:10:56 +0100
Subject: Content negotiation?
In-Reply-To: <20090728070216.GD82436@rambler-co.ru>
References: <6b1504c40907261308i497b50f0r2e7c43ff28a9f52e@mail.gmail.com> 
	<20090727061939.GC57057@rambler-co.ru> <20090728001747.GO3297@node.waugh.id.au> 
	<20090728070216.GD82436@rambler-co.ru>
Message-ID: <6b1504c40907280610p1d1058cfx60bc87a4606ce6ae@mail.gmail.com>

> The question is how many people set (or have by default) right language
> in browsers ?

Most don't even know how. That's not a cn issue, but rather a
webdevelopment issue. A well-designed site will have links for the
languages it serves on all pages, so that if the user has a default
english browser and yet only speaks (or prefers but didn't set)
spanish, can still choose accordingly. (Then the site has to set a
cookie or use a session to keep spanish, otherwise the next click will
take the user back to english. But, again, that's a webdevelopment
issue.)

I agree with Jeff Waugh on the images. If i have a site with old GIFs
(due to transparency for instance) and want to pass to PNG, cn would
be a plus - i can change the files all i want and still have the same
URI. (I could even set a filter so that if the client claims to be IE
just stick to GIF...) Unfortunately so far only Opera supports SVG.

Also a plus on text/html vs application/xhtml+xml but i'm still a
little blurry there.

-- 
()  ascii-rubanda kampajno - kontra? html-a retpo?to
/\  ascii ribbon campaign - against html e-mail




From wuzhez at gmail.com  Tue Jul 28 19:02:06 2009
From: wuzhez at gmail.com (=?GB2312?B?zuKGtOz1?=)
Date: Tue, 28 Jul 2009 23:02:06 +0800
Subject: can apache's module be used in nginx
Message-ID: <2c4c88f20907280802u6781f68eq48b6ea726687102d@mail.gmail.com>

Hi all,
      I have a problem now.
      I have a apache module which be used to send a special cookie to
browser, and the cookie contains a unique number. Now I want to move my
website from apache to nginx, if I want to use the module's function, what
can I do? thanks.

-- 
wuzhezhen
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090728/8d131dd7/attachment.html>

From dan at revelationglobal.com  Tue Jul 28 20:22:52 2009
From: dan at revelationglobal.com (Dan Herrera)
Date: Tue, 28 Jul 2009 09:22:52 -0700
Subject: Possible to proxy uploads to an upstream server?
Message-ID: <b89b94f00907280922l20b2a127tc25102c61517ea74@mail.gmail.com>

Greetings all,

We're trying to have two nginx servers that proxy uploads to a central
server for the purposes of processing video.

We're having an issue in this scenario where upload progress won't
show up because the request to view the progress of the upload will
sometimes hit the other nginx server in the load balanced cluster
which isn't tracking the upload.

We had the idea that the central video server could track the upload
for us, and report progress, but we've been unable to pass the upload
through directly to the end point without being buffered by the
client-facing nginx servers.  When the client-facing server buffers
the upload, we don't see upload progress from the remote server,
because the entire upload is passed through at one time.

Is it possible to direct the client-facing server to not buffer the upload.

Thanks,

dan

p.s.  Thank you so very much for your hard work on nginx!




From mike503 at gmail.com  Tue Jul 28 21:14:41 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Tue, 28 Jul 2009 10:14:41 -0700
Subject: mogilefs module 1.0.2
In-Reply-To: <15925554.211248778517254.JavaMail.root@zone.mtgsy.net>
References: <DC8DE022-3506-41DC-BDB9-561AFA198D6D@gmail.com>
	 <15925554.211248778517254.JavaMail.root@zone.mtgsy.net>
Message-ID: <bd9320b30907281014s76684d75h96b99412546d7fc6@mail.gmail.com>

On Tue, Jul 28, 2009 at 3:55 AM, Valery
Kholodkov<valery+nginxen at grid.net.ru> wrote:

> Well, the end user can upload directly to this as soon as it does via PUT request. Nginx already provides all necessary validations for PUT requests.

Well, yeah, but then you have to make sure all your max_size's are
bumped up etc (I assume) and that's one thing I wouldn't want to mess
with continuously. We just uploaded a 500 meg file for example.

> For POST requests I plan to implement a module which does conversion from POST to PUT internally in nginx. This will allow implementing a scalable web storage entirely on nginx. This module will be able to work with your partial upload thingy as well.

That would be awesome. All it really needs to do is collect the
portions and then push it.

However there would need to be some way to tell the application (like
a PHP app) that the event happened, so it knows and it can store the
link/key/etc. to the file.




From mike503 at gmail.com  Tue Jul 28 21:16:42 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Tue, 28 Jul 2009 10:16:42 -0700
Subject: mogilefs module 1.0.2
In-Reply-To: <10070418.181248777950714.JavaMail.root@zone.mtgsy.net>
References: <3DEDDBC4-B8AD-4496-BE98-AA41430776F1@gmail.com>
	 <10070418.181248777950714.JavaMail.root@zone.mtgsy.net>
Message-ID: <bd9320b30907281016s4a6451m61b255d291e6c402@mail.gmail.com>

On Tue, Jul 28, 2009 at 3:45 AM, Valery
Kholodkov<valery+nginxen at grid.net.ru> wrote:

> No, at the moment it makes only one replica, but I plan to implement replication at desired minimal number of nodes simultaneously.

Isn't the number of replicas defined when you use mogadm/etc. to
define a new domain? (I think replicas is a domain property)

It sounds like it is up to the client then to make sure it gets placed
on that many replicas. Not the tracker/mogilefsd. Although it might be
worth looking into to see if it does, there is a replication portion
of the daemon I believe that is supposed to keep that number of
replicas alive at all times (I believe) - perhaps you can just be lazy
and let it do it's job :)




From apseudoutopia at gmail.com  Wed Jul 29 00:47:26 2009
From: apseudoutopia at gmail.com (APseudoUtopia)
Date: Tue, 28 Jul 2009 16:47:26 -0400
Subject: Alias in Nginx Config
In-Reply-To: <20090726192545.GB48529@rambler-co.ru>
References: <27ade5280907261107y4e2b4dd7x92d42cf24eccd454@mail.gmail.com> 
	<20090726192545.GB48529@rambler-co.ru>
Message-ID: <27ade5280907281347m40e7f417i5f0e772a654bdaf0@mail.gmail.com>

2009/7/26 Igor Sysoev <is at rambler-co.ru>:
> On Sun, Jul 26, 2009 at 02:07:28PM -0400, APseudoUtopia wrote:
>
>> Hey list,
>>
>> How does one create an alias in nginx? Here's my setup:
>>
>> My web-root is /usr/local/www/main. It's a copy of a SVN repo, so I
>> cannot manually add any folders in there.
>> I want to make an alias from domain.com/wiki to /usr/local/www/wiki.
>> I've tried the following code:
>>
>> location = /wiki {
>> alias /usr/local/www/wiki;
>> }
>>
>> But this isn't working. nginx is returning a "404" error. Here's the
>> whole config for the server block:
>>
>> server {
>> ? ? set $web_root /usr/local/www/main;
>>
>> ? ? listen x.x.x.x:443 default accept_filter=httpready;
>> ? ? server_name domain.tld;
>> ? ? access_log /var/log/httpd/nginx.access.ssl.log main buffer=4k;
>> ? ? root $web_root;
>>
>> ? ? # www redirect
>> ? ? if ($host ~* www\.(.*)) {
>> ? ? ? ? rewrite ^(.*)$ https://domain.tld$1 permanent;
>> ? ? }
>>
>> ? ? ssl on;
>> ? ? ssl_certificate /usr/local/etc/nginx/ssl.crt;
>> ? ? ssl_certificate_key /usr/local/etc/nginx/ssl.key;
>> ? ? ssl_ciphers -ALL:!ADH:!NULL:!aNULL:!eNULL:HIGH;
>> ? ? ssl_prefer_server_ciphers on;
>> ? ? ssl_protocols SSLv3 TLSv1;
>> ? ? ssl_verify_client off;
>> ? ? ssl_verify_depth 1;
>> ? ? ssl_session_cache shared:NGXSSL:1m;
>> ? ? ssl_session_timeout 5m;
>>
>> ? ? # Wiki
>> ? ? location = /wiki/ {
>> ? ? ? ? alias /usr/local/www/skittles_wiki/;
>> ? ? }
>>
>> ? ? location ~ .*\.php$ {
>> ? ? ? ? try_files $uri /404.html;
>> ? ? ? ? fastcgi_index index.php;
>> ? ? ? ? fastcgi_ignore_client_abort off;
>> ? ? ? ? fastcgi_intercept_errors off;
>> ? ? ? ? fastcgi_pass 127.0.0.1:9000;
>> ? ? ? ? fastcgi_read_timeout 10; # sec to wait for php-cgi to return data
>> ? ? ? ? fastcgi_param SCRIPT_FILENAME $web_root$fastcgi_script_name;
>> ? ? ? ? include /usr/local/etc/nginx/fastcgi_params;
>> ? ? }
>> }
>
> Frist, this
>
> ? ? # www redirect
> ? ? if ($host ~* www\.(.*)) {
> ? ? ? ? rewrite ^(.*)$ https://domain.tld$1 permanent;
> ? ? }
>
> should be written as separate server:
>
> server {
> ? ? server_name www.domain.tld;
>
> ? ? rewrite ^(.*)$ https://domain.tld$1 permanent;
> }
>
> Second, "set" in
>
> ? ? set $web_root /usr/local/www/main;
> ? ? ...
> ? ? root $web_root;
> ? ? ...
> ? ? ? ? fastcgi_param SCRIPT_FILENAME $web_root$fastcgi_script_name;
>
> is just waste of CPU cycles and should be changed to
>
> ? ? root /usr/local/www/main;
> ? ? ...
> ? ? ? ? fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
>
> As to wiki, you need to omit "=":
>
> ? ? location /wiki/ {
> ? ? ? ? alias /usr/local/www/skittles_wiki/;
> ? ? }
>
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
>

Thanks for the quick reply Igor. However, the changes don't seem to
make any difference; I'm still getting the 404 error. After playing
around with my configuration, it seems to be related to the try_files
inside the "location ~ .*\.php$" block. Do you (or anyone else) know
of a way I can solve this? It's a big confusing.

Thanks.




From delta.yeh at gmail.com  Wed Jul 29 06:13:01 2009
From: delta.yeh at gmail.com (Delta Yeh)
Date: Wed, 29 Jul 2009 10:13:01 +0800
Subject: can apache's module be used in nginx
In-Reply-To: <2c4c88f20907280802u6781f68eq48b6ea726687102d@mail.gmail.com>
References: <2c4c88f20907280802u6781f68eq48b6ea726687102d@mail.gmail.com>
Message-ID: <beffb2170907281913v9c669b6ge3755a9ed50810ba@mail.gmail.com>

I don't think so .

2009/7/28 ??? <wuzhez at gmail.com>

> Hi all,
>       I have a problem now.
>       I have a apache module which be used to send a special cookie to
> browser, and the cookie contains a unique number. Now I want to move my
> website from apache to nginx, if I want to use the module's function, what
> can I do? thanks.
>
> --
> wuzhezhen
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090729/96c0146c/attachment.html>

From nginx-forum at nginx.us  Wed Jul 29 06:27:16 2009
From: nginx-forum at nginx.us (supergui)
Date: Tue, 28 Jul 2009 22:27:16 -0400
Subject: how to hook connection close event?
Message-ID: <0b39836e4dc480bfb42a10d82b66d2bc.NginxMailingList@forum.nginx.org>

the situation is that the fd is close by the client, the nginx will close the connection. my module need to know the close event, and do some my customized close action before that(e.g release my resource).

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4545,4545#msg-4545





From iamsempr at gmail.com  Wed Jul 29 06:32:02 2009
From: iamsempr at gmail.com (=?UTF-8?B?546L6Imv5pm2?=)
Date: Wed, 29 Jul 2009 10:32:02 +0800
Subject: can apache's module be used in nginx
In-Reply-To: <2c4c88f20907280802u6781f68eq48b6ea726687102d@mail.gmail.com>
References: <2c4c88f20907280802u6781f68eq48b6ea726687102d@mail.gmail.com>
Message-ID: <a7f002590907281932m1f4c2f09sa23bb39a87e466dd@mail.gmail.com>

There r so many difference between nginx and apache.
So I don't think I can be used.
But.... you can do some changes. Many be more than 50% codes will be
changed, I think.



2009/7/28 ??? <wuzhez at gmail.com>

> Hi all,
>       I have a problem now.
>       I have a apache module which be used to send a special cookie to
> browser, and the cookie contains a unique number. Now I want to move my
> website from apache to nginx, if I want to use the module's function, what
> can I do? thanks.
>
> --
> wuzhezhen
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090729/51f6a5ec/attachment.html>

From nbubingo at gmail.com  Wed Jul 29 06:46:03 2009
From: nbubingo at gmail.com (Weibin Yao)
Date: Wed, 29 Jul 2009 10:46:03 +0800
Subject: can apache's module be used in nginx
In-Reply-To: <2c4c88f20907280802u6781f68eq48b6ea726687102d@mail.gmail.com>
References: <2c4c88f20907280802u6781f68eq48b6ea726687102d@mail.gmail.com>
Message-ID: <4A6FB7EB.6020207@gmail.com>

??? at 2009-7-28 23:02 wrote:
> Hi all,
> I have a problem now.
> I have a apache module which be used to send a special cookie to 
> browser, and the cookie contains a unique number. Now I want to move 
> my website from apache to nginx, if I want to use the module's 
> function, what can I do? thanks.
>
Try http://wiki.nginx.org/NginxHttpHeadersModule or 
http://wiki.nginx.org/NginxHttpUserIdModule. If these modules can't feed 
your need, you should wirte a filter modlue like these.

-- 
Weibin Yao





From nginx-forum at nginx.us  Wed Jul 29 07:44:32 2009
From: nginx-forum at nginx.us (peacock)
Date: Tue, 28 Jul 2009 23:44:32 -0400
Subject: How to solve the problem of "405 not allowed"?
In-Reply-To: <c1b6567d6676f62cdcd658d71a9151cc.NginxMailingList@forum.nginx.org>
References: <c1b6567d6676f62cdcd658d71a9151cc.NginxMailingList@forum.nginx.org>
Message-ID: <c6970b81eac305fb29fc753230d7f34e.NginxMailingList@forum.nginx.org>

Unfortunately, so far(0.8.7), not to solve this problem :(

I read the source code, ngx_http_static_module.c documents found this piece of code inside

    if (r->method & NGX_HTTP_POST) {
        return NGX_HTTP_NOT_ALLOWED;
    }


Posted at Nginx Forum: http://forum.nginx.org/read.php?2,2414,4549#msg-4549





From nginx-forum at nginx.us  Wed Jul 29 07:49:53 2009
From: nginx-forum at nginx.us (peacock)
Date: Tue, 28 Jul 2009 23:49:53 -0400
Subject: bug: POST to static page causes 405
In-Reply-To: <A64EADCE-317F-43EB-8E32-4C1457513563@forum.nginx.org>
References: <370586.70909.qm@web46311.mail.sp1.yahoo.com> <20080520170233.GA17326@calomel.org> <A64EADCE-317F-43EB-8E32-4C1457513563@forum.nginx.org>
Message-ID: <2c19ad1c0b5b635f640ba973271bce04.NginxMailingList@forum.nginx.org>

Hope to solve this problem as soon as possible :)

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4429,4550#msg-4550





From frumentius at gmail.com  Wed Jul 29 08:04:54 2009
From: frumentius at gmail.com (Joe)
Date: Wed, 29 Jul 2009 11:04:54 +0700
Subject: Nginx for performance, with suhosin
In-Reply-To: <16b7ceee0907270740x54b6135cr2db449e5abb84ac1@mail.gmail.com>
References: <f68f97510907270453r1e4682b4ua9ac6782b8a7435b@mail.gmail.com>
	 <16b7ceee0907270740x54b6135cr2db449e5abb84ac1@mail.gmail.com>
Message-ID: <f68f97510907282104y4d0632car89b174368ed40a30@mail.gmail.com>

Okay.
Thanks Mathew.



Regards,
Joe



On Mon, Jul 27, 2009 at 9:40 PM, Mathew Davies <
thepixeldeveloper at googlemail.com> wrote:

> Umm, Sohshin is for PHP and wont affect your NGinx performance. You
> should be asking this on the PHP mailing list.
>
> 2009/7/27 Joe <frumentius at gmail.com>:
> > Hello,
> >
> > I am installing nginx for performance, is suhosin really needed for
> > security?
> > With suhosin patch seems no trouble.
> > But with suhosin installed extension, canary mismatch on efree() - heap
> > overflow detected found 3-15 daily.
> >
> > I want to remove suhosin patch and extension without any aware of
> security
> > problem.
> >
> > I have googling around, many people doesn't use suhosin.
> >
> > Thank You in advance.
> >
> > Regards,
> > Joe
> >
>
>
>
> --
> Kind Regards,
> Mathew Davies - Managing Director
> The Pixel Developer
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090729/d7fa1e4e/attachment.html>

From wuzhez at gmail.com  Wed Jul 29 08:54:27 2009
From: wuzhez at gmail.com (wuzhez)
Date: Wed, 29 Jul 2009 12:54:27 +0800
Subject: can apache's module be used in nginx
References: <4A6FB7EB.6020207@gmail.com>
Message-ID: <DreamMail__125427_70555775588@smtp.gmail.com>

Hi all,
    Like the NginxHttpUserIdModule, but it is difficult to used for. 
    Can I do like this:when a browser visit the website, nginx send something to apache, and apache send the cookie to browser by nginx ?


wuzhez??wuzhez at gmail.com
2009-07-29 
----- Original Message ----- 
From: Weibin Yao 
To: nginx 
Sent: 2009-07-29, 10:46:03
Subject: Re: can apache's module be used in nginx


?????? at 2009-7-28 23:02 wrote:
> Hi all,
> I have a problem now.
> I have a apache module which be used to send a special cookie to 
> browser, and the cookie contains a unique number. Now I want to move 
> my website from apache to nginx, if I want to use the module's 
> function, what can I do? thanks.
>
Try http://wiki.nginx.org/NginxHttpHeadersModule or 
http://wiki.nginx.org/NginxHttpUserIdModule. If these modules can't feed 
your need, you should wirte a filter modlue like these.

-- 
Weibin Yao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090729/8de32ff1/attachment.html>

From juangiordana at gmail.com  Wed Jul 29 12:16:11 2009
From: juangiordana at gmail.com (Juan Fco. Giordana)
Date: Wed, 29 Jul 2009 05:16:11 -0300
Subject: Content negotiation?
In-Reply-To: <20090728070216.GD82436@rambler-co.ru>
References: <6b1504c40907261308i497b50f0r2e7c43ff28a9f52e@mail.gmail.com> <20090727061939.GC57057@rambler-co.ru> <20090728001747.GO3297@node.waugh.id.au> <20090728070216.GD82436@rambler-co.ru>
Message-ID: <4A70054B.3060300@gmail.com>

Igor Sysoev wrote:
> The question is how many people set (or have by default) right language
> in browsers ?

The download page of Opera, Firefox or IE provide you with the localized 
version of the program by default, at least that works from Argentina. 
So I assume most people have it but they don't know that it is there anyway.

I've learned to have all my programs in English and that part of content 
negotiation is a pain for me.

Also, the flash player plug-in download page offers a localized version 
of the binary based on the IP geographic location).

My 2 cents.




From is at rambler-co.ru  Wed Jul 29 12:14:47 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 29 Jul 2009 12:14:47 +0400
Subject: can apache's module be used in nginx
In-Reply-To: <DreamMail__125427_70555775588@smtp.gmail.com>
References: <4A6FB7EB.6020207@gmail.com> <DreamMail__125427_70555775588@smtp.gmail.com>
Message-ID: <20090729081447.GA51147@rambler-co.ru>

On Wed, Jul 29, 2009 at 12:54:27PM +0800, wuzhez wrote:

> Hi all,
>     Like the NginxHttpUserIdModule, but it is difficult to used for. 
>     Can I do like this:when a browser visit the website, nginx send something to apache, and apache send the cookie to browser by nginx ?

In this case you probably do not need nginx.

> wuzhez??wuzhez at gmail.com
> 2009-07-29 
> ----- Original Message ----- 
> From: Weibin Yao 
> To: nginx 
> Sent: 2009-07-29, 10:46:03
> Subject: Re: can apache's module be used in nginx
> 
> 
> ?????? at 2009-7-28 23:02 wrote:
> > Hi all,
> > I have a problem now.
> > I have a apache module which be used to send a special cookie to 
> > browser, and the cookie contains a unique number. Now I want to move 
> > my website from apache to nginx, if I want to use the module's 
> > function, what can I do? thanks.
> >
> Try http://wiki.nginx.org/NginxHttpHeadersModule or 
> http://wiki.nginx.org/NginxHttpUserIdModule. If these modules can't feed 
> your need, you should wirte a filter modlue like these.
> 
> -- 
> Weibin Yao

-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Wed Jul 29 12:33:20 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 29 Jul 2009 12:33:20 +0400
Subject: bug: POST to static page causes 405
In-Reply-To: <2c19ad1c0b5b635f640ba973271bce04.NginxMailingList@forum.nginx.org>
References: <370586.70909.qm@web46311.mail.sp1.yahoo.com> <20080520170233.GA17326@calomel.org> <A64EADCE-317F-43EB-8E32-4C1457513563@forum.nginx.org> <2c19ad1c0b5b635f640ba973271bce04.NginxMailingList@forum.nginx.org>
Message-ID: <20090729083320.GB51147@rambler-co.ru>

On Tue, Jul 28, 2009 at 11:49:53PM -0400, peacock wrote:

> Hope to solve this problem as soon as possible :)

Try the attached patch.


-- 
Igor Sysoev
http://sysoev.ru/en/
-------------- next part --------------
Index: src/http/ngx_http_request.c
===================================================================
--- src/http/ngx_http_request.c	(revision 2328)
+++ src/http/ngx_http_request.c	(working copy)
@@ -2274,6 +2274,19 @@
         r->lingering_time = ngx_time() + (time_t) (clcf->lingering_time / 1000);
         ngx_add_timer(rev, clcf->lingering_timeout);
         return;
+
+    } else {
+
+        r->expect_tested = 1;
+
+        if (ngx_http_discard_request_body(r) != NGX_OK) {
+            ngx_http_close_connection(c);
+            return;
+        }
+
+        if (r->discard_body) {
+            return;
+        }
     }
 
     c->log->action = "closing request";
Index: src/http/ngx_http_core_module.c
===================================================================
--- src/http/ngx_http_core_module.c	(revision 2328)
+++ src/http/ngx_http_core_module.c	(working copy)
@@ -2061,9 +2061,7 @@
     ngx_http_clear_accept_ranges(sr);
     ngx_http_clear_last_modified(sr);
 
-    sr->request_body = r->request_body;
-
-    sr->method = NGX_HTTP_GET;
+    sr->method = r->method;
     sr->http_version = r->http_version;
 
     sr->request_line = r->request_line;
@@ -2081,7 +2079,7 @@
     sr->waited = (flags & NGX_HTTP_SUBREQUEST_WAITED) != 0;
 
     sr->unparsed_uri = r->unparsed_uri;
-    sr->method_name = ngx_http_core_get_method;
+    sr->method_name = r->method_name;
     sr->http_protocol = r->http_protocol;
 
     ngx_http_set_exten(sr);
Index: src/http/ngx_http_upstream.c
===================================================================
--- src/http/ngx_http_upstream.c	(revision 2328)
+++ src/http/ngx_http_upstream.c	(working copy)
@@ -420,8 +420,8 @@
         }
     }
 
-    if (r->request_body) {
-        u->request_bufs = r->request_body->bufs;
+    if (r->main->request_body) {
+        u->request_bufs = r->main->request_body->bufs;
     }
 
 #if (NGX_HTTP_CACHE)
@@ -986,9 +986,10 @@
 static void
 ngx_http_upstream_connect(ngx_http_request_t *r, ngx_http_upstream_t *u)
 {
-    ngx_int_t          rc;
-    ngx_time_t        *tp;
-    ngx_connection_t  *c;
+    ngx_int_t                 rc;
+    ngx_time_t               *tp;
+    ngx_connection_t         *c;
+    ngx_http_request_body_t  *rb;
 
     r->connection->log->action = "connecting to upstream";
 
@@ -1072,14 +1073,14 @@
         }
     }
 
-    if (r->request_body
-        && r->request_body->buf
-        && r->request_body->temp_file
-        && r == r->main)
-    {
+    rb = r->main->request_body;
+
+    if (r == r->main && rb && rb->buf && rb->temp_file) {
+
         /*
-         * the r->request_body->buf can be reused for one request only,
-         * the subrequests should allocate their own temporay bufs
+         * the r->main->request_body->buf can be reused in ngx_output_chain()
+         * for reading file in single request only, therefore
+         * subrequests should allocate their own temporary bufs
          */
 
         u->output.free = ngx_alloc_chain_link(r->pool);
@@ -1089,13 +1090,13 @@
             return;
         }
 
-        u->output.free->buf = r->request_body->buf;
+        u->output.free->buf = rb->buf;
         u->output.free->next = NULL;
         u->output.allocated = 1;
 
-        r->request_body->buf->pos = r->request_body->buf->start;
-        r->request_body->buf->last = r->request_body->buf->start;
-        r->request_body->buf->tag = u->output.tag;
+        rb->buf->pos = rb->buf->start;
+        rb->buf->last = rb->buf->start;
+        rb->buf->tag = u->output.tag;
     }
 
     u->request_sent = 0;
@@ -1216,8 +1217,8 @@
 
     /* reinit the subrequest's ngx_output_chain() context */
 
-    if (r->request_body && r->request_body->temp_file
-        && r != r->main && u->output.buf)
+    if (r != r->main && u->output.buf
+        && r->main->request_body && r->main->request_body->temp_file)
     {
         u->output.free = ngx_alloc_chain_link(r->pool);
         if (u->output.free == NULL) {
@@ -1922,6 +1923,7 @@
     ngx_int_t                  rc;
     ngx_event_pipe_t          *p;
     ngx_connection_t          *c;
+    ngx_http_request_body_t   *rb;
     ngx_http_core_loc_conf_t  *clcf;
 
     rc = ngx_http_send_header(r);
@@ -1954,9 +1956,11 @@
 
     u->header_sent = 1;
 
-    if (r->request_body && r->request_body->temp_file) {
-        ngx_pool_run_cleanup_file(r->pool, r->request_body->temp_file->file.fd);
-        r->request_body->temp_file->file.fd = NGX_INVALID_FILE;
+    rb = r->main->request_body;
+
+    if (rb && rb->temp_file) {
+        ngx_pool_run_cleanup_file(r->pool, rb->temp_file->file.fd);
+        rb->temp_file->file.fd = NGX_INVALID_FILE;
     }
 
     clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
Index: src/http/ngx_http_request_body.c
===================================================================
--- src/http/ngx_http_request_body.c	(revision 2328)
+++ src/http/ngx_http_request_body.c	(working copy)
@@ -20,7 +20,7 @@
 
 /*
  * on completion ngx_http_read_client_request_body() adds to
- * r->request_body->bufs one or two bufs:
+ * r->main->request_body->bufs one or two bufs:
  *    *) one memory buf that was preread in r->header_in;
  *    *) one memory or file buf that contains the rest of the body
  */
@@ -34,44 +34,47 @@
     ngx_buf_t                 *b;
     ngx_chain_t               *cl, **next;
     ngx_temp_file_t           *tf;
+    ngx_http_request_t        *mr;
     ngx_http_request_body_t   *rb;
     ngx_http_core_loc_conf_t  *clcf;
 
-    if (r->request_body || r->discard_body) {
+    mr = r->main;
+
+    if (mr->request_body || mr->discard_body) {
         post_handler(r);
         return NGX_OK;
     }
 
-    if (ngx_http_test_expect(r) != NGX_OK) {
+    if (ngx_http_test_expect(mr) != NGX_OK) {
         return NGX_HTTP_INTERNAL_SERVER_ERROR;
     }
 
-    rb = ngx_pcalloc(r->pool, sizeof(ngx_http_request_body_t));
+    rb = ngx_pcalloc(mr->pool, sizeof(ngx_http_request_body_t));
     if (rb == NULL) {
         return NGX_HTTP_INTERNAL_SERVER_ERROR;
     }
 
-    r->request_body = rb;
+    mr->request_body = rb;
 
-    if (r->headers_in.content_length_n < 0) {
+    if (mr->headers_in.content_length_n < 0) {
         post_handler(r);
         return NGX_OK;
     }
 
     clcf = ngx_http_get_module_loc_conf(r, ngx_http_core_module);
 
-    if (r->headers_in.content_length_n == 0) {
+    if (mr->headers_in.content_length_n == 0) {
 
         if (r->request_body_in_file_only) {
-            tf = ngx_pcalloc(r->pool, sizeof(ngx_temp_file_t));
+            tf = ngx_pcalloc(mr->pool, sizeof(ngx_temp_file_t));
             if (tf == NULL) {
                 return NGX_HTTP_INTERNAL_SERVER_ERROR;
             }
 
             tf->file.fd = NGX_INVALID_FILE;
-            tf->file.log = r->connection->log;
+            tf->file.log = mr->connection->log;
             tf->path = clcf->client_body_temp_path;
-            tf->pool = r->pool;
+            tf->pool = mr->pool;
             tf->warn = "a client request body is buffered to a temporary file";
             tf->log_level = r->request_body_file_log_level;
             tf->persistent = r->request_body_in_persistent_file;
@@ -106,27 +109,27 @@
      *     rb->rest = 0;
      */
 
-    preread = r->header_in->last - r->header_in->pos;
+    preread = mr->header_in->last - mr->header_in->pos;
 
     if (preread) {
 
         /* there is the pre-read part of the request body */
 
-        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
+        ngx_log_debug1(NGX_LOG_DEBUG_HTTP, mr->connection->log, 0,
                        "http client request body preread %uz", preread);
 
-        b = ngx_calloc_buf(r->pool);
+        b = ngx_calloc_buf(mr->pool);
         if (b == NULL) {
             return NGX_HTTP_INTERNAL_SERVER_ERROR;
         }
 
         b->temporary = 1;
-        b->start = r->header_in->pos;
-        b->pos = r->header_in->pos;
-        b->last = r->header_in->last;
-        b->end = r->header_in->end;
+        b->start = mr->header_in->pos;
+        b->pos = mr->header_in->pos;
+        b->last = mr->header_in->last;
+        b->end = mr->header_in->end;
 
-        rb->bufs = ngx_alloc_chain_link(r->pool);
+        rb->bufs = ngx_alloc_chain_link(mr->pool);
         if (rb->bufs == NULL) {
             return NGX_HTTP_INTERNAL_SERVER_ERROR;
         }
@@ -136,15 +139,15 @@
 
         rb->buf = b;
 
-        if ((off_t) preread >= r->headers_in.content_length_n) {
+        if ((off_t) preread >= mr->headers_in.content_length_n) {
 
             /* the whole request body was pre-read */
 
-            r->header_in->pos += (size_t) r->headers_in.content_length_n;
-            r->request_length += r->headers_in.content_length_n;
+            mr->header_in->pos += (size_t) mr->headers_in.content_length_n;
+            mr->request_length += mr->headers_in.content_length_n;
 
-            if (r->request_body_in_file_only) {
-                if (ngx_http_write_request_body(r, rb->bufs) != NGX_OK) {
+            if (mr->request_body_in_file_only) {
+                if (ngx_http_write_request_body(mr, rb->bufs) != NGX_OK) {
                     return NGX_HTTP_INTERNAL_SERVER_ERROR;
                 }
             }
@@ -158,11 +161,11 @@
          * to not consider the body as pipelined request in
          * ngx_http_set_keepalive()
          */
-        r->header_in->pos = r->header_in->last;
+        mr->header_in->pos = mr->header_in->last;
 
-        r->request_length += preread;
+        mr->request_length += preread;
 
-        rb->rest = r->headers_in.content_length_n - preread;
+        rb->rest = mr->headers_in.content_length_n - preread;
 
         if (rb->rest <= (off_t) (b->end - b->last)) {
 
@@ -179,7 +182,7 @@
 
     } else {
         b = NULL;
-        rb->rest = r->headers_in.content_length_n;
+        rb->rest = mr->headers_in.content_length_n;
         next = &rb->bufs;
     }
 
@@ -200,12 +203,12 @@
         b = NULL;
     }
 
-    rb->buf = ngx_create_temp_buf(r->pool, size);
+    rb->buf = ngx_create_temp_buf(mr->pool, size);
     if (rb->buf == NULL) {
         return NGX_HTTP_INTERNAL_SERVER_ERROR;
     }
 
-    cl = ngx_alloc_chain_link(r->pool);
+    cl = ngx_alloc_chain_link(mr->pool);
     if (cl == NULL) {
         return NGX_HTTP_INTERNAL_SERVER_ERROR;
     }
@@ -250,7 +253,7 @@
     rc = ngx_http_do_read_client_request_body(r);
 
     if (rc >= NGX_HTTP_SPECIAL_RESPONSE) {
-        ngx_http_finalize_request(r, rc);
+        ngx_http_finalize_request(r->main, rc);
     }
 }
 
@@ -262,11 +265,13 @@
     ssize_t                    n;
     ngx_buf_t                 *b;
     ngx_connection_t          *c;
+    ngx_http_request_t        *mr;
     ngx_http_request_body_t   *rb;
     ngx_http_core_loc_conf_t  *clcf;
 
     c = r->connection;
-    rb = r->request_body;
+    mr = r->main;
+    rb = mr->request_body;
 
     ngx_log_debug0(NGX_LOG_DEBUG_HTTP, c->log, 0,
                    "http read client request body");
@@ -275,7 +280,7 @@
         for ( ;; ) {
             if (rb->buf->last == rb->buf->end) {
 
-                if (ngx_http_write_request_body(r, rb->to_write) != NGX_OK) {
+                if (ngx_http_write_request_body(mr, rb->to_write) != NGX_OK) {
                     return NGX_HTTP_INTERNAL_SERVER_ERROR;
                 }
 
@@ -310,7 +315,7 @@
 
             rb->buf->last += n;
             rb->rest -= n;
-            r->request_length += n;
+            mr->request_length += n;
 
             if (rb->rest == 0) {
                 break;
@@ -348,7 +353,7 @@
 
         /* save the last part */
 
-        if (ngx_http_write_request_body(r, rb->to_write) != NGX_OK) {
+        if (ngx_http_write_request_body(mr, rb->to_write) != NGX_OK) {
             return NGX_HTTP_INTERNAL_SERVER_ERROR;
         }
 
Index: src/http/ngx_http_variables.c
===================================================================
--- src/http/ngx_http_variables.c	(revision 2328)
+++ src/http/ngx_http_variables.c	(working copy)
@@ -1540,17 +1540,21 @@
 ngx_http_variable_request_body_file(ngx_http_request_t *r,
     ngx_http_variable_value_t *v, uintptr_t data)
 {
-    if (r->request_body == NULL || r->request_body->temp_file == NULL) {
+    ngx_http_request_body_t  *rb;
+
+    rb = r->request_body;
+
+    if (rb == NULL || rb->temp_file == NULL) {
         v->not_found = 1;
 
         return NGX_OK;
     }
 
-    v->len = r->request_body->temp_file->file.name.len;
+    v->len = rb->temp_file->file.name.len;
     v->valid = 1;
     v->no_cacheable = 0;
     v->not_found = 0;
-    v->data = r->request_body->temp_file->file.name.data;
+    v->data = rb->temp_file->file.name.data;
 
     return NGX_OK;
 }
Index: src/http/modules/ngx_http_dav_module.c
===================================================================
--- src/http/modules/ngx_http_dav_module.c	(revision 2328)
+++ src/http/modules/ngx_http_dav_module.c	(working copy)
@@ -219,7 +219,7 @@
     ngx_log_debug1(NGX_LOG_DEBUG_HTTP, r->connection->log, 0,
                    "http put filename: \"%s\"", path.data);
 
-    temp = &r->request_body->temp_file->file.name;
+    temp = &r->main->request_body->temp_file->file.name;
 
     if (ngx_file_info(path.data, &fi) == NGX_FILE_ERROR) {
         status = NGX_HTTP_CREATED;
@@ -258,7 +258,7 @@
 
         if (date != NGX_ERROR) {
             ext.time = date;
-            ext.fd = r->request_body->temp_file->file.fd;
+            ext.fd = r->main->request_body->temp_file->file.fd;
         }
     }
 
Index: src/http/modules/ngx_http_static_module.c
===================================================================
--- src/http/modules/ngx_http_static_module.c	(revision 2328)
+++ src/http/modules/ngx_http_static_module.c	(working copy)
@@ -196,14 +196,13 @@
 
 #endif
 
-    if (r->method & NGX_HTTP_POST) {
-        return NGX_HTTP_NOT_ALLOWED;
-    }
+    if (r->method & (NGX_HTTP_GET|NGX_HTTP_HEAD)) {
 
-    rc = ngx_http_discard_request_body(r);
+        rc = ngx_http_discard_request_body(r);
 
-    if (rc != NGX_OK) {
-        return rc;
+        if (rc != NGX_OK) {
+            return rc;
+        }
     }
 
     log->action = "sending response to client";
Index: src/http/modules/perl/nginx.xs
===================================================================
--- src/http/modules/perl/nginx.xs	(revision 2328)
+++ src/http/modules/perl/nginx.xs	(working copy)
@@ -384,25 +384,25 @@
     CODE:
 
     dXSTARG;
-    ngx_http_request_t  *r;
-    size_t               len;
+    ngx_http_request_t       *r;
+    ngx_http_request_body_t  *rb;
+    size_t                    len;
 
     ngx_http_perl_set_request(r);
 
-    if (r->request_body == NULL
-        || r->request_body->temp_file
-        || r->request_body->bufs == NULL)
-    {
+    rb = r->main->request_body;
+
+    if (rb == NULL || rb->temp_file || rb->bufs == NULL) {
         XSRETURN_UNDEF;
     }
 
-    len = r->request_body->bufs->buf->last - r->request_body->bufs->buf->pos;
+    len = rb->bufs->buf->last - rb->bufs->buf->pos;
 
     if (len == 0) {
         XSRETURN_UNDEF;
     }
 
-    ngx_http_perl_set_targ(r->request_body->bufs->buf->pos, len);
+    ngx_http_perl_set_targ(rb->bufs->buf->pos, len);
 
     ST(0) = TARG;
 
@@ -412,16 +412,19 @@
     CODE:
 
     dXSTARG;
-    ngx_http_request_t  *r;
+    ngx_http_request_t       *r;
+    ngx_http_request_body_t  *rb;
 
     ngx_http_perl_set_request(r);
 
-    if (r->request_body == NULL || r->request_body->temp_file == NULL) {
+    rb = r->main->request_body;
+
+    if (rb == NULL || rb->temp_file == NULL) {
         XSRETURN_UNDEF;
     }
 
-    ngx_http_perl_set_targ(r->request_body->temp_file->file.name.data,
-                           r->request_body->temp_file->file.name.len);
+    ngx_http_perl_set_targ(rb->temp_file->file.name.data,
+                           rb->temp_file->file.name.len);
 
     ST(0) = TARG;
 

From nginx-forum at nginx.us  Wed Jul 29 12:49:10 2009
From: nginx-forum at nginx.us (shaktale)
Date: Wed, 29 Jul 2009 04:49:10 -0400
Subject: custom 404 nginx + php-fpm
Message-ID: <2d6017ad5e69f0f52652525fea67663e.NginxMailingList@forum.nginx.org>

Hi all.

I have the folllowing config:

  
# static files without rewrite
  location ~ ^.+\.(js|jpe?g|gif|png|css)$ {
        # 404 
        try_files  $uri /index.php;
        expires 1d;
  }

  location / {
     rewrite ^/(.+)_(.+)/(.+)/$ /index.php/action1/$1/action2/$2/action3/$3 last;
     rewrite ^(/.+_.+/.+)([^/])$ $1$2/ permanent;

     try_files $uri /index.php?$args;
  }

  # PHP
  location ~ ^(.+\.php.*)$ {
    fastcgi_split_path_info         ^(.+\.php)(.*)$;
    fastcgi_pass   127.0.0.1:9000;

    include /usr/local/nginx/conf/fastcgi_params;
    fastcgi_param  PATH_INFO        $fastcgi_path_info;
    fastcgi_param  SCRIPT_NAME      $fastcgi_script_name;
  }


I want to handle 404 errors with application (index.php). 

Works fine, except urls with php files, ie mydomain.com/foo.php

The foo.php is passed to fcgi, and php-fpm returns "No input file specified." 

If I use try_file in the "location ~ ^(.+\.php.*)$", then, the rewrites stops working. An error_page does not work either.

Any ideas ? 

Thanks in advance.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4556,4556#msg-4556





From is at rambler-co.ru  Wed Jul 29 12:50:47 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 29 Jul 2009 12:50:47 +0400
Subject: Alias in Nginx Config
In-Reply-To: <27ade5280907281347m40e7f417i5f0e772a654bdaf0@mail.gmail.com>
References: <27ade5280907261107y4e2b4dd7x92d42cf24eccd454@mail.gmail.com> <20090726192545.GB48529@rambler-co.ru> <27ade5280907281347m40e7f417i5f0e772a654bdaf0@mail.gmail.com>
Message-ID: <20090729085047.GC51147@rambler-co.ru>

On Tue, Jul 28, 2009 at 04:47:26PM -0400, APseudoUtopia wrote:

> 2009/7/26 Igor Sysoev <is at rambler-co.ru>:
> > On Sun, Jul 26, 2009 at 02:07:28PM -0400, APseudoUtopia wrote:
> >
> >> Hey list,
> >>
> >> How does one create an alias in nginx? Here's my setup:
> >>
> >> My web-root is /usr/local/www/main. It's a copy of a SVN repo, so I
> >> cannot manually add any folders in there.
> >> I want to make an alias from domain.com/wiki to /usr/local/www/wiki.
> >> I've tried the following code:
> >>
> >> location = /wiki {
> >> alias /usr/local/www/wiki;
> >> }
> >>
> >> But this isn't working. nginx is returning a "404" error. Here's the
> >> whole config for the server block:
> >>
> >> server {
> >> ? ? set $web_root /usr/local/www/main;
> >>
> >> ? ? listen x.x.x.x:443 default accept_filter=httpready;
> >> ? ? server_name domain.tld;
> >> ? ? access_log /var/log/httpd/nginx.access.ssl.log main buffer=4k;
> >> ? ? root $web_root;
> >>
> >> ? ? # www redirect
> >> ? ? if ($host ~* www\.(.*)) {
> >> ? ? ? ? rewrite ^(.*)$ https://domain.tld$1 permanent;
> >> ? ? }
> >>
> >> ? ? ssl on;
> >> ? ? ssl_certificate /usr/local/etc/nginx/ssl.crt;
> >> ? ? ssl_certificate_key /usr/local/etc/nginx/ssl.key;
> >> ? ? ssl_ciphers -ALL:!ADH:!NULL:!aNULL:!eNULL:HIGH;
> >> ? ? ssl_prefer_server_ciphers on;
> >> ? ? ssl_protocols SSLv3 TLSv1;
> >> ? ? ssl_verify_client off;
> >> ? ? ssl_verify_depth 1;
> >> ? ? ssl_session_cache shared:NGXSSL:1m;
> >> ? ? ssl_session_timeout 5m;
> >>
> >> ? ? # Wiki
> >> ? ? location = /wiki/ {
> >> ? ? ? ? alias /usr/local/www/skittles_wiki/;
> >> ? ? }
> >>
> >> ? ? location ~ .*\.php$ {
> >> ? ? ? ? try_files $uri /404.html;
> >> ? ? ? ? fastcgi_index index.php;
> >> ? ? ? ? fastcgi_ignore_client_abort off;
> >> ? ? ? ? fastcgi_intercept_errors off;
> >> ? ? ? ? fastcgi_pass 127.0.0.1:9000;
> >> ? ? ? ? fastcgi_read_timeout 10; # sec to wait for php-cgi to return data
> >> ? ? ? ? fastcgi_param SCRIPT_FILENAME $web_root$fastcgi_script_name;
> >> ? ? ? ? include /usr/local/etc/nginx/fastcgi_params;
> >> ? ? }
> >> }
> >
> > Frist, this
> >
> > ? ? # www redirect
> > ? ? if ($host ~* www\.(.*)) {
> > ? ? ? ? rewrite ^(.*)$ https://domain.tld$1 permanent;
> > ? ? }
> >
> > should be written as separate server:
> >
> > server {
> > ? ? server_name www.domain.tld;
> >
> > ? ? rewrite ^(.*)$ https://domain.tld$1 permanent;
> > }
> >
> > Second, "set" in
> >
> > ? ? set $web_root /usr/local/www/main;
> > ? ? ...
> > ? ? root $web_root;
> > ? ? ...
> > ? ? ? ? fastcgi_param SCRIPT_FILENAME $web_root$fastcgi_script_name;
> >
> > is just waste of CPU cycles and should be changed to
> >
> > ? ? root /usr/local/www/main;
> > ? ? ...
> > ? ? ? ? fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
> >
> > As to wiki, you need to omit "=":
> >
> > ? ? location /wiki/ {
> > ? ? ? ? alias /usr/local/www/skittles_wiki/;
> > ? ? }
> >
> >
> > --
> > Igor Sysoev
> > http://sysoev.ru/en/
> >
> >
> 
> Thanks for the quick reply Igor. However, the changes don't seem to
> make any difference; I'm still getting the 404 error. After playing
> around with my configuration, it seems to be related to the try_files
> inside the "location ~ .*\.php$" block. Do you (or anyone else) know
> of a way I can solve this? It's a big confusing.

What is in error_log ?


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Wed Jul 29 13:06:02 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 29 Jul 2009 13:06:02 +0400
Subject: custom 404 nginx + php-fpm
In-Reply-To: <2d6017ad5e69f0f52652525fea67663e.NginxMailingList@forum.nginx.org>
References: <2d6017ad5e69f0f52652525fea67663e.NginxMailingList@forum.nginx.org>
Message-ID: <20090729090601.GD51147@rambler-co.ru>

On Wed, Jul 29, 2009 at 04:49:10AM -0400, shaktale wrote:

> Hi all.
> 
> I have the folllowing config:
> 
>   
> # static files without rewrite
>   location ~ ^.+\.(js|jpe?g|gif|png|css)$ {
>         # 404 
>         try_files  $uri /index.php;
>         expires 1d;
>   }
> 
>   location / {
>      rewrite ^/(.+)_(.+)/(.+)/$ /index.php/action1/$1/action2/$2/action3/$3 last;
>      rewrite ^(/.+_.+/.+)([^/])$ $1$2/ permanent;
> 
>      try_files $uri /index.php?$args;
>   }
> 
>   # PHP
>   location ~ ^(.+\.php.*)$ {
>     fastcgi_split_path_info         ^(.+\.php)(.*)$;
>     fastcgi_pass   127.0.0.1:9000;
> 
>     include /usr/local/nginx/conf/fastcgi_params;
>     fastcgi_param  PATH_INFO        $fastcgi_path_info;
>     fastcgi_param  SCRIPT_NAME      $fastcgi_script_name;
>   }
> 
> 
> I want to handle 404 errors with application (index.php). 
> 
> Works fine, except urls with php files, ie mydomain.com/foo.php
> 
> The foo.php is passed to fcgi, and php-fpm returns "No input file specified." 
> 
> If I use try_file in the "location ~ ^(.+\.php.*)$", then, the rewrites stops working. An error_page does not work either.
> 
> Any ideas ? 

Probably yuo need somthing like this:

   location ~ ^.+\.(js|jpe?g|gif|png|css)$ {
        try_files  $uri /index.php;
        expires 1d;
   }

   loaction ~ ^/(.+)_(.+)/(.+)/$ {
        fastcgi_pass   127.0.0.1:9000;
        include /usr/local/nginx/conf/fastcgi_params;
        fastcgi_param  SCRIPT_FILENAME  /path/to/index.php;
        fastcgi_param  SCRIPT_NAME      /index.php;
        fastcgi_param  PATH_INFO        /action1/$1/action2/$2/action3/$3;
   }

   location ~ ^(/.+_.+/.+)([^/])$ {
       rewrite ^(/.+_.+/.+)([^/])$ $1$2/ permanent;
   }

   location ~ ^.+\.php$ {
       try_files $uri /index.php?$args;

       fastcgi_pass   127.0.0.1:9000;
       include /usr/local/nginx/conf/fastcgi_params;
       fastcgi_param  SCRIPT_FILENAME  /path/to$fastcgi_script_name;
       fastcgi_param  SCRIPT_NAME      $fastcgi_script_name;
   }

   location / {
       try_files $uri /index.php?$args;
   }


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Wed Jul 29 13:13:19 2009
From: nginx-forum at nginx.us (supergui)
Date: Wed, 29 Jul 2009 05:13:19 -0400
Subject: ngx_output_http_filter more than ones, ok?
Message-ID: <c34589529f27fa2e3aab285668b983a7.NginxMailingList@forum.nginx.org>

my module need to write data to the client, for some reason i can not get the whole buffer at once. that is i get a trunk buffer to output now, and i must wait the next trunk buffer and output it.  so i have to call ngx_output_http_filter from time to time until the whole data is output?? but i found the first time call ngx_output_http_filter is ok, later(after a timer) i call ngx_output_http_filter will result not i want? is what i do right, or i should implement it by other way?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4558,4558#msg-4558





From tripoux at gmail.com  Wed Jul 29 14:36:48 2009
From: tripoux at gmail.com (guiguite)
Date: Wed, 29 Jul 2009 12:36:48 +0200
Subject: how to limit concurrent uptream requests
In-Reply-To: <1f5f0ebe0907290316h3a6bd63bj1ed68f5050474067@mail.gmail.com>
References: <1f5f0ebe0907290316h3a6bd63bj1ed68f5050474067@mail.gmail.com>
Message-ID: <1f5f0ebe0907290336j334692f2mbaaa6df551a55810@mail.gmail.com>

Hello,

I'm trying to build the following setup :

N backends servers ? <--------> Nginx <---------------------> N clients

I would like Nginx to allow each backend servers to process only 10
request at the same time and return 503 if all backend servers are
"busy" (clients will understand 503 and try again later).

I tried the "upstream_fair" module
(http://nginx.localdomain.pl/wiki/UpstreamFair) on nginx 0.7.59 &
0.6.34
(debian) with the following configuration :

upstream test {
? server 10.1.0.54:80 weight=5;
? server 10.1.0.160:80 weight=5;
? server 10.1.0.161:80 weight=5;
? server 10.1.0.162:80 weight=5;
? fair weight_mode=peak;
}
server {
? ? ? ?listen 127.0.0.1:8888;
? ? ? ?server_name _;
? ? ? ?location / {
? ? ? ? ? ?proxy_pass http://test ;
? ? ? ?}
}

on the backend side I have a dummy php script simulating load (sleep
for 5-15 seconds then exit)

So what I understood (?! which can be often far from reality) reading
the documentation is that nginx will forward 20 requests to the 4
backends (5 max each) then reply 502 to all request over this global
limit until a backend slot is free.

So if if test my setup with siege :
$> siege -d1 -r3000 -c100 http://127.0.0.1:8888/1.php
(100 clients, 3000 requests/client, 1 sec delay)

I see only 4 request being processed in parallel by apache/php

I tried to increase worker_processes to 32 in nginx.conf but it didn't
change the behaviour.

Only "solution" I have found is to duplicate 5 times each backend
entries like this

? server 10.1.0.54:80;
? server 10.1.0.54:80;
? server 10.1.0.54:80;
? server 10.1.0.54:80;
? server 10.1.0.54:80;
? server 10.1.0.160:80;
? /* ... */
? server 10.1.0.161:80;
? /* ... */
? server 10.1.0.162:80;
? /* .... */
? fair weight_mode=peak;

And then I get 20 concurrent request running on apache/php & other
requests discarded by nginx with 502 but I doubt it is the
"good/proper way" of using upstream_fair ...

Has anyone tried to implement some similar configuration ?

Cheers,
/guillaume

Ps:sorry for terrible english




From mdounin at mdounin.ru  Wed Jul 29 15:02:07 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 29 Jul 2009 15:02:07 +0400
Subject: Content negotiation?
In-Reply-To: <4A70054B.3060300@gmail.com>
References: <6b1504c40907261308i497b50f0r2e7c43ff28a9f52e@mail.gmail.com> <20090727061939.GC57057@rambler-co.ru> <20090728001747.GO3297@node.waugh.id.au> <20090728070216.GD82436@rambler-co.ru> <4A70054B.3060300@gmail.com>
Message-ID: <20090729110207.GO1240@mdounin.ru>

Hello!

On Wed, Jul 29, 2009 at 05:16:11AM -0300, Juan Fco. Giordana wrote:

> Igor Sysoev wrote:
>> The question is how many people set (or have by default) right language
>> in browsers ?
>
> The download page of Opera, Firefox or IE provide you with the localized  
> version of the program by default, at least that works from Argentina.  
> So I assume most people have it but they don't know that it is there 
> anyway.
>
> I've learned to have all my programs in English and that part of content  
> negotiation is a pain for me.
>
> Also, the flash player plug-in download page offers a localized version  
> of the binary based on the IP geographic location).

The most funny use of Accept-Language based content negotiation 
I've seen on dsbl.org.  Since they have no version in Russian they 
returned default "300 Multiple Choices" page, effectively blocking 
localized IEs unless user is smart enough to change 
Accept-Language in settings.

Since then I personally think that content negotiation is 
something that should be considered as access check.  And since 
nginx already has pretty good access module - it's not really 
needed. :)

[sarcasm mode off]

It should be relatively simple to write module with such 
capabilities.  And I believe somebody already did this, at least 
something with name "Accept Language Module" is listed on 
wiki.nginx.org:

http://wiki.nginx.org/NginxAcceptLanguageModule

Maxim Dounin




From ml at melosi.it  Wed Jul 29 15:26:51 2009
From: ml at melosi.it (Daniele Melosi)
Date: Wed, 29 Jul 2009 13:26:51 +0200
Subject: header passed to fastcgi
Message-ID: <4A7031FB.3060301@melosi.it>

Hi all,

I notice that nginx when pass header to fastcgi add "HTTP_" at the 
beginning even if HTTP_ is already present like in the example below:

$ curl "http://127.0.0.1/daniele.php" --header "Host: localhost" 
--header "HTTP_TM_USER_ID: 36" --connect-timeout 3 | grep HTTP_TM_USER_ID
<tr><td class="e">_SERVER["HTTP_HTTP_TM_USER_ID"]</td><td 
class="v">36</td></tr>
<tr><td class="e">_ENV["HTTP_HTTP_TM_USER_ID"]</td><td 
class="v">36</td></tr>

Is it possible to avoid this and pass the header "as is" ?

Best Regards

Daniele




From mdounin at mdounin.ru  Wed Jul 29 16:01:48 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 29 Jul 2009 16:01:48 +0400
Subject: header passed to fastcgi
In-Reply-To: <4A7031FB.3060301@melosi.it>
References: <4A7031FB.3060301@melosi.it>
Message-ID: <20090729120148.GP1240@mdounin.ru>

Hello!

On Wed, Jul 29, 2009 at 01:26:51PM +0200, Daniele Melosi wrote:

> Hi all,
>
> I notice that nginx when pass header to fastcgi add "HTTP_" at the  
> beginning even if HTTP_ is already present like in the example below:
>
> $ curl "http://127.0.0.1/daniele.php" --header "Host: localhost"  
> --header "HTTP_TM_USER_ID: 36" --connect-timeout 3 | grep HTTP_TM_USER_ID
> <tr><td class="e">_SERVER["HTTP_HTTP_TM_USER_ID"]</td><td  
> class="v">36</td></tr>
> <tr><td class="e">_ENV["HTTP_HTTP_TM_USER_ID"]</td><td  
> class="v">36</td></tr>
>
> Is it possible to avoid this and pass the header "as is" ?

Prefix HTTP is used to make sure arbitrary http headers can't 
override environment.  Not using prefix if header already starts 
with 'HTTP' will make headers with and without 'http' prefix 
indistinguishable.

And, actually, it's not nginx decision, and not even php decision 
(it's php passes headers to your script, not nginx).  It's defined 
this way in CGI specs, see

http://hoohoo.ncsa.illinois.edu/cgi/env.html

for details.

Maxim Dounin




From is at rambler-co.ru  Wed Jul 29 16:01:57 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 29 Jul 2009 16:01:57 +0400
Subject: header passed to fastcgi
In-Reply-To: <4A7031FB.3060301@melosi.it>
References: <4A7031FB.3060301@melosi.it>
Message-ID: <20090729120157.GJ51147@rambler-co.ru>

On Wed, Jul 29, 2009 at 01:26:51PM +0200, Daniele Melosi wrote:

> Hi all,
> 
> I notice that nginx when pass header to fastcgi add "HTTP_" at the 
> beginning even if HTTP_ is already present like in the example below:
> 
> $ curl "http://127.0.0.1/daniele.php" --header "Host: localhost" 
> --header "HTTP_TM_USER_ID: 36" --connect-timeout 3 | grep HTTP_TM_USER_ID
> <tr><td class="e">_SERVER["HTTP_HTTP_TM_USER_ID"]</td><td 
> class="v">36</td></tr>
> <tr><td class="e">_ENV["HTTP_HTTP_TM_USER_ID"]</td><td 
> class="v">36</td></tr>
> 
> Is it possible to avoid this and pass the header "as is" ?

You may set

fastcgi_param HTTP_TM_USER_ID $HTTP_TM_USER_ID;


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Wed Jul 29 16:25:08 2009
From: nginx-forum at nginx.us (peacock)
Date: Wed, 29 Jul 2009 08:25:08 -0400
Subject: bug: POST to static page causes 405
In-Reply-To: <06fc5428919e87d2a0120c0d2e958d65.NginxMailingList@forum.nginx.org>
References: <370586.70909.qm@web46311.mail.sp1.yahoo.com> <20080520170233.GA17326@calomel.org> <A64EADCE-317F-43EB-8E32-4C1457513563@forum.nginx.org> <2c19ad1c0b5b635f640ba973271bce04.NginxMailingList@forum.nginx.org> <20090729083320.GB51147@forum.nginx.org> <06fc5428919e87d2a0120c0d2e958d65.NginxMailingList@forum.nginx.org>
Message-ID: <8a522e3aca9b39b6731676be282efad9.NginxMailingList@forum.nginx.org>

Moreover, windows version of how to use this patch does?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4429,4566#msg-4566





From nginx-forum at nginx.us  Wed Jul 29 16:24:28 2009
From: nginx-forum at nginx.us (peacock)
Date: Wed, 29 Jul 2009 08:24:28 -0400
Subject: bug: POST to static page causes 405
In-Reply-To: <20090729083320.GB51147@forum.nginx.org>
References: <370586.70909.qm@web46311.mail.sp1.yahoo.com> <20080520170233.GA17326@calomel.org> <A64EADCE-317F-43EB-8E32-4C1457513563@forum.nginx.org> <2c19ad1c0b5b635f640ba973271bce04.NginxMailingList@forum.nginx.org> <20090729083320.GB51147@forum.nginx.org>
Message-ID: <06fc5428919e87d2a0120c0d2e958d65.NginxMailingList@forum.nginx.org>

Igor Sysoev Wrote:
-------------------------------------------------------
> On Tue, Jul 28, 2009 at 11:49:53PM -0400, peacock
> wrote:
> 
> > Hope to solve this problem as soon as possible
> :)
> 
> Try the attached patch.
> 
> 
> -- 
> Igor Sysoev
> http://sysoev.ru/en/

thank you:)
But why does not this patch into the release as well?

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4429,4565#msg-4565





From nginx-forum at nginx.us  Wed Jul 29 16:36:05 2009
From: nginx-forum at nginx.us (meto)
Date: Wed, 29 Jul 2009 08:36:05 -0400
Subject: how to limit concurrent uptream requests
In-Reply-To: <1f5f0ebe0907290336j334692f2mbaaa6df551a55810@forum.nginx.org>
References: <1f5f0ebe0907290316h3a6bd63bj1ed68f5050474067@mail.gmail.com> <1f5f0ebe0907290336j334692f2mbaaa6df551a55810@forum.nginx.org>
Message-ID: <b733fbf814b2df09d151858235747bab.NginxMailingList@forum.nginx.org>

There is a module for that: http://wiki.nginx.org/Nginx3rdPartyModules#EY_Balancer_Module

But, personally i haven't tried it. Some time ago i used nginx+haproxy for queue handling.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4562,4567#msg-4567





From nunomagalhaes at eu.ipp.pt  Wed Jul 29 17:48:18 2009
From: nunomagalhaes at eu.ipp.pt (=?UTF-8?Q?Nuno_Magalh=C3=A3es?=)
Date: Wed, 29 Jul 2009 14:48:18 +0100
Subject: Content negotiation?
In-Reply-To: <20090729110207.GO1240@mdounin.ru>
References: <6b1504c40907261308i497b50f0r2e7c43ff28a9f52e@mail.gmail.com> 
	<20090727061939.GC57057@rambler-co.ru> <20090728001747.GO3297@node.waugh.id.au> 
	<20090728070216.GD82436@rambler-co.ru> <4A70054B.3060300@gmail.com> 
	<20090729110207.GO1240@mdounin.ru>
Message-ID: <6b1504c40907290648o3b4f62aeg6e149331b02ba1a7@mail.gmail.com>

> It should be relatively simple to write module with such
> capabilities. ?And I believe somebody already did this, at least
> something with name "Accept Language Module" is listed on
> wiki.nginx.org:
>
> http://wiki.nginx.org/NginxAcceptLanguageModule

As it has been said, content negotiation is much more than
language-choosing, and most incorrect implementations are on the
web-side, not on the http-server. But thanks for the link!! :)

-- 
()  ascii-rubanda kampajno - kontra? html-a retpo?to
/\  ascii ribbon campaign - against html e-mail




From samydelux at gmail.com  Wed Jul 29 18:03:50 2009
From: samydelux at gmail.com (Samuel Vogel)
Date: Wed, 29 Jul 2009 16:03:50 +0200
Subject: displaying standard 404 page, if php file is not found
Message-ID: <4A7056C6.6050608@gmail.com>

Hey,

I know this question has come up a couple of times, but the solutions 
posted here do not seem to work for me!
Here is the important part of my configuration:

     location ~ \.php$ {
         try_files  $uri  @404;

         fastcgi_pass   unix:/var/run/php-fpm/tourvital.sock;
         fastcgi_index  index.php;
         fastcgi_param  SCRIPT_FILENAME  www/$fastcgi_script_name;
         include fastcgi_params;
     }

     location @404 {
         return 404;
     }

This returns a 404 error for every PHP file, even existing ones!

Regards,
Samy




From edhoprima at gmail.com  Wed Jul 29 18:12:52 2009
From: edhoprima at gmail.com (Edho P Arief)
Date: Wed, 29 Jul 2009 21:12:52 +0700
Subject: displaying standard 404 page, if php file is not found
In-Reply-To: <4A7056C6.6050608@gmail.com>
References: <4A7056C6.6050608@gmail.com>
Message-ID: <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com>

On Wed, Jul 29, 2009 at 9:03 PM, Samuel Vogel<samydelux at gmail.com> wrote:
> Hey,
>
> I know this question has come up a couple of times, but the solutions posted
> here do not seem to work for me!
> Here is the important part of my configuration:
>
> ? ?location ~ \.php$ {
> ? ? ? ?try_files ?$uri ?@404;
>
> ? ? ? ?fastcgi_pass ? unix:/var/run/php-fpm/tourvital.sock;
> ? ? ? ?fastcgi_index ?index.php;
> ? ? ? ?fastcgi_param ?SCRIPT_FILENAME ?www/$fastcgi_script_name;
> ? ? ? ?include fastcgi_params;
> ? ?}
>
> ? ?location @404 {
> ? ? ? ?return 404;
> ? ?}
>
> This returns a 404 error for every PHP file, even existing ones!
>

where did you set the root directive? in another location block or in
server block?

also I don't remember ever seeing relative path for script_filename.


-- 
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org




From nginx-forum at nginx.us  Wed Jul 29 18:25:35 2009
From: nginx-forum at nginx.us (morten)
Date: Wed, 29 Jul 2009 10:25:35 -0400
Subject: Looking for help on fastcgi with different path
In-Reply-To: <20090618115520.GB60354@forum.nginx.org>
References: <9cbf3f070906180441l57d6796pfcd0fe5a9b1e377d@mail.gmail.com> <20090618115520.GB60354@forum.nginx.org>
Message-ID: <be594bf78b0b9b235e3858627b48ed9d.NginxMailingList@forum.nginx.org>

Igor Sysoev Wrote:
-------------------------------------------------------
....
> 
> An "alias" is incorrectly inherited in nested
> locations.
> This is the reason why the nested locations are
> still not officially
> supported. Probably this will help:
> 
>   location  ~ ^/x/(.+\.php)$ {
>       alias  /stat/$1;
>       fastcgi_pass  127.0.0.1:9000;
>       fastcgi_index  index.php;
>       fastcgi_param  SCRIPT_FILENAME 
> $request_filename;
>       include  fastcgi_params;
>   }

Actually, it works perfectly well with both the fastcgi_pass and fastcgi_index parameters residing in the fastcgi_params file instead of the nginx.conf file. 
In fact, you can even put the SCRIPT_FILENAME inside the fastcgi_params file too, as long as you don't need to set the root on nested locations.


nginx.conf file:
location  ~ ^/x/(.+\.php)$ {
    alias  /stat/$1;
    fastcgi_param  SCRIPT_FILENAME $request_filename;
    include  fastcgi_params;
}

fastcgi_params:

....
fastcgi_pass  127.0.0.1:9000;
fastcgi_index  index.php;






 
> There is no global fastcgi settings.
But we're getting very close...

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,3059,4571#msg-4571





From maccaday at gmail.com  Wed Jul 29 18:47:54 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Wed, 29 Jul 2009 17:47:54 +0300
Subject: Content negotiation?
In-Reply-To: <6b1504c40907290648o3b4f62aeg6e149331b02ba1a7@mail.gmail.com>
References: <6b1504c40907261308i497b50f0r2e7c43ff28a9f52e@mail.gmail.com> 	<20090727061939.GC57057@rambler-co.ru> <20090728001747.GO3297@node.waugh.id.au> 	<20090728070216.GD82436@rambler-co.ru> <4A70054B.3060300@gmail.com> 	<20090729110207.GO1240@mdounin.ru> <6b1504c40907290648o3b4f62aeg6e149331b02ba1a7@mail.gmail.com>
Message-ID: <4A70611A.8090502@gmail.com>

Hi,

Nuno Magalh?es wrote:
>> It should be relatively simple to write module with such
>> capabilities.  And I believe somebody already did this, at least
>> something with name "Accept Language Module" is listed on
>> wiki.nginx.org:
>>
>> http://wiki.nginx.org/NginxAcceptLanguageModule
>>     
Unless the code has been updated recently, there are some bugs with the 
code which would prevent it doing what it's supposed to (though the 
fixes are easy).

A few months ago I wrote a more advanced language-negotiation module 
that checked for a POST variable, a cookie and then the Accept-Language 
header (in that order) for language info, and set a cookie afterwards if 
not already set. 

I'm thinking about adding MIME negotiation too. (e.g. being able to 
switch between gif, png, svg).

I'm working on other stuff right now, but could check that it's working 
and publish it if people are interested.

Any other requests?

Note that you can currently do content negotiation using if (...) 
statements and regexes on $http_ variables - incorporating them into a 
module would probably just speed things up a bit.

Marcus.




From samydelux at gmail.com  Wed Jul 29 18:53:43 2009
From: samydelux at gmail.com (Samuel Vogel)
Date: Wed, 29 Jul 2009 16:53:43 +0200
Subject: displaying standard 404 page, if php file is not found
In-Reply-To: <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com>
References: <4A7056C6.6050608@gmail.com> <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com>
Message-ID: <4A706277.40102@gmail.com>

Am 29.07.09 16:12, schrieb Edho P Arief:
> On Wed, Jul 29, 2009 at 9:03 PM, Samuel Vogel<samydelux at gmail.com>  wrote:
>    
>> Hey,
>>
>> I know this question has come up a couple of times, but the solutions posted
>> here do not seem to work for me!
>> Here is the important part of my configuration:
>>
>>     location ~ \.php$ {
>>         try_files  $uri  @404;
>>
>>         fastcgi_pass   unix:/var/run/php-fpm/domain.sock;
>>         fastcgi_index  index.php;
>>         fastcgi_param  SCRIPT_FILENAME  www/$fastcgi_script_name;
>>         include fastcgi_params;
>>     }
>>
>>     location @404 {
>>         return 404;
>>     }
>>
>> This returns a 404 error for every PHP file, even existing ones!
>>
>>      
> where did you set the root directive? in another location block or in
> server block?
>
> also I don't remember ever seeing relative path for script_filename
It's not relative, php ist just chrootet to /var/www/domain/.

Here is my complete configuration:
server {
     listen   80;
     server_name  domain.de;

     access_log  /var/log/nginx/domain.access.log;

     location / {
         root   /var/www/domain/www;
         index  index.html index.php;
     }

     location ~ \.php$ {
         try_files  $uri  @404;

         fastcgi_pass   unix:/var/run/php-fpm/domain.sock;
         fastcgi_index  index.php;
         fastcgi_param  SCRIPT_FILENAME  /www/$fastcgi_script_name;
         include fastcgi_params;
     }

     location @404 {
         return 404;
     }

     location ~ /\.ht {
         deny  all;
     }
}




From nunomagalhaes at eu.ipp.pt  Wed Jul 29 18:57:41 2009
From: nunomagalhaes at eu.ipp.pt (=?UTF-8?Q?Nuno_Magalh=C3=A3es?=)
Date: Wed, 29 Jul 2009 15:57:41 +0100
Subject: displaying standard 404 page, if php file is not found
In-Reply-To: <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com>
References: <4A7056C6.6050608@gmail.com> <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com>
Message-ID: <6b1504c40907290757m682f1d97mfdf9111d08bbd95@mail.gmail.com>

Here's mine. Don't know about that try-files thing, this one works for
me. Any nonexistent files get my 404 page.

	error_page  404  /40x.html;
	location = /40x.html {
		root   /var/www/nginx-default;
	}
	location ~ \.(php|html)$ {
		fastcgi_pass   localhost:9000;
		fastcgi_index  index.php;
		fastcgi_param  SCRIPT_FILENAME /var/www/nginx-default$fastcgi_script_name;
		fastcgi_param DOCUMENT_ROOT /var/www/nginx-default;
		fastcgi_intercept_errors on;
		include fastcgi_params;
	}

You should use absolute paths though...

HTH

-- 
()  ascii-rubanda kampajno - kontra? html-a retpo?to
/\  ascii ribbon campaign - against html e-mail




From is at rambler-co.ru  Wed Jul 29 19:00:04 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 29 Jul 2009 19:00:04 +0400
Subject: displaying standard 404 page, if php file is not found
In-Reply-To: <4A706277.40102@gmail.com>
References: <4A7056C6.6050608@gmail.com> <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com> <4A706277.40102@gmail.com>
Message-ID: <20090729150004.GO51147@rambler-co.ru>

On Wed, Jul 29, 2009 at 04:53:43PM +0200, Samuel Vogel wrote:

> Am 29.07.09 16:12, schrieb Edho P Arief:
> >On Wed, Jul 29, 2009 at 9:03 PM, Samuel Vogel<samydelux at gmail.com>  wrote:
> >   
> >>Hey,
> >>
> >>I know this question has come up a couple of times, but the solutions 
> >>posted
> >>here do not seem to work for me!
> >>Here is the important part of my configuration:
> >>
> >>    location ~ \.php$ {
> >>        try_files  $uri  @404;
> >>
> >>        fastcgi_pass   unix:/var/run/php-fpm/domain.sock;
> >>        fastcgi_index  index.php;
> >>        fastcgi_param  SCRIPT_FILENAME  www/$fastcgi_script_name;
> >>        include fastcgi_params;
> >>    }
> >>
> >>    location @404 {
> >>        return 404;
> >>    }
> >>
> >>This returns a 404 error for every PHP file, even existing ones!
> >>
> >>     
> >where did you set the root directive? in another location block or in
> >server block?
> >
> >also I don't remember ever seeing relative path for script_filename
> It's not relative, php ist just chrootet to /var/www/domain/.
> 
> Here is my complete configuration:
> server {
>     listen   80;
>     server_name  domain.de;
> 
>     access_log  /var/log/nginx/domain.access.log;
> 
>     location / {
>         root   /var/www/domain/www;
>         index  index.html index.php;
>     }
> 
>     location ~ \.php$ {
>         try_files  $uri  @404;

+         root   /www;

>         fastcgi_pass   unix:/var/run/php-fpm/domain.sock;
>         fastcgi_index  index.php;
>         fastcgi_param  SCRIPT_FILENAME  /www/$fastcgi_script_name;
>         include fastcgi_params;
>     }
> 
>     location @404 {
>         return 404;
>     }
> 
>     location ~ /\.ht {
>         deny  all;
>     }
> }


-- 
Igor Sysoev
http://sysoev.ru/en/




From samydelux at gmail.com  Wed Jul 29 19:26:12 2009
From: samydelux at gmail.com (Samuel Vogel)
Date: Wed, 29 Jul 2009 17:26:12 +0200
Subject: displaying standard 404 page, if php file is not found
In-Reply-To: <20090729150004.GO51147@rambler-co.ru>
References: <4A7056C6.6050608@gmail.com> <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com> <4A706277.40102@gmail.com> <20090729150004.GO51147@rambler-co.ru>
Message-ID: <4A706A14.2010108@gmail.com>

Am 29.07.09 17:00, schrieb Igor Sysoev:
> On Wed, Jul 29, 2009 at 04:53:43PM +0200, Samuel Vogel wrote:
>
>    
>> Am 29.07.09 16:12, schrieb Edho P Arief:
>>      
>>> On Wed, Jul 29, 2009 at 9:03 PM, Samuel Vogel<samydelux at gmail.com>   wrote:
>>>
>>>        
>>>> Hey,
>>>>
>>>> I know this question has come up a couple of times, but the solutions
>>>> posted
>>>> here do not seem to work for me!
>>>> Here is the important part of my configuration:
>>>>
>>>>     location ~ \.php$ {
>>>>         try_files  $uri  @404;
>>>>
>>>>         fastcgi_pass   unix:/var/run/php-fpm/domain.sock;
>>>>         fastcgi_index  index.php;
>>>>         fastcgi_param  SCRIPT_FILENAME  www/$fastcgi_script_name;
>>>>         include fastcgi_params;
>>>>     }
>>>>
>>>>     location @404 {
>>>>         return 404;
>>>>     }
>>>>
>>>> This returns a 404 error for every PHP file, even existing ones!
>>>>
>>>>
>>>>          
>>> where did you set the root directive? in another location block or in
>>> server block?
>>>
>>> also I don't remember ever seeing relative path for script_filename
>>>        
>> It's not relative, php ist just chrootet to /var/www/domain/.
>>
>> Here is my complete configuration:
>> server {
>>      listen   80;
>>      server_name  domain.de;
>>
>>      access_log  /var/log/nginx/domain.access.log;
>>
>>      location / {
>>          root   /var/www/domain/www;
>>          index  index.html index.php;
>>      }
>>
>>      location ~ \.php$ {
>>          try_files  $uri  @404;
>>      
> +         root   /www;
>
>    
>>          fastcgi_pass   unix:/var/run/php-fpm/domain.sock;
>>          fastcgi_index  index.php;
>>          fastcgi_param  SCRIPT_FILENAME  /www/$fastcgi_script_name;
>>          include fastcgi_params;
>>      }
>>
>>      location @404 {
>>          return 404;
>>      }
>>
>>      location ~ /\.ht {
>>          deny  all;
>>      }
>> }
>>      
Doesn't seem to fix the problem either. My config now reads:

server {
     listen   80;
     server_name  domain.de;

     access_log  /var/log/nginx/domain.access.log;

     location / {
         root   /var/www/domain/www;
         index  index.html index.php;
     }

     location ~ \.php$ {
         try_files  $uri  @404;
         root /www;

         fastcgi_pass   unix:/var/run/php-fpm/domain.sock;
         fastcgi_index  index.php;
         fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
         include fastcgi_params;
     }

     location @404 {
         return 404;
     }

     location ~ /\.ht {
         deny  all;
     }
}




From edhoprima at gmail.com  Wed Jul 29 19:39:08 2009
From: edhoprima at gmail.com (Edho P Arief)
Date: Wed, 29 Jul 2009 22:39:08 +0700
Subject: displaying standard 404 page, if php file is not found
In-Reply-To: <4A706A14.2010108@gmail.com>
References: <4A7056C6.6050608@gmail.com>
	 <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com>
	 <4A706277.40102@gmail.com> <20090729150004.GO51147@rambler-co.ru>
	 <4A706A14.2010108@gmail.com>
Message-ID: <a3780c060907290839n4cc6a019s5a60a4e9768424b6@mail.gmail.com>

2009/7/29 Samuel Vogel <samydelux at gmail.com>:
> Doesn't seem to fix the problem either. My config now reads:
>
> server {
> ? ?listen ? 80;
> ? ?server_name ?domain.de;
>
> ? ?access_log ?/var/log/nginx/domain.access.log;
>
> ? ?location / {
> ? ? ? ?root ? /var/www/domain/www;
> ? ? ? ?index ?index.html index.php;
> ? ?}
>
> ? ?location ~ \.php$ {
> ? ? ? ?try_files ?$uri ?@404;
> ? ? ? ?root /www;
>
> ? ? ? ?fastcgi_pass ? unix:/var/run/php-fpm/domain.sock;
> ? ? ? ?fastcgi_index ?index.php;
> ? ? ? ?fastcgi_param ?SCRIPT_FILENAME ?$document_root$fastcgi_script_name;
> ? ? ? ?include fastcgi_params;
> ? ?}
>
> ? ?location @404 {
> ? ? ? ?return 404;
> ? ?}
>
> ? ?location ~ /\.ht {
> ? ? ? ?deny ?all;
> ? ?}
> }
>
>

the root here is used by nginx - you need to specify full path.

and change $document_root back to /www

-- 
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org




From samydelux at gmail.com  Wed Jul 29 20:12:18 2009
From: samydelux at gmail.com (Samuel Vogel)
Date: Wed, 29 Jul 2009 18:12:18 +0200
Subject: displaying standard 404 page, if php file is not found
In-Reply-To: <a3780c060907290839n4cc6a019s5a60a4e9768424b6@mail.gmail.com>
References: <4A7056C6.6050608@gmail.com>	 <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com>	 <4A706277.40102@gmail.com> <20090729150004.GO51147@rambler-co.ru>	 <4A706A14.2010108@gmail.com> <a3780c060907290839n4cc6a019s5a60a4e9768424b6@mail.gmail.com>
Message-ID: <4A7074E2.5090003@gmail.com>

Am 29.07.09 17:39, schrieb Edho P Arief:
> 2009/7/29 Samuel Vogel<samydelux at gmail.com>:
>    
>> Doesn't seem to fix the problem either. My config now reads:
>>
>> server {
>>     listen   80;
>>     server_name  domain.de;
>>
>>     access_log  /var/log/nginx/domain.access.log;
>>
>>     location / {
>>         root   /var/www/domain/www;
>>         index  index.html index.php;
>>     }
>>
>>     location ~ \.php$ {
>>         try_files  $uri  @404;
>>         root /www;
>>
>>         fastcgi_pass   unix:/var/run/php-fpm/domain.sock;
>>         fastcgi_index  index.php;
>>         fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
>>         include fastcgi_params;
>>     }
>>
>>     location @404 {
>>         return 404;
>>     }
>>
>>     location ~ /\.ht {
>>         deny  all;
>>     }
>> }
>>
>>
>>      
> the root here is used by nginx - you need to specify full path.
>
> and change $document_root back to /www
>    
Doesn't make a difference, just changed it because of Igor's suggestion!

Regards,
Samy




From piotr.sikora at frickle.com  Wed Jul 29 20:17:05 2009
From: piotr.sikora at frickle.com (Piotr Sikora)
Date: Wed, 29 Jul 2009 18:17:05 +0200
Subject: displaying standard 404 page, if php file is not found
References: <4A7056C6.6050608@gmail.com> <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com> <4A706277.40102@gmail.com> <20090729150004.GO51147@rambler-co.ru> <4A706A14.2010108@gmail.com>
Message-ID: <D5E7ECFCD82C414F92CB57DFCC67F904@nightmare>

>         try_files  $uri  @404;

Try using "error_page" instead of "try_files".

AFAIK "try_files" is supposed to work static files, not FastCGI / proxy.

Best regards,
Piotr Sikora < piotr.sikora at frickle.com >





From samydelux at gmail.com  Wed Jul 29 20:25:28 2009
From: samydelux at gmail.com (Samuel Vogel)
Date: Wed, 29 Jul 2009 18:25:28 +0200
Subject: displaying standard 404 page, if php file is not found
In-Reply-To: <D5E7ECFCD82C414F92CB57DFCC67F904@nightmare>
References: <4A7056C6.6050608@gmail.com> <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com> <4A706277.40102@gmail.com> <20090729150004.GO51147@rambler-co.ru> <4A706A14.2010108@gmail.com> <D5E7ECFCD82C414F92CB57DFCC67F904@nightmare>
Message-ID: <4A7077F8.4080502@gmail.com>

Am 29.07.09 18:17, schrieb Piotr Sikora:
>>         try_files  $uri  @404;
>
> Try using "error_page" instead of "try_files".
>
> AFAIK "try_files" is supposed to work static files, not FastCGI / proxy.
But the file does exist, shouldn't try_files be able to check that?

Regards,
Samy




From edhoprima at gmail.com  Wed Jul 29 21:14:35 2009
From: edhoprima at gmail.com (Edho P Arief)
Date: Thu, 30 Jul 2009 00:14:35 +0700
Subject: displaying standard 404 page, if php file is not found
In-Reply-To: <4A7074E2.5090003@gmail.com>
References: <4A7056C6.6050608@gmail.com>
	 <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com>
	 <4A706277.40102@gmail.com> <20090729150004.GO51147@rambler-co.ru>
	 <4A706A14.2010108@gmail.com>
	 <a3780c060907290839n4cc6a019s5a60a4e9768424b6@mail.gmail.com>
	 <4A7074E2.5090003@gmail.com>
Message-ID: <a3780c060907291014n578563a5m7494163657e523aa@mail.gmail.com>

On Wed, Jul 29, 2009 at 11:12 PM, Samuel Vogel<samydelux at gmail.com> wrote:
> Am 29.07.09 17:39, schrieb Edho P Arief:
>>
>> 2009/7/29 Samuel Vogel<samydelux at gmail.com>:
>>
>>>
>>> Doesn't seem to fix the problem either. My config now reads:
>>>
>>> server {
>>> ? ?listen ? 80;
>>> ? ?server_name ?domain.de;
>>>
>>> ? ?access_log ?/var/log/nginx/domain.access.log;
>>>
>>> ? ?location / {
>>> ? ? ? ?root ? /var/www/domain/www;
>>> ? ? ? ?index ?index.html index.php;
>>> ? ?}
>>>
>>> ? ?location ~ \.php$ {
>>> ? ? ? ?try_files ?$uri ?@404;
>>> ? ? ? ?root /www;
>>>
>>> ? ? ? ?fastcgi_pass ? unix:/var/run/php-fpm/domain.sock;
>>> ? ? ? ?fastcgi_index ?index.php;
>>> ? ? ? ?fastcgi_param ?SCRIPT_FILENAME
>>> ?$document_root$fastcgi_script_name;
>>> ? ? ? ?include fastcgi_params;
>>> ? ?}
>>>
>>> ? ?location @404 {
>>> ? ? ? ?return 404;
>>> ? ?}
>>>
>>> ? ?location ~ /\.ht {
>>> ? ? ? ?deny ?all;
>>> ? ?}
>>> }
>>>
>>>
>>>
>>
>> the root here is used by nginx - you need to specify full path.
>>
>> and change $document_root back to /www
>>
>
> Doesn't make a difference, just changed it because of Igor's suggestion!

which doesn't make difference?

root /var/www/domain/www;

or

fastcgi_param  SCRIPT_FILENAME /www$fastcgi_script_name;

??

-- 
O< ascii ribbon campaign - stop html mail - www.asciiribbon.org




From is at rambler-co.ru  Wed Jul 29 21:17:04 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 29 Jul 2009 21:17:04 +0400
Subject: displaying standard 404 page, if php file is not found
In-Reply-To: <4A7077F8.4080502@gmail.com>
References: <4A7056C6.6050608@gmail.com> <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com> <4A706277.40102@gmail.com> <20090729150004.GO51147@rambler-co.ru> <4A706A14.2010108@gmail.com> <D5E7ECFCD82C414F92CB57DFCC67F904@nightmare> <4A7077F8.4080502@gmail.com>
Message-ID: <20090729171704.GA63633@rambler-co.ru>

On Wed, Jul 29, 2009 at 06:25:28PM +0200, Samuel Vogel wrote:

> Am 29.07.09 18:17, schrieb Piotr Sikora:
> >>        try_files  $uri  @404;
> >
> >Try using "error_page" instead of "try_files".
> >
> >AFAIK "try_files" is supposed to work static files, not FastCGI / proxy.
> But the file does exist, shouldn't try_files be able to check that?

try_files is able to check. You just need to set valid root in

location ~ \.php$ {

it may be

    root   /var/www/domain/www;
or
    root   /www;

depending on your setup.


-- 
Igor Sysoev
http://sysoev.ru/en/




From samydelux at gmail.com  Wed Jul 29 21:25:22 2009
From: samydelux at gmail.com (Samuel Vogel)
Date: Wed, 29 Jul 2009 19:25:22 +0200
Subject: displaying standard 404 page, if php file is not found
In-Reply-To: <a3780c060907291014n578563a5m7494163657e523aa@mail.gmail.com>
References: <4A7056C6.6050608@gmail.com>	 <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com>	 <4A706277.40102@gmail.com> <20090729150004.GO51147@rambler-co.ru>	 <4A706A14.2010108@gmail.com>	 <a3780c060907290839n4cc6a019s5a60a4e9768424b6@mail.gmail.com>	 <4A7074E2.5090003@gmail.com> <a3780c060907291014n578563a5m7494163657e523aa@mail.gmail.com>
Message-ID: <4A708602.7020406@gmail.com>

Am 29.07.09 19:14, schrieb Edho P Arief:
> On Wed, Jul 29, 2009 at 11:12 PM, Samuel Vogel<samydelux at gmail.com>  wrote:
>    
>> Am 29.07.09 17:39, schrieb Edho P Arief:
>>      
>>> 2009/7/29 Samuel Vogel<samydelux at gmail.com>:
>>>
>>>        
>>>> Doesn't seem to fix the problem either. My config now reads:
>>>>
>>>> server {
>>>>     listen   80;
>>>>     server_name  domain.de;
>>>>
>>>>     access_log  /var/log/nginx/domain.access.log;
>>>>
>>>>     location / {
>>>>         root   /var/www/domain/www;
>>>>         index  index.html index.php;
>>>>     }
>>>>
>>>>     location ~ \.php$ {
>>>>         try_files  $uri  @404;
>>>>         root /www;
>>>>
>>>>         fastcgi_pass   unix:/var/run/php-fpm/domain.sock;
>>>>         fastcgi_index  index.php;
>>>>         fastcgi_param  SCRIPT_FILENAME
>>>>   $document_root$fastcgi_script_name;
>>>>         include fastcgi_params;
>>>>     }
>>>>
>>>>     location @404 {
>>>>         return 404;
>>>>     }
>>>>
>>>>     location ~ /\.ht {
>>>>         deny  all;
>>>>     }
>>>> }
>>>>
>>>>
>>>>
>>>>          
>>> the root here is used by nginx - you need to specify full path.
>>>
>>> and change $document_root back to /www
>>>
>>>        
>> Doesn't make a difference, just changed it because of Igor's suggestion!
>>      
> which doesn't make difference?
>
> root /var/www/domain/www;
>
> or
>
> fastcgi_param  SCRIPT_FILENAME /www$fastcgi_script_name;
>
> ??
>    
Either one, both don't work ;)




From dale.gallagher at gmail.com  Wed Jul 29 21:30:57 2009
From: dale.gallagher at gmail.com (dale gallagher)
Date: Wed, 29 Jul 2009 19:30:57 +0200
Subject: Issue with variables in access_log and error_log
Message-ID: <4A708751.4060704@gmail.com>

Hi there

I'm running nginx 0.7.61 on Linux. Using spawn-fcgi under damontools
which runs under a separate uid per virtual host and creates a socket
/var/run/php/$domain/socket

I've configured nginx as per the config below. Everything works well,
but including variables in access_log and error_log give the error:

[emerg]: open() "/usr/$webroot/$domain/log/error.log" failed (2: No such
file or directory)

This seems to indicate that the variables aren't being expanded
properly? In particular, the prepended '/usr' part must be from the
--prefix definition when building nginx???

nginx runs as user 'www' which has write access to each of the
/var/www/$domain/log directories (by group ownership and 770 perms).

Any pointers would be appreciated.

Thanks
Dale

----- config -----

user www;
.....
..
http {
   ...
   server {
     listen 80;

     server_name _;
     server_name_in_redirect off;

     set $webroot /var/www;

     set $domain $host;
     if ($domain ~ "^(w{3}\.)?(.*)") {
       set $domain $2;
     }

     access_log $webroot/$domain/log/access.log;
     error_log $webroot/$domain/log/error.log error;

     root $webroot/$domain/public;

     location / {
       index index.html index.php index.php4 dispatch.fcgi index.cgi;
       try_files $uri $uri/ @wordpress;
     }
     # serve static files directly
     location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|html)$ {
       expires 30d;
     }
     location ~* \.(ht|conf$|db$|lib$|cfg$|inc$|bak$) {
       deny all;
     }
     location ~ \.php$ {
       try_files $uri @wordpress;
       fastcgi_pass   unix:/var/run/php/$domain/socket;
       fastcgi_index  index.php;
       fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
       include        fastcgi_params;
     }
     location @wordpress {
       fastcgi_pass   unix:/var/run/php/$domain/socket;
       fastcgi_param  SCRIPT_FILENAME $document_root/index.php;
       include        fastcgi_params;
     }
   }
}





From nunomagalhaes at eu.ipp.pt  Wed Jul 29 21:43:36 2009
From: nunomagalhaes at eu.ipp.pt (=?UTF-8?Q?Nuno_Magalh=C3=A3es?=)
Date: Wed, 29 Jul 2009 18:43:36 +0100
Subject: displaying standard 404 page, if php file is not found
In-Reply-To: <4A708602.7020406@gmail.com>
References: <4A7056C6.6050608@gmail.com> <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com> 
	<4A706277.40102@gmail.com> <20090729150004.GO51147@rambler-co.ru> 
	<4A706A14.2010108@gmail.com> <a3780c060907290839n4cc6a019s5a60a4e9768424b6@mail.gmail.com> 
	<4A7074E2.5090003@gmail.com> <a3780c060907291014n578563a5m7494163657e523aa@mail.gmail.com> 
	<4A708602.7020406@gmail.com>
Message-ID: <6b1504c40907291043h3906c2ebp12c2d02a44b35437@mail.gmail.com>

> Either one, both don't work ;)

Try backing up your current configuration and starting from scratch
using whatever basic "nginx.conf" and "default" files that come with
your distro. You can also obtain such data from
http://wiki.nginx.org/NginxConfiguration

-- 
()  ascii-rubanda kampajno - kontra? html-a retpo?to
/\  ascii ribbon campaign - against html e-mail




From mdounin at mdounin.ru  Wed Jul 29 21:54:26 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Wed, 29 Jul 2009 21:54:26 +0400
Subject: Issue with variables in access_log and error_log
In-Reply-To: <4A708751.4060704@gmail.com>
References: <4A708751.4060704@gmail.com>
Message-ID: <20090729175425.GA8794@mdounin.ru>

Hello!

On Wed, Jul 29, 2009 at 07:30:57PM +0200, dale gallagher wrote:

> Hi there
>
> I'm running nginx 0.7.61 on Linux. Using spawn-fcgi under damontools
> which runs under a separate uid per virtual host and creates a socket
> /var/run/php/$domain/socket
>
> I've configured nginx as per the config below. Everything works well,
> but including variables in access_log and error_log give the error:
>
> [emerg]: open() "/usr/$webroot/$domain/log/error.log" failed (2: No such
> file or directory)

Directive error_log does not support variables.

Directive access_log do support them, but it's not recomended to 
use variables just to shorten configs as it implies extra [useless] work 
on each request.

Maxim Dounin

>
> This seems to indicate that the variables aren't being expanded
> properly? In particular, the prepended '/usr' part must be from the
> --prefix definition when building nginx???
>
> nginx runs as user 'www' which has write access to each of the
> /var/www/$domain/log directories (by group ownership and 770 perms).
>
> Any pointers would be appreciated.
>
> Thanks
> Dale
>
> ----- config -----
>
> user www;
> .....
> ..
> http {
>   ...
>   server {
>     listen 80;
>
>     server_name _;
>     server_name_in_redirect off;
>
>     set $webroot /var/www;
>
>     set $domain $host;
>     if ($domain ~ "^(w{3}\.)?(.*)") {
>       set $domain $2;
>     }
>
>     access_log $webroot/$domain/log/access.log;
>     error_log $webroot/$domain/log/error.log error;
>
>     root $webroot/$domain/public;
>
>     location / {
>       index index.html index.php index.php4 dispatch.fcgi index.cgi;
>       try_files $uri $uri/ @wordpress;
>     }
>     # serve static files directly
>     location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|html)$ {
>       expires 30d;
>     }
>     location ~* \.(ht|conf$|db$|lib$|cfg$|inc$|bak$) {
>       deny all;
>     }
>     location ~ \.php$ {
>       try_files $uri @wordpress;
>       fastcgi_pass   unix:/var/run/php/$domain/socket;
>       fastcgi_index  index.php;
>       fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
>       include        fastcgi_params;
>     }
>     location @wordpress {
>       fastcgi_pass   unix:/var/run/php/$domain/socket;
>       fastcgi_param  SCRIPT_FILENAME $document_root/index.php;
>       include        fastcgi_params;
>     }
>   }
> }
>
>




From dale.gallagher at gmail.com  Wed Jul 29 21:55:09 2009
From: dale.gallagher at gmail.com (Dale Gallagher)
Date: Wed, 29 Jul 2009 19:55:09 +0200
Subject: Issue with variables in access_log and error_log
In-Reply-To: <4A708751.4060704@gmail.com>
References: <4A708751.4060704@gmail.com>
Message-ID: <3304ce0e0907291055x2cd346dcua97f8896bd4f38a5@mail.gmail.com>

Dale Gallagher wrote:
> access_log $webroot/$domain/log/access.log;
> error_log $webroot/$domain/log/error.log error;

I've just seen the other post about error_log not supporting
variables, so changed the config to that below.

    error_log /var/www/default/log/error.log error;

    set $webroot /var/www;

    set $domain $host;
    # remove www hostname, if there
    if ($domain ~ "^(w{3}\.)?(.*)") {
      set $domain $2;
    }

    open_log_file_cache max=1000;
    access_log /var/www/$domain/log/access.log;

I had to omit the use of $webroot as the first part of the access_log
path because nginx prepended /usr and the moaned about permission
denied (obviously). ie. it was:

  access_log $webroot/$domain/log/access.log

... which nginx expanded to /usr//var/ww/$domain/log/access.log

so I had to hard-code the config as:

  access_log /var/www/$domain/log/access.log

Is the above a bug perhaps, or something to do with how I built nginx?
It seems if there isn't a '/' at the beginning of the path (before the
variables are expanded) that /usr is prepended.

Lastly, why include support for variable expansion in access_log, but
not error_log. I'm curious.

Thanks
Dale




From samydelux at gmail.com  Wed Jul 29 22:00:22 2009
From: samydelux at gmail.com (Samuel Vogel)
Date: Wed, 29 Jul 2009 20:00:22 +0200
Subject: displaying standard 404 page, if php file is not found
In-Reply-To: <20090729171704.GA63633@rambler-co.ru>
References: <4A7056C6.6050608@gmail.com> <a3780c060907290712i7c739e2eu977123782055bade@mail.gmail.com> <4A706277.40102@gmail.com> <20090729150004.GO51147@rambler-co.ru> <4A706A14.2010108@gmail.com> <D5E7ECFCD82C414F92CB57DFCC67F904@nightmare> <4A7077F8.4080502@gmail.com> <20090729171704.GA63633@rambler-co.ru>
Message-ID: <4A708E36.3050509@gmail.com>

Am 29.07.09 19:17, schrieb Igor Sysoev:
> On Wed, Jul 29, 2009 at 06:25:28PM +0200, Samuel Vogel wrote:
>    
>> Am 29.07.09 18:17, schrieb Piotr Sikora:
>>      
>>>>         try_files  $uri  @404;
>>>>          
>>> Try using "error_page" instead of "try_files".
>>>
>>> AFAIK "try_files" is supposed to work static files, not FastCGI / proxy.
>>>        
>> But the file does exist, shouldn't try_files be able to check that?
>>      
> try_files is able to check. You just need to set valid root in
>
> location ~ \.php$ {
>
> it may be
>
>      root   /var/www/domain/www;
> or
>      root   /www;
>
> depending on your setup.
>    
Thanks, your post solved the problem! The problem was, that of course 
root was only set for location /, and not in the php location.
Moved it to the server {} definition and everything works fine!

Regards,
Samy




From is at rambler-co.ru  Wed Jul 29 22:41:46 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Wed, 29 Jul 2009 22:41:46 +0400
Subject: Issue with variables in access_log and error_log
In-Reply-To: <3304ce0e0907291055x2cd346dcua97f8896bd4f38a5@mail.gmail.com>
References: <4A708751.4060704@gmail.com> <3304ce0e0907291055x2cd346dcua97f8896bd4f38a5@mail.gmail.com>
Message-ID: <20090729184145.GB63633@rambler-co.ru>

On Wed, Jul 29, 2009 at 07:55:09PM +0200, Dale Gallagher wrote:

> Dale Gallagher wrote:
> > access_log $webroot/$domain/log/access.log;
> > error_log $webroot/$domain/log/error.log error;
> 
> I've just seen the other post about error_log not supporting
> variables, so changed the config to that below.
> 
>     error_log /var/www/default/log/error.log error;
> 
>     set $webroot /var/www;
> 
>     set $domain $host;
>     # remove www hostname, if there
>     if ($domain ~ "^(w{3}\.)?(.*)") {
>       set $domain $2;
>     }
> 
>     open_log_file_cache max=1000;
>     access_log /var/www/$domain/log/access.log;

Since 0.7.44 you may use 

      server_name  ~^(w{3}\.)?(.*)$;
      set   $domain  $2;
      open_log_file_cache max=1000;
      access_log /var/www/$domain/log/access.log;

> I had to omit the use of $webroot as the first part of the access_log
> path because nginx prepended /usr and the moaned about permission
> denied (obviously). ie. it was:
> 
>   access_log $webroot/$domain/log/access.log
> 
> ... which nginx expanded to /usr//var/ww/$domain/log/access.log
> 
> so I had to hard-code the config as:
> 
>   access_log /var/www/$domain/log/access.log
> 
> Is the above a bug perhaps, or something to do with how I built nginx?
> It seems if there isn't a '/' at the beginning of the path (before the
> variables are expanded) that /usr is prepended.

This is a bug. Currently this works as expected only for

root   $var;

> Lastly, why include support for variable expansion in access_log, but
> not error_log. I'm curious.

First of all, I personally never use access_log with variables.
However, I use separate access_log's for servers. As to error_log I usually
use single log for all sites, since nginx logs enough information required
to identify server: "server: ..., host: ...". I prefer to look problems
in single place.


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Thu Jul 30 01:50:10 2009
From: nginx-forum at nginx.us (komone)
Date: Wed, 29 Jul 2009 17:50:10 -0400
Subject: Proxy pass, upstream and http/1.0
Message-ID: <b1cd268b82a37d7dee966abe3b96be17.NginxMailingList@forum.nginx.org>

Hi,

It is correct that Nginx can/will only establish a 1.0 connection to an upstream application server? I can't see a way to make the proxy-pass honor 1.1 protocol. Am I looking in the wrong place in the docs or am I missing something fundamental? Is the use of proxy-pass and upstream the wrong approach to front-ending a web app server?

TIA,
Steve

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4593,4593#msg-4593





From cliff at develix.com  Thu Jul 30 02:23:34 2009
From: cliff at develix.com (Cliff Wells)
Date: Wed, 29 Jul 2009 15:23:34 -0700
Subject: Proxy pass, upstream and http/1.0
In-Reply-To: <b1cd268b82a37d7dee966abe3b96be17.NginxMailingList@forum.nginx.org>
References: 	 <b1cd268b82a37d7dee966abe3b96be17.NginxMailingList@forum.nginx.org>
Message-ID: <1248906214.4336.7.camel@portable-evil>

On Wed, 2009-07-29 at 17:50 -0400, komone wrote:
> Hi,
> 
> It is correct that Nginx can/will only establish a 1.0 connection to
> an upstream application server? 

Yes.

> I can't see a way to make the proxy-pass honor 1.1 protocol. Am I
> looking in the wrong place in the docs or am I missing something
> fundamental? Is the use of proxy-pass and upstream the wrong approach
> to front-ending a web app server?

Is there a reason you need HTTP/1.1 to the backend?   Most web apps
should work with either.

Cliff

-- 
http://www.google.com/search?q=vonage+sucks





From nginx.list at daevel.fr  Thu Jul 30 03:00:22 2009
From: nginx.list at daevel.fr (Olivier B.)
Date: Thu, 30 Jul 2009 01:00:22 +0200
Subject: Proxy pass, upstream and http/1.0
In-Reply-To: <1248906214.4336.7.camel@portable-evil>
References: <b1cd268b82a37d7dee966abe3b96be17.NginxMailingList@forum.nginx.org> <1248906214.4336.7.camel@portable-evil>
Message-ID: <4A70D486.7040901@daevel.fr>

I suppose chunk encoding may be a good reason, no ?

Olivier

Cliff Wells a ?crit :
> On Wed, 2009-07-29 at 17:50 -0400, komone wrote:
>   
>> Hi,
>>
>> It is correct that Nginx can/will only establish a 1.0 connection to
>> an upstream application server? 
>>     
>
> Yes.
>
>   
>> I can't see a way to make the proxy-pass honor 1.1 protocol. Am I
>> looking in the wrong place in the docs or am I missing something
>> fundamental? Is the use of proxy-pass and upstream the wrong approach
>> to front-ending a web app server?
>>     
>
> Is there a reason you need HTTP/1.1 to the backend?   Most web apps
> should work with either.
>
> Cliff
>
>   





From resicow at gmail.com  Thu Jul 30 03:57:21 2009
From: resicow at gmail.com (Resi Cow)
Date: Wed, 29 Jul 2009 18:57:21 -0500
Subject: eval module 1.0.1
In-Reply-To: <4A43E677.7080008@grid.net.ru>
References: <4A43E677.7080008@grid.net.ru>
Message-ID: <6df1d0930907291657u47a685d5n80b874e62fe69a7b@mail.gmail.com>

This is great...

I'm new to nginx and nginx modules, but how hard would it be to modify this
module to instead read the value in from a file on the local system, instead
of reading the value via HTTP?

Sort of providing a "poor mans" .htaccess file for nginx.

Thanks,

John





On Thu, Jun 25, 2009 at 4:04 PM, Valery Kholodkov <
valery+nginxen at grid.net.ru <valery%2Bnginxen at grid.net.ru>> wrote:

>
> Greetings!
>
> I release a new module for evaluating response of proxied server or
> memcached into one or set of variables.
>
> Possible application:
>  * retrieving session from memcached
>  * locating a node or cluster responsible for a resource
>  * many others
>
> See details on this page:
>
> http://www.grid.net.ru/nginx/eval.en.html
>
> Feel free to contact me if you have any issues with it!
>
> This module is a part of work which was commissioned by GG Network S.A.
> (gadu-gadu.pl). Thanks guys! I really enjoyed working with you!
>
> --
> Best regards,
> Valery Kholodkov
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://nginx.org/pipermail/nginx/attachments/20090729/60756706/attachment.html>

From cliff at develix.com  Thu Jul 30 05:57:32 2009
From: cliff at develix.com (Cliff Wells)
Date: Wed, 29 Jul 2009 18:57:32 -0700
Subject: Proxy pass, upstream and http/1.0
In-Reply-To: <4A70D486.7040901@daevel.fr>
References: 	 <b1cd268b82a37d7dee966abe3b96be17.NginxMailingList@forum.nginx.org>
	 <1248906214.4336.7.camel@portable-evil>  <4A70D486.7040901@daevel.fr>
Message-ID: <1248919052.4336.34.camel@portable-evil>

On Thu, 2009-07-30 at 01:00 +0200, Olivier B. wrote:
> I suppose chunk encoding may be a good reason, no ?

I wasn't fishing for a good reason.  I was asking why the OP needed it.
That is, I was looking to help solve his problem rather than get into a
debate over HTTP/1.0 vs HTTP/1.1

Regards,
Cliff

> Olivier
> 
> Cliff Wells a ?crit :
> > On Wed, 2009-07-29 at 17:50 -0400, komone wrote:
> >   
> >> Hi,
> >>
> >> It is correct that Nginx can/will only establish a 1.0 connection to
> >> an upstream application server? 
> >>     
> >
> > Yes.
> >
> >   
> >> I can't see a way to make the proxy-pass honor 1.1 protocol. Am I
> >> looking in the wrong place in the docs or am I missing something
> >> fundamental? Is the use of proxy-pass and upstream the wrong approach
> >> to front-ending a web app server?
> >>     
> >
> > Is there a reason you need HTTP/1.1 to the backend?   Most web apps
> > should work with either.
> >
> > Cliff
> >
> >   
> 
> 
-- 
http://www.google.com/search?q=vonage+sucks





From nginx-forum at nginx.us  Thu Jul 30 07:21:36 2009
From: nginx-forum at nginx.us (flute)
Date: Wed, 29 Jul 2009 23:21:36 -0400
Subject: Increasing Memory Usage
Message-ID: <e867095505a5ec586ae0cce73084ef58.NginxMailingList@forum.nginx.org>

I'm using Nginx 0.7.61 with php-fpm(php 5.2.6) on Freebsd7.1-amd64?
When i  starte nginx,the total memory usage beging Increase. Unitl used all memory.
use top with sort size,i'm look at the each nginx work process used more than 400M memory.
The solution is used 'kill -HUP'
http://ylem.guanxi.koubei.com/ylem/get?version=1.0&enc=5tGKrFjjiG4DONY0WlR1IZ0oHeSR1ZHTVJEzyXe_yDhNYfzLaR.D0wpSXWZ_iAy_YJZ9nmwW2x55Lmp0Xly1A1s-
why nginx used so many memory?

nginx.conf


pid        /var/run/nginx.pid;
worker_rlimit_nofile 200000;
events {
    worker_connections  20000;
    use kqueue;
    kqueue_changes 2048; 
}


http {
    include       mime.types;
	log_not_found off;
    default_type  text/html;

    log_format  main  '$remote_addr	$server_name	[$time_local]	'
                      '"user:$cookie_user;PHPSESSID:$cookie_PHPSESSID"'
                      '$request	$status	$body_bytes_sent	$request_time	$http_referer	'
                      '"$http_user_agent"	$http_x_forwarded_for'	$proxy_host;

    access_log off;
	open_log_file_cache max=1000 inactive=20s min_uses=8 valid=1m;
	open_file_cache max=1000 inactive=20s; 
	open_file_cache_valid    30s; 
	open_file_cache_min_uses 8;
	open_file_cache_errors   on;
    sendfile        on;
    tcp_nopush     on;
    tcp_nodelay	    on; 

    keepalive_timeout  30;
	server_names_hash_bucket_size 64;
	gzip_static on;
    gzip off;
    server_tokens off;
    userid on;
    userid_name user;
    userid_path /;
    userid_expires 365d;
    recursive_error_pages on;
    upstream test.com { 
		server 127.0.0.1:8080 weight=2; 
		server 192.168.0.10:8080 weight=4; 
	}
	client_body_buffer_size    128k;
    server {
        listen       80;
        server_name  test.com;
	    location /serverinfo/ {
        stub_status on;
                auth_basic "md";
                auth_basic_user_file /usr/local/etc/nginx.pw;
    	}
		location / {
              FileETag on;
              etag_format "%X%X";
			if ($request_method = POST) { 
				error_page      404 = /phppost;
			}
			if ($uri ~* \.html$) {
				root   /data/www/html;
				return 0;
			}
			if ($uri ~* (\.(js|swf|ico|gif|jpg|jpeg|png|css|xml|mp3))$) {
				root   /data/www/html;
				expires 30d;
				return 0;
				error_page 404 = /error/404.html;
			} 
			error_page	404 = /phpreq;
		}

		location /phppost {
			internal;
    		access_log  /logs/nginx/access.log  main;
			proxy_set_header   Cookie        "$http_cookie;Real_IP=$remote_addr";
			proxy_method POST; 
			proxy_connect_timeout 60;
			proxy_buffers 32 128k;
			proxy_ignore_client_abort on;
			proxy_pass http://127.0.0.1:8080;
		}	

		location /phpreq {
			internal;
    		access_log  /logs/nginx/access.log  main;
			proxy_set_header   Cookie        "$http_cookie;Real_IP=$remote_addr";
			proxy_buffers 128 32k;
			proxy_connect_timeout 600;
			proxy_read_timeout 600;
			proxy_send_timeout 600;
			#proxy_busy_buffers_size 20480k;
			proxy_headers_hash_max_size 8192;
			proxy_ignore_client_abort on;
			proxy_pass http://test.com;
		}
		location /10/ {
			proxy_pass http://192.168.0.10:8080/;
		}      
		location /11/ {
			proxy_pass http://127.0.0.1:8080/;
		}

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/local/nginx/html;
        }

    }
}



Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4598,4598#msg-4598





From is at rambler-co.ru  Thu Jul 30 08:25:11 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 30 Jul 2009 08:25:11 +0400
Subject: Increasing Memory Usage
In-Reply-To: <e867095505a5ec586ae0cce73084ef58.NginxMailingList@forum.nginx.org>
References: <e867095505a5ec586ae0cce73084ef58.NginxMailingList@forum.nginx.org>
Message-ID: <20090730042511.GB72098@rambler-co.ru>

On Wed, Jul 29, 2009 at 11:21:36PM -0400, flute wrote:

> I'm using Nginx 0.7.61 with php-fpm(php 5.2.6) on Freebsd7.1-amd64???
> When i  starte nginx,the total memory usage beging Increase. Unitl used all memory.
> use top with sort size,i'm look at the each nginx work process used more than 400M memory.
> The solution is used 'kill -HUP'
> http://ylem.guanxi.koubei.com/ylem/get?version=1.0&enc=5tGKrFjjiG4DONY0WlR1IZ0oHeSR1ZHTVJEzyXe_yDhNYfzLaR.D0wpSXWZ_iAy_YJZ9nmwW2x55Lmp0Xly1A1s-
> why nginx used so many memory?
> 
> nginx.conf
> 
> 
> pid        /var/run/nginx.pid;
> worker_rlimit_nofile 200000;
> events {
>     worker_connections  20000;
>     use kqueue;
>     kqueue_changes 2048; 
> }
> 
> 
> http {
>     include       mime.types;
> 	log_not_found off;
>     default_type  text/html;
> 
>     log_format  main  '$remote_addr	$server_name	[$time_local]	'
>                       '"user:$cookie_user;PHPSESSID:$cookie_PHPSESSID"'
>                       '$request	$status	$body_bytes_sent	$request_time	$http_referer	'
>                       '"$http_user_agent"	$http_x_forwarded_for'	$proxy_host;
> 
>     access_log off;
> 	open_log_file_cache max=1000 inactive=20s min_uses=8 valid=1m;
> 	open_file_cache max=1000 inactive=20s; 
> 	open_file_cache_valid    30s; 
> 	open_file_cache_min_uses 8;
> 	open_file_cache_errors   on;
>     sendfile        on;
>     tcp_nopush     on;
>     tcp_nodelay	    on; 
> 
>     keepalive_timeout  30;
> 	server_names_hash_bucket_size 64;
> 	gzip_static on;
>     gzip off;
>     server_tokens off;
>     userid on;
>     userid_name user;
>     userid_path /;
>     userid_expires 365d;
>     recursive_error_pages on;
>     upstream test.com { 
> 		server 127.0.0.1:8080 weight=2; 
> 		server 192.168.0.10:8080 weight=4; 
> 	}
> 	client_body_buffer_size    128k;
>     server {
>         listen       80;
>         server_name  test.com;
> 	    location /serverinfo/ {
>         stub_status on;
>                 auth_basic "md";
>                 auth_basic_user_file /usr/local/etc/nginx.pw;
>     	}
> 		location / {
>               FileETag on;
>               etag_format "%X%X";

Probably because of etag module.

> 			if ($request_method = POST) { 
> 				error_page      404 = /phppost;
> 			}
> 			if ($uri ~* \.html$) {
> 				root   /data/www/html;
> 				return 0;
> 			}
> 			if ($uri ~* (\.(js|swf|ico|gif|jpg|jpeg|png|css|xml|mp3))$) {
> 				root   /data/www/html;
> 				expires 30d;
> 				return 0;
> 				error_page 404 = /error/404.html;
> 			} 
> 			error_page	404 = /phpreq;
> 		}

Also,
	if ($uri ~* (\.(js|swf|ico|gif|jpg|jpeg|png|css|xml|mp3))$) {

means that you should use

	location ~* (\.(js|swf|ico|gif|jpg|jpeg|png|css|xml|mp3))$) {

However, this is not cause of memory leak.

And probably, this contstruction does not work at all:

 		location / {
 			if ($request_method = POST) { 
 				error_page      404 = /phppost;
 			}
 			if ($uri ~* \.html$) {
 				root   /data/www/html;
 				return 0;
 			}

> 		location /phppost {
> 			internal;
>     		access_log  /logs/nginx/access.log  main;
> 			proxy_set_header   Cookie        "$http_cookie;Real_IP=$remote_addr";
> 			proxy_method POST; 
> 			proxy_connect_timeout 60;
> 			proxy_buffers 32 128k;
> 			proxy_ignore_client_abort on;
> 			proxy_pass http://127.0.0.1:8080;
> 		}	
> 
> 		location /phpreq {
> 			internal;
>     		access_log  /logs/nginx/access.log  main;
> 			proxy_set_header   Cookie        "$http_cookie;Real_IP=$remote_addr";
> 			proxy_buffers 128 32k;
> 			proxy_connect_timeout 600;
> 			proxy_read_timeout 600;
> 			proxy_send_timeout 600;
> 			#proxy_busy_buffers_size 20480k;
> 			proxy_headers_hash_max_size 8192;
> 			proxy_ignore_client_abort on;
> 			proxy_pass http://test.com;
> 		}
> 		location /10/ {
> 			proxy_pass http://192.168.0.10:8080/;
> 		}      
> 		location /11/ {
> 			proxy_pass http://127.0.0.1:8080/;
> 		}
> 
>         error_page   500 502 503 504  /50x.html;
>         location = /50x.html {
>             root   /usr/local/nginx/html;
>         }
> 
>     }
> }
> 
> 
> 
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4598,4598#msg-4598
> 

-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Thu Jul 30 10:57:16 2009
From: nginx-forum at nginx.us (komone)
Date: Thu, 30 Jul 2009 02:57:16 -0400
Subject: Proxy pass, upstream and http/1.0
In-Reply-To: <1248906214.4336.7.camel@forum.nginx.org>
References: <b1cd268b82a37d7dee966abe3b96be17.NginxMailingList@forum.nginx.org> <1248906214.4336.7.camel@forum.nginx.org>
Message-ID: <610099ab7f3c2843950bef23825e9644.NginxMailingList@forum.nginx.org>

Cliff Wells Wrote:
-------------------------------------------------------
> On Wed, 2009-07-29 at 17:50 -0400, komone wrote:
> > It is correct that Nginx can/will only establish
> a 1.0 connection to
> > an upstream application server? 
> 
> Yes.
> 
Darn.

> > I can't see a way to make the proxy-pass honor
> 1.1 protocol.
> Is there a reason you need HTTP/1.1 to the
> backend?   Most web apps
> should work with either.

Web app servers are generally connection oriented and HTTP/1.1 provides far better connection support. When a new connection is made the app server has session setup as well as connection setup on a per connection basis, so constraint to HTTP/1.0 is very restricting. Beyond that there are many other parts of HTTP/1.1 that enrich the protocol. Olivier mentioned just one with chunked encoding, but consider other types of transfer such as ranged requests, Further reasons include but are not limited to: Extensibility Caching Bandwidth optimization Network connection management Message transmission Internet address conservation Error notification Security, integrity, and authentication and Content negotiation

The 1.0 constraint is pretty dire for me. Do I have alternatives to proxy-pass/upstream that would allow me to use Nginx or should I be looking at another HTTP server?

Thanks
Steve

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4593,4600#msg-4600





From maccaday at gmail.com  Thu Jul 30 11:40:29 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Thu, 30 Jul 2009 10:40:29 +0300
Subject: Proxy pass, upstream and http/1.0
In-Reply-To: <610099ab7f3c2843950bef23825e9644.NginxMailingList@forum.nginx.org>
References: <b1cd268b82a37d7dee966abe3b96be17.NginxMailingList@forum.nginx.org> <1248906214.4336.7.camel@forum.nginx.org> <610099ab7f3c2843950bef23825e9644.NginxMailingList@forum.nginx.org>
Message-ID: <4A714E6D.2060401@gmail.com>

Hi,
> The 1.0 constraint is pretty dire for me. Do I have alternatives to proxy-pass/upstream that would allow me to use Nginx or should I be looking at another HTTP server?
>   
Litespeed can handle 1.0 / 1.1 connections to backends, and is very 
fast.  Cherokee might be worth looking at too - not tested it, but it 
too apparently is very fast.  If you're just looking for a dedicated 
proxy, try HAProxy.

Regards,

Marcus.




From nginx-forum at nginx.us  Thu Jul 30 11:50:33 2009
From: nginx-forum at nginx.us (supergui)
Date: Thu, 30 Jul 2009 03:50:33 -0400
Subject: why fail to ngx_http_output_filter after a timer????
Message-ID: <a0adda7601fcab104e2c2b86f16adfa2.NginxMailingList@forum.nginx.org>

below codes are main illustration to my meaning, that is i set a timer(just 1000ms) to output body , but this doesn't work?  
is this something do with the return value or i need to do more things?



////////////////////////////////////////////////////////////////////////////////

char* out_buf[1024]={0}

static ngx_int_t
ngx_http_gdrive_handler(ngx_http_request_t *r)
{
     //set my context
     gdrive_module_ctx* gmc=(gdrive_module_ctx *)ngx_palloc(r->pool, sizeof(gdrive_module_ctx));
    ngx_http_set_ctx(r, gmc, ngx_http_gdrive_module);

      r->headers_out.status = NGX_HTTP_OK;
       r->headers_out.content_length_n = sizeof(out_buf);

       rc = ngx_http_send_header(r);
      
      gmc->try_trunk_eve.handler=write_trunk;
      gmc->try_trunk_eve->data=r;
      gmc->try_trunk_eve->log=r->connectoin->log;
      ngx_add_timer(&gmc->try_trunk_eve, 1000);        //write 1000ms later

      return NGX_AGAIN;
}

static void write_trunk(ngx_event_t *wev)
{
    ngx_http_request_t         *r = wev->data;
    gdrive_module_ctx* gmc=ngx_http_get_module_ctx(r, ngx_http_gdrive_module);

    ngx_buf_t    *b;
    ngx_chain_t   out;


    b = ngx_pcalloc(r->pool, sizeof(ngx_buf_t));


     out.buf = b;
    out.next = NULL;

    b->memory = 1;
    b->flush = 1;
    b->last_buf=1;


    b->pos=(u_char*)out_buf;
    b->last=b->pos+sizeof(out_buf);
    
     /*
     *           just can't output here?? the r->connection->fd has been change to an negative value?? but the connection has not been close yet,      why?
      */
     ngx_http_output_filter(r, &out);
}

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4601,4601#msg-4601





From nginx-forum at nginx.us  Thu Jul 30 11:57:39 2009
From: nginx-forum at nginx.us (supergui)
Date: Thu, 30 Jul 2009 03:57:39 -0400
Subject: why fail to ngx_http_output_filter after a timer????
In-Reply-To: <a0adda7601fcab104e2c2b86f16adfa2.NginxMailingList@forum.nginx.org>
References: <a0adda7601fcab104e2c2b86f16adfa2.NginxMailingList@forum.nginx.org>
Message-ID: <f0ac57b000e9da091f8e638cd29316bf.NginxMailingList@forum.nginx.org>

2009/07/30 15:55:53  3989#0: *2 fd: -1476393696, r: 00002B25A80009D0


this is the debug message i log before ngx_http_output_filter, the address of r is 00002B25A80009D0, but the r->connection->fd change to be nagative??

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4601,4602#msg-4602





From cliff at develix.com  Thu Jul 30 12:44:20 2009
From: cliff at develix.com (Cliff Wells)
Date: Thu, 30 Jul 2009 01:44:20 -0700
Subject: Proxy pass, upstream and http/1.0
In-Reply-To: <610099ab7f3c2843950bef23825e9644.NginxMailingList@forum.nginx.org>
References: 	 <b1cd268b82a37d7dee966abe3b96be17.NginxMailingList@forum.nginx.org>
	 <1248906214.4336.7.camel@forum.nginx.org>
	 <610099ab7f3c2843950bef23825e9644.NginxMailingList@forum.nginx.org>
Message-ID: <1248943460.3944.12.camel@portable-evil>

On Thu, 2009-07-30 at 02:57 -0400, komone wrote:
> Cliff Wells Wrote:
> -------------------------------------------------------
> > On Wed, 2009-07-29 at 17:50 -0400, komone wrote:
> > > It is correct that Nginx can/will only establish
> > a 1.0 connection to
> > > an upstream application server? 
> > 
> > Yes.
> > 
> Darn.
> 
> > > I can't see a way to make the proxy-pass honor
> > 1.1 protocol.
> > Is there a reason you need HTTP/1.1 to the
> > backend? Most web apps
> > should work with either.
> 
> Web app servers are generally connection oriented and HTTP/1.1
> provides far better connection support. When a new connection is made
> the app server has session setup as well as connection setup on a per
> connection basis, so constraint to HTTP/1.0 is very restricting.
> Beyond that there are many other parts of HTTP/1.1 that enrich the
> protocol. Olivier mentioned just one with chunked encoding, but
> consider other types of transfer such as ranged requests, Further
> reasons include but are not limited to: Extensibility Caching
> Bandwidth optimization Network connection management Message
> transmission Internet address conservation Error notification
> Security, integrity, and authentication and Content negotiation

Many, if not most, people using Nginx are proxying to application
servers (myself included).   Without knowing a lot about your particular
application, I'm still inclined to venture that you are likely seriously
over-concerned about the direness of this situation.   

With a notable exception, most of the additional benefits of HTTP/1.1
you list (copied/pasted directly from the W3C page, I see) have little
positive effect on performance between a proxy and a backend server that
exist on the same LAN or especially the same machine.  They are mostly
of benefit between a server and a user-agent (browser) or over
slower-than-LAN links.   Perhaps you should provide your own, actual
reasons (or better yet, test results) that demonstrate this is more than
an imagined fear.  I'm fully prepared to believe that your app might
require HTTP/1.1, but copying reasons from the W3C site isn't entirely
convincing.

No doubt there are many applications that would benefit from things like
chunked responses (I believe range requests should pass through
successfully, but haven't tested), but unless you are saying that you
have that sort of application, then I'd suggest you simply test and see
if it works.   I've heard rumor that premature optimization is the root
of a significant amount of fail ;-)

> The 1.0 constraint is pretty dire for me. Do I have alternatives to
> proxy-pass/upstream that would allow me to use Nginx or should I be
> looking at another HTTP server?

If you really believe you need HTTP/1.1 between Nginx and the backend
(note that Nginx *does* support 1.1 to the browser), then you'll need to
look elsewhere.  I believe that 1.1 support between Nginx and backend is
in the works, but sadly it doesn't exist today.

Sorry that I can't give you something more positive.   But I do
encourage you to not give up unless actual testing (or some known
condition you haven't mentioned) demonstrates that HTTP/1.0 is a
demonstrable failure for your application.

Regards,
Cliff

-- 
http://www.google.com/search?q=vonage+sucks





From nginx-forum at nginx.us  Thu Jul 30 13:41:03 2009
From: nginx-forum at nginx.us (micron)
Date: Thu, 30 Jul 2009 05:41:03 -0400
Subject: Big Problem with Nginx and modules
Message-ID: <cabd9238eb2288e750edbc8665ea0107.NginxMailingList@forum.nginx.org>

The problem is in my module mod_asis.so
Open file in /proc/$PID/fd/ and don't close open file.

lrwx------ 1 nobody nogroup 64 Jul 30 12:34 940 -> socket:[32218310]
lr-x------ 1 nobody nogroup 64 Jul 30 12:34 941 -> /var/wwwns/index.asis
lrwx------ 1 nobody nogroup 64 Jul 30 12:34 942 -> socket:[32412519]
lr-x------ 1 nobody nogroup 64 Jul 30 12:34 943 -> /var/wwwns/index.asis
lrwx------ 1 nobody nogroup 64 Jul 30 12:34 944 -> socket:[32412811]
lr-x------ 1 nobody nogroup 64 Jul 30 12:34 945 -> /var/wwwns/index.asis
lrwx------ 1 nobody nogroup 64 Jul 30 12:34 946 -> socket:[32553372]
lr-x------ 1 nobody nogroup 64 Jul 30 12:34 947 -> /var/wwwns/index.asis
lrwx------ 1 nobody nogroup 64 Jul 30 12:34 948 -> socket:[32553550]
lr-x------ 1 nobody nogroup 64 Jul 30 12:34 949 -> /var/wwwns/index.asis
lrwx------ 1 nobody nogroup 64 Jul 30 12:34 95 -> socket:[4124090]
lrwx------ 1 nobody nogroup 64 Jul 30 12:34 950 -> socket:[32612870]
lr-x------ 1 nobody nogroup 64 Jul 30 12:34 951 -> /var/wwwns/index.asis
lrwx------ 1 nobody nogroup 64 Jul 30 12:34 952 -> socket:[32613037]
lr-x------ 1 nobody nogroup 64 Jul 30 12:34 953 -> /var/wwwns/index.asis
lrwx------ 1 nobody nogroup 64 Jul 30 12:34 954 -> socket:[32645073]
lrwx------ 1 nobody nogroup 64 Jul 30 12:34 955 -> socket:[32644536]
lr-x------ 1 nobody nogroup 64 Jul 30 12:34 956 -> /var/wwwns/index.asis
lr-x------ 1 nobody nogroup 64 Jul 30 12:34 957 -> /var/wwwns/index.asis
lrwx------ 1 nobody nogroup 64 Jul 30 12:34 958 -> socket:[34881080]
lrwx------ 1 nobody nogroup 64 Jul 30 12:34 959 -> socket:[34689086]
lr-x------ 1 nobody nogroup 64 Jul 30 12:34 96 -> /var/wwwns/index.asis
lr-x------ 1 nobody nogroup 64 Jul 30 12:34 960 -> /var/wwwns/index.asis
lr-x------ 1 nobody nogroup 64 Jul 30 12:34 963 -> /var/wwwns/index.asis
lrwx------ 1 nobody nogroup 64 Jul 30 12:34 97 -> socket:[4123881]
lr-x------ 1 nobody nogroup 64 Jul 30 12:34 98 -> /var/wwwns/index.asis
lrwx------ 1 nobody nogroup 64 Jul 30 12:34 99 -> socket:[4165546]

There is a problem.
Where a bug ?
Help

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4605,4605#msg-4605





From nginx-forum at nginx.us  Thu Jul 30 14:10:49 2009
From: nginx-forum at nginx.us (komone)
Date: Thu, 30 Jul 2009 06:10:49 -0400
Subject: Proxy pass, upstream and http/1.0
In-Reply-To: <1248943460.3944.12.camel@forum.nginx.org>
References: <b1cd268b82a37d7dee966abe3b96be17.NginxMailingList@forum.nginx.org> <1248906214.4336.7.camel@forum.nginx.org> <610099ab7f3c2843950bef23825e9644.NginxMailingList@forum.nginx.org> <1248943460.3944.12.camel@forum.nginx.org>
Message-ID: <e86948e513dadabdcddfb34e1fd97249.NginxMailingList@forum.nginx.org>

Hi Cliff,

It seems I put you on the defensive a little, or sounded aggressive, neither of which was my intention. 

Here's a little more detail (inline with your responses)...

Cliff Wells Wrote:
> Many, if not most, people using Nginx are proxying
> to application
> servers (myself included).   

I am writing a web application server which is *intended* to run behind a proxy so that I can rely on delegating SSL/TLS, mail proxying, and (for the largest part, but not all), static file serving, rather than simply re-inventing the wheel.

HTTP/1.0 is largely a dead protocol, and the only cases I can find that require 1.0 in this server are:

Lynx, Wget, and... NginX (which was to be my favored proxy)

...I am currently returning 505 to 1.0 clients. The reasoning is that the applications this server is intended to host will be highly dynamic "web 2.0+" (tho I truly hate that pseudo-term), and I am stuggling to find a business use case that really justifies legacy 1.0 support. I'd like to move away from the constraints of the 20th century but NginX could be the showstopper.

> Without knowing a lot
> about your particular
> application, I'm still inclined to venture that
> you are likely seriously
> over-concerned about the direness of this
> situation.   

This is quite possible, but I cannot test fully as yet.

> 
> With a notable exception, most of the additional
> benefits of HTTP/1.1
> you list (copied/pasted directly from the W3C
> page, I see) 
> have little
> positive effect on performance between a proxy and
> a backend server that
> exist on the same LAN or especially the same
> machine.  They are mostly
> of benefit between a server and a user-agent
> (browser) or over
> slower-than-LAN links.   Perhaps you should
> provide your own, actual
> reasons (or better yet, test results) that
> demonstrate this is more than
> an imagined fear.  I'm fully prepared to believe
> that your app might
> require HTTP/1.1, but copying reasons from the W3C
> site isn't entirely
> convincing.

true ..., however I'm concerned that more issues will raise their head further down the road and I don't want to paint myself into a corner... inability to do chunked transfers by itself seems to be good enough reason for concern to me.

> 
> No doubt there are many applications that would
> benefit from things like
> chunked responses (I believe range requests should
> pass through
> successfully, but haven't tested), 

I have my hands 110% full, but will likely be able to do that kind of testing later.However, note that this means I'm being asked to test other technologies rather than just my own, so frankly it's not going to be on my no.1 priority list and I may just have to go with a different front end recommendation at release.

> but unless you
> are saying that you
> have that sort of application, then I'd suggest
> you simply test and see
> if it works.   I've heard rumor that premature
> optimization is the root
> of a significant amount of fail ;-)

..that is *without doubt* true. However, usually that is related to sequential code. There are design/structural limitations that should be addressed early, and support for HTTP/1.0 does have structural impact on the codebase.

> 
> > The 1.0 constraint is pretty dire for me. Do I
> have alternatives to
> > proxy-pass/upstream that would allow me to use
> Nginx or should I be
> > looking at another HTTP server?
> 
> If you really believe you need HTTP/1.1 between
> Nginx and the backend
> (note that Nginx *does* support 1.1 to the
> browser), then you'll need to
> look elsewhere.  I believe that 1.1 support
> between Nginx and backend is
> in the works, but sadly it doesn't exist today.
> 
> Sorry that I can't give you something more
> positive.   But I do
> encourage you to not give up unless actual testing
> (or some known
> condition you haven't mentioned) demonstrates that
> HTTP/1.0 is a
> demonstrable failure for your application.

NP at all. A correct answer is worth 1000 answers that pander to some ideal or fantasy.
> 
> Regards,
> Cliff
> 

My best regards to you also!

Steve

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4593,4607#msg-4607





From mdounin at mdounin.ru  Thu Jul 30 14:17:11 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 30 Jul 2009 14:17:11 +0400
Subject: Increasing Memory Usage
In-Reply-To: <e867095505a5ec586ae0cce73084ef58.NginxMailingList@forum.nginx.org>
References: <e867095505a5ec586ae0cce73084ef58.NginxMailingList@forum.nginx.org>
Message-ID: <20090730101711.GD8794@mdounin.ru>

Hello!

On Wed, Jul 29, 2009 at 11:21:36PM -0400, flute wrote:

> I'm using Nginx 0.7.61 with php-fpm(php 5.2.6) on Freebsd7.1-amd64?
> When i  starte nginx,the total memory usage beging Increase. Unitl used all memory.
> use top with sort size,i'm look at the each nginx work process used more than 400M memory.
> The solution is used 'kill -HUP'
> http://ylem.guanxi.koubei.com/ylem/get?version=1.0&enc=5tGKrFjjiG4DONY0WlR1IZ0oHeSR1ZHTVJEzyXe_yDhNYfzLaR.D0wpSXWZ_iAy_YJZ9nmwW2x55Lmp0Xly1A1s-
> why nginx used so many memory?
> 
> nginx.conf
> 
> 
> pid        /var/run/nginx.pid;
> worker_rlimit_nofile 200000;
> events {
>     worker_connections  20000;

[...]

> 		location / {
>               FileETag on;
>               etag_format "%X%X";

As Igor already suggested, this may be caused by a memory leak in etag 
module.  Could you please try to reproduce problem without it?

[...]

> 		location /phppost {
> 			internal;
>     		access_log  /logs/nginx/access.log  main;
> 			proxy_set_header   Cookie        "$http_cookie;Real_IP=$remote_addr";
> 			proxy_method POST; 
> 			proxy_connect_timeout 60;
> 			proxy_buffers 32 128k;
> 			proxy_ignore_client_abort on;


Note well that each nginx worker may use up to 
worker_connections * proxy_buffers[count] * proxy_buffers[size] 
memory just for proxy buffers.

This counts to 80G in your case, probably a bit too many.  Try 
decreasing proxy_buffers to see if it helps.

Maxim Dounin




From mdounin at mdounin.ru  Thu Jul 30 14:20:57 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 30 Jul 2009 14:20:57 +0400
Subject: Big Problem with Nginx and modules
In-Reply-To: <cabd9238eb2288e750edbc8665ea0107.NginxMailingList@forum.nginx.org>
References: <cabd9238eb2288e750edbc8665ea0107.NginxMailingList@forum.nginx.org>
Message-ID: <20090730102056.GE8794@mdounin.ru>

Hello!

On Thu, Jul 30, 2009 at 05:41:03AM -0400, micron wrote:

> The problem is in my module mod_asis.so
> Open file in /proc/$PID/fd/ and don't close open file.

[...]

> There is a problem.
> Where a bug ?

Obvious answer is "in your module mod_asis.so".  On the other 
hand, nginx does not have loadable modules at all, and ".so" 
extension looks suspicious for me.  So I'm confused.

Maxim Dounin




From valery+nginxen at grid.net.ru  Thu Jul 30 14:28:18 2009
From: valery+nginxen at grid.net.ru (Valery Kholodkov)
Date: Thu, 30 Jul 2009 12:28:18 +0200
Subject: mogilefs module 1.0.2
In-Reply-To: <bd9320b30907281016s4a6451m61b255d291e6c402@mail.gmail.com>
References: <3DEDDBC4-B8AD-4496-BE98-AA41430776F1@gmail.com>	 <10070418.181248777950714.JavaMail.root@zone.mtgsy.net> <bd9320b30907281016s4a6451m61b255d291e6c402@mail.gmail.com>
Message-ID: <4A7175C2.7030704@grid.net.ru>

Michael Shadle wrote:
> On Tue, Jul 28, 2009 at 3:45 AM, Valery
> Kholodkov<valery+nginxen at grid.net.ru> wrote:
> 
>> No, at the moment it makes only one replica, but I plan to implement replication at desired minimal number of nodes simultaneously.
> 
> Isn't the number of replicas defined when you use mogadm/etc. to
> define a new domain? (I think replicas is a domain property)

It seems to me that it is a property of a class.

> It sounds like it is up to the client then to make sure it gets placed
> on that many replicas. Not the tracker/mogilefsd. Although it might be
> worth looking into to see if it does, there is a replication portion
> of the daemon I believe that is supposed to keep that number of
> replicas alive at all times (I believe) - perhaps you can just be lazy
> and let it do it's job :)

There is a problem. The longer the file is the more is the probability 
that storage node will fail during upload. At some installations it will 
be cheaper to make multiple replicas instead of investing into 
reliability of every node and the infrastructure in general.

-- 
Best regards,
Valery Kholodkov




From valery+nginxen at grid.net.ru  Thu Jul 30 15:35:54 2009
From: valery+nginxen at grid.net.ru (Valery Kholodkov)
Date: Thu, 30 Jul 2009 13:35:54 +0200
Subject: mogilefs module 1.0.2
In-Reply-To: <bd9320b30907281014s76684d75h96b99412546d7fc6@mail.gmail.com>
References: <DC8DE022-3506-41DC-BDB9-561AFA198D6D@gmail.com>	 <15925554.211248778517254.JavaMail.root@zone.mtgsy.net> <bd9320b30907281014s76684d75h96b99412546d7fc6@mail.gmail.com>
Message-ID: <4A71859A.5000301@grid.net.ru>

Michael Shadle wrote:
> On Tue, Jul 28, 2009 at 3:55 AM, Valery
> Kholodkov<valery+nginxen at grid.net.ru> wrote:
> 
>> Well, the end user can upload directly to this as soon as it does via PUT request. Nginx already provides all necessary validations for PUT requests.
> 
> Well, yeah, but then you have to make sure all your max_size's are
> bumped up etc (I assume) and that's one thing I wouldn't want to mess
> with continuously.

I don't understand, sorry. What do you mean?

> We just uploaded a 500 meg file for example.

Into mogilefs via nginx+mogilefs module?

>> For POST requests I plan to implement a module which does conversion from POST to PUT internally in nginx. This will allow implementing a scalable web storage entirely on nginx. This module will be able to work with your partial upload thingy as well.
> 
> That would be awesome. All it really needs to do is collect the
> portions and then push it.
> 
> However there would need to be some way to tell the application (like
> a PHP app) that the event happened, so it knows and it can store the
> link/key/etc. to the file.

It will be the same way upload module uses, but additionally I'll 
provide a status of PUT request for each file in the form data.

-- 
Best regards,
Valery Kholodkov





From mdounin at mdounin.ru  Thu Jul 30 15:41:52 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Thu, 30 Jul 2009 15:41:52 +0400
Subject: Proxy pass, upstream and http/1.0
In-Reply-To: <e86948e513dadabdcddfb34e1fd97249.NginxMailingList@forum.nginx.org>
References: <b1cd268b82a37d7dee966abe3b96be17.NginxMailingList@forum.nginx.org> <1248906214.4336.7.camel@forum.nginx.org> <610099ab7f3c2843950bef23825e9644.NginxMailingList@forum.nginx.org> <1248943460.3944.12.camel@forum.nginx.org> <e86948e513dadabdcddfb34e1fd97249.NginxMailingList@forum.nginx.org>
Message-ID: <20090730114152.GF8794@mdounin.ru>

Hello!

On Thu, Jul 30, 2009 at 06:10:49AM -0400, komone wrote:

> Hi Cliff,
> 
> It seems I put you on the defensive a little, or sounded aggressive, neither of which was my intention. 
> 
> Here's a little more detail (inline with your responses)...
> 
> Cliff Wells Wrote:
> > Many, if not most, people using Nginx are proxying
> > to application
> > servers (myself included).   
> 
> I am writing a web application server which is *intended* to run behind a proxy so that I can rely on delegating SSL/TLS, mail proxying, and (for the largest part, but not all), static file serving, rather than simply re-inventing the wheel.
> 
> HTTP/1.0 is largely a dead protocol, and the only cases I can find that require 1.0 in this server are:

Just a note: you can't be HTTP/1.1 complaint without correct 
support for HTTP/1.0.

On the other hand, HTTP/1.1 is much more complicated.

That's basically why nginx uses HTTP/1.0.

> Lynx, Wget, and... NginX (which was to be my favored proxy)

Just some arbitrary stats from some frontend server:

$ fgrep 'HTTP/1.0' access_log | wc -l
   62734
$ fgrep 'HTTP/1.1' access_log | wc -l
 1979061

So it's about 3% of HTTP/1.0 requests anyway.  This includes 
various proxies, mobile phones, various robots etc.  AFAIK IE 
still uses HTTP/1.0 by default if configured with proxy.

[...]

> true ..., however I'm concerned that more issues will raise their head further down the road and I don't want to paint myself into a corner... inability to do chunked transfers by itself seems to be good enough reason for concern to me.

Chunked transfer encoding has basically two goals:

1. keep connections alive
2. ensure data consistency in case of connection drop

Both apply only in case you have no known Content-Length.  
And benefits of both are highly questionable in case of 
frontend-backend connection.

If you have connection drops - you are in trouble and HTTP/1.1 
won't help anyway.

Keeping connections alive is mostly performance question, and 
doesn't really apply unless you have either very fast backend or 
something wierd that spends lots of resources on opening new 
connections.  And, actually, HTTP/1.1 support doesn't imply 
keepalive connections support.

I'm currently working on HTTP/1.1 support to make it possible to 
keep http connections alive.  But it doesn't looks for me that 
HTTP/1.0 is somewhat limiting.  Just performance issue for very 
special cases.

Maxim Dounin




From nginx-forum at nginx.us  Thu Jul 30 16:36:06 2009
From: nginx-forum at nginx.us (komone)
Date: Thu, 30 Jul 2009 08:36:06 -0400
Subject: Proxy pass, upstream and http/1.0
In-Reply-To: <20090730114152.GF8794@forum.nginx.org>
References: <b1cd268b82a37d7dee966abe3b96be17.NginxMailingList@forum.nginx.org> <1248906214.4336.7.camel@forum.nginx.org> <610099ab7f3c2843950bef23825e9644.NginxMailingList@forum.nginx.org> <1248943460.3944.12.camel@forum.nginx.org> <e86948e513dadabdcddfb34e1fd97249.NginxMailingList@forum.nginx.org> <20090730114152.GF8794@forum.nginx.org>
Message-ID: <4c35dff04a5ce222bddbfc1ce749ef5e.NginxMailingList@forum.nginx.org>

Hi Maxim,

Many thanks for your very informative response. It's definitely convinced me to keep 1.0 support in this server...

Maxim Dounin Wrote:
-------------------------------------------------------
> Hello!
> 
> On Thu, Jul 30, 2009 at 06:10:49AM -0400, komone
> wrote:
> Just a note: you can't be HTTP/1.1 complaint
> without correct 
> support for HTTP/1.0.

Actually, I was aware of this but could not see the value in it.

> Just some arbitrary stats from some frontend
> server:
> 
> $ fgrep 'HTTP/1.0' access_log | wc -l
>    62734
> $ fgrep 'HTTP/1.1' access_log | wc -l
>  1979061
> 
> So it's about 3% of HTTP/1.0 requests anyway. 
> This includes 
> various proxies, mobile phones, various robots

...and the best case I have seen made for keeping 1.0 in the server.

> etc.  AFAIK IE 
> still uses HTTP/1.0 by default if configured with
> proxy.

...why is it always IE that has to be "different"? :(

BTW I've found that IE closes keep-alive connections when it gets a not modified response. 
Chrome does that too but Google have listed it as a bug that will be fixed...

> Chunked transfer encoding has basically two
> goals:
> 
> 1. keep connections alive
> 2. ensure data consistency in case of connection
> drop
> 
> Both apply only in case you have no known
> Content-Length.  
> And benefits of both are highly questionable in
> case of 
> frontend-backend connection.
> 
> If you have connection drops - you are in trouble
> and HTTP/1.1 
> won't help anyway.


Good point.


> 
> Keeping connections alive is mostly performance
> question, and 
> doesn't really apply unless you have either very
> fast backend or 
> something wierd that spends lots of resources on
> opening new 
> connections.  And, actually, HTTP/1.1 support
> doesn't imply 
> keepalive connections support.
> 
> I'm currently working on HTTP/1.1 support to make
> it possible to 
> keep http connections alive.  But it doesn't looks
> for me that 
> HTTP/1.0 is somewhat limiting.  Just performance
> issue for very 
> special cases.
> 

The back-end is likely to be pretty quick, yes, but I'm happy enough to proceed with implementing 1.0 and continuing to target NginX as the front-end recommendation.

When I finally get to real load testing, I'll be sure to report any issues I may find (if any). I'll also keep an interested half-eye on your work on 1.1 support as I proceed with my own project.

Thank you, Maxim, and thanks also to Cliff, for fully addressing and clarifying these issues for me. 

Your time in responding and the benefit of your experience is very much valued at this end.

With very best regards,
Steve

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4593,4614#msg-4614





From is at rambler-co.ru  Thu Jul 30 16:40:50 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 30 Jul 2009 16:40:50 +0400
Subject: Proxy pass, upstream and http/1.0
In-Reply-To: <4c35dff04a5ce222bddbfc1ce749ef5e.NginxMailingList@forum.nginx.org>
References: <b1cd268b82a37d7dee966abe3b96be17.NginxMailingList@forum.nginx.org> <1248906214.4336.7.camel@forum.nginx.org> <610099ab7f3c2843950bef23825e9644.NginxMailingList@forum.nginx.org> <1248943460.3944.12.camel@forum.nginx.org> <e86948e513dadabdcddfb34e1fd97249.NginxMailingList@forum.nginx.org> <20090730114152.GF8794@forum.nginx.org> <4c35dff04a5ce222bddbfc1ce749ef5e.NginxMailingList@forum.nginx.org>
Message-ID: <20090730124050.GK76511@rambler-co.ru>

On Thu, Jul 30, 2009 at 08:36:06AM -0400, komone wrote:

> > Just some arbitrary stats from some frontend
> > server:
> > 
> > $ fgrep 'HTTP/1.0' access_log | wc -l
> >    62734
> > $ fgrep 'HTTP/1.1' access_log | wc -l
> >  1979061
> > 
> > So it's about 3% of HTTP/1.0 requests anyway. 
> > This includes 
> > various proxies, mobile phones, various robots
> 
> ...and the best case I have seen made for keeping 1.0 in the server.

On www.rambler.ru HTTP/1.0 requests are about 13%.


-- 
Igor Sysoev
http://sysoev.ru/en/




From jim at ohlste.in  Thu Jul 30 17:47:37 2009
From: jim at ohlste.in (Jim Ohlstein)
Date: Thu, 30 Jul 2009 09:47:37 -0400
Subject: HTTP Referer Module
Message-ID: <4A71A479.3000502@ohlste.in>

Hello,

We just went through a period where someone was seriously leeching 
bandwidth. See the attached graph. It started just after midnight and I 
noticed it this morning and took care of it.

We run a proxy on that server and someone was referring requests for 
YouTube videos on their site to be served via our proxy.

What I did was to use a location block to return a nasty jpg to all 
requests that match their requests.

location ~ /part-of-encoded-URL {
rewrite ^(.*)$ /bandwidth-leech.jpg permanent;
}

You can see the results. The requests went away completely after a short 
while.

I initially tried using the HTTP Referer Module but it seems it is 
designed to require a list of valid referrers and others default to 
invalid. Given the nature of my app, pretty much all referring sites are 
"valid" and I would rather be able to list "invalid_referers", perhaps 
in "http" section. Then I could add them to my list as they arose, and 
not need a location block for each, in each server. If there's a way to 
do this, I missed it in the Wiki and the Russian docs.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: localhost-if_eth0-day.png
Type: image/png
Size: 23658 bytes
Desc: not available
URL: <http://nginx.org/pipermail/nginx/attachments/20090730/1b0c26b0/attachment.png>

From is at rambler-co.ru  Thu Jul 30 17:54:44 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 30 Jul 2009 17:54:44 +0400
Subject: HTTP Referer Module
In-Reply-To: <4A71A479.3000502@ohlste.in>
References: <4A71A479.3000502@ohlste.in>
Message-ID: <20090730135444.GP76511@rambler-co.ru>

On Thu, Jul 30, 2009 at 09:47:37AM -0400, Jim Ohlstein wrote:

> Hello,
> 
> We just went through a period where someone was seriously leeching 
> bandwidth. See the attached graph. It started just after midnight and I 
> noticed it this morning and took care of it.
> 
> We run a proxy on that server and someone was referring requests for 
> YouTube videos on their site to be served via our proxy.
> 
> What I did was to use a location block to return a nasty jpg to all 
> requests that match their requests.
> 
> location ~ /part-of-encoded-URL {
> rewrite ^(.*)$ /bandwidth-leech.jpg permanent;
> }
> 
> You can see the results. The requests went away completely after a short 
> while.
> 
> I initially tried using the HTTP Referer Module but it seems it is 
> designed to require a list of valid referrers and others default to 
> invalid. Given the nature of my app, pretty much all referring sites are 
> "valid" and I would rather be able to list "invalid_referers", perhaps 
> in "http" section. Then I could add them to my list as they arose, and 
> not need a location block for each, in each server. If there's a way to 
> do this, I missed it in the Wiki and the Russian docs.

server {

    location /... {

        if ($http_referer ~ ^http://(bad.site|another.bas.site) {
            rewrite ^(.*)$ /bandwidth-leech.jpg permanent;
        }

        ...
    }
}

This is a case when if/rewrite are good.


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Thu Jul 30 18:25:56 2009
From: nginx-forum at nginx.us (holstebm)
Date: Thu, 30 Jul 2009 10:25:56 -0400
Subject: try_files problem
In-Reply-To: <20090728091226.GN1240@forum.nginx.org>
References: <27e1e346bb11d91ee243a6d31a094fde.NginxMailingList@forum.nginx.org> <20090728085915.GM1240@mdounin.ru> <20090728091226.GN1240@forum.nginx.org>
Message-ID: <c4a76560a451fa8651e66b75952f1e6e.NginxMailingList@forum.nginx.org>

Maxim Dounin Wrote:
-------------------------------------------------------
> Hello!
> 
> On Tue, Jul 28, 2009 at 12:59:15PM +0400, Maxim
> Dounin wrote:
> 
> > Hello!
> > 
> > On Tue, Jul 28, 2009 at 01:43:57AM -0400,
> holstebm wrote:
> > 
> > > I can't get the following to work and, after
> reading and re-reading all the documentation I
> could find, am not sure if this is a bug or a
> restriction.
> > > 
> > > try_files @nocache @cache;
> > > 
> > > The thought here is @nocache will succeed if a
> cookie is present and @cache will succeed if not.
> > 
> > Try_files doesn't work this way.  It checks
> *files* and uses 
> > fallback in no one was found:
> > 
> > try_files /file1 /file2 @fallback;
> > 
> > Looks like
> > 
> >
> http://wiki.nginx.org/NginxHttpCoreModule#try_file
> s 
> > 
> > has wrong description and should be
> re-translated from scratch. 
> 
> Just a note: it looks like description was changed
> to wrong one by 
> Merlincorey at 2009-07-14.  I've reverted this
> change and at least 
> it doesn't plain wrong now.
> 
> Note that original documentation has much more
> examples and covers 
> a bit more features of try_files (testing
> directories, ability to 
> return error code in 0.7.51+).  So we still need
> good translation 
> here.
> 
> Maxim Dounin
> 

Thanks for the insight!  I guess I was looking at these locations as 'virtual files and directories' and, therefore, didn't make the distinction
.
I think I understand the documentation provided but one thing is still unclear to me; How is the remaining directives in the block treated when there is a try_files at the beginning of the block?

If try_files skips the remainder of the containing block upon success, I have a follow-up.

 Is there an easy way to eliminate the 2 or more argument restriction in try_files?  I've tried looking at the source but can't identify the arg checking or if the loop used for the files must run at least once (ala repeat....until type logic) in order to function.

For instance, this seems to work but I am forced to use an invalid file location - suggesting skipping remaining block upon try_files success:

    location ~ \.php$ {
      try_files /invalid @nocache;

      fastcgi_index index.php;
      fastcgi_cache default;
      fastcgi_cache_key $host$uri$args;
      ...
      fastcgi_pass	unix:xxxx;
    }

   location @nocache {
      fastcgi_index index.php;
      ...
      if(  ) {
        fastcgi_pass	unix:xxxx;
      }
   }

Employing the /invalid is clumsy due to the two argument rule.  Otherwise this works as expected using the fastcgi_cache in the try_files containing block only if the  is not met.

I can do the patch myself if someone could point me in the right direction here.  Thanks, again!

Bret Holstein

> > For a while use original documentation in
> Russian:
> > 
> >
> http://sysoev.ru/nginx/docs/http/ngx_http_core_mod
> ule.html#try_files
> > 
> > (try google translate if you have problems with
> Russian).
> > 
> > Maxim Dounin
> > 
> > > 
> > > The problem is, the first argument seems to be
> ignored.  I say that because, if I change JUST the
> try_files without changing any other lines in the
> configuration I get two different results.  In
> each case, the final argument in the try_files is
> always reached...cache displaying correctly when
> there is no cookie and a blank page if there is a
> cookie while try_files @cache @nocache displays
> correctly when there is a cookie but a blank page
> if there is not.
> > > 
> > > So is this a restriction or a bug on using
> internal locations in try_files?
> > > 
> > > Posted at Nginx Forum:
> http://forum.nginx.org/read.php?2,4504,4504#msg-45
> 04
> > > 
> > >

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4504,4534#msg-4534





From nginx-forum at nginx.us  Thu Jul 30 19:20:59 2009
From: nginx-forum at nginx.us (nabeel)
Date: Thu, 30 Jul 2009 11:20:59 -0400
Subject: 502 bad gateway with multiple file upload
Message-ID: <c71a2214a200bf21ecd1ef454edaa8ca.NginxMailingList@forum.nginx.org>

Hey guys,

I keep getting:

recv() failed (104: Connection reset by peer) while reading response header from upstream

But only when uploading, more than one file at a time. They're just small images.
I'm scratching my head on this one. I had this problem before, doing this (http://www.urbanpuddle.com/articles/2008/05/17/solve-104-connection-reset-by-peer) had fixed it before, but now it seems back again. If anyone wants 

top does show the 4 php-cgi processes running. Restarting them/restarting nginx does no good. Frees up alot of ram though :) I bumped this upto 8 processes for php-fcgi, but had no effect.

To spawn PHP f-cgi, I can't quite remember, but I'm using a startup script (which I can post), which I think was the one that came with PHP, it wasn't the spawn-fcgi ( should have written down all the steps I did to install)

The only thing "custom compiled" by me was nginx, running 0.7.61, a bit ahead of the aptitude copy. Not sure if nginx is the problem though. Running Ubuntu 9.04, on a VPS with Slicehost.

The exact errors.. (replaced the domain with **)

2009/07/29 23:20:51  1155#0: *1 a client request body is buffered to a temporary file /etc/nginx/client_body_temp/0000000000, client: 67.87.69.128, server: **, request: "POST /profile/editairline HTTP/1.1", host: "**", referrer: "http://**/profile/editairline/1"

2009/07/29 23:20:53  1155#0: *1 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 67.87.69.128, server: **, request: "POST /profile/editairline HTTP/1.1", upstream: "fastcgi://127.0.0.1:9000", host: "**", referrer: "http://**/profile/editairline/1"


So, any ideas? Thanks!!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4618,4618#msg-4618





From dale.gallagher at gmail.com  Thu Jul 30 20:10:30 2009
From: dale.gallagher at gmail.com (Dale Gallagher)
Date: Thu, 30 Jul 2009 18:10:30 +0200
Subject: matching on server_name was: (Issue with variables in access_log and 
	error_log)
Message-ID: <3304ce0e0907300910k7c4c155emc62ab97b04af0a93@mail.gmail.com>

Thanks for the responses.
However, a new issue has surfaced, hence the subject change ...

2009/7/29 Igor Sysoev <is at rambler-co.ru>:
> Since 0.7.44 you may use
>
> ? ? ?server_name ?~^(w{3}\.)?(.*)$;
> ? ? ?set ? $domain ?$2;

Unfortunately, on start-up, nginx exits with the error:

  [emerg]: directive "server_name" is not terminated by ";"

Yes, I did double-check that the trailing ; existed.

So, I then tried:

  server_name ~ "^(w{3}\.)?(.*)$";

which didn't cause nginx to exit, but all requests result in:

  502 Bad Gateway

Any ideas as to what might be wrong with the suggested config?

Thanks.




From mike503 at gmail.com  Thu Jul 30 20:47:37 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Thu, 30 Jul 2009 09:47:37 -0700
Subject: mogilefs module 1.0.2
In-Reply-To: <4A71859A.5000301@grid.net.ru>
References: <DC8DE022-3506-41DC-BDB9-561AFA198D6D@gmail.com>
	 <15925554.211248778517254.JavaMail.root@zone.mtgsy.net>
	 <bd9320b30907281014s76684d75h96b99412546d7fc6@mail.gmail.com>
	 <4A71859A.5000301@grid.net.ru>
Message-ID: <bd9320b30907300947u33de1f0i51063430dbeeca52@mail.gmail.com>

On Thu, Jul 30, 2009 at 4:35 AM, Valery
Kholodkov<valery+nginxen at grid.net.ru> wrote:

>> Well, yeah, but then you have to make sure all your max_size's are
>> bumped up etc (I assume) and that's one thing I wouldn't want to mess
>> with continuously.
>
> I don't understand, sorry. What do you mean?

PHP file upload sizes, post sizes, etc. However teamed up with an idea
like the Gears uploader, small POST packets work great! That's one
reason I said "no" to PUT as it requires an applet usually to function
like an uploader with some sort of progress/feedback/etc.




From mike503 at gmail.com  Thu Jul 30 20:51:42 2009
From: mike503 at gmail.com (Michael Shadle)
Date: Thu, 30 Jul 2009 09:51:42 -0700
Subject: mogilefs module 1.0.2
In-Reply-To: <4A7175C2.7030704@grid.net.ru>
References: <3DEDDBC4-B8AD-4496-BE98-AA41430776F1@gmail.com>
	 <10070418.181248777950714.JavaMail.root@zone.mtgsy.net>
	 <bd9320b30907281016s4a6451m61b255d291e6c402@mail.gmail.com>
	 <4A7175C2.7030704@grid.net.ru>
Message-ID: <bd9320b30907300951n6c76308j8e872d62b57d9334@mail.gmail.com>

On Thu, Jul 30, 2009 at 3:28 AM, Valery
Kholodkov<valery+nginxen at grid.net.ru> wrote:

>> Isn't the number of replicas defined when you use mogadm/etc. to
>> define a new domain? (I think replicas is a domain property)
>
> It seems to me that it is a property of a class.

You're right. It's been a while since I've messed with mogilefs. :)

I'm not sure how that maps then into a domain or what; I was simply
thinking of allowing mogilefs itself to do the replication for you.

> There is a problem. The longer the file is the more is the probability that
> storage node will fail during upload. At some installations it will be
> cheaper to make multiple replicas instead of investing into reliability of
> every node and the infrastructure in general.

This is true. Which is why if mogilefs will do it for you, I say let
it do it. Just get it safely into the system once. :)




From is at rambler-co.ru  Thu Jul 30 20:47:16 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 30 Jul 2009 20:47:16 +0400
Subject: matching on server_name was: (Issue with variables in access_log and error_log)
In-Reply-To: <3304ce0e0907300910k7c4c155emc62ab97b04af0a93@mail.gmail.com>
References: <3304ce0e0907300910k7c4c155emc62ab97b04af0a93@mail.gmail.com>
Message-ID: <20090730164716.GA86896@rambler-co.ru>

On Thu, Jul 30, 2009 at 06:10:30PM +0200, Dale Gallagher wrote:

> Thanks for the responses.
> However, a new issue has surfaced, hence the subject change ...
> 
> 2009/7/29 Igor Sysoev <is at rambler-co.ru>:
> > Since 0.7.44 you may use
> >
> > ? ? ?server_name ?~^(w{3}\.)?(.*)$;
> > ? ? ?set ? $domain ?$2;
> 
> Unfortunately, on start-up, nginx exits with the error:
> 
>   [emerg]: directive "server_name" is not terminated by ";"
> 
> Yes, I did double-check that the trailing ; existed.

Yes, this is because of "{" in regex. nginx treats this like

   server_name ~^(w {

> So, I then tried:
> 
>   server_name ~ "^(w{3}\.)?(.*)$";

This is right way.

> which didn't cause nginx to exit, but all requests result in:
> 
>   502 Bad Gateway
> 
> Any ideas as to what might be wrong with the suggested config?

What is in error_log ?


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Thu Jul 30 21:23:52 2009
From: nginx-forum at nginx.us (CactO_o's)
Date: Thu, 30 Jul 2009 13:23:52 -0400
Subject: [Rewrite] Url - rewriting
Message-ID: <f87f9046719b5cd780868a8bab42c24e.NginxMailingList@forum.nginx.org>

Hi all,

In first, i'm french and I don't speak english very well, so I hope you understand me =] 

So, I want redirect the Html page to index.php with GET argument, in this model :

http://www.domaine.tlm/.html => http://www.domaine.tlm/index.php?page=

I have do that  


server 
{
[...]
        location ~ .html$ {
                rewrite ^/(.*).html$ /index.php?page=$1;
        }
}


Another, I want rewrite the sub-domain if host ISN'T address IP :

http://.domaine.tlm/ => http://www.domaine.tlm/?sd=

For example,

- if  is html page :
http://.domaine.tlm/example.html => http://www.domaine.tlm/index.php?sd=&page=exemple

- if  is php script : 
http://.domaine.tlm/php/script.php?arg=get => http://www.domaine.tlm/php/script.php?sd=&arg=get

So I have write that  


server
{
        location / {
                root   /var/www/kreatoo;
                index  index.html index.htm index.php;

                if ( $host !~*  "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" )
                {
                         if ( $host ~* "(.*)\.*\.{2,4}" )
                         {
                                 set $sd $1;
                                rewrite ^(.*)$ http://www.domaine.tlm/index.php?sd=$sd
                         }
                }
        }

        [...]
}


But don't functionality !

Can you help me please ?

Thank you all !

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4619,4619#msg-4619





From jim at ohlste.in  Thu Jul 30 21:34:48 2009
From: jim at ohlste.in (Jim Ohlstein)
Date: Thu, 30 Jul 2009 13:34:48 -0400
Subject: HTTP Referer Module
In-Reply-To: <20090730135444.GP76511@rambler-co.ru>
References: <4A71A479.3000502@ohlste.in> <20090730135444.GP76511@rambler-co.ru>
Message-ID: <4A71D9B8.4070207@ohlste.in>

Igor Sysoev wrote:
> On Thu, Jul 30, 2009 at 09:47:37AM -0400, Jim Ohlstein wrote:
>
>   
>> Hello,
>>
>> We just went through a period where someone was seriously leeching 
>> bandwidth. See the attached graph. It started just after midnight and I 
>> noticed it this morning and took care of it.
>>
>> We run a proxy on that server and someone was referring requests for 
>> YouTube videos on their site to be served via our proxy.
>>
>> What I did was to use a location block to return a nasty jpg to all 
>> requests that match their requests.
>>
>> location ~ /part-of-encoded-URL {
>> rewrite ^(.*)$ /bandwidth-leech.jpg permanent;
>> }
>>
>> You can see the results. The requests went away completely after a short 
>> while.
>>
>> I initially tried using the HTTP Referer Module but it seems it is 
>> designed to require a list of valid referrers and others default to 
>> invalid. Given the nature of my app, pretty much all referring sites are 
>> "valid" and I would rather be able to list "invalid_referers", perhaps 
>> in "http" section. Then I could add them to my list as they arose, and 
>> not need a location block for each, in each server. If there's a way to 
>> do this, I missed it in the Wiki and the Russian docs.
>>     
>
> server {
>
>     location /... {
>
>         if ($http_referer ~ ^http://(bad.site|another.bas.site) {
>             rewrite ^(.*)$ /bandwidth-leech.jpg permanent;
>         }
>
>         ...
>     }
> }
>
> This is a case when if/rewrite are good.
>   
I don't think I ever expected to "hear" you say that.

Thank you Igor.

Jim





From is at rambler-co.ru  Thu Jul 30 21:42:31 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 30 Jul 2009 21:42:31 +0400
Subject: HTTP Referer Module
In-Reply-To: <4A71D9B8.4070207@ohlste.in>
References: <4A71A479.3000502@ohlste.in> <20090730135444.GP76511@rambler-co.ru> <4A71D9B8.4070207@ohlste.in>
Message-ID: <20090730174231.GA87141@rambler-co.ru>

On Thu, Jul 30, 2009 at 01:34:48PM -0400, Jim Ohlstein wrote:

> Igor Sysoev wrote:
> >On Thu, Jul 30, 2009 at 09:47:37AM -0400, Jim Ohlstein wrote:
> >
> >  
> >>Hello,
> >>
> >>We just went through a period where someone was seriously leeching 
> >>bandwidth. See the attached graph. It started just after midnight and I 
> >>noticed it this morning and took care of it.
> >>
> >>We run a proxy on that server and someone was referring requests for 
> >>YouTube videos on their site to be served via our proxy.
> >>
> >>What I did was to use a location block to return a nasty jpg to all 
> >>requests that match their requests.
> >>
> >>location ~ /part-of-encoded-URL {
> >>rewrite ^(.*)$ /bandwidth-leech.jpg permanent;
> >>}
> >>
> >>You can see the results. The requests went away completely after a short 
> >>while.
> >>
> >>I initially tried using the HTTP Referer Module but it seems it is 
> >>designed to require a list of valid referrers and others default to 
> >>invalid. Given the nature of my app, pretty much all referring sites are 
> >>"valid" and I would rather be able to list "invalid_referers", perhaps 
> >>in "http" section. Then I could add them to my list as they arose, and 
> >>not need a location block for each, in each server. If there's a way to 
> >>do this, I missed it in the Wiki and the Russian docs.
> >>    
> >
> >server {
> >
> >    location /... {
> >
> >        if ($http_referer ~ ^http://(bad.site|another.bas.site) {
> >            rewrite ^(.*)$ /bandwidth-leech.jpg permanent;
> >        }
> >
> >        ...
> >    }
> >}
> >
> >This is a case when if/rewrite are good.
> >  
> I don't think I ever expected to "hear" you say that.
> 
> Thank you Igor.

There are two cases when "if" works as everyone may expect:

   if (...) {
       rewrite  ...  last|redirect|permanent;
   }

and

   if (...) {
       return  ...;
   }


-- 
Igor Sysoev
http://sysoev.ru/en/




From nginx-forum at nginx.us  Thu Jul 30 22:03:04 2009
From: nginx-forum at nginx.us (CactO_o's)
Date: Thu, 30 Jul 2009 14:03:04 -0400
Subject: [Rewrite] Url - rewriting
In-Reply-To: <f87f9046719b5cd780868a8bab42c24e.NginxMailingList@forum.nginx.org>
References: <f87f9046719b5cd780868a8bab42c24e.NginxMailingList@forum.nginx.org>
Message-ID: <002c7b5e1f4637e0884eafaa77e1fb6a.NginxMailingList@forum.nginx.org>

Sorry I have forget information !! 

When I want to restart Nginx I have error :


Bender:~# /etc/init.d/nginx restart
Restarting nginx: 2009/07/30 18:35:44  2646#0: "if" directive is not allowed here in /etc/nginx/sites-enabled/default:24
nginx.

if ( $host ~* "(.*)\.(*\.{2,4})" ) ]

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4619,4626#msg-4626





From nginx-forum at nginx.us  Thu Jul 30 22:03:34 2009
From: nginx-forum at nginx.us (CactO_o's)
Date: Thu, 30 Jul 2009 14:03:34 -0400
Subject: [Rewrite] Url - rewriting
In-Reply-To: <f87f9046719b5cd780868a8bab42c24e.NginxMailingList@forum.nginx.org>
References: <f87f9046719b5cd780868a8bab42c24e.NginxMailingList@forum.nginx.org>
Message-ID: <fcfc6931c13a1f091f14ca709021777f.NginxMailingList@forum.nginx.org>

Sorry I have forget information !! 

When I want to restart Nginx I have error :


Bender:~# /etc/init.d/nginx restart
Restarting nginx: 2009/07/30 18:35:44  2646#0: "if" directive is not allowed here in /etc/nginx/sites-enabled/default:24
nginx.

if ( $host ~* "(.*)\.(*\.{2,4})" ) ]

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4619,4627#msg-4627





From nginx-forum at nginx.us  Thu Jul 30 22:04:43 2009
From: nginx-forum at nginx.us (shaktale)
Date: Thu, 30 Jul 2009 14:04:43 -0400
Subject: custom 404 nginx + php-fpm
In-Reply-To: <2d6017ad5e69f0f52652525fea67663e.NginxMailingList@forum.nginx.org>
References: <2d6017ad5e69f0f52652525fea67663e.NginxMailingList@forum.nginx.org>
Message-ID: <51a21b5a036f77fd83833e936af0f9ed.NginxMailingList@forum.nginx.org>


Probably yuo need somthing like this:

location ~ ^.+\.(js|jpe?g|gif|png|css)$ {
try_files $uri /index.php;
expires 1d;
}

loaction ~ ^/(.+)_(.+)/(.+)/$ {
fastcgi_pass 127.0.0.1:9000;
include /usr/local/nginx/conf/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /path/to/index.php;
fastcgi_param SCRIPT_NAME /index.php;
fastcgi_param PATH_INFO /action1/$1/action2/$2/action3/$3;
}

location ~ ^(/.+_.+/.+)([^/])$ {
rewrite ^(/.+_.+/.+)([^/])$ $1$2/ permanent;
}

location ~ ^.+\.php$ {
try_files $uri /index.php?$args;

fastcgi_pass 127.0.0.1:9000;
include /usr/local/nginx/conf/fastcgi_params;
fastcgi_param SCRIPT_FILENAME /path/to$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
}

location / {
try_files $uri /index.php?$args;
}


This works fine, thank you.

Is there any difference (in performance or so) if I do:


location / { 
    rewrite ^(/.+_.+/.+)([^/])$ $1$2/ permanent;
    try_files $uri /index.php?$args;
}



instead of:


location ~ ^(/.+_.+/.+)([^/])$ {
rewrite ^(/.+_.+/.+)([^/])$ $1$2/ permanent;
}


Thanks again.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4556,4628#msg-4628





From is at rambler-co.ru  Thu Jul 30 22:23:51 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 30 Jul 2009 22:23:51 +0400
Subject: [Rewrite] Url - rewriting
In-Reply-To: <f87f9046719b5cd780868a8bab42c24e.NginxMailingList@forum.nginx.org>
References: <f87f9046719b5cd780868a8bab42c24e.NginxMailingList@forum.nginx.org>
Message-ID: <20090730182351.GB87141@rambler-co.ru>

On Thu, Jul 30, 2009 at 01:23:52PM -0400, CactO_o's wrote:

> Hi all,
> 
> In first, i'm french and I don't speak english very well, so I hope you understand me =] 
> 
> So, I want redirect the Html page to index.php with GET argument, in this model :
> 
> http://www.domaine.tlm/.html => http://www.domaine.tlm/index.php?page=
> 
> I have do that  
> 
> 
> server 
> {
> [...]
>         location ~ .html$ {
>                 rewrite ^/(.*).html$ /index.php?page=$1;
>         }
> }
> 
> 
> Another, I want rewrite the sub-domain if host ISN'T address IP :
> 
> http://.domaine.tlm/ => http://www.domaine.tlm/?sd=
> 
> For example,
> 
> - if  is html page :
> http://.domaine.tlm/example.html => http://www.domaine.tlm/index.php?sd=&page=exemple
> 
> - if  is php script : 
> http://.domaine.tlm/php/script.php?arg=get => http://www.domaine.tlm/php/script.php?sd=&arg=get
> 
> So I have write that  
> 
> 
> server
> {
>         location / {
>                 root   /var/www/kreatoo;
>                 index  index.html index.htm index.php;
> 
>                 if ( $host !~*  "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" )
>                 {
>                          if ( $host ~* "(.*)\.*\.{2,4}" )
>                          {
>                                  set $sd $1;
>                                 rewrite ^(.*)$ http://www.domaine.tlm/index.php?sd=$sd
>                          }
>                 }
>         }
> 
>         [...]
> }
> 
> 
> But don't functionality !
> 
> Can you help me please ?
> 
> Thank you all !

server {
    server_name  domain.tlm;

    location / {
        rewrite ^/(.*).html$ http://www.domain.tlm/index.php?sd=&page=$1;
    }

    location /php/ {
        rewrite ^/(.*).html$ http://www.domain.tlm/index.php?sd=;
    }

    return 404;
}

server {
    server_name  www.domain.tlm;

    location ~ \.html$ {
        rewrite ^/(.*).html$ http://www.domain.tlm/index.php?page=$1;
    }

    ...
}


-- 
Igor Sysoev
http://sysoev.ru/en/




From admin at agonija.eu  Thu Jul 30 22:28:49 2009
From: admin at agonija.eu (Andrius Semionovas)
Date: Thu, 30 Jul 2009 21:28:49 +0300
Subject: [Rewrite] Url - rewriting
In-Reply-To: <f87f9046719b5cd780868a8bab42c24e.NginxMailingList@forum.nginx.org>
References: <f87f9046719b5cd780868a8bab42c24e.NginxMailingList@forum.nginx.org>
Message-ID: <op.uxv8abff8h71dt@neworld-pc>

so you need merge

if ( $host !~*  "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}" )

and

if ( $host ~* "(.*)\.*\.{2,4}" )

On Thu, 30 Jul 2009 20:23:52 +0300, CactO_o's <nginx-forum at nginx.us> wrote:

> if ( $host ~* "(.*)\.*\.{2,4}" )






From is at rambler-co.ru  Thu Jul 30 22:28:41 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 30 Jul 2009 22:28:41 +0400
Subject: custom 404 nginx + php-fpm
In-Reply-To: <51a21b5a036f77fd83833e936af0f9ed.NginxMailingList@forum.nginx.org>
References: <2d6017ad5e69f0f52652525fea67663e.NginxMailingList@forum.nginx.org> <51a21b5a036f77fd83833e936af0f9ed.NginxMailingList@forum.nginx.org>
Message-ID: <20090730182841.GC87141@rambler-co.ru>

On Thu, Jul 30, 2009 at 02:04:43PM -0400, shaktale wrote:

> 
> Probably yuo need somthing like this:
> 
> location ~ ^.+\.(js|jpe?g|gif|png|css)$ {
> try_files $uri /index.php;
> expires 1d;
> }
> 
> loaction ~ ^/(.+)_(.+)/(.+)/$ {
> fastcgi_pass 127.0.0.1:9000;
> include /usr/local/nginx/conf/fastcgi_params;
> fastcgi_param SCRIPT_FILENAME /path/to/index.php;
> fastcgi_param SCRIPT_NAME /index.php;
> fastcgi_param PATH_INFO /action1/$1/action2/$2/action3/$3;
> }
> 
> location ~ ^(/.+_.+/.+)([^/])$ {
> rewrite ^(/.+_.+/.+)([^/])$ $1$2/ permanent;
> }
> 
> location ~ ^.+\.php$ {
> try_files $uri /index.php?$args;
> 
> fastcgi_pass 127.0.0.1:9000;
> include /usr/local/nginx/conf/fastcgi_params;
> fastcgi_param SCRIPT_FILENAME /path/to$fastcgi_script_name;
> fastcgi_param SCRIPT_NAME $fastcgi_script_name;
> }
> 
> location / {
> try_files $uri /index.php?$args;
> }
> 
> 
> This works fine, thank you.
> 
> Is there any difference (in performance or so) if I do:
> 
> 
> location / { 
>     rewrite ^(/.+_.+/.+)([^/])$ $1$2/ permanent;
>     try_files $uri /index.php?$args;
> }
> 
> 
> 
> instead of:
> 
> 
> location ~ ^(/.+_.+/.+)([^/])$ {
> rewrite ^(/.+_.+/.+)([^/])$ $1$2/ permanent;
> }
> 
> 
> Thanks again.

In this case probably. Your variant may be even faster: one regex instead
of two.


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Thu Jul 30 23:00:33 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Thu, 30 Jul 2009 23:00:33 +0400
Subject: try_files problem
In-Reply-To: <c4a76560a451fa8651e66b75952f1e6e.NginxMailingList@forum.nginx.org>
References: <27e1e346bb11d91ee243a6d31a094fde.NginxMailingList@forum.nginx.org> <20090728085915.GM1240@mdounin.ru> <20090728091226.GN1240@forum.nginx.org> <c4a76560a451fa8651e66b75952f1e6e.NginxMailingList@forum.nginx.org>
Message-ID: <20090730190033.GD87141@rambler-co.ru>

On Thu, Jul 30, 2009 at 10:25:56AM -0400, holstebm wrote:

> Maxim Dounin Wrote:
> -------------------------------------------------------
> > Hello!
> > 
> > On Tue, Jul 28, 2009 at 12:59:15PM +0400, Maxim
> > Dounin wrote:
> > 
> > > Hello!
> > > 
> > > On Tue, Jul 28, 2009 at 01:43:57AM -0400,
> > holstebm wrote:
> > > 
> > > > I can't get the following to work and, after
> > reading and re-reading all the documentation I
> > could find, am not sure if this is a bug or a
> > restriction.
> > > > 
> > > > try_files @nocache @cache;
> > > > 
> > > > The thought here is @nocache will succeed if a
> > cookie is present and @cache will succeed if not.
> > > 
> > > Try_files doesn't work this way.  It checks
> > *files* and uses 
> > > fallback in no one was found:
> > > 
> > > try_files /file1 /file2 @fallback;
> > > 
> > > Looks like
> > > 
> > >
> > http://wiki.nginx.org/NginxHttpCoreModule#try_file
> > s 
> > > 
> > > has wrong description and should be
> > re-translated from scratch. 
> > 
> > Just a note: it looks like description was changed
> > to wrong one by 
> > Merlincorey at 2009-07-14.  I've reverted this
> > change and at least 
> > it doesn't plain wrong now.
> > 
> > Note that original documentation has much more
> > examples and covers 
> > a bit more features of try_files (testing
> > directories, ability to 
> > return error code in 0.7.51+).  So we still need
> > good translation 
> > here.
> > 
> > Maxim Dounin
> > 
> 
> Thanks for the insight!  I guess I was looking at these locations as 'virtual files and directories' and, therefore, didn't make the distinction
> .
> I think I understand the documentation provided but one thing is still unclear to me; How is the remaining directives in the block treated when there is a try_files at the beginning of the block?

First, directive order usually has no meaning. There is no difference between

     location ~ \.php$ {
       try_files $uri @fallback;
 
       fastcgi_index index.php;
       fastcgi_cache default;
       fastcgi_cache_key $host$uri$args;
       ...
       fastcgi_pass	unix:xxxx;
     }

and

     location ~ \.php$ {
       fastcgi_index index.php;
       fastcgi_cache default;
       fastcgi_cache_key $host$uri$args;
       ...
       fastcgi_pass	unix:xxxx;

       try_files $uri @fallback;
     }

> If try_files skips the remainder of the containing block upon success, I have a follow-up.
> 
>  Is there an easy way to eliminate the 2 or more argument restriction in try_files?  I've tried looking at the source but can't identify the arg checking or if the loop used for the files must run at least once (ala repeat....until type logic) in order to function.
> 
> For instance, this seems to work but I am forced to use an invalid file location - suggesting skipping remaining block upon try_files success:
> 
>     location ~ \.php$ {
>       try_files /invalid @nocache;
> 
>       fastcgi_index index.php;
>       fastcgi_cache default;
>       fastcgi_cache_key $host$uri$args;
>       ...
>       fastcgi_pass	unix:xxxx;
>     }
> 
>    location @nocache {
>       fastcgi_index index.php;
>       ...
>       if(  ) {
>         fastcgi_pass	unix:xxxx;
>       }
>    }

Your configuration is the same as

     location ~ \.php$ {
       fastcgi_index index.php;
       ...
       if(  ) {
         fastcgi_pass	unix:xxxx;
       }
    }

if the /invalid existance test fails always.

> Employing the /invalid is clumsy due to the two argument rule.  Otherwise this works as expected using the fastcgi_cache in the try_files containing block only if the  is not met.
> 
> I can do the patch myself if someone could point me in the right direction here.  Thanks, again!
> 
> Bret Holstein
> 
> > > For a while use original documentation in
> > Russian:
> > > 
> > >
> > http://sysoev.ru/nginx/docs/http/ngx_http_core_mod
> > ule.html#try_files
> > > 
> > > (try google translate if you have problems with
> > Russian).
> > > 
> > > Maxim Dounin
> > > 
> > > > 
> > > > The problem is, the first argument seems to be
> > ignored.  I say that because, if I change JUST the
> > try_files without changing any other lines in the
> > configuration I get two different results.  In
> > each case, the final argument in the try_files is
> > always reached...cache displaying correctly when
> > there is no cookie and a blank page if there is a
> > cookie while try_files @cache @nocache displays
> > correctly when there is a cookie but a blank page
> > if there is not.
> > > > 
> > > > So is this a restriction or a bug on using
> > internal locations in try_files?
> > > > 
> > > > Posted at Nginx Forum:
> > http://forum.nginx.org/read.php?2,4504,4504#msg-45
> > 04
> > > > 
> > > >
> 
> Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4504,4534#msg-4534
> 

-- 
Igor Sysoev
http://sysoev.ru/en/




From bhjackson at gmail.com  Fri Jul 31 00:47:45 2009
From: bhjackson at gmail.com (Benjamin Jackson)
Date: Thu, 30 Jul 2009 17:47:45 -0300
Subject: 400 errors for some clients: not related to buffer size and works 
	over HTTPS but not HTTP
Message-ID: <cb03bffe0907301347q30e3f1e9ua5a34ef7fbf20786@mail.gmail.com>

Has anyone seen anything like this before? We have no idea what's
going on. The buffers are set to 4/16k but still the client can't open
the site.

Thanks,

Ben




From apseudoutopia at gmail.com  Fri Jul 31 01:09:08 2009
From: apseudoutopia at gmail.com (APseudoUtopia)
Date: Thu, 30 Jul 2009 17:09:08 -0400
Subject: Alias in Nginx Config
In-Reply-To: <20090729085047.GC51147@rambler-co.ru>
References: <27ade5280907261107y4e2b4dd7x92d42cf24eccd454@mail.gmail.com> 
	<20090726192545.GB48529@rambler-co.ru> <27ade5280907281347m40e7f417i5f0e772a654bdaf0@mail.gmail.com> 
	<20090729085047.GC51147@rambler-co.ru>
Message-ID: <27ade5280907301409u5eff5126jd252ec91f0279344@mail.gmail.com>

2009/7/29 Igor Sysoev <is at rambler-co.ru>:
> On Tue, Jul 28, 2009 at 04:47:26PM -0400, APseudoUtopia wrote:
>
>> 2009/7/26 Igor Sysoev <is at rambler-co.ru>:
>> > On Sun, Jul 26, 2009 at 02:07:28PM -0400, APseudoUtopia wrote:
>> >
>> >> Hey list,
>> >>
>> >> How does one create an alias in nginx? Here's my setup:
>> >>
>> >> My web-root is /usr/local/www/main. It's a copy of a SVN repo, so I
>> >> cannot manually add any folders in there.
>> >> I want to make an alias from domain.com/wiki to /usr/local/www/wiki.
>> >> I've tried the following code:
>> >>
>> >> location = /wiki {
>> >> alias /usr/local/www/wiki;
>> >> }
>> >>
>> >> But this isn't working. nginx is returning a "404" error. Here's the
>> >> whole config for the server block:
>> >>
>> >> server {
>> >> ? ? set $web_root /usr/local/www/main;
>> >>
>> >> ? ? listen x.x.x.x:443 default accept_filter=httpready;
>> >> ? ? server_name domain.tld;
>> >> ? ? access_log /var/log/httpd/nginx.access.ssl.log main buffer=4k;
>> >> ? ? root $web_root;
>> >>
>> >> ? ? # www redirect
>> >> ? ? if ($host ~* www\.(.*)) {
>> >> ? ? ? ? rewrite ^(.*)$ https://domain.tld$1 permanent;
>> >> ? ? }
>> >>
>> >> ? ? ssl on;
>> >> ? ? ssl_certificate /usr/local/etc/nginx/ssl.crt;
>> >> ? ? ssl_certificate_key /usr/local/etc/nginx/ssl.key;
>> >> ? ? ssl_ciphers -ALL:!ADH:!NULL:!aNULL:!eNULL:HIGH;
>> >> ? ? ssl_prefer_server_ciphers on;
>> >> ? ? ssl_protocols SSLv3 TLSv1;
>> >> ? ? ssl_verify_client off;
>> >> ? ? ssl_verify_depth 1;
>> >> ? ? ssl_session_cache shared:NGXSSL:1m;
>> >> ? ? ssl_session_timeout 5m;
>> >>
>> >> ? ? # Wiki
>> >> ? ? location = /wiki/ {
>> >> ? ? ? ? alias /usr/local/www/skittles_wiki/;
>> >> ? ? }
>> >>
>> >> ? ? location ~ .*\.php$ {
>> >> ? ? ? ? try_files $uri /404.html;
>> >> ? ? ? ? fastcgi_index index.php;
>> >> ? ? ? ? fastcgi_ignore_client_abort off;
>> >> ? ? ? ? fastcgi_intercept_errors off;
>> >> ? ? ? ? fastcgi_pass 127.0.0.1:9000;
>> >> ? ? ? ? fastcgi_read_timeout 10; # sec to wait for php-cgi to return data
>> >> ? ? ? ? fastcgi_param SCRIPT_FILENAME $web_root$fastcgi_script_name;
>> >> ? ? ? ? include /usr/local/etc/nginx/fastcgi_params;
>> >> ? ? }
>> >> }
>> >
>> > Frist, this
>> >
>> > ? ? # www redirect
>> > ? ? if ($host ~* www\.(.*)) {
>> > ? ? ? ? rewrite ^(.*)$ https://domain.tld$1 permanent;
>> > ? ? }
>> >
>> > should be written as separate server:
>> >
>> > server {
>> > ? ? server_name www.domain.tld;
>> >
>> > ? ? rewrite ^(.*)$ https://domain.tld$1 permanent;
>> > }
>> >
>> > Second, "set" in
>> >
>> > ? ? set $web_root /usr/local/www/main;
>> > ? ? ...
>> > ? ? root $web_root;
>> > ? ? ...
>> > ? ? ? ? fastcgi_param SCRIPT_FILENAME $web_root$fastcgi_script_name;
>> >
>> > is just waste of CPU cycles and should be changed to
>> >
>> > ? ? root /usr/local/www/main;
>> > ? ? ...
>> > ? ? ? ? fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
>> >
>> > As to wiki, you need to omit "=":
>> >
>> > ? ? location /wiki/ {
>> > ? ? ? ? alias /usr/local/www/skittles_wiki/;
>> > ? ? }
>> >
>> >
>> > --
>> > Igor Sysoev
>> > http://sysoev.ru/en/
>> >
>> >
>>
>> Thanks for the quick reply Igor. However, the changes don't seem to
>> make any difference; I'm still getting the 404 error. After playing
>> around with my configuration, it seems to be related to the try_files
>> inside the "location ~ .*\.php$" block. Do you (or anyone else) know
>> of a way I can solve this? It's a big confusing.
>
> What is in error_log ?
>
>
> --
> Igor Sysoev
> http://sysoev.ru/en/
>
>

This is in the error log:

2009/07/30 21:07:18 [error] 85246#0: *3 open()
"/usr/local/www/main/404.html" failed (2: No such file or directory),
client: x.x.x.119, server: domain.tld, request: "GET /wiki/ HTTP/1.1",
host: "domain.tld"
2009/07/30 21:07:18 [error] 85246#0: *3 open()
"/usr/local/www/main/404.html" failed (2: No such file or directory),
client: x.x.x.119, server: domain.tld, request: "GET /wiki/ HTTP/1.1",
host: "domain.tld"

This also leads me to believe that it has to do with try_files somehow.

Thanks again.




From cliff at develix.com  Fri Jul 31 02:32:14 2009
From: cliff at develix.com (Cliff Wells)
Date: Thu, 30 Jul 2009 15:32:14 -0700
Subject: Proxy pass, upstream and http/1.0
In-Reply-To: <e86948e513dadabdcddfb34e1fd97249.NginxMailingList@forum.nginx.org>
References: 	 <b1cd268b82a37d7dee966abe3b96be17.NginxMailingList@forum.nginx.org>
	 <1248906214.4336.7.camel@forum.nginx.org>
	 <610099ab7f3c2843950bef23825e9644.NginxMailingList@forum.nginx.org>
	 <1248943460.3944.12.camel@forum.nginx.org>
	 <e86948e513dadabdcddfb34e1fd97249.NginxMailingList@forum.nginx.org>
Message-ID: <1248993134.744.43.camel@portable-evil>

On Thu, 2009-07-30 at 06:10 -0400, komone wrote:
> Hi Cliff,
> 
> It seems I put you on the defensive a little, or sounded aggressive, neither of which was my intention. 

Not at all.   Neither did I intend to convey that sort of attitude in my
response.   Sorry if it came across that way.

> 
> Here's a little more detail (inline with your responses)...
> 
> Cliff Wells Wrote:
> > Many, if not most, people using Nginx are proxying
> > to application
> > servers (myself included).   
> 
> I am writing a web application server which is *intended* to run
> behind a proxy so that I can rely on delegating SSL/TLS, mail
> proxying, and (for the largest part, but not all), static file
> serving, rather than simply re-inventing the wheel.

Traditional (and good) thinking.   I suspected this would be your
approach, but didn't want to assume *too* much (I was making more than
enough assumptions already).

Okay, so here's my take on it:  the main benefits to HTTP/1.1 have to do
with reduced/optimized network traffic (ignoring chunked requests for
the moment).   This mainly revolves around persistent connections
combined with pipelining (persistent connections without pipelining
actually perform worse than HTTP/1.0 approach of concurrent
connections).   However, in your scenario, pipelining won't help much
because not all requests are sent to the backend.   Nginx (or whatever
proxy you choose) will be serving some (probably most) of the resources
itself.   There's additional overhead and complexity in maintaining a
persistent connection.   This is usually mitigated by requesting many
resources over the same connection.   The more resources you get at
once, the better.   But let's say that a page only has a single resource
that comes from the backend.   Now you've forced Nginx (and your app) to
incur the overhead of the persistent connection but have only transfered
a single request.   The performance will actually be significantly worse
than with an HTTP/1.0 request.   While it's true you'll still generate a
bit less TCP traffic, the actual request time will be higher.   

Even if most of the requests went 


> HTTP/1.0 is largely a dead protocol, and the only cases I can find
> that require 1.0 in this server are:
> 
> Lynx, Wget, and... NginX (which was to be my favored proxy)
> 
> ...I am currently returning 505 to 1.0 clients. The reasoning is that
> the applications this server is intended to host will be highly
> dynamic "web 2.0+" (tho I truly hate that pseudo-term), and I am
> stuggling to find a business use case that really justifies legacy 1.0
> support. I'd like to move away from the constraints of the 20th
> century but NginX could be the showstopper.

I think Maxim addressed this adequately.   

> > Without knowing a lot
> > about your particular
> > application, I'm still inclined to venture that
> > you are likely seriously
> > over-concerned about the direness of this
> > situation.   
> 
> This is quite possible, but I cannot test fully as yet.
> 
> > 
> > With a notable exception, most of the additional
> > benefits of HTTP/1.1
> > you list (copied/pasted directly from the W3C
> > page, I see) 
> > have little
> > positive effect on performance between a proxy and
> > a backend server that
> > exist on the same LAN or especially the same
> > machine.  They are mostly
> > of benefit between a server and a user-agent
> > (browser) or over
> > slower-than-LAN links.   Perhaps you should
> > provide your own, actual
> > reasons (or better yet, test results) that
> > demonstrate this is more than
> > an imagined fear.  I'm fully prepared to believe
> > that your app might
> > require HTTP/1.1, but copying reasons from the W3C
> > site isn't entirely
> > convincing.
> 
> true ..., however I'm concerned that more issues will raise their head
> further down the road and I don't want to paint myself into a
> corner... inability to do chunked transfers by itself seems to be good
> enough reason for concern to me.

And I'd concede that this may very well be the case.   If you're
dynamically generating some type of content, the size of which can't be
known in advance, then this may very well be a show-stopper.   Other
than that, I'm hard-pressed to find limitations in 1.0 that would affect
things significantly between the application and the proxy (once again
that Nginx *does* do 1.1 to the user agent, where it seems to provide
the greatest benefit).


> > 
> > No doubt there are many applications that would
> > benefit from things like
> > chunked responses (I believe range requests should
> > pass through
> > successfully, but haven't tested), 
> 
> I have my hands 110% full, but will likely be able to do that kind of
> testing later.However, note that this means I'm being asked to test
> other technologies rather than just my own, so frankly it's not going
> to be on my no.1 priority list and I may just have to go with a
> different front end recommendation at release.

Understood.   But remember that there's several very large installations
of Nginx (Hulu, Github, rambler.ru, Wordpress.org, etc) that seem to
work fine within this constraint.  

> > but unless you
> > are saying that you
> > have that sort of application, then I'd suggest
> > you simply test and see
> > if it works.   I've heard rumor that premature
> > optimization is the root
> > of a significant amount of fail ;-)
> 
> ..that is *without doubt* true. However, usually that is related to
> sequential code. There are design/structural limitations that should
> be addressed early, and support for HTTP/1.0 does have structural
> impact on the codebase.

Well, as Maxim pointed out, HTTP/1.0 is a subset of HTTP/1.1.   So you
have to implement it all in any case.   I'm not sure what level you're
programming your connections at (are you using an HTTP library? A web
framework?  Dealing with raw sockets?), but this will undoubtedly
determine how difficult much of this is and whether or not some
additional checks in the code for selecting protocol is worth it to you.

> > > The 1.0 constraint is pretty dire for me. Do I
> > have alternatives to
> > > proxy-pass/upstream that would allow me to use
> > Nginx or should I be
> > > looking at another HTTP server?
> > 
> > If you really believe you need HTTP/1.1 between
> > Nginx and the backend
> > (note that Nginx *does* support 1.1 to the
> > browser), then you'll need to
> > look elsewhere.  I believe that 1.1 support
> > between Nginx and backend is
> > in the works, but sadly it doesn't exist today.
> > 
> > Sorry that I can't give you something more
> > positive.   But I do
> > encourage you to not give up unless actual testing
> > (or some known
> > condition you haven't mentioned) demonstrates that
> > HTTP/1.0 is a
> > demonstrable failure for your application.
> 
> NP at all. A correct answer is worth 1000 answers that pander to some
> ideal or fantasy.

I (obviously) fully agree ;-)   

As an aside, I think if I weren't using Nginx, I'd probably consider
Litespeed (although I'm not 100% fond of its licensing nor
Apache-compatible configuration).   Someone also mentioned Cherokee, and
it is a very fast server.   However, IMO it's sort of the Marla Singer
of HTTP servers: fast and pretty, but also and schizoid and opaque.
I've never been able to figure out how to get it to do anything very
interesting (but the GUI is fun to click on).

In any case, good luck with your selection.

Regards,
Cliff
 
-- 
http://www.google.com/search?q=vonage+sucks





From nginx-forum at nginx.us  Fri Jul 31 05:33:34 2009
From: nginx-forum at nginx.us (flute)
Date: Thu, 30 Jul 2009 21:33:34 -0400
Subject: Increasing Memory Usage
In-Reply-To: <e867095505a5ec586ae0cce73084ef58.NginxMailingList@forum.nginx.org>
References: <e867095505a5ec586ae0cce73084ef58.NginxMailingList@forum.nginx.org>
Message-ID: <1debdeede85e7a2b8637c94e200ffff4.NginxMailingList@forum.nginx.org>

Thanks you for lgor and maxim.
Now i deleted the etag module and the problem have be solve.
but i have too questions :
1?
location / {
if ($request_method = POST) {
error_page 404 = /phppost;
}
if ($uri ~* \.html$) {
root /data/www/html;
return 0;
}
this config is work well.
I'm do not understand you say "And probably, this contstruction does not work at all:"
2?
how do i know the proxy_buffers is full.(or how i know the nginx need Increase proxy_buffers)

Thanks again

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4598,4641#msg-4641





From nginx-forum at nginx.us  Fri Jul 31 06:40:58 2009
From: nginx-forum at nginx.us (holstebm)
Date: Thu, 30 Jul 2009 22:40:58 -0400
Subject: try_files problem
In-Reply-To: <20090730190033.GD87141@forum.nginx.org>
References: <27e1e346bb11d91ee243a6d31a094fde.NginxMailingList@forum.nginx.org> <20090728085915.GM1240@mdounin.ru> <20090728091226.GN1240@forum.nginx.org> <c4a76560a451fa8651e66b75952f1e6e.NginxMailingList@forum.nginx.org> <20090730190033.GD87141@forum.nginx.org>
Message-ID: <e46e7cdd70846dc4c35aaed7d15d604b.NginxMailingList@forum.nginx.org>

Igor Sysoev Wrote:
-------------------------------------------------------
> On Thu, Jul 30, 2009 at 10:25:56AM -0400, holstebm
> wrote:
> 
> > Maxim Dounin Wrote:
> >
> --------------------------------------------------
> -----
> > > Hello!
> > > 
> > > On Tue, Jul 28, 2009 at 12:59:15PM +0400,
> Maxim
> > > Dounin wrote:
> > > 
> > > > Hello!
> > > > 
> > > > On Tue, Jul 28, 2009 at 01:43:57AM -0400,
> > > holstebm wrote:
> > > > 
> > > > > I can't get the following to work and,
> after
> > > reading and re-reading all the documentation
> I
> > > could find, am not sure if this is a bug or a
> > > restriction.
> > > > > 
> > > > > try_files @nocache @cache;
> > > > > 
> > > > > The thought here is @nocache will succeed
> if a
> > > cookie is present and @cache will succeed if
> not.
> > > > 
> > > > Try_files doesn't work this way.  It checks
> > > *files* and uses 
> > > > fallback in no one was found:
> > > > 
> > > > try_files /file1 /file2 @fallback;
> > > > 
> > > > Looks like
> > > > 
> > > >
> > >
> http://wiki.nginx.org/NginxHttpCoreModule#try_file
> 
> > > s 
> > > > 
> > > > has wrong description and should be
> > > re-translated from scratch. 
> > > 
> > > Just a note: it looks like description was
> changed
> > > to wrong one by 
> > > Merlincorey at 2009-07-14.  I've reverted
> this
> > > change and at least 
> > > it doesn't plain wrong now.
> > > 
> > > Note that original documentation has much
> more
> > > examples and covers 
> > > a bit more features of try_files (testing
> > > directories, ability to 
> > > return error code in 0.7.51+).  So we still
> need
> > > good translation 
> > > here.
> > > 
> > > Maxim Dounin
> > > 
> > 
> > Thanks for the insight!  I guess I was looking
> at these locations as 'virtual files and
> directories' and, therefore, didn't make the
> distinction
> > .
> > I think I understand the documentation provided
> but one thing is still unclear to me; How is the
> remaining directives in the block treated when
> there is a try_files at the beginning of the
> block?
> 
> First, directive order usually has no meaning.
> There is no difference between
> 
>      location ~ \.php$ {
>        try_files $uri @fallback;
>  
>        fastcgi_index index.php;
>        fastcgi_cache default;
>        fastcgi_cache_key $host$uri$args;
>        ...
>        fastcgi_pass	unix:xxxx;
>      }
> 
> and
> 
>      location ~ \.php$ {
>        fastcgi_index index.php;
>        fastcgi_cache default;
>        fastcgi_cache_key $host$uri$args;
>        ...
>        fastcgi_pass	unix:xxxx;
> 
>        try_files $uri @fallback;
>      }
> 
> > If try_files skips the remainder of the
> containing block upon success, I have a
> follow-up.
> > 
> >  Is there an easy way to eliminate the 2 or more
> argument restriction in try_files?  I've tried
> looking at the source but can't identify the arg
> checking or if the loop used for the files must
> run at least once (ala repeat....until type logic)
> in order to function.
> > 
> > For instance, this seems to work but I am forced
> to use an invalid file location - suggesting
> skipping remaining block upon try_files success:
> > 
> >     location ~ \.php$ {
> >       try_files /invalid @nocache;
> > 
> >       fastcgi_index index.php;
> >       fastcgi_cache default;
> >       fastcgi_cache_key $host$uri$args;
> >       ...
> >       fastcgi_pass	unix:xxxx;
> >     }
> > 
> >    location @nocache {
> >       fastcgi_index index.php;
> >       ...
> >       if(  ) {
> >         fastcgi_pass	unix:xxxx;
> >       }
> >    }
> 
> Your configuration is the same as
> 
>      location ~ \.php$ {
>        fastcgi_index index.php;
>        ...
>        if(  ) {
>          fastcgi_pass	unix:xxxx;
>        }
>     }
> 
> if the /invalid existance test fails always.
> 

Hello!  Thanks for the reply.  I looked again and, yes, as offered it is the same you say here.  I apologize but my example needs correction.  Then, perhaps, it will be easier to see what I am asking about.

Looking at my production server I see I put if conditions in BOTH the  location ~ \.php$ { } block AND the location @nocache block that encloses the  'fastcgi_pass	unix:xxxx;' in each case.  That's probably what makes this work for checking the cookie for caching purposes.  This is the corrected and accurate configuration I use:

     location ~ \.php$ {
       try_files /invalid @nocache;
 
       fastcgi_index index.php;
       fastcgi_cache default;
       fastcgi_cache_key $host$uri$args;
       ...
       if(   ) {
         fastcgi_pass	unix:xxxx;
       }
    }

    location @nocache {
       fastcgi_index index.php;
       ...
       if(  ) {
         fastcgi_pass	unix:xxxx;
       }
   }

I know this works for caching pages for users who are not logged in and bypassing the cache for users who are logged in.  I verified this by logging calls to my PHP backend, checking the existence of the cache files in the fastcgi cache directory and verifying the logged-in user-specific pages when logged in.

That's where the /invalid starts to look ugly and why I wonder where in the source the 2 or more argument restriction is enforced for the 'try_files' directive?  The /invalid really isn't needed and is only included because of that restriction.  This method would work without it.

Thanks, again, for the reply and I hope this clarifies my configuration.

> > Employing the /invalid is clumsy due to the two
> argument rule.  Otherwise this works as expected
> using the fastcgi_cache in the try_files
> containing block only if the  is not met.
> > 
> > I can do the patch myself if someone could point
> me in the right direction here.  Thanks, again!
> > 
> > Bret Holstein
> > 
> > > > For a while use original documentation in
> > > Russian:
> > > > 
> > > >
> > >
> http://sysoev.ru/nginx/docs/http/ngx_http_core_mod
> 
> > > ule.html#try_files
> > > > 
> > > > (try google translate if you have problems
> with
> > > Russian).
> > > > 
> > > > Maxim Dounin
> > > > 
> > > > > 
> > > > > The problem is, the first argument seems
> to be
> > > ignored.  I say that because, if I change JUST
> the
> > > try_files without changing any other lines in
> the
> > > configuration I get two different results. 
> In
> > > each case, the final argument in the try_files
> is
> > > always reached...cache displaying correctly
> when
> > > there is no cookie and a blank page if there
> is a
> > > cookie while try_files @cache @nocache
> displays
> > > correctly when there is a cookie but a blank
> page
> > > if there is not.
> > > > > 
> > > > > So is this a restriction or a bug on
> using
> > > internal locations in try_files?
> > > > > 
> > > > > Posted at Nginx Forum:
> > >
> http://forum.nginx.org/read.php?2,4504,4504#msg-45
> 
> > > 04
> > > > > 
> > > > >
> > 
> > Posted at Nginx Forum:
> http://forum.nginx.org/read.php?2,4504,4534#msg-45
> 34
> > 
> 
> -- 
> Igor Sysoev
> http://sysoev.ru/en/

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4504,4635#msg-4635





From nginx-forum at nginx.us  Fri Jul 31 06:40:59 2009
From: nginx-forum at nginx.us (CactO_o's)
Date: Thu, 30 Jul 2009 22:40:59 -0400
Subject: [Rewrite] Url - rewriting
In-Reply-To: <20090730182351.GB87141@forum.nginx.org>
References: <f87f9046719b5cd780868a8bab42c24e.NginxMailingList@forum.nginx.org> <20090730182351.GB87141@forum.nginx.org>
Message-ID: <de82a00b91c54666ae94ff62652fc899.NginxMailingList@forum.nginx.org>

Igor Sysoev Wrote:
-------------------------------------------------------
> On Thu, Jul 30, 2009 at 01:23:52PM -0400,
> CactO_o's wrote:
> 
> > Hi all,
> > 
> > In first, i'm french and I don't speak english
> very well, so I hope you understand me =] 
> > 
> > So, I want redirect the Html page to index.php
> with GET argument, in this model :
> > 
> > http://www.domaine.tlm/.html =>
> http://www.domaine.tlm/index.php?page=
> > 
> > I have do that  
> > 
> > 
> > server 
> > {
> > [...]
> >         location ~ .html$ {
> >                 rewrite ^/(.*).html$
> /index.php?page=$1;
> >         }
> > }
> > 
> > 
> > Another, I want rewrite the sub-domain if host
> ISN'T address IP :
> > 
> > http://.domaine.tlm/ =>
> http://www.domaine.tlm/?sd=
> > 
> > For example,
> > 
> > - if  is html page :
> > http://.domaine.tlm/example.html =>
> http://www.domaine.tlm/index.php?sd=&page=exemple
> > 
> > - if  is php script : 
> > http://.domaine.tlm/php/script.php?arg=get =>
> http://www.domaine.tlm/php/script.php?sd=&arg=get
> > 
> > So I have write that  
> > 
> > 
> > server
> > {
> >         location / {
> >                 root   /var/www/kreatoo;
> >                 index  index.html index.htm
> index.php;
> > 
> >                 if ( $host !~* 
> "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}"
> )
> >                 {
> >                          if ( $host ~*
> "(.*)\.*\.{2,4}" )
> >                          {
> >                                  set $sd $1;
> >                                 rewrite ^(.*)$
> http://www.domaine.tlm/index.php?sd=$sd
> >                          }
> >                 }
> >         }
> > 
> >         [...]
> > }
> > 
> > 
> > But don't functionality !
> > 
> > Can you help me please ?
> > 
> > Thank you all !
> 
> server {
>     server_name  domain.tlm;
> 
>     location / {
>         rewrite ^/(.*).html$
> http://www.domain.tlm/index.php?sd=&page=$1;
>     }
> 
>     location /php/ {
>         rewrite ^/(.*).html$
> http://www.domain.tlm/index.php?sd=;
>     }
> 
>     return 404;
> }
> 
> server {
>     server_name  www.domain.tlm;
> 
>     location ~ \.html$ {
>         rewrite ^/(.*).html$
> http://www.domain.tlm/index.php?page=$1;
>     }
> 
>     ...
> }
> 
> 
> -- 
> Igor Sysoev
> http://sysoev.ru/en/

Thank you for help but can you explain me what you do ?!

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4619,4636#msg-4636





From lists at ruby-forum.com  Fri Jul 31 11:55:28 2009
From: lists at ruby-forum.com (Mahiti Support)
Date: Fri, 31 Jul 2009 09:55:28 +0200
Subject: How to put rewrite rules for multiple plone instances
In-Reply-To: <e00a7e1c8b2341dce61ffe080b385acf@ruby-forum.com>
References: <441be1cb0901152328j7bef1a63t867334fc4335d60b@mail.gmail.com> <441be1cb0901160348w33a4c83es825c0b00819e80dd@mail.gmail.com> <20090116121345.GO39529@rambler-co.ru>
	<441be1cb0901160725k433982aar38b27196044f4b93@mail.gmail.com> <20090116154002.GS39529@rambler-co.ru> <441be1cb0901162232r5db93595veb891ef4b002c248@mail.gmail.com>
	<20090117080823.GW39529@rambler-co.ru> <441be1cb0901212051h158f5c0coaf5276cccf5a8ac4@mail.gmail.com> <20090122060941.GA19797@rambler-co.ru>
	<441be1cb0901280226s4b772356jd97991c631e0611a@mail.gmail.com> <20090128103127.GG14282@rambler-co.ru> <e00a7e1c8b2341dce61ffe080b385acf@ruby-forum.com>
Message-ID: <a37024ad5185849d96135a3ec0391c45@ruby-forum.com>

Hi,
Mahiti Support wrote:
> 
> Hi Igor,
> 
> Then what is it for
> RewriteRule ^/(.*) 
> http://127.0.0.1:8050/VirtualHostBase/http/%{HTTP_HOST}:80/live/automiddleeast/VirtualHostRoot/$1 
> [L,P]
> 
> Thanks
> Vishnu

What is the rewrite rule in nginx for the mentioned apache one?
-- 
Posted via http://www.ruby-forum.com/.




From is at rambler-co.ru  Fri Jul 31 13:23:36 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Fri, 31 Jul 2009 13:23:36 +0400
Subject: How to put rewrite rules for multiple plone instances
In-Reply-To: <a37024ad5185849d96135a3ec0391c45@ruby-forum.com>
References: <441be1cb0901160725k433982aar38b27196044f4b93@mail.gmail.com> <20090116154002.GS39529@rambler-co.ru> <441be1cb0901162232r5db93595veb891ef4b002c248@mail.gmail.com> <20090117080823.GW39529@rambler-co.ru> <441be1cb0901212051h158f5c0coaf5276cccf5a8ac4@mail.gmail.com> <20090122060941.GA19797@rambler-co.ru> <441be1cb0901280226s4b772356jd97991c631e0611a@mail.gmail.com> <20090128103127.GG14282@rambler-co.ru> <e00a7e1c8b2341dce61ffe080b385acf@ruby-forum.com> <a37024ad5185849d96135a3ec0391c45@ruby-forum.com>
Message-ID: <20090731092336.GB2125@rambler-co.ru>

On Fri, Jul 31, 2009 at 09:55:28AM +0200, Mahiti Support wrote:

> Hi,
> Mahiti Support wrote:
> > 
> > Hi Igor,
> > 
> > Then what is it for
> > RewriteRule ^/(.*) 
> > http://127.0.0.1:8050/VirtualHostBase/http/%{HTTP_HOST}:80/live/automiddleeast/VirtualHostRoot/$1 
> > [L,P]
> > 
> > Thanks
> > Vishnu
> 
> What is the rewrite rule in nginx for the mentioned apache one?

As it had been already said:

    location / {
        proxy_pass
http://127.0.0.1:8050/VirtualHostBase/http/$host:80/live/automiddleeast/VirtualHostRoot$request_uri;
    }


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Fri Jul 31 13:26:36 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Fri, 31 Jul 2009 13:26:36 +0400
Subject: [Rewrite] Url - rewriting
In-Reply-To: <de82a00b91c54666ae94ff62652fc899.NginxMailingList@forum.nginx.org>
References: <f87f9046719b5cd780868a8bab42c24e.NginxMailingList@forum.nginx.org> <20090730182351.GB87141@forum.nginx.org> <de82a00b91c54666ae94ff62652fc899.NginxMailingList@forum.nginx.org>
Message-ID: <20090731092636.GC2125@rambler-co.ru>

On Thu, Jul 30, 2009 at 10:40:59PM -0400, CactO_o's wrote:

> Igor Sysoev Wrote:
> -------------------------------------------------------
> > On Thu, Jul 30, 2009 at 01:23:52PM -0400,
> > CactO_o's wrote:
> > 
> > > Hi all,
> > > 
> > > In first, i'm french and I don't speak english
> > very well, so I hope you understand me =] 
> > > 
> > > So, I want redirect the Html page to index.php
> > with GET argument, in this model :
> > > 
> > > http://www.domaine.tlm/.html =>
> > http://www.domaine.tlm/index.php?page=
> > > 
> > > I have do that  
> > > 
> > > 
> > > server 
> > > {
> > > [...]
> > >         location ~ .html$ {
> > >                 rewrite ^/(.*).html$
> > /index.php?page=$1;
> > >         }
> > > }
> > > 
> > > 
> > > Another, I want rewrite the sub-domain if host
> > ISN'T address IP :
> > > 
> > > http://.domaine.tlm/ =>
> > http://www.domaine.tlm/?sd=
> > > 
> > > For example,
> > > 
> > > - if  is html page :
> > > http://.domaine.tlm/example.html =>
> > http://www.domaine.tlm/index.php?sd=&page=exemple
> > > 
> > > - if  is php script : 
> > > http://.domaine.tlm/php/script.php?arg=get =>
> > http://www.domaine.tlm/php/script.php?sd=&arg=get
> > > 
> > > So I have write that  
> > > 
> > > 
> > > server
> > > {
> > >         location / {
> > >                 root   /var/www/kreatoo;
> > >                 index  index.html index.htm
> > index.php;
> > > 
> > >                 if ( $host !~* 
> > "[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}\.[0-9]{1,3}"
> > )
> > >                 {
> > >                          if ( $host ~*
> > "(.*)\.*\.{2,4}" )
> > >                          {
> > >                                  set $sd $1;
> > >                                 rewrite ^(.*)$
> > http://www.domaine.tlm/index.php?sd=$sd
> > >                          }
> > >                 }
> > >         }
> > > 
> > >         [...]
> > > }
> > > 
> > > 
> > > But don't functionality !
> > > 
> > > Can you help me please ?
> > > 
> > > Thank you all !
> > 
> > server {
> >     server_name  domain.tlm;
> > 
> >     location / {
> >         rewrite ^/(.*).html$
> > http://www.domain.tlm/index.php?sd=&page=$1;
> >     }
> > 
> >     location /php/ {
> >         rewrite ^/(.*).html$
> > http://www.domain.tlm/index.php?sd=;
> >     }
> > 
> >     return 404;
> > }
> > 
> > server {
> >     server_name  www.domain.tlm;
> > 
> >     location ~ \.html$ {
> >         rewrite ^/(.*).html$
> > http://www.domain.tlm/index.php?page=$1;
> >     }
> > 
> >     ...
> > }
> > 
> > 
> > -- 
> > Igor Sysoev
> > http://sysoev.ru/en/
> 
> Thank you for help but can you explain me what you do ?!

The configuration above does required redirects.


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Fri Jul 31 13:51:13 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Fri, 31 Jul 2009 13:51:13 +0400
Subject: Alias in Nginx Config
In-Reply-To: <27ade5280907301409u5eff5126jd252ec91f0279344@mail.gmail.com>
References: <27ade5280907261107y4e2b4dd7x92d42cf24eccd454@mail.gmail.com> <20090726192545.GB48529@rambler-co.ru> <27ade5280907281347m40e7f417i5f0e772a654bdaf0@mail.gmail.com> <20090729085047.GC51147@rambler-co.ru> <27ade5280907301409u5eff5126jd252ec91f0279344@mail.gmail.com>
Message-ID: <20090731095113.GE2125@rambler-co.ru>

On Thu, Jul 30, 2009 at 05:09:08PM -0400, APseudoUtopia wrote:

> 2009/7/29 Igor Sysoev <is at rambler-co.ru>:
> > On Tue, Jul 28, 2009 at 04:47:26PM -0400, APseudoUtopia wrote:
> >
> >> 2009/7/26 Igor Sysoev <is at rambler-co.ru>:
> >> > On Sun, Jul 26, 2009 at 02:07:28PM -0400, APseudoUtopia wrote:
> >> >
> >> >> Hey list,
> >> >>
> >> >> How does one create an alias in nginx? Here's my setup:
> >> >>
> >> >> My web-root is /usr/local/www/main. It's a copy of a SVN repo, so I
> >> >> cannot manually add any folders in there.
> >> >> I want to make an alias from domain.com/wiki to /usr/local/www/wiki.
> >> >> I've tried the following code:
> >> >>
> >> >> location = /wiki {
> >> >> alias /usr/local/www/wiki;
> >> >> }
> >> >>
> >> >> But this isn't working. nginx is returning a "404" error. Here's the
> >> >> whole config for the server block:
> >> >>
> >> >> server {
> >> >> ? ? set $web_root /usr/local/www/main;
> >> >>
> >> >> ? ? listen x.x.x.x:443 default accept_filter=httpready;
> >> >> ? ? server_name domain.tld;
> >> >> ? ? access_log /var/log/httpd/nginx.access.ssl.log main buffer=4k;
> >> >> ? ? root $web_root;
> >> >>
> >> >> ? ? # www redirect
> >> >> ? ? if ($host ~* www\.(.*)) {
> >> >> ? ? ? ? rewrite ^(.*)$ https://domain.tld$1 permanent;
> >> >> ? ? }
> >> >>
> >> >> ? ? ssl on;
> >> >> ? ? ssl_certificate /usr/local/etc/nginx/ssl.crt;
> >> >> ? ? ssl_certificate_key /usr/local/etc/nginx/ssl.key;
> >> >> ? ? ssl_ciphers -ALL:!ADH:!NULL:!aNULL:!eNULL:HIGH;
> >> >> ? ? ssl_prefer_server_ciphers on;
> >> >> ? ? ssl_protocols SSLv3 TLSv1;
> >> >> ? ? ssl_verify_client off;
> >> >> ? ? ssl_verify_depth 1;
> >> >> ? ? ssl_session_cache shared:NGXSSL:1m;
> >> >> ? ? ssl_session_timeout 5m;
> >> >>
> >> >> ? ? # Wiki
> >> >> ? ? location = /wiki/ {
> >> >> ? ? ? ? alias /usr/local/www/skittles_wiki/;
> >> >> ? ? }
> >> >>
> >> >> ? ? location ~ .*\.php$ {
> >> >> ? ? ? ? try_files $uri /404.html;
> >> >> ? ? ? ? fastcgi_index index.php;
> >> >> ? ? ? ? fastcgi_ignore_client_abort off;
> >> >> ? ? ? ? fastcgi_intercept_errors off;
> >> >> ? ? ? ? fastcgi_pass 127.0.0.1:9000;
> >> >> ? ? ? ? fastcgi_read_timeout 10; # sec to wait for php-cgi to return data
> >> >> ? ? ? ? fastcgi_param SCRIPT_FILENAME $web_root$fastcgi_script_name;
> >> >> ? ? ? ? include /usr/local/etc/nginx/fastcgi_params;
> >> >> ? ? }
> >> >> }
> >> >
> >> > Frist, this
> >> >
> >> > ? ? # www redirect
> >> > ? ? if ($host ~* www\.(.*)) {
> >> > ? ? ? ? rewrite ^(.*)$ https://domain.tld$1 permanent;
> >> > ? ? }
> >> >
> >> > should be written as separate server:
> >> >
> >> > server {
> >> > ? ? server_name www.domain.tld;
> >> >
> >> > ? ? rewrite ^(.*)$ https://domain.tld$1 permanent;
> >> > }
> >> >
> >> > Second, "set" in
> >> >
> >> > ? ? set $web_root /usr/local/www/main;
> >> > ? ? ...
> >> > ? ? root $web_root;
> >> > ? ? ...
> >> > ? ? ? ? fastcgi_param SCRIPT_FILENAME $web_root$fastcgi_script_name;
> >> >
> >> > is just waste of CPU cycles and should be changed to
> >> >
> >> > ? ? root /usr/local/www/main;
> >> > ? ? ...
> >> > ? ? ? ? fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
> >> >
> >> > As to wiki, you need to omit "=":
> >> >
> >> > ? ? location /wiki/ {
> >> > ? ? ? ? alias /usr/local/www/skittles_wiki/;
> >> > ? ? }
> >> >
> >> >
> >> > --
> >> > Igor Sysoev
> >> > http://sysoev.ru/en/
> >> >
> >> >
> >>
> >> Thanks for the quick reply Igor. However, the changes don't seem to
> >> make any difference; I'm still getting the 404 error. After playing
> >> around with my configuration, it seems to be related to the try_files
> >> inside the "location ~ .*\.php$" block. Do you (or anyone else) know
> >> of a way I can solve this? It's a big confusing.
> >
> > What is in error_log ?
> >
> >
> > --
> > Igor Sysoev
> > http://sysoev.ru/en/
> >
> >
> 
> This is in the error log:
> 
> 2009/07/30 21:07:18 [error] 85246#0: *3 open()
> "/usr/local/www/main/404.html" failed (2: No such file or directory),
> client: x.x.x.119, server: domain.tld, request: "GET /wiki/ HTTP/1.1",
> host: "domain.tld"
> 2009/07/30 21:07:18 [error] 85246#0: *3 open()
> "/usr/local/www/main/404.html" failed (2: No such file or directory),
> client: x.x.x.119, server: domain.tld, request: "GET /wiki/ HTTP/1.1",
> host: "domain.tld"
> 
> This also leads me to believe that it has to do with try_files somehow.

Could you show full current configuration ?

Also, where should reside the files /wiki/*.php and /*.php at ?


-- 
Igor Sysoev
http://sysoev.ru/en/




From is at rambler-co.ru  Fri Jul 31 15:07:33 2009
From: is at rambler-co.ru (Igor Sysoev)
Date: Fri, 31 Jul 2009 15:07:33 +0400
Subject: 400 errors for some clients: not related to buffer size and works over HTTPS but not HTTP
In-Reply-To: <cb03bffe0907301347q30e3f1e9ua5a34ef7fbf20786@mail.gmail.com>
References: <cb03bffe0907301347q30e3f1e9ua5a34ef7fbf20786@mail.gmail.com>
Message-ID: <20090731110733.GF2125@rambler-co.ru>

On Thu, Jul 30, 2009 at 05:47:45PM -0300, Benjamin Jackson wrote:

> Has anyone seen anything like this before? We have no idea what's
> going on. The buffers are set to 4/16k but still the client can't open
> the site.

You should set error_log to info level to see causes of 400 errors.
The most of them may be SSL handshake errors.


-- 
Igor Sysoev
http://sysoev.ru/en/




From peacech at gmail.com  Fri Jul 31 16:20:38 2009
From: peacech at gmail.com (Charles)
Date: Fri, 31 Jul 2009 19:20:38 +0700
Subject: Offline documentation (CHM)
In-Reply-To: <1248766168.15244.225.camel@portable-evil>
References: <f749b5840907272114l7aee2e4ey8b6e5d4566df7469@mail.gmail.com>
	 <1248766168.15244.225.camel@portable-evil>
Message-ID: <f749b5840907310520ue0364a9w5c2818abb484f92c@mail.gmail.com>

On Tue, Jul 28, 2009 at 2:29 PM, Cliff Wells<cliff at develix.com> wrote:
> If you don't mind, you could upload it to the wiki and link it from
> there.
>
> Cliff

Hi,

I have uploaded a newer version to

http://wiki.nginx.org/File:NginxWiki-20090731.chm.gz




From lists at ruby-forum.com  Fri Jul 31 17:11:52 2009
From: lists at ruby-forum.com (Mahiti Support)
Date: Fri, 31 Jul 2009 15:11:52 +0200
Subject: Upstream fail over?
In-Reply-To: <a22cf9c84adb70f8a6b4780b6203853f@ruby-forum.com>
References: <d2f801544aeb0ff32eb00e11a64c9b5b.NginxMailingList@forum.nginx.org> <e0af94b80906260233l6c7b1156u7ea741b0daf3d40f@mail.gmail.com> <a22cf9c84adb70f8a6b4780b6203853f@ruby-forum.com>
Message-ID: <b32049b8a67146cbaae5eec69d96512b@ruby-forum.com>

Mitchua Mitchua wrote:
> > 
> I tried a config like this on 0.8.6 and I found that all requests ended 
> up going to the @application proxy, skipping the @varnish proxy 
> entirely. Am I doing something wrong?
> 
> Here's a sample of my config:
> 
> 
>     location /
>   {
>     try_files @vanish @origin;
>   }
> 
> Thanks!

Hi,

You seem to have put it as @vanish instead of @varnish.
Is that causing you the issue?

Vishnu
-- 
Posted via http://www.ruby-forum.com/.




From lists at ruby-forum.com  Fri Jul 31 17:22:23 2009
From: lists at ruby-forum.com (Mahiti Support)
Date: Fri, 31 Jul 2009 15:22:23 +0200
Subject: How to put rewrite rules for multiple plone instances
In-Reply-To: <a37024ad5185849d96135a3ec0391c45@ruby-forum.com>
References: <441be1cb0901152328j7bef1a63t867334fc4335d60b@mail.gmail.com> <441be1cb0901160348w33a4c83es825c0b00819e80dd@mail.gmail.com> <20090116121345.GO39529@rambler-co.ru>
	<441be1cb0901160725k433982aar38b27196044f4b93@mail.gmail.com> <20090116154002.GS39529@rambler-co.ru> <441be1cb0901162232r5db93595veb891ef4b002c248@mail.gmail.com>
	<20090117080823.GW39529@rambler-co.ru> <441be1cb0901212051h158f5c0coaf5276cccf5a8ac4@mail.gmail.com> <20090122060941.GA19797@rambler-co.ru>
	<441be1cb0901280226s4b772356jd97991c631e0611a@mail.gmail.com> <20090128103127.GG14282@rambler-co.ru> <e00a7e1c8b2341dce61ffe080b385acf@ruby-forum.com>
	<a37024ad5185849d96135a3ec0391c45@ruby-forum.com>
Message-ID: <c65c9e801da4830ab60402b1d4f1f5e2@ruby-forum.com>

Mahiti Support wrote:
> Hi,
> Mahiti Support wrote:
>> 
>> Hi Igor,
>> 
>> Then what is it for
>> RewriteRule ^/(.*) 
>> http://127.0.0.1:8050/VirtualHostBase/http/%{HTTP_HOST}:80/live/automiddleeast/VirtualHostRoot/$1 
>> [L,P]
>> 
>> Thanks
>> Vishnu
> 
> What is the rewrite rule in nginx for the mentioned apache one?

Sorry man, but i didnt get your reply through the Nginx Ruby Forum, so i 
posted again,
but when i saw it in here http://forum.nginx.org/read.php?2,3590
Then i knew that i was answered twice.
Thanks :)
-- 
Posted via http://www.ruby-forum.com/.




From mdounin at mdounin.ru  Fri Jul 31 17:38:30 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 31 Jul 2009 17:38:30 +0400
Subject: Upstream fail over?
In-Reply-To: <b32049b8a67146cbaae5eec69d96512b@ruby-forum.com>
References: <d2f801544aeb0ff32eb00e11a64c9b5b.NginxMailingList@forum.nginx.org> <e0af94b80906260233l6c7b1156u7ea741b0daf3d40f@mail.gmail.com> <a22cf9c84adb70f8a6b4780b6203853f@ruby-forum.com> <b32049b8a67146cbaae5eec69d96512b@ruby-forum.com>
Message-ID: <20090731133830.GR8794@mdounin.ru>

Hello!

On Fri, Jul 31, 2009 at 03:11:52PM +0200, Mahiti Support wrote:

> Mitchua Mitchua wrote:
> > > 
> > I tried a config like this on 0.8.6 and I found that all requests ended 
> > up going to the @application proxy, skipping the @varnish proxy 
> > entirely. Am I doing something wrong?
> > 
> > Here's a sample of my config:
> > 
> > 
> >     location /
> >   {
> >     try_files @vanish @origin;
> >   }
> > 
> > Thanks!
> 
> Hi,
> 
> You seem to have put it as @vanish instead of @varnish.
> Is that causing you the issue?

No.  It just incorrect.  See my answer for details.

Maxim Dounin




From ian at ianhobson.co.uk  Fri Jul 31 18:05:45 2009
From: ian at ianhobson.co.uk (Ian Hobson)
Date: Fri, 31 Jul 2009 15:05:45 +0100
Subject: Configuration help needed
Message-ID: <4A72FA39.4020201@ianhobson.co.uk>

Hi all,

I'm using nginx version 0.5.33   (I know its old - its the standard on 
Ubuntu).

I have a site that works fine - *.htm pages are served via a shared 
script (builder), static pages with nginx, *.php directly via PHP, and a 
little tweak because we were finding half our bandwidth was going to 
people showing our pictures in their pages!

Now to add a  wordpress blog to /blog/.

Below is one of my many attempts.  The old stuff still works, and  
/blog/readme.html and its images are served properly as static content.
However....
    /blog    is passed to builder not /blog/index.php  (log status 200)
    /blog/index.php  is also passed to builder.     (log status 302)

This is the config file in /etc/nginx/sites-available 
#  emc.titan.hcs     - internal test server
server {
   listen   80;
    server_name emc.titan.hcs;
    root   /home/ian/websites/emccatering;
    fastcgi_index index.htm;
   location = /images/ {
        return 403;
   }
    location /blog {
       ## do rewrites for wordpress (which sets location to 
/blog/index.php)
       if (-f $request_filename) {
            # serve static content
           break;
        }
        # rewrite  /blog/<page> as  /blog/index.php?q=<page>
        rewrite ^/blog/(.+)$ /blog/index.php?q=/blog/$1 last;
        #  Enable nice permalinks for WP
        error_page 404 = /blog/index.php?q=$uri;
    }
   location /blog/index.php {
       # send wordpress commands to php /blog/index.php?q=page 
       fastcgi_param  SCRIPT_FILENAME 
/home/ian/websites/emccatering/blog/index.php;
        fastcgi_param  QUERY_STRING    $request_uri;
        fastcgi_param  DOCUMENT_ROOT   $document_root;
        fastcgi_pass  127.0.0.1:9000;
    }
    location  ~ ^(.*)/$ {
       # matches directories
        fastcgi_param  QUERY_STRING       f=${request_uri}index.htm;
        fastcgi_param  DOCUMENT_ROOT      $document_root;
        fastcgi_param  SCRIPT_FILENAME    
/home/ian/websites/builder/parser.php;
        fastcgi_pass  127.0.0.1:9000;
    }
   # pass file names to php
    location ~ \.htm$ {
        # send .htm files to builder as  /builder/parser.php?f=page.htm 
- NB builder is shared
        fastcgi_pass  127.0.0.1:9000;       
        fastcgi_param  QUERY_STRING       f=$request_uri;
        fastcgi_param  DOCUMENT_ROOT      $document_root;
        fastcgi_param  SCRIPT_FILENAME    
/home/ian/websites/builder/parser.php;
    }
    # handle vanilla php files as well - neither WP nor builder
    location ~ \.php {
         fastcgi_pass  127.0.0.1:9000;
        include /etc/nginx/fastcgi_params;
    }
    location /images/ {
        #  stop leaches stealling bandwidth for food pics!
        valid_referers none emc.titan.hcs;
        if ($invalid_referer) {
            return 403;
        }
    }       
}

Thanks for  your help.

Ian







From phill at activityhq.com  Fri Jul 31 18:46:33 2009
From: phill at activityhq.com (Phillip Oldham)
Date: Fri, 31 Jul 2009 15:46:33 +0100
Subject: How to remove trailing slashes for codeigniter?
Message-ID: <4A7303C9.6060907@activityhq.com>

I'm having trouble dropping the trailing slashes to fix issues with 
codeigniter. My setup is as follows:

location / {
    try_files $uri @codeigniter;
}
location @codeigniter {
    rewrite ^ /index.php$uri last;
}


I've tried the following modification:

location @codeigniter {
    rewrite ^/(.*)/$ /$1 permanent;
    rewrite ^ /index.php$uri last;
}

but this only works when the url is:
mysite.org/mypath/     -->    mysite.org/mypath

However, if you access the same path the "long" way 
(mysite.org/index.php/mypath/) the rewrite doesn't get picked up.

Can someone spare a few minutes to explain to me why this is?




From nginx-forum at nginx.us  Fri Jul 31 18:50:22 2009
From: nginx-forum at nginx.us (ktwalrus)
Date: Fri, 31 Jul 2009 10:50:22 -0400
Subject: Atomic counters with nginx
Message-ID: <ac73d7fecd72e0ed0b6498c461d1e5ff.NginxMailingList@forum.nginx.org>

I need to implement some atomic counters (where the counter is persistent across server reboots/crashes) to scale to lots of hits per second to update the counter  as GET requests to a web available global server.  I need these counters to have fairly low latency.  Since I already use nginx as my web server, I was thinking it might be the best place to implement this web service.

Basically, I want to issue a single GET request to an nginx server and increment and retrieve the new value of several 64-bit counters.  The single GET request needs to handle incrementing several distinct counters (to reduce overhead) and restrict the request from a list of requesting IPs and a password (or some other secure method to prevent a server other than my servers from updating the counters.

Is there an existing module that I can implement something like this?  Or, would someone consider writing such a module?

I need the counters to be atomic since I am using them as unique global indices in my local databases.  I think such a module would have general appeal since many people might like to keep page counters for their web pages (and this module could be written to support this too).

Hopefully, atomic counters is already implemented, but I couldn't find it in a search.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4654,4654#msg-4654





From nginx-forum at nginx.us  Fri Jul 31 20:42:08 2009
From: nginx-forum at nginx.us (ktwalrus)
Date: Fri, 31 Jul 2009 12:42:08 -0400
Subject: Geographic Proxy Bandwidth Usage
Message-ID: <37670ff93991d8142a8af8e1529e1bd6.NginxMailingList@forum.nginx.org>

This is probably a stupid question, but when I use nginx to proxy and HTTP request to a server in another geographic location, does the HTTP response go directly to the requester's IP address or does it route back through the nginx proxy server?

I'm getting ready to split my site into two locations (West Coast and East Coast of the US) and I want to redirect requests to the closest geographic server, but don't want the bandwidth for the response to go through the original request server.

I think the bandwidth from the response server would be direct to the requester and not the request server, but I just want to make sure.  Otherwise, geographic load serving woulldn't be very useful.

Posted at Nginx Forum: http://forum.nginx.org/read.php?2,4656,4656#msg-4656





From lists at ruby-forum.com  Fri Jul 31 21:39:13 2009
From: lists at ruby-forum.com (Mitchua Mitchua)
Date: Fri, 31 Jul 2009 19:39:13 +0200
Subject: Upstream fail over?
In-Reply-To: <b32049b8a67146cbaae5eec69d96512b@ruby-forum.com>
References: <d2f801544aeb0ff32eb00e11a64c9b5b.NginxMailingList@forum.nginx.org> <e0af94b80906260233l6c7b1156u7ea741b0daf3d40f@mail.gmail.com> <a22cf9c84adb70f8a6b4780b6203853f@ruby-forum.com>
	<b32049b8a67146cbaae5eec69d96512b@ruby-forum.com>
Message-ID: <369213914c93be9709d9c7ef6d005e8a@ruby-forum.com>

Mahiti Support wrote:
> Mitchua Mitchua wrote:
>> > 
>> I tried a config like this on 0.8.6 and I found that all requests ended 
>> up going to the @application proxy, skipping the @varnish proxy 
>> entirely. Am I doing something wrong?
>> 
>> Here's a sample of my config:
>> 
>> 
>>     location /
>>   {
>>     try_files @vanish @origin;
>>   }
>> 
>> Thanks!
> 
> Hi,
> 
> You seem to have put it as @vanish instead of @varnish.
> Is that causing you the issue?
> 
> Vishnu

Sorry, bad copy/paste job ;)  Those are correct in the config I'm using.

Any ideas?  Does that look right?
-- 
Posted via http://www.ruby-forum.com/.




From cliff at develix.com  Fri Jul 31 21:50:02 2009
From: cliff at develix.com (Cliff Wells)
Date: Fri, 31 Jul 2009 10:50:02 -0700
Subject: Geographic Proxy Bandwidth Usage
In-Reply-To: <37670ff93991d8142a8af8e1529e1bd6.NginxMailingList@forum.nginx.org>
References: 	 <37670ff93991d8142a8af8e1529e1bd6.NginxMailingList@forum.nginx.org>
Message-ID: <1249062602.19620.14.camel@portable-evil>

On Fri, 2009-07-31 at 12:42 -0400, ktwalrus wrote:
> This is probably a stupid question, but when I use nginx to proxy and
> HTTP request to a server in another geographic location, does the HTTP
> response go directly to the requester's IP address or does it route
> back through the nginx proxy server?

It goes back through the proxy.  It would seem rather odd to your
browser to request something from a server and suddenly get a response
from some other random server, wouldn't it?

> I'm getting ready to split my site into two locations (West Coast and
> East Coast of the US) and I want to redirect requests to the closest
> geographic server, but don't want the bandwidth for the response to go
> through the original request server.

You'd have to redirect, or use some other method of geographic load
distribution method such as DNS, for example: 

http://www.ultradns.com/solutions/traffic.html
http://edgedirector.com/

I don't use either of these services, so I'm not recommending them in
any way, other than to the extent that they do what you need.

> I think the bandwidth from the response server would be direct to the
> requester and not the request server, but I just want to make sure.
> Otherwise, geographic load serving woulldn't be very useful.

It isn't terribly useful in the scenario you seem to be suggesting.

Cliff

-- 
http://www.google.com/search?q=vonage+sucks





From lists at ruby-forum.com  Fri Jul 31 22:00:05 2009
From: lists at ruby-forum.com (Mitchua Mitchua)
Date: Fri, 31 Jul 2009 20:00:05 +0200
Subject: Upstream fail over?
In-Reply-To: <369213914c93be9709d9c7ef6d005e8a@ruby-forum.com>
References: <d2f801544aeb0ff32eb00e11a64c9b5b.NginxMailingList@forum.nginx.org> <e0af94b80906260233l6c7b1156u7ea741b0daf3d40f@mail.gmail.com> <a22cf9c84adb70f8a6b4780b6203853f@ruby-forum.com>
	<b32049b8a67146cbaae5eec69d96512b@ruby-forum.com> <369213914c93be9709d9c7ef6d005e8a@ruby-forum.com>
Message-ID: <48b1ee61f2c7b8dfcb5e9c54422d09e4@ruby-forum.com>

Mitchua Mitchua wrote:
> Mahiti Support wrote:
>> Mitchua Mitchua wrote:
>>> > 
>>> I tried a config like this on 0.8.6 and I found that all requests ended 
>>> up going to the @application proxy, skipping the @varnish proxy 
>>> entirely. Am I doing something wrong?
>>> 
>>> Here's a sample of my config:
>>> 
>>> 
>>>     location /
>>>   {
>>>     try_files @vanish @origin;
>>>   }
>>> 
>>> Thanks!
>> 
>> Hi,
>> 
>> You seem to have put it as @vanish instead of @varnish.
>> Is that causing you the issue?
>> 
>> Vishnu
> 
> Sorry, bad copy/paste job ;)  Those are correct in the config I'm using.
> 
> Any ideas?  Does that look right?

I just tried this and the root document of the website hits the varnish 
servers, but every other request doesn't. Could there be a pathing 
problem going on here?

location /
  {
    try_files $uri $uri/ @origin;
    proxy_pass http://varnishservers;
    proxy_set_header Host $host;
    proxy_connect_timeout 3;
    proxy_next_upstream error timeout;
  }




-- 
Posted via http://www.ruby-forum.com/.




From jdub at bethesignal.org  Fri Jul 31 22:26:03 2009
From: jdub at bethesignal.org (Jeff Waugh)
Date: Sat, 1 Aug 2009 04:26:03 +1000
Subject: Handy config snippet: Redirect to canonical server name
Message-ID: <20090731182603.GJ31717@node.waugh.id.au>

Hi all,

Here's a handy config snippet to permanently redirect to a canonical server
name, generically (ie. without needing to repeat yourself in every config).


/etc/nginx/canonical_hostname:
    if ( $host != $server_name ) {
        rewrite  ^(.*)$  $scheme://$server_name$1  permanent;
    }


/etc/nginx/sites-enabled/example.com:
    server {
        listen  10.0.0.1:80;
        server_name  www.example.com example.com;
        include  canonical_hostname;
    ...


Because the included block in canonical_hostname is totally generic, you can
include it in whichever server block you wish. It automagically chooses the
correct scheme, host (based on the first element of server_name) and path...

Enjoy!

- Jeff

-- 
linux.conf.au 2010: Wellington, NZ                http://www.lca2010.org.nz/
 
             http://www.xach.com/debian-users-are-beatniks.html




From mdounin at mdounin.ru  Fri Jul 31 23:52:41 2009
From: mdounin at mdounin.ru (Maxim Dounin)
Date: Fri, 31 Jul 2009 23:52:41 +0400
Subject: Upstream fail over?
In-Reply-To: <48b1ee61f2c7b8dfcb5e9c54422d09e4@ruby-forum.com>
References: <d2f801544aeb0ff32eb00e11a64c9b5b.NginxMailingList@forum.nginx.org> <e0af94b80906260233l6c7b1156u7ea741b0daf3d40f@mail.gmail.com> <a22cf9c84adb70f8a6b4780b6203853f@ruby-forum.com> <b32049b8a67146cbaae5eec69d96512b@ruby-forum.com> <369213914c93be9709d9c7ef6d005e8a@ruby-forum.com> <48b1ee61f2c7b8dfcb5e9c54422d09e4@ruby-forum.com>
Message-ID: <20090731195240.GS8794@mdounin.ru>

Hello!

On Fri, Jul 31, 2009 at 08:00:05PM +0200, Mitchua Mitchua wrote:

> Mitchua Mitchua wrote:
> > Mahiti Support wrote:
> >> Mitchua Mitchua wrote:
> >>> > 
> >>> I tried a config like this on 0.8.6 and I found that all requests ended 
> >>> up going to the @application proxy, skipping the @varnish proxy 
> >>> entirely. Am I doing something wrong?
> >>> 
> >>> Here's a sample of my config:
> >>> 
> >>> 
> >>>     location /
> >>>   {
> >>>     try_files @vanish @origin;
> >>>   }
> >>> 
> >>> Thanks!
> >> 
> >> Hi,
> >> 
> >> You seem to have put it as @vanish instead of @varnish.
> >> Is that causing you the issue?
> >> 
> >> Vishnu
> > 
> > Sorry, bad copy/paste job ;)  Those are correct in the config I'm using.
> > 
> > Any ideas?  Does that look right?
> 
> I just tried this and the root document of the website hits the varnish 
> servers, but every other request doesn't. Could there be a pathing 
> problem going on here?
> 
> location /
>   {
>     try_files $uri $uri/ @origin;
>     proxy_pass http://varnishservers;
>     proxy_set_header Host $host;
>     proxy_connect_timeout 3;
>     proxy_next_upstream error timeout;
>   }

You try to use try_files, while you have no files.  It won't work.  
Again: try_files work only with *files*. That's why it's named 
try_files.

Use error_page based fallback instead.

Maxim Dounin




From maccaday at gmail.com  Fri Jul 31 23:56:37 2009
From: maccaday at gmail.com (Marcus Clyne)
Date: Fri, 31 Jul 2009 22:56:37 +0300
Subject: Geographic Proxy Bandwidth Usage
In-Reply-To: <1249062602.19620.14.camel@portable-evil>
References: <37670ff93991d8142a8af8e1529e1bd6.NginxMailingList@forum.nginx.org> <1249062602.19620.14.camel@portable-evil>
Message-ID: <4A734C75.7030609@gmail.com>

Cliff Wells wrote:
> On Fri, 2009-07-31 at 12:42 -0400, ktwalrus wrote:
>   
>> This is probably a stupid question, but when I use nginx to proxy and
>> HTTP request to a server in another geographic location, does the HTTP
>> response go directly to the requester's IP address or does it route
>> back through the nginx proxy server?
>>     
>
> It goes back through the proxy.  It would seem rather odd to your
> browser to request something from a server and suddenly get a response
> from some other random server, wouldn't it?
>   
You can do that with IP tunneling.

http://en.wikipedia.org/wiki/IP_tunnel
http://kb.linuxvirtualserver.org/wiki/LVS/TUN

Normally, though, the trafficking algorithms don't permit checking the 
IP for geo information - at least none of the implementations I know of 
allow for that, so it's probably not appropriate for you.
>   
>> I'm getting ready to split my site into two locations (West Coast and
>> East Coast of the US) and I want to redirect requests to the closest
>> geographic server, but don't want the bandwidth for the response to go
>> through the original request server.
>>     
>
> You'd have to redirect, or use some other method of geographic load
> distribution method such as DNS, for example: 
>
> http://www.ultradns.com/solutions/traffic.html
> http://edgedirector.com/
>
> I don't use either of these services, so I'm not recommending them in
> any way, other than to the extent that they do what you need.
>
>   
Alternatively, you could use a different domain for each, e.g.

www.site.com
www1.site.com
>> I think the bandwidth from the response server would be direct to the
>> requester and not the request server, but I just want to make sure.
>> Otherwise, geographic load serving woulldn't be very useful.
>>     
>
> It isn't terribly useful in the scenario you seem to be suggesting.
>
> Cliff
>   
I agree.

Is there a compelling reason why you'd want to have two servers / 
clusters on opposite sides of the US?  The difference in speed between 
them would be minimal, and unless you're dealing with very large 
clusters of servers, I would think it more of a disadvantage than an 
advantage having two clusters in different geographical locations, 
though fairly close to each other in cyberspace.

I don't know who your service providers are, but you may get a faster 
response from a good host on the opposite side of the US than a slower 
one on 'your' side, anyway.  You might even get a faster response from a 
good host in the UK than a slower one in your own region.

Cheers,

Marcus.