Webservers/nginx
Nginx
Features
- conditionals -
if
- Go-To's -
rewrite
- Case statements -
map
andgeo
- inheritance of context configurations - inherit if there is nothing else, otherwise override
Variables
- Buildin
$host
- in this order of precedence: host name from the request line, host name from the 'Host' request header field, or the server name matching a request. This is why this can be influenced by a incoming client$http_host
just host name from the 'Host' request header field.$http_<name>
- any request header field; name is the field name converted to lower case with dashes replaced by underscores
server context match order
For the server {}
context selection nginx algorithm takes only 2 directives into account listen
and server_name
.
server {
listen 80; server_name *.example.com; . . .
}
- Matching
listen
directive
At first listen
directive is parsed, during this step any "incomplete" directives are added with default values
- no-ip -> set with
0.0.0.0
- no-port -> set with port
:80
The listen directive can be set to:
- An IP address/port combo.
- A lone IP address which will then listen on the default port 80.
- A lone port which will listen to every interface on that port.
- The path to a Unix socket
The most accurate listen
directive match gets chosen.
- Matching
server_name
directive
If there are multiple the same listen directives, then server_name
is being parsed in this order:
- exact match host header from the request
- leading wildcard (indicated by a
*
at the beginning of the name in the config). If multiple matches are found, the longest match will be used to serve the request. - trailing wildcard (indicated by a server name ending with a
*
in the config). If multiple matches are found, the longest match will be used to serve the request. - using regular expressions (indicated by a
~
before the name). The first server_name with a regular expression that matches the “Host” header will be used to serve the request. - selects the
default_server
block for that IP address and port part of listen directive. There can be only onedefault_server
declaration per each IP address/port combination. - First block, for an IP address/port combo, this will either be the first block in the configuration or the block that contains the default_server option as part of the listen directive (which would override the first-found algorithm).
server { listen 80 default_server; server_name example.com; . . . } server { listen 80; server_name ~^(subdomain|set|www|host1).*\.example\.com$; . . . } server { listen 80; server_name www.example.*; . . . } server { listen 80; server_name *.org; . . . }
Config analyzers
- Crossplane - configuration file parser and builder
pip install crossplane # Analyse crossplane parse nginx.conf | jq # turn config into json, will contain results if errors found # Format and compare differences vimdiff nginx.conf <(crossplane format nginx.conf) # Minify, remove comments then format crossplane format <(crossplane minify nginx.conf)
# Analyse ls -1 *conf | xargs gixy | tee gixy.log
Log analyzes
$ ngxtop running for 411 seconds, 64332 records processed: 156.60 req/sec Summary: | count | avg_bytes_sent | 2xx | 3xx | 4xx | 5xx | |---------+------------------+-------+-------+-------+-------| | 64332 | 2775.251 | 61262 | 2994 | 71 | 5 | Detailed: | request_path | count | avg_bytes_sent | 2xx | 3xx | 4xx | 5xx | |------------------------------------------+---------+------------------+-------+-------+-------+-------| | /abc/xyz/xxxx | 20946 | 434.693 | 20935 | 0 | 11 | 0 | | /xxxxx.json | 5633 | 1483.723 | 5633 | 0 |
- Status module NginxHttpStubStatusModule
References
- Sites-enabled vs conf.d Explanation of standards and Debian-ism of sites-enabled.