Webservers/nginx
Nginx
Features
- conditionals -
if - Go-To's -
rewrite - Case statements -
mapandgeo - inheritance of context configurations - inherit if there is nothing else, otherwise override
Operations
nginx -v sudo nginx -t sudo systemctl status nginx sudo systemctl reload nginx sudo nginx -s reload # 0.7.53+
Variables
- Buildin
$host- in this order of precedence: host name from the request line, host name from the 'Host' request header field, or the server name matching a request. This is why this can be influenced by a incoming client$http_hostjust host name from the 'Host' request header field.$http_<name>- any request header field; name is the field name converted to lower case with dashes replaced by underscores
server context match order
For the server {} context selection nginx algorithm takes only 2 directives into account listen and server_name.
server {
listen 80; server_name *.example.com; . . .
}
- Matching
listendirective
At first listen directive is parsed, during this step any "incomplete" directives are added with default values
- no-ip -> set with
0.0.0.0 - no-port -> set with port
:80
The listen directive can be set to:
- An IP address/port combo.
- A lone IP address which will then listen on the default port 80.
- A lone port which will listen to every interface on that port.
- The path to a Unix socket
The most accurate listen directive match gets chosen.
- Matching
server_namedirective
If there are multiple the same listen directives, then server_name is being parsed in this order:
- exact match host header from the request
- leading wildcard (indicated by a
*at the beginning of the name in the config). If multiple matches are found, the longest match will be used to serve the request. - trailing wildcard (indicated by a server name ending with a
*in the config). If multiple matches are found, the longest match will be used to serve the request. - using regular expressions (indicated by a
~before the name). The first server_name with a regular expression that matches the “Host” header will be used to serve the request. - selects the
default_serverblock for that IP address and port part of listen directive. There can be only onedefault_serverdeclaration per each IP address/port combination. - First block, for an IP address/port combo, this will either be the first block in the configuration or the block that contains the default_server option as part of the listen directive (which would override the first-found algorithm).
server {
listen 80 default_server;
server_name example.com;
. . .
}
server {
listen 80;
server_name ~^(subdomain|set|www|host1).*\.example\.com$;
. . .
}
server {
listen 80;
server_name www.example.*;
. . .
}
server {
listen 80;
server_name *.org;
. . .
}
Config analyzers
- Crossplane - configuration file parser and builder
pip install crossplane # Analyse crossplane parse nginx.conf | jq # turn config into json, will contain results if errors found # Format and compare differences vimdiff nginx.conf <(crossplane format nginx.conf) # Minify, remove comments then format crossplane format <(crossplane minify nginx.conf)
# Analyse ls -1 *conf | xargs gixy | tee gixy.log
Log analyzes
$ ngxtop running for 411 seconds, 64332 records processed: 156.60 req/sec Summary: | count | avg_bytes_sent | 2xx | 3xx | 4xx | 5xx | |---------+------------------+-------+-------+-------+-------| | 64332 | 2775.251 | 61262 | 2994 | 71 | 5 | Detailed: | request_path | count | avg_bytes_sent | 2xx | 3xx | 4xx | 5xx | |------------------------------------------+---------+------------------+-------+-------+-------+-------| | /abc/xyz/xxxx | 20946 | 434.693 | 20935 | 0 | 11 | 0 | | /xxxxx.json | 5633 | 1483.723 | 5633 | 0 |
- Status module NginxHttpStubStatusModule
References
- Sites-enabled vs conf.d Explanation of standards and Debian-ism of sites-enabled.