Webservers/nginx
Jump to navigation
Jump to search
The printable version is no longer supported and may have rendering errors. Please update your browser bookmarks and please use the default browser print function instead.
Nginx
Features
- conditionals -
if - Go-To's -
rewrite - Case statements -
mapandgeo - inheritance of context configurations - inherit if there is nothing else, otherwise override
Operations
nginx -v sudo nginx -t sudo systemctl status nginx sudo systemctl reload nginx sudo nginx -s reload # 0.7.53+
Variables
- Buildin
$host- in this order of precedence: host name from the request line, host name from the 'Host' request header field, or the server name matching a request. This is why this can be influenced by a incoming client$http_hostjust host name from the 'Host' request header field.$http_<name>- any request header field; name is the field name converted to lower case with dashes replaced by underscores
server context match order
For the server {} context selection nginx algorithm takes only 2 directives into account listen and server_name.
server {
listen 80; server_name *.example.com; . . .
}
- Matching
listendirective
At first listen directive is parsed, during this step any "incomplete" directives are added with default values
- no-ip -> set with
0.0.0.0 - no-port -> set with port
:80
The listen directive can be set to:
- An IP address/port combo.
- A lone IP address which will then listen on the default port 80.
- A lone port which will listen to every interface on that port.
- The path to a Unix socket
The most accurate listen directive match gets chosen.
- Matching
server_namedirective
If there are multiple the same listen directives, then server_name is being parsed in this order:
- exact match host header from the request
- leading wildcard (indicated by a
*at the beginning of the name in the config). If multiple matches are found, the longest match will be used to serve the request. - trailing wildcard (indicated by a server name ending with a
*in the config). If multiple matches are found, the longest match will be used to serve the request. - using regular expressions (indicated by a
~before the name). The first server_name with a regular expression that matches the “Host” header will be used to serve the request. - selects the
default_serverblock for that IP address and port part of listen directive. There can be only onedefault_serverdeclaration per each IP address/port combination. - First block, for an IP address/port combo, this will either be the first block in the configuration or the block that contains the default_server option as part of the listen directive (which would override the first-found algorithm).
server {
listen 80 default_server;
server_name example.com;
. . .
}
server {
listen 80;
server_name ~^(subdomain|set|www|host1).*\.example\.com$;
. . .
}
server {
listen 80;
server_name www.example.*;
. . .
}
server {
listen 80;
server_name *.org;
. . .
}
Config analyzers
- Crossplane - configuration file parser and builder
pip install crossplane # Analyse crossplane parse nginx.conf | jq # turn config into json, will contain results if errors found # Format and compare differences vimdiff nginx.conf <(crossplane format nginx.conf) # Minify, remove comments then format crossplane format <(crossplane minify nginx.conf)
# Analyse ls -1 *conf | xargs gixy | tee gixy.log
Log analyzes
$ ngxtop running for 411 seconds, 64332 records processed: 156.60 req/sec Summary: | count | avg_bytes_sent | 2xx | 3xx | 4xx | 5xx | |---------+------------------+-------+-------+-------+-------| | 64332 | 2775.251 | 61262 | 2994 | 71 | 5 | Detailed: | request_path | count | avg_bytes_sent | 2xx | 3xx | 4xx | 5xx | |------------------------------------------+---------+------------------+-------+-------+-------+-------| | /abc/xyz/xxxx | 20946 | 434.693 | 20935 | 0 | 11 | 0 | | /xxxxx.json | 5633 | 1483.723 | 5633 | 0 |
- Status module NginxHttpStubStatusModule
References
- Sites-enabled vs conf.d Explanation of standards and Debian-ism of sites-enabled.