Nginx

From DWIKI
Revision as of 10:37, 13 October 2022 by Tony (talk | contribs) (→‎FAQ)

HTTP server, proxy, reverse proxy etc

Links

Notes

SSL certificates

The host.crt goes first in the bundle


server {
 listen   443;
 ssl    on;
 ssl_certificate    /etc/ssl/your_domain_name.pem; (or bundle.crt)
 ssl_certificate_key    /etc/ssl/your_domain_name.key;
 server_name your.domain.com;
 access_log /var/log/nginx/nginx.vhost.access.log;
 error_log /var/log/nginx/nginx.vhost.error.log;
 location / {
  root   /home/www/public_html/your.domain.com/public/;
  index  index.html;
 }
}

HOWTO

Get configuration items

getconf PAGESIZE


Configure buffer sizes

See https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffer_size

FAQ

Redirecting in nginx

https://www.liquidweb.com/kb/redirecting-urls-using-nginx/


enable ipv6

In server section add

listen [::]:443;

Error messages

no live upstreams while connecting to upstream

can't connect to whatever backend?


upstream sent too big header while reading response header from upstream

(SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking

Usually just a bad client or a scan.


access forbidden by rule

look for allow or deny lines


Log level

Doesn't seem to be documented, defaults to log all?