Nginx: Difference between revisions

From DWIKI
(15 intermediate revisions by the same user not shown)
Line 24: Line 24:
   }
   }
  }
  }
=HOWTO=
==Get configuration items==
getconf PAGESIZE
==Configure buffer sizes==
See https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffer_size


=FAQ=
=FAQ=
==no live upstreams while connecting to upstream==
 
==Redirecting in nginx==
https://www.liquidweb.com/kb/redirecting-urls-using-nginx/
 
 
==enable ipv6==
In server section add
listen [::]:443;
 
==Error messages==
===no live upstreams while connecting to upstream===
can't connect to whatever backend?
can't connect to whatever backend?




==upstream sent too big header while reading response header from upstream==
===upstream sent too big header while reading response header from upstream===
https://www.getpagespeed.com/server-setup/nginx/tuning-proxy_buffer_size-in-nginx
*[https://techglimpse.com/upstream-sent-too-big-header-while-reading-response-header-from-upstream-nginx/ Upstream sent too big header]
[[:Category: Proxy]]
*[https://www.getpagespeed.com/server-setup/nginx/tuning-proxy_buffer_size-in-nginx Tuning proxy_buffer_size in NGINX]
 
 
===an upstream response is buffered to a temporary file===
 
 
===(SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking===
Usually just a bad client or a scan.
 
 
===access forbidden by rule===
look for allow or deny lines
 
===a client request body is buffered to a temporary file===
PLay some with
client_body_buffer_size 10M;
client_max_body_size 10M;
 
TODO check, this doesn't seem to apply
If all else fails just set:
    proxy_max_temp_file_size 0;
and see if you get some feedback :)
 
==Logging==
 
===Log level===
Doesn't seem to be documented, defaults to log all?
 
[[Category: Proxy]]

Revision as of 17:09, 10 November 2022

HTTP server, proxy, reverse proxy etc

Links

Notes

SSL certificates

The host.crt goes first in the bundle


server {
 listen   443;
 ssl    on;
 ssl_certificate    /etc/ssl/your_domain_name.pem; (or bundle.crt)
 ssl_certificate_key    /etc/ssl/your_domain_name.key;
 server_name your.domain.com;
 access_log /var/log/nginx/nginx.vhost.access.log;
 error_log /var/log/nginx/nginx.vhost.error.log;
 location / {
  root   /home/www/public_html/your.domain.com/public/;
  index  index.html;
 }
}

HOWTO

Get configuration items

getconf PAGESIZE


Configure buffer sizes

See https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_buffer_size

FAQ

Redirecting in nginx

https://www.liquidweb.com/kb/redirecting-urls-using-nginx/


enable ipv6

In server section add

listen [::]:443;

Error messages

no live upstreams while connecting to upstream

can't connect to whatever backend?


upstream sent too big header while reading response header from upstream


an upstream response is buffered to a temporary file

(SSL: error:141CF06C:SSL routines:tls_parse_ctos_key_share:bad key share) while SSL handshaking

Usually just a bad client or a scan.


access forbidden by rule

look for allow or deny lines

a client request body is buffered to a temporary file

PLay some with

client_body_buffer_size 10M;
client_max_body_size 10M;

TODO check, this doesn't seem to apply If all else fails just set:

   proxy_max_temp_file_size 0;

and see if you get some feedback :)

Logging

Log level

Doesn't seem to be documented, defaults to log all?