Symptom
I think I've messed up my domain/nginx settings. The server shows up properly for 70~60% of time but sometimes it shows blank page(no html at all) or ERR_TOO_MANY_REDIRECTS page.
the url is: sungryeol.com
I've checked both Stackoverflow and Node.js + CentOS 7 + nginx setup tutorials on Google(which leads to digital ocean mostly)
Settings
Node.js / Express.js
OS: Cent OS 7(Vultr VPS)
Reverse proxy: nginx
DNS: Namecheap
Namecheap domain setting
Type------------------Host---Value-------------------------------TTL
A Record--------------#------45.32.9.128-------------------------5 min
CNAME Record----------www----sungryeol.com.----------------------5 min
URL Redirect Record---www----http://www.sungryeol.com Unmasked---
the dot on sungryeol.com'.' is automatically added by Namecheap UI.
nginx setting
nginx -t shows the configuration has no error. The internal setting has no problem I assume. It works fine with IP address but still shows blank page or redirect error from the URL : (www).sungryeol.com.
/etc/nginx/conf.d
server {
listen 80;
server_name localhost;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
...
}
/etc/nginx/nginx.conf
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
#include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-available/*.conf;
}
/etc/nginx/sites-available/portfolio.conf
upstream portfolio {
server 127.0.0.1:3001 max_fails=0 fail_timeout=10s weight=1;
ip_hash;
keepalive 512;
}
server
{
listen 80;
listen [::]:80 ipv6only=on default_server;
server_name sungryeol.com www.sungryeol.com;
keepalive_timeout 10;
# client_max_body_size 50M;
index index.html;
location /
{
proxy_pass http://portfolio;
include /etc/nginx/proxy_params;
}
}
/etc/nginx/proxy_params
proxy_buffers 16 32k;
proxy_buffer_size 64k;
proxy_busy_buffers_size 128k;
proxy_cache_bypass $http_pragma $http_authorization;
proxy_connect_timeout 59s;
proxy_hide_header X-Powered-By;
proxy_http_version 1.1;
proxy_ignore_headers Cache-Control Expires;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 htt$
proxy_no_cache $http_pragma $http_authorization;
proxy_pass_header Set-Cookie;
proxy_read_timeout 600;
proxy_redirect off;
proxy_send_timeout 600;
proxy_temp_file_write_size 64k;
proxy_set_header Accept-Encoding '';
proxy_set_header Cookie $http_cookie;
proxy_set_header Host $host;
proxy_set_header Proxy '';
proxy_set_header Referer $http_referer;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Original-Request $request_uri;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
Related
I'm running Nginx & NodeJS on Jelastic Paas, and need a Nginx reverse proxy to direct to a React app on a Nodejs.
I'm getting a "Cannot get/" error message, and not sure if it's on the Nginx or nodejs side, I did the same configuration on an other environment without any problem.
Question:
Is there something I'm forgetting?
Is the following configuration correct?
http {
server_tokens off ;
include /etc/nginx/mime.types;
default_type application/octet-stream;
set_real_ip_from <PRIVATE IP>;
set_real_ip_from <PRIVATE IP>;
set_real_ip_from <PRIVATE IP>;
real_ip_header X-Forwarded-For;
real_ip_recursive on;
log_format main '$remote_addr:$http_x_remote_port - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'"$host" sn="$server_name" '
'rt=$request_time '
'ua="$upstream_addr" us="$upstream_status" '
'ut="$upstream_response_time" ul="$upstream_response_length" '
'cs=$upstream_cache_status' ;
client_header_timeout 10m;
client_body_timeout 10m;
send_timeout 10m;
client_max_body_size 100m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 4 2k;
request_pool_size 4k;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_types text/plain;
output_buffers 1 32k;
postpone_output 1460;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 75 20;
ignore_invalid_headers on;
map $upstream_addr $group {
default "";
.<PRIVATE IP>:80$ common;
}
upstream default_upstream{
server <PRIVATE IP>;
sticky path=/; keepalive 100;
}
upstream common { server <PRIVATE IP> ; sticky path=/; keepalive 100; }
server {
listen *:80;
listen [::]:80;
server_name _;
access_log /var/log/nginx/localhost.access_log main;
error_log /var/log/nginx/localhost.error_log info;
proxy_temp_path /var/nginx/tmp/;
proxy_connect_timeout 5s;
error_page 500 502 503 504 /50x.html;
proxy_next_upstream error timeout http_500;
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Host $http_host;
proxy_set_header X-Forwarded-For $http_x_forwarded_for;
proxy_set_header X-Remote-Port $http_x_remote_port;
proxy_set_header X-URI $uri;
proxy_set_header X-ARGS $args;
proxy_set_header Refer $http_refer;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
if ($http_x_remote_port = '' ) {
set $http_x_remote_port $remote_port;
}
location = /50x.html {
root html;
}
location / {
if ($cookie_SRVGROUP ~ group|common) {
proxy_pass http://$cookie_SRVGROUP;
error_page 500 502 503 504 = #rescue;
}
if ($cookie_SRVGROUP !~ group|common) {
add_header Set-Cookie "SRVGROUP=$group; path=/";
}
proxy_pass http://default_upstream;
add_header Set-Cookie "SRVGROUP=$group; path=/";
}
location #rescue {
proxy_pass http://default_upstream;
add_header Set-Cookie "SRVGROUP=$group; path=/";
}
}
include /etc/nginx/conf.d/*.conf;
}
Here is the message I'm getting
I get error on nginx error log when trying to use nginx nodejs fs video stream. I had an error before about too many open files and fixed it by increasing worker connection. But now I get this error often:
recv() failed (104: Connection reset by peer) while reading response header from upstream
and sometimes:
upstream prematurely closed connection while reading response header from upstream
we use nginx on ubuntu 18.04 server with 2x CPU 2ghz 2 cores, 24ram
nginxConfig:
user www-data;
pid /run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
worker_processes 2;
events {
worker_connections 1024;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
log_format main_ext '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'"$host" sn="$server_name" '
'rt=$request_time '
'ua="$upstream_addr" us="$upstream_status" '
'ut="$upstream_response_time" ul="$upstream_response_length" '
'cs=$upstream_cache_status' ;
access_log /var/log/nginx/access.log main_ext;
error_log /var/log/nginx/error.log warn;
gzip on;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
nginx site config :
upstream http_backend {
server 127.0.0.1:8087;
keepalive 32;
}
server {
listen 80;
listen [::]:80;
server_name cdn.amjilt.com;
return 301 https://$server_name$request_uri;
}
server {
listen 7070;
listen [::]:7070;
server_name cdn.amjilt.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name cdn.amjilt.com;
ssl on;
ssl_certificate /etc/nginx/cert/media/media.crt;
ssl_certificate_key /etc/nginx/cert/media/media.key;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4;
ssl_prefer_server_ciphers on;
client_max_body_size 500M;
client_body_buffer_size 500M;
proxy_buffer_size 16M;
proxy_buffers 24 8M;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
location /images{
root /home/ubuntu/projects/amjilt_media/static;
}
location /tmp{
root /home/ubuntu/projects/amjilt_media/static;
}
location /images/uploads{
root /home/ubuntu/projects/amjilt_media/static;
}
location /images/avatar{
root /home/ubuntu/projects/amjilt_media/static;
}
location /api/video/show{
expires off;
proxy_buffering off;
chunked_transfer_encoding on;
proxy_pass http://http_backend;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
location /api/video/mobile{
expires off;
proxy_buffering off;
chunked_transfer_encoding on;
proxy_pass http://http_backend;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
location /api/pdf/show{
expires off;
proxy_buffering off;
chunked_transfer_encoding on;
proxy_pass http://http_backend;
proxy_http_version 1.1;
proxy_set_header Connection "";
}
location / {
proxy_pass http://localhost:8087;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
}
gzip_types text/css text/less text/plain text/xml application/xml application/json application/javascript;
gzip on;
}
We are using nginx as used as load balancer behind sails server is running. We have to upload 1 Gb file to the server. We are using angular js as front end. When we upload 1 GB file into the server it shows upload progress as 99% then after that it shows 400 error code.
While looking in to the error logs it show client prematurely closed connection
We tried client_body_in_file_only and upload module. But fails
How can we solve this issue?
Our Nginx conf is
load_module modules/ngx_http_upload_module.so;
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 768;
}
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 360;
types_hash_max_size 2048;
proxy_ignore_client_abort on;
proxy_buffering off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log info;
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
upstream api{
ip_hash;
server 127.0.0.1:1337;
}
server {
client_max_body_size 2048M;
client_body_buffer_size 2048M;
client_body_timeout 50m;
client_header_timeout 50m;
send_timeout 50m;
listen 80;
# location /test/upload {
# add_header 'Access-Control-Allow-Origin' *;
# #add_header 'Access-Control-Allow-Headers' 'Content-Type';
# add_header 'Access-Control-Allow-Credentials' 'true' always;
# add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS' always;
# add_header 'Access-Control-Allow-Headers' 'Accept,Authorization,Cache-Control,Content-Type,DNT,If-Modified-Since,Keep-Alive,Origin,User-Agent,X-Requested-With' always;
# # required to be able to read Authorization header in frontend
# add_header 'Access-Control-Expose-Headers' 'Authorization' always;
# # Pass altered request body to this location
# upload_pass #upload;
#
# # Store files to this directory
# # The directory is hashed, subdirectories 0 1 2 3 4 5 6 7 8 9 should exist
# upload_store /tmp;
#
# # Allow uploaded files to be read only by user
# upload_store_access user:r;
#
# # Set specified fields in request body
# upload_set_form_field $upload_field_name.name "$upload_file_name";
# upload_set_form_field $upload_field_name.content_type "$upload_content_type";
# upload_set_form_field $upload_field_name.path "$upload_tmp_path";
#
# # Inform backend about hash and size of a file
# upload_aggregate_form_field "$upload_field_name.md5" "$upload_file_md5";
# upload_aggregate_form_field "$upload_field_name.size" "$upload_file_size";
#
# upload_pass_form_field "^submit$|^description$|^account$";
#
# upload_cleanup 400 404 499 500-505;
# }
location #upload {
proxy_send_timeout 50m;
proxy_read_timeout 50m;
proxy_pass http://api;
proxy_http_version 1.1;
proxy_redirect off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
location / {
proxy_send_timeout 50m;
proxy_read_timeout 50m;
proxy_pass http://api;
proxy_http_version 1.1;
proxy_redirect off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
}
location /test/upload {
proxy_send_timeout 50m;
proxy_read_timeout 50m;
proxy_pass http://api;
proxy_http_version 1.1;
proxy_redirect off;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Real-IP $remote_addr;
client_body_in_file_only clean;
client_body_buffer_size 16K;
client_body_temp_path /tmp;
}
}
}
We are having multiple nodejs app running in different ports and using nginx as proxy. We are facing (504) issue while accessing static files url due to some wrong regex in nginx.conf
Anybody came across similar url patterns. Any pointers will be helpful
nginx version 1.8.0
504 Gateway Issue
https://localhost:9443/js/app1/index.js
https://localhost:9443/css/app1/index.css
https://localhost:9443/js/app2/index.js
https://localhost:9443/css/app2/index.css
App Url
https://localhost:9443/app1
https://localhost:9443/app2
https://localhost:9443/api/app1
https://localhost:9443/api/app2
nginx.conf
#user nobody;
worker_processes 1;
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 9443;
ssl on;
ssl_certificate /path/to/ssl_certificate; # path to your cacert.pem
ssl_certificate_key /path/to/ssl_certifiatekey; # path to your privkey.pem
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location /js {
alias /path/to/static/files;
}
location /css {
alias /path/to/static/files;
}
location / {
proxy_pass https://localhost:8443; #nodejsapp1
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffering on;
}
location ~ /app1/ {
proxy_pass https://localhost:8143; #nodejsapp2
error_page 502 = #fallback;
}
location ~ /app2 {
proxy_pass https://localhost:8343; #nodejsapp3
error_page 502 = #fallback;
}
location #fallback{
rewrite ^ /maintenance;
proxy_pass https://localhost:8443;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
include servers/*;
}
Clearly https://localhost:9443/js/app1/index.js matches the regular expression for app1, as it contains the text /app1/.
Regular expression locations take precedence over normal prefix locations, so the location /js block is not used in the above case.
Read the documentation to understand the evaluation order for the location directive.
You can move the precedence order of your js and css locations above all of the regular expression locations, by using the ^~ modifier:
location ^~ /js { ... }
location ^~ /css { ... }
These remain as prefix locations, but with a higher precedence.
This is what i have tried and it worked. Got help from this post
nginx - serve only images
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
server {
listen 9443;
ssl on;
ssl_certificate /path/to/ssl_certificate; # path to your cacert.pem
ssl_certificate_key /path/to/ssl_certifiatekey; # path to your privkey.pem
server_name localhost;
#charset koi8-r;
#access_log logs/host.access.log main;
location ~* \.(jpg|jpeg|gif|png|bmp|ico|pdf|flv|swf|exe|html|htm|txt|css|js)$ {
root /path/to/static/files;
expires 30d;
}
location / {
proxy_pass https://localhost:8443; #nodejsapp1
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $http_host;
proxy_cache_bypass $http_upgrade;
proxy_set_header X-Real-IP $remote_addr;
proxy_buffering on;
}
location ~* /app1/ {
proxy_pass https://localhost:8143; #nodejsapp2
error_page 502 = #fallback;
}
location ~* /app2 {
proxy_pass https://localhost:8343; #nodejsapp3
error_page 502 = #fallback;
}
location #fallback{
rewrite ^ /maintenance;
proxy_pass https://localhost:8443;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
include servers/*;
}
I have Nginx in front of a Node.js app. I have it set up so that if the url has /account in it, it'll redirect to HTTPS. My question is - how do I set it up so that if the user leaves the /account url (clicks a link to go to the home page), it'll get sent back to HTTP?
Here's my ngnix.conf:
worker_processes 1;
error_log logs/error.log;
pid logs/nginx.pid;
events {
worker_connections 128;
}
http {
include mime.types;
default_type application/octet-stream;
sendfile on;
server_tokens off;
#keepalive_timeout 0;
keepalive_timeout 65;
tcp_nodelay on;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
gzip on;
server {
listen 80;
server_name localhost;
location / {
proxy_set_header x-path $uri;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://127.0.0.1:3000;
proxy_redirect off;
}
location /account {
rewrite ^(.*) https://$host$1 permanent; #redirect to https
}
error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
}
server {
listen 443;
ssl on;
ssl_certificate ssl/server.crt;
ssl_certificate_key ssl/server.key;
location / {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-M-Secure "true";
proxy_redirect off;
proxy_max_temp_file_size 0;
proxy_pass http://127.0.0.1:3000;
}
}
}
Thanks in advance for any assistance.
This is untested.
server {
listen 443;
ssl on;
ssl_certificate ssl/server.crt;
ssl_certificate_key ssl/server.key;
location /account/ {
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-M-Secure "true";
proxy_redirect off;
proxy_max_temp_file_size 0;
proxy_pass http://127.0.0.1:3000;
}
location / {
rewrite ^(.*) http://$host$1 permanent; # redirect to http
}
}