Seconding Thomas's reply - Optimally, this should be done at the application layer. Configure proxy_set_header to send the clients' real public IPs from the reverse proxy to the upstream application. That way, your destination site will see the real IP of every visitor, rather than the reverse proxy's IP.
proxy_set_header X-Real-IP $remote_addr; https://nginx.org/en/docs/http/ngx_http_proxy_module.html#proxy_set_header https://www.nginx.com/resources/wiki/start/topics/examples/forwarded/ It is possible to trigger a bash script by watching your reverse proxy logs. Here is one way: Determine a pattern that will always match the nginx log lines that you want to log; write a bash script to tail the nginx log, and grep for matching lines; cut the values you want to collect from the log line, and insert them into a database. To continuously watch for new visits, create a unit file to run the script as a system service. tail -Fn0 /path/to/access.log | grep --line-buffered "pattern here" | while read -r line; do ip=$(echo $line | cut -f 1 -d " ") && \ timestamp=$(echo $line | cut -f 4 -d " ") && \ mysql -u user -ppass -D dbname -e "INSERT INTO table(timestamp,ip) VALUES ($timestamp, $ip)"; done However, I would strongly suggest avoiding that method for this specific task. Jessica D. Dooley Ohio Public Library Information Network jess...@oplin.ohio.gov On Mon, Jul 11, 2022 at 5:02 PM Thomas Ward <tew...@thomas-ward.net> wrote: > Reiterating my last statement, I don't think there's a way to configure > this in NGINX out of the box, the closest thing I can think of is an Lua > script that would be written to do this with the OpenRESTY Lua module, > however I"m not a pro at that, and that's not Bash. > > If you don't need **absolute real time** though, you can probably > achieve this with a passive logging method - using a dedicated access > log for your specific site and then process and clean your access log > when your script runs on an automatedtimer, but it's not 'realtime' or > 'on connect' in that approach. You can still extract IPs, hostnames > requested, URIs, etc. from the logs if you configure it right. > > On 7/11/22 16:22, Saint Michael wrote: > > I did not explain myself well. > > My reverse proxy is at > > https://bellingcat.oneye.us/ > > it goes to > > https://www.bellingcat.com > > so, every time somebody opens Chrome and goes to > https://belloingcat.oneye.us > > somewhere in my definition I need to fire a bash script (or any > > script) with some parameters to record the address. > > I cannot believe that was not considered. > > Thanks for the help. > > > > On Mon, Jul 11, 2022 at 3:49 PM Thomas Ward <tew...@thomas-ward.net> > wrote: > >> Ideally you would have your reverse proxy hand off to an application > >> that does this. I don't think there's an inbuilt way to execute a given > >> script every time someone connects via Bash. This is something your > >> backend application should really be handling. > >> > >> On 7/11/22 15:13, Saint Michael wrote: > >>> I have a reverse proxy and need to execute a bash script each time > >>> somebody connects to it. > >>> What is the right way to do it? I need to update a database. A > >>> parameter must be the public IP of the client. > >>> _______________________________________________ > >>> nginx mailing list -- nginx@nginx.org > >>> To unsubscribe send an email to nginx-le...@nginx.org > >>> > > _______________________________________________ > nginx mailing list -- nginx@nginx.org > To unsubscribe send an email to nginx-le...@nginx.org >
_______________________________________________ nginx mailing list -- nginx@nginx.org To unsubscribe send an email to nginx-le...@nginx.org
