Re: Restarting service takes too much time

2022-12-03 Thread blason 
Yes - He is right; everything is revolves around DNS and even my error is
with DNS resolving as it was not able to resolve the ocsp.godaddy.com hence
please troubelshoot from DNS perspetive.

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,295945,295963#msg-295963

___
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-le...@nginx.org

Re: QUIC: position of RTT and congestion

2022-12-03 Thread Maxim Konovalov 

Hi,

Your patches are more than welcome.

Maxim

On 01.12.2022 02:57, 朱宇(黎叔) via nginx-devel wrote:

Thank you for the reply. And one question follows:

Will the patches from community of such features be accepted , or should 
wait for official updates?


​

--原始邮件 --
*发件人:*Vladimir Homutov via nginx-devel 
*发送时间:*Wed Nov 30 20:33:18 2022
*收件人:*Vladimir Homutov via nginx-devel 
*抄送:*Vladimir Homutov 
*主题:*Re: QUIC: position of RTT and congestion

On Wed, Nov 30, 2022 at 08:10:29PM +0800, Yu Zhu wrote:
 >
 > Hi,
 >
 > As described in "rfc 9002 6. Loss Detection",  "RTT and 
congestion
 > control are properties of the path", so moves first_rtt,
 > latest_rtt, avg_rtt, min_rtt, rttvar and congestion from
 > ngx_quic_connection_t to struct ngx_quic_path_t looks more
 > reasonable?

yes, you are right.

Currently per-path calculations are not implemented, as well as path mtu
discovery and some other things.

___
nginx-devel mailing list -- nginx-devel@nginx.org
To unsubscribe send an email to nginx-devel-le...@nginx.org


___
nginx-devel mailing list -- nginx-devel@nginx.org
To unsubscribe send an email to nginx-devel-le...@nginx.org


--
Maxim Konovalov

___
nginx-devel mailing list -- nginx-devel@nginx.org
To unsubscribe send an email to nginx-devel-le...@nginx.org

Trying to confirm syntax of CLIENT_MAX_BODY_SIZE environment variable

2022-12-03 Thread David Karr 
 (Sorry if this is a dup. I sent this originally before my subscription was
confirmed.)

I was told that v1.22 of nginx will look for a CLIENT_MAX_BODY_SIZE
environment variable to configure the "client_max_body_size" configuration
property.  I'm having trouble finding a clear statement of what the
required syntax is for that.

The documentation for the configuration property, at
http://nginx.org/en/docs/http/ngx_http_core_module.html#client_max_body_size
, simply uses "m" as an example, but it doesn't actually say anything about
what the required syntax is.  Does it only allow "m", or does it check for
"M" or other variations?

Similarly, is the required syntax for the environment variable the same?
Is it really v1.22 that will check for that environment variable?
___
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-le...@nginx.org

Fixed gzip_disable_degradation defined without NGX_HTTP_DEGRADATION (broken by 3b522d7a5b34).

2022-12-03 Thread 淮叶 
Hello!
I think gzip_disable_degradation needs NGX_HTTP_DEGRADATION in order to be 
consistent with where used. 
details: https://hg.nginx.org/nginx/rev/3b522d7a5b34 

# User BullerDu 
# Date 1670079834 -28800
# Sat Dec 03 23:03:54 2022 +0800
# Branch bugfix
# Node ID 64a105315b9e5dc20dab2416caeb6b3481a460d1
# Parent 0b360747c74e3fa7e439e0684a8cf1da2d14d8f6
Fixed gzip_disable_degradation defined without NGX_HTTP_DEGRADATION (broken by 
3b522d7a5b34).
diff -r 0b360747c74e -r 64a105315b9e src/http/ngx_http_core_module.h
--- a/src/http/ngx_http_core_module.h Thu Nov 24 23:08:30 2022 +0400
+++ b/src/http/ngx_http_core_module.h Sat Dec 03 23:03:54 2022 +0800
@@ -315,8 +315,10 @@
 unsigned auto_redirect:1;
 #if (NGX_HTTP_GZIP)
 unsigned gzip_disable_msie6:2;
+#if (NGX_HTTP_DEGRADATION)
 unsigned gzip_disable_degradation:2;
 #endif
+#endif
 ngx_http_location_tree_node_t *static_locations;
 #if (NGX_PCRE)
___
nginx-devel mailing list -- nginx-devel@nginx.org
To unsubscribe send an email to nginx-devel-le...@nginx.org

Rate limting in a distributed setup

2022-12-03 Thread Saurav Sarkar 
Hi All,



I am newbie to NGINX and want to use NGINX as a reverse proxy for my cloud
foundry apps.



I am using NGINX cloudfoundry buildpack.

https://docs.cloudfoundry.org/buildpacks/nginx/index.html



I was exploring the rate limiting options and was able to achieve basic
rate limiting using NGINX limit_req_zone



Now I want to run NGINX in distributed mode/multiple instances.



I want to save the rate limiting counters in  a shared cache like Redis.



I was exploring nginxjs for extension.



Is it possible to do so using the NGINX rate limiting module
"limit_req_zone" in nginxjs ? Or I have to write a complete implementation
of my own  in java script?



I checked some openresty lua modules with rate limtiing in redis are
avaialble. But was looking for some examples in javascript.



Any other hints for this topic will be also highly appreciated.





Best Regards,

Saurav
___
nginx mailing list -- nginx@nginx.org
To unsubscribe send an email to nginx-le...@nginx.org

Re: условный CORS, if, try_files и fastcgi

2022-12-03 Thread Илья Шипицин 
так, пожалуй, и сделаю.

сб, 3 дек. 2022 г. в 15:59, Maxim K :

> Убирайте if
> в значение Access-Control-Allow-Origin подставляйте переменную из map,
> например
> map $http_origin $cors {
>   default '';
>   ~^https?://mydomain.com$ $http_origin;
> }
> server {
>   ...
>   location / {
> ...
> add_header Access-Control-Allow-Origin $cors;
>   }
> }
>
> в случае пустой строки в переменной - заголовок не будет добавляться в
> ответ.
>
> сб, 3 дек. 2022 г. в 13:50, Илья Шипицин :
>
>> привет!
>>
>> берем nginx-1.23.2
>> задача - проксировать на fastcgi только реально существующие на файловой
>> системе файлы (чтобы всякие сканы типа /xmlrpc.php не отправлялись бы на
>> fastcgi).
>>
>>
>> классическое решение (работает)
>>
>> location / {
>> try_files $uri =404;
>> fastcgi_pass unix:/run/php/php7.4-fpm.sock;
>>
>> fastcgi_index  index.php;
>> fastcgi_param  SCRIPT_FILENAME
>> $realpath_root$fastcgi_script_name;
>> fastcgi_intercept_errors on;
>>
>> include fastcgi_params;
>> }
>>
>>
>> однако try_files перестает решать задачу, если мы добавляем if (чуть
>> упрощенный конфиг, просто для иллюстрации) - даже несуществующие файлы
>> отправляются на fastcgi
>>
>> location / {
>> try_files $uri =404;
>> fastcgi_pass unix:/run/php/php7.4-fpm.sock;
>>
>> fastcgi_index  index.php;
>> fastcgi_param  SCRIPT_FILENAME
>> $realpath_root$fastcgi_script_name;
>> fastcgi_intercept_errors on;
>>
>> include fastcgi_params;
>>
>>set $cors "true";
>>
>>if ($cors = "true") {
>>add_header 'Access-Control-Allow-Origin'
>> "$http_origin";
>>}
>> }
>>
>>
>>
>> можно ли как-то во втором случае вернуть прежнее поведение try_files ?
>>
>> Илья Шипицин
>>
>>
>> ___
>> nginx-ru mailing list -- nginx-ru@nginx.org
>> To unsubscribe send an email to nginx-ru-le...@nginx.org
>>
> ___
> nginx-ru mailing list -- nginx-ru@nginx.org
> To unsubscribe send an email to nginx-ru-le...@nginx.org
>
___
nginx-ru mailing list -- nginx-ru@nginx.org
To unsubscribe send an email to nginx-ru-le...@nginx.org

Re: условный CORS, if, try_files и fastcgi

2022-12-03 Thread Maxim K 
Убирайте if
в значение Access-Control-Allow-Origin подставляйте переменную из map,
например
map $http_origin $cors {
  default '';
  ~^https?://mydomain.com$ $http_origin;
}
server {
  ...
  location / {
...
add_header Access-Control-Allow-Origin $cors;
  }
}

в случае пустой строки в переменной - заголовок не будет добавляться в
ответ.

сб, 3 дек. 2022 г. в 13:50, Илья Шипицин :

> привет!
>
> берем nginx-1.23.2
> задача - проксировать на fastcgi только реально существующие на файловой
> системе файлы (чтобы всякие сканы типа /xmlrpc.php не отправлялись бы на
> fastcgi).
>
>
> классическое решение (работает)
>
> location / {
> try_files $uri =404;
> fastcgi_pass unix:/run/php/php7.4-fpm.sock;
>
> fastcgi_index  index.php;
> fastcgi_param  SCRIPT_FILENAME
> $realpath_root$fastcgi_script_name;
> fastcgi_intercept_errors on;
>
> include fastcgi_params;
> }
>
>
> однако try_files перестает решать задачу, если мы добавляем if (чуть
> упрощенный конфиг, просто для иллюстрации) - даже несуществующие файлы
> отправляются на fastcgi
>
> location / {
> try_files $uri =404;
> fastcgi_pass unix:/run/php/php7.4-fpm.sock;
>
> fastcgi_index  index.php;
> fastcgi_param  SCRIPT_FILENAME
> $realpath_root$fastcgi_script_name;
> fastcgi_intercept_errors on;
>
> include fastcgi_params;
>
>set $cors "true";
>
>if ($cors = "true") {
>add_header 'Access-Control-Allow-Origin'
> "$http_origin";
>}
> }
>
>
>
> можно ли как-то во втором случае вернуть прежнее поведение try_files ?
>
> Илья Шипицин
>
>
> ___
> nginx-ru mailing list -- nginx-ru@nginx.org
> To unsubscribe send an email to nginx-ru-le...@nginx.org
>
___
nginx-ru mailing list -- nginx-ru@nginx.org
To unsubscribe send an email to nginx-ru-le...@nginx.org