Re: RE: Caching Method

2019-08-15 Thread hhypnos 
hi , can i use catching without proxy_pass?

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,285284,285309#msg-285309

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Location Rewrite Issue

2019-08-15 Thread Randy Johnson 
Here is the locations part of my nginx host file:
server {
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;

location / {
try_files $uri $uri/ @extensionless-php;
}

location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
}

location @extensionless-php {
rewrite ^(.*)$ $1.php last;
}

I tried adding the following line in there in a couple different places but
all it does is download the php file.

location /blog {
rewrite ^/blog/([A-Za-z0-9-]+)/?$ /blog-article.php?slug=$1 break;
}

In addition it does not load the /blog page.  It throws a 404.

I am not quite sure what I need to do to get it working.

Thank You,
Randy
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: RE: Caching Method

2019-08-15 Thread hhypnos 
can i use catching without proxy_pass?

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,285284,285310#msg-285310

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

njs-0.3.5

2019-08-15 Thread Dmitry Volyntsev 
This is a bugfix release that eliminates heap-use-after-free
introduced in 0.3.4.

What installations are affected:

- Importing built-in modules (crypto, fs) using require().

You can learn more about njs:

- Overview and introduction: http://nginx.org/en/docs/njs/ 

- Presentation: https://youtu.be/Jc_L6UffFOs 

Feel free to try it and give us feedback on:

- Github: https://github.com/nginx/njs/issues 

- Mailing list: http://mailman.nginx.org/mailman/listinfo/nginx-devel 


Changes with njs 0.3.5 15 Aug 2019
   Core:
   *) Bugfix: fixed module importing using require(). The bug was
  introduced in 0.3.4.

   *) Bugfix: fixed [[SetPrototypeOf]].___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Proxy stream pop3 110 to secure 995

2019-08-15 Thread itpp2012 
Considering this example
https://docs.nginx.com/nginx/admin-guide/security-controls/securing-tcp-traffic-upstream/
How would you stream plain unsecured pop3 traffic to a secure endpoint
elsewhere ? (without the backend certificates)

ea.
stream {
listen 110;
proxy_ssl on;
proxy_pass site.com:995;
}

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,285302,285302#msg-285302

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: nginx-1.17.3 and TLS v1.3

2019-08-15 Thread Maxim Dounin 
Hello!

On Thu, Aug 15, 2019 at 09:05:42AM -0400, TC_Hessen wrote:

> Hi,
> 
> I am new to this forum, but not new to nginx. I am running multiple debian
> servers (stretch) with nginx 1.14.1 and TLS 1.3 support, i.e.
> 
> nginx version: nginx/1.14.1
> built with OpenSSL 1.1.0f  25 May 2017 (running with OpenSSL 1.1.1c  28 May
> 2019)
> TLS SNI support enabled
> 
> To prevent the servers agains the new bugs, I tried to upgrade directly to
> 1.17.3 provided by nginx.org. That works without any problems, but TLS 1.3
> is not running anymore:
> 
> nginx version: nginx/1.17.3
> built by gcc 6.3.0 20170516 (Debian 6.3.0-18+deb9u1)
> built with OpenSSL 1.1.0j  20 Nov 2018 (running with OpenSSL 1.1.1c  28 May
> 2019)
> TLS SNI support enabled
> 
> Where is the error?

OS you are using is shipped with OpenSSL 1.1.0j, and nginx is 
built with this old OpenSSL version.  As such, TLSv1.3 is not 
available.

There was a bug which made TLSv1.3 always enabled when was 
compiled with OpenSSL 1.1.0 and running with OpenSSL 1.1.1, it was 
fixed in nginx 1.15.6 and 1.14.2 (quote from 
http://nginx.org/en/CHANGES-1.14):

*) Bugfix: if nginx was built with OpenSSL 1.1.0 and used with OpenSSL
   1.1.1, the TLS 1.3 protocol was always enabled.

Since you were using nginx 1.14.1 previously, TLS 1.3 was enabled 
due to this bug.

-- 
Maxim Dounin
http://mdounin.ru/
___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

Re: nginx-1.17.3 and TLS v1.3

2019-08-15 Thread targon 
I suggest you consider investigating Intels' Clear Linux.

https://docs.01.org/clearlinux/latest/index.html 


https://docs.01.org/clearlinux/latest/about.html# 


https://docs.01.org/clearlinux/latest/reference/bundles/bundles.html 


read specifically about swupd and bundles.

This is a ’Stateless’ OS

In particular to your issues, on Clear Linux you'd install nginx-mainline 
bundle,
all the source packages and dependancies are tested with the bundle before 
distribution to swupd

Example, the nginx-mainline bundle version requires lib-openssl, the and only 
compatible tested lib-openssl package version will be included. 

This strategy eliminates all those fragmented dependancy issues every other 
Linux distro, where you install nginx but you’ve no real idea what openssl 
version is going to work with it.

Admittedly, Clear Linux is a little unfamiliar at first but give it a try, 
there’s far less headaches to deal with than other the ‘popular’ distros.

Apologies for not addressing your issue directly.

> On 15 Aug 2019, at 21:05, TC_Hessen  wrote:
> 
> Hi,
> 
> I am new to this forum, but not new to nginx. I am running multiple debian
> servers (stretch) with nginx 1.14.1 and TLS 1.3 support, i.e.
> 
> nginx version: nginx/1.14.1
> built with OpenSSL 1.1.0f  25 May 2017 (running with OpenSSL 1.1.1c  28 May
> 2019)
> TLS SNI support enabled
> 
> To prevent the servers agains the new bugs, I tried to upgrade directly to
> 1.17.3 provided by nginx.org. That works without any problems, but TLS 1.3
> is not running anymore:
> 
> nginx version: nginx/1.17.3
> built by gcc 6.3.0 20170516 (Debian 6.3.0-18+deb9u1)
> built with OpenSSL 1.1.0j  20 Nov 2018 (running with OpenSSL 1.1.1c  28 May
> 2019)
> TLS SNI support enabled
> 
> Where is the error?
> 
> Posted at Nginx Forum: 
> https://forum.nginx.org/read.php?2,285294,285294#msg-285294
> 
> ___
> nginx mailing list
> nginx@nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx

nginx-1.17.3 and TLS v1.3

2019-08-15 Thread TC_Hessen 
Hi,

I am new to this forum, but not new to nginx. I am running multiple debian
servers (stretch) with nginx 1.14.1 and TLS 1.3 support, i.e.

nginx version: nginx/1.14.1
built with OpenSSL 1.1.0f  25 May 2017 (running with OpenSSL 1.1.1c  28 May
2019)
TLS SNI support enabled

To prevent the servers agains the new bugs, I tried to upgrade directly to
1.17.3 provided by nginx.org. That works without any problems, but TLS 1.3
is not running anymore:

nginx version: nginx/1.17.3
built by gcc 6.3.0 20170516 (Debian 6.3.0-18+deb9u1)
built with OpenSSL 1.1.0j  20 Nov 2018 (running with OpenSSL 1.1.1c  28 May
2019)
TLS SNI support enabled

Where is the error?

Posted at Nginx Forum: 
https://forum.nginx.org/read.php?2,285294,285294#msg-285294

___
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx