Forum: NGINX Is there a problem with my nginx.conf?

2974d09ac2541e892966b762aad84943?d=identicon&s=25 sastro (Guest)
on 2010-08-25 20:07
(Received via mailing list)
Hi,

I'm new with nginx, so i just copy paste my nginx.conf from some
resources on internet. I just want to know if there's any mistakes or
wrong configuration. Here it is
[code]
user              nginx;
worker_processes  1;

error_log  /var/log/nginx/error.log;
#error_log  /var/log/nginx/error.log  notice;
#error_log  /var/log/nginx/error.log  info;

pid        /var/run/nginx.pid;


#----------------------------------------------------------------------
# Events Module
#
#   http://wiki.nginx.org/NginxHttpEventsModule
#
#----------------------------------------------------------------------

events {
    worker_connections  1024;
}


#----------------------------------------------------------------------
# HTTP Core Module
#
#   http://wiki.nginx.org/NginxHttpCoreModule
#
#----------------------------------------------------------------------

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local]
"$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;
    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

  gzip              on;
  gzip_buffers      16 8k;
  gzip_comp_level   9;
  gzip_proxied any;
  gzip_http_version 1.0;
  gzip_min_length   1100;
  gzip_types text/plain text/css application/x-javascript text/xml
application/xml
  application/xml+rss text/javascript;
  gzip_vary         on;

# Load config files from the /etc/nginx/conf.d directory
  proxy_cache_path  /var/log/cache levels=1:2 keys_zone=my-cache:8m
max_size=1000m inactive=600m;
  proxy_temp_path /var/log/cache/tmp;

    include /etc/nginx/conf.d/*.conf;
    #
    # The default server
    #

server {
        listen       184.82.20.181:80;
        server_name  mywebsite.com;
    charset utf-8;

access_log /var/log/nginx/mywebsite.access.log  main;

#Serve Static Files
location ~ \.(ico|css|js|png|jpg|gif)$ {
root /home/mywebsite/public_html;
expires max;
access_log off;
proxy_cache my-cache;
proxy_cache_valid  200 302  600m;
proxy_cache_valid  404      600m;
}

#Serve XML Files
location ~ \.xml {
root /home/mywebsite/public_html;
proxy_cache my-cache;
proxy_cache_valid  200 302  20m;
proxy_cache_valid  404      600m;
}

location / {
    if (-f $request_filename) {
        break;
      }
    if (-f $request_filename.html) {
        rewrite (.*) $1.html break;
      }

#Block access to contact.php
location ~* (contact|ontact)\.php$ {
return 444;
access_log off;
}


proxy_pass  http://127.0.0.1:8008;
expires 15m;
proxy_hide_header Pragma;
proxy_hide_header Cache-Control;
proxy_cache my-cache;
proxy_cache_valid  200 301 302  15m;
proxy_cache_valid  404 600m;
proxy_cache_use_stale  error timeout invalid_header updating http_500
http_502 http_503 http_504;

#Block bad bot
  if ($http_user_agent ~*
(libwww-perl|libcurl|wget|discobot|Exabot|Casper|kmccrew|plaNETWORK|RPT-HTTPClient))
{
    return 444;
    access_log off;
     }
#Block No user agent
   if ($http_user_agent = "") {
   return 444;
   access_log off;
   }
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_read_timeout 300;
proxy_send_timeout 300;
 }

#error page
        error_page  404              /404.html;
        location = /404.html {
            root   /usr/share/nginx/html;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/share/nginx/html;
        }
    }

}

[/code]

Thanks in advanced

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,123661,123661#msg-123661
0f7a1240e82f744c6c607fa7081b99f7?d=identicon&s=25 Igor Sysoev (Guest)
on 2010-08-25 20:17
(Received via mailing list)
On Wed, Aug 25, 2010 at 02:06:30PM -0400, sastro wrote:

> #error_log  /var/log/nginx/error.log  notice;
> #----------------------------------------------------------------------
> #
>
>   gzip_http_version 1.0;
>
> access_log /var/log/nginx/mywebsite.access.log  main;
>
>         break;
>
>
>    access_log off;
>         error_page  404              /404.html;
> }
>
> [/code]
>
> Thanks in advanced

I see at least one problem: the configuration is unreadable, it has
very bad formating.


--
Igor Sysoev
http://sysoev.ru/en/
2974d09ac2541e892966b762aad84943?d=identicon&s=25 moorthi (Guest)
on 2010-10-28 17:00
(Received via mailing list)
hi
 i am running ngnix with perl module for IMAP/POP, but i am not getting
the source remote address from where user is authenticating.
[b]my conf:[/b]
http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local]
$request '
                      '"$status" $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;
    perl_modules  perl/lib;
    perl_require  mailauth.pm;
    server {
       listen 8880;
       location /auth {
          perl  mailauth::handler;
       }
    }
}

mail {
   auth_http  127.0.0.1:8880/auth;
   auth_http_timeout 6000;

   pop3_capabilities  "TOP"  "USER";
   imap_capabilities  "IMAP4rev1"  "UIDPLUS";

   server {
      listen     110;
      protocol   pop3;
      proxy      on;
      auth_http_header  X-Auth-Port 110;
   }
   server {
      listen     143;
      protocol   imap;
      proxy      on;
      auth_http_header  X-Auth-Port 143;
   }
}

[b]my mailauth.pm handler function on nginx server 192.168.1.1:[/b]
sub handler {
   my $r = shift;
   $r->header_out("Auth-Status", "OK");
   $r->header_out("Auth-Server", '192.168.1.2');
   $r->header_out("Auth-Port", '143');
   $r->send_http_header("text/html");
   warn 'H: ',$r->remote_addr;
   return OK;
}

[b]from 192.168.1.3[/b]
telnet 192.168.1.1 143
. login user1 pass1
. OK [CAPABILITY IMAP4 IMAP4rev1 logged in

[b]on 192.168.1.1 tail -f /var/log/nginx/error_log[/b]
H: [b]127.0.0.1[/b] at /usr/share/nginx/perl/lib/mailauth.pm line 59.

actually i have to get 192.168.1.3
how to get this remote_addr can u plz help me.

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,123661,145342#msg-145342
A8108a0961c6087c43cda32c8616dcba?d=identicon&s=25 Maxim Dounin (Guest)
on 2010-10-28 17:19
(Received via mailing list)
Hello!

On Thu, Oct 28, 2010 at 10:59:21AM -0400, moorthi wrote:

>  i am running ngnix with perl module for IMAP/POP, but i am not getting
> the source remote address from where user is authenticating.

[...]

>
> [b]from 192.168.1.3[/b]
> telnet 192.168.1.1 143
> . login user1 pass1
> . OK [CAPABILITY IMAP4 IMAP4rev1 logged in
>
> [b]on 192.168.1.1 tail -f /var/log/nginx/error_log[/b]
> H: [b]127.0.0.1[/b] at /usr/share/nginx/perl/lib/mailauth.pm line 59.
>
> actually i have to get 192.168.1.3
> how to get this remote_addr can u plz help me.

Connection to auth_http server is obviously from nginx, not
client.  Client's ip address as seen on nginx mail proxy is
available in Client-IP header.

Maxim Dounin
2974d09ac2541e892966b762aad84943?d=identicon&s=25 moorthi (Guest)
on 2010-10-29 09:58
(Received via mailing list)
thanks a lot, Client-IP header worked for me.

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,123661,145577#msg-145577
2974d09ac2541e892966b762aad84943?d=identicon&s=25 moorthi (Guest)
on 2010-11-01 09:22
(Received via mailing list)
Hi,
   now the problem is on nginx server(192.168.1.1) if i do
telnet localhost 143
. login user1 pass1
. OK [CAPABILITY IMAP4 User logged in
. select inbox
* FLAGS (\Answered \Flagged \Draft \Deleted \Seen)
* OK [PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted \Seen \*)]
[b]* 0 EXISTS[/b]
...
if i do telnet to actual imap host(192.168.1.2)
telnet 192.168.1.2 143
. login user1 pass1
. OK [CAPABILITY IMAP4 User logged in
. select inbox
* FLAGS (\Answered \Flagged \Draft \Deleted \Seen)
* OK [PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted \Seen \*)]
[b]* 1 EXISTS[/b]
...

and no error in nginx logs
nginx -V output is
nginx version: nginx/0.6.28
built by gcc 4.1.2 20071124 (Red Hat 4.1.2-42)
configure arguments: --user=nginx --group=nginx
--prefix=/usr/share/nginx --sbin-path=/usr/sbin/nginx
--conf-path=/etc/nginx/nginx.conf
--error-log-path=/var/log/nginx/error.log
--http-log-path=/var/log/nginx/access.log
--http-client-body-temp-path=/var/lib/nginx/tmp/client_body
--http-proxy-temp-path=/var/lib/nginx/tmp/proxy
--http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi
--pid-path=/var/run/nginx.pid --lock-path=/var/lock/subsys/nginx
--with-http_ssl_module --with-http_realip_module
--with-http_addition_module --with-http_sub_module
--with-http_dav_module --with-http_flv_module
--with-http_gzip_static_module --with-http_stub_status_module
--with-http_perl_module --with-mail --with-mail_ssl_module
--with-cc-opt=-O2 -g
--add-module=/usr/src/redhat/BUILD/nginx-0.6.28/nginx-upstream-fair

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,123661,146477#msg-146477
A8108a0961c6087c43cda32c8616dcba?d=identicon&s=25 Maxim Dounin (Guest)
on 2010-11-01 09:39
(Received via mailing list)
Hello!

On Mon, Nov 01, 2010 at 04:21:24AM -0400, moorthi wrote:

> if i do telnet to actual imap host(192.168.1.2)
> telnet 192.168.1.2 143
> . login user1 pass1
> . OK [CAPABILITY IMAP4 User logged in
> . select inbox
> * FLAGS (\Answered \Flagged \Draft \Deleted \Seen)
> * OK [PERMANENTFLAGS (\Answered \Flagged \Draft \Deleted \Seen \*)]
> [b]* 1 EXISTS[/b]
> ...

nginx doesn't execute "select" imap command by itself, it just
passes everything it got from client after login to backend
server.

You may want to re-check you auth script, most likely it returned
some other imap host to nginx.

Maxim Dounin
2974d09ac2541e892966b762aad84943?d=identicon&s=25 moorthi (Guest)
on 2010-11-01 10:04
(Received via mailing list)
thanx, ur right, sorry it's my auth coding problem

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,123661,146483#msg-146483
2974d09ac2541e892966b762aad84943?d=identicon&s=25 moorthi (Guest)
on 2013-10-09 13:08
(Received via mailing list)
one more problem is how get original ip in authentication details of
imap-server log instead of nginx server ip.
when i see cyrus authentication log (/var/log/maillog) it shows nginx ip
as
client-ip instead of original desktop ip.

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,123661,243550#msg-243550
2974d09ac2541e892966b762aad84943?d=identicon&s=25 moorthi (Guest)
on 2013-10-09 13:18
(Received via mailing list)
other issue i'm getting is when i login thru php webmail (which connects
to
nginx for imap proxy) I am not getting original remote_addr in nginx
server,
instead i am getting 127.0.0.1, I've tried below header in php webmail
where
imap login happens, using
header('X-Forwarded-For: '.$_SERVER['REMOTE_ADDR']);

how should i get original remote address in nginx.

Posted at Nginx Forum:
http://forum.nginx.org/read.php?2,123661,243552#msg-243552
Please log in before posting. Registration is free and takes only a minute.
Existing account

NEW: Do you have a Google/GoogleMail, Yahoo or Facebook account? No registration required!
Log in with Google account | Log in with Yahoo account | Log in with Facebook account
No account? Register here.