nginx other五, 06/12/2019 - 15:30 的修訂版本

修訂版本可以讓你追蹤文章的多個版本的不同之處。

最後更新: 2019-05-09

目錄

常用的 module

3rdPartyModules

Doc

 


介紹

 

所有 nginx 的 3 party module list

Link: https://www.nginx.com/resources/wiki/modules/

 

Check 本地的 nginx 支援什麼 Modules:

nginx -V

...........
--add-module=/usr/src/nginx/nginx-1.1.19/debian/modules/nginx-cache-purge 
--add-module=/usr/src/nginx/nginx-1.1.19/debian/modules/naxsi/naxsi_src

 


ngx_http_stub_status_module

 

Setting

location /status {
  stub_status     on;
  allow           x.x.x.x;   # x.x.x.x = monitoring system
  deny            all;
}

Output:

Active connections: 4 
server accepts handled requests
 41 41 93 
Reading: 0 Writing: 2 Waiting: 2 

 

  • Active connections - number of active client connections(including Waiting connections)

 

  • accepts(Total)
  • handled(Total) - value is the same as accepts unless some resource limits have been reached
  • requests(Total)

 

  • reading - nginx reads request header
  • writing - nginx is writing the response back to the client
  • waiting - "active - (reading + writing)"

 


ngx_http_log_module

 

Setting

  • access_log
  • log_format

 * error_log 不是由 ngx_http_log_module 提供

Syntax:

access_log

    access_log path [ format [ buffer = size [ flush = time ]]]
    access_log path format gzip[= [ buffer = size ] [ flush = time ]
    access_log off

    Default:     logs/access.log combined

log_format

usage: log_format name string

e.g. log_format

log_format apache
    '$remote_addr - $remote_user [$time_local] '
    '"$request" $status $body_bytes_sent '
    '"$http_referer" "$http_user_agent" '
    '"$http_cookie"';
    
log_format full
    '$remote_addr $remote_user [$time_local] '
    '"$host"->$proxy_host->$upstream_addr '
    '"$request" $status($upstream_status) '
    '$bytes_sent/$gzip_ratio($sent_http_content_type) '
    '$request_time($upstream_response_time)';
    
log_format perf
    '$request_time($upstream_response_time) '
    '$bytes_sent/$gzip_ratio($sent_http_content_type) '
    '$status "$upstream_addr$uri"';
    
log_format gzip
    '$bytes_sent/$gzip_ratio($sent_http_content_type) '
    '[$http_accept_encoding]"$http_user_agent"';

log_format redirect
    '$time_local $redir_match $redir_action $redir_url';

log_format cache_status '[$time_local] "$request"  $upstream_cache_status';

e.g. access_log

#access_log off;
access_log            /var/log/nginx/access.log       apache;
#access_log           /var/log/nginx/access-full.log  full;
access_log            /var/log/nginx/access-perf.log  perf;
#access_log           /var/log/nginx/access-gzip.log  gzip;
access_log            /var/log/nginx/cache.log        cache_status;

cache_status output:

[25/Jan/2014:16:09:12 +0000] "GET /node/103 HTTP/1.0"  MISS
[25/Jan/2014:16:09:13 +0000] "GET /guestbook HTTP/1.0"  MISS
[25/Jan/2014:16:09:14 +0000] "GET /comment/reply/103 HTTP/1.0"  MISS

buffer & flush 設定

# 儲夠 64k 或 每 5 秒寫 1 次 log

access_log  /var/log/tengine/myserver/cache.log cache_status buffer=64k flush=5;

if 的設定

map $status $loggable {
    ~^[23]  0;
    default 1;
}

access_log /path/to/access.log combined if=$loggable;

我的 Proxy log

log_format cache_status '[$time_local] "$remote_addr" '
                        '"$request" $status $upstream_cache_status '
                        '* $request_time $bytes_sent "$gzip_ratio"';

Variables

$request_time

request processing time in seconds with a milliseconds resolution;

time elapsed between the first bytes were read from the client and the log write after the last bytes were sent to the client  

$bytes_sent

the number of bytes sent to a client

$status

Status code. i.e. 200

header to client

Header lines sent to a client have the prefix "sent_http_",

for example, $sent_http_connection

error_log

# stop error log ("error_log off;" 這是唔 work 的, 沒有 off 這設定)

error_log   /dev/null   crit;

 


ngx_http_degradation_module

 

Compile

--with-http_degradation_module

# Allows returning an error when a memory size exceeds the defined value.

# to be inserted at the http block level
degradation sbrk=500m;
degrade 204;

 


HttpRewriteModule

 

return

Stops processing and returns the specified code to a client.

return code [ text ]

return code URL

return URL

i.e.

return (301 | 302 | 303 | 307) url;

return (1xx | 2xx | 4xx | 5xx) ["text"];

set

# Sets a value for the specified variable

# The value can contain text, variables ( can't set the value of a $http_xxx header )

set variable value

rewrite_log

# Default: off

# information about rewrites to the error log at notice level.

rewrite_log on

break

Continue processing within the current location block but do not process any more rewrite directives.

if

pattern matching with regular expressions

~                 performs a case-sensitive match
~*               performs a case-insensitive match
!                  mean the opposite
-f or !-f        existence of a file using the
-d or !-d       existence of a directory using
-e or !-e       existence of a file, directory or symbolic link

rewrite

Capture elements (using PCRE regular expressions) in the original URL, return redirects

 * the rewrite directive does not necessarily halt NGINX’s processing of the request as return does

# rewrite the URL only if it matches the specified regular expression

rewrite regex URL [flag];

e.g.

if ($scheme = "http") {
    rewrite ^ https://$http_host$request_uri permanent; 
}
server {
    ...
    rewrite ^(/download/.*)/media/(.*)\..*$ $1/mp3/$2.mp3 last;
    rewrite ^(/download/.*)/audio/(.*)\..*$ $1/mp3/$2.ra  last;
    return  403;
    ...
}

last: it tells NGINX to skip any subsequent Rewrite-module directives in the current block

try_files

NGINX checks for the existence of the "files" and "directories" in order

and serves the first one it finds.

If none => redirect to the URI defined by the final element (uri).

try_files file … uri;

i.e.

location /images/ {
    try_files $uri $uri/ /images/default.gif;
}

location = /images/default.gif {
    expires 30s;
}

 


HttpHeadersModule

 

# Default: off, prevents changes to the Expires and Cache-Control headers.

# max: Expires header to 31 December 2037 23:59:59 GMT, Cache-Control max-age to 10 years.

expires       24h;

# Cache-Control: no-cache

expires       -1;

add_header    Cache-Control  private;

 


HttpAutoindexModule

 

# Default: off

autoindex on;

# accurately (in bytes), or rounded (KB, MB or GB),
# Default:  on

autoindex_exact_size on;

# Default is "off" (GMT time)

autoindex_localtime on;

e.g.

用外觀較好的 autoindex.html

Homepage: https://github.com/phuslu/phuslu.github.io

# mkdir -p /home/seafile/clients_software
# cd /home/seafile/clients_software
# wget https://phuslu.github.io/autoindex.html -O .autoindex.html

location /clients {
    autoindex_localtime on;
    autoindex           on;
    alias               /home/seafile/clients_software;
    add_after_body      /clients/autoindex.html;
}

hide files from autoindex

.autoindex.html

OR

Fancy Index Module

 


ngx_http_charset_module

 

# “Content-Type” response header field.
charset UTF-8;

 


ngx_http_map_module

 

Creates a new variable whose value depends on values of one or more of the source variables (first parameter)

Usage:

map string $variable { ... }

P.S.

Context: http

regular expression:

"~"           case-sensitive matching,
"~*"         case-insensitive matching.

e.g.

當 $request_method 是 PURGE 時會把 $purge_method 設定成 $purge_allowed

map $request_method $purge_method {
    PURGE   $purge_allowed;
    default 0;
}

 


ngx_http_geo_module

 

creates variables with values depending on the client IP address

Syntax: geo [$address] $variable { ... }

By default, the address is taken from the $remote_addr variable

geo $geo {
    default          0;
    127.0.0.1      2;
    10.1.0.0/16    1;
}

Opts

ranges

indicates that addresses are specified as ranges

This parameter should be the first.

include

includes a file with addresses and values.

proxy

defines trusted addresses

When a request comes from a trusted address,

an address from the “X-Forwarded-For” request header field will be used instead.

Example

?.conf

geo $country {
    ranges;
    default        ZZ;
    include        conf/geo.conf;
}

conf/geo.conf;

127.0.0.0/24   US;
10.1.0.0-10.1.255.255     RU;

 


echo-nginx-module

 

mkdir /usr/src/nginx; cd /usr/src/nginx;

wget https://github.com/openresty/echo-nginx-module/archive/v0.61.zip

unzip v0.61.zip

./configure --prefix=/opt/nginx \
 ... \ # must same as first build
 --add-dynamic-module=/usr/src/nginx/echo-nginx-module-0.61

make

cp ./objs/ngx_http_echo_module.so /opt/nginx/modules/

i.e.

nginx.conf

server {
  ...
  location ~ ^/r/([0-9a-zA-Z]+) {
    echo $1;
  }
}

 



ngx_http_fancyindex_module

 

Install

fancyindex module (nginx-extras)

https://github.com/aperezdc/ngx-fancyindex

wget https://github.com/aperezdc/ngx-fancyindex/archive/v0.4.3.zip -O ngx-fancyindex-v0.4.3.zip

./configure --prefix=/opt/nginx \
 ...
 --with-http_addition_module \
 --add-dynamic-module=/usr/src/nginx/ngx-fancyindex-0.4.3

make

make install

Config

[1] nginx.conf

load_module "modules/ngx_http_fancyindex_module.so";

[2] sites-enabled/proxy_www

...
location / {
  fancyindex on;              # Enable fancy indexes
  fancyindex_exact_size off;  # Output human-readable file sizes
  fancyindex_hide_symlinks on;
  fancyindex_localtime on;

  #autoindex on;
  #autoindex_localtime on;
  #gzip_static on;
}
...

Nginx-FancyIndex-Theme

git clone https://github.com/artyuum/Nginx-FancyIndex-Theme.git /etc/nginx/fancyindex_theme

location /  {
    fancyindex on;
    fancyindex_header "/fancyindex_theme/header.html";
    fancyindex_ignore "/fancyindex_theme";
}

location ^~ /fancyindex_theme {
    alias /etc/nginx/fancyindex_theme;
    try_files $uri $uri/ =404;
}

 


Doc

 

http://nginx.org/en/docs/