Embed Size (px)
Citation preview
About me
+14 years experience with Linux/Unix.
Technical Operations Leader at Locaweb.
I can handle myself in different languages such as Python, Perl, PHP, Bash, Lua, C and I'm learning Ruby.
USF4 Player (PSN ID: but3k4 or piupiu_monstro).
A brief description about NginX
NginX (pronounced "engine X”) is an OpenSource HTTP and reverse proxy server, a mail proxy server, and a load balancing server.
Currently it is the second most popular web server on the Internet.
Good Practices
NginX is flexible, it allows to do the same thing in different ways, but, good practices can save resources and increase the performance (such as good programming techniques).
try_files is basically a replacement for the typical mod_rewrite style file/directory existence check.
If possible, avoid to use “if (-f …), it is a bad practice(according to author of NginX)., ex:
bad:
if (-f $request_filename) { ……………. }
good:
location / { try_files $uri $uri/ = 404;
}
try_files instead of if
Using the return directive we can completely avoid evaluation of regular expression.
bad:
rewrite ^/(.*)$ http://domain.com/$1 permanent;
also bad:
rewrite ^ http://domain.com$request_uri? permanent;
good:
return 301 http://domain.com$request_uri;
return instead of rewrite
Avoid proxy everything. The try_files directive tries files in a specific order. This means that NginX can first look for a number of static files to serve and if not found move on to a user defined fallback.
proxy everything
bad:
location / { proxy_pass http://upstream_servers; }
good:
location / { try_files $uri $uri/ @proxy;
}
location @proxy { proxy_pass http://upstream_servers;
}
You can include any configuration files for what ever purpose you want. The include directive also supports filename globbing. The examples below show how the nginx.conf file already uses includes by default:
include files
include /etc/nginx/conf.d/*.conf;
or
include conf.d/*.conf;
Tips
NginX has dozen of modules (native or third-party), each module has a lot of directive, each directive has its own peculiarities.
core modulecore module has a lot of directives, among of them, there are interested directives:
http2
location
limit_rate
error_page
resolver
try_files
http rewrite moduleThis module makes it possible to change URI using Perl Compatible Regular Expressions (PCRE), and to redirect and select configuration depending on variables. This cycle can be repeated up to 10 times, after which Nginx returns a 500 error.
server_name ~^(?P<subdomain>[\w\d\-]+\.)?(?P<domain>[\w\d\-]+)\.(?P<cctld>[\w\.]+)$;
set $docroot "default";
if ($domain) { set $docroot $domain;
}
root /srv/$docroot/www;
gzip log filesIf you want, you can specify compression of the log files. If the gzip parameter is used, then the buffered data will be compressed before writing to the file.
Since the data is compressed in atomic blocks, the log file can be decompressed or read by "zcat" at any time.
format:
access_log location format gzip; ex:
access_log /var/log/nginx/access.log.gz combined gzip;
http map moduleThe http map module enable to create variables whose values depend on values of other variables. You can create new variable whose value depends on values of one or more of the source variables specified in the first parameter.
map $http_user_agent $bad_user_agent { default 0; ~*wget 1; ~*curl 1; ~*libwww-perl 1; ~*python-urllib 1; ~*PycURL 1;
}
http echo moduleThis module wraps lots of Nginx internal APIs for streaming input and output, parallel/sequential subrequests, timers and sleeping, as well as various meta data accessing.
location /echo { default_type text/html; echo -n "<html>\n<head><title>echo</title></head>\n<body><h1>echo</h1></body>\n</html>\n";
}
http lua module
This module embeds Lua, via the standard Lua 5.1 interpreter or LuaJIT 2.0/2.1, into Nginx and by leveraging Nginx's subrequests, allows the integration of the powerful Lua threads (Lua coroutines) into the Nginx event model.
location /lua { default_type text/plain; content_by_lua “nginx.say(‘hello, world!’)“;
}
http perl moduleThe ngx_http_perl_module module is used to implement location and variable handlers in Perl and insert Perl calls into SSI.
http Live Streaming (HLS) module
The ngx_http_hls_module module provides HTTP Live Streaming (HLS) server-side support for MP4 and MOV media files. Such files typically have the .mp4, .m4v, .m4a, .mov, or .qt filename extensions. The module supports H.264 video codec, AAC and MP3 audio codecs.
http://www.claudioborges.org/sf4.mp4.m3u8?offset=1.000&start=1.000&end=2.200
http://www.claudioborges.org/sf4.mp4.m3u8?len=8.000
http://www.claudioborges.org/sf4.mp4.ts?start=1.000&end=2.200
third-party modulesThese modules are not officially supported and may not be compatible across versions of Nginx. If you check this (http://wiki.nginx.org/3rdPartyModules) you can find interested things. Enjoy at your own risk.
To compile a third-party module, from the Nginx source directory, type:
./configure --add-module=/path/to/module1/source \ --add-module=/path/to/module2/source
Advanced techniques
NginX is a powerful web server with a lot of features. But, it has a few limitations. For example, it doesn’t have nested ifs, but, you can use a different way to do that.
nested if statement - part 1
Like I said, NginX doesn't allow nested if statements, for example, you can't do something like:
if ($http_refer ~* “.*claudioborges.*" && $args ~* “execute”) { rewrite ^/things$ /another_thing break; }
nested if statement part - 2
But, you can do using a different way:
set $result "";
if ($http_refer ~* ".*claudioborges.*") { set $result 1; }
if ($args ~* "execute") { set $result 2;
}
if ($result = 2) { rewrite ^/things$ /another_thing break;
}
Dynamic virtual hostYou can use dynamic virtual hosts in NginX. I mean, you can create just one file for many websites. It works similar to Apache mod_vhost_alias.
server { listen 80; server_name ~^(?P<subdomain>[\w\d\-]+\.)?(?P<domain>[\w\d\-]+)\.(?P<cctld>[\w\.]+)$; index index.html;
set $docroot “default"; if ($domain) {
set $docroot $domain; } root /srv/$docroot/www;
location / { try_files $uri $uri/ =404;
} access_log /var/log/nginx/$domain-access.log main; error_log /var/log/nginx/error.log;
}
HTTP and HTTPS in the same virtual host - part 1
Unlike Apache, NginX allows to use the same virtual host for both HTTP and HTTPS. Its configuration is pretty easy and using it avoid duplicate configurations.
HTTP and HTTPS in the same virtual host - part 2
To do that, you need to merge the HTTP and HTTPS virtual host file in a unique file. The only detail is: You need to omit the "SSL on" option. This directive in modern versions is thus discouraged.
The example below shows an unique virtual host that handles both HTTP and HTTPS requests:
server { listen 80; listen 443 ssl http2; server_name www.example.com; ssl_certificate www.example.com.crt; ssl_certificate_key www.example.com.key; ...
}
Referenceshttp://nginx.org
http://wiki.nginx.org/Pitfalls
http://wiki.nginx.org/IfIsEvil
http://wiki.nginx.org/3rdPartyModules
http://w3techs.com/technologies/cross/web_server/ranking
Thanks for you attention!Any questions?
Claudio Filho
@but3k4
http://www.claudioborges.org
https://github.com/but3k4
