Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Search - "nginx"
-
So I got the job. Here's a story, never let anyone stop you from accomplishing your dreams!
It all started in 2010. Windows just crashed unrecoverably for the 3rd time in two years. Back then I wasn't good with computers yet so we got our tech guy to look at it and he said: "either pay for a windows license again (we nearly spend 1K on licenses already) or try another operating system which is free: Ubuntu. If you don't like it anyways, we can always switch back to Windows!"
Oh well, fair enough, not much to lose, right! So we went with Ubuntu. Within about 2 hours I could find everything. From the software installer to OpenOffice, browsers, email things and so on. Also I already got the basics of the Linux terminal (bash in this case) like ls, cd, mkdir and a few more.
My parents found it very easy to work with as well so we decided to stick with it.
I already started to experiment with some html/css code because the thought of being able to write my own websites was awesome! Within about a week or so I figured out a simple html site.
Then I started to experiment more and more.
After about a year of trial and error (repeat about 1000+ times) I finally got my first Apache server setup on a VirtualBox running Ubuntu server. Damn, it felt awesome to see my own shit working!
From that moment on I continued to try everything I could with Linux because I found the principle that I basically could do everything I wanted (possible with software solutions) without any limitations (like with Windows/Mac) very fucking awesome. I owned the fucking system.
Then, after some years, I got my first shared hosting plan! It was awesome to see my own (with subdomain) website online, functioning very well!
I started to learn stuff like FTP, SSH and so on.
Went on with trial and error for a while and then the thought occured to me: what if I'd have a little server ONLINE which I could use myself to experiment around?
First rented VPS was there! Couldn't get enough of it and kept experimenting with server thingies, linux in general aaand so on.
Started learning about rsa key based login, firewalls (iptables), brute force prevention (fail2ban), vhosts (apache2 still), SSL (damn this was an interesting one, how the fuck do you do this yourself?!), PHP and many other things.
Then, after a while, the thought came to mind: what if I'd have a dedicated server!?!?!?!
I ordered my first fucking dedicated server. Damn, this was awesome! Already knew some stuff about defending myself from brute force bots and so on so it went pretty well.
Finally made the jump to NginX and CentOS!
Made multiple VPS's for shitloads of purposes and just to learn. Started working with reverse proxies (nginx), proxy servers, SSL for everything (because fuck basic http WITHOUT SSL), vhosts and so on.
Started with simple, one screen linux setup with ubuntu 10.04.
Running a five monitor setup now with many distro's, running about 20 servers with proxies/nginx/apache2/multiple db engines, as much security as I can integrate and this fucking passion just got me my first Linux job!
It's not just an operating system for me, it's a way of life. And with that I don't just mean the operating system, but also the idea behind it :).20 -
Happened a few weeks ago but still awesome.
Me and a good friend have a website together but we don't monitor it too much.
He studied with me in the same class but went towards frontend/apps where I chose backend/servers/security. He knows how to do basic Linux stuff but that's about it.
We were at a party when he noticed that our site was offline. Walked over to me (because I manage the server) to notify me so I could look into it said I'd look into it (phone):
*visits site: nothing*
*online dig tool: got the server ip*
*remembered this one didn't have pubkey authentication - after three passwords attempts I'm in*
"service apache2 status"
*service doesn't exist*
*right, migrated this one from Apache to nginx....*
"history"
*ah, an nginx restart probably suffices...*
"service nginx restart"
BAM, site is reachable again.
*god damnit, lets encrypt cert expired...*
"history"
*sees command with certbot and our domain both in one*
"!892"
*20 seconds later: success message*
*service nginx reload*
BAM, site works securely again.
"Yo mate, check the site again"
Mate: 😶 w-w-what? *checks site and his watch* you started less than two minutes ago...?
Me: yeah..?
Mate: 😶 now this is why YOU manage our server and I don't 😐
His face was fucking gold. It wasn't that difficult for me (I do this daily) but to him, I was a God at that moment.
Awesome moment 😊23 -
Hacking/attack experiences...
I'm, for obvious reasons, only going to talk about the attacks I went through and the *legal* ones I did 😅 😜
Let's first get some things clear/funny facts:
I've been doing offensive security since I was 14-15. Defensive since the age of 16-17. I'm getting close to 23 now, for the record.
First system ever hacked (metasploit exploit): Windows XP.
(To be clear, at home through a pentesting environment, all legal)
Easiest system ever hacked: Windows XP yet again.
Time it took me to crack/hack into today's OS's (remote + local exploits, don't remember which ones I used by the way):
Windows: XP - five seconds (damn, those metasploit exploits are powerful)
Windows Vista: Few minutes.
Windows 7: Few minutes.
Windows 10: Few minutes.
OSX (in general): 1 Hour (finding a good exploit took some time, got to root level easily aftewards. No, I do not remember how/what exactly, it's years and years ago)
Linux (Ubuntu): A month approx. Ended up using a Java applet through Firefox when that was still a thing. Literally had to click it manually xD
Linux: (RHEL based systems): Still not exploited, SELinux is powerful, motherfucker.
Keep in mind that I had a great pentesting setup back then 😊. I don't have nor do that anymore since I love defensive security more nowadays and simply don't have the time anymore.
Dealing with attacks and getting hacked.
Keep in mind that I manage around 20 servers (including vps's and dedi's) so I get the usual amount of ssh brute force attacks (thanks for keeping me safe, CSF!) which is about 40-50K every hour. Those ip's automatically get blocked after three failed attempts within 5 minutes. No root login allowed + rsa key login with freaking strong passwords/passphrases.
linu.xxx/much-security.nl - All kinds of attacks, application attacks, brute force, DDoS sometimes but that is also mostly mitigated at provider level, to name a few. So, except for my own tests and a few ddos's on both those domains, nothing really threatening. (as in, nothing seems to have fucked anything up yet)
How did I discover that two of my servers were hacked through brute forcers while no brute force protection was in place yet? installed a barebones ubuntu server onto both. They only come with system-default applications. Tried installing Nginx next day, port 80 was already in use. I always run 'pidof apache2' to make sure it isn't running and thought I'd run that for fun while I knew I didn't install it and it didn't come with the distro. It was actually running. Checked the auth logs and saw succesful root logins - fuck me - reinstalled the servers and installed Fail2Ban. It bans any ip address which had three failed ssh logins within 5 minutes:
Enabled Fail2Ban -> checked iptables (iptables -L) literally two seconds later: 100+ banned ip addresses - holy fuck, no wonder I got hacked!
One other kind/type of attack I get regularly but if it doesn't get much worse, I'll deal with that :)
Dealing with different kinds of attacks:
Web app attacks: extensively testing everything for security vulns before releasing it into the open.
Network attacks: Nginx rate limiting/CSF rate limiting against SYN DDoS attacks for example.
System attacks: Anti brute force software (Fail2Ban or CSF), anti rootkit software, AppArmor or (which I prefer) SELinux which actually catches quite some web app attacks as well and REGULARLY UPDATING THE SERVERS/SOFTWARE.
So yah, hereby :P39 -
A dude with a THICK Russian accent just called me offering server security services.
After I politely declined, he insisted on a free audit of my servers. I declined that as well.
Now I’m backing up our DB’s and going through my nginx logs.
Am I being racist?19 -
Funny story about the first time two of my servers got hacked. The fun part is how I noticed it.
So I purchased two new vps's for proxy server goals and thought like 'I can setup fail2ban tomorrow, I'll be fine.'
Next day I wanted to install NginX so I ran the command and it said that port 80 was already in use!
I was sitting there like no that's not possible I didn't install any server software yet. So I thought 'this can't be possible' but I ran 'pidof apache2' just to confirm. It actually returned a PID! It was a barebones Debian install so I was sure it was not installed yet by ME. Checked the auth logs and noticed that an IP address had done a huge brute force attack and managed to gain root access. Simply reinstalled debian and I put fail2ban on it RIGHT AWAY.
Checked about two seconds later if anyone tried to login again (iptables -L and keep in mind that fail2ban's default config needs six failed attempts within I think five minutes to ban an ip) and I already saw that around 8-10 addresses were banned.
Was pretty shaken up but damn I learned my lesson!8 -
Almost every really successfully project...is open source.
Some Examples:
- Linux
- PhP
- Node.JS
- The Chromium Engine
- All the Apache Stuff
- Unreal Engine(WAS closed source)
- nginx
and so many more
Open Source is the best way to build known, stable and useful software29 -
Sometimes I just randomly start installing a new vps, configure the server, put a random sub domain on it, forward nginx with SSL, print something random on the page and then just remove the thing again.
Solely because I enjoy installing servers/configuring them.
Am I weird? 😅70 -
This fucking customer...
I've told that person so many times that they need to FIX THEIR CODE, because it get's pwned all the time.
To make stuff worse - they are still using Debian 5, and we are unable to upgrade because all their shit will break.
I found his fix today - he installed an old version of NGINX because it is "better".
No fuck you.10 -
I wrote (or, ended up with a very much alpha but usable version) a monitoring system a while back and completely forgot about its existence.
But, it's still running and a few days ago I was building a docker imagine on a system with not that many resources and after about 5 minutes I started getting notifications about a high load!
Then, while I had forgotten about it again, yesterday, I suddenly started getting notifications about websites on my main application server going down.
Logged in and all was good again after restarting nginx.
Gotta say that it feels quite awesome to be notified of shit going wrong by something I wrote myself while I forgot about its existence 😊2 -
Just realized. The only use of port 80 (providing it runs something like NginX/Apache) is (or, should be anyways) redirecting users from a non-secure connection to a secure one.
Poor port 80 😖45 -
#6
My client tells me there's a new bug with to-www-redirects. He yells they don't work properly anymore and tries to blame me. But fact is I know, they are well configured in the Nginx conf and therefore work like a charm.
I told him I fixed it and charged an hour. Motherfucker.
😓🔨 -
NO FIREFOX AND CHROMIUM, I ALREADY SET THE FUCKING CORS HEADERS CORRECTLY ACCORDING TO THE OFFICIAL FUCKING NGINX DOCUMENTATION. WHY THE FUCK ARE YOU STILL DISALLOWING CROSS-ORIGIN REQUESTS?!23
-
Spend half the day setting up a dedicated server at work (including getting all the hardware together) and installing CentOS and tweaking around.
For a client? Oh no, there just literally wasn't anything else to do and I didn't want to sit around doing nothing or working on shell scripts AGAIN. (working in support (+ linux server management) and due to the holidays hardly any support requests come in)
*Hmmm, lets install nginx for fun*
"yum install ngi..."
*wait, let's compile from source and make it more fun!*
So yeah, that was my day, I guess.5 -
Have multiple and some server related but hereby:
I forcefully quit php on the server I use for devRant related stuffs because I wanted to quit the bakgrounded php process I had running for the dns proxy thingy since I somehow couldn't find the pid.
Two days later I noticed that none of my sites on that server where running anymore and started looking at nginx error logs.
It took me way too long to figure out that I had PHP-FPM installed which runs as a service and by forcefully quitting php the other day.... Yeah, you get it I think.
Started the process again and remembered that one 😅 -
Two nginx config files for two different sites.
Both exactly the same except for the fastcgi location, document root and virtual host.
THE MOTHERFUCKING GET VALUES DOESN'T REWRITE PROPERLY WITH ONE OF THEM BUT IT WORKS PER-FUCKING-FECTLY WITH THE OTHER ONE.
GO SUCK A COCK NGINX. AND NO I'M NOT SWITCHING TO APACHE.21 -
I thought this launch (security/privacy blog) would go smooth:
- analytics fell, except for one thing, apart for yet unknown reasons
- MySQL came with a very weird error which took me like half an hour of research before I hacked my way past it.
- the firewall started to fuck around for no reason, works now though.
Nginx worked without issues though, as well as NetData 😅
Yeah, didn't go as planned :P10 -
I decided to setup a little server on my local network just to make use of a 2TB harddrive I use to store videos.
Told everyone in the house I planned to grow the library over time and that they could access it all in a browser using my system name. It's become quite a fun venture and my video library is shaping up nicely.
Using nginx on a Dell XPS 17 with Ubuntu 16.04 to host a server that just auto indexes a shared directory on my external 2TB harddrive. Kind of an embarrassing rig, but it's just a hobby activity and I do plan to upgrade shit later.
The real fun has been getting to understand a bit more about video files. They used to be magic to me, as complex as their file extension. Now I run a script on all of my torrents which checks the video and audio codecs, converting them if they aren't supported by Chrome's and Firefox's web players, and outputting mp4s using ffmpeg. I feel like I have this stuff down fairly well now. Becoming more and more automated.
Next step is to port forward so I can access it from anywhere, but we'll see about that later down the line.22 -
So I did a rookie mistake this week. Connected a webapp for a client using Nginx and installed the SSL cert for the site. I decided to activate the firewall of the server because hey security. All was well. Went home feeling like I am the shit.
Next day I find out I can't log in to the server over ssh. Only to find out that I had forgotten to allow SSH through the firewall.
I had basically locked myself out of the server. 😞9 -
Setting up a server in Amazon ec2. Running all the commands to install nginx and everything.
Only to realize I have been running those commands in my local VM instead of ssh.2 -
TL;DR
Management eats shit for breakfast
Context:
I am the sole Dev on a project.
Stack: Postgresql, redis, nginx,Java with Spring Boot, Neo4j.
I am the only one nearly familiar with : Redis, Neo4j and anything Java.
I'm gonna be on vacation for the next 15 days since they have told me that we where gonna be on a "testing/feedback" period.
My vacation was approved.
Today's meeting: we have a URGENT deadline to meet some criteria that might be the difference between have further investment or not.
Urgent deadline: last day of my vacation.
My face: poker
My thoughts: attached image5 -
I just finished setting up an instance of searx.me for the public to use.
You are free to use it at https://search.privacy-cloud.me
I can't prove it but I've disabled logging with searx and ip logging in the nginx access logs (catching ddos's another way). If you don't find that enough proof then I suggest you don't use it :)
Let's go to sleep now.13 -
Apache no doubt.
Reason? It is good, and it does not want to shove a commercial license into my throat like Nginx wants.14 -
FUCK YOU WORDPRESS
Omfg never been so fucking pissed in my life.
I just wasted 3 hours because this fucking bullshit rewrites the fucking URL based on the URL on a config fucking file?!!?
It fucking ignores: apache virtual host configs and nginx reverse proxy
omfg...8 -
Not just another Windows rant:
*Disclaimer* : I'm a full time Linux user for dev work having switched from Windows a couple of years ago. Only open Windows for Photoshop (or games) or when I fuck up my Linux install (Arch user) because I get too adventurous (don't we all)
I have hated Windows 10 from day 1 for being a rebel. Automatic updates and generally so many bugs (specially the 100% disk usage on boot for idk how long) really sucked.
It's got ads now and it's generally much slower than probably a Windows 8 install..
The pathetic memory management and the overall slower interface really ticks me off. I'm trying to work and get access to web services and all I get is hangups.
Chrome is my go-to browser for everything and the experience is sub par. We all know it gobbles up RAM but even more on Windows.
My Linux install on the same computer flies with a heavy project open in Android Studio, 25+ tabs in Chrome and a 1080p video playing in the background.
Up until the creators update, UI bugs were a common sight. Things would just stop working if you clicked them multiple times.
But you know what I'm tired of more?
The ignorant pricks who bash it for being Windows. This OS isn't bad. Sure it's not Linux or MacOS but it stands strong.
You are just bashing it because it's not developer friendly and it's not. It never advertises itself like that.
It's a full fledged OS for everyone. It's not dev friendly but you can make it as much as possible but you're lazy.
People do use Windows to code. If you don't know that, you're ignorant. They also make a living by using Windows all day. How bout tha?
But it tries to make you feel comfortable with the recent bash integration and the plethora of tools that Microsoft builds.
IIS may not be Apache or Nginx but it gets the job done.
Azure uses Windows and it's one of best web services out there. It's freaking amazing with dead simple docs to get up and running with a web app in 10 minutes.
I saw many rants against VS but you know it's one of the best IDEs out there and it runs the best on Windows (for me, at least).
I'm pissed at you - you blind hater you.
Research and appreciate the things good qualities in something instead of trying to be the cool but ignorant dev who codes with Linux/Mac but doesn't know shit about the advantages they offer.undefined windows 10 sucks visual studio unix macos ignorance mac terminal windows 10 linux developer22 -
For 10 thousand years I have pronounced "Nginx" as "En ginns" just found out from Ubuntu's official page that it is pronouned "Engine-X".
What a shame (-‸ლ)19 -
Every time I encounter "404 Not Found - nginx" when I was really young, I thought the website was hacked by Nginx(ngingks). When I got to uni and found out what it was and how to say it, I just facepalmed. Even until now, every time I read it on job posts, I still say ngingks in my head and laugh hahaha6
-
Just managed to setup a tiny/simple privacy-friendly analytics system.
You basically call an api from your backend with the api key and all the headers you received from the browser (php and Apache or nginx in my case) and the analytics api gets useful stuff out of that data without sacrificing privacy.
I get a little bit more insight into my websites usage and the client isn't sacrificing identifiable information!
I've been wanting to make this fucker for fucking months.11 -
Fucking cloud providers always trying to steal your shit and spy on your things, fucking prying eyes. That's why i've decided to go back hosting my own private cloud from home. Running on some very energy efficient shit: dual core intel atom cpu (so slow that it can't fucking run windows normally), 16gb of ram, because why the fuck not? and 1tb 2.5"hdd, along with unlimited data - 100/100 Mbit/s internet connection with a server response time less than 95ms just to backup my shitty Iphone selfies and cat pics, host some very important files and regularly back up my contacts. This shit runs CentOS, Nginx, https, bitch! This platform is more trustworthy than your shitty dropbox or whatever other shit they offer you. I can choose whether i back-up my shit from local network or over internetz, Costing me no more than 25€ annually(just to keep the machine on 24/7/365).14
-
I've found and fixed any kind of "bad bug" I can think of over my career from allowing negative financial transfers to weird platform specific behaviour, here are a few of the more interesting ones that come to mind...
#1 - Most expensive lesson learned
Almost 10 years ago (while learning to code) I wrote a loyalty card system that ended up going national. Fast forward 2 years and by some miracle the system still worked and had services running on 500+ POS servers in large retail stores uploading thousands of transactions each second - due to this increased traffic to stay ahead of any trouble we decided to add a loadbalancer to our backend.
This was simply a matter of re-assigning the IP and would cause 10-15 minutes of downtime (for the first time ever), we made the switch and everything seemed perfect. Too perfect...
After 10 minutes every phone in the office started going beserk - calls where coming in about store servers irreparably crashing all over the country taking all the tills offline and forcing them to close doors midday. It was bad and we couldn't conceive how it could possibly be us or our software to blame.
Turns out we made the local service write any web service errors to a log file upon failure for debugging purposes before retrying - a perfectly sensible thing to do if I hadn't forgotten to check the size of or clear the log file. In about 15 minutes of downtime each stores error log proceeded to grow and consume every available byte of HD space before crashing windows.
#2 - Hardest to find
This was a true "Nessie" bug.. We had a single codebase powering a few hundred sites. Every now and then at some point the web server would spontaneously die and vommit a bunch of sql statements and sensitive data back to the user causing huge concern but I could never remotely replicate the behaviour - until 4 years later it happened to one of our support staff and I could pull out their network & session info.
Turns out years back when the server was first setup each domain was added as an individual "Site" on IIS but shared the same root directory and hence the same session path. It would have remained unnoticed if we had not grown but as our traffic increased ever so often 2 users of different sites would end up sharing a session id causing the server to promptly implode on itself.
#3 - Most elegant fix
Same bastard IIS server as #2. Codebase was the most unsecure unstable travesty I've ever worked with - sql injection vuns in EVERY URL, sql statements stored in COOKIES... this thing was irreparably fucked up but had to stay online until it could be replaced. Basically every other day it got hit by bots ended up sending bluepill spam or mining shitcoin and I would simply delete the instance and recreate it in a semi un-compromised state which was an acceptable solution for the business for uptime... until we we're DDOS'ed for 5 days straight.
My hands were tied and there was no way to mitigate it except for stopping individual sites as they came under attack and starting them after it subsided... (for some reason they seemed to be targeting by domain instead of ip). After 3 days of doing this manually I was given the go ahead to use any resources necessary to make it stop and especially since it was IIS6 I had no fucking clue where to start.
So I stuck to what I knew and deployed a $5 vm running an Nginx reverse proxy with heavy caching and rate limiting linked to a custom fail2ban plugin in in front of the insecure server. The attacks died instantly, the server sped up 10x and was never compromised by bots again (presumably since they got back a linux user agent). To this day I marvel at this miracle $5 fix.1 -
PSA: "sudo apt-get remove nginx" doesn't actually remove nginx. It will still continue to run and block port 80 on every reboot.
Until you run sudo apt-get autoremove, nginx-core and others still remain.
And that's how twenty seconds of scheduled downtime turns into 10 minutes.
Dammit nginx1 -
Needed a list with all domains I run on a server but I don't always give nginx config files the names of their website so I was about to start going through them by hand..... waaait, let's try to automate this with a bash script...
Five minutes later I've got a working bash script which gets all domains from all config files.
Oh, the joys of terminal/bash stuff!11 -
Weekend projects are fun! Although front end is still a challenge, it looks good enough.
Suddenly got the idea to do something with letsencrypt/nginx wildcard subdomains (*.example.com) so created a project around that now through which you can check what your ip address/user agent/operating system/ip version is (maybe more to come) but due to the wildcard part you can enter quite a number of subdomains which all show the related info.
I'd find it very useful myself, not sure if other people would but oh well!2 -
I think I've got a working searx instance which I'd open up for the public.
NOTE: I cannot prove that I don't store anything because for that you'd need root access to the server which I won't give obviously. If you're not comfortable with that, just don't uses it.
I still have to do something for ip address logging anonymising or stripping, though. (nginx + CSF provided enough abuse prevention).
Tips on that?29 -
Tried deploying a new nginx server today, wrote the site config manually.
"Alright, done! Let's restart the service and look in the browser how it looks"
# systemctl restart nginx
> Process exited with error code.
"Fuuuuck..."
# nginx
> Unexpected } on line 13.
# vim /etc/nginx/sites-enabled/thatconfig.conf
"Wait wtf.. there's nothing wrong with the curly braces.. they're all opening and closing as they should..."
*takes another closer look*
Line 12, missed a fucking semicolon 😑
Append semicolon, :wq, # systemctl restart nginx
Works like a charm 🙄 all because of a stupid semicolon.
Until now I thought that the semicolon jokes were just lame.. but damn you semicolon, you are indeed the superior hide and seek player 😅10 -
I showed a friend of mine a project I made in two days in Docker and Symfony php. It is a rather simple app, but it did involve my usual setup: Nginx with gzip/cache/security headers/ssl + redis caching db + php-fpm for symfony. I also used php7.4 for the lolz
He complained that he didn't like using Docker and would rather install dependencies with composer install and then run it with a Laravel command. He insisted that he wanted a non-docker installation manual.
I advised him to first install Nginx and generate some self-signed certificates, then copy all the config files and replace any environment-injected values (I use a self-made shell script for this) with the environment values in the docker-compose files.
Then I told him to download php-fpm with php 7.4 alpha, install and configure all the extensions needed, download and set up a local Redis database and at last re-implement a .env file since I removed those to replace them with a container environment.
He sent an angry emoji back (in a funny way)
God bless containerized applications, so easy to spin up entire applications (either custom or vendor like redis/mysql) and throw them away after having played with them. No need to clutter up your own pc with runtime environments.
I wonder if he relents :p9 -
*describes problem that a system doesn't work behind an nginx proxy, routing to another nginx instance*
*some random "expert" jumps in*
hurrdurr: It works behind nginx proxy, with APACHE, I don't even get why you would want to run nginx behind nginx omg9 -
Saw this security blunder a while ago. Went onto some site and it showed me this username/password dialog (probably an apache's htpasswd or nginx one). Went away but returned quickly because I noticed I could see all content. Then I thought 'why the fuck not try?' so I dragged the auth popup thingy to the side of the screen and et voila... I could interact with the page as if nothing was wrong while the authentication popup was hovering above the page on the right!
I sat there giggling dramatically for a while. -
Certificate: * expired yesterday *
Chrome: 🚨🚨🚨 THIS WEBSITE MIGHT TRY TO ROB YOU AND TAKE YOUR FAMILY HOSTAGE CALL THE ARMY IMMEDIATELY AND WAIT FOR FURTHER INSTRUCTIONS 🚨🚨🚨
Ofcourse it's sorta justified, but still, it's funny to see what the consequences are of forgetting to reload the nginx server after a certificate renewal 😂2 -
I just spent the last 2 hours trying to set a new max size file upload for nginx from 1MB (default) to 10MB, almost lost my mind when I realized I was testing uploading a file that was 10.9MB the whole time2
-
Finally got my nginx config to work properly (it shouldn't work but it does so I'm not fucking touching it).
Request with curl: check, right http code and getting data back properly.
Request with any browser (with and without incognito): right http code, AND ONLY SEEING DATA WHEN I ECHO ANYTHING BEFORE SENDING THE RESPONSE WITH PHP. When I don't echo whatever before sending the response, the browser doesn't see the data but DOES see the http status code.
HOW?!19 -
My first times today:
First time a droplet on Digital Ocean.
First time Nginx.
First time trying to separate mail and website servers.
First time using UFW firewall.
First time Ubuntu webserver.
First try all alone configuration of my webserver.
First time installing all the stuff I need on my own, like MySQL, PHP and so on.
First time only SSH access from the beginning.
First time deployment from bitbucket.
Do you have any advise what I should think about. Or what software I will need. Or what I should think about.45 -
Forget about coffee, nothing wake you up faster than a colleague mentioning your name in the slack channel where the stderr of the app writes.1
-
I'm a "published" freelance dev!
Last night I made my first web application available to the internet. It's an internal enterprise management system for a small non-profit.
It's running on a single $6 a month digitalocean droplet, and the domain is $12 a year, so yearly cost for them is absolutely rock bottom.
It's written in asp.net 6.0 razor pages, nginx reverse proxy, certbot for HTTPS certificates, fail2ban for ssh protection (ssh login is via ssl keys), entity framework with MySQL.
The site itself has automatic IP banning based on a few parameters like login spam, uses JWT tokens, and is fully secured.
All together, it's a lot of value for about $100 a year.14 -
Might be nothing for others, but I finally published my Vue website with the following setup:
1. Vue inside docker
2. Nodejs API inside docker
3. MongoDB inside docker
4. Nginx as reverse proxy
5. Let's Encrypt
6. NO I WILL NOT SHARE THE LINK, don't want to be hacked lol and it is for personal use only.
But I'd love to thank devRant members who have helped me reach this point, two months ago I was a complete noob in Vue and a beginner in NodeJs services, now I have my own todo website customized for my needs.
Thank you :)26 -
Someone told me they identified as an apache helicopter, I responded that I prefer being an nginx helicopter7
-
If I had a penny for every time I misspelt 'nginx', I'd be richer that Bill Fucking Gates.
Could you have picked a more typo-prone name!?9 -
I love it when my clients give me free reign to choose the software.
I'm gonna set up nginx with flask on Ubuntu 16.04 on DigitalOcean.
It's gonna be great :D. -
Hey there!
So during my internship I learned a lot about Linux, Docker and servers and I recently switched from a shared hosting to my own VPS. On this VPS I currently have one nginx server running that serves a static ReactJs application. This is temponarily, I SFTP-ed the build files to the server and added a config file for ssl, ciphers and dhparams. I plan to change it later to a nextjs application with a ci/di pipeline etc. I also added a 'runuser' that owns the /srv/web directory in which the webserver files are located. Ssh has passwords disabled and my private keys have passphrases.
Now that I it's been running for a few days I noticed a lot of requests from botnets that tried to access phpmyadmin and adminpanels on my server which gave me quite a scare. Luckily my website does not have a backend and I would never expose phpmyadmin like that if I did have it.
Now my question is:
Do you guys know any good articles or have tips and tricks for securing my server and future projects? Are there any good practices that I should absolutely read and follow? (Like not exposing server details etc., php version, rate limiting). I really want to move forward with my quest for knowledge and feel like I should have a good basis when it comes to managing a server, especially with the current privacy laws in place.
Thanks in advance for enduring my rant and infodump 😅7 -
I had done a fresh reinstall of Ubuntu Server on my server PC, cloned my websites from their GitHub repos, and couldn't for the life of me get Nginx to read them correctly.
I forgot to install PHP. 😑 -
Holy FREAKING shit!! This was worst stupidest mistake I have ever made!
About 9 hours ago, i decided to implement brotli compression in my server.
It looked a bit challenging for me, because the all the guides involved compiling and building the nginx with brotli module and I was not that confident doing that on live site.
By the end of the guide, the site was not reachable anymore. I panicked.
Even the error logs and access logs were not picking up anything.
About a dozens guides and a new server and figuring out few major undocumented errors later, it turns out the main nginx.conf file had a line that was looking for *.conf files in the sites-enabled directory.
But my conf file was named after the domain name and ending with .com and hence were not picked up by the new nginx.conf
I'm not sure if I wasted my 9 hours because of that single line or not. But man, this was a really rough day!3 -
Init and Hello. My name is git and this is my story.
I just arrived in this system recently by the apt highway. It's not the only way though. Some for example used the npm hype-train, others arrived from the ssh shore. No matter where we came from the next step on our agenda was time to introduce our self at the event destined for all new-comers to the system.
"As many of you I reside in the usr-bin district. I'm really into history and commitment! I like it when people work together, so I'm always eager to bring all branches together."
"But what is it actually good for?", asked Curl, which I already met at the bus station. Many nodded in agreement. It was odd. Somehow I felt not quite at home. All the others seemed so different based on their field of work.
"We have worked here in a really agile environment for ages. There is no need for any kind of strange bureaucracy.", said another voice.
All attempts to convince them from the beauty of history or a little bit of management were unsuccessful. It was just the beginning of a not so interesting stage in my life - to say the least.
Today was another of 'those' days. I live in this community for quiet a while now and unfortunately nothing really changed - at least for the good. I sat on my branch of the tree with all the others around and there was nothing really to do for me. Again. I mean, actually it's true. I have to admit it. There is just no work on this world for someone like me. All the others seem to be so busy, while I just have to sit around and question my own existence. Since I grew tired asking these questions to myself, I stopped it. I can't do a thing actually. That's not how this world works.
"Hey fagit, anything meaningful to add to our delightful conversation?", nginx shouted over to me from another branch of the tree. Before I was able to give an indifferent answer the voice just continued.
"Oh, sorry. I forgot that you have no purpose after all. Well, never mind!"
Everyone started laughing at me. It was not too bad by the way. Actually, this was quite ordinary. These fucktards completely ran out of creativity. If it wasn't for that mere emptiness gaping right above my guts, I'd actually be disappointed. I even got accustomed to the alias 'fagit'. Quiet sad given the fact that i really like my real name. If only someone would mind using it... First too quiet to notice but growing in intensity a rumbling emerged from somewhere deep within the tree. Out of a sudden everyone stopped laughing. The voices slowly faded while the growling from afar grew louder. It had come. Not more than a shadow reached out from the tree and faster than anyone could comprehend nginx was simply gone. Killed in an instance.
Disclaimer: This story is fictional. No systems were harmed in its creation.3 -
Just finished watching the Black Box [worth it!].
I've noticed a few scenes related to IT&Dev. I thought I'll share them here.
So the BlackBox system runs on Fedora 32 with what was the Mainline kernel at that time - 5.76.20. And some HTTP webserver (nginx) for some reason... go figure!
And for some reason, the Black Box keeps making requests to https://www.rescuetime.com . IDK why nor how it's related, but it's there.
And it's got quemu installed (there is a virbr0 bridge and vnet0 listed).4 -
My whole team like to develop the backend of a very complicated platform in python because it is fast to develop. And host the front-end under nginx. And run everything on windows. And without unit test.3
-
When your websites start returning 502 errors all of a sudden and you can't figure out why. Clear PHP artisan cache, restart Nginx, make sure PHP-FPM is running. Still 502 errors. Then you find out Cloudflare is down. 😐😐😐
This was me last night.3 -
Full stack developer.
I know what it's supposed to mean, but I feel like it gives discredit to the devs who perfect their area (frontend, backend, db, infrastructure). It's, to me, like calling myself a chef because I can cook dinner..
The depth, analysis and customization of the domain to shape an api to a website is never appreciated. The finicle tweaks on the frontend to make those final touches. Then comes a brat who say they are full stack, and can do all those things. Bullshit. 99.9% of them have never done anything but move data through layers and present it.
Throw these wannabes an enterprise system with monoliths and microservices willy nelly, orchestrate that shit with a vertical slice nginx ssi with disaster recovery, horizontal scaling, domain modeling, version management, a busy little bus and events flowing all decimal points of 2pi. Then, if you fully master everything going on there, I believe you are full stack.
Otherwise you just scraped the surface of what complexities software development is about. Everyone who can read a tutorial can scrape together an "in-out" website. But if your db is looking the same as your api, your highest complexity is the alignment of an infobox, I will laugh loud at your full stack.
And if you told me in an interview that you are full stack, you'd better have 10+ years experience and a good list of failed and successful projects before I'd let you stay the next two minutes..1 -
So as all of you web developers know. If you are stepping into the world of web development you stepping into a world of unlimited possibilities, opportunities and adventure.
The flip side is that you step into a world of unlimited choices, tools, best practices, tutorials etc.
Since even for a veteran programmer, this is a little overwhelming, I'd like to take the opportunity to ask you guys for advice.
I know that 'there is no best' and that everything 'depends on what you want to achieve'. So how about just say the pro's and cons or when to use and when not to use. Or why you prefer one over another. Everything is allowed! :D
Maybe it will help others too. Start a nice, professional discussion:)
These are the parts I'd like advice about:
- frontend: what frameworks, libraries
- backend: language, framework, good practice
- server: OS, proxy (nginx, Apache, passenger), extra tips (like don't use root user)
- extras: git, GitHub, docker, anything
Thanks in advance everyone willing to help!:)
Also, if you only know frontend or backend. No worries, just tell me about your specialism!6 -
Today I built an ASP.NET Core 2.0 Rest-Api within a docker-container.
Then I ran a docker-container with the compiled ASP.NET Core 2.0 app behind a nginx router.
It was purely magic!
:)2 -
A few months passed. Still jobless. I am a php dev btw. In stead of giving up. I made a simple app allows people vote up and down restaurants I Melbourne Australia. https://melres.shopshop.space. I learn a lot about nodejs, react, redux, express, mongo, nginx, Ubuntu. I apply for nodejs job, IT support, DevOps, API job, backend job. All got rejected. Due to experience and competiton. I even ask I can work for DevOps for free. Still no reply. In stead of giving up, I keep learning, doing the thing I love. Focus on learn how to learn. Day in and day out. Hopefully it gets better.5
-
I just installed nginx on a new server, just to find out we have visitors waiting patiently at the door. I guess they must have tried all possible route to get inside an empty room. 😏
See logs hits on 404 files... -
TIL Nginx supports js out of the box. You don’t need nodejs to write servers in js. You can install Nginx and make it execute js code to generate pages. It even supports TypeScript!
https://nginx.org/en/docs/njs/
https://nginx.org/en/docs/...12 -
Debugging a request that got lost in a myriad of containers of a scaled application....
It wouldn't be worth a rant if there wasn't some kinky SM stuff in it, wouldn't it?
Regexes. The fucker who wrote a lot of the NGINX (🤢) configuration decided to use the Perl Regexes with named group matching. A lot.
So now I have to fight wild variables supposedly coming from nowhere (as they stem from the named groups)… fucking single location redirects instead of maps.... A d have to write an explanatory documentation while going down the rabbit hole of trying to find out where the fuck that shitty frigging bastard redirected wrong.
I really wish I could eradicate the person who wrote this shit....1 -
So, I've been having to deal with server issues and other BS. All of these issues have caused all of my websites to be down. For the longest time, I couldn't get Nginx to find my websites' directories except for the default Nginx website, so I changed the default Nginx website to what you see in the image.
I tried to be funny, did I succeed? Even a little bit?8 -
Quick question:
Apache or Nginx?
Currenly I'm using Apache in Ubuntu server running in Virtual box but I was wondering if it's worth switching to Nginx :)32 -
You mother fucking piece of shit.
Whoever taught you programming should be removed from history.
And whatever form of intelligence you claim to possess, let me assure you: breathing is the limit of it.
--
Some of the projects I'm working on are really the epitome of "YOLO let's turn the poopomat machine on in diarrhea mode".
The worst: I cannot really give examples.
I've seen the last days everything.
(bash scripting, docker, services like nginx /haproxy/...)
Eval as an template generator in bash...
Declaring an whole environment in an Dockerfile, that should never be used as it is only necessary for building... But not checking if an env file is provided, so the whole thing can blow up spectacularly.
A nearly 1k long bash calculator for system limits, reading out all kinds of stuff from /proc and /sys, seemingly partially stolen from NGINX Docker.
Declaring and starting an own DNS Server to bypass the Docker DNS service inside an docker container.
Mkfifo fun for creating several stdout and stderrs for seemingly no reason...
Actively not using bash, instead of creating shell only functions to emulate bash...
I could go on.
But really. I'm getting too old for this shit.3 -
FYI. Copied from my FB stalked list.
Web developer roadmap 2018
Common: Git, HTTP, SSH, Data structures & Algorithms, Encoding
------
Front-end: HTML, CSS, JavaScript > ES6, NPM, React, Webpack, Responsive Web, Bootstrap
------
Back-end: PHP, Composer, Laravel > Nginx, REST, JWT, OAuth2, Docker > MariaDB, MemCached, Redis > Design Patterns, PSRs
------
DevOps: Linux, AWS, Travis-CI, Puppet/Chef, New Relic > Docker, Kubernetes > Apache, Nginx > CLI, Vim > Proxy, Firewall, LoadBalancer
------
https://github.com/kamranahmedse/...2 -
My preferred stack is Rails/NginX/Postgres, or Node using the same.
I have a fair amount of material for this week's rant, but in my stack's defense, the quantity is primarily because I've been using it for so long, and I'm apparently a talented breaker. I may share other stories if the motivation arises.
However, today I ran into something definitely deserving of calling out.
The default datatype for a Date+Time column in Postgres is `datetime` which means "date+time without timezone". (while `datetimetz` instead stores the timezone).
Apparently when comparing a datetime with a datetimetz, Postgres doesn't compute the timezone difference correctly, leading to some very unexpected and confusing query results.
Today, I had a record that was both pending (expires_at > now) and expired (expires_at <= now), where now is a DateTime (with tz) literal from Rails. After half an hour's frustrated delving and baffled expressions at query results, I finally figured out that the database's math was incorrect when comparing UTC (+0) and PST (-7).
This during a semi-high-priority bugfix that's blocking for a coworker.
While Time and all of its nuances are honestly extremely difficult to handle correctly, I didn't expect Postgres to get this relatively simple part wrong.
Shame on you, Postgres.
I expected better.3 -
The company considers the project manager I work with to be the best. After working with him, I consider him to be everything that is wrong with project management.
This PM injects himself into everything and has a way of completely over-complicating the smallest of things. I will give an example:
We needed to receive around 1000 rows of data from our vendor, process each row, and host an endpoint with the data in json. This was a pretty simple task until the PM got involved and over complicated the shit out of it. He asks me what file format I need to receive the data. I say it doesnt really matter, if the vendor has the data in Excel, I can use that. After an hour long conversation about his concerns using Excel he decides CSV is better. I tell him not a problem for me, CSV works just as good. The PM then has multiple conversations with the Vendor about the specific format he wants it in. Everything seems good. The he calls me and asks how am I going to host the JSON endpoints. I tell him because its static data, I was probably going to simply convert each record into its own file and use `nginx`. He is concerned about how I would process each record into its own file. I then suggest I could use a database that stores the data and have an API endpoint that will retrieve and convert into JSON. He is concerned about the complexities of adding a database and unnecessary overhead of re-processing records every time someone hits the endpoint. No decision is made and two hours are wasted. Next day he tells me he figured out a solution, we should process each record into its own JSON file and host with `nginx`. Literally the first thing I said. I tell him great, I will do that.
Fast forward a few days and its time to receive the payload of 1000 records from the Vendor. I receive the file open it up. While they sent it in CSV format the headers and column order are different. I quietly without telling the PM, adjust my code to fit what I received, ran my unit test to make sure it processed correctly, and outputted each record into its own json file. Job is now done and the project manager gets credit for getting everything to work on the first try.
This is absolutely ridiculous, the PM has an absurd 120 hours to this task! Because of all the meetings, constant interruptions, and changing of his mind, I have 35 hours to this task. In reality the actual time I spent writing code was probably 2-3 hours and all the rest was dealing with this PM's meetings and questions and indecisiveness. From a higher level, he appears to be a great PM because of all the hours he logs but in reality he takes the easiest of tasks and turns them into a nightmare. This project could have easily been worked out between me and vendor in a 30 min conversation but this PM makes it his business to insert himself into everything. And then he has the nerve to complain that he is so overwhelmed with all the stuff going on. It drives me crazy because this inefficacy and unwanted help makes everything he touches turn into a logistical nightmare but yet he is viewed as one of the companies top Project Managers.3 -
Despite common sense, I think technology is not making our lives easier. It's just build chaos on top of chaos.
Take server-side programming for instance.
First you have to find someone to host your thing, or a PaaS provider. Then you have to figure out how much RAM and storage you need, which OS you're going to use. And then there's Docker (which will run on top of a VM on AWS or GCP anyway, making even less sense). And then there's the server technology: nginx, Apache (and many many more; if, that is, you're using a server at all). And then there are firewalls, proxies, SSL. And then you go back to the start, because you have to check if your hosting provider will support the OS or Docker or your server. (I smell infinite recursion here.)
Each of these moving parts come with their own can of worms in terms of configuration and security. A whole bible to read if you want to have the slightest clue about what you're doing.
And then there's the programming language to use and its accompanying frameworks. Can they replace the server technology? Should you? Will they conflict with each other and open yet another backdoor into your system? Is it supported by your hosting provider? (Did I mention an infinite recursion somewhere?)
And then there's the database. Does it have a port to the language/framework of your choosing? Why does it expose an web interface? Is it supposed to replace your server? And why are its security features optional again? (Just so I have to test both the insecure and the secure environments?)
And you haven't written a single line of code yet, mind you.4 -
me: *hosting docker registry for our team*
me: *sets up ssl and cloudflare dns and shit*
me: *tries to push to registry*
my pc: *413 rEQuEst EnTITy tOo LarGe*
me: *spends 4 hours scrutinizing the shit out of my nginx configs*
me: *finally finds cloudflare sitting there rejecting all of the requests... that cheeky bastard* -
The amount of attempts to access my website is just too much O_O
Anyway in nginx to block access if login attempt failed after 3 times?14 -
I am so mad, I have no words for how fucking much I hate ever having to work or pass work to other incompetent developers or teams, what a fucking waste of time and resources.
After handing off the frontend - for the client to find some team, that would do it in the short time and budget he needs (multiple developers, more fast, much good), he found a team that seemed to be alright for the job and seemed alright to me too, now maybe a month or two later, the client contacts me, that they fucked something up and if I could talk to them.
The email I then received from them seriously made me speechles, mad and sad, all at same time, I spent multiple upon multiple hours, getting a very good readable documentation up (markdown with TOC, properly rendered headers, bulletpoints, all that shit), with all files, all services used, all credentials, even converted all ssh keys into putty ppk format, in case the developers are using windows and are too dumb to do it themselves, nginx configs, it had seriously everything, even too much to list.
They somehow managed to fuck up the entire server, while attempting to "add ssh keys themselves", EVEN FUCKING THOUGH I have included all the keys they need, all the hosting credentials, everything, yet they decided to fuck with shit themselves and completely annihilate the server in the process (HOW?!), so not even the webserver works anymore.
I am fucking speechless, I made it so fucking easy to gather all info and files they need, all properly put into well named folders, along the documentation in an archive and they somehow managed to nuke the fucking server, while attempting to add ssh keys?!
If you don't know how to config a server, then don't fucking touch it and just use everything, that got served to you on a fucking silver platter.
---
I'll just instantly answer the most annoying comment, that somebody could come up with: "why didn't you do it yourself?"
Because in a perfect world, a fully managed team, can do much more than a single developer can, especially in the same timeframe and from what I heard of said client, atleast they did something in terms of developing the system. (which surprises me, considering it's the same people that nuked a server, while trying to add ssh keys)5 -
Being a sysadmin can be the most frustrating thing ever, but it's worth it for those moments when you feel like an absolute ninja.
Switched from single threaded gevent server to an nginx configuration, added ssl, and setup a reverse proxy to flask socketio, all with less than 10 minutes aggregate downtime. On the prod server. \o/3 -
!rant
I'm so happy with my full stack basic test web application made with: raspberrypi, uwsgi,nginx,python3,flask,sqlite3,render_template,html
I have 2 pages:
/users where I can see the whole users table and filter by id
/insertuser (in the image) where I can add an user to the table users4 -
I started programming when I was 14, because I was deeply enrooted in MMORPG hacking communities. It gave me an escape from real life, and I felt empowered by the skill to create something from nothing. My first language was Lazarus FPC, followed by VB.NET, C#, C++ ( managed and unmanaged non CLR ). As time went on, I found more ways to turn my "hacks" into software, and finally I began selling subscriptions which required me writing an authentication system.
After weeks of research, I began writing my own REST API in PHP using MySQL as my database. At this point I had an IPB forum up and running for a year, but with my newly acquired knowledge I was able to couple my API with my forum software. To properly distribute my API i had to learn NGINX to route my API to a subdomain.
Soon after I began writing my own portal for my authentication system, at which point I had become entirely enveloped in Web Development. I was 17 when I dropped my forum, I'm now 21 and freelancing web app consulting, day job as a QA automation developer. -
I was already about to hit my head against the wall: was trying to install nginx all the time, but was greeted by apache default page, over and over again I re-installed the servers, tried connecting directly to the server ip, changed server hardware, picked different distros, manually build from source, did everything possible, even searched the whole system for "apache" and different regex...
It was chrome cache........ after I wiped cache I was greeted by welcome to nginx...... 10 hours wasted.......3 -
!rant
Just helped one of my professors set up a nginx load balancer with https, rate limiter, firewalls and everything from scratch. It feels so amazing to be able to put all the stuff I learn at work to practice. -
Nginx office being raided by police over copyright claims
https://zdnet.com/article/...
Rambler's official response to the Nginx search request:
Is it true that searches are related to a statement by Rambler Group?
We found that the exclusive right of the Rambler Internet Holding company to the NGINX web server was violated as a result of the actions of third parties. In this regard, Rambler Internet Holding has ceded the right to file claims and claims related to violation of rights to NGINX to Lynwood Investments CY Ltd, which has the necessary competencies to restore justice in the issue of ownership of rights. We do not comment on the merits of this case.
What exactly is the violation of the rights of the Rambler Group referred to in the statement?
We believe that the rights to NGINX belong to the Rambler Internet Holding company, which is part of the Rambler Group. NGINX is an official work, the development of which since the beginning of the 2000s in the framework of labor relations with Rambler was done by Igor Sysoev, therefore any use of this program without the consent of the Rambler Group is a violation of the exclusive right.
Google translation from https://t.me/thebell_io/431115 -
I'm learning nginx and it's simplying the way I think about web projects.
I used to think that when I used a server side framework, then that should be the master and all should go through it. Noob me.
I used to put client side projects (like create-react-app of vue-cli projects) right inside the server side project.
But with nginx you can just route subpaths to different places, then instead of having, let's say, the react project inside rails, they would be in separate git projects.
In fact, I no longer need to restrict myself to a single server framework.
I love several aspects of rails. I love several others of node. And if I need multithreaded performance, I'd very much use something like phoenix or go.
Again, with nginx, you setup subpaths with the `location` directive in the same server and voila, a no CORS setup, cookies shared and homogenous versatile website.7 -
How hard was the transfer from Apache to Nginx server for you? I'm not quite sure if I should put Nginx on my to-learn-list.7
-
There's a Linux book bundle on humble bundle. Includes books about nginx, git, docker, Ubuntu for beginners, ...
Humble bundle offers pay what you want bundles for digital things, mostly games but also e-books. Part of the money goes to charity, you can choose exactly where your money goes.
Link: https://humblebundle.com/books/... -
Sad. Laravel Valet uses Nginx. What if your office system is using Apache and is heavy in using .htaccess?
Ok back to MAMP and Docker. I'll just use Valet for simple things.7 -
Craft CMS deployment on shared server, PHP5, Apache takes 10 - 30 seconds to load.
Craft CMS deployment on virtual shared server, PHP7, Nginx takes 1 - 2 seconds to load.1 -
Updating my nginx config file over and over again. No change is being reflected when I visit the website.
Then I realized instead of restarting the nginx server I was running start command :(2 -
I think it's the first time in my life I've visited a google-owned page and got a default NGINX webpage.9
-
Fuck this Apache Server on this elastic beanstalk!!! Nginx is so much better at configuration and ease of use!!!4
-
Finally a little productive today. Built a LEMP stack web server for my personal stuff later on. I've been using apache for so long but feels great to switch to nginx.10
-
Hey guys! lambda is amazing! Docker containers! They said the whole amazing point with containers is that they run the same everywhere! Except not really, because lambda 'containers' are an abomination of *nix standards with arbitrary rules that really don't make sense! That's ok though, you can push your shit to fargate, then it will work more like those docker containers you know and love and can run locally! Oh wait! fargate is a pain in the ass x 2 just to setup! You want to expose your REST api running on a container to the world? well ha, you'd better be ready to spend literally 2 weeks to configure every fucking piece of technology that every existed just to do that!!!! it's great, AWS, i love it, i'm so fucking big brained smart!!!
give me a break.... back in my day you'd set up an nginx instance, put your REST / websocket / graphQL service whatever behind it, and call it a day!!!!!!!
even with tools like pulumi or terraform this is a pain in the ass and a half, i mean what are we really doing here folks
way too complicated, the whole AWS infrastructure is setup for companies who need such a level of granularity because they have 1 billion users daily... too bad there are like 5 companies on the planet who need this level of complexity!!!!!!!
oh, and if your ego is bashed because of this post, maybe reread it and realize you're the 🤡
i'm unhappy because i was lied to. docker containers are docker containers, until they aren't. *nix standards are *nix standards, until they aren't
bed time.12 -
It's so frustrating to see how PHP images for Docker are nicely set up, well documented, come with Apache or Nginx, almost ask you to let them pay your bills, while you get almost nothing from Ruby, and when you think you finally made something that works, it behaves like a fucking drunk irish3
-
!rant
How to self host a website?
Seriously, through many guides out there, I was never been able to see my site (hosted on a raspberrypi with nginx) outside the local network. I always tried to link my router to no-ip without success outside my localhost, the port 80 is already open for the raspberrypi. I live in Italy, can it be that the local ISPs obstacle the creation of such homemade website hosts?39 -
Spending hours trying to figure out why the stack just won't work with SSL. Nearly lost my mind as we started feeling dumber than ever. I really started to doubt my skills after it did not even work with the most minimal nginx site config I could imagine.
The next day I discovered that we missed the 443 port mapping in the docker-compose file...it only had port 80 mapped.
Yup, stepping back from a problem and getting some sleep is really worth it sometimes. -
Being in a university that has an eSports Academy is less exciting when you're part of the team maintaining it weekly... Well, at least the part where we had to set up a local cache server with docker & nginx was fun
-
So I asked this question yesterday to linuxxx and he had some great tips. But I thought there might be some Linux fanatics here who also have some experience working with vps's that you might have somethings to add something 😁
Recently I got asked if I want to help maintain our webservers (they all run Ubuntu 18.04 with standard webserver stuff, nginx, MySQL, php, ssh)
Does anyone know of some tips or share some helpful knowledge regarding maintaining a VPS? / Keeping it healty?6 -
Even Google can make mistakes.
go to gmaps.de and have fun with an nginx error sponsored by big G.
Normally, it should redir to the Google Maps page4 -
Why isn't gzip compression on by default on servers? Cannot think of any case, where this is what the user wishes?5
-
So... I've been messing arround with my first VPS (with little knowledge of Linux).
First installed lxde to learn how to do it, then back to the terminal. then I started with Apache, watching online tuts ...
Then I changed for nginx... Looks way better.
Installed my sql, php and got stuck. Dropped it for a few days.
Today I restarted, deleted Apache, mysql, reinstalled nginx, my php (with lots of problems because of old instalations). Everything is working now except php.
After going round and arround I changed my focus to relax a bit, and remembered I still have Apache on the firewall...
OK Apache and other stuff that I installed.
Delete everything
New rules only for nginx and reset.
Cant ssh to the server... What?
Oh... Forgot to add rules to OpenSSH...
No matter, I can access the terminal directly on the website....
And it loads to ldxe, with no user set...
Fuckkkk.
Oh BTW I'm in a trial free period with no support...17 -
Attention guys and gals! If you are using grafana in your home setup, update it asap to 4.6.4 or 5.2.3. versions before those two are affected by an authentication bypass vulnerability. CVE 2018-15727
In the meanwhile, my nginx config is blocking everything but the LAN ips :) -
Why does Windows have to be so fucking useless when running docker. Everytime i need to make a change to the NGINX container, I have to restart the docker daemon, rather than rebuild and restart the container.
I would be doing this on Ubuntu, if I could install it that is.8 -
The VPS where I host my owncloud instance has had its service tier upgraded since I spun it up. Opening a new one for the same price give you much better hardware stats now. Also, it's running Debian 8, which no longer gets updates from the owncloud repo. So yesterday I took this opportunity to make a new VPS, and try out nextcloud with it. I am floored. It is so much simpler for me. I'm not locked into whatever backend nextcloud chooses-- I have a choice.
Also, I can set up Apache to work however I want. I assume it'll work fine with nginx too.
Once it was installed and ready to go, I noticed I have much more granular and controlled access to my settings.
Happy camper!3 -
so I installed nginx on my server this week. I feel like a giddy kid now installing one self hosted app after another. REVERSE PROXY ALL THE THINGS!
Right now I have reviewboard and drone (drone.io) installed. Any of you guys have suggestions for other cool stuff to try out? Mostly interested in something with a web API that can do fun stuff :)3 -
You know the configuration sucks if it's a one file, 10 K lines nginx reverse proxy configuration.
But what really really really sucks....
If the person who wrote it was a google craptastic copy pasta ninja.
For fucks sake, if you don't know what you are doing, just stop.
I've had this in so many rants, it's terrifying how many devs seem to be completely unaware of what they're doing Oo
This time, fuckwad ignored the basic principle of NGINX configuration: set the HTTP version for the proxy.
It's by default HTTP 1.0 - as HTTP 1.1 requires a Host Header _which you must set if not already present_.
The fuckwad had all kinds of scary optimizations enabled. Literally a bukkaka (not a typo) of <way too high value> and <too obscure configuration value that cannot apply here>.
But the most trivial thing, enabling HTTP 1.1 and keepalive. Nope.
Not in it.
It's funny how fast NGINX can be without the bukkaka of configuration values but HTTP keepalive enabled.
*me sits in the silent corner of the plushy pink room with soft walls*1 -
I just worked on server stuff for so long I feel like I can speak bash and nginx config better than english1
-
Set up an Ubuntu AWS ec2 instance running nodejs reverse proxied by nginx, kept running by pm2 and SSL provisioned by certbot.
I know that sounds like nothing but buzzwords but it really felt awesome to get a little node app stack sorted out!4 -
Alrighty. So websockets don't like to forward through Apache2's reverse proxy. Nginx here we come...
Linuxxx I need yo help pls15 -
If you ever want to make a LAMP stack developer cry, just tell him he's got to work with NGINX and PostgreSQL.13
-
Moscow police raided the Nginx offices after a copyright complaint.
The former employer of Igor Sysoev (= the Nginx founder), Rambler, made a copyright complaint and claimed they own full copyrights on Nginx, as it was created at the time of his employment Rambler sold the copyright enforcement rights to Lynwood Investments (which is connected to the Rambler owner) on Cyprus, which tried to enforce it now.
Nginx was created as project during the employment of Sysoev at Rambler and was published as ioen sourxe - interestingly Rambler became the first user of it and did not try to enforce copyright after Sysoef left the company and founded (together with a few other) the Nginx, Inc. in 2011.
Since this year Nginx, Inc. is owned by F5.
Sources:
https://golem.de/news/... (German)
https://zdnet.com/article/... (English)4 -
TLDR;
How much do you earn for your skill set in your country vs your cost of living?
BONUS;
See how much I & others earn.
Recently I became aware of just how massive the gap in developers earnings are between countries. I'd love to calculate a fixed score for income vs cost of living.
I know this stuff is sensitive to some so if you prefer just post your score (avg income p/m after tax / cost of living).
I'm not shy so I'll go first:
MY RATES
Normal Rate (Long term): $23
Consulting / Short term: $30-$74
Pen Test: $1500 once off.
Pen Test Fixes: consulting rate.
Simple work/websites: min $400+
Family & Friends: Dev friends are usually free (when mutually beneficial). Family and others can fuck off, even if they can pay (I pass their info to dev friends with fair warning).
GENERAL INFO
Experience: 9 years
Country: South Africa
Developer rareness in country: Very Rare (+-90 job openings per job seeker).
Middle class wage in country: $1550 p/m (can afford a new car, decent apartment & some luxuries like beer/eating out).
Employment type: Permanent though I can and do freelance occasionally.
Client Locality: Mostly local.
Developer Type: Web Developer (True web dev - I do anything web related from custom HTTP servers to sockets, services, advanced browser api's, apps & more).
STACKS / SKILLSETS
I'M PROFICIENT IN:
python, JavaScript, ASP classic, bash, php, html, css, sql, msql, elastic search, REST, SOAP, DOM, IIS, apache
I DABBLE WITH:
ASP.net, C++, ruby, GO, nginx, tesseract
MY SPECIALTIES:
application architecture, automation, integrations, db's, real time data, advanced browser apps/extensions (webRTC, canvas etc).
SUMMARY
Avg income p/m after tax: $2250
Cost of living (car+rent+food): $1200
Score: 1.85
*Note: For integrity when calculating my cost of living I excluded debt repayments and only kept my necessities which are transport, food & shelter.
I really hope you guy's post your results, it would be great to get an idea of which is really the worst / best country to be a developer in.20 -
I'd like to ask: What's trending at the moment instead....
Either I'm old and senile and missing something, or there is not really sth new.
Okay, JS might be crapping out new frameworks in their common "Not invented here" diarrhea....
But otherwise? What's really new?
I don't really know. I'm not only thinking about languages and stuff, but even in hardware there ain't really a big thing going on in my opinion.
Hab ich wat verpennt?
(Have I overslept?)
We had an interesting and frightening discussion regarding NGINX, as it is russian software today and that a new trend of a true, actively developed webserver is severely lacking... Apache looks semi dead and most other niche webservers, too.
That's all I've seen as a "trend" discussion in the latest time4 -
TLDR: I need advice on reasonable salary expectations for sysadmin work in the rural United States.
I need some community advice. I’m the sysadmin at a small (35 employee) credit card processing company. I began as an intern and have now become their full time sysadmin/networking specialist. Since I was hired in January I have:
-migrated their 2007 Exchange server to Office 365
-Upgraded their ailing Windows server 2003 based architecture to 2012R2
-Licensed their unlicensed VMware ESXi servers (which they had already paid for license keys for!!!) and then upgraded them to 6.5 while preventing downtime on hosted VMs using tricky transfers and deployments (without vMotion!)
-Deployed a vCenter server to manage said ESXi servers easier
-Fixed a three month gap in their backups by implementing Veeam, and verifying its functionality
-Migrated a ‘no downtime’ fileserver to a new hypervisor host, implemented a ‘hot standby’ server as a backup kept up to date by the minute with DFS replication.
-Replaced failing hard drives in a RAID array underlying their one ‘business critical’ fileserver, which had no backups for 3 months at that time
-Reorganized Active Directory and Group Policy deployment from a nightmare spiderweb of OUs and duplicate policies
-Documented the entire old network and now the new one as I’ve been upgrading this
-Audited the developers AWS instances and removed redundant machines, optimized load balancing on front end Nginx servers, joined developer run Fedora workstations to the AD domain and implemented centralized syslog monitoring on them.
-Performed network scans and rewrote firewall exceptions to tighten security
There’s more, but you get the idea. I’ve now been tasked with taking point on an upcoming PCI audit which will be my first.
I’m being paid $16/hr US, with marginal health benefits. This is roughly $32,000 a year, before taxes.
I have two years previous work experience managing a third party Apple repair facility (SimplyMac) and every Apple certification for warranty repair and software troubleshooting. I have a two year degree in general sciences, with about 4 years of college credit (Two years of a physics education and two years of computer science after I switched focus) I’m actively pursuing a CCNA and MCSA server 2016 with exams paid for and scheduled.
I’m going into a salary negotiation in two months. What is a reasonable salary to request, from your perspective, for someone in my position?
Thanks in advance!6 -
When nginx decides to just NOT answer to any IPv4 requests, áfter 2 weeks of having it set up for IPv6, just because I updated the Let's Encrypt certificate..
self::facepalm(); -
I love nginx' docker container, but it always takes me 2 minutest to remember that an idle nginx container does NOT output any logs
So here's my dumbass staring at the log output, thinking something's wrong2 -
Dev goal: finishing my lightweight webserver in c++ so there's no need for apache or nginx and I can finally add logic to my webpages without php.
And finishing all my other personal projects obviously :D1 -
I some time's feel stupid when my Ubuntu start acting up on prod, purge this and that ,fuck apache can't start system CTL that ps ax grep in the p#$#@* , damn apt install nginx full good, mysql can't start too ,OK apt install mariadb-client else percona && apt postgresql thanks ,god no client noticed ..3
-
Docker with nginx-proxy and nginx-proxy-le (Lets Encrypt) is fucking awesome!
I only have to specify environment variables with email and host name when starting new containers with web servers, and the proxy containers will automatically make a proxy to the new container, and generate lets encrypt ssl certificates. I don’t have to lift a fucking finger, it is so ducking genius2 -
I just joined a new company.
Their CI pipeline is to give root access to staging and prod servers to every developer in the company and the manually git pull each repository (8-10 repos per server) and manually set nginx and port configurations. And if this wasn't enough, all of the 30 sites they have are basically the same site and they make the changes manually for each tenant (no env file). I'm amazed at how hard some people are willing to work.5 -
I deployed docker on a VPS a few weeks ago as a sort of learning experience since I haven't really worked with containers much before. Today I learned that docker doesn't like firewalls.
Or, to be more specific, it adds rules to iptables that are applied prior to ufw rules, allowing external connections that I really didn't want to allow. If I don't explicitly specify that a port is to be published only to localhost, then it punches a hole through my firewall without telling me.
Which means that all of my containers running behind an nginx reverse proxy that auto-redirects to HTTPS... were also accessible directly via HTTP.
I'm... trying to think of a reason why this kind of default behavior was a good idea, but I'm drawing a blank.
Fucking Docker.4 -
Project with partner company, during the meeting I asked them how can we secure the communication between two services. I suggested api keys, tokens. They were like nope, no need. But I asked them for their IPs to do whitelisting on our side in Nginx.
But their side, nah not even whitelisting, no tokens, no validations. If one has address, can send anything from anywhere.
How hard would it be to do at least, AT LEAST simple token validation. And they are using the very old IIS server. I think for them as long as data flows in as expected, it is fine.3 -
Doing a technical assessment. Slightly different stack than what I am used to!
- NGINX instead of Traefik
- Kubernetes instead of Docker Swarm
Just because the stack is different, anxiety / impostor syndrome is kicking in. I'm proud of myself for commanding my brain and body to execute:
While !done:
- google,
- find simplest straightforward tutorial
- implement
The chemicals inside my body are all over the place. I really want to move out of my current job!! -
location /dev/null {
if ($request_method = POST ) {
return 200;
}
if ($request_method = GET ) {
return 204;
}
}1 -
The lack of community support for NGINX is horrible (though it is getting better).
I was an NGINX disciple from the beginning; I switched over from Apache as soon as I found it and used it everywhere. The issue with that is that most services only provided Apache configuration files, forcing me to do my own research and translate them.
Thankfully the NGINX community has done a lot of work already; I was able to find a lot of the configurations I needed online, but I also spent a lot of time learning how to use it. Now, if you give me a few hours, I have the knowledge and resources to make it do whatever you need it to do (within reason, of course).2 -
In production, whenever nginx can't find an upstream it will display a static 'maintenance' html file that tells the user the come back later
In development, it shows clippy :D -
Spent the better part of an hour trying to figure out why nginx was throwing a permission error even though I had the proper user/group permissions. Ends up that the entire path to the web root must have +x applied to it, not just the webroot!!2
-
Just needing to vent a bit...
We start off with classic asp.net & Xamarin. K.
Then we run into the shitshow that's lackluster documentation and heavy push for asp.net core.
Whatever, will just handroll things.
K. Azure is quickly turning expensive..
Well let's find alternatives.
Yeah, no Linux ain't gonna work.
Wanna shell out for a windows server? Nah.
K. Well, let's rewrite in asp.net core then.
Nginx proxy passthrough to kestrel. Ez.
Now.. wtf is the deal with mssql behaving like a turd on Linux?
Oh now some security jibber about telemetry and adding Microsoft keys to root.
Whatever. I can do PHP & MariaDB then.
1001 things wrong about Xamarin now.
Mostly performance related.
Especially cuz custom renderers for everything.
& Abused onPropertyChanged.
Uh la la, look at that sexy thing called react native.
Hippytyhop new tool for the job.
Ugh wee, what's this ? Customer impatient & deadline for months worth in Xamarin => 1 week.
Whelp I be fudge..6 -
Wait, why is nginx communicating from our cache servers to app servers using HTTP1.0? Added http_version 1.1 to a general config. Moments away our responses return 500 on our production because one of our module doesn't handle gzip. If I ever had a heart attack...
-
One thing that's been pissing me off about browser devtools lately is that they hide certain requests, like 301s, pretending they didn't make it, but if I look at my Nginx log I see there was in fact a 301 sent. OMFG, I hate this, it has caused me many hours lost on debugging.3
-
At the beginning of the evening I started creating a snapshot of my webserver Ubuntu 16.04 installation, running 5 websites.
When the snapshot was created I started a release upgrade to Ubuntu 18.04.
Finally after upgrade and reboot... Nothing worked anymore. Nginx was running but none of the websites was working.
I started checking logs & searching for a solution, with no luck.
Wanted to restore my snapshot. Reading the docs of Scaleway: only a manual on how to restore to a *new* server...
Dumb me removing my current server and wanting to create a new server: "All servers tempotary out of stock"
Me: *panicing and clicking the resfresh button every second*
"Low stock"
*HITTING the create server button*
Added my snapshot
*Booting up*
Ssh'ing into server
Server: "nope"
#+#£_&-+{$}¥}•+';!
*Sees 'add snapshot to volume'*
*Sees 'add volume to server'*
*All websites running again after nginx restart*
What the fuck.
*End of evening* -
why the fuck those images wouldn't load? they come corrupt from K8S, but they are fine if I run the container locally, like... wtf? is Ingress NGINX doing something to them or did I configure something wrong?!15
-
Me: ChatGPT write me a secure NGINX config which does...(continues to explain project details)
ChatGPT: Here. it's simple and it does all those things.
Me: Reads code. Looks at my code. Reads more code. Looks at my code. Squints in concentration. Ctrl + A Ctr + C.3 -
Fucking spent already 2 days trying to proxy pass deluge webui from an internal windows server via nginx, the fucking tab title changes to "deluge webui" but all the files get 404d and since I can't configure another nginx to do try_files on the windows server, I am stuck, for fucks sake.6
-
Well, if your backups don't include /etc/nginx, make them include that directory. Mine's gone and I'll have to configure that again Friday evening. Woops.5
-
Development: we need Nginx installed on *insert server list*
Me: ok, let me get in tough with the platform team.
Platform team: This should be installed in the userspace, Unix teams don't support this.
And here I am, trying to get a reverse proxy running on servers on which I do not have sudo rights.
Since it doesn't work, it's my fault, both sides block the door.
I installed it locally on a virtual machine, but the compiled or installed code doesn't work once copied.
The joy of being an "application engineer". This job title means nothing!9 -
Looking to sharpen and pursue a SysAdmin/DevOps career, looking at online job offers to get the big picture of required skills and I say FUCK. It would take me a lifetime.
Azure, AWS, Google cloud platform.
CD tools: Ansible, Chef or Puppet
Scripting ninja with Python/Node and Shell/Power shell.
Linux & Windows administration
Mongo, MySQL and their relatives.
Networking, troubleshooting failure in disturbed systems
Familiarity with different stacks. Fuck. (Apache, nginx, etc..)
Monitoring infrastructure ( nagios, datadog .. )
CI tools: jenkins, maven, etc..
DB versioning: liquibase, flyway etc.
FUCK FUCK FUCK.
Are they looking for Voltron? FUCK YOU FROM THE DEEPEST LEVEL OF MY DEEP FUCK.1 -
I suck at DevOps at least as hard as I'm good at front-end/UX. I found out as a result of the local job market starting to get needy for 'full-stack'. Stuck for 2 days on setting up a Docker/ Dockerhub/ DigitalOcean/ Bitbucket pipeline with Nginx/ Node/ MongoDB Cloud & Webpack/ React.
*Sigh*1 -
WHY FOR FUCKINGS SAKE DO I HAVE TO ACCEPT YOU SENDING ME BULLSHIT MARKETING MATERIAL WHEN I JUST WANT TO DOWNLOAD THAT SHIT EBOOK????
I see what you did here ngnix...5 -
Finally pushed myself to complete readme and release the docker image most of our websites use.
For anyone interested, the image is open-source and available on Github, feel free to use it or suggest any improvements :)
https://github.com/Eworkssk/... -
been fighting with nginx and php-fpm becuase the dev makes php scripts that run longer than 1 minutes even the connection between nginx and the php socks is giving up on life.2
-
I realise the latest trend is to leave GitHub, but I will be keeping my Repo's on there for the foreseeable future, or at least until GitLab can get their shit together.
They seem incapable of hosting their own data, and having just wasted 8 hours of my life trying to install this POS I'm unable to trust the platform as a self-hosted model either!7 -
Stuff I need to finish:
PHP framework
Music player for android
Nginx module for crypting mp4 fragments
Personal blog engine
Unit and data converter service
Personal transactions application
Too much, just too much... -
On my last deployment for the musician client I encountered a really nasty bug.
I configured all the settings in my Nginx. Theoretically everything should work, but it did not. Somehow I always ended up landing on my default Nginx page.
After hours of trying to find the typo, turning it off and on again and praying to all gods I ever heard of, I finally analysed my default Nginx config file. Somehow the server config I posted on the clients conf-file got posted beneath the default configs. WTF?
After deleting those everything worked. 🙄2 -
Back home from vacations tomorrow.
It wasn't the best time I had but the thought of returning to daily life is already giving me a stomach ache.
Gotta take care of my little pug too, my anxiety about his partial eye keratosis isn't doing great too. Since the caretakers don't apply eye medication regularly.
There's this fear of my productivity before uni begins, I really don't want my vacation to end with me returning without completing my application.
I've still got a lot to do, anyone want to partner up with me ? I've still got load balancing and failover mechanisms which I have no real-time experience with (excluding api related stuff). I've got a general idea to use nginx. -
There it is: a nice working nginx webserver with SSL, PHP, MySQL and HTTP2 on a Raspberry Pi3, but
I have no idea what to do with it.
Do you have one?13 -
Fuck I feel fucked up just for completing user account management, authentication, email verification, password reset. Securing all of this with ssl and checking for any security loopholes.
I can't believe this took me more than a couple months.
Well I was lazy and unmotivated.
I fucking hate crafting stupid ass routes in nginx.
I fucking hate making a nice responsive gui.
I have to design even the stupid html for the emails. Fuuuuck.
So much boilerplate on top of that with username and email validation.
I learnt regex 5 times over the past couple months, still not enough.
And now I actually have to build the functional part.
On the plus side I can reuse this stupid boilerplate if I can make it more modular and readable.
There's shit ton of comments to the point where I feel like an idiot for including so much info. It's like I've written it for a toddler to take over.
Gawd. Anyways it's over now. 50% I guess.
I can finish the rest of the server more quickly and then spend another year designing the Android application.
I'm really lazy in places where I have to design UI/UX. Although at this point it's kinda what could put my application at the top. (I'm lazy, I ain't bad.. I just hate implementing my ideas I wish I could just visualize and have it appear on my screen)
I do like parts of gui that involve little math problems that would make motion smooth and efficient. -
Kubernetes question:
So far I've created two pods, mongo & Go
Exposed those pods using services
Their IP is 10.x.x.x and accessible from my machine only (virtual lan I'm guessing only known to host), but my machine's network ip is 192.x.x.x therefore, not accessible from outside world and to do so I need to put nginx in front to receive requests and route them internally.
Is there a way in kubernetes to make it work like nginx in terms of:
Kubernetes listen to port 80 (for example) route based on received url. As you know in enginx we define a server block with server domain_name.tld
Anything similar in kubernetes? I've cheked ingress-nginx controller, and also saw LoadBalancer but that requires a cloud provider.
If anyone can also give an example it would be great, so far examples I checked ended up screwing my setup and had to reset kubectl to get things back working18 -
One day I helped another teacher with setting up his backend with the currently running Nginx reverse-proxy, peace of cake right?
Then I found out the only person with ssh access was not available, OK then just reset the root password and we're ready to go.
After going through that we vim'd into authorized_keys with the web cli, added his pub key and tried to ssh, no luck. While verifying the key we found out that the web cli had not parsed the key properly and basically fucked up the file entirely.
After some back and forth and trying everything we became grumpy, different browsers didn't help either and even caps lock was inverted for some reason. Eventually I executed plan B and vim'd into the ssh daemon's settings to enable root login and activate password authentication. After all that we could finally use ssh to setup the server.
What an adventure that was 😅3 -
About two weeks ago, at my workplace, I learnt about Django deployment in Nginx server with Docker and Kubernetes on Google Cloud Console.1
-
!rant but wondering,
this time I did not get my self blocked out of my server lol
But I have set up nginx to receive url then redirect to another server, my question is:
I ran tracert on the url but it ended on the nginx server, is there a way I can find out if my nginx IP is forwarding?
I have a webservice on server z, and nginx on server x, tracert end at server x, so does dev tools in chrome/firefox they show host ip header as server x. Is there a way where I can trace my call to server x if it is forwarded to another server?
I know I'm forwarding it, but if someone wants to know, can they? -
Le Me @ the terminal..
$sudo ngixn
Command not found ngixn
OK..
$sudo ngnix
Command not found ngnix
Wtf..
$sudo nginx
Finally! Takes me 3 tries to actually start nginx. Am I the only one ?! ._.)6 -
!rant
Is there any alternative to socket.io that doesn't need to expose a server ip directly to any client, needing to set up a full nginx anti ddos/auth config and more?
There is the live-ajax way that requests progress, but it feels more like a hack each time. (especially if the site should be able to handle multiple tabs with different progress)
I thought maybe some framework has live requests inbuilt to update content from a server worker model. (without exposing the server ip)8 -
It looks like serving http/2 with Nginx is pretty easy. I want to move to that with my websites.
Do you have any experience with switching? Good or bad?4 -
A serious question: what kind of stack should I choose so I can run a web backend installing no deps whatsoever? I know that Perl works on ubuntu out of the box. Anything else? Maybe Python?
Also, what can be used to replace a reverse proxy like nginx? And what kind of database is available out of the box?9 -
Today i chartered new realms for me.
I created a new hyper-v vm on the company windows servers and added a 5th instance to it, but instead of running another windows server i installed an ubuntu 18.04 (cause i am a bit familiar with debian from my raspberry pi)
we have two servers, one which runs the 4 vms and a replica. I first had the new vm on the main server but it occured me to move it instead to the unusued replica machine. That kinda worked..i did a planned failover but the main server isnt configured to be the replica..and even when activating that it didnt work. This is weird.
For the moment i ignored that and proceeded to install nginx, mariadb and php 7.2..basically the lemp stack. I managed to setup nginx and a static ip adress for the machine (which was different from how i remembered it to do (in 18.04 its not done with the network conf but a yaml file).
in the end i added two different virtual servers, one for actual use and one for dev stuff (with phpmyadmin running for instance), listening on port 80 and some random other port.
as a test i brought a mediawiki onto the Port 80 server and it worked.
on monday i have to figure out how to implement the wildcard certificate i have for our company domain (internal dns simply routes intranet.company.com to the local server vm)
i am mighty proud cause all my experience with linux was with a raspberry pi so far and i am fairly certain i did it right and without shortcuts this time. (unlike my raspberry experience)
just wanted to share
(i also sweated a lot of blood when editing the hyper v settings as i did not set up the server in the first place)
((i also installed xrdp and a mate desktop, but i am less proud of that, but sometimes seeing folders graphically helps me)) -
Can anyfuck tell me what the fuck I'm supposed to do?
So I installed gitlab, reachable under a subdomain (gitlab.example.com) behind apache2. everything works fine.
Now I see this bullshit in my logs, appearing EVERY GODFORSAKEN SECOND: https://gist.github.com/nitwhiz/...
I disabled the bundled nginx in the gitlab.rb and no, it's not "some nginx system service", I verified it is coming from gitlab and oh - btw - some weird svc logfuck runs even after gitlab is stopped! :)
No I won't try your random google result because I read all 3 tickets being at least half relevant to my situation as ANYFUCKER ON THIS PLANET seems to use the internal nginx.
FML.14 -
Hey Guys
Today I'm bringing a tool for you guys, mount servers with old phones Or have servers in your phone for testing.
Tool: Servers Ultimate Pro
Web:: https://icecoldapps.com/app/...
Note1.: Doesn't handle well above android 6+, So test one of the free servers you're intending to use before buying.
Note2.: This App costs around 10€/$ but you can get single App servers for free (I think even html + php + mysql package for free).
Not promotional, I'm just a user that loves this App.
I already talked about this a few times (usually I just call the cell phone I'm using my web server), but as a noob I don't even knot the possibilities.
This App comes with more then 70 protocols (60+ servers and a mix of servers).
From ssh, ftp, html (nginx, lightppd, Apache, simple) with php and mysql, Webdav...
<quote>
Run over 60 servers with over 70 protocols!
Now you can run a CVS, DC Hub, DHCP, UPnP, DNS, Dynamic DNS, eDonkey, Email (POP3 / SMTP), FTP Proxy, FTP, FTPS, Flash Policy, Git, Gopher, HTTP Snoop, ICAP, IRC Bot, IRC, ISCSI, Icecast, LPD, Load Balancer, MQTT, Memcached, MongoDB, MySQL, NFS, NTP, NZB Client, Napster, PHP and Lighttpd, PXE, Port Forwarder, Proxy, RTMP, Remote Control, Rsync, SMB/CIFS, SMPP, SMS, Socks, SFTP, SSH, Server Monitor, Stomp, Styx, Syslog, TFTP, Telnet, Test, Time, Torrent Client, Torrent Tracker, Trigger, UPnP Port Mapper, VNC, Wake On Lan, Web, WebDAV, WebSocket, X11 and/or XMPP server!
</quote>7 -
At this point of my side project I wanted to check out openresty for dynamic proxy creation in nginx.
Happy to check it out I installed centos 7 as guest using new command I just learned virt-builder that would automate vm creation.
Spend 10 hours debugging why I can ping and ssh but cannot get to application port from any network.
Checked iptables, restarted network, reinstalled vm again 3 times with different methods.
Scrolled trough whole internet and it’s mostly outdated problems.
Learned bunch of new commands without new results.
Results were always the same:
No route to host.
Turned out firewalld is fucking thing now.
systemctl firewalld stop helped
Now I know that systemd would kill me at some point for sure.
What I can add at this point ?
Please add more distros, differences, standards and programming languages so world definitely would be better place.
I need a short break now to actually start making shit that I wanted to start at 4-5pm on Saturday.
It’s Sunday 3:30am and time for breakfast.
At least I am happy it started working.2 -
So, i'm trying to get linkr (a pretty cool short link service) to work in a docker container since 4 hours now to host it on my server. There is no official container because it needs a working database connection and stuff during installation which can only be done via console and (for whatever reason I couldn't find out yet) need to be done while building the container. The problem is, I can't connect it to the database while building the container so there is no database during installation to create tables and stuff and the build will fail. ARGH.
Why the hell would you do this????? Theyre actually saying in their readme there is no dockerfile because the config options are specific to your configuration...?!?!
The thing is entirely written in python, so reading and parsing configfiles on the fly should not really be a problem.
Of course I could ssh into the container and run the installation script but that's not the point.
Docker is not about being lazy.
It's about portability.
Maybe I don't want to bloat my server with your 39579372639 npm dependencies? Or I don't want to install a freakin apache, because I have every other site on nginx and therefore wouldn't work with apache.
AAAAAAAARRRRRRGGHHGGGGG
in the end, I'm probably going to modify the thing to install tables when running the container and giving the first user admin rights instead of prompting to enter credentials for a new admin user.
And yet I didn't even speak python. -
I have an nginx question.
Is it possible to send example.com/ requests to a Laravel app and send all other requests to an WordPress app?17 -
So some people really liked the last article I wrote, so I figured I'd share this one that's kinda on the same topic:
https://medium.com/@ksiig/...9 -
Having a shit of a time trying to figure out why Docker containers are not accessing other containers via domain names as they should technically be going through the jwilder nginx proxy container.
Why can't environment setups ever be simple? -
Been trying to learn Docker when I hit a brick wall. How do I use nginx reverse proxy + letsencrypt with multiple containers? I only managed to do it with a single container. Using docker-compose or stuff like that I guess?6
-
my client has the most ridiculous tech stack for displaying an admin ui website I've ever seen.
* They have a mssql as db (on a separate machine)
* node js backend followed by a nuxt js backend (why???)
* then a nginx and on yet another server an apache8 -
to;dr: I think I'm retarded. I don't know how to networking.
got Proxmox set up on my server... sorta. I suck at networking. I bought a domain name, and I'm trying to have each container have a subdomain of the domain name I bought. each container has a unique internal IP address, but they all share the host's public IP address. so after a couple hours of googling, I THINK what I need to do is run a reverse proxy server on the public IP and route each subdomain manually to an internal IP address with something like nginx..... or am I retarded?3 -
I finally got Docker to fully work...my final problem was a missing } in the nginx.conf and I needed someone else to find it, I stg i'm the worst at networking2
-
At the office
5 website is down !
Searching for answer ... Noting. Nginx is calm, php is calm, DB to many connections :O but the DB is interne acces only !!!
Internal ddos WTF
Drupal 8 website -> sorry guy i just fucked up and write 8Go of useless log in watchdog table because something went wrong
Actual log : %errormessage %errortime %vardump
Me : damm he fucked up and cannot write some complet log 🤣
Do you know some module to limit this table size and write acces ?2 -
Why is Docker + SSL certificates so confusing? Or do I just have bad resources?
I just want to know how to compose an Docker, Nginx setup with encryption.11 -
Spent about 5 hours trying to figure out why php-fpm 7.2 was sending a timeout to nginx inside a CentOS 7 container. In the end I couldn't figure it out, downgraded to PHP 7.1 and then everything start working fine. I really hate using CentOS for containers since it also requires privileged mode to be able to start services. Hopefully I can move away from using CentOS for containers soon since the base image is also quite fat.
-
One of the most headache-inducing things about being a developer is having to find a solution to every little ailment that software has.
An example would be: working with a particular stack. LEAN, MEAN, LAMP, WAMP,.. The nightmare of having to deal with every single error in PHP, NodeJS, Apache Server, Nginx, the HTTP spec intricacies, the HTML5 spec, API problems..
Sometimes it's just a lot to deal with and I'm trying not to lose my patience.9 -
Why can no-one, not one single solitary fucker, on StackOverflow get it through their thick skull that when I call PHP's http_response_code() or try to get $_SERVER["REDIRECT_STATUS"], I want the response code from Nginx? No, not Apache. No, I don't want to pass a status code FROM PHP TO NGINX, I want the response code. FROM Nginx. TO PHP.
In what fucking universe does PHP know more about the response code than Nginx? It doesn't. Nginx knows the response code, because that's the fucker that redirected to the error page. I want the error. Passed to the page. From Nginx. To PHP.
NO, http_response_code() DOES NOT MAGICALLY FUCKING WORK, IT RETURNS 200 BY DEFAUL- fuck it.7 -
Tries to fix nginx configuration, that somehow shows the default page for hours. Finds out that the site was not enabled. nginx 1.6 problems
-
I've been wondering about renting a new VPS to get all my websites sorted out again. I am tired of shared hosting and I am able to manage it as I've been in the past.
With so many great people here, I was trying to put together some of the best practices and resources on how to handle the setup and configuration of a new machine, and I hope this post may help someone while trying to gather the best know-how in the comments. Don't be scared by the lengthy post, please.
The following tips are mainly from @Condor, @Noob, @Linuxxx and some other were gathered in the webz. Thanks for @Linux for recommending me Vultr VPS. I would appreciate further feedback from the community on how to improve this and/or change anything that may seem incorrect or should be done in better way.
1. Clean install CentOS 7 or Ubuntu (I am used to both, do you recommend more? Why?)
2. Install existing updates
3. Disable root login
4. Disable password for ssh
5. RSA key login with strong passwords/passphrases
6. Set correct locale and correct timezone (if different from default)
7. Close all ports
8. Disable and delete unneeded services
9. Install CSF
10. Install knockd (is it worth it at all? Isn't it security through obscurity?)
11. Install Fail2Ban (worth to install side by side with CSF? If not, why?)
12. Install ufw firewall (or keep with CSF/Fail2Ban? Why?)
13. Install rkhunter
14. Install anti-rootkit software (side by side with rkhunter?) (SELinux or AppArmor? Why?)
15. Enable Nginx/CSF rate limiting against SYN attacks
16. For a server to be public, is an IDS / IPS recommended? If so, which and why?
17. Log Injection Attacks in Application Layer - I should keep an eye on them. Is there any tool to help scanning?
If I want to have a server that serves multiple websites, would you add/change anything to the following?
18. Install Docker and manage separate instances with a Dockerfile powered base image with the following? Or should I keep all the servers in one main installation?
19. Install Nginx
20. Install PHP-FPM
21. Install PHP7
22. Install Memcached
23. Install MariaDB
24. Install phpMyAdmin (On specific port? Any recommendations here?)
I am sorry if this is somewhat lengthy, but I hope it may get better and be a good starting guide for a new server setup (eventually become a repo). Feel free to contribute in the comments.24 -
Using grafana together with tinc+promotheus, has been a blast.
Initially I wanted to get into ELK with Kibana and all that, but that required 8G of ram, the instructions to get it running in the open source "mode" was nearly non-existent, together with all the ready docker compose stacks out there simply not working or the images being broken.
I'm sure I could've managed around most of those issues, but the fact it is as hungry as gitlab, made it a literal no-go for the usual server resources my clients host or my own scaled down server recently.
Thankfully I remembered that there's grafana and me having experimented some time ago with tinc, so I can have very lightweight beat'esque prometheus agents deployed listening on tinc local net only, with the typical nginx auth and some whitelists to all of the servers I host and all those of my clients.
The dashboard creation was especially great in grafana (tbf promotheus does actually most of it), literally what I always wanted out of those "complicated" solutions, that do it all, but have no proper query language, complex documentation, heavy collectors with no properly named data points, expensive resource runtimes, ..
with grafana I can just easily put dashboards into folders, create users to look only at certain stats or even dashboards (opened up some interesting contracts actually, because now I can also offer proper monitoring for all things delivered), easily drag and drop around stuff to fit more information (most others fix you to a small 3x2 grid, a too big grid for a TV or simply non resizable tiles, making that one counter take up an entire row) and resize to my hearts desire
tinc of course allows me to easily create private networks that are resistant to failure across any region and the routing is done for me, so I don't have to run around it all that much either
P.S: a damn tiny fly went into one of my now 4 monitors and died right in the middle, because I thought it's just some dirt and I pressed it in while trying to wipe it off, so that monitor now serves as the top most on a vesa mount5 -
System engineers who are "too busy" (facebook too much) to try anything new and get a heart attack when you only mention nginx
-
Web server configuration sucks.
Apache or nginx have they're own custom configuration language and I don't understand why.
We've plenty of languages to work with: why we should learn some another custom commands with enigmatic commands for weird stuffs.
I'm not a python funboy but, a web server with python based configuration file will be so easy to setup and to maintain.9 -
Ok, so i got this new machine and whilst migrating I want to stay online with certain services. So atm there is x.web.nl and y.web.nl both have ssl and one runs on server x and the other on server y. Now is the question how the heck do i forward that ssl file??? I figured i have to do something with my nginx server block. Because that is terminating the cert. Can someone help me out??1
-
*The one where he breaks ssh*
TL;DR: Minikube's dick is too big, and my ass wasnt ready.
So there was a time about 2 weeks ago where i wanted to try and set up a minikube cluster using SOP, and that actually went okay, aside from having to move over to a completely different server after discovering that my processor doesn't support virtualization.
So i set it up on my other server, and everything immediately starts going to shit; i can no longer run commands without processor latency. Also top shows 200% CPU usage. Maybe i should stop... NAHHH... so i continue on, and the biggest fuck up was starting up the nginx pods. I have 6 of them, and the moment i try and stand up my custom container which was the WHOLE POINT of this whole exercise, i lose ssh access and cant get back in. I go over to the server and kill the minikube and virtualbox processes, and everything's back to normal.6 -
this time i'm writing down the fucking dumbass docker nginx configuration and pasting on my forehead
every fucking time some letter or IP address is wrong.
just installing the standalone nginx that actually works every fucking time and doesn't pull some idiotic docker shit on me1 -
Today was a painful day when I realized that I need to backup my nginx configs like I backup my actual data. 20 minutes of downtime turned into an afternoon when I accidentally deleted the nginx config backups on my server. It's been... let's say fun.4
-
So, I manage my server with docker containers (nginx-proxy and the letsencrypt-companion). I limit access to some subdomains using basic auth, but I want to use client certificates for convenience.
So my questions to the experts:
1) Do you know a good (and convenient) way to manage client certificates ? This should include revoking certs and allowing specific certs only for specific subdomains.
2) Should I use my letsencrypt CA for this or would a self signed CA better suited?
3) Any things I should be aware of?1 -
Was having problems on a VPN where my URL was constantly redirecting to https, after https was disabled, spent ages reconfiguring nginx, removing and adding nginx again with no luck. Eventually said fuck it, backed up everything of importance, destroyed the droplet and spun up a new one. Installed nginx and redone the DNS for the domain only for the same thing to happen. It was at that moment I discovered it was chrome caching the HSTS domain. I now have a long night ahead of me configuring the new droplet and restoring the backup data.
-
Request for internal service
FW takes request
FW NATs request to external / WAN IP
Other FW (different location) gets request
DNS redirect for whole domain
"data-zone: *.*.*.org redirect"
Via DNS redirect request goes to LB
LB sends request to other LB
LB send request to NGINX server
NGINX resolves via Host header
And now you get a TLS handshake error somewhere in the travel of the request...
The level of fucked: my arse can take the Eiffeltower horizontal. -
man, this nginx micro-services stuff is unreal - take your monolithic OOP application and split it across your environment and let them talk REST to each other. so sweet!6
-
I've had my site up and working for a few months now (still need to finish building it properly the template project is still half default lol) but because I setup the Nginx server on a digital ocean droplet myself using both for the first time ever I obviously made some mistakes. It was up and running though just always spouting 'nginx[1755018]: nginx: [warn] conflicting server name "jessiejfoley.dev" on 0.0.0.0:443, ignored' whenever I 'nginx -t' or 'java.security.cert.CertificateException' on this server monitor app I have on my phone
But it was up and ssl seemed to be working so I ignored it
today I learned about https://sslshopper.com/ssl-checker...., which told me my intermediate certificates were not functioning properly, I was bored today and didn't wanna be too productive (else boss expects the progress I've made this week every week) and decided to finally go through and see about getting everything fixed properly starting by reinstalling the certs and double checking my commands.
2 hours later I still can't fix the cert errors so I decide to focus on the conflicting name error. Go through the nginx directory cleaning anything non essential or things I put there while trying to figure out how to get it up originally (learned as I was going lol bad practice I know, but it's just a practice site that'll eventually be a portfolio when I feel like making it properly and investing an adequate amount of time)
as soon as I get rid of jessiejfoley_dev.save.3 inside /etc/nginx/conf.d (my actual site is in sites-enabled) my server monitor app stops reporting the cert error and when I check the ssl checker everything is properly working now.
so the easiest problem to fix was actually the cause of all my problems. I'm and idiot and this shows I still have a LONG way to go to actually knowing what I'm doing at all.1 -
Hugo framework:
1 hour to set it up
1 day to read the documentation
1 eternity to actually fucking deploy it5 -
Somebody please save me from the flaming pile of shit that is nginx.
I don't want to deal with it's crappy .conf bullshit ever again. I don't want to deal with its lack of readable docs, or the way it gives zero direction in its errors.
Is there a nodejs solution for this yet? Please tell me there's something out there that isn't so old and stinky it makes me want to vomit.16 -
So after my webhost told me the reason my ssl was broke was due to an issue I had no control over i threw a fit any 12 year old would be proud of (im 22) bought a new domain name and ssl certificate. Created an account on digital ocean for the cheapest tier and got to work learning about nginx (just to learn my new thing for the day nothing against apache) real quick
Few hours later https://jessiejfoley.dev is working
No content yet. But no server side errors I cant fucking fix through a limited dashboard
Don't know if that counts as petty but I feel better now7 -
Fuck these apache2 and nginx configuration that fucking make my life miserable. Why can\'t I fucking edit the files inside /var/www/html? Fuck that. Why can\'t I access a subdirectory inside it? Fuck! In Node.js, you can fire up your server pretty easily. Then you tell us that JavaScript sucks? Fuck me dead.21
-
PISSED.
Fucking Docker, for no fucking reason (no updates, no changes, etc), I tried booting it up following the morning ritual, and nope, ERR_EMPTY_RESPONSE when connecting to my current project (means I managed to connect but for some reason no data is sent). Nginx container doesn't yell about anything.
Everything around works. Accessing the container works. Even pinging my dev domain works. Why the fuck suddenly fucking Docker just **stops**?!
Restarted Hyper-V, updated laradock, recreated containers, disabled AcrylicDNS. NOPE.
"Fuck you Phlisg, I'm not in the mood today" <lunatic Docker is lunatic>
ARG. -
Recently I completed a whole year in programming. Holy jebus, I have no idea I could make it through.
I started thinking I was "decent" at this because I had taken a half dozen courses in python plus some algorithm logic in school lol @ innocent me
I'm an applied math student and I hereby declare I was the most incompetent dude you'll ever see.
I've been through so much shit I didn't realize I had a shitty boss, because one would think it's normal for a beginner to approach everything in programming because I was told to do so. Full blown restful apis, stateful redux react apps with responsive CSS using Google's material design. Don't forget to dockerize everything and deploy the swarm on Amazon cloud all the while having to run integration unit tests, make sure all the rules on your nginx are correct we don't want exposure do you know how to write a visualization tool on JavaScript so we can 3d-fy some x-ray prints and good luck balancing tight schedules with your school and girlfriend ye right lul
My manager would ask me to deliver new shit to an app I was developing mostly by my self in react (I barely even knew what RFC or ES6 was by the time I started).
I got fired from this project because I couldn't deliver by myself what 5 experienced dudes could (debatable, but still... Cuz they couldn't when they took over. Boss wanted to rewrite the whole app in a week and a half)
Turns out I got called back by the same company but to contribute in another project. This time to automate some shizzle with python.
Feelsgoodman but I want out ASAP can't stay sane for longer -
let rant: (Bool, Bool, String) -> Void = { (isRant, isDev, contents) in
print(contents)
}
rant(false, true, "
So, a year ago more or less, I set out to teach myself some server-side programming on the side.
Many (MANY) tutorials, Digital Ocean droplets created and destroyed, coffee mugs and FMLs later, I can say 'Hello World' from Node.js - built from source and not running as a sudoer - using express and forever on Ubuntu, behind another Ubuntu server running nginx - also built from source so to add headers-more and naxsi - using all sorts of goodies to enhance security and talking to each other via SSH. Oh, and taking to the world over HTTPS with a grade A on SSL Labs (I know this doesn't mean much to you. Yeah you, rolling your eyes over there. So why don't you just bugger off before even commenting? Haha)
Feels good man.
")2 -
"Oh, sorry I didn't write you back! I checked 3 hours ago, and we only add the data once in our database before sending the notification to your endpoint, so everything is fine! Check if you run the same functio twice, it's an easy mistake!"
You. Fucking. Moron. You send the data 2 or 3 times (at random) every fucking time. I have nginx logs showing that, and I've fucking shown them to you TWICE. I don't fucking care if your DB is fine, check how many fucking times you POST the damn data. We're already 2 days behind schedule because you can't be arsed to check your own damn code. Ffs. How can you even be a senior developer?! -
Gah, I just received this Ubuntu 18.04 VM with 8 cores and 8 gigs of ram, and since it'll be a production server both serving public and "private" networks (yes, shout at me, but projects won't be about hosting sensitive information, I wouldn't put all that on one server), and I'm struggling between my options.
Docker, or not docker?
The server's main use is to host our growing blog and install Varnish, which will hog some ram after a while. I use Laradock for my dev projets, it's really easy to develop with it, but I am unsure if it fits a production environment with performance, security and traffic load in mind :(
I read Docker has stability issues (in 2016-2017), and can bring the machine down with it, I don't know if I should just install the software (nginx, apache, percona/mysql/maria) without "containerizing" it and go for it
I'm lost xD7 -
That awkward feeling when you try to make an easy to pick up and use UI and fail so horrendously, that even a person otherwise skilled in computer management fails to grasp it...
I'm looking at you Synology and your fancy DSM bullshit that I just spent 2 hours trying to make available on WAN.
I almost gave up... Then realised I can log onto there through SSH, sudo su onto root and check out the webserver configuration (nginx) manually to make heads and tails of how to use it!
God... Its just tuesday, and I already feel like I need a shot of something strong... -
Remote into a machine in order to remote into a machine to setup wordpress site on an IIS server using wamp behind nginx. That was my day, as the FE dev who never built the WP site and knows diddly squat all about setting up servers.
-
FUCKING NGINX...........
I moved a website to a new server, and nginx redirects me to another fucking website on the same server. I have been trying to fix that for FUCKING 3 HOURS. I did everything. Disabled EVERY site on that server except that one, works. I go back. Guess what..... haha it goes back and FUCKING REDIRECTS ME TO OTHER SITES. You have to be fucking kidding me right 🖕. I check if I miswrote anything, check if it's the control panels fault (doesn't look like it). I make a vhost myself for the site (with the other still active to check if it detected the vhost). Reload...
nginx: "One vhost was ignored because the servername already exists". Yeah yeah you twat nginx.
So le me disables every site again (except le not working site). I enable every site again.
nginx: "owh hey * someip * heres the site".
Me: .............. 😡😡 fucking twat. 🖕🖕
BTW, have no clue what caused it. Seems to work now. It shouldn't be a DNS issue I checked that. Anyone any ideas? Appreciate it.3 -
after installing and configuring NGINX + uwsgi + emperor for 10+ hours, the final resolution is... reinstall OS... wut?
-
Use alpine, they said. It'll be fun, they said. Spent ages trying to figure out what was wrong with my fresh Docker swarm. I tried everything, then I noticed that nginx was calling some random IPs instead of the web container's. Turns out the alpine image doesn't have a library that would properly resolve the IP of the container. I replaced it with the main nginx image and it's working perfectly 🙄
-
I fucking hate the Nginx Ingress Controller for Kubernetes. Fucking piece of shit. You fucking can't do a fucking simple rewrite and proxy pass???? Fucccck!1
-
I'm facing something strange, I have set the following headers in Nginx to return:
strict-transport-security: max-age=31536000; includeSubDomains
vary: Accept-Encoding
x-content-type-options: nosniff
X-Firefox-Spdy: h2
x-frame-options: SAMEORIGIN
x-xss-protection: 1
But I only get them when I browse root of my website, but if I go to https://website.com/subPage
those headers are not returned, now I did set them only on
"location / {}"
Any other headers I am missing that needs to be set?
in nginx, but how do I force it on all sub pages, or there is no need?2 -
"Upgraded" to nginx over the weekend. Setup SSL to be secure and felt good about myself. Woke up to find PhantomJS can no longer access the site to generate PDFs. Had to remove the ciphers block until I figure out what it's compatible with. FML.3
-
Debugging code that mutates somewhere between returning a response and exiting trough nginx. Dafuq is this madness. It happens seemingly at random.
An async func calls the server that responds in some gibberish madness 1 in 100 times. How am i supposed to debug this! 🤬 -
Currently installing Nginx in my OS X via Homebrew. Hope this goes all well + adding of HTTPS in it. Then will study nginx configurations. After all that, I will apply it to Laradock. Push! Excited for this! 💪 😎 🤜
-
Spent a couple hours trying to obtain an SSL certificate to encrypt my site last night... No luck so far. It kept saying it doesn't have access, when I verified that nginx serves to port 443...20
-
Am I an asshole for not wanting to learn infrastructure/AWS?
im sure it isnt rocket science, but somewhere from within, even if I try my body rejects it will every fibre of its being
manual bare metal servers, deployment scripts and firewalls? sure im all in
Containers, k8s tied to nginx on the said server? sure
Entire end to end as long as it doesnt involve AWS? done and dusted
But add AWS/Azure to the mix and I'm oil to water 😪7 -
Not fair! How come Apache gets its modsecurity module pre-compiled and available in public repositories, but Nginx hides it behind a paywall of their "Plus" package/version?
Ugh... At least they provide the module's source, so one can compile and deploy it by himself...6 -
First week at the University, i became a circular mail with an offer for a place in the webteam. Requirements were a basic knowledge in linux/ubuntu and its packagemanagement and also some minor basics with nginx.
one day later i decides to mail my interest and that i mostly self-taughted me using linux since some years and began programinga year ago with python and recently deployed my first project in a VPS with nginx.
either, my qualification is quite high for that job or i was the one and only applicant, but who cares, i'm in.
this is my first employment in the it area,so i'm quite exited, even its mostly an administrative position. i gonne administrate the vm's for some websites and a special portal for students.
but! due to the fusion of two faculties at my university, there will also be two websites to be merged( our is on zope/plone and the other is a typo3) (computer science vs media... no really^^
well, now i have to wait for the doodle for the first meeting -
Most of the web stuff I have done in the past have been PHP, Wordpress, cgi, etc. I read about nginx and was very impressed by what it accomplished in the last 20 years. Now I have a desire to play with this tech for fun.
What I want to do:
- create, manage, and launch minecraft servers
- provide a web interface for managing servers (I would like to learn how to make the server use the infrastructure of nginx to be managed like its other services)
- make this packaged so others can use this (probably on github)
I don't know anything about nginx other than it is really really cool, can serve massive amounts of web pages, and can do a whole lot more than that.
Question:
Is nginx suitable for this? Is this a big learning curve? Will I have fun doing this?
I am currently running a multi-instance minecraft server being managed by a piece of software called Crafty Controller. It is really neat. However, I am finding it buggy. I also see that the next version of this software will be behind a patreon. This is really disappointing. So this is spurring me to consider building something fun for myself, and if useful, for others.
I will most likely do very barebones and inflexible web interface that just gets the job done. I know enough to get by. So I assume I have a large learning curve ahead to do this.
Any advice? Is this going to turn into a large time sink?2 -
Today wasted around 5 hours installing nginx, apache stills working and keeping listen on 80 port after uninstalling it reboot finally the thing was i dont change the fucking dns of the server and trying to connect to the domain 5 hours later tried to connect to the ip... Fuck my life1
-
We need to create simple form for colection few particular people data for some bounty programme.
We have ready-made website that does similar stuff, but it was outsourced and we have compiled javascript (sidenote - im only person in this place who understands f**ng javascript but hates it deeply)
Anyway, they come to me, and say that creating this google doc will take them few minutes and it seems that editing few divs in the site and creating second one with another subdomain will do the trick.
I tell them that it will take a lot of time to reverse engeneer that compiled react.js website to change few divs. But they insist.
So we start out, I pop up the terminal, copy over site, add nginx config for it, apply SSL to it, we are already good 5-10 minutes in, first roadblock - CORS. At this point I tell them that with google form they would be already done.
What I hear?
But we will need to make again privacy policy
Me:
Can you just link privacy policy from this site?
They:
Oh... it makes it easy now.
My internal voice:
next time try to use brain.... -
So... I got a simple task of choosing the best fitting NIDS/MIDS, as well as deploying it, configuring to fit a specific use case and monitor its outputs for one client at work today...
I'm a little... Anxious. At a first glance, setting up like... Snort... Doesn't seem all that difficult, but I have no idea where this takes me and if what I come up with will ultimately be useful or not... Until now I did simple service configuration changes like apache, nginx, php... And a bit of database management with things like mariadb, mysql, postgresql, mongo or elastic... I feel so... Out of my usual waters.
Do you guys thing a person without a title in network security (or... Any title for that matter) can even manage this?...1 -
I asked a question on StackOverflow for the first time since none of the previous answers solved my issue. Nobody is answering. Should I be scared?4
-
Looking for advice here.
Is it wise to use nginx instead of Apache if running php (in regards to the LAMP stack)? And can php be kept strictly in the backend? I've never used php before and now I get the chance (yippie) so I want to hear what you guys have to say. Previously I've used node. And also, can frontend libraries like react or vue be used alongside php or is it just going to turn into a smorgasbord of nonsense.
Thank you for any advice :)5 -
Did any of you tried to configure iRedMail with an https only domain that also maps in nginx as a reverse proxy?
(Ps: FFS why the developers of iRedMail develop with nginx in mind but there isn't any .conf about iRedMail?)16 -
debugging escalated hard. started with neos, went over Apache and nginx. no more problems there after a clean db import. spent the whole day on this and endet up with the "result", that varnish, this fkn (most of the times helpful) bastard, is the problem. didn't get any results after that. meh.
-
So until now I ran bitwarden official docker image on my server but as I forgot to create snapshot before updating yesterday and the whole network got fucked up :D I installed bitwarden-rs (Rust implementation) instead... Aaand it is sooooo good! It takes only around 20MB of RAM instead of 1GB+ and it is just lightning fast. Also replaced Apache with nginx for the first time and I love it so far.5
-
Trying to get a multi container setup using nginx (also in a docker container) to work with web sockets. There's a chance that the load balancer will also cause issues later. And the front end uses nuxt, which will probably also cause issues once we turn server side rendering on as well.
This is not really something I've studied deeply before.
I'm not having fun.1 -
!Rant
Hell yeah, I love that feeling! I have absolutely no idea about working with the LEMP stack (nginx in particular) and I'm slowly figuring out how to get it working. Even tho I just noticed that chrome doesn't support npn for http/2 and that I am still up (GMT+1) I wanna continue working in this project. Man, I love that feeling <31 -
Damn you nginx...
Let's say you have a simple location directive like:
location / {
auth_reques /auth;
index index.html;
}
location = /auth {
internal;
proxy_pass <...>;
}
Now guess how often nginx makes a subrequest to /auth.
Thats correct TWO times... "why?" you ask?
Well isn't it obvious that nginx hits the auth request, then rewrites the request to the index file, hits the auth request again because it's technically a different request now and then proceeds to hand out the file?
Thanks for documenting this. NOT6 -
For 2020 I want to achieve more insight of my already running collaboration service/tool for businesses by talking more to managers, chiefs and workers.
And for a better internet community a GUI for NGINX for home servers (any PC) that could interface with purchased domains to make configuration become automatic, to make self hosted web-apps/services more accessible and streamlined. -
I have a domain and nginx server configured on digital ocean. Im trying to make it so i can forward any emails to support@mydomain.com to an existing gmail.
can anyone link a simple guide for this? everything i saw seems to be half solutions that didnt work for me7 -
This had just happened, I was trying to increase the default timeout of an nginx running in a container for a proxy pass and always got a 504-gateway timeout response. I was setting proxy_connect_timeout, proxy_send_timeout, proxy_read_timeout, send_timeout, keepalive_timeout, etc. and nothing worked, after two hours of adding and removing lines of configuration (and waiting 1 minute for every time I tried a request), then I realized I have a local nginx for redirect server names to local ports (the container), that nginx was the one that actually responds with the 504 error, after that I tried a request with the port of the container ALL WORKED!!!!
-
Every day is tempting to me..tempting to use some solutions i am not sure that i can handle it.
The Company i work for has an external IT Partner that does all the heavy lifting when it comes to our infrastructure, like installing servers, doing the installations and such. I mostly monitor it and do basic maintenance. Its all windows.
Recently i thought about adding a fifth Hyper V instance for an intranet webserver...based on some linux distro (probably ubuntu cause that is what i am familiar with). But i am not THAT familiar with ubuntu or any linux distro..buts its just the intranet and i already installed nginx and apache with success, what could go wrong?
today i sketched some intranet websoftware our production might find useful to collect data input from our workers (we are somewhat small so there is no big ERP software as of now). When thinking how to realize the data input i thought that maybe a basic raspberry and some cheap 1280x800 10.1 inch touch panels would be best..its very tempting, but on the other hand i am not sure i am ready for that, my experience is shallow and only based on my own RaPi that i 99,99% run headless. On the other hand it would be a very small and space safing concept..and cheap..compared to the use of Laptops (the go to company solution when computers are needed).
It also had the risk that i am the only one that could unfuck anything if things go south..it also has the advantage that i am the only one who could fix things when it goes south...
so much temptation -
just happened and I swear, NPM is really affecting my brain in a bad way. i was going to install nginx in my ubuntu server. just like any other apt install with slow internet, i went afk to make a coffee, come back realizing something went wrong but it was red (which is unfamilliar), scroll back and figured i was using `npm install nginx` instead of `apt` 🤣
-
Im always trying to learn new things. Im passionate about learning new things, especially development. So much i started a small collaboration group of developers and slack group to collaborate new projects/ideas,get to know new people, and just to learn new things from each other. The group is not language specific developers only, but mostly consists of PHP/Laravel developers at the moment, so im always trying to grow that network as much as possible, so if you would like to join my network to collaborate new ideas or to just even talk to some cool cats, ill send you an invite any day. Anyways, back to my original reason for this post. Im mid level developer who considers himself pretty knowledgeable in PHP and Laravel. Im curious to what other developers use to learn new things. Im constantly questioning my skillset and compare myself to senior developers who always blow me away with their knowledge which often makes me feel like i dont know enough. Currently I use resources such as:
-laracasts.com
-serversforhackers.com
-digital ocean articles or any textbook that wont cost me an arm and a leg lol
I mean i just want to learn about tech related stuff always but currently interested in learning specifically about development topics such as:
- Server administration because i would consider this my weakest skill set (things like provisioning,nginx/security, deployment)
- Continous Integration (as ive never been at a job that practices it)
- RESTful APIs(as ive never developed one)
and so much more but i wont waste your time with my never ending list. What resources/tools do you guys use for your learning?6 -
What is your guys' preferred webserver?
Apache, nginx, lighttpd, hiawatha, caddy,...?
I lean towards lighttpd and hiawatha8 -
Wanted to make an auto deploy script for nginx combined with git for websites i work on. Guess ill learn bash on the fly1
-
Anyone use firewall / WAF for their Nginx?
I found NAXSI (https://github.com/nbs-system/...) , Let hope it not going to f**k-up the production system1 -
I got situation here,
I am getting 524 error from cloud fare. I sent some data using AJAX, process it and then return the result. Since the data is large and have some SQL manipulation on it so it take a lot of time. I put the process in back end. But still even for 10k records it took 4-5 minutes to process, Issue is everything works fine but since cloud fare response time is 1-2 minute so it through 524 error (as it does not getting any response within its time frame). How I am suppose to tackle this. May be using job scheduler now ? My client simply refuse to send small data. My Friend is suggesting don't use ajax, simply reload the page. But again data is too much so page loading will also through 524 error. Kindaa stuck here. Any idea/suggestion how I can proceed.
Language I am using PHP. Database, MySQL and SQL.
Hmm Here is some more explanation
https://github.com/marcialpaulg/...
But not working
Here is also something
https://stackoverflow.com/questions...
But I am thinking why redirecting ? It doesn't make sense to me7 -
Can somebody give working example how to solve
Access to XMLHttpRequest at 'localhost:8000/index.php/api/companies/1/logo' from origin 'http://localhost:8080' has been blocked by CORS policy: Cross origin requests are only supported for protocol schemes: http, data, chrome, chrome-extension, chrome-untrusted, https.
this error is talked so much but no working solution I can find. Maybe it is somewhere but cannot find so far in the internet trash.
Nginx server.
Not by installing chrome plugin, because other people would also need to install it. Thats not a solution.20 -
f***ed with Nginx + php7.0 FPM
connect() to unix:/run/php/php7.0-fpm.sock failed (11: Resource temporarily unavailable) while connecting to upstream
#socket_vs_tcpip -
What the hell, why is every damn article about nginx logging practically the same, I just want to see an example of an error log line and I guess I’ll have to actually go look at a running instance and produce errors
-
I'm going out of my f&;$)" mind trying to serve my site from digital ocean with Nginx and Node. Won't serve my page no matter what I do 😭😭😭😭
Literally been on this for 10+hours at this point.1 -
Does someone of you have a minimalistic configuration for php micro-framework laravel/lumen or symfony/skeleton with Apache or nginx?
It is somehow pain in the ass to put up a running docker container for this kind of projects :/1 -
From morning to afternoon, finally installed Nginx, Postgre, and phpPgAdmin.
my head is like, I have smoked some third class weed.
I am done for today. -
I kinda wonder why so few server frameworks have actually implemented the FastCGI spec, instead of running their own weaker HTTP server that needs to be put behind something like nginx for production anyways.
-
Change socket to tcpip and now getting
"recv() failed (104: Connection reset by peer) while reading response header" -
Is web server like apache or nginx required if there’s no static resource and no need to reverse proxy?9
-
can anyone tell me where I can find sample server log data? I need access log and error log for Nginx, Lighttpd, Apache Tomcat, Caddy, Hiawatha and NodeJS. Do you know any website for this?5
-
been working on this docker thing for 2 weeks. 3 containers each running a different aervice (mariadb, nginx, wordpress) using debian as the base image (not the app image itself). Got all the configs down, all the dockerfiles down, the docker-compose yml down. Run docker-compose up, everything goes up all nice without errors.
Try to access the wordpress website. Only reachable from localhost, no atyling is served, all redirections fail… because it can’t find the local domain it is supposed to bind to. Tried editing the hosts file, didn’t worked. 3 days of googling, havent been able to find a fix. I don’t know what am I supposed to hate anymore. Is it nginx ? is it wordpress ? is it just the host machine’s dns/hosts config ? is it docker ? myself ?
I swear theres nobody in this world who wakes up one morning and happily cracks their knuckles to go write some dockerfiles.1 -
doing an assignment.
me, thinking to myself: "why the heck everybody pastes over an nginx config when they want to script switching the autoindex on or off?
thats not linux at all you sed the fucker that's how its done...", feeling all smart
> type it
> test it
looking fine, as always. im born for this shit
> run it
>restart nginx
restart fails.
i check if i didnt sed any whitespaces, everything seems fine
>restart nginx
fail again.
look closer
.
.
.
.
4 lines below intended target: "locatioff" lmfao3 -
I spent most of today debugging the server part of my service. The logo on the page didn't show on the local Windows Server.
My first thought was that the static files path is messed up (nginx with Windows path might be confusing, is it D:/file, D:\file, or even D:\\file), so I tried playing with it. But wait, the page works, so it must be something else because css and js and even the fonts are loaded.
Could it be a cache issue? Are the images too big?
No, fuck you Microsoft, Internet Explorer doesn't show webp images. FML6 -
I really can't find a good and light open source ecommerce solution that doesn't require Wordpress or any other bloated framework.
I got a small company which I just work as a microelectronics/programming teacher and I want an automated solution where people can order and pay for preconfigured kits.
I usually use Nginx with Nodejs. I had a look at Reaction Commerce however it requires 1.5GB RAM as of now (I got a 512mb RAM server). And I don't see how a few visitors should mitigate the use of such an overpowered solution.
How do other developers do ecommerce solutions without using bloaty software? As of now I'm considering to just create a solution myself with a template engine and an API.2 -
I need some clarity with the situation below.
I have my API ready.
Let's say I have a route /reset/token,
I want to be able to serve a html file with css and all that once I've processed the token internally.
I've not worked with the whole stack before so I've never really served files based on conditions i.e if the token is valid serve x else serve y.html
Also, I'm pretty sure node.js isn't the best for serving files.
So I'm taking another approach with nginx which is to implement /reset/token to serve the static file with it's coupled js file to query the API. Seems standard to me but I have this feeling that a prefilled html would be more secure than one with exposed js.
Is this the right way? Should I worry about my API calls being exposed via the js fil ? Is obfuscation the only way to handle this ? Is this the way everyone does it cause somehow I don't see the key js files in most sites. How are they hidden if so? Or are they?
I'm confused and also nginx won't let me rewrite /reset/token to something else without changing the browser url field. How do I prevent that ?1 -
I am trying to git clone my existing bootstrap website project and open it on my nginx localhost server.. I have already cloned it but its not opening while I am browsing my localhost. can anyone please help me with that ? I am usig ubuntu.
-
wanted to set up a k3s cluster with my pi's. took me a fucking whole day to find useful ansible playbooks (which I needed to fix because outdated).
I want to habe metallb and nginx ingress running, so that differs from the default.
and now i spent the whole day trying to install a fucking pi hole and for some reason metallb does not fart out an external ip for the pi hole.
found several issues regarding this matter.
maaaan i am completely new to this whole clusterfuck and i feel a bit overwhelmed atm. i thought this would be easier. am i just an idiot?8 -
so I got the reverse proxy all set up on my server, forwarding all the right headers to enable SSL behind reverse proxy. awesome! my only problem remaining is, since nginx only handles HTTP/S traffic, I can't connect to my gitlab instance via ssh. anyone know how I can proxy this traffic as well to enable ssh connection for git?2
-
Want to deploy laravel website on Amazon ec2 with nginx server... I did install php, laravel, mysql server & cloned repository. But can't migrate to database.... The error is connection refused.
Can anyone give reference for this? 🙏🙇13