分类目录归档：Nginx

produced an unexpected error: ‘ascii’ codec can’t decode byte 0xe9 in position

把配置文件里的中文字符串删除就好了

$ sudo grep -r -P ‘[^\x00-\x7f]’ /etc/apache2 /etc/letsencrypt /etc/nginx
將看到的內容，全部進去檔案刪除
刪除這些編碼後，在重新執行 Let’s encrypt script 就可以通過囉~

Attempting to renew cert (www.xxx.com) from /etc/letsencrypt/renewal/www.xxx.com.conf produced an unexpected error: 'ascii' codec can't decode byte 0xe9 in position 5: ordinal not in range(128). Skipping.
All renewal attempts failed. The following certs could not be renewed:
  /etc/letsencrypt/live/m.xxx.com/fullchain.pem (failure)
  /etc/letsencrypt/live/www.xxx.com/fullchain.pem (failure)

参考链接：https://blog.longwin.com.tw/2019/01/letsencrypt-ascii-codec-decode-fixed-2019/

2019/08/21 14:39:53 [warn] 11628#11628: *2856217 an upstream response is buffered to a temporary file /var/cache/nginx/proxy_temp

“GET /_nuxt/fonts/c61b9c1.woff2 HTTP/1.1”

“GET /_nuxt/e46e23e8722289834df1.js HTTP/1.1”

代理里请求比较大的静态文件导致的！

nginx: [warn] duplicate MIME type “text/html”

我检查配置文件发现疑似gzip漏写了text/html，加上去后反而报警告了，百度发现：

https://blog.csdn.net/liangyuannao/article/details/21378113

解决办法：去掉下面一行中的“text/html”。

gzip_types text/plain text/html text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;

原因：text/html根本就不需要写的，gzip默认就会压缩它的，只不过以前的nginx版本不提示这个警告而已，新版本的会出这个警告。

laravel 获取真实ip的事项

# 这个逻辑可以放在中间件里，判断白名单（127.0.0.1或你的其他代理服务器ip）
$ip = $request->ip();
        if (in_array($ip, ['127.0.0.1']))
            $request->setTrustedProxies($request->getClientIps(), Request::HEADER_X_FORWARDED_ALL);

# nginx 配套配置，如果你是nginx转发，按照这个标准来
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;


# 获取IP
echo $request->ip();

X-Forwarded-For 相关连接：https://en.wikipedia.org/wiki/X-Forwarded-For

proxy_pass isn’t working when SELinux is enabled, why?

$ sudo setsebool httpd_can_network_connect 1 -P

https://stackoverflow.com/questions/27435655/proxy-pass-isnt-working-when-selinux-is-enabled-why

SELinux nginx切换目录

is forbidden (13: Permission denied), client:

chcon -R --reference=/usr/share/nginx/html/ /home/html/
# 将默认目录的权限配置复制到新的目录里

ab压力测试

apr_socket_recv: Connection reset by peer：
https://www.cnblogs.com/archoncap/p/5883723.html

ulimit解除: https://blog.51cto.com/853056088/2091839

2019/05/03 07:43:36 [crit] 27684#27684: accept4() failed (24: Too many open files):
worker_rlimit_nofile 51200;

selinux 解除：
2019/05/03 07:46:07 [alert] 43314#43314: setrlimit(RLIMIT_NOFILE, 10000) failed (1: Operation not permitted)
setsebool -P httpd_setrlimit 1

php开启opcache可以提升80%左右qps
[root@abcdocker ~]# tail /etc/php.ini 
zend_extension="opcache.so"

docker初探小记


# 启动个nginx
docker run --detach --publish 80:80 --name webserver nginx
# 停止nginx
docker container stop webserver
# 删除容器
docker container rm webserver

–detach等于-d 后后台运行的意思

可参考链接：
http://www.runoob.com/docker/docker-command-manual.html

CentOS 7安装docker：

yum-config-manager \
    --add-repo \
    https://download.docker.com/linux/centos/docker-ce.repo
yum install docker-ce docker-ce-cli containerd.io

accept4() failed (24: Too many open files)

nginx添加如下配置然后reload一下就好了：

worker_rlimit_nofile 655350;

worker_connections  60000;    # 需要小于或等于  worker_rlimit_nofile

2019/12/14 20:24:12 [alert] 2642#2642: setrlimit(RLIMIT_NOFILE, 65535) failed (1: Operation not permitted)

setsebool -P httpd_setrlimit 1

https://www.linuxquestions.org/questions/centos-111/nginx-setrlimit-operation-not-permitted-4175599913/

kernel: TCP: request_sock_TCP: Possible SYN flooding on port 9000. Sending cookies.  Check SNMP counters.

[alert] 1319#1319: 1024 worker_connections are not enough

php-fpm 高并发、502解决方案

继续阅读 →

一	二	三	四	五	六	日
« 12月
		1	2	3	4	5
6	7	8	9	10	11	12
13	14	15	16	17	18	19
20	21	22	23	24	25	26
27	28	29	30	31