We have a fairly complex nginx config however the vhost that I know I am having
issues is quiet simple.
We have aio threads ; enabled
/usr/sbin/nginx -V
nginx version: nginx/1.19.6
built by gcc 8.3.0 (Debian 8.3.0-6)
built with OpenSSL 1.1.1d 10 Sep 2019
TLS SNI support enabled
configure arguments: --add-module=/root/incubator-pagespeed-ngx-latest-stable
--with-http_flv_module --with-http_gunzip_module --with-http_gzip_static_module
--with-http_mp4_module --with-http_ssl_module --with-http_stub_status_module
--with-pcre-jit --with-http_secure_link_module --with-http_v2_module
--with-http_realip_module --with-stream_geoip_module --http-scgi-temp-path=/tmp
--http-uwsgi-temp-path=/tmp --http-fastcgi-temp-path=/tmp
--http-proxy-temp-path=/tmp --http-log-path=/var/log/nginx/access
--error-log-path=/var/log/nginx/error --pid-path=/var/run/nginx.pid
--conf-path=/etc/nginx/nginx.conf --sbin-path=/usr/sbin --prefix=/usr
--with-threads
server {
listen 19994 backlog=90000 ssl;
listen 29994 backlog=90000 ;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_certificate /etc/nginx/ao3_fanlore_2020-2021.crt;
ssl_certificate_key /etc/nginx/ao3_fanlore_2020-2021.key;
ssl_prefer_server_ciphers on;
ssl_ciphers "ECDH+AESGCM DH+AESGCM ECDH+AES256 DH+AES256 ECDH+AES128
DH+AES ECDH+3DES DH+3DES RSA+AES RSA+3DES !ADH !AECDH !RC4 !aNULL !eNULL !LOW
!3DES !MD5 !EXP !PSK !SRP !DSS";
ssl_dhparam /etc/nginx/dhparams.pem ;
add_header Strict-Transport-Security "max-age=120;";
proxy_http_version 1.1;
proxy_headers_hash_bucket_size 4096 ;
proxy_set_header Connection "";
client_max_body_size 4G;
keepalive_timeout 5;
server_name media.archiveofourown.org media.transformativeworks.org ;
root /var/www/media;
location / {
access_log off;
autoindex on;
}
}
When I try and download a larger than average file It fails, it fails in the
same way if I try and us the internal ip address and port directly rather than
via the haproxy ( firewall ) etc. I believe the issue does occur with more than
just large downloads.
grep "already active" /var/log/nginx/error.log | wc -l
58
curl -v -o foo.zip
http://media.archiveofourown.org/ao3/stats/2021/02/26/20210226-stats.zip
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
0 0 0 0 0 0 0 0 --:--:-- --:--:-- --:--:-- 0*
Trying 208.85.241.157:80...
* TCP_NODELAY set
* Connected to media.archiveofourown.org (208.85.241.157) port 80 (#0)
> GET /ao3/stats/2021/02/26/20210226-stats.zip HTTP/1.1
> Host: media.archiveofourown.org
> User-Agent: curl/7.68.0
> Accept: */*
>
* Mark bundle as not supporting multiuse
< HTTP/1.1 200 OK
< Server: nginx/1.19.6
< Date: Sun, 21 Mar 2021 15:59:02 GMT
< Content-Type: application/zip
< Content-Length: 437117255
< Last-Modified: Sun, 21 Mar 2021 13:11:35 GMT
< ETag: "60574607-1a0de147"
< Strict-Transport-Security: max-age=120;
< Cache-Control: s-maxage=10
< Accept-Ranges: bytes
<
{ [1124 bytes data]
0 416M 0 11260 0 0 48119 0 2:31:24 --:--:-- 2:31:24 47914*
transfer closed with 436592967 bytes remaining to read
0 416M 0 512k 0 0 722k 0 0:09:51 --:--:-- 0:09:51 721k
* Closing connection 0
curl: (18) transfer closed with 436592967 bytes remaining to read
_______________________________________________
nginx mailing list
nginx@nginx.org
http://mailman.nginx.org/mailman/listinfo/nginx
