Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

QST: nginx traffic doesn't show full nginx sites #313

Open
shape-of-snowflake opened this issue Jan 5, 2025 · 0 comments
Open

QST: nginx traffic doesn't show full nginx sites #313

shape-of-snowflake opened this issue Jan 5, 2025 · 0 comments
Labels
question

Comments

@shape-of-snowflake
Copy link

Question about this module

nginx traffic doesn't show full nginx sites, I have a lot of nginx sites, but it only records traffic for a few sites. (even when fetched by json)

image
image

Installed Versions

server {
listen 80;
server_name www.slotkingchris.com;
return 301 $scheme://slotkingchris.com$request_uri;
}

server {
listen 80;
server_name slotkingchris.com;
add_header Strict-Transport-Security max-age=15768000 always;

location / {
    return 301 https://$server_name$request_uri;
}

location /.well-known/acme-challenge/ {
    return 302 https://bluemaxcloud.io$request_uri;
}

}

server {
listen 443 ssl http2;
server_name www.slotkingchris.com;
ssl_certificate /opt/ssl_certs/slotkingchris.com_16.cert;
ssl_certificate_key /opt/ssl_certs/slotkingchris.com_16.key;

ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256';
ssl_session_cache shared:SSL:10m;

return 301 $scheme://slotkingchris.com$request_uri;

}

server {
listen 443 ssl http2;
server_name slotkingchris.com;

ssl_certificate /opt/ssl_certs/slotkingchris.com_16.cert;
ssl_certificate_key /opt/ssl_certs/slotkingchris.com_16.key;

ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256';
ssl_session_cache shared:SSL:10m;

access_log /var/log/nginx/access_slotkingchris.com.log custom_log;
error_log /var/log/nginx/error_slotkingchris.com.log;

proxy_buffers 16 80k;
proxy_buffer_size 148k;
client_max_body_size 100m;
keepalive_timeout 500s;
proxy_read_timeout 500s;

proxy_set_header X-Odoo-Dbfilter ousobcc;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;

vhost_traffic_status_filter_by_set_key $geoip_country_code traffic_by_country::$server_name;
vhost_traffic_status_filter_by_set_key $filter_user_agent traffic_by_agent::$server_name;
vhost_traffic_status_filter_by_set_key $status traffic::$server_name;

location / {
    proxy_connect_timeout 10s;
    proxy_read_timeout 6h;
    proxy_buffering on;
    proxy_redirect off;
    proxy_intercept_errors on;
    proxy_pass http://144.202.74.100:10000;
}

location ~* /[0-9a-zA-Z_]*/static/ {
    proxy_cache_valid 200 60m;
    expires 432000;
    proxy_buffering on;
    proxy_pass http://144.202.74.100:10000;
}

location /longpolling {
    proxy_pass http://144.202.74.100:10000;
}
location /websocket {
    proxy_pass http://144.202.74.100:10000;
    proxy_redirect off;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection $connection_upgrade;
}

}

Reproducible Example nginx.conf

user nginx;
worker_processes auto;
pid /var/run/nginx.pid;
include /etc/nginx/modules-enabled/*.conf;
load_module "/etc/nginx/modules/ngx_http_geoip_module.so";

events {
worker_connections 768;
# multi_accept on;
}

http {
server_names_hash_bucket_size 128;
log_format custom_log '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
geoip_country /usr/share/GeoIP/GeoIP.dat;

vhost_traffic_status_zone;
map $http_user_agent $filter_user_agent {
    default 'unknown';
    ~iPhone ios;
    ~Android android;
    ~(MSIE|Mozilla) PC/laptop;
    ~*(bot|crawl|spider) Bot;
    ~(python|Python) python;
}
map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

vhost_traffic_status_filter_by_set_key $geoip_country_code traffic_by_country::all_site;
vhost_traffic_status_filter_by_set_key $filter_user_agent traffic_by_agent::all_site;
vhost_traffic_status_dump /var/log/nginx/vts.db;

##
# Basic Settings
##

sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
# server_tokens off;

# server_names_hash_bucket_size 64;
# server_name_in_redirect off;

include /etc/nginx/mime.types;
default_type application/octet-stream;

ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

gzip on;


server {
    listen 80 default_server;
    listen [::]:80 default_server;

    root /etc/nginx/html;
    server_name nginx_server;

    vhost_traffic_status_filter_by_set_key $geoip_country_code country::$server_name;

    location /nginx_site_traffic {
        # don't edit this.
        add_header Access-Control-Allow-Origin *;
       
        vhost_traffic_status_display;
        vhost_traffic_status_display_format html;
    }
}

include /etc/nginx/sites-enabled/*;

}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
question
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@shape-of-snowflake