Home / server / Questions / 804934
In Process
Michael Cole
Asked: 2016-09-24 04:53:27 +0800 CST

why does nginx need to be restarted?

  • 772

Ubuntu 16.04 starts nginx on boot. It's configured to proxy several dev websites on localhost. These sites are not running when nginx starts the first time.

If I start the websites and browse to https://dev.mysite.com (configured in etc/hosts), the browser says connection refused. Then I restart nginx and they connect. Why refused the first time?

☀  ps aux | grep nginx
root      1805  0.0  0.0 129336  2348 ?        Ss   Sep22   0:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on;
... other processes

☔  sudo /usr/sbin/nginx -T
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:
user www-data;
worker_processes auto;
pid /run/nginx.pid;

... details

server {
    listen 80;
    return 307 https://$http_host$request_uri;
}


# Map hosts -> meteor apps.

map $http_host $backend {
  site1-dev.site.io    http://127.0.0.1:3006;
  site2-dev.site.io    http://127.0.0.1:3000;
  site3-dev.site.io    http://127.0.0.1:3010;
  site4-dev.site.io    http://127.0.0.1:3012;
  site5-dev.site.io    http://127.0.0.1:3014;
}

# Proxy web-socket connections
map $http_upgrade $connection_upgrade {
    default upgrade;
    ''      close;
}

# Serve HTTPS content
server {
    listen 443 ssl http2;
    server_name *.site.io; # this domain must match Common Name (CN) in the SSL certificate

    ssl_certificate /etc/ssl/site.crt;
    ssl_certificate_key /etc/ssl/site.key;

    # performance enhancement for SSL
    ssl_session_cache shared:SSL:10m;
    ssl_session_timeout 5m;

    # safety enhancement to SSL: make sure we actually use a safe cipher
    ssl_prefer_server_ciphers on;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;   # don’t use SSLv3 ref: POODLE

    # Forward secrecy
    ssl_dhparam /etc/ssl/dhparam.pem;

    add_header Strict-Transport-Security "max-age=31536000;";

    # pass all requests to Node
    location / {
        proxy_pass $backend;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade; # allow websockets
        proxy_set_header Connection $connection_upgrade;
        proxy_set_header X-Forwarded-For $remote_addr; # preserve client IP
        add_header Cache-Control no-cache;  
    }
}

Easy peasy, but my browser won't connect to them unless I restart nginx:

☀  sudo service nginx start
☔  sudo /usr/sbin/nginx -T
... Same output, but now browser can connect

Is it a big deal? No. It's just an extra damn step and I don't understand why. I can kill/restart the websites, and never need to restart nginx after the first time.

Why does nginx start, then need to be restarted?

Update:

So, computer boots, login, then time for work: ☔ sudo netstat -tulpen|grep nginx (no output) ☔ ps aux | grep nginx root 1843 0.0 0.0 129336 2320 ? Ss 08:53 0:00 nginx: master process /usr/sbin/nginx -g daemon on; master_process on; (workers follow) ☔ sudo /usr/sbin/nginx -T
(no output)

Then a restart sudo service nginx restart: ☀ sudo netstat -tulpen|grep nginx tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 0 167492 15135/nginx -g daem tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 0 167493 15135/nginx -g daem

I looked at this, but don't see the "bind" errors in the logs.

ubuntu nginx

0 Answers