Input How to compile NGINX with additional modules ( pagespeed / cache_purge / headers-more / and others )

[learning_curve]

o.k.... pls. get some coffee/tee ( I mean here: pls. have a short break from your computer ), as you seem to miss a very decent, essential part here:

No, don't worry we fully understand it. Maybe it's just our style of writing messages

If you changed something in your serverwide "nginx.conf" ( added/modified settings for pagespeed and/or brotli, or any other depending additional module ), you will certainly have to REMOVE such addings/modifications, before you use the original "sw-nginx" again, as this package is not compiled with these additional modules.

Yes we know and we have done already (see below)

In case you desire to step back to the original "sw-nginx" - package, you would certainly use your previous configuration files ( which you certainly created as a backup, BEFORE you modify your serverwide "nginx.conf", as this is a standart administration task! )

Yes, that was always clear and was an easy job

If you updated/upgraded/patched your own compiled nginx with the "sw-nginx" - package from Plesk, you will certainly have to RECOMPILE your very own nginx version again, as the update/upgrade/patch will as well overwrite the binary "/usr/sbin/nginx", which you replaced with the last step of your compilation process "make install"

That's the most useful re-affirmation for us and others really, so thanks for that.
The Lock setting within the panel is actually ignored, despite the GUI visual confirmation mentioned previously.
So we are back to the Official Plesk "sw-nginx" now, with all previous settings restored and fully operational.
We'll run the process again, re-compile and move back to our own compiled "sw-nginx" shortly.
No problem really, once the 'Lock" panel setting challenge was / is now fully understood

 

[UFHH01]

Hi learning_curve,

maybe you missed another important part of my tutorial?

Pls. consider to setup the Plesk - package "sw-nginx" to "hold" in your software - package manager, in order to avoid automatic updates/upgrades/patches from Plesk for this package!
( Pls. see for informations and examples: => How to stop packages from being updated in Linux | Linuxaria )​

Just for your ( personal ) informations:

Maybe it's just our style of writing messages

I was just a little bit concerned, that "you might not see the tree in the woods" ( I don't know, if you know this and I don't even know if it makes sense in english - it was translated from german by me ), as your questions and statements leads me to think, that you overread as well the depending error message(s), which you get after using "nginx -t" - as this will immidiately point you to possible misconfigurations within your nginx - configuration files.

 

[learning_curve]

...maybe you missed another important part of my tutorial? How to stop packages from being updated in Linux | Linuxaria https://linuxaria.com/pills/how-to-stop-package-from-being-updated-in-linux

Ahhh we understand why you posted what you did now. Torschlusspanik!
Joking aside though, Yes we did read that and we then said this, in #73 afterwards:

As per the final note in the tutorial, we have locked "sw-nginx" from any further updates via our Plesk Panel GUI which we are confident is the same as hold - see attached image (hold is the word that's actually written in the tutorial)

What your post does now is confrm to us these are NOT exactly the same.
Again, that's no problem at all now we undestood that clearly.
It does make the Lock option on the panel seem a bit pointless though, unless it's designed to work only on NON-Plesk items

I was just a little bit concerned, that "you might not see the tree in the woods" ( I don't know, if you know this and I don't even know if it makes sense in english - it was translated from german by me ), as your questions and statements leads me to think, that you overread as well the depending error message(s), which you get after using "nginx -t" - as this will immidiately point you to possible misconfigurations within your nginx - configuration files.

It may have been '...can't see the wood for the trees' but we don't speak any German anyway, so don't worry. We always remember Torschlusspanik because there is no direct English translation of this German word and it's a great expression!

To try and explain this last situation clearer and finish this now:
After running Upgrade #26 the panel reported a) when the reality (i.e. the command line) reported b)
Using the lock option within the panel and not your LINK as explained above, was the reason why
b) had the correct error messages, but obvioulsy these contradicted a) at that time
The update is that a) and b) now report the same (as in the official Plesk "sw-nginx" & it's status) with no error messages and it's all successfully live. We'll run through the tutorial and recompile again now, accordingly.

 

[learning_curve]

.....We'll run through the tutorial and recompile again now, accordingly

Which we've just completed and, just as per the first time we ran through that great tutorial, it's all worked perfectly and we're live again, with our latest self-compiled "sw-nginx" and all its added extras Thanks again @UFHH01

 

[Allan]

not work here, debian 8, OVH VPS Cloud

root@vps:~/addons/nginx/nginx-1.13.6# ./configure --prefix=/etc/nginx \
> --sbin-path=/usr/sbin/nginx \
> --conf-path=/etc/nginx/nginx.conf \
> --error-log-path=/var/log/nginx/error.log \
> --http-log-path=/var/log/nginx/access.log \
> --lock-path=/var/lock/nginx.lock \
> --pid-path=/var/run/nginx.pid \
> --http-client-body-temp-path=/var/lib/nginx/body \
> --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
--http-scgi-temp-path=/var/lib/nginx/scgi \
> --http-proxy-temp-path=/var/lib/nginx/proxy \
> --http-scgi-temp-path=/var/lib/nginx/scgi \
> --http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
> --user=nginx \
> --group=nginx \
> --with-debug \
> --with-file-aio \
> --with-google_perftools_module \
> --with-mail \
> --with-mail_ssl_module \
> --with-threads \
> --with-select_module \
--with-stream \
> --with-stream \
> --with-stream_ssl_module \
> --with-http_addition_module \
> --with-http_auth_request_module \
> --with-http_dav_module \
> --with-http_flv_module \
> --with-http_geoip_module \
> --with-http_gunzip_module \
> --with-http_gzip_static_module \
> --with-http_image_filter_module \
> --with-http_mp4_module \
> --with-http_perl_module \
> --with-http_random_index_module \
> --with-http_realip_module \
> --with-http_secure_link_module \
> --with-http_stub_status_module \
> --with-http_sub_module \
> --with-http_ssl_module \
> --with-http_v2_module \
--with-http_xslt_module \
> --with-http_xslt_module \
> --with-poll_module \
> --with-openssl=/usr/share/openssl \
> --with-openssl-opt=enable-tls1_3 \
> --add-module=/usr/share/nginx/modules/ngx_brotli \
> --add-module=/usr/share/nginx/modules/ngx_pagespeed-1.12.34.3-stable \
> --add-module=/usr/share/passenger/ngx_http_passenger_module \
> --add-module=/usr/share/nginx/modules/ngx_cache_purge-2.3 \
> --add-module=/usr/share/nginx/modules/ngx_coolkit-0.2 \
> --add-module=/usr/share/nginx/modules/ngx_slowfs_cache-1.10 \
> --add-module=/usr/share/nginx/modules/ngx_headers-more-0.32
checking for OS
+ Linux 3.16.0-4-amd64 x86_64
checking for C compiler ... found
+ using GNU C compiler
+ gcc version: 4.9.2 (Debian 4.9.2-10)
checking for gcc -pipe switch ... found
checking for -Wl,-E switch ... found
checking for gcc builtin atomic operations ... found
checking for C99 variadic macros ... found
checking for gcc variadic macros ... found
checking for gcc builtin 64 bit byteswap ... found
checking for unistd.h ... found
checking for inttypes.h ... found
checking for limits.h ... found
checking for sys/filio.h ... not found
checking for sys/param.h ... found
checking for sys/mount.h ... found
checking for sys/statvfs.h ... found
checking for crypt.h ... found
checking for Linux specific features
checking for epoll ... found
checking for EPOLLRDHUP ... found
checking for EPOLLEXCLUSIVE ... not found
checking for O_PATH ... found
checking for sendfile() ... found
checking for sendfile64() ... found
checking for sys/prctl.h ... found
checking for prctl(PR_SET_DUMPABLE) ... found
checking for crypt_r() ... found
checking for sys/vfs.h ... found
checking for poll() ... found
checking for /dev/poll ... not found
checking for kqueue ... not found
checking for crypt() ... not found
checking for crypt() in libcrypt ... found
checking for F_READAHEAD ... not found
checking for posix_fadvise() ... found
checking for O_DIRECT ... found
checking for F_NOCACHE ... not found
checking for directio() ... not found
checking for statfs() ... found
checking for statvfs() ... found
checking for dlopen() ... not found
checking for dlopen() in libdl ... found
checking for sched_yield() ... found
checking for sched_setaffinity() ... found
checking for SO_SETFIB ... not found
checking for SO_REUSEPORT ... found
checking for SO_ACCEPTFILTER ... not found
checking for SO_BINDANY ... not found
checking for IP_BIND_ADDRESS_NO_PORT ... not found
checking for IP_TRANSPARENT ... found
checking for IP_BINDANY ... not found
checking for IP_RECVDSTADDR ... not found
checking for IP_SENDSRCADDR ... not found
checking for IP_PKTINFO ... found
checking for IPV6_RECVPKTINFO ... found
checking for TCP_DEFER_ACCEPT ... found
checking for TCP_KEEPIDLE ... found
checking for TCP_FASTOPEN ... found
checking for TCP_INFO ... found
checking for accept4() ... found
checking for kqueue AIO support ... not found
checking for Linux AIO support ... found
checking for int size ... 4 bytes
checking for long size ... 8 bytes
checking for long long size ... 8 bytes
checking for void * size ... 8 bytes
checking for uint32_t ... found
checking for uint64_t ... found
checking for sig_atomic_t ... found
checking for sig_atomic_t size ... 4 bytes
checking for socklen_t ... found
checking for in_addr_t ... found
checking for in_port_t ... found
checking for rlim_t ... found
checking for uintptr_t ... uintptr_t found
checking for system byte ordering ... little endian
checking for size_t size ... 8 bytes
checking for off_t size ... 8 bytes
checking for time_t size ... 8 bytes
checking for AF_INET6 ... found
checking for setproctitle() ... not found
checking for pread() ... found
checking for pwrite() ... found
checking for pwritev() ... found
checking for sys_nerr ... found
checking for localtime_r() ... found
checking for posix_memalign() ... found
checking for memalign() ... found
checking for mmap(MAP_ANON|MAP_SHARED) ... found
checking for mmap("/dev/zero", MAP_SHARED) ... found
checking for System V shared memory ... found
checking for POSIX semaphores ... not found
checking for POSIX semaphores in libpthread ... found
checking for struct msghdr.msg_control ... found
checking for ioctl(FIONBIO) ... found
checking for struct tm.tm_gmtoff ... found
checking for struct dirent.d_namlen ... not found
checking for struct dirent.d_type ... found
checking for sysconf(_SC_NPROCESSORS_ONLN) ... found
checking for openat(), fstatat() ... found
checking for getaddrinfo() ... found
configuring additional modules
adding module in /usr/share/nginx/modules/ngx_brotli
+ ngx_brotli was configured
adding module in /usr/share/nginx/modules/ngx_pagespeed-1.12.34.3-stable

You have set --with-debug for building nginx, but precompiled Debug binaries for
PSOL, which ngx_pagespeed depends on, aren't available. If you're trying to
debug PSOL you need to build it from source. If you just want to run nginx with
debug-level logging you can use the Release binaries.

Use the available Release binaries? [Y/n] n
./configure: 158: /usr/share/nginx/modules/ngx_pagespeed-1.12.34.3-stable/config: [[: not found
./configure: 158: /usr/share/nginx/modules/ngx_pagespeed-1.12.34.3-stable/confign: not found
mod_pagespeed_dir=/usr/share/nginx/modules/ngx_pagespeed-1.12.34.3-stable/psol/include
build_from_source=false
checking for psol ... found
List of modules (in reverse order of applicability): ngx_http_write_filter_module ngx_http_header_filter_module ngx_http_chunked_filter_module ngx_http_v2_filter_module ngx_http_range_header_filter_module ngx_pagespeed_etag_filter ngx_http_gzip_filter_module ngx_http_brotli_filter_module ngx_pagespeed ngx_http_postpone_filter_module ngx_http_ssi_filter_module ngx_http_charset_filter_module ngx_http_xslt_filter_module ngx_http_image_filter_module ngx_http_sub_filter_module ngx_http_addition_filter_module ngx_http_gunzip_filter_module ngx_http_userid_filter_module ngx_http_headers_filter_module
checking for psol-compiler-compat ... found
+ ngx_pagespeed was configured
adding module in /usr/share/passenger/ngx_http_passenger_module
./configure: error: no /usr/share/passenger/ngx_http_passenger_module/config was found
root@vps154381:~/addons/nginx/nginx-1.13.6# make
make: *** No rule to make target 'build', needed by 'default'. Stop.
root@vps:~/addons/nginx/nginx-1.13.6#

 

[IgorG]

./configure: error: no /usr/share/passenger/ngx_http_passenger_module/config was found

Make sure that you have installed passenger-dev package.

 

[Dukemaster]

Hello, my good virtual reality friend @UFHH01 ,
it's time to thank You again. For what?
For this amazing tutorial. I use it since two months with REDIS (4.0.8).
It's incredible.
The following setup works like a charm and will be stable in few days.
Your great tutorial is ready to be updated.
IMPORTANT CHANGE: Using pagespeed off is deprecated now and causes failures by compiling if set during update. My first update failed because I deactivated pagespeed during update.
Off was replaced Standby - Pagespeed off is deprecated now and was replaced by pagespeed standby.
And it is necessary to make the pre-installation of uuid-dev
-->

apt-get install build-essential zlib1g-dev libpcre3 libpcre3-dev unzip uuid-dev

This night I made the final and successful upgrade with NGINX 1.13.12 and NGX_PAGESPEED-1.13.35.2-stable (also published as stable in GIT).
New name and download path in GIT:
incubator-pagespeed-ngx-1.13.35.2-stable
https://github.com/apache/incubator-pagespeed-ngx/archive/v1.13.35.2-stable.tar.gz
Also PSOL was updated now: https://dl.google.com/dl/page-speed/psol/1.13.35.2-x64.tar.gz
One module was updated: ngx_headers-more-0.33
Also another module was updated brotli 1.3
To give You something back, of your hard work:
Honors to amazing @UFHH01 for this tutorial ...

mkdir -p /root/addons/nginx && cd /root/addons/nginx
wget http://nginx.org/download/nginx-1.13.12.tar.gz
tar -xvf nginx-1.13.12.tar.gz
cd /root/addons/nginx/nginx-1.13.12

wget https://github.com/FRiCKLE/ngx_cache_purge/archive/2.3.tar.gz
wget https://github.com/FRiCKLE/ngx_coolkit/archive/0.2.tar.gz
wget https://github.com/FRiCKLE/ngx_slowfs_cache/archive/1.10.tar.gz
wget https://github.com/openresty/headers-more-nginx-module/archive/v0.33.tar.gz
wget https://github.com/apache/incubator-pagespeed-ngx/archive/v1.13.35.2-stable.tar.gz

mv 2.3.tar.gz ngx_cache_purge-2.3.tar.gz
tar -xvf ngx_cache_purge-2.3.tar.gz
mv 0.2.tar.gz ngx_coolkit-0.2.tar.gz
tar -xvf ngx_coolkit-0.2.tar.gz
mv 1.10.tar.gz ngx_slowfs_cache-1.10.tar.gz
tar -xvf ngx_slowfs_cache-1.10.tar.gz
mv v0.33.tar.gz ngx_headers-more-v0.33.tar.gz
tar -xvf ngx_headers-more-v0.33.tar.gz
mv headers-more-nginx-module-0.33 ngx_headers-more-0.33
tar -xzf v1.13.35.2-stable.tar.gz
cd incubator-pagespeed-ngx-1.13.35.2-stable
wget https://dl.google.com/dl/page-speed/psol/1.13.35.2-x64.tar.gz
tar -xzvf 1.13.35.2-x64.tar.gz
rm 1.13.35.2-x64.tar.gz
cd ..
rm *.gz

4. Here is a NEW part ( implemented "Google brotli"

cd /usr/share/nginx/modules
git clone google/ngx_brotli
cd ngx_brotli/
git submodule update --init --recursive

5. Here is a NEW part ( implemented "OpenSSL 1.1.1-dev" support, so that TLSv1.3 ciphers can be used
(Feel free to replace "18" also with the newer "19". It works, but Qualys supports in the tests only version 18)

cd /usr/share
git clone openssl
cd openssl
git checkout tls1.3-draft-18

./config shared enable-tls1_3 --prefix=/usr/share/openssl --openssldir=/usr/share/openssl -Wl,-rpath,'$(LIBRPATH)'

cd /root/addons/nginx/nginx-1.13.12
mkdir -p /usr/share/nginx/modules/ngx_cache_purge-2.3
rsync -r /root/addons/nginx/nginx-1.13.12/ngx_cache_purge-2.3/* /usr/share/nginx/modules/ngx_cache_purge-2.3
mkdir -p /usr/share/nginx/modules/ngx_coolkit-0.2
rsync -r /root/addons/nginx/nginx-1.13.12/ngx_coolkit-0.2/* /usr/share/nginx/modules/ngx_coolkit-0.2
mkdir -p /usr/share/nginx/modules/ngx_slowfs_cache-1.10
rsync -r /root/addons/nginx/nginx-1.13.12/ngx_slowfs_cache-1.10/* /usr/share/nginx/modules/ngx_slowfs_cache-1.10
mkdir -p /usr/share/nginx/modules/ngx_headers-more-0.33
rsync -r /root/addons/nginx/nginx-1.13.12/ngx_headers-more-0.33/* /usr/share/nginx/modules/ngx_headers-more-0.33
mkdir -p /usr/share/nginx/modules/incubator-pagespeed-ngx-1.13.35.2-stable
rsync -r /root/addons/nginx/nginx-1.13.12/incubator-pagespeed-ngx-1.13.35.2-stable/* /usr/share/nginx/modules/incubator-pagespeed-ngx-1.13.35.2-stable

7. As a final step, you would now edit your serverwide "/etc/nginx/nginx.conf" - configuration file and add/edit your own, unique global settings. I recommend at least these examples, to profit from your unique nginx - compilation:

For "brotli":

brotli on;
brotli_static on;
brotli_types text/html text/plain text/css application/javascript application/x-javascript text/xml application/xml application/xml+rss text/javascript image/x-icon image/vnd.microsoft.icon image/bmp image/svg+xml;
brotli_comp_level 8;

For Google PageSpeed:

        pagespeed on;
        pagespeed LowercaseHtmlNames on;
        pagespeed XHeaderValue "Powered by ngx_pagespeed and UF";
        pagespeed StaticAssetPrefix /static/;
        pagespeed FileCachePath /var/ngx_pagespeed_cache;
        pagespeed PreserveUrlRelativity on;
        pagespeed EnableFilters combine_css,rewrite_css,move_css_above_scripts,combine_javascript,rewrite_javascript;
        pagespeed EnableFilters lazyload_images,inline_preview_images,resize_mobile_images,inline_google_font_css,rewrite_style_attributes;
        pagespeed EnableFilters prioritize_critical_css,make_google_analytics_async,outline_css,outline_javascript,move_css_to_head;
        pagespeed EnableFilters include_js_source_maps,canonicalize_javascript_libraries,local_storage_cache,convert_to_webp_lossless,insert_image_dimensions;
        pagespeed EnableFilters elide_attributes,extend_cache_pdfs,sprite_images,trim_urls,pedantic;
        pagespeed EnableFilters remove_quotes,dedup_inlined_images,insert_dns_prefetch,remove_comments,collapse_whitespace;
        pagespeed EnableFilters in_place_optimize_for_browser;

don't forget, to setup your NEW ciphers lists at "/etc/nginx/conf.d/ssl.conf" as for example: NEW ssl config & ciphers by @virtubox

ssl_protocols TLSv1.3 TLSv1.2;
ssl_ciphers 'TLS13-AES-256-GCM-SHA384:TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-128-GCM-SHA256:TLS13-AES-128-CCM-8-SHA256:TLS13-AES-128-CCM-SHA256:EECDH+CHACHA20:EECDH+AESGCM:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_CCM_8_SHA256:TLS_AES_128_CCM_SHA256:TLS_AES_256_GCM_SHA384';
ssl_prefer_server_ciphers on;
ssl_ecdh_curve X25519:sect571r1:secp521r1:secp384r1;

./configure --prefix=/etc/nginx \
    --sbin-path=/usr/sbin/nginx \
    --conf-path=/etc/nginx/nginx.conf \
    --error-log-path=/var/log/nginx/error.log \
    --http-log-path=/var/log/nginx/access.log \
    --lock-path=/var/lock/nginx.lock \
    --pid-path=/var/run/nginx.pid \
    --http-client-body-temp-path=/var/lib/nginx/body \
    --http-fastcgi-temp-path=/var/lib/nginx/fastcgi \
    --http-proxy-temp-path=/var/lib/nginx/proxy \
    --http-scgi-temp-path=/var/lib/nginx/scgi \
    --http-uwsgi-temp-path=/var/lib/nginx/uwsgi \
    --user=nginx \
    --group=nginx \
    --with-debug \
    --with-file-aio \
    --with-google_perftools_module \
    --with-mail \
    --with-mail_ssl_module \
    --with-threads \
    --with-select_module \
    --with-stream \
    --with-stream_ssl_module \
    --with-http_addition_module \
    --with-http_auth_request_module \
    --with-http_dav_module \
    --with-http_flv_module \
    --with-http_geoip_module \
    --with-http_gunzip_module \
    --with-http_gzip_static_module \
    --with-http_image_filter_module \
    --with-http_mp4_module \
    --with-http_perl_module \
    --with-http_random_index_module \
    --with-http_realip_module \
    --with-http_secure_link_module \
    --with-http_stub_status_module \
    --with-http_sub_module \
    --with-http_ssl_module \
    --with-http_v2_module \
    --with-http_xslt_module \
    --with-poll_module \
    --with-openssl=/usr/share/openssl \
    --with-openssl-opt=enable-tls1_3 \
    --add-module=/usr/share/nginx/modules/ngx_brotli \
    --add-module=/usr/share/nginx/modules/incubator-pagespeed-ngx-1.13.35.2-stable \
    --add-module=/usr/share/passenger/ngx_http_passenger_module \
    --add-module=/usr/share/nginx/modules/ngx_cache_purge-2.3 \
    --add-module=/usr/share/nginx/modules/ngx_coolkit-0.2 \
    --add-module=/usr/share/nginx/modules/ngx_slowfs_cache-1.10 \
    --add-module=/usr/share/nginx/modules/ngx_headers-more-0.33

make
make install

Lots of greets

 

[Dukemaster]

Nginx was upgraded to 1.13.8 few days ago (also another Brotli update) and works hilarious again with the awesome contribution of @UFHH01.
Additional I fired the streaming module for Nginx in the compilation of 1.13.8 with Google's Pagespeed and Brotli...to get a little christmas gift for myself...lol...
Streaming server for chat, I'm very interested in realizing it again with low cost sources.
For helping UFHH01 I updated my last posting above with the new values according to point 8 [1.13.8].

Greets

 

[Kingsley]

would love to try it

 

[Dukemaster]

Again another fine working UPDATE for NGX Pagespeed itself and for PSOL. So, I edited my post. Deleted my old Nginx 1.13.8 totally + addons, cleaned the folders, and built it up from source again. Only OpenSSL 1.1.1-dev I left untouched from the recent installation.
I switch pagespeed "on" in the moment I'm ready with installing, testing and restarting nginx. Before updating/installing I always switch to "standby" (former "off") in /etc/nginx/nginx.conf. perhaps it is not necessary, but I will be sure that not corrupted data will be processed.
Greets

 

[Laurence@]

We compiled Nginx with the purge module as outlined in teh tutorial. On a test WP install with the Nginx Helper plugin the purge option is not purging the cache.

The request is in logs:

86.126.75.222 - - [20/Feb/2018:08:59:09 +0000] "GET /?get_feeds=1 HTTP/1.0" 200 430 "https://domain.com/wp-admin/options...one&nginx_helper_urls=all&_wpnonce=5ed6cd3b70" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/604.5.6 (KHTML, like Gecko) Version/11.0.3 Safari/604.5.6"

But it does not erase the files from cache. The cache is created with user nginx, group nginx and only nginx has rwx, not the group. The website runs under its own user so has no access in the cache.

Am I missing something?

 

[virtubox]

We compiled Nginx with the purge module as outlined in teh tutorial. On a test WP install with the Nginx Helper plugin the purge option is not purging the cache.

The request is in logs:

86.126.75.222 - - [20/Feb/2018:08:59:09 +0000] "GET /?get_feeds=1 HTTP/1.0" 200 430 "https://domain.com/wp-admin/options...one&nginx_helper_urls=all&_wpnonce=5ed6cd3b70" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_3) AppleWebKit/604.5.6 (KHTML, like Gecko) Version/11.0.3 Safari/604.5.6"

But it does not erase the files from cache. The cache is created with user nginx, group nginx and only nginx has rwx, not the group. The website runs under its own user so has no access in the cache.

Am I missing something?

You have to set an URL to purge the cache in your additional directives :

   location ^~ /invalidate_cached_url/ {
       allow 127.0.0.1;
       deny all;
       proxy_cache_purge nginx_cache $arg_url;
   }

And then to configure this url in the plugin nginx_helper

 

[Andrei]

I have set the bellow in /var/www/vhosts/system/domain.com/conf/nginx.conf
location ^~ /invalidate_cached_url/ {
allow 127.0.0.1;
deny all;
proxy_cache_purge domain.com_proxy $arg_url;
}

Then in Helper plugin at Custom Purge URL: /invalidate_cached_url/ ...
..still not working.

 

[Laurence@]

Also this is for shared hosting. Having to edit domain specific nginx.conf after each domain creation would be untenable. Needs to be automated.

 

[virtubox]

I have set the bellow in /var/www/vhosts/system/domain.com/conf/nginx.conf
location ^~ /invalidate_cached_url/ {
allow 127.0.0.1;
deny all;
proxy_cache_purge domain.com_proxy $arg_url;
}

Then in Helper plugin at Custom Purge URL: /invalidate_cached_url/ ...
..still not working.

You have to set the same key_zone in your proxy_cache_path and the proxy_cache_purge :

in your http block

proxy_cache_path /var/run/cache levels=1:2 keys_zone=STATIC:75m inactive=24h max_size=512m;
proxy_cache_key $scheme$proxy_host$uri$is_args$args;

in your server block

location ~ /purge(/.*) {
         allow 127.0.0.1;
         proxy_cache_purge STATIC "$scheme$proxy_host$1";
     }

 

[Laurence@]

This has to be done in every /var/www/vhosts/system/domain.com/conf/nginx.conf?

If so is there any way to automate it on domain creation?

 

[MarkM]

Changing Virtual Hosts Settings Using Configuration Templates

 

[Andrei]

domain.com is the real domain name

I have the bellow settings - not woking. Also, I have set /purge/ in to to the Nginx helper plugin - curstom URL.

proxy_cache_path /var/cache/nginx/domain.com_proxy levels=1:2 keys_zone=domain.com_proxy:5m max_size=209715200;
proxy_cache_key "$scheme$request_method$host$request_uri";

 location ~ /purge(/.*) {
                allow 127.0.0.1;
                proxy_cache_purge domain.com_proxy "$scheme$proxy_host$1";

   }

I haev tried also with proxy_cache_purge domain.com_proxy "$scheme$request_method$host$request_uri" - not working.

Since the /var/cache/nginx/domain.com_proxy belongs to user nginx and group nginx with 700 permissions, there is no way to erase files from the cache folder by any user.

All the above is generated by plesk, except the location which is manually added.

In my opinion, the best is to forward this to Plesk dev team: create the proxy_cache_path in to the domai's home like /var/www/vhosts/domain.com/cache with the domai's user as owner and psaserv group with permissions 700. This way the wp site has access to the cache and maybe can erase it.

 

[virtubox]

domain.com is the real domain name

I have the bellow settings - not woking. Also, I have set /purge/ in to to the Nginx helper plugin - curstom URL.

proxy_cache_path /var/cache/nginx/domain.com_proxy levels=1:2 keys_zone=domain.com_proxy:5m max_size=209715200;
proxy_cache_key "$scheme$request_method$host$request_uri";

 location ~ /purge(/.*) {
                allow 127.0.0.1;
                proxy_cache_purge domain.com_proxy "$scheme$proxy_host$1";

   }

I haev tried also with proxy_cache_purge domain.com_proxy "$scheme$request_method$host$request_uri" - not working.

Since the /var/cache/nginx/domain.com_proxy belongs to user nginx and group nginx with 700 permissions, there is no way to erase files from the cache folder by any user.

All the above is generated by plesk, except the location which is manually added.

In my opinion, the best is to forward this to Plesk dev team: create the proxy_cache_path in to the domai's home like /var/www/vhosts/domain.com/cache with the domai's user as owner and psaserv group with permissions 700. This way the wp site has access to the cache and maybe can erase it.

Your issue isn't related to user permissions, nginx workers have the same owner unlike php-fpm pools.
Here the example from the module github repository :

http {
   proxy_cache_path  /tmp/cache  keys_zone=tmpcache:10m;

   server {
       location / {
           proxy_pass         http://127.0.0.1:8000;
           proxy_cache        tmpcache;
           proxy_cache_key    $uri$is_args$args;
       }

       location ~ /purge(/.*) {
           allow              127.0.0.1;
           deny               all;
           proxy_cache_purge  tmpcache $1$is_args$args;
       }
   }
}

 

[Andrei]

If I use

                proxy_cache_key "$scheme$request_method$host$request_uri";

Should I set

proxy_cache_purge domain.com_proxy $1$request_method$host$request_uri

?

I have tried above and is not working.