Introduction #

Nginx [engine x] is an HTTP and reverse proxy server, a mail proxy server, and a generic TCP/UDP proxy server, originally written by Igor Sysoev. For a long time, it has been running on many heavily loaded Russian sites including Yandex, Mail.Ru, VK, and Rambler.

Basic HTTP server features #

  • Serving static and index files, autoindexing; open file descriptor cache;
  • Accelerated reverse proxying with caching; load balancing and fault tolerance;
  • Accelerated support with caching of FastCGI, uwsgi, SCGI, and memcached servers; load balancing and fault tolerance;
  • Modular architecture. Filters include gzipping, byte ranges, chunked responses, XSLT, SSI, and image transformation filter. Multiple SSI inclusions within a single page can be processed in parallel if they are handled by proxied or FastCGI/uwsgi/SCGI servers;
  • SSL and TLS SNI support;
  • Support for HTTP/2 with weighted and dependency-based prioritization.

Other HTTP server features #

  • Name-based and IP-based virtual servers;
  • Keep-alive and pipelined connections support;
  • Access log formats, buffered log writing, fast log rotation, and syslog logging;
  • 3xx-5xx error codes redirection;
  • The rewrite module: URI changing using regular expressions;
  • Executing different functions depending on the client address;
  • Access control based on client IP address, by password (HTTP Basic authentication) and by the result of subrequest; Validation of HTTP referer;
  • The PUT, DELETE, MKCOL, COPY, and MOVE methods;
  • FLV and MP4 streaming;
  • Response rate limiting;
  • Limiting the number of simultaneous connections or requests coming from one address;
  • IP-based geolocation;
  • A/B testing;
  • Request mirroring;
  • Embedded Perl;
  • njs scripting language.

Mail proxy server features #

  • User redirection to IMAP or POP3 server using an external HTTP authentication server;
  • User authentication using an external HTTP authentication server and connection redirection to an internal SMTP server;
  • SSL support;
  • STARTTLS and STLS support.

NginX and OpenBSD #

Nginx was once the default webserver for OpenBSD and was included in Base. Nginx was imported for OpenBSD 5.1 in September 2011 and was meant as a replacement for the Apache webserver which had been the default webserver since March of 1998. In November 2015, the httpd webserver was included in OpenBSD for version 5.6. This led to the removal of Nginx from OpenBSD Base for versions after that. Since then the best way to install Nginx on OpenBSD is to use ports.

Installation #

Using ports on OpenBSD is transparent in that you use the same command to install Base packages. The pkg_add utility checks but it does require the location of the ports. The pkg_add utility will use the $PKG_PATH variable as the location of the ports.

Set the $PKG_PATH with:

export "PKG_PATH=`uname -r`/packages/`arch -s`/"

To make this location permanent, you can add the export command to your .profile file so that it will be loaded during login.

Now that the location is set, the Nginx package can be installed with pkg_add, just like you would install any other package.

openbsd# pkg_add -v nginx
Update candidates: quirks-3.124 -> quirks-3.182
quirks-3.182 signed on 2019-10-12T12:14:24Z
quirks-3.124->3.182: ok
nginx-1.16.1p0:pcre-8.41p2: ok
nginx-1.16.1p0: ok
Read shared items: ok
The following new rcscripts were installed: /etc/rc.d/nginx
See rcctl(8) for details.
New and changed readme(s):
Extracted 5115604 from 5116963

Next, add the following line to /etc/rc.conf.local, creating the file when it doesn’t exist.


Execute the following command as root to make Nginx start automatically on boot.

rcctl enable nginx

Configuration #

The default configuration will let the Nginx webserver listen on port 80 and will serve files from the /var/www/htdocs/ directory.

The configuration for Nginx is located in /etc/nginx/nginx.conf.

As a quick test, create a file called index.html in the document root:

vi /var/www/htdocs/index.html

Add some HTML:

       Hello World 

Start the webserver.

rcctl start nginx

If you browse to http://IP_ADDRESS/, you should be greeted with the “Hello World” message.