Debugging nginx with DTrace pid provider This article assumes the reader has a general knowledge of nginx internals and DTrace. Although nginx built with the --with-debug option already provides a lot of information about request processing, it is sometimes desirable to trace particular parts of code path more thoroughly and at the same time omit the rest of debugging output. DTrace pid provider (available on Solaris, Mac OS X) is a useful tool to explore userland program’s internals, since

Syntax: session_log_format name string ...; Default: session_log_format combined "..."; Context: http Specifies the output format of a log. The value of the $body_bytes_sent variable is aggregated across all requests in a session. The values of all other variables available for logging correspond to the first request in a session.

Syntax: send_timeout time; Default: send_timeout 60s; Context: http, server, location Sets a timeout for transmitting a response to the client. The timeout is set only between two successive write operations, not for the transmission of the whole response. If the client does not receive anything within this time, the connection is closed.

Syntax: uwsgi_ssl_crl file; Default: — Context: http, server, location This directive appeared in version 1.7.0. Specifies a file with revoked certificates (CRL) in the PEM format used to verify the certificate of the secured uwsgi server.

Syntax: geoip_org file; Default: — Context: stream Specifies a database used to determine the organization depending on the client IP address. The following variable is available when using this database: $geoip_org organization name, for example, “The University of Melbourne”.

Syntax: uwsgi_ssl_verify_depth number; Default: uwsgi_ssl_verify_depth 1; Context: http, server, location This directive appeared in version 1.7.0. Sets the verification depth in the secured uwsgi server certificates chain.

Syntax: ssl_protocols [SSLv2] [SSLv3] [TLSv1] [TLSv1.1] [TLSv1.2]; Default: ssl_protocols TLSv1 TLSv1.1 TLSv1.2; Context: stream, server Enables the specified protocols. The TLSv1.1 and TLSv1.2 parameters work only when the OpenSSL library of version 1.0.1 or higher is used.

Syntax: ssl_crl file; Default: — Context: mail, server This directive appeared in version 1.7.11. Specifies a file with revoked certificates (CRL) in the PEM format used to verify client certificates.

Syntax: open_file_cache_valid time; Default: open_file_cache_valid 60s; Context: http, server, location Sets a time after which open_file_cache elements should be validated.

Syntax: fastcgi_store_access users:permissions ...; Default: fastcgi_store_access user:rw; Context: http, server, location Sets access permissions for newly created files and directories, e.g.: fastcgi_store_access user:rw group:rw all:r; If any group or all access permissions are specified then user permissions may be omitted: fastcgi_store_access group:rw all:r;