Nginx limit proxy Nginx module to create your own hosting service
Project hosted by
Get Nginx Limit Proxy at Fast, secure and Free Open Source software downloads

Configurating main server


Server will attempt to read /etc/limit_master_server.conf and there you should move config file.
You may also run server with config file name as first argument, for example ./server myconf.conf

Configuration Content bellow can be also found in configuring_system.txt located in /doc/ directory of local and main server source

You may use # and // for single line comments and /* */ for block comments. You may use " " for strings containing white characters.

main_server_port PORT
Sets main server port. Same port have to be set in all local servers that are going to connect to this one.
Default port is 8005
rules_file FILENAME
Sets path (with filename) to rules file. Content of rules file will be described later
Default file is "rules.txt"
Sets path to directory where server will store databases. It must be read-write accessable. Path should end with /, if it's not, content after / will be used as db-prefix
Default path is "./db/"
How offen should servers synchronize their content.
By default, this is set to 300 seconds (5 minutes)
daemonize 1/0
Tells whenever server should daemonize (deattach from console). By default, it will not. Use 1 to deattach.
log_error PATH
Path to error output file, if not set stderr will be used
log_common PATH
Path to other logs output fire, if not set stdout will be used
self_index INDEX
Sets this server index. Related with master replicas.
replica_retry_sleep DELAY
Defines delay (in seconds) between reconnection attempts. Must be greater then zero. Default delay is 2 seconds
replica_list PATH
Defines path to file containing list of copy servers. Server will attempt to connect to every server from this list. Server will not connect to server with index equal to self_index
If not set, server will not start replication subsystem.

Configuring rules file in master server

This configuration is loaded from file set in main server configuration entry rules_file
This file contains current rules for servers. It is read after main server startup, or after it receives SIGUSR1.

Each rule begins with source and destination and then rule configuration.

UID stands for $limit_proxy_xuid variable set by nginx while DST is HTTP "Host" field.

Possible combinations include:

    UID		DST
    UID		*
    *		DST
    *		*

Most important rule, as it defines computation unit. UID * is equal to UID DST for each * DST in configuration.
* *
Special rule, same behavior as * DST. It must be defined as default behavior, but it's executed only if no other rule applies.
Additionally DST may begin or end (or both) with wildcard *.

All matching rules are executed, so it's generally good idea not to write overlapping rules.

After source and destination definition goes rule type which might be:

For UID * and UID DST this mean that this UID may never access this resource. for * DST it means that this resource is not available as long as no ALLOW rules apply to same host.
Similar to DENY, but ALLOW is stronger then DENY (if two rules overlap one with ALLOW and one with DENY, ALLOW will be chosen).

After ALLOW you need to set zone index.
If you are not using traffic zones, set this to 0 or 255
If applied to UID * and UID DEST requires zone index and then 3 traffic numbers, standing for traffic limit monthly, for day and 15 minutes. If you are not using traffic zones, set zone index to 0 or 255

If applied to * DST requires zone index and then 4 numbers, first standing for time and followed by three numbers like described above. Time parameter is used to deleted stored users whose last access time is too old. This must be chosen wisely, as attempt to read not existing user results in question to main server, while storing too many users takes much memory. If you are not using traffic zones, set zone index to 0 or 255
Requires zone index followed by 3 numbers limits total traffic used by destination (sum of all requests from all users). Three numbers are again monthly, daily and 15-minute limits.
Combination of CHECK and HOSTING requiring zone index followed by 4 numbers (as in CHECK) and then 3 numbers (as in HOSTING). 8 numbers totally are required. If you are not using traffic zones, set zone index to 0 or 255.

Each traffic zone you set in rules must be also defined in all nginx servers using this rules. Otherwise, HTTP INTERNAL_SERVER_ERROR will be send to user.

Additionally, time field might be followed by m for minutes, h for hours and d for days. Field without any tailing means seconds.

Traffic field might be followed by k for kilobytes, m for megabytes and g for gigabytes.

Rules are count sensitive rather than line sensitive. It means that if you won't follow config variable with correct number of parameters server won't detect this.

Configuring replication list


This file sets list of replica servers. Each server will have same copy of current database. New servers will however, not fetch stored entries from master database.

This provides a fail safe mechanism for local servers. You need to use it with Heartbeat or similar software.

replica_list file contains list of servers in following form:

Index	IP/Domain	Port
replica_list must be exacly the same on all servers.

Each server will attempt to connect to all servers from list. It will not connect to itself.

All replicated servers must use same rule set. If this condition isn't met when master is switched, behaviour is undefined.

Local servers should always connect to one server. Main server with connected local servers is master and all other are replica. If multiple servers have users connected, one with lower index is elected to master and all other servers forcefully close connections to their locals.