do you have some suggestions on what to change? sincerely i have not looked into the file...
no module ngx_http_sub_module in nginx 
can't find a way to proxy requests to local servers with relative path without that module..
i can add it if you want
here you pr 
now we need to wait (also when this will be merged, you need to install nginx-all-module if you don't want to compile the package yourself)
1 Like
I have nginx up and running with ssl and it's blazing fast. Thanks for the effort.
I am using "user nobody nogroup;" in my nginx config, and to get that to work I needed the following in my uwsgi.conf:
chmod-socket = 666
I am not necessarily recommending this, more commenting on that I don't like nginx and uwsgi running as root. It may be ok to run nginx as as a different user even though the core process starts (and remains) root.
I do however somewhat want uwsgi running non-root and without the chmod-socket config above. I've been unsuccessful in getting that to work as of yet, but I'm thinking if one ever is to allow their server to be access from the internet it may be wise to have these running non-root.
Anyway, thanks for the work on this. It's great.
the real problem is luci that needs root as far as i know...
have nginx and uwsgi on a dedicated user would be good but i don't think luci permit this cause needs to read and edit root file... (i think one example would be change the root password...)
I think that nginx can be run as user nobody but uwsgi needs to run as root...
actually... nginx with nobody nogroup doesn't create any problem at all...
that option is needed to permit nginx to comunicate to uwsgi socket... think i will create a pr for this...
As I mentioned, I'm not sure that's a great trade-off. Adding that will allow (I think) any process to communicate with the uwsgi socket. Which is less risky, allowing nginx and uwsgi to both run as root, or allow any process to communicate with the uwsgi socket?
well uwsgi comunicate with luci and luci permit to do action only if autenticated so give permission to access uwsgi server (and so to luci interface, doesn't look like a real issue)
A vulnerability with nginx instead can be quite dangerous as nginx runs as root...
damn, that's good!
thanks a lot 
is there a specific order to install this package (well.. as soon as it will be available..) and other packages for luci and nginx with ssl?
thanks!!
First installato nginx-all-modules-all-module then luci-nginx-ssl
It should not install nginx as it's already installed and you are done 
has anyone tried to compile uwsgi on macos? i get an error...
mips-openwrt-linux-musl-gcc: error: unrecognized command line option '-mmacosx-version-min=10.5'
I've recently had another package doing that. This usually happens because some custom configure macros invoke uname on the build system and then set OS X specific flags based on its output when they see Darwin.
Edit: yay for "clever" home grown build scripts. This one uses a custom hacked Python script which obviously is totally cross-compile unaware:
uwsgi_os_k = re.split('[-+_]', os.uname()[2])[0]
and later
if uwsgi_os == 'Darwin':
...
self.cflags.append('-mmacosx-version-min=10.5')
@Ansuel - you'll likely need to patch it and set the uwsgi_os_k and uwsgi_os_v variables to hardcoded Linux values.
do you think i should reset all?
uwsgi_os = os.uname()[0]
uwsgi_os_k = re.split('[-+_]', os.uname()[2])[0]
uwsgi_os_v = os.uname()[3]
uwsgi_cpu = os.uname()[4]
i've just seen the python script myself. i am running (the latest) macos so if you change it i can try to compile the thing... @Ansuel - change all and let's see...
try this
uwsgi_os = os.uname()[0]
uwsgi_os_k = "Linux"#re.split('[-+_]', os.uname()[2])[0]
uwsgi_os_v = "Linux"#os.uname()[3]
uwsgi_cpu = os.uname()[4]
should be sufficent...
Yeah, I suggest to run it once on a Linux machine, print the four variables and then hardcode the observed values using a patch.
nope, not enough. same error so the others need to be set as well...
uwsgi_os think you need to set it to "Linux" too
it works, issue solved. thanks for your help.
2 Likes