Nginx only listens on wildcard IP: Changing _HTTP_WILDCARD from YES to NO .. Makes no difference

cnergis's picture

I have a pressing need to dedicate a couple of IP addresses on a server to be outside nginx control. But I cannot get nginx to stop grabbing all the IP addresses in a wildcard.

I tracked the setting responsible to ~root/.barracuda.cnf and changed, then downloaded BOA and applied upgrades to both barracuda and octopus .. even after several restarts of nginx, I still have the same situation. It is claiming all IP addresses on the server.

This is creating a major issue for me right now ..

Hope someone can point me to how I can resolve it quickly.

Thanks in advance ...

PS: On another note, I believe one of the xdrago scripts takes care of aggressively monitoring nginx and restarting it immediately it see its down (probably .. If I wanted to do some maintenance and keep nginx down for some time, what's the quickest way to ensure nginx is not restarted immediately?


Forgot to add

cnergis's picture

I have already walked down all the nginx config files, and followed all the includes .. and removed wildcards in every single one of them (as they are linked) ..

Going forward, it would be idea if there is a config file one can populate to tell BOA components to listen only on a set of predefined IP addresses on a given server.

Perhaps I should I log this as a bug?

cnergis's picture

This situation is not resolved for me, and has created a show-stopping problem for some projects ..

Where it has been possible, we have been able to manage the problem via use of non-standard ports, but this is not really an effective solution ..

Really desperate to get some feedback from the BOA team .. Perhaps I should log this as a bug?

I've never used the option

ar-jan's picture

I've never used the option and don't have any suggestions. You could try pinging @omega8cc on Twitter and linking this thread, but it looks like they are very busy testing the next boa release.

Thanks for responding ..

cnergis's picture

Thanks for responding .. and for trying to help

You should read the

omega8cc's picture

You should read the /root/.barracuda.cnf config file, where it clearly says above the section with _HTTP_WILDCARD variable:

### NOTE: the group of settings displayed bellow will not be overridden
### on upgrade by the Barracuda script nor by this configuration file.
### They can be defined only on initial Barracuda install.

You can't change that on upgrade, because it is hardcoded also in the Aegir internal settings etc. The wildcard mode is Aegir default and you should avoid the old, legacy non-wildcard mode. Just use wildcard listen directive in all custom vhosts outside of Aegir. It shouldn't hurt, I guess, and you can us other methods to restrict access, if needed.

OK .. At least I know this now

cnergis's picture

Thanks for responding, omega8cc ..

Seems like too much trouble to rebuild now on account of this. I guess I will have to consider proxying everything through nginx .. was already seeing that as a possible last resort. Will have to look more in that direction.