Nginx Notion Proxy

What these configs do:

  • Proxy all traffic from Notion to your custom domain notion.example.tld and deliver it to your clients
  • WebSocket proxy support
  • Image local disk caching support
  • Correct URL rewriting
  • Get access logs from real request IPs

This post is a proof of concept proxying a general XaaS without using any vendor-locked FaaS such as Cloudflare Workers or AWS Lambda.

Continue reading

Nginx Multiple Upstreams with HTTPS Support

This example can make sure all requests to the upstreams are handled via HTTPS.

upstream source.example.tld {
  server s1.example.tld:443;
  server s2.example.tld:443 max_fails=2 fail_timeout=5s;
  server s2.example.tld:443;

server {
    proxy_pass https://source.example.tld/;
    proxy_ssl_protocols     TLSv1.2 TLSv1.3;
    proxy_ssl_verify        off;
    proxy_ssl_session_reuse on;

There is a docker image available, but the setup instructions for this require the container to be ran with the “host” networking mode. The primary reason for this appears to be to allow an Avahi daemon to run in the container and be able to answer responses to mDNS requests, which requires the container to be in the same local network subnet as the device performing the lookup.

Source: Running HomeBridge on Docker without Host Network Mode | Dev With Imagination

Nginx `nodelay` Option in Action

The nodelay option for limit_req can delay excessive requests but it’s not desired in some situations. I just found an intuitive way to show the difference while tweaking the GitHub Avatar proxy.

Every grid is an image loaded from GitHub avatar.

With nodelay:

Without nodelay:

So in my use case with nodelay option can make clients feel faster loading. But may hit request limit more easily. Without nodelay keep excessive requests in the burst bucket and load them in sequence. But clients may feel slow.

Remove Tencent Cloud (QCloud) Cloud Monitor

bash /usr/local/qcloud/stargate/admin/
bash /usr/local/qcloud/YunJing/
bash /usr/local/qcloud/monitor/barad/admin/

rm -rf /usr/local/sa
rm -rf /usr/local/agenttools
rm -rf /usr/local/qcloud

process=(sap100 secu-tcs-agent sgagent64 barad_agent agent agentPlugInD pvdriver )
for i in ${process[@]}
  for A in $(ps aux | grep $i | grep -v grep | awk '{print $2}')
    kill -9 $A

# Optional
chkconfig --level 35 postfix off
systemctl stop postfix
systemctl mask postfix