Skip to content

NODEBB: Nginx error performance & High CPU

Solved Performance
  • @DownPW You should use sudo apt install redis-server

    In terms of performance, your server should have enough resources for this - at any rate, the session information is stored in redis but nothing else, so it’s essentially only valid for the length of the session and has no impact to the over site in terms of speed.

  • @DownPW Change your config.json so that it looks like the below

    {
        "url": "https://XX-XX.net",
        "secret": "XXXXXXXXXXXXXXXX",
        "database": "mongo",
        "mongo": {
            "host": "127.0.0.1",
            "port": "27017",
            "username": "XXXXXXXXXXX",
            "password": "XXXXXXXXXXX",
            "database": "nodebb",
            "uri": ""
        },
        "redis": {
            "host":"127.0.0.1",
            "port":"6379",
            "database": 5
        },
        "port": ["4567", "4568", "4569"]  // will start three processes
    }
    

    Your nginx.conf also needs modification (see commented steps for changes etc)

    # add the below block for nodeBB clustering
    upstream io_nodes {
        ip_hash;
        server 127.0.0.1:4567;
        server 127.0.0.1:4568;
        server 127.0.0.1:4569;
    }
    
    server {
    	server_name XX-XX.net www.XX-XX.net;
    	listen XX.XX.XX.X;
    	listen [XX:XX:XX:XX::];
    	root /home/XX-XX/nodebb;
    	index index.php index.htm index.html;
    	access_log /var/log/virtualmin/XX-XX.net_access_log;
    	error_log /var/log/virtualmin/XX-XX.net_error_log;
    
    # add the below block which will force all traffic into the cluster when referenced with @nodebb
        
    location @nodebb {
         proxy_pass http://io_nodes;
        }
    
            location / {
    				
    		limit_req zone=flood burst=100 nodelay; 
    		limit_conn ddos 10; 
    		proxy_read_timeout 180; 
    
                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header Host $http_host;
                    proxy_set_header X-NginX-Proxy true;
                   # It's necessary to set @nodebb here so that the clustering works
                    proxy_pass @nodebb;
                    proxy_redirect off;
    
                    # Socket.IO Support
                    proxy_http_version 1.1;
                    proxy_set_header Upgrade $http_upgrade;
                    proxy_set_header Connection "upgrade";
            }
    
    	listen XX.XX.XX.XX:XXssl http2;
    	listen [XX:XX:XX:XX::]:443 ssl http2;
    	ssl_certificate /etc/ssl/virtualmin/166195366750642/ssl.cert;
    	ssl_certificate_key /etc/ssl/virtualmin/166195366750642/ssl.key;
    	if ($scheme = http) {
    		rewrite ^/(?!.well-known)(.*) "https://XX-XX.net/$1" break;
    	}
    }
    
  • @phenomlab

    ok I have to talk to the staff members first before i do anything.

    So there is nothing to put in the vhost XX-XX.net ?, everything is in the nginx.conf and the config.json if I understand correctly

    In terms of disk space, memory, cpu what does it give ?

    After all of that, we need to restart nodebb I imagine ?

    These new ports (4567", “4568”, "4569) must also be open in the Hetzner interface?

    I wanted all the details if possible

  • @DownPW said in NODEBB: Nginx error performance & High CPU:

    everything is in the nginx.conf and the config.json if I understand correctly

    Yes, that’s correct

    @DownPW said in NODEBB: Nginx error performance & High CPU:

    In terms of disk space, memory, cpu what does it give ?

    There should be little change in terms of the usage. What clustering does is essentially provide multiple processes to carry out the same tasks, but obviously much faster than one process only ever could.

    @DownPW said in NODEBB: Nginx error performance & High CPU:

    After all of that, we need to restart nodebb I imagine ?

    Correct

    @DownPW said in NODEBB: Nginx error performance & High CPU:

    These new ports (4567", “4568”, "4569) must also be open in the Hetzner interface?

    Will not be necessary as they are not available publicly, but only to the reverse proxy on 127.0.0.1

  • OK.

    @phenomlab

    I resume in details.

    1- Stop nodebb
    2- Stop iframely
    3- Stop nginx
    4- Install redis server : sudo apt install redis-server
    5- Change nodebb Config.json file (can you verifiy this synthax please ? nodebb documentation tell “database”: 0 and not “database”: 5 - but maybe it’s just a name and i can use the same as mongo like “database”: nodebb , I moved the port directive) :

    {
        "url": "https://XX-XX.net",
        "secret": "XXXXXXXXXXXXXXXX",
        "database": "mongo",
       "port": [4567, 4568,4569],
        "mongo": {
            "host": "127.0.0.1",
            "port": "27017",
            "username": "XXXXXXXXXXX",
            "password": "XXXXXXXXXXX",
            "database": "nodebb",
            "uri": ""
        },
        "redis": {
            "host":"127.0.0.1",
            "port":"6379",
            "database": 5
        }
    }
    

    6- Change nginx.conf :

    # add the below block for nodeBB clustering
    upstream io_nodes {
        ip_hash;
        server 127.0.0.1:4567;
        server 127.0.0.1:4568;
        server 127.0.0.1:4569;
    }
    
    server {
    	server_name XX-XX.net www.XX-XX.net;
    	listen XX.XX.XX.X;
    	listen [XX:XX:XX:XX::];
    	root /home/XX-XX/nodebb;
    	index index.php index.htm index.html;
    	access_log /var/log/virtualmin/XX-XX.net_access_log;
    	error_log /var/log/virtualmin/XX-XX.net_error_log;
    
    # add the below block which will force all traffic into the cluster when referenced with @nodebb
        
    location @nodebb {
         proxy_pass http://io_nodes;
        }
    
            location / {
    				
    		limit_req zone=flood burst=100 nodelay; 
    		limit_conn ddos 10; 
    		proxy_read_timeout 180; 
    
                    proxy_set_header X-Real-IP $remote_addr;
                    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                    proxy_set_header Host $http_host;
                    proxy_set_header X-NginX-Proxy true;
                   # It's necessary to set @nodebb here so that the clustering works
                    proxy_pass @nodebb;
                    proxy_redirect off;
    
                    # Socket.IO Support
                    proxy_http_version 1.1;
                    proxy_set_header Upgrade $http_upgrade;
                    proxy_set_header Connection "upgrade";
            }
    
    	listen XX.XX.XX.XX:XXssl http2;
    	listen [XX:XX:XX:XX::]:443 ssl http2;
    	ssl_certificate /etc/ssl/virtualmin/166195366750642/ssl.cert;
    	ssl_certificate_key /etc/ssl/virtualmin/166195366750642/ssl.key;
    	if ($scheme = http) {
    		rewrite ^/(?!.well-known)(.*) "https://XX-XX.net/$1" break;
    	}
    }
    

    7- restart redis server systemctl restart redis-server.service
    8- Restart nginx
    9- Restart iframely
    10- Restart nodebb
    11- test configuration

  • @DownPW said in NODEBB: Nginx error performance & High CPU:

    5- Change nodebb Config.json file (can you verifiy this synthax please ? nodebb documentation tell “database”: 0 and not “database”: 5,

    All fine from my perspective - no real need to stop iFramely, but ok. The database number doesn’t matter as long as it’s not being used. You can use 0 if you wish - it’s in use on my side, hence 5.

  • @DownPW I’d add another set of steps here. When you move the sessions away from mongo to redis you are going to encounter issues logging in as the session tables will no longer match meaning none of your users will be able to login

    To resolve this issue

    Review https://sudonix.com/topic/249/invalid-csrf-on-dev-install and implement all steps - note that you will also need the below string when connecting to mongodb

    mongo -u admin -p <password> --authenticationDatabase=admin
    

    Obviously, substitute <password> with the actual value. So in summary:

    1. Open the mondogb console
    2. Select your database - in my case use sudonix;
    3. Issue this command db.objects.update({_key: "config"}, {$set: {cookieDomain: ""}});
    4. Press enter and then type quit() into the mongodb shell
    5. Restart NodeBB
    6. Clear cache on browser
    7. Try connection again
  • @phenomlab

    Hmm ok when perform these steps ?

  • @DownPW After you’ve setup the cluster and restarted NodeBB

  • @phenomlab said in NODEBB: Nginx error performance & High CPU:

    @crazycells said in NODEBB: Nginx error performance & High CPU:

    4567, 4568, and 4569… Is your NodeBB set up this way?

    It’s not (I set their server up). Sudonix is not configured this way either, but from memory, this also requires redis to handle the session data. I may configure this site to do exactly that.

    yes, you might be right about the necessity. We have redis installed.

  • @DownPW since you pointed it out, I just remembered. Since we know when this crowd will come and be online on our forum, that particular day, we switch off iframely and all preview plugins. That also helps to open the pages faster.

  • @phenomlab a general but related question. Since opening three ports help, is it possible to increase this number? For example, can we run 5 ports NodeBB at the same time to smooth the web page experience; or is “3” goldilocks number for maximum efficiency?

  • @crazycells It’s not necessarily the “Goldilocks” standard - it really depends on the system resources you have available. You could easily extend it as long as you allow for the additional port(s) in the nginx.conf file also.

    Personally, I don’t see the need for more than 3 though.

  • @phenomlab

    Ok redis is ok now. Thanks for your help 🙂

    I would like know to obtain the connecting clients Real IP on Nginx log.

    I read I have need ngx_http_realip_module for nginx but not active by default but I don’t know if virtualmin have this module enabled.

  • @DownPW said in NODEBB: Nginx error performance & High CPU:

    @phenomlab

    Ok redis is ok now. Thanks for your help 🙂

    I would like know to obtain the connecting clients Real IP on Nginx log.

    I read I have need ngx_http_realip_modulefor nginx but not active by default but I don’t know if virtualmin have this module enabled.

    EDIT: OK it will be enabled by default on virtualmin :

    nginx -v
    

    3dbf7d61-b31f-4da3-9715-756c1cdf84dc-image.png

  • @phenomlab

    I have activate ngx_http_realip_module on /etc/nginx/nginx.conf on http block like this :

    f7dc6276-6c9b-4a26-9226-63ef8ee080ba-image.png

    It seems to be good for you ?

  • @DownPW yes, that looks fine.

  • @phenomlab

    We have sometimes this error, what do you think about it ?

    df42c308-96a7-4811-b63e-663e8fad9a09-image.png

  • @DownPW I suspect that’s a failure of the socket server to talk to redis, but the NodeBB Devs would need to confirm.


Did this solution help you?
Did you find the suggested solution useful? Why not buy me a coffee? It's a nice gesture, and a great way to show your appreciation 💗

Related Topics
  • configure ghost and wordpress combo

    Moved Solved WordPress
    9
    7 Votes
    9 Posts
    97 Views

    @Madchatthew I’d always post for the reasons I stated above. It’s useful information and could save someone else the headache.

  • Threaded post support for NodeBB

    Let's Build It
    146
    50 Votes
    146 Posts
    21k Views

    Updated git for above change

    https://github.com/phenomlab/nodebb-harmony-threading/commit/14a4e277521d83d219065ffb14154fd5f5cfac69

  • Nodebb design

    Solved General
    2
    1 Votes
    2 Posts
    282 Views

    @Panda said in Nodebb design:

    One negative is not being so good for SEO as more Server side rendered forums, if web crawlers dont run the JS to read the forum.

    From recollection, Google and Bing have the capability to read and process JS, although it’s not in the same manner as a physical person will consume content on a page. It will be seen as plain text, but will be indexed. However, it’s important to note that Yandex and Baidu will not render JS, although seeing as Google has a 90% share of the content available on the web in terms of indexing, this isn’t something you’ll likely lose sleep over.

    @Panda said in Nodebb design:

    The “write api” is preferred for server-to-server interactions.

    This is mostly based around overall security - you won’t typically want a client machine changing database elements or altering data. This is why you have “client-side” which could be DOM manipulation etc, and “server-side” which performs more complex operations as it can communicate directly with the database whereas the client cannot (and if it can, then you have a serious security flaw). Reading from the API is perfectly acceptable on the client-side, but not being able to write.

    A paradigm here would be something like SNMP. This protocol exists as a UDP (UDP is very efficient, as it is “fire and forget” and does not wait for a response like TCP does) based service which reads performance data from a remote source, thus enabling an application to parse that data for use in a monitoring application. In all cases, SNMP access should be “RO” (Read Only) and not RW (Read Write). It is completely feasible to assume complete control over a firewall for example by having RW access to SNMP and then exposing it to the entire internet with a weak passphrase.

    You wouldn’t do it (at least, I hope you wouldn’t) and the same ethic applies to server-side rendering and the execution of commands.

  • NodeBB v3 Chat Very Slow

    Moved Performance
    47
    11 Votes
    47 Posts
    4k Views

    @DownPW Seems fine.

  • build nodebb Warning in entrypoint size limit

    Solved Performance
    2
    0 Votes
    2 Posts
    212 Views

    @eeeee they are nothing to worry about, and can be ignored.

  • NodeBB v3.0.0-rc.1

    Performance
    1
    1 Votes
    1 Posts
    124 Views
    No one has replied
  • Optimum config for NodeBB under NGINX

    Performance
    4
    3 Votes
    4 Posts
    810 Views

    @crazycells hi - no security reason, or anything specific in this case. However, the nginx.conf I posted was from my Dev environment which uses this port as a way of not interfering with production.

    And yes, I use clustering on this site with three instances.

  • NodeBB 1.19.3

    Solved Performance
    33
    4 Votes
    33 Posts
    3k Views

    @phenomlab

    I find the problem Mark 😉

    The error message indicated this path :

    http://localhost:4567/assets/plugins/nodebb-plugin-emoji/emoji/styles.css?v=6983dobg16u

    I change the path url on config.json

    47bacc80-f141-41e4-a261-3f8d650cc6f6-image.png

    And all it’s good 🙂

    Weird, I didn’t have to change that path before 1.19.3

    But this does not prevent the problem from a clean install with Emoji Plugin

    EDIT: After test, that resolv the problem installation for 1.18.x but not for 1.19.x (I have other error message when I run ./nodebb Setup

    For resume: NodeJS 16_x with 1.18.x is ok