Skip to content
Sudonix

NODEBB: Nginx error performance & High CPU

Solved Performance
69 3 36.3k 2
  • DownPWundefined DownPW

    OK.

    @phenomlab

    I resume in details.

    1- Stop nodebb
    2- Stop iframely
    3- Stop nginx
    4- Install redis server : sudo apt install redis-server
    5- Change nodebb Config.json file (can you verifiy this synthax please ? nodebb documentation tell “database”: 0 and not “database”: 5 - but maybe it’s just a name and i can use the same as mongo like “database”: nodebb , I moved the port directive) :

    {
    "url": "https://XX-XX.net",
    "secret": "XXXXXXXXXXXXXXXX",
    "database": "mongo",
   "port": [4567, 4568,4569],
    "mongo": {
        "host": "127.0.0.1",
        "port": "27017",
        "username": "XXXXXXXXXXX",
        "password": "XXXXXXXXXXX",
        "database": "nodebb",
        "uri": ""
    },
    "redis": {
        "host":"127.0.0.1",
        "port":"6379",
        "database": 5
    }
}

    6- Change nginx.conf :

    # add the below block for nodeBB clustering
upstream io_nodes {
    ip_hash;
    server 127.0.0.1:4567;
    server 127.0.0.1:4568;
    server 127.0.0.1:4569;
}

server {
	server_name XX-XX.net www.XX-XX.net;
	listen XX.XX.XX.X;
	listen [XX:XX:XX:XX::];
	root /home/XX-XX/nodebb;
	index index.php index.htm index.html;
	access_log /var/log/virtualmin/XX-XX.net_access_log;
	error_log /var/log/virtualmin/XX-XX.net_error_log;

# add the below block which will force all traffic into the cluster when referenced with @nodebb
    
location @nodebb {
     proxy_pass http://io_nodes;
    }

        location / {
				
		limit_req zone=flood burst=100 nodelay; 
		limit_conn ddos 10; 
		proxy_read_timeout 180; 

                proxy_set_header X-Real-IP $remote_addr;
                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
                proxy_set_header Host $http_host;
                proxy_set_header X-NginX-Proxy true;
               # It's necessary to set @nodebb here so that the clustering works
                proxy_pass @nodebb;
                proxy_redirect off;

                # Socket.IO Support
                proxy_http_version 1.1;
                proxy_set_header Upgrade $http_upgrade;
                proxy_set_header Connection "upgrade";
        }

	listen XX.XX.XX.XX:XXssl http2;
	listen [XX:XX:XX:XX::]:443 ssl http2;
	ssl_certificate /etc/ssl/virtualmin/166195366750642/ssl.cert;
	ssl_certificate_key /etc/ssl/virtualmin/166195366750642/ssl.key;
	if ($scheme = http) {
		rewrite ^/(?!.well-known)(.*) "https://XX-XX.net/$1" break;
	}
}

    7- restart redis server systemctl restart redis-server.service
    8- Restart nginx
    9- Restart iframely
    10- Restart nodebb
    11- test configuration

    crazycellsundefined

    @DownPW since you pointed it out, I just remembered. Since we know when this crowd will come and be online on our forum, that particular day, we switch off iframely and all preview plugins. That also helps to open the pages faster.

    0
  • crazycellsundefined crazycells

    @DownPW yes, this is the place to start:

    https://docs.nodebb.org/configuring/scaling/

    crazycellsundefined

    @phenomlab a general but related question. Since opening three ports help, is it possible to increase this number? For example, can we run 5 ports NodeBB at the same time to smooth the web page experience; or is “3” goldilocks number for maximum efficiency?

    0
  • crazycellsundefined crazycells

    @phenomlab a general but related question. Since opening three ports help, is it possible to increase this number? For example, can we run 5 ports NodeBB at the same time to smooth the web page experience; or is “3” goldilocks number for maximum efficiency?

    phenomlabundefined

    @crazycells It’s not necessarily the “Goldilocks” standard - it really depends on the system resources you have available. You could easily extend it as long as you allow for the additional port(s) in the nginx.conf file also.

    Personally, I don’t see the need for more than 3 though.

    Mark – Founder, Phenomlab Ltd
    Executive IT & Security Leadership
    Phenomlab Ltd

    2
  • phenomlabundefined phenomlab

    @crazycells It’s not necessarily the “Goldilocks” standard - it really depends on the system resources you have available. You could easily extend it as long as you allow for the additional port(s) in the nginx.conf file also.

    Personally, I don’t see the need for more than 3 though.

    DownPWundefined

    @phenomlab

    Ok redis is ok now. Thanks for your help 🙂

    I would like know to obtain the connecting clients Real IP on Nginx log.

    I read I have need ngx_http_realip_module for nginx but not active by default but I don’t know if virtualmin have this module enabled.

    PW and WS Spirit alive

    0
  • DownPWundefined DownPW

    @phenomlab

    Ok redis is ok now. Thanks for your help 🙂

    I would like know to obtain the connecting clients Real IP on Nginx log.

    I read I have need ngx_http_realip_module for nginx but not active by default but I don’t know if virtualmin have this module enabled.

    DownPWundefined

    @DownPW said in NODEBB: Nginx error performance & High CPU:

    @phenomlab

    Ok redis is ok now. Thanks for your help 🙂

    I would like know to obtain the connecting clients Real IP on Nginx log.

    I read I have need ngx_http_realip_modulefor nginx but not active by default but I don’t know if virtualmin have this module enabled.

    EDIT: OK it will be enabled by default on virtualmin :

    nginx -v

    3dbf7d61-b31f-4da3-9715-756c1cdf84dc-image.png

    PW and WS Spirit alive

    0
  • DownPWundefined DownPW

    @DownPW said in NODEBB: Nginx error performance & High CPU:

    @phenomlab

    Ok redis is ok now. Thanks for your help 🙂

    I would like know to obtain the connecting clients Real IP on Nginx log.

    I read I have need ngx_http_realip_modulefor nginx but not active by default but I don’t know if virtualmin have this module enabled.

    EDIT: OK it will be enabled by default on virtualmin :

    nginx -v

    3dbf7d61-b31f-4da3-9715-756c1cdf84dc-image.png

    DownPWundefined

    @phenomlab

    I have activate ngx_http_realip_module on /etc/nginx/nginx.conf on http block like this :

    f7dc6276-6c9b-4a26-9226-63ef8ee080ba-image.png

    It seems to be good for you ?

    PW and WS Spirit alive

    0
  • DownPWundefined DownPW

    @phenomlab

    I have activate ngx_http_realip_module on /etc/nginx/nginx.conf on http block like this :

    f7dc6276-6c9b-4a26-9226-63ef8ee080ba-image.png

    It seems to be good for you ?

    phenomlabundefined

    @DownPW yes, that looks fine.

    Mark – Founder, Phenomlab Ltd
    Executive IT & Security Leadership
    Phenomlab Ltd

    1
  • phenomlabundefined phenomlab

    @DownPW yes, that looks fine.

    DownPWundefined

    @phenomlab

    We have sometimes this error, what do you think about it ?

    df42c308-96a7-4811-b63e-663e8fad9a09-image.png

    PW and WS Spirit alive

    0
  • DownPWundefined DownPW

    @phenomlab

    We have sometimes this error, what do you think about it ?

    df42c308-96a7-4811-b63e-663e8fad9a09-image.png

    phenomlabundefined

    @DownPW I suspect that’s a failure of the socket server to talk to redis, but the NodeBB Devs would need to confirm.

    Mark – Founder, Phenomlab Ltd
    Executive IT & Security Leadership
    Phenomlab Ltd

    0
  • phenomlabundefined phenomlab

    @DownPW I suspect that’s a failure of the socket server to talk to redis, but the NodeBB Devs would need to confirm.

    DownPWundefined

    @phenomlab

    Seems to be better with some scaling fix for redis on redis.conf. I haven’t seen the message yet since the changes I made

    # I increase it to the value of /proc/sys/net/core/somaxconn
tcp-backlog 4096 


# I'm uncommenting because it can slow down Redis. Uncommented by default !!!!!!!!!!!!!!!!!!! 
#save 900 1
#save 300 10
#save 60 10000

    If you have other Redis optimizations. I take all your advice

    https://severalnines.com/blog/performance-tuning-redis/

    PW and WS Spirit alive

    1
  • DownPWundefined DownPW has marked this topic as solved on
Log in to reply

Did this solution help you?
Did you find the suggested solution useful? Support 💗 Sudonix with a coffee
If your organisation needs deeper expertise around infrastructure, security, or technology leadership, learn more about Phenomlab Ltd. Many of the deeper technical guides behind Sudonix are published there.

Related Topics
  • DownPWundefined

    Tutorial : NodeBB Scaling-clustering Redis + Proxied Cloudflare Free plan : integration guide

    Performance nodebb scaling redis cloudflare socket.io
    3
    4 Votes
    3 Posts
    237 Views
    crazycellsundefined
    thanks @DownPW ! this is definitely very helpful.
  • Pandaundefined

    Is nginx necessary to use?

    Moved Solved Hosting nginx web
    2
    1 Votes
    2 Posts
    1k Views
    phenomlabundefined
    @Panda said in Cloudflare bot fight mode and Google search: Basic question again, is nginx necessary to use? No, but you’d need something at least to handle the inbound requests, so you could use Apache, NGINX, Caddy… (there are plenty of them, but I tend to prefer NGINX) @Panda said in Cloudflare bot fight mode and Google search: Do these two sites need to be attached to different ports, and the ports put in the DNS record? No. They will both use ports 80 (HTTP) and 443 (HTTPS) by default. @Panda said in Cloudflare bot fight mode and Google search: Its not currently working, but how would the domain name know which of the two sites to resolve to without more info? Currently it only says the IP of the whole server. Yes, that’s correct. Domain routing is handled (for example) at the NGINX level, so whatever you have in DNS will be presented as the hostname, and NGINX will expect a match which once received, will then be forwarded onto the relevant destination. As an example, in your NGINX config, you could have (at a basic level used in reverse proxy mode - obviously, the IP addresses here are redacted and replaced with fakes). We assume you have created an A record in your DNS called “proxy” which resolves to 192.206.28.1, so fully qualified, will be proxy.sudonix.org in this case. The web browser requests this site, which is in turn received by NGINX and matches the below config server { server_name proxy.sudonix.org; listen 192.206.28.1; root /home/sudonix.org/domains/proxy.sudonix.org/ogproxy; index index.php index.htm index.html; access_log /var/log/virtualmin/proxy.sudonix.org_access_log; error_log /var/log/virtualmin/proxy.sudonix.org_error_log; location / { proxy_set_header Access-Control-Allow-Origin *; proxy_set_header Host $host; proxy_pass http://localhost:2000; proxy_redirect off; proxy_set_header Host $host; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Api-Key $http_x_api_key; } location /images { index index.php index.htm index.html; root /home/sudonix.org/domains/proxy.sudonix.org/ogproxy; } fastcgi_split_path_info "^(.+\.php)(/.+)$"; listen 192.206.28.1:443 ssl http2; ssl_certificate /home/sudonix.org/domains/proxy.sudonix.org/ssl.combined; ssl_certificate_key /home/sudonix.org/ssl.key; } The important part here is server_name proxy.sudonix.org; as this is used to “map” the request to the actual domain name, which you can see in the root section as root /home/sudonix.org/domains/proxy.sudonix.org/ogproxy; As the DNS record you specified matches this hostname, NGINX then knows what to do with the request when it receives it.
  • Pandaundefined

    Nodebb design

    Solved General nodebb
    2
    1 Votes
    2 Posts
    930 Views
    phenomlabundefined
    @Panda said in Nodebb design: One negative is not being so good for SEO as more Server side rendered forums, if web crawlers dont run the JS to read the forum. From recollection, Google and Bing have the capability to read and process JS, although it’s not in the same manner as a physical person will consume content on a page. It will be seen as plain text, but will be indexed. However, it’s important to note that Yandex and Baidu will not render JS, although seeing as Google has a 90% share of the content available on the web in terms of indexing, this isn’t something you’ll likely lose sleep over. @Panda said in Nodebb design: The “write api” is preferred for server-to-server interactions. This is mostly based around overall security - you won’t typically want a client machine changing database elements or altering data. This is why you have “client-side” which could be DOM manipulation etc, and “server-side” which performs more complex operations as it can communicate directly with the database whereas the client cannot (and if it can, then you have a serious security flaw). Reading from the API is perfectly acceptable on the client-side, but not being able to write. A paradigm here would be something like SNMP. This protocol exists as a UDP (UDP is very efficient, as it is “fire and forget” and does not wait for a response like TCP does) based service which reads performance data from a remote source, thus enabling an application to parse that data for use in a monitoring application. In all cases, SNMP access should be “RO” (Read Only) and not RW (Read Write). It is completely feasible to assume complete control over a firewall for example by having RW access to SNMP and then exposing it to the entire internet with a weak passphrase. You wouldn’t do it (at least, I hope you wouldn’t) and the same ethic applies to server-side rendering and the execution of commands.
  • Pandaundefined

    Why CSS acts different in Desktop?

    Bugs nodebb
    11
    4 Votes
    11 Posts
    2k Views
    phenomlabundefined
    @DownPW I’d have to agree with that.
  • cagatayundefined

    Changing Background on NodeBB

    Solved Customisation background image nodebb
    4
    0 Votes
    4 Posts
    1k Views
    phenomlabundefined
    @cagatay You’d target the body tag and use the below line of CSS background: url(/assets/customcss/backgrounds/default/default.png) no-repeat center center fixed; Obviously, you need to change the path to suit where your image is being stored. More info around the background property can be found here https://www.w3schools.com/cssref/css3_pr_background.php
  • crazycellsundefined

    what does sound/mute button do?

    Solved Customisation nodebb
    20
    1
    9 Votes
    20 Posts
    4k Views
    phenomlabundefined
    @crazycells Yeah, looking at the plugin itself, that’s a hard coded limit [image: 1653494282106-3d6dbc10-185b-4102-9470-0c2731a10750-image.png] I’ll probably remove that… eventually…
  • JACundefined

    NodeBB - Created pages not found?

    General
    20
    3 Votes
    20 Posts
    4k Views
    phenomlabundefined
    @jac Exactly. Hard point to argue.
  • JACundefined

    Customising NodeBB

    Locked Customisation nodebb
    3
    0 Votes
    3 Posts
    2k Views
    phenomlabundefined
    Closing this thread as a duplicate of https://sudonix.com/topic/12/nodebb-customisation