Sudonix

Sudonix

Optimum config for NodeBB under NGINX

Performance
  • phenomlabundefined

    I noticed that my v3 instance of NodeBB in test was so much slower than live, but was using the same database etc. On closer inspection, the nginx configuration needed a tweak, so I’m posting my settings here so others can benefit from it. Note, that various aspects have been redacted for obvious privacy and security reasons, and to this end, you will need to substitute these values for those that exist in your own environment.

    server {
    # Ensure you put your server name here, such as example.com www.example.com etc.
	server_name sservername;
	listen x.x.x.x:443 ssl http2;
	access_log /path/to/access.log;
	error_log /path/to/error.log;

	ssl_certificate /path/to/ssl.combined;
	ssl_certificate_key /path/to/ssl.key;
    # You may not need the below values, so feel free to remove these if not required
	rewrite ^\Q/mail/config-v1.1.xml\E(.*) $scheme://$host/cgi-bin/autoconfig.cgi$1 break;
	rewrite ^\Q/.well-known/autoconfig/mail/config-v1.1.xml\E(.*) $scheme://$host/cgi-bin/autoconfig.cgi$1 break;
	rewrite ^\Q/AutoDiscover/AutoDiscover.xml\E(.*) $scheme://$host/cgi-bin/autoconfig.cgi$1 break;
	rewrite ^\Q/Autodiscover/Autodiscover.xml\E(.*) $scheme://$host/cgi-bin/autoconfig.cgi$1 break;
	rewrite ^\Q/autodiscover/autodiscover.xml\E(.*) $scheme://$host/cgi-bin/autoconfig.cgi$1 break;
    # You may not need the above values, so feel free to remove these if not required

	client_body_buffer_size 10K;
	client_header_buffer_size 1k;
	client_max_body_size 8m;
	large_client_header_buffers 4 4k;

	client_body_timeout 12;
	client_header_timeout 12;
	keepalive_timeout 15;
	send_timeout 10;


    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header Host $http_host;
    proxy_set_header X-NginX-Proxy true;
    proxy_redirect off;

    # Socket.io Support
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
	gzip on;
	gzip_disable "msie6";
	gzip_vary on;
	gzip_proxied any;
	gzip_min_length 1024;
	gzip_comp_level 6;
	gzip_buffers 16 8k;
	gzip_http_version 1.1;
	gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;

    add_header X-XSS-Protection "1; mode=block";
    add_header X-Download-Options "noopen" always;
    add_header Content-Security-Policy "upgrade-insecure-requests" always;
    add_header Referrer-Policy 'no-referrer' always;
    add_header Permissions-Policy "accelerometer=(), camera=(), geolocation=(), gyroscope=(), magnetometer=(), microphone=(), payment=(), usb=()" always;
    # This is the string that will show in the headers if requested, so you can put what you want in here. Keep it clean :)
    add_header X-Powered-By "<whatever you want here>" always;
    add_header X-Permitted-Cross-Domain-Policies "none" always;
    location / {
    # Don't forget to change the port to the one you use. I have a non-standard one :)
    proxy_pass http://127.0.0.1:5000;
    }

    location @nodebb {
        # Don't forget to change the port to the one you use. I have a non-standard one :)
        proxy_pass http://127.0.0.1:5000;
    }

    location ~ ^/assets/(.*) {
        root /path/to/nodebb/;
        try_files /build/public/$1 /public/$1 @nodebb;
        add_header Cache-Control "max-age=31536000";
    }

    location /plugins/ {
        root /path/to/nodebb/build/public/;
        try_files $uri @nodebb;
        add_header Cache-Control "max-age=31536000";
    }

	if ($scheme = http) {
        # Ensure you set your actual domain here
		rewrite ^/(?!.well-known)(.*) https://yourdomain/$1 break;
	}
}

    I’ve added comments at the obvious places where you need to make changes. Depending on how your server is configured, and it’s capabilities, this should improve performance no end.

    There is a caveat though, and it’s an important one

    Don’t use insane levels in the below section

    	client_body_buffer_size 10K;
	client_header_buffer_size 1k;
	client_max_body_size 8m;
	large_client_header_buffers 4 4k;

	client_body_timeout 12;
	client_header_timeout 12;
	keepalive_timeout 15;
	send_timeout 10;

    Keep to these values, and if anything, adjust them DOWN to suit your server.

    Author of OGProxy, Swatch, Threaded, and most of Sudonix's bugs…

    phenomlabundefined crazycellsundefined 2 Replies
    1
  • phenomlabundefined

    Further configuration changes can be made to the nginx core itself, although my recommendation here is to leave this alone unless you are sure you know what you are doing.

    https://webdock.io/en/docs/webdock-control-panel/optimizing-performance/optimizing-nginx-high-traffic-websites

    Author of OGProxy, Swatch, Threaded, and most of Sudonix's bugs…

    1
  • phenomlabundefined phenomlab marked this topic as a regular topic on
  • crazycellsundefined

    hi @phenomlab , is there any reason that you do not use 4567?

    Additionally, do you scale your forum up to 3 ports?

    https://docs.nodebb.org/configuring/scaling/

    0
  • phenomlabundefined

    @crazycells hi - no security reason, or anything specific in this case. However, the nfinx.conf I posted was from my Dev environment which uses this port as a way of not interfering with production.

    And yes, I use clustering on this site with three instances.

    Author of OGProxy, Swatch, Threaded, and most of Sudonix's bugs…

    1

  • phenomlabundefined

    Repeated application crashes? You might need a Swap file

    Performance
    1
    0 Votes
    1 Posts
    83 Views
    phenomlabundefined

    Lower grade VPS instances, whilst cheap, do have the inherent issue in the fact that they only have 1Gb of RAM. In most cases, this is enough for relatively small or minor projects, but when you need more RAM that you actually have, you’ll quickly find that instance exhausted, and your applications crashing as a result.

    This is where the swap file comes into play. Adding a swap can significantly improve performance on low budget hosts, but without direct root access, this is not going to be possible. If you own a VPS that has root level access and need to add a swap, follow the below guide.

    First, what exactly is a Swap?

    swap is a section of hard disk space that has been set reserved for the operating system to temporarily store data that it is unable to hold in RAM. This step allows you increase the amount of information that your server can keep in its working memory (but not without with some caveats, which I’ll explain below). The swap space on the hard disk will be used mostly when there is no more sufficient space in RAM to host any in-use application data.

    The information written to disk will be far slower than information kept in RAM (RAM is superior in terms of speed owing to its architecture), but the operating system will prefer to keep running application data in memory and only use the swap for the older data. Essentially, having swap space as a failsafe for when your system’s physical memory is depleted can be a good safety net against crashes on systems with non-SSD storage available.

    Determine the size of the Swap we actually need.

    This process is made so much easier by using the below calculator

    https://pickwicksoft.github.io/swapcalc/

    Admittedly, if you only had 1Gb RAM, the SWAP would be default at 1Gb. You can play with the various configurations here to get the results you need, but be honest - don’t make your system out to be something it isn’t, because otherwise, you’ll create more problems than you set out to resolve.

    Swap space refers to a designated portion of hard drive storage that’s reserved for temporary data storage by the operating system when the RAM can’t accommodate it any longer. This allows for an expansion of the data that your server can hold in its active memory, though with certain conditions. The swap area on the hard drive comes into play primarily when there isn’t enough room left in the RAM to hold active application data.

    The data that gets written to the disk is notably slower than the data stored in RAM. Nevertheless, the operating system prioritizes keeping currently used application data in memory and employs swap for older data. Having swap space as a fallback when your system’s RAM is exhausted can serve as a valuable safeguard against out-of-memory errors, especially on systems with traditional non-SSD storage.

    Verifying the System for Swap Information

    Before proceeding, it’s advisable to confirm whether your system already has existing swap space. While it’s possible to have multiple swap files or swap partitions, typically one should suffice.

    You can check if your system has any configured swap by executing:

    sudo swapon --show

    If you receive no output, it means your system presently lacks swap space.

    You can also confirm the absence of active swap using the free utility:

    free -h

    As evident in the output, there is no active swap on the system, as shown in the Swap row.

    total used free shared buff/cache available Mem: 981Mi 122Mi 647Mi 0.0Ki 211Mi 714Mi SWAP: 0B 0B 0B Assessing Available Space on the Hard Drive Partition

    Before creating a swap file, it’s essential to check the current disk usage to ensure you have enough available space. This can be done by entering

    df -h Filesystem Size Used Avail Use% Mounted on tmpfs 1.6G 876K 1.6G 1% /run /dev/sda1 150G 65G 80G 45% / tmpfs 7.7G 0 7.7G 0% /dev/shm tmpfs 5.0M 0 5.0M 0% /run/lock /dev/sda15 253M 6.1M 246M 3% /boot/efi tmpfs 1.6G 0 1.6G 0% /run/user/1009

    The device with / in the Mounted on column is our disk in this case. We have sufficient remaining space available - 65G used. Your availability will obviously be different.

    The appropriate size of a swap space can vary according to personal preferences and application requirements. Typically, an amount equivalent to or double the system’s RAM is a good starting point. For a simple RAM fallback, anything over 4G of swap is usually deemed unnecessary.

    Creating a Swap File

    Now that you’ve determined the available hard drive space, you can generate a swap file on your file system. A file of your desired size, named ‘swapfile,’ will be allocated in your root directory (/).

    The recommended method for creating a swap file is by using the fallocate program, which instantly generates a file of the specified size. For instance, if your server has 1G of RAM, you can create a 1G file as follows:

    sudo fallocate -l 1G /swapfile

    You can confirm the correct space allocation by running:

    ls -lh /swapfile

    The file will be created with the appropriate space allocation.

    Activating the Swap File

    Now that you have a correctly sized file, it’s time to turn it into swap space. Initially, you must restrict file access to only root users, enhancing security. To achieve this, execute:

    sudo chmod 600 /swapfile

    You can verify the permission change with:

    ls -lh /swapfile

    As seen in the output, only the root user has read and write permissions.

    Next, mark the file as swap space with:

    sudo mkswap /swapfile

    Afterward, enable the swap file to allow your system to utilize it:

    sudo swapon /swapfile

    You can verify the availability of swap by executing:

    sudo swapon --show

    Finally, recheck the output of the free utility to confirm the setup:

    free -h Making the Swap File Permanent

    The changes made enable the swap file for the current session, but they won’t persist through a system reboot. To ensure your swap settings remain, you can add the swap file information to your /etc/fstab file. Here’s how you can do it:

    Back up the /etc/fstab file as a precaution:

    sudo cp /etc/fstab /etc/fstab.bak

    Add the swap file information to the end of your /etc/fstab file with:

    echo '/swapfile none swap sw 0 0' | sudo tee -a /etc/fstab Adjusting Swap Settings

    There are several settings you can configure to influence your system’s performance with swap. Two key settings are the swappiness property and the cache pressure setting:

    Swappiness Property: This parameter determines how often data is swapped from RAM to the swap space. A value between 0 and 100 represents a percentage. Lower values (close to 0) mean less frequent swapping, while higher values (closer to 100) encourage more swapping. You can check the current swappiness value with:

    cat /proc/sys/vm/swappiness

    You can set a different value using the sysctl command. For example, to set the swappiness to 10:

    sudo sysctl vm.swappiness=10

    This setting persists until the next reboot, but you can make it permanent by adding it to your /etc/sysctl.conf file.

    Cache Pressure Setting: This setting affects how the system caches inode and dentry information over other data. Lower values, like 50, make the system cache this information more conservatively. You can check the current cache pressure value with:

    cat /proc/sys/vm/vfs_cache_pressure

    To set a different value, use the sysctl command and update your /etc/sysctl.conf file as you did with the swappiness setting.

  • phenomlabundefined

    Goodbye OnePlus, hello Samsung

    Blog
    17
    13 Votes
    17 Posts
    114 Views
    phenomlabundefined

    @小城风雨多 I was a die-hard OnePlus user since the 6T, but my experience with the 9 series has left me extremely disappointed and I probably won’t go back now I have a Samsung S23+ which works perfectly.

  • DownPWundefined

    NodeBB socket with CloudFlare

    Unsolved Performance
    23
    1 Votes
    23 Posts
    430 Views
    phenomlabundefined

    @DownPW it’s your only realistic option at this stage.

  • Pandaundefined

    build nodebb Warning in entrypoint size limit

    Solved Performance
    2
    0 Votes
    2 Posts
    61 Views
    phenomlabundefined

    @eeeee they are nothing to worry about, and can be ignored.

  • DownPWundefined

    NODEBB: Nginx error performance & High CPU

    Solved Performance
    69
    14 Votes
    69 Posts
    978 Views
    DownPWundefined

    @phenomlab

    Seems to be better with some scaling fix for redis on redis.conf. I haven’t seen the message yet since the changes I made

    # I increase it to the value of /proc/sys/net/core/somaxconn tcp-backlog 4096 # I'm uncommenting because it can slow down Redis. Uncommented by default !!!!!!!!!!!!!!!!!!! #save 900 1 #save 300 10 #save 60 10000

    If you have other Redis optimizations. I take all your advice

    https://severalnines.com/blog/performance-tuning-redis/

  • justoverclockundefined

    Digitalocean step by step guide to nginx configuration

    Solved Configure
    36
    6 Votes
    36 Posts
    482 Views
    phenomlabundefined

    @justoverclock said in Digitalocean step by step guide to nginx configuration:

    i’m learning

    And that’s the whole point of this site 🙂 If you don’t learn anything, you gain nothing.

  • DownPWundefined

    NodeBB 1.19.3

    Solved Performance
    33
    4 Votes
    33 Posts
    1k Views
    DownPWundefined

    @phenomlab

    I find the problem Mark 😉

    The error message indicated this path :

    http://localhost:4567/assets/plugins/nodebb-plugin-emoji/emoji/styles.css?v=6983dobg16u

    I change the path url on config.json

    47bacc80-f141-41e4-a261-3f8d650cc6f6-image.png

    And all it’s good 🙂

    Weird, I didn’t have to change that path before 1.19.3

    But this does not prevent the problem from a clean install with Emoji Plugin

    EDIT: After test, that resolv the problem installation for 1.18.x but not for 1.19.x (I have other error message when I run ./nodebb Setup

    For resume: NodeJS 16_x with 1.18.x is ok

  • Ash3Tundefined

    Just obtained a new SSL certificate, but the browser shows connection is not secure

    Solved Hosting
    12
    1 Votes
    12 Posts
    534 Views
    phenomlabundefined

    @ash3t Great 🙂 Glad everything has worked out.