1

i'm trying to set up my own Stealth VPN server using NGINX 1.18 in Debian 11. I follow this guide but many of the directives are not working. The problem is when i issue nginx -t test command the output is:

 - nginx: [emerg] unknown "ssl_preread_server_name" variable

I changed this varaible from $ssl_preread_server_name to $server_name if the problem is only with this particular variable and to see if there are any other erros, the test has passed but found another variable error, this one:

 - nginx: [emerg] unknown "name" variable`

Which is in my last server block of code in nginx.conf file os i don't expect it to find any more errors. I checked the original datase of Nginx variables and the variable $name and $ssl_preread_server_name are official and exist. The guide i follow said they should be allocated like this and there are not any other guides on the internet so i'm kinda stuck.

So far i have just problem with those two variables. The are located in map block and last server block. Thank you very much for your help

This is my whole code:

user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { ## # Basic Settings ## sendfile on; tcp_nopush on; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime.types; default_type application/octet-stream; ## # SSL Settings ## ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE ssl_prefer_server_ciphers on; ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; ## # Servers ## server { # server_name 206.189.21.228; listen 127.0.0.1:8000; } ## # map ## map $ssl_preread_server_name $name { default https; 206.189.21.228 vpn; } ## # Logging Settings ## access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; ## # Gzip Settings ## gzip on; ## # Virtual Host Configs ## include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; } stream { ssl_certificate /etc/ssl/certs/nginx-selfsigned.crt; ssl_certificate_key /etc/ssl/private/nginx-selfsigned.key; upstream https { server unix:/etc/nginx/nginx_writing; } upstream vpn { server unix:/etc/openvpn/openvpn_writing; } server { listen unix:/etc/nginx/nginx_writing ssl; # openvpn doesn't support unix-sockets proxy_pass 127.0.0.1:1194; } server { listen unix:/etc/nginx/nginx_writing2 ssl; # could also use a unix-socket here proxy_pass 127.0.0.1:8000; } server { listen [::]:443 ipv6only=off; proxy_protocol on; proxy_pass $name; } }
Improve this question
6
  • What is the output of nginx -V? Commented Mar 22, 2022 at 7:22
  • nginx version: nginx/1.18.0 Commented Mar 22, 2022 at 11:54
  • nginx version: nginx/1.18.0 built with OpenSSL 1.1.1k 25 Mar 2021 TLS SNI support enabled configure arguments: --with-cc-opt='-g -O2 -ffile-prefix-map=/build/nginx-q9LD4J/nginx-1.18.0=. -fstack-protector-strong -Wformat -Werror=format-security -fPIC -Wdate-time -D_FORTIFY_SOURCE=2' --with-ld-opt='-Wl,-z,relro -Wl,-z,now -fPIC' --prefix=/usr/share/nginx --conf-path=/etc/nginx/nginx.conf --http-log-path=/var/log/nginx/access.log --error-log-path=/var/log/nginx/error.log --lock- Commented Mar 22, 2022 at 11:57
  • path=/var/lock/nginx.lock --pid-path=/run/nginx.pid --modules-path=/usr/lib/nginx/modules --http-client-body-temp-path=/var/lib/nginx/body --http-fastcgi-temp-path=/var/lib/nginx/fastcgi --http-proxy-temp-path=/var/lib/nginx/proxy --http-scgi-temp-path=/var/lib/nginx/scgi --http-uwsgi-temp-path=/var/lib/nginx/uwsgi --with-compat --with-debug --with-pcre-jit --with-http_ssl_module --with-http_stub_status_module --with-http_realip_module --with-http_auth_request_module -- Commented Mar 22, 2022 at 11:58
  • with-http_v2_module --with-http_dav_module --with-http_slice_module --with-threads --with-http_addition_module --with-http_gunzip_module --with-http_gzip_static_module --with-http_sub_module The output was too long for one comment Commented Mar 22, 2022 at 11:59

1 Answer 1

Reset to default
0

The issue is that your nginx does not have the required ngx_stream_ssl_preread module. You need to find an nginx build that has this module included.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.