id summary reporter owner description type status priority milestone component version resolution keywords cc uname nginx_version 2321 ngx_http_geoip_module problem a.savickiy.cdnvideo.com@… "Dear colleagues, good day! We`re investigating problems with ngx_http_geoip_module after 1.19.x Geoip answer is empty The problem occurs only after nginx reload Configuration: http { ... map $geoip_country_code $country { ~*(?[a-z]+) $c; default -; } geoip_country /var/www/geodata/GeoIP.dat; ... } conf.d: location /checkgeo { if ($country !~* ""ZZ"") { return 403; } proxy_hide_header country; add_header country ""$country"" always; proxy_hide_header geoip_country_code; add_header geoip_country_code ""$geoip_country_code"" always; } Before reload: curl -sI http://$(hostname):port/checkgeo -H 'Host: host' HTTP/1.1 403 Forbidden Server: nginx Date: Sat, 12 Feb 2022 09:08:40 GMT Content-Type: text/html Content-Length: 146 Connection: keep-alive country: RU geoip_country_code: RU After: nginx: the configuration file /etc/nginx2/nginx.conf syntax is ok nginx: configuration file /etc/nginx2/nginx.conf test is successful Reloading nginx2: [ OK ] HTTP/1.1 403 Forbidden Server: nginx Date: Sat, 12 Feb 2022 08:51:06 GMT Content-Type: text/html Content-Length: 146 Connection: keep-alive country: - File: -r--r--r-- 1 root root 2237008 xxx 10 16:01 /var/www/geodata/GeoIP.dat we`ve tried to change to nginx:nginx and nothing changed We have a lot of servers (>500) and problem occurs from time to time on different machines. If u need, we have debug logs for good reload and request and bad reload and request. Also have straces for both cases. " defect closed critical nginx-1.21 nginx-module 1.19.x invalid geoip Linux edge.company.ru 5.4.0-72-generic #80~18.04.1-Ubuntu SMP Mon Apr 12 23:26:25 UTC 2021 x86_64 x86_64 x86_64 GNU/Linux "nginx version: nginx/1.21.5 built by gcc 4.4.7 20120313 (Red Hat 4.4.7-23) (GCC) built with OpenSSL 1.1.1m 14 Dec 2021 TLS SNI support enabled configure arguments: --user=nginx --group=nginx --prefix=/usr/share/nginx --modules-path=/usr/lib64/nginx/modules --sbin-path=/usr/sbin/nginx --conf-path=/etc/nginx/nginx.conf --error-log-path=/var/log/nginx/error.log --http-log-path=/var/log/nginx/access.log --http-client-body-temp-path=/var/lib/nginx/tmp/client_body --http-proxy-temp-path=/var/lib/nginx/tmp/proxy --http-fastcgi-temp-path=/var/lib/nginx/tmp/fastcgi --http-uwsgi-temp-path=/var/lib/nginx/tmp/uwsgi --http-scgi-temp-path=/var/lib/nginx/tmp/scgi --pid-path=/var/run/nginx.pid --lock-path=/var/lock/subsys/nginx --with-http_addition_module --with-http_auth_request_module --with-http_dav_module --with-http_degradation_module --with-http_flv_module --with-http_geoip_module --with-http_gzip_static_module --with-http_gunzip_module --with-http_image_filter_module --with-http_mp4_module --with-http_perl_module --with-http_random_index_module --with-http_realip_module --with-http_secure_link_module --with-http_v2_module --with-http_ssl_module --with-http_stub_status_module --with-http_sub_module --with-http_xslt_module --with-http_slice_module --with-stream=dynamic --with-stream_ssl_module --with-mail=dynamic --with-mail_ssl_module --with-cc-opt='-O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector --param=ssp-buffer-size=4 -m64 -mtune=generic' --with-ipv6 --with-file-aio --with-debug --with-threads --with-pcre-jit --without-pcre2 --add-module=/home/rpmbuild/rpmbuild/BUILD/nginx-1.21.5/ngx_http_bytes_filter_module --add-module=/home/rpmbuild/rpmbuild/BUILD/nginx-1.21.5/lua-nginx-module-0.10.20 --add-module=/home/rpmbuild/rpmbuild/BUILD/nginx-1.21.5/nginx-rtmp-module-master --add-module=/home/rpmbuild/rpmbuild/BUILD/nginx-1.21.5/nginx-sla-master --add-module=/home/rpmbuild/rpmbuild/BUILD/nginx-1.21.5/ngx_devel_kit-0.3.0 --add-module=/home/rpmbuild/rpmbuild/BUILD/nginx-1.21.5/ngx_brotli --add-module=/home/rpmbuild/rpmbuild/BUILD/nginx-1.21.5/ngx_http_geoip2_module-3.3 --add-dynamic-module=/usr/share/passenger/ngx_http_passenger_module --add-dynamic-module=/home/rpmbuild/rpmbuild/BUILD/nginx-1.21.5/nginx-vod-module-1.28 --add-dynamic-module=/home/rpmbuild/rpmbuild/BUILD/nginx-1.21.5/nginx-cors-module-0.10 --add-dynamic-module=/home/rpmbuild/rpmbuild/BUILD/nginx-1.21.5/nginx-kzmi-module-0.03 --add-dynamic-module=/home/rpmbuild/rpmbuild/BUILD/nginx-1.21.5/lua-upstream-nginx-module-0.06 --add-dynamic-module=/home/rpmbuild/rpmbuild/BUILD/nginx-1.21.5/ngx_cache_purge-2.3 --add-dynamic-module=/home/rpmbuild/rpmbuild/BUILD/nginx-1.21.5/ngx_http_ttfb_filter_module --add-dynamic-module=/home/rpmbuild/rpmbuild/BUILD/nginx-1.21.5/nginx_accept_language_module --with-openssl=openssl-1.1.1m "