How to Extract and Dump Active Nginx Configuration from a Running Process


3 views

When administering Nginx servers, we often need to verify the actual configuration being used by the running process. This becomes critical when:

  • Multiple configuration files exist with similar names
  • Emergency changes were made without proper documentation
  • Debugging unexpected server behavior

The most reliable method uses Nginx's own signaling mechanism:

nginx -T

This command:

  • Tests the configuration (-T shows full config with included files)
  • Works without restarting the server
  • Outputs the complete merged configuration

For cases where the master process won't respond, we can inspect its memory:

strings /proc/$(pgrep -f "nginx: master")/environ | grep -A 100 "NGINX_CONF"

Or for Docker containers:

docker exec container_id strings /proc/1/environ | grep NGINX

When you need forensic-level configuration recovery:

gdb -p $(pgrep -f "nginx: master") -ex "set logging file nginx_config.txt" \
-ex "set logging on" -ex "p (uchar *)ngx_cycle.conf_file.data" \
-ex "set logging off" -ex "quit"

Here's how we recovered a lost load balancer configuration:

# Identify the master process
ps aux | grep nginx

# Extract configuration
nginx -p /custom/nginx/path -T > recovered.conf

# Verify critical directives
grep -E "server_name|proxy_pass" recovered.conf
  • Always test dumped configurations before applying them
  • Configuration may include sensitive data (SSL certs, passwords)
  • Worker processes inherit configuration from master at startup

We've all been there - accidentally overwriting an Nginx config file before realizing it was the wrong one. The panic sets in when you remember that valuable rewrite rules, upstream configurations, or SSL settings haven't been backed up. But here's the good news: if you haven't reloaded Nginx yet, your golden configuration still lives in memory.

For complete configuration extraction, gdb is your best friend. This method works even with compiled Nginx modules:

# First find nginx's main process ID
ps aux | grep nginx

# Attach gdb to the master process
gdb -p [MASTER_PID]

# In gdb shell:
(gdb) call (void) ngx_conf_dump()
(gdb) detach
(gdb) quit

The configuration will appear in your error log (typically /var/log/nginx/error.log). This method may require debug symbols installed.

For a faster but less complete approach:

# View opened configuration files
ls -l /proc/$(cat /var/run/nginx.pid)/fd/ | grep conf

# Check current include paths
strings /proc/$(cat /var/run/nginx.pid)/environ | grep nginx

If you have the status module enabled:

location /nginx_status {
    stub_status on;
    allow 127.0.0.1;
    deny all;
}

# Then query:
curl http://127.0.0.1/nginx_status

Consider these habits to avoid future headaches:

  • Use version control for all config files
  • Implement a pre-reload diff check: nginx -t && nginx -T > current_config.conf
  • Set up regular config backups with inotifywait

Be aware that:

  • Dynamically loaded configurations (via Lua or JS) may not appear in dumps
  • Some variables might show compiled values rather than original syntax
  • SSL certificates paths appear as they were at load time