forked from h5bp/server-configs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
nginx.conf
128 lines (102 loc) · 3.56 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
# Set another default user than root for security reasons
user www www;
# As a thumb rule: One per CPU. If you are serving a large amount
# of static files, which requires blocking disk reads, you may want
# to increase this from the number of cpu_cores available on your
# system.
#
# The maximum number of connections for Nginx is calculated by:
# max_clients = worker_processes * worker_connections
worker_processes 1;
# Maximum file descriptors that can be opened per process
# This should be > worker_connections
worker_rlimit_nofile 8192;
events {
# When you need > 8000 * cpu_cores connections, you start optimizing
# your OS, and this is probably the point at where you hire people
# who are smarter than you, this is *a lot* of requests.
worker_connections 8000;
# This sets up some smart queueing for accept(2)'ing requests
# Set it to "on" if you have > worker_processes
accept_mutex off;
# These settings are OS specific, by defualt Nginx uses select(2),
# however, for a large number of requests epoll(2) and kqueue(2)
# are generally faster than the default (select(2))
# use epoll; # enable for Linux 2.6+
# use kqueue; # enable for *BSD (FreeBSD, OS X, ..)
}
# Change these paths to somewhere that suits you!
error_log logs/error.log;
pid logs/nginx.pid;
http {
# Set the mime-types via the mime.types external file
include nginx-mime.types;
# And the fallback mime-type
default_type application/octet-stream;
# Format for our log files
log_format main '$remote_addr - $remote_user [$time_local] $status '
'"$request" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# Click tracking!
access_log logs/access.log main;
# ~2 seconds is often enough for HTML/CSS, but connections in
# Nginx are cheap, so generally it's safe to increase it
keepalive_timeout 5;
# You usually want to serve static files with Nginx
sendfile on;
tcp_nopush on; # off may be better for Comet/long-poll stuff
tcp_nodelay off; # on may be better for Comet/long-poll stuff
# Enable Gzip
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_proxied any;
gzip_types
# text/html is always compressed by HttpGzipModule
text/css
text/javascript
text/xml
text/plain
text/x-component
application/javascript
application/json
application/xml
application/rss+xml
font/truetype
font/opentype
application/vnd.ms-fontobject
image/svg+xml;
gzip_static on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
gzip_vary on;
server {
# listen 80 default deferred; # for Linux
# listen 80 default accept_filter=httpready; # for FreeBSD
listen 80 default;
# e.g. "localhost" to accept all connections, or "www.example.com"
# to handle the requests for "example.com" (and www.example.com)
server_name _;
# Path for static files
root /sites/example.com/public;
# Custom 404 page
error_page 404 /404.html;
expires 1M;
# Static assets
location ~* ^.+\.(manifest|appcache)$ {
expires -1;
root /sites/example.com/public;
access_log logs/static.log;
}
# Set expires max on static file types
location ~* ^.+\.(css|js|jpg|jpeg|gif|png|ico|gz|svg|svgz|ttf|otf|woff|eot|mp4|ogg|ogv|webm)$ {
expires max;
root /sites/example.com/public;
access_log off;
}
# opt-in to the future
add_header "X-UA-Compatible" "IE=Edge,chrome=1";
}
}