-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathnginx.conf
207 lines (160 loc) · 5.66 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
# nginx config file
# @TODO https://www.nginx.com/resources/wiki/start/topics/examples/SSL-Offloader/
# How many worker threads to run;
# "auto" sets it to the number of CPU cores available in the system, and
# offers the best performance. Don't set it higher than the number of CPU
# cores if changing this parameter.
worker_processes auto;
# Better priority than other processes
worker_priority 0;
# In case the amount of CPUs is known, we can explicitly point a worker to a CPU
# @see http://nginx.org/en/docs/ngx_core_module.html#worker_cpu_affinity
worker_cpu_affinity auto;
# Maximum open file descriptors per process;
# should be > worker_connections.
worker_rlimit_nofile 8192;
pid /var/run/nginx.pid;
events {
worker_connections 4096;
multi_accept on;
use epoll;
}
stream {
upstream mongodb_servers {
server mongodb:27017;
}
server {
listen 27017;
proxy_pass mongodb_servers;
}
}
http {
# Hide nginx version information.
server_tokens off;
default_type application/octet-stream;
include global/mime.types;
include global/directive-only/charset.conf;
#include global/directive-only/gzip.conf;
include global/directive-only/log.format.conf;
#include global/directive-only/cookies.conf;
#include global/directive-only/proxy-cache.conf;
#include global/directive-only/extra-security.conf;
# Enable nginx error pages for response code ≥ 300 using "error_page" directive
#proxy_intercept_errors on;
# Speed up file transfers by using sendfile() to copy directly
# between descriptors rather than using read()/write()
# @DEBUG Set to `off` when debugging to avoid cache
sendfile off;
## Timeouts
# How long the connection is allowed to stay idle and alive
keepalive_timeout 30 30;
client_header_timeout 10;
client_body_timeout 30;
# Between two operations
send_timeout 30;
# Maximum upload size
#client_max_body_size ${NGINX_UPLOAD_LIMIT};
# Tell Nginx not to send out partial frames; this increases throughput
# since TCP frames are filled up before being sent out. (adds TCP_CORK)
tcp_nopush on;
# Tell Nginx to enable the Nagle buffering algorithm for TCP packets, which
# collates several smaller packets together into one larger packet, thus saving
# bandwidth at the cost of a nearly imperceptible increase to latency. (removes TCP_NODELAY)
tcp_nodelay off;
# Nginx will silently drop HTTP headers with underscores
# This is done in order to prevent ambiguities when mapping headers to CGI variables as both dashes
# and underscores are mapped to underscores during that process.
underscores_in_headers on;
# this seems to be required for some vhosts
server_names_hash_bucket_size 128;
disable_symlinks off;
# Index order
index index.php index.html index.htm;
upstream web_servers {
least_conn;
server docker.dev:80 max_fails=2 fail_timeout=10s;
server docker.dev:81 max_fails=2 fail_timeout=10s;
# Activate the cache for connections to upstream servers
# Sets the maximum number of idle keepalive connections to upstream servers
# that are preserved in the cache of each worker process
keepalive 25;
}
upstream phpfpm_servers {
least_conn;
server php:9000 max_fails=2 fail_timeout=10s;
server php:9001 max_fails=2 fail_timeout=10s;
# Only allowed after setting the load balancing method
keepalive 25;
}
upstream nodejs_servers {
least_conn;
server docker.dev:3000 max_fails=2 fail_timeout=10s;
keepalive 25;
}
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
# Respond to all requests
server_name _;
include global/location/favicons.conf;
set $site_root /var/www/$host;
set $log_root var/log/nginx/$host;
include global/directive-only/log.cache.conf;
include global/directive-only/log.verbose.conf;
# Not possible to use variables for error_log
error_log /var/log/nginx/proxy.error.log debug;
access_log /$log_root/proxy.access.log full;
error_page 404 =404 /40x.html;
#client_max_body_size 10m;
#client_header_buffer_size 1k;
#client_body_buffer_size 128k;
location /node {
proxy_pass http://nodejs_servers;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location ~* (\.php)$ {
root /$site_root;
fastcgi_pass phpfpm_servers;
#if (!-f $document_root$fastcgi_script_name) {
# return 404;
#}
fastcgi_keep_conn on;
fastcgi_index index.php;
try_files $uri $uri/ /index.php;
#fastcgi_split_path_info ^(.+?\.php)(/.*)$;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# Fixes $_SERVER["REMOTE_ADDR"] to equal "HTTP_X_REAL_IP" and "HTTP_X_FORWARDED_FOR" values
fastcgi_param REMOTE_ADDR $http_x_real_ip;
#include global/location/proxy.conf;
}
location /40x.html {
root /$site_root/errors;
internal;
error_page 404 =404 @fallback_404;
}
# In case there were no site-specific error files
location @fallback_404 {
root /$site_root;
try_files /40x.html =404;
internal;
}
location / {
root $site_root;
try_files $uri $uri/ @webproxy;
}
location @webproxy {
# Add cache zone and header to show the cache status
#proxy_cache static;
# Send requests to upstream servers array
proxy_pass http://web_servers;
#include global/location/proxy.conf;
}
}
# server{} configuration files should be placed in the sites-available folder
#include sites-enabled/*;
}