From d93a769b9dc19aefbb280b2df38902ee368a02f9 Mon Sep 17 00:00:00 2001 From: Serghey Rodin Date: Fri, 25 Nov 2016 12:19:04 +0200 Subject: [PATCH] nginx config update --- install/debian/7/nginx/nginx.conf | 27 +++++++++----- install/debian/8/nginx/nginx.conf | 27 +++++++++----- install/rhel/5/nginx/nginx.conf | 51 ++++++++++++++++++++++----- install/rhel/6/nginx/nginx.conf | 51 ++++++++++++++++++++++----- install/rhel/7/nginx/nginx.conf | 51 ++++++++++++++++++++++----- install/ubuntu/12.04/nginx/nginx.conf | 27 +++++++++----- install/ubuntu/12.10/nginx/nginx.conf | 27 +++++++++----- install/ubuntu/13.04/nginx/nginx.conf | 28 ++++++++++----- install/ubuntu/13.10/nginx/nginx.conf | 27 +++++++++----- install/ubuntu/14.04/nginx/nginx.conf | 27 +++++++++----- install/ubuntu/14.10/nginx/nginx.conf | 27 +++++++++----- install/ubuntu/15.04/nginx/nginx.conf | 27 +++++++++----- install/ubuntu/15.10/nginx/nginx.conf | 27 +++++++++----- install/ubuntu/16.04/nginx/nginx.conf | 4 +++ 14 files changed, 323 insertions(+), 105 deletions(-) diff --git a/install/debian/7/nginx/nginx.conf b/install/debian/7/nginx/nginx.conf index ca6929592..1932d171f 100644 --- a/install/debian/7/nginx/nginx.conf +++ b/install/debian/7/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user www-data; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -51,9 +53,9 @@ http { gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; - + gzip_disable "MSIE [1-6]\."; # Proxy settings proxy_redirect off; @@ -103,14 +105,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -118,6 +122,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/debian/8/nginx/nginx.conf b/install/debian/8/nginx/nginx.conf index ca6929592..1932d171f 100644 --- a/install/debian/8/nginx/nginx.conf +++ b/install/debian/8/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user www-data; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -51,9 +53,9 @@ http { gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; - + gzip_disable "MSIE [1-6]\."; # Proxy settings proxy_redirect off; @@ -103,14 +105,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -118,6 +122,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/rhel/5/nginx/nginx.conf b/install/rhel/5/nginx/nginx.conf index f64919fd0..47802f918 100644 --- a/install/rhel/5/nginx/nginx.conf +++ b/install/rhel/5/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user nginx; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -51,8 +53,9 @@ http { gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; + gzip_disable "MSIE [1-6]\."; # Proxy settings @@ -67,6 +70,29 @@ http { proxy_buffers 32 4k; + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 199.27.128.0/21; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 172.64.0.0/13; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + real_ip_header CF-Connecting-IP; + + # SSL PCI Compliance ssl_session_cache shared:SSL:10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; @@ -80,14 +106,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; - proxy_temp_path /var/cache/nginx/temp; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -95,6 +123,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/rhel/6/nginx/nginx.conf b/install/rhel/6/nginx/nginx.conf index f64919fd0..47802f918 100644 --- a/install/rhel/6/nginx/nginx.conf +++ b/install/rhel/6/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user nginx; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -51,8 +53,9 @@ http { gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; + gzip_disable "MSIE [1-6]\."; # Proxy settings @@ -67,6 +70,29 @@ http { proxy_buffers 32 4k; + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 199.27.128.0/21; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 172.64.0.0/13; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + real_ip_header CF-Connecting-IP; + + # SSL PCI Compliance ssl_session_cache shared:SSL:10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; @@ -80,14 +106,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; - proxy_temp_path /var/cache/nginx/temp; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -95,6 +123,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/rhel/7/nginx/nginx.conf b/install/rhel/7/nginx/nginx.conf index f64919fd0..47802f918 100644 --- a/install/rhel/7/nginx/nginx.conf +++ b/install/rhel/7/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user nginx; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -51,8 +53,9 @@ http { gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; + gzip_disable "MSIE [1-6]\."; # Proxy settings @@ -67,6 +70,29 @@ http { proxy_buffers 32 4k; + # Cloudflare https://www.cloudflare.com/ips + set_real_ip_from 199.27.128.0/21; + set_real_ip_from 173.245.48.0/20; + set_real_ip_from 103.21.244.0/22; + set_real_ip_from 103.22.200.0/22; + set_real_ip_from 103.31.4.0/22; + set_real_ip_from 141.101.64.0/18; + set_real_ip_from 108.162.192.0/18; + set_real_ip_from 190.93.240.0/20; + set_real_ip_from 188.114.96.0/20; + set_real_ip_from 197.234.240.0/22; + set_real_ip_from 198.41.128.0/17; + set_real_ip_from 162.158.0.0/15; + set_real_ip_from 104.16.0.0/12; + set_real_ip_from 172.64.0.0/13; + #set_real_ip_from 2400:cb00::/32; + #set_real_ip_from 2606:4700::/32; + #set_real_ip_from 2803:f800::/32; + #set_real_ip_from 2405:b500::/32; + #set_real_ip_from 2405:8100::/32; + real_ip_header CF-Connecting-IP; + + # SSL PCI Compliance ssl_session_cache shared:SSL:10m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; @@ -80,14 +106,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; - proxy_temp_path /var/cache/nginx/temp; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; + proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -95,6 +123,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/ubuntu/12.04/nginx/nginx.conf b/install/ubuntu/12.04/nginx/nginx.conf index ca6929592..1932d171f 100644 --- a/install/ubuntu/12.04/nginx/nginx.conf +++ b/install/ubuntu/12.04/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user www-data; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -51,9 +53,9 @@ http { gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; - + gzip_disable "MSIE [1-6]\."; # Proxy settings proxy_redirect off; @@ -103,14 +105,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -118,6 +122,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/ubuntu/12.10/nginx/nginx.conf b/install/ubuntu/12.10/nginx/nginx.conf index ca6929592..1932d171f 100644 --- a/install/ubuntu/12.10/nginx/nginx.conf +++ b/install/ubuntu/12.10/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user www-data; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -51,9 +53,9 @@ http { gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; - + gzip_disable "MSIE [1-6]\."; # Proxy settings proxy_redirect off; @@ -103,14 +105,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -118,6 +122,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/ubuntu/13.04/nginx/nginx.conf b/install/ubuntu/13.04/nginx/nginx.conf index 828b028df..1932d171f 100644 --- a/install/ubuntu/13.04/nginx/nginx.conf +++ b/install/ubuntu/13.04/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user www-data; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -51,10 +53,9 @@ http { gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype; - application/x-javascript application/javascript; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; - + gzip_disable "MSIE [1-6]\."; # Proxy settings proxy_redirect off; @@ -104,14 +105,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -119,6 +122,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/ubuntu/13.10/nginx/nginx.conf b/install/ubuntu/13.10/nginx/nginx.conf index ca6929592..1932d171f 100644 --- a/install/ubuntu/13.10/nginx/nginx.conf +++ b/install/ubuntu/13.10/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user www-data; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -51,9 +53,9 @@ http { gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; - + gzip_disable "MSIE [1-6]\."; # Proxy settings proxy_redirect off; @@ -103,14 +105,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -118,6 +122,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/ubuntu/14.04/nginx/nginx.conf b/install/ubuntu/14.04/nginx/nginx.conf index ca6929592..1932d171f 100644 --- a/install/ubuntu/14.04/nginx/nginx.conf +++ b/install/ubuntu/14.04/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user www-data; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -51,9 +53,9 @@ http { gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; - + gzip_disable "MSIE [1-6]\."; # Proxy settings proxy_redirect off; @@ -103,14 +105,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -118,6 +122,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/ubuntu/14.10/nginx/nginx.conf b/install/ubuntu/14.10/nginx/nginx.conf index ca6929592..1932d171f 100644 --- a/install/ubuntu/14.10/nginx/nginx.conf +++ b/install/ubuntu/14.10/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user www-data; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -51,9 +53,9 @@ http { gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; - + gzip_disable "MSIE [1-6]\."; # Proxy settings proxy_redirect off; @@ -103,14 +105,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -118,6 +122,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/ubuntu/15.04/nginx/nginx.conf b/install/ubuntu/15.04/nginx/nginx.conf index ca6929592..1932d171f 100644 --- a/install/ubuntu/15.04/nginx/nginx.conf +++ b/install/ubuntu/15.04/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user www-data; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -51,9 +53,9 @@ http { gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; - + gzip_disable "MSIE [1-6]\."; # Proxy settings proxy_redirect off; @@ -103,14 +105,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -118,6 +122,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/ubuntu/15.10/nginx/nginx.conf b/install/ubuntu/15.10/nginx/nginx.conf index ca6929592..1932d171f 100644 --- a/install/ubuntu/15.10/nginx/nginx.conf +++ b/install/ubuntu/15.10/nginx/nginx.conf @@ -1,7 +1,8 @@ # Server globals user www-data; -worker_processes 2; -error_log /var/log/nginx/error.log; +worker_processes auto; +worker_rlimit_nofile 65535; +error_log /var/log/nginx/error.log crit; pid /var/run/nginx.pid; @@ -9,6 +10,7 @@ pid /var/run/nginx.pid; events { worker_connections 1024; use epoll; + multi_accept on; } @@ -37,7 +39,7 @@ http { '"$status" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format bytes '$body_bytes_sent'; - #access_log /var/log/nginx/access.log main; + #access_log /var/log/nginx/access.log main; access_log off; @@ -51,9 +53,9 @@ http { gzip_comp_level 9; gzip_min_length 512; gzip_buffers 8 64k; - gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml application/x-font-ttf font/opentype; + gzip_types text/plain text/css text/javascript text/js text/xml application/json application/javascript application/x-javascript application/xml application/xml+rss application/x-font-ttf image/svg+xml font/opentype; gzip_proxied any; - + gzip_disable "MSIE [1-6]\."; # Proxy settings proxy_redirect off; @@ -103,14 +105,16 @@ http { error_page 502 503 504 /error/50x.html; - # Cache - proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=512m; + # Cache settings + proxy_cache_path /var/cache/nginx levels=2 keys_zone=cache:10m inactive=60m max_size=1024m; proxy_cache_key "$host$request_uri $cookie_user"; proxy_temp_path /var/cache/nginx/temp; proxy_ignore_headers Expires Cache-Control; proxy_cache_use_stale error timeout invalid_header http_502; - proxy_cache_valid any 3d; + proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; @@ -118,6 +122,13 @@ http { } + # File cache settings + open_file_cache max=10000 inactive=30s; + open_file_cache_valid 60s; + open_file_cache_min_uses 2; + open_file_cache_errors off; + + # Wildcard include include /etc/nginx/conf.d/*.conf; } diff --git a/install/ubuntu/16.04/nginx/nginx.conf b/install/ubuntu/16.04/nginx/nginx.conf index 4a276cbc4..1932d171f 100644 --- a/install/ubuntu/16.04/nginx/nginx.conf +++ b/install/ubuntu/16.04/nginx/nginx.conf @@ -113,18 +113,22 @@ http { proxy_cache_use_stale error timeout invalid_header http_502; proxy_cache_valid any 1d; + + # Cache bypass map $http_cookie $no_cache { default 0; ~SESS 1; ~wordpress_logged_in 1; } + # File cache settings open_file_cache max=10000 inactive=30s; open_file_cache_valid 60s; open_file_cache_min_uses 2; open_file_cache_errors off; + # Wildcard include include /etc/nginx/conf.d/*.conf; }