-
Notifications
You must be signed in to change notification settings - Fork 0
/
nginx.conf
249 lines (192 loc) · 7.99 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
# # you must set worker processes based on your CPU cores, nginx does not benefit from setting more than that
# worker_processes auto; #some last versions calculate it automatically
# # number of file descriptors used for nginx
# # the limit for the maximum FDs on the server is usually set by the OS.
# # if you don't set FD's then OS settings will be used which is by default 2000
# worker_rlimit_nofile 100000;
# # only log critical errors
# error_log /var/log/nginx/error.log crit;
# # provides the configuration file context in which the directives that affect connection processing are specified.
# events {
# # determines how much clients will be served per worker
# # max clients = worker_connections * worker_processes
# # max clients is also limited by the number of socket connections available on the system (~64k)
# worker_connections 4000;
# # optimized to serve many clients with each thread, essential for linux -- for testing environment
# use epoll;
# # accept as many connections as possible, may flood worker connections if set too low -- for testing environment
# multi_accept on;
# }
# http {
# # cache informations about FDs, frequently accessed files
# # can boost performance, but you need to test those values
# open_file_cache max=200000 inactive=20s;
# open_file_cache_valid 30s;
# open_file_cache_min_uses 2;
# open_file_cache_errors on;
# # to boost I/O on HDD we can disable access logs
# access_log off;
# # copies data between one FD and other from within the kernel
# # faster than read() + write()
# sendfile on;
# # send headers in one piece, it is better than sending them one by one
# tcp_nopush on;
# # don't buffer data sent, good for small data bursts in real time
# tcp_nodelay on;
# # reduce the data that needs to be sent over network -- for testing environment
# gzip on;
# # gzip_static on;
# gzip_min_length 10240;
# gzip_comp_level 1;
# gzip_vary on;
# gzip_disable msie6;
# gzip_proxied expired no-cache no-store private auth;
# gzip_types
# # text/html is always compressed by HttpGzipModule
# text/css
# text/javascript
# text/xml
# text/plain
# text/x-component
# application/javascript
# application/x-javascript
# application/json
# application/xml
# application/rss+xml
# application/atom+xml
# font/truetype
# font/opentype
# application/vnd.ms-fontobject
# image/svg+xml;
# # allow the server to close connection on non responding client, this will free up memory
# reset_timedout_connection on;
# # request timed out -- default 60
# client_body_timeout 10;
# # if client stop responding, free up memory -- default 60
# send_timeout 2;
# # server will close connection after this time -- default 75
# keepalive_timeout 30;
# # number of requests client can make over keep-alive -- for testing environment
# keepalive_requests 100000;
# include /etc/nginx/conf.d/*.conf;
# }
user nginx;
worker_processes 1;# was auto
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
multi_accept on;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
underscores_in_headers on;
server_tokens off;
limit_req_status 429;
limit_req_zone $http_x_forwarded_for zone=zone:1000m rate=20r/s;
limit_req_zone $binary_remote_addr zone=second:1000m rate=20r/s;
# limit_req_zone $binary_remote_addr zone=second:100m rate=1r/s;
#limit_req_zone $binary_remote_addr zone=ten:100m rate=10r/s;
# limit_req_zone $arg_access_token zone=acclimit:100m rate=1r/s;
# limit_req_zone $arg_access_token zone=accfive:100m rate=10r/m;
# limit_req_zone $arg_access_token zone=fifth:100m rate=1r/m;
#limit_conn_zone $binary_remote_addr zone=addr:100m;
# limit_conn_zone $arg_access_token zone=addracc:100m;
# proxy_buffer_size 512k;
# proxy_buffers 16 1024k;
# proxy_busy_buffers_size 1024k;
proxy_buffer_size 8k;
proxy_buffers 64 8k;
proxy_busy_buffers_size 16k;
proxy_cache_path /home/cache keys_zone=one:10m loader_threshold=300
loader_files=200 max_size=1g;
proxy_cache_path /home/cache2 levels=1:2 keys_zone=STATIC:10m
inactive=24h max_size=1g;
# upstream rmonapi {
# server rmonapi:5000;
# }
# upstream docker-apache {
# server apache:80;
# }
# proxy_cache_path /home/cache3 keys_zone=mycache:10m inactive=60m;
# log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
# access_log /var/log/nginx/access.log main;# aslesh
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'"$host" sn="$server_name" '
'rt=$request_time '
'ua="$upstream_addr" us="$upstream_status" '
'ut="$upstream_response_time" ul="$upstream_response_length" '
'cs=$upstream_cache_status' ;
# log_format main '$remote_addr - $remote_user [$time_local] '
# '"$request" $status $body_bytes_sent '
# '"$http_referer" "$http_user_agent" "$gzip_ratio"'
log_format upstream_logging '[$time_local] $remote_addr - $remote_user - $server_name to: $upstream_addr: $request upstream_response_time $upstream_response_time msec $msec request_time $request_time upstream_response $status $upstream_status';
access_log /var/log/nginx/access.log main;
log_format bodylog '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" $request_time '
'<"$request_body" >';
# log_format bodylog '$remote_addr - $remote_user [$time_local] '
# '"$request" $status $body_bytes_sent '
# '"$http_referer" "$http_user_agent" $request_time '
# '<"$request_body" >"$resp_body"';
#lua_need_request_body on;
# set $resp_body "";
# body_filter_by_lua '
# local resp_body = string.sub(ngx.arg[1], 1, 1000)
# ngx.ctx.buffered = (ngx.ctx.buffered or "") .. resp_body
# if ngx.arg[2] then
# ngx.var.resp_body = ngx.ctx.buffered
# end
# ';
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
open_file_cache max=200000 inactive=20s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
open_file_cache_valid 60s;
# open_file_cache_errors off;
gzip on;
gzip_static on;
gzip_vary on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
include /etc/nginx/conf.d/*.conf;
}
# user nginx;
# worker_processes auto;# was auto
# error_log off;
# pid /var/run/nginx.pid;
# access_log off;
# events {
# worker_connections 1024;
# multi_accept on;
# use epoll;
# }
# http {
# include /etc/nginx/mime.types;
# default_type application/octet-stream;
# underscores_in_headers on;
# server_tokens off;
# sendfile on;
# tcp_nopush on;
# tcp_nodelay on;
# keepalive_timeout 65;
# gzip on;
# gzip_vary on;
# gzip_min_length 10240;
# gzip_proxied expired no-cache no-store private auth;
# gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
# gzip_disable "MSIE [1-6]\.";
# include /etc/nginx/conf.d/*.conf;
# }