nginx.conf

# Load Dynamic Modules
# load_module "modules/ngx_http_perl_module.so";
# load_module "modules/ngx_http_uploadprogress_module.so";
# load_module "modules/ngx_http_geoip_module.so";
# load_module "modules/ngx_http_headers_more_filter_module.so";
# load_module "modules/ngx_http_image_filter_module.so";
# load_module "modules/ngx_http_vhost_traffic_status_module.so";

# Run as a unique, less privileged user for security reasons.
user  nginx;

# Sets the worker threads to the number of CPU cores available in the system for best performance.
# Should be > the number of CPU cores.
# Maximum number of connections = worker_processes * worker_connections
worker_processes auto;

# Maximum number of open files per worker process.
# Should be > worker_connections.
worker_rlimit_nofile 8192;

events {
  # If you need more connections than this, you start optimizing your OS.
  # That's probably the point at which you hire people who are smarter than you as this is *a lot* of requests.
  # Should be < worker_rlimit_nofile.
  worker_connections 8000;
}

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;

http {
  # Hide nginx version information.
  server_tokens off;

  # Increase data size allowed to store virtual server names
  server_names_hash_max_size 2048;

  # Reserve 8MB under the name 'proxied' to track uploads
  # upload_progress proxied 8m;

  # Enable VTS Zone stats
  # vhost_traffic_status_zone;
  # vhost_traffic_status_filter_by_host on;

  # Specify MIME types for files.
  include       /etc/nginx/mime.types;
  default_type  application/octet-stream;

  # Update charset_types to match updated mime.types.
  # text/html is always included by charset module.
  charset_types text/css text/plain text/vnd.wap.wml application/javascript application/json application/rss+xml application/xml;

  # Include $http_x_forwarded_for within default format used in log files
  log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                    '$status $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for"';

  # Log access to this file
  # This is only used when you don't override it on a server{} level
  access_log logs/access.log main;

  # How long to allow each connection to stay idle.
  # Longer values are better for each individual client, particularly for SSL,
  # but means that worker connections are tied up longer.
  keepalive_timeout  15s;
  keepalive_requests 150;

  # Speed up file transfers by using sendfile() to copy directly
  # between descriptors rather than using read()/write().
  # For performance reasons, on FreeBSD systems w/ ZFS
  # this option should be disabled as ZFS's ARC caches
  # frequently used files in RAM by default.
  sendfile        on;

  # Don't send out partial frames; this increases throughput
  # since TCP frames are filled up before being sent out.
  tcp_nopush      on;
  tcp_nodelay     on;

  # Update request body data variants
  client_body_temp_path /var/nginx/cache/client_body 1 2;
  client_max_body_size 192m;
  client_body_buffer_size 2048k;
  client_body_timeout 30;

  # Ignore header fields with invalid names.
  # Valid names are composed of English letters, digits, hyphens, and possibly underscores
  ignore_invalid_headers on;

  # Disable the use of the primary server name, specified by the server_name directive, in absolute redirects
  server_name_in_redirect off;

  # Include general configurations
  include conf.d/*.conf;

  # Include files in the sites-enabled folder. server{} configuration files should be
  # placed in the sites-available folder, and then the configuration should be enabled
  # by creating a symlink to it in the sites-enabled folder.
  # See doc/sites-enabled.md for more info.
  include sites-enabled/*.conf;
}