|
|
@@ -0,0 +1,157 @@ |
|
|
user root; |
|
|
|
|
|
# One worker process per CPU core. |
|
|
worker_processes 8; |
|
|
|
|
|
# Also set |
|
|
# /etc/security/limits.conf |
|
|
# root soft nofile 65535 |
|
|
# root hard nofile 65535 |
|
|
# /etc/default/nginx |
|
|
# ULIMIT="-n 65535" |
|
|
worker_rlimit_nofile 65536; |
|
|
|
|
|
pid /run/nginx.pid; |
|
|
|
|
|
events { |
|
|
|
|
|
# |
|
|
# Determines how many clients will be served by each worker process. |
|
|
# (Max clients = worker_connections * worker_processes) |
|
|
# Should be equal to `ulimit -n` |
|
|
# |
|
|
worker_connections 65535; |
|
|
|
|
|
# |
|
|
# Let each process accept multiple connections. |
|
|
# Accept as many connections as possible, after nginx gets notification |
|
|
# about a new connection. |
|
|
# May flood worker_connections, if that option is set too low. |
|
|
# |
|
|
multi_accept on; |
|
|
|
|
|
# |
|
|
# Preferred connection method for newer linux versions. |
|
|
# Essential for linux, optmized to serve many clients with each thread. |
|
|
# |
|
|
use epoll; |
|
|
} |
|
|
|
|
|
http { |
|
|
|
|
|
## |
|
|
# Basic Settings |
|
|
## |
|
|
|
|
|
# |
|
|
# Override some buffer limitations, will prevent DDOS too. |
|
|
# |
|
|
client_body_buffer_size 10K; |
|
|
client_header_buffer_size 1k; |
|
|
client_max_body_size 8m; |
|
|
large_client_header_buffers 2 1k; |
|
|
|
|
|
# |
|
|
# Timeouts |
|
|
# The client_body_timeout and client_header_timeout directives are |
|
|
# responsible for the time a server will wait for a client body or |
|
|
# client header to be sent after request. If neither a body or header |
|
|
# is sent, the server will issue a 408 error or Request time out. |
|
|
# |
|
|
# The keepalive_timeout assigns the timeout for keep-alive connections |
|
|
# with the client. Simply put, Nginx will close connections with the |
|
|
# client after this period of time. |
|
|
# |
|
|
# Finally, the send_timeout is a timeout for transmitting a response |
|
|
# to the client. If the client does not receive anything within this |
|
|
# time, then the connection will be closed. |
|
|
# |
|
|
|
|
|
# |
|
|
# send the client a "request timed out" if the body is not loaded |
|
|
# by this time. Default 60. |
|
|
# |
|
|
client_body_timeout 32; |
|
|
client_header_timeout 32; |
|
|
|
|
|
# |
|
|
# Every 60 seconds server broadcasts Sync packets, so 90 is |
|
|
# a conservative upper bound. |
|
|
# |
|
|
keepalive_timeout 90; # default 65 |
|
|
send_timeout 120; # default 60 |
|
|
|
|
|
# |
|
|
# Allow the server to close the connection after a client stops |
|
|
# responding. |
|
|
# Frees up socket-associated memory. |
|
|
# |
|
|
reset_timedout_connection on; |
|
|
|
|
|
# |
|
|
# Open file descriptors. |
|
|
# Caches information about open FDs, freqently accessed files. |
|
|
# |
|
|
open_file_cache max=200000 inactive=20s; |
|
|
open_file_cache_valid 30s; |
|
|
open_file_cache_min_uses 2; |
|
|
open_file_cache_errors on; |
|
|
|
|
|
# |
|
|
# Sendfile copies data between one FD and other from within the kernel. |
|
|
# More efficient than read() + write(), since the requires transferring |
|
|
# data to and from the user space. |
|
|
# |
|
|
sendfile on; |
|
|
|
|
|
# Tcp_nopush causes nginx to attempt to send its HTTP response head in one |
|
|
# packet, instead of using partial frames. This is useful for prepending |
|
|
# headers before calling sendfile, or for throughput optimization. |
|
|
tcp_nopush on; |
|
|
|
|
|
# |
|
|
# don't buffer data-sends (disable Nagle algorithm). Good for sending |
|
|
# frequent small bursts of data in real time. |
|
|
# |
|
|
tcp_nodelay on; |
|
|
|
|
|
|
|
|
types_hash_max_size 2048; |
|
|
|
|
|
include /etc/nginx/mime.types; |
|
|
default_type application/octet-stream; |
|
|
|
|
|
## |
|
|
# Logging Settings |
|
|
## |
|
|
|
|
|
# |
|
|
# Use analytics to track stuff instead of using precious file IO resources. |
|
|
# Disabling logging speeds up IO. |
|
|
# |
|
|
access_log off; |
|
|
error_log /root/PROJECTS/logs/error.log crit; |
|
|
|
|
|
## |
|
|
# Gzip Settings |
|
|
## |
|
|
|
|
|
gzip on; |
|
|
gzip_disable "MSIE [1-6]\."; |
|
|
|
|
|
# Only allow proxy request with these headers to be gzipped. |
|
|
gzip_proxied expired no-cache no-store private auth; |
|
|
|
|
|
# Default is 6 (1<n<9), but 2 -- even 1 -- is enough. The higher it is, the |
|
|
# more CPU cycles will be wasted. |
|
|
gzip_comp_level 9; |
|
|
gzip_min_length 500; # Default 20 |
|
|
|
|
|
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript; |
|
|
|
|
|
## |
|
|
# Virtual Host Configs |
|
|
## |
|
|
|
|
|
include /etc/nginx/conf.d/*.conf; |
|
|
} |
v0lkan revised this gist