forked from h5bp/server-configs
-
Notifications
You must be signed in to change notification settings - Fork 0
/
nginx.conf
126 lines (102 loc) · 3.68 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
# Set another default user than root for security reasons
user www www;
# As a thumb rule: One per CPU. If you are serving a large amount
# of static files, which requires blocking disk reads, you may want
# to increase this from the number of cpu_cores available on your
# system.
#
# The maximum number of connections for Nginx is calculated by:
# max_clients = worker_processes * worker_connections
worker_processes 1;
# Maximum file descriptors that can be opened per process
# This should be > worker_connections
worker_rlimit_nofile 8192;
events {
# When you need > 8000 * cpu_cores connections, you start optimizing
# your OS, and this is probably the point at where you hire people
# who are smarter than you, this is *a lot* of requests.
worker_connections 8000;
}
# Change these paths to somewhere that suits you!
error_log logs/error.log;
pid logs/nginx.pid;
http {
# Set the mime-types via the mime.types external file
include nginx-mime.types;
# And the fallback mime-type
default_type application/octet-stream;
# Format for our log files
log_format main '$remote_addr - $remote_user [$time_local] $status '
'"$request" $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# Click tracking!
access_log logs/access.log main;
# ~2 seconds is often enough for HTML/CSS, but connections in
# Nginx are cheap, so generally it's safe to increase it
keepalive_timeout 20;
# You usually want to serve static files with Nginx
sendfile on;
tcp_nopush on; # off may be better for Comet/long-poll stuff
tcp_nodelay off; # on may be better for Comet/long-poll stuff
# Enable Gzip:
gzip on;
gzip_http_version 1.0;
gzip_comp_level 5;
gzip_min_length 512;
gzip_buffers 4 8k;
gzip_proxied any;
gzip_types
# text/html is always compressed by HttpGzipModule
text/css
text/javascript
text/xml
text/plain
text/x-component
application/javascript
application/json
application/xml
application/rss+xml
font/truetype
font/opentype
application/vnd.ms-fontobject
image/svg+xml;
# This should be turned on if you are going to have pre-compressed copies (.gz) of
# static files available. If not it should be left off as it will cause extra I/O
# for the check. It would be better to enable this in a location {} block for
# a specific directory:
# gzip_static on;
gzip_disable "MSIE [1-6]\.";
gzip_vary on;
server {
# listen 80 default_server deferred; # for Linux
# listen 80 default_server accept_filter=httpready; # for FreeBSD
listen 80 default_server;
# e.g. "localhost" to accept all connections, or "www.example.com"
# to handle the requests for "example.com" (and www.example.com)
# server_name www.example.com;
# Path for static files
root /sites/example.com/public;
# Custom 404 page
error_page 404 /404.html;
# This is pretty long expiry and assume your using
# cachebusting with query params like
# <script src="application.js?20110529">
#
# Just be careful if your using this on a frequently
# updated static site. You may want to crank this back
# to 5m which is 5 minutes.
expires 1M; # yes one month
# Static assets
location ~* ^.+\.(manifest|appcache)$ {
expires -1;
access_log logs/static.log;
}
# Set expires max on static file types (make sure you are using cache busting filenames or query params):
location ~* ^.+\.(css|js|jpg|jpeg|gif|png|ico|gz|svg|svgz|ttf|otf|woff|eot|mp4|ogg|ogv|webm)$ {
expires max;
access_log off;
}
# opt-in to the future
add_header "X-UA-Compatible" "IE=Edge,chrome=1";
}
}