forked from mempool/mempool
-
Notifications
You must be signed in to change notification settings - Fork 0
/
nginx.conf
154 lines (137 loc) · 3.46 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
user nobody;
pid /var/run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 100000;
events {
worker_connections 9000;
multi_accept on;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
server_name_in_redirect off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
# reset timed out connections freeing ram
reset_timedout_connection on;
# maximum time between packets the client can pause when sending nginx any data
client_body_timeout 10s;
# maximum time the client has to send the entire header to nginx
client_header_timeout 10s;
# timeout which a single keep-alive client connection will stay open
keepalive_timeout 69s;
# maximum time between packets nginx is allowed to pause when sending the client data
send_timeout 69s;
# number of requests per connection, does not affect SPDY
keepalive_requests 1337;
# enable gzip compression
gzip on;
gzip_vary on;
gzip_comp_level 6;
gzip_min_length 1000;
gzip_proxied expired no-cache no-store private auth;
# text/html is always compressed by gzip module
gzip_types application/javascript application/json application/ld+json application/manifest+json application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard;
# limit request body size
client_max_body_size 10m;
# proxy cache
proxy_cache off;
proxy_cache_path /var/cache/nginx keys_zone=cache:20m levels=1:2 inactive=600s max_size=500m;
types_hash_max_size 2048;
# exempt localhost from rate limit
geo $limited_ip {
default 1;
127.0.0.1 0;
}
map $limited_ip $limited_ip_key {
1 $binary_remote_addr;
0 '';
}
# rate limit requests
limit_req_zone $limited_ip_key zone=api:5m rate=200r/m;
limit_req_zone $limited_ip_key zone=electrs:5m rate=2000r/m;
limit_req_status 429;
# rate limit connections
limit_conn_zone $limited_ip_key zone=websocket:10m;
limit_conn_status 429;
map $http_accept_language $header_lang {
default en-US;
~*^en-US en-US;
~*^en en-US;
~*^ar ar;
~*^ca ca;
~*^cs cs;
~*^de de;
~*^es es;
~*^fa fa;
~*^fr fr;
~*^ko ko;
~*^it it;
~*^he he;
~*^ka ka;
~*^hu hu;
~*^mk mk;
~*^nl nl;
~*^ja ja;
~*^nb nb;
~*^pl pl;
~*^pt pt;
~*^ro ro;
~*^ru ru;
~*^sl sl;
~*^fi fi;
~*^sv sv;
~*^th th;
~*^tr tr;
~*^uk uk;
~*^vi vi;
~*^zh zh;
~*^hi hi;
~*^ne ne;
~*^lt lt;
}
map $cookie_lang $lang {
default $header_lang;
~*^en-US en-US;
~*^en en-US;
~*^ar ar;
~*^ca ca;
~*^cs cs;
~*^de de;
~*^es es;
~*^fa fa;
~*^fr fr;
~*^ko ko;
~*^it it;
~*^he he;
~*^ka ka;
~*^hu hu;
~*^mk mk;
~*^nl nl;
~*^ja ja;
~*^nb nb;
~*^pl pl;
~*^pt pt;
~*^ro ro;
~*^ru ru;
~*^sl sl;
~*^fi fi;
~*^sv sv;
~*^th th;
~*^tr tr;
~*^uk uk;
~*^vi vi;
~*^zh zh;
~*^hi hi;
~*^ne ne;
~*^lt lt;
}
server {
listen 127.0.0.1:80;
include /etc/nginx/nginx-mempool.conf;
}
}