128 lines
4.3 KiB
Nginx Configuration File
128 lines
4.3 KiB
Nginx Configuration File
# /etc/nginx/nginx.conf
|
|
|
|
user www-data;
|
|
# you must set worker processes based on your CPU cores, nginx does not benefit from setting more than that
|
|
worker_processes 8; #some last versions calculate it automatically
|
|
|
|
# number of file descriptors used for nginx
|
|
# the limit for the maximum FDs on the server is usually set by the OS.
|
|
# if you don't set FD's then OS settings will be used which is by default 2000
|
|
# worker_rlimit_nofile 300000;
|
|
worker_rlimit_nofile 30000;
|
|
|
|
pid /run/nginx.pid;
|
|
|
|
# provides the configuration file context in which the directives that affect connection processing are specified.
|
|
events {
|
|
# determines how much clients will be served per worker
|
|
# max clients = worker_connections * worker_processes
|
|
# max clients is also limited by the number of socket connections available on the system (~64k)
|
|
# worker_connections 4000;
|
|
worker_connections 8192;
|
|
|
|
# optmized to serve many clients with each thread, essential for linux -- for testing environment
|
|
use epoll;
|
|
|
|
# accept as many connections as possible, may flood worker connections if set too low -- for testing environment
|
|
multi_accept on;
|
|
}
|
|
|
|
http {
|
|
##
|
|
# Logging Settings
|
|
##
|
|
access_log /var/log/nginx/access.log;
|
|
error_log /var/log/nginx/error.log;
|
|
|
|
# cache informations about FDs, frequently accessed files
|
|
# can boost performance, but you need to test those values
|
|
open_file_cache max=200000 inactive=20s;
|
|
open_file_cache_valid 30s;
|
|
open_file_cache_min_uses 2;
|
|
open_file_cache_errors on;
|
|
|
|
# to boost I/O on HDD we can disable access logs
|
|
access_log off;
|
|
|
|
# copies data between one FD and other from within the kernel
|
|
# faster then read() + write()
|
|
sendfile on;
|
|
|
|
# send headers in one peace, its better then sending them one by one
|
|
tcp_nopush on;
|
|
|
|
# don't buffer data sent, good for small data bursts in real time
|
|
tcp_nodelay on;
|
|
|
|
##
|
|
# Gzip Settings
|
|
##
|
|
# reduce the data that needs to be sent over network -- for testing environment
|
|
gzip on;
|
|
gzip_min_length 10240;
|
|
gzip_proxied expired no-cache no-store private auth;
|
|
gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/json application/xml;
|
|
gzip_disable msie6;
|
|
|
|
# allow the server to close connection on non responding client, this will free up memory
|
|
reset_timedout_connection on;
|
|
|
|
# request timed out -- default 60
|
|
# client_body_timeout 10;
|
|
|
|
# if client stop responding, free up memory -- default 60
|
|
send_timeout 2;
|
|
|
|
# server will close connection after this time -- default 75
|
|
keepalive_timeout 65;
|
|
|
|
# number of requests client can make over keep-alive -- for testing environment
|
|
keepalive_requests 100000;
|
|
|
|
types_hash_max_size 2048;
|
|
server_tokens off;
|
|
|
|
server_names_hash_bucket_size 64;
|
|
# server_name_in_redirect off;
|
|
|
|
include /etc/nginx/mime.types;
|
|
default_type application/octet-stream;
|
|
|
|
# ANTI DDoS
|
|
# limit the number of connections per single IP
|
|
limit_conn_zone $binary_remote_addr zone=conn_limit_per_ip:10m;
|
|
|
|
# limit the number of requests for a given session
|
|
limit_req_zone $binary_remote_addr zone=req_limit_per_ip:10m rate=5r/s;
|
|
|
|
# zone which we want to limit by upper values, we want limit whole server
|
|
server {
|
|
limit_conn conn_limit_per_ip 10;
|
|
limit_req zone=req_limit_per_ip burst=10 nodelay;
|
|
}
|
|
|
|
# if the request body size is more than the buffer size, then the entire (or partial)
|
|
# request body is written into a temporary file
|
|
client_body_buffer_size 128k;
|
|
|
|
# headerbuffer size for the request header from client -- for testing environment
|
|
client_header_buffer_size 300m;
|
|
|
|
# maximum number and size of buffers for large headers to read from client request
|
|
large_client_header_buffers 4 256k;
|
|
|
|
# read timeout for the request body from client -- for testing environment
|
|
client_body_timeout 3m;
|
|
|
|
# how long to wait for the client to send a request header -- for testing environment
|
|
client_header_timeout 3m;
|
|
|
|
fastcgi_buffers 64 16k;
|
|
fastcgi_buffer_size 32k;
|
|
fastcgi_connect_timeout 300;
|
|
fastcgi_send_timeout 300;
|
|
fastcgi_read_timeout 300;
|
|
|
|
include /etc/nginx/conf.d/*.conf;
|
|
include /etc/nginx/sites-enabled/*;
|
|
} |