122 lines
2.8 KiB
Nginx Configuration File
122 lines
2.8 KiB
Nginx Configuration File
daemon on;
|
|
user www-data;
|
|
worker_processes 1;
|
|
pid /run/nginx.pid;
|
|
pcre_jit on;
|
|
worker_rlimit_nofile 100000;
|
|
worker_shutdown_timeout 30m;
|
|
|
|
events {
|
|
worker_connections 100000;
|
|
multi_accept on;
|
|
}
|
|
|
|
http {
|
|
##
|
|
# Basic Settings
|
|
##
|
|
|
|
sendfile on;
|
|
aio threads;
|
|
aio_write on;
|
|
tcp_nopush on;
|
|
tcp_nodelay on;
|
|
keepalive_timeout 65;
|
|
types_hash_max_size 2048;
|
|
server_tokens off;
|
|
client_max_body_size 10G;
|
|
proxy_http_version 1.1;
|
|
proxy_buffering off;
|
|
|
|
client_body_timeout 10s;
|
|
client_header_timeout 10s;
|
|
|
|
server_names_hash_bucket_size 32768;
|
|
server_names_hash_max_size 1024;
|
|
server_name_in_redirect off;
|
|
port_in_redirect off;
|
|
charset UTF-8;
|
|
index index.html index.htm index.php index.hosting.html;
|
|
disable_symlinks if_not_owner;
|
|
|
|
include /etc/nginx/mime.types;
|
|
default_type application/octet-stream;
|
|
|
|
map $sent_http_content_type $expires {
|
|
default off;
|
|
~image/ 10d;
|
|
~video/ 10d;
|
|
~audio/ 10d;
|
|
text/css 10d;
|
|
application/javascript 10d;
|
|
}
|
|
expires $expires;
|
|
|
|
map $http_x_forwarded_proto $php_scheme {
|
|
default $scheme;
|
|
http "http";
|
|
https "https";
|
|
}
|
|
map $http_x_forwarded_proto $php_https {
|
|
default "";
|
|
https "on";
|
|
}
|
|
map $http_x_forwarded_proto $php_port {
|
|
default 80;
|
|
https 443;
|
|
}
|
|
|
|
##
|
|
# Logging Settings
|
|
##
|
|
log_format custom '$host: 0.0.0.0 - $remote_user [$time_local] "$request" $status $bytes_sent "$http_referer" "$http_user_agent"';
|
|
access_log /var/log/nginx/access.log custom buffer=32k flush=1m;
|
|
error_log /var/log/nginx/error.log notice;
|
|
log_not_found off;
|
|
|
|
##
|
|
# Gzip Settings
|
|
##
|
|
|
|
gzip on;
|
|
gzip_vary on;
|
|
gzip_proxied any;
|
|
gzip_comp_level 6;
|
|
# gzip_buffers 16 8k;
|
|
# gzip_http_version 1.1;
|
|
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml image/x-icon;
|
|
|
|
brotli on;
|
|
brotli_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml image/x-icon;
|
|
|
|
fastcgi_index index.php;
|
|
fastcgi_read_timeout 30m;
|
|
fastcgi_max_temp_file_size 0;
|
|
fastcgi_buffer_size 8K;
|
|
fastcgi_buffers 32 8k;
|
|
fastcgi_cache fcache;
|
|
fastcgi_cache_path /tmp/nginx/ levels=2 keys_zone=fcache:5m inactive=1h max_size=1G;
|
|
fastcgi_cache_key $server_name$request_method$host$request_uri;
|
|
|
|
ssl_protocols TLSv1.2 TLSv1.3;
|
|
ssl_prefer_server_ciphers on;
|
|
ssl_ecdh_curve X448:X25519:secp521r1:secp384r1:prime256v1;
|
|
ssl_ciphers HIGH:!PSK:!RSA:!aNULL:!MD5:!SHA:!CAMELLIA:!AES+SHA256:!AES+SHA384;
|
|
ssl_session_cache shared:SSL:10m;
|
|
ssl_stapling on;
|
|
ssl_stapling_verify on;
|
|
# ssl_certificate /etc/acme.sh/hosting.danwin1210.me_ecc/fullchain.cer;
|
|
# ssl_certificate_key /etc/acme.sh/hosting.danwin1210.me_ecc/hosting.danwin1210.me.key;
|
|
# ssl_dhparam /etc/nginx/dh4096.pem;
|
|
|
|
##
|
|
# Virtual Host Configs
|
|
##
|
|
|
|
include /etc/nginx/sites-enabled/*;
|
|
}
|
|
|
|
stream {
|
|
include /etc/nginx/streams-enabled/*;
|
|
}
|