86 lines
1.5 KiB
Nginx Configuration File
86 lines
1.5 KiB
Nginx Configuration File
# /etc/nginx/nginx.conf
|
|
|
|
# do not run as daemon
|
|
daemon off;
|
|
|
|
# do NOT run as root
|
|
user nginx;
|
|
|
|
# worker number = CPU core(s)
|
|
worker_processes auto;
|
|
|
|
# faster regexp
|
|
pcre_jit on;
|
|
|
|
# display warnings and errors on stderr
|
|
error_log stderr warn;
|
|
|
|
# config files for dynamic modules
|
|
include /etc/nginx/modules/*.conf;
|
|
|
|
events {
|
|
# max connections per worker
|
|
worker_connections 1024;
|
|
|
|
# epoll seems to be the best on Linux
|
|
use epoll;
|
|
}
|
|
|
|
http {
|
|
# zero copy within the kernel
|
|
sendfile on;
|
|
|
|
# send packets only if filled
|
|
tcp_nopush on;
|
|
|
|
# remove 200ms delay
|
|
tcp_nodelay on;
|
|
|
|
# load mime types and set default one
|
|
include /etc/nginx/mime.types;
|
|
default_type application/octet-stream;
|
|
|
|
# load gzip custom config
|
|
include /etc/nginx/gzip.conf;
|
|
|
|
# maximum request body size
|
|
client_max_body_size %MAX_CLIENT_SIZE%;
|
|
|
|
# load caching custom config
|
|
include /etc/nginx/cache.conf;
|
|
|
|
# close connections in FIN_WAIT1 state
|
|
reset_timedout_connection on;
|
|
|
|
# timeouts
|
|
client_body_timeout 12;
|
|
client_header_timeout 12;
|
|
keepalive_timeout 15;
|
|
send_timeout 10;
|
|
|
|
# enable/disable sending nginx version
|
|
server_tokens %SERVER_TOKENS%;
|
|
|
|
# display standard logs on stdout
|
|
access_log /dev/stdout;
|
|
|
|
# server config
|
|
include /etc/nginx/server.conf;
|
|
|
|
# disable default server
|
|
%DISABLE_DEFAULT_SERVER%
|
|
|
|
# geoip2 config
|
|
geoip2 /etc/nginx/geoip.mmdb {
|
|
auto_reload 5m;
|
|
$geoip2_metadata_country_build metadata build_epoch;
|
|
$geoip2_data_country_code country iso_code;
|
|
}
|
|
|
|
# check if user agent is blocked
|
|
%BLOCK_USER_AGENT%
|
|
|
|
# enable ModSecurity
|
|
%USE_MODSECURITY%
|
|
}
|