projects / packages / nginx.git / blame
| Commit | Line | Data |
|---|---|---|
| 0ccf3faa | 1 | user nginx nginx; |
| 2 | worker_processes 5; | |
| 3 | error_log /var/log/nginx/nginx-standard_error.log; | |
| 4 | pid /var/run/nginx-standard.pid; | |
| 5 | ||
| 6 | events { | |
| 7 | worker_connections 2048; | |
| 8 | use epoll; | |
| 9 | } | |
| 10 | ||
| 11 | http { | |
| 12 | include /etc/nginx/mime.types; | |
| 13 | default_type application/octet-stream; | |
| 14 | ||
| 15 | log_format main '$remote_addr - $remote_user [$time_local] $request ' | |
| 16 | '"$status" $body_bytes_sent "$http_referer" ' | |
| 17 | '"$http_user_agent" "$http_x_forwarded_for"'; | |
| 18 | access_log /var/log/nginx/nginx-standard_access.log main; | |
| 19 | sendfile on; | |
| 20 | tcp_nopush on; | |
| 21 | tcp_nodelay on; | |
| 22 | server_names_hash_bucket_size 128; | |
| 3db17524 | 23 | types_hash_max_size 2048; |
| 24 | types_hash_bucket_size 64; | |
| 0ccf3faa | 25 | #keepalive_timeout 0; |
| 26 | keepalive_timeout 65; | |
| 27 | limit_zone test-limit $binary_remote_addr 10m; | |
| 28 | #gzip on; | |
| ea30028e | 29 | #gzip_http_version 1.0; |
| 30 | #gzip_comp_level 2; | |
| 31 | #gzip_proxied any; | |
| 32 | #gzip_types text/plain text/html text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript; | |
| 0ccf3faa | 33 | |
| 34 | server { | |
| 35 | listen 80; | |
| 3874fa8c JK |
36 | |
| 37 | # listen 443 ssl; | |
| 3d3034b5 AM |
38 | |
| 39 | # Leave only secure protocols (so disable unsecure SSLv2/SSLv3) | |
| 4e35999b | 40 | # ssl_protocols TLSv1 TLSv1.1 TLSv1.2; |
| 3d3034b5 AM |
41 | |
| 42 | # https://wiki.mozilla.org/Security/Server_Side_TLS | |
| 43 | # perfect forward secrecy | |
| d4cab47e | 44 | # ssl_prefer_server_ciphers on; |
| 3f78dfb7 | 45 | # ssl_ciphers "ECDHE-RSA-AES128-GCM-SHA256 ECDHE-ECDSA-AES128-GCM-SHA256 ECDHE-RSA-AES256-GCM-SHA384 ECDHE-ECDSA-AES256-GCM-SHA384 DHE-RSA-AES128-GCM-SHA256 DHE-DSS-AES128-GCM-SHA256 kEDH+AESGCM ECDHE-RSA-AES128-SHA256 ECDHE-ECDSA-AES128-SHA256 ECDHE-RSA-AES128-SHA ECDHE-ECDSA-AES128-SHA ECDHE-RSA-AES256-SHA384 ECDHE-ECDSA-AES256-SHA384 ECDHE-RSA-AES256-SHA ECDHE-ECDSA-AES256-SHA DHE-RSA-AES128-SHA256 DHE-RSA-AES128-SHA DHE-DSS-AES128-SHA256 DHE-RSA-AES256-SHA256 DHE-DSS-AES256-SHA DHE-RSA-AES256-SHA AES128-GCM-SHA256 AES256-GCM-SHA384 AES128-SHA256 AES256-SHA256 AES128-SHA AES256-SHA AES CAMELLIA DES-CBC3-SHA !aNULL !eNULL !EXPORT !DES !RC4 !MD5 !PSK !aECDH !EDH-DSS-DES-CBC3-SHA !EDH-RSA-DES-CBC3-SHA !KRB5-DES-CBC3-SHA"; |
| d4cab47e AM |
46 | |
| 47 | # Session resumption (caching) | |
| 48 | # ssl_session_cache shared:SSL:50m; | |
| 49 | # ssl_session_timeout 5m; | |
| 3d3034b5 | 50 | |
| 3874fa8c JK |
51 | # ssl_certificate /etc/nginx/server.crt; |
| 52 | # ssl_certificate_key /etc/nginx/server.key; | |
| 53 | ||
| 0ccf3faa | 54 | server_name localhost; |
| 55 | access_log /var/log/nginx/nginx-standard_access.log main; | |
| 56 | client_max_body_size 10M; | |
| 57 | ||
| 58 | location / { | |
| 59 | autoindex on; | |
| 60 | root /home/services/nginx/html; | |
| 61 | index index.html index.htm index.php; | |
| 62 | limit_conn test-limit 15; | |
| 63 | } | |
| 64 | ||
| 36b3be34 | 65 | include webapps.d/*.conf; |
| 0ccf3faa | 66 | |
| 67 | # location /nginx_status { | |
| 68 | # stub_status on; | |
| 69 | # access_log off; | |
| 70 | # allow 127.0.0.1; | |
| 71 | # deny all; | |
| 72 | # } | |
| 73 | ||
| 74 | # error_page 404 /404.html; | |
| 75 | # error_page 500 502 503 504 /50x.html; | |
| 76 | # location = /50x.html { | |
| 77 | # root /home/services/http/error-pages; | |
| 78 | # } | |
| 79 | # location = /404.html { | |
| 80 | # root /home/services/http/error-pages; | |
| 81 | # } | |
| 82 | ||
| 83 | # location ~ \.php$ { | |
| 84 | # include /etc/nginx/fastcgi.params; | |
| 85 | # fastcgi_pass 127.0.0.1:1026; | |
| 86 | # fastcgi_index index.php; | |
| 87 | # fastcgi_param SCRIPT_FILENAME /home/services/nginx/html$fastcgi_script_name; | |
| 88 | # } | |
| 89 | ||
| 90 | } | |
| 91 | ||
| 36b3be34 | 92 | include vhosts.d/*.conf; |
| 0ccf3faa | 93 | } |