1 # For more information on configuration, see:
2 # * Official English Documentation: http://nginx.org/en/docs/
3 # * Official Russian Documentation: http://nginx.org/ru/docs/
7 error_log /var/log/nginx/error.log;
8 pid /var/run/nginx.pid;
10 # Load dynamic modules first
11 include modules.d/*.conf;
14 worker_connections 2048;
19 log_format main '$remote_addr - $remote_user [$time_local] "$request" '
20 '$status $body_bytes_sent "$http_referer" '
21 '"$http_user_agent" "$http_x_forwarded_for"';
22 access_log /var/log/nginx/access.log main;
28 types_hash_max_size 2048;
30 include /etc/nginx/mime.types;
31 default_type application/octet-stream;
33 # Load modular configuration files from the /etc/nginx/conf.d directory.
34 # See http://nginx.org/en/docs/ngx_core_module.html#include
35 # for more information.
36 include /etc/nginx/conf.d/*.conf;
39 listen 80 default_server;
40 listen [::]:80 default_server;
43 # https://wiki.mozilla.org/Security/Server_Side_TLS
44 #listen 443 ssl http2 default_server;
45 #listen [::]:443 ssl http2 default_server;
47 # Certs sent to the client in SERVER HELLO are concatenated in ssl_certificate
48 #ssl_certificate /etc/nginx/server.crt;
49 #ssl_certificate_key /etc/nginx/server.key;
51 # Session resumption (caching)
52 #ssl_session_timeout 1d;
53 #ssl_session_cache shared:SSL:50m;
54 #ssl_session_tickets off;
56 # Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits
57 #ssl_dhparam /etc/nginx/dhparam.pem;
59 # modern tweak to your needs.
60 # https://ssl-config.mozilla.org/#server=nginx&server-version=1.17.0&config=intermediate
62 # intermediate configuration
63 # ssl_protocols TLSv1.2 TLSv1.3;
64 # ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
65 # ssl_prefer_server_ciphers off;
67 # HSTS (ngx_http_headers_module is required) (63072000 seconds)
68 # add_header Strict-Transport-Security "max-age=63072000" always;
71 # fetch OCSP records from URL in ssl_certificate and cache them
73 #ssl_stapling_verify on;
75 # verify chain of trust of OCSP response using Root CA and Intermediate certs
76 #ssl_trusted_certificate /etc/nginx/ca.crt;
78 access_log /var/log/nginx/access.log main;
82 root /home/services/nginx/html;
83 index index.html index.htm index.php;
86 # Load configuration files for the default server block.
87 include webapps.d/*.conf;
90 include vhosts.d/*.conf;