aahan · August 15, 2016 11:18
diff --git a/nginx.conf b/nginx.conf
 upstream phpfpm {
 	server unix:/var/run/php5-fpm.sock;
 }

 upstream hhvm {
 	server unix:/var/run/hhvm/hhvm.sock;
 }

 # SSL
 ssl_protocols             TLSv1 TLSv1.1 TLSv1.2;
 ssl_prefer_server_ciphers on;
 ssl_ciphers               ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
 ssl_buffer_size           8k;
 spdy_headers_comp         6;

 fastcgi_cache_path /var/cache/nginx levels=1:2 keys_zone=microcache_fpm:30m max_size=1000m;
diff --git a/nginx.erb b/nginx.erb
 server {
 	listen 80;
 	<% if @use_ssl %>
 	listen 443 ssl spdy;
 	ssl_certificate ssl/<%= @domain %>/server.crt;
 	ssl_certificate_key ssl/<%= @domain %>/server.key;
 	<% end %>
 	server_name <%= @domain %><% if @also_www %> www.<%= @domain %><% end %>;
 	access_log  /var/log/nginx/access.log main;

 	root /srv/www/<%= @path %>;
 	index index.html index.htm index.php;

 	include sites-available/custom/<%= @domain %>;

 	location ~ \.(jpe?g|gif|png|css|bmp|js|ico)$ {
 		expires 30d;
 	}

 	location / {
 		try_files $uri $uri/ /index.php$is_args$args;
 	}

 	# redirect server error pages to the static page /50x.html
 	#
 	error_page   500 502 503 504  /50x.html;
 	location = /50x.html {
 		root /var/www/nginx-default;
 	}

 	location ~ /\.ht[a-z]+$ {
 		deny all;
 	}

 	location ~ \.php$ {
 		# Set some proxy cache stuff
 		fastcgi_cache microcache_fpm;
 		fastcgi_cache_key $scheme$host$request_method$request_uri;
 		fastcgi_cache_valid 200 5s;
 		fastcgi_cache_use_stale updating;
 		fastcgi_max_temp_file_size 1M;
 		fastcgi_cache_min_uses 3; # Hit a URL 3 times before caching it

 		set $no_cache_set  0;
 		set $no_cache_get  0;

 		set $temp_caching_exemption 0;
 		if ($request_method !~ ^(GET|HEAD)$) {
 			set $temp_caching_exemption 1;
 		}

 		if ( $temp_caching_exemption = 1 ) {
 			add_header Set-Cookie "_mcnc=1; Max-Age=10; Path=/";
 		}

 		# Bypass cache if no-cache cookie is set
 		if ( $http_cookie ~* "_mcnc" ) {
 			set $no_cache_set 1;
 			set $no_cache_get 1;
 		}

 		if ( $http_cookie ~* "comment_author_|wordpress_(?!test_cookie)|wp-postpass_" ) {
 			set $no_cache_set 1;
 			set $no_cache_get 1;
 		}

 		# fastcgi_no_cache means "Do not store this proxy response in the cache"
 		fastcgi_no_cache $no_cache_set;
 		# fastcgi_cache_bypass means "Do not look in the cache for this request"
 		fastcgi_cache_bypass $no_cache_get;


 		include        /etc/nginx/fastcgi_params;
 		fastcgi_index  index.php;
 		try_files      $uri =404;

 		<% if @hhvm %>
 		fastcgi_keep_conn on;
 		fastcgi_pass hhvm;
 		<% else %>
 		fastcgi_pass phpfpm;
 		<% end %>
 	}

 }
	upstream phpfpm {
	server unix:/var/run/php5-fpm.sock;
	}

	upstream hhvm {
	server unix:/var/run/hhvm/hhvm.sock;
	}

	# SSL
	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_prefer_server_ciphers on;
	ssl_ciphers ECDH+AESGCM:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:ECDH+3DES:DH+3DES:RSA+AESGCM:RSA+AES:RSA+3DES:!aNULL:!MD5:!DSS;
	ssl_buffer_size 8k;
	spdy_headers_comp 6;

	fastcgi_cache_path /var/cache/nginx levels=1:2 keys_zone=microcache_fpm:30m max_size=1000m;
	server {
	listen 80;
	<% if @use_ssl %>
	listen 443 ssl spdy;
	ssl_certificate ssl/<%= @domain %>/server.crt;
	ssl_certificate_key ssl/<%= @domain %>/server.key;
	<% end %>
	server_name <%= @domain %><% if @also_www %> www.<%= @domain %><% end %>;
	access_log /var/log/nginx/access.log main;

	root /srv/www/<%= @path %>;
	index index.html index.htm index.php;

	include sites-available/custom/<%= @domain %>;

	location ~ \.(jpe?g\|gif\|png\|css\|bmp\|js\|ico)$ {
	expires 30d;
	}

	location / {
	try_files $uri $uri/ /index.php$is_args$args;
	}

	# redirect server error pages to the static page /50x.html
	#
	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
	root /var/www/nginx-default;
	}

	location ~ /\.ht[a-z]+$ {
	deny all;
	}

	location ~ \.php$ {
	# Set some proxy cache stuff
	fastcgi_cache microcache_fpm;
	fastcgi_cache_key $scheme$host$request_method$request_uri;
	fastcgi_cache_valid 200 5s;
	fastcgi_cache_use_stale updating;
	fastcgi_max_temp_file_size 1M;
	fastcgi_cache_min_uses 3; # Hit a URL 3 times before caching it

	set $no_cache_set 0;
	set $no_cache_get 0;

	set $temp_caching_exemption 0;
	if ($request_method !~ ^(GET\|HEAD)$) {
	set $temp_caching_exemption 1;
	}

	if ( $temp_caching_exemption = 1 ) {
	add_header Set-Cookie "_mcnc=1; Max-Age=10; Path=/";
	}

	# Bypass cache if no-cache cookie is set
	if ( $http_cookie ~* "_mcnc" ) {
	set $no_cache_set 1;
	set $no_cache_get 1;
	}

	if ( $http_cookie ~* "comment_author_\|wordpress_(?!test_cookie)\|wp-postpass_" ) {
	set $no_cache_set 1;
	set $no_cache_get 1;
	}

	# fastcgi_no_cache means "Do not store this proxy response in the cache"
	fastcgi_no_cache $no_cache_set;
	# fastcgi_cache_bypass means "Do not look in the cache for this request"
	fastcgi_cache_bypass $no_cache_get;


	include /etc/nginx/fastcgi_params;
	fastcgi_index index.php;
	try_files $uri =404;

	<% if @hhvm %>
	fastcgi_keep_conn on;
	fastcgi_pass hhvm;
	<% else %>
	fastcgi_pass phpfpm;
	<% end %>
	}

	}