Last active
October 21, 2024 16:48
-
-
Save demyanovs/e3b3a6153cc5bf9cb029f2a9abc3ec3f to your computer and use it in GitHub Desktop.
Nginx configuration and resources
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| events {} | |
| http { | |
| include mime.types; | |
| server { | |
| listen 80; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| try_files $uri /cat.png /greet @friendly_404; | |
| location @friendly_404 { | |
| return 404 "Sorry, that file could not be found."; | |
| } | |
| location /greet { | |
| return 200 "Hello User"; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| events {} | |
| http { | |
| include mime.types; | |
| server { | |
| listen 80; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| rewrite ^/user/(\w+) /greet/$1 last; | |
| rewrite ^/greet/john /thumb.png; | |
| location /greet { | |
| return 200 "Hello User"; | |
| } | |
| location = /greet/john { | |
| return 200 "Hello John"; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| events {} | |
| http { | |
| include mime.types; | |
| server { | |
| listen 80; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| location /secure { | |
| # Add context specific log | |
| access_log /var/log/nginx/secure.access.log; | |
| # Disable logs for context | |
| #access_log off; | |
| return 200 "Welcome to secure area."; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| events {} | |
| ###################### | |
| # (1) Array Directive | |
| ###################### | |
| # Can be specified multiple times without overriding a previous setting | |
| # Gets inherited by all child contexts | |
| # Child context can override inheritance by re-declaring directive | |
| access_log /var/log/nginx/access.log; | |
| access_log /var/log/nginx/custom.log.gz custom_format; | |
| http { | |
| # Include statement - non directive | |
| include mime.types; | |
| server { | |
| listen 80; | |
| server_name site1.com; | |
| # Inherits access_log from parent context (1) | |
| } | |
| server { | |
| listen 80; | |
| server_name site2.com; | |
| ######################### | |
| # (2) Standard Directive | |
| ######################### | |
| # Can only be declared once. A second declaration overrides the first | |
| # Gets inherited by all child contexts | |
| # Child context can override inheritance by re-declaring directive | |
| root /sites/site2; | |
| # Completely overrides inheritance from (1) | |
| access_log off; | |
| location /images { | |
| # Uses root directive inherited from (2) | |
| try_files $uri /stock.png; | |
| } | |
| location /secret { | |
| ####################### | |
| # (3) Action Directive | |
| ####################### | |
| # Invokes an action such as a rewrite or redirect | |
| # Inheritance does not apply as the request is either stopped (redirect/response) or re-evaluated (rewrite) | |
| return 403 "You do not have permission to view this."; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user www-data; | |
| events {} | |
| http { | |
| include mime.types; | |
| server { | |
| listen 80; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| index index.php index.html; | |
| location / { | |
| try_files $uri $uri/ =404; | |
| } | |
| location ~\.php$ { | |
| # Pass php requests to the php-fpm service (fastcgi) | |
| include fastcgi.conf; | |
| fastcgi_pass unix:/run/php/php7.1-fpm.sock; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user www-data; | |
| worker_processes auto; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| include mime.types; | |
| server { | |
| listen 80; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| index index.php index.html; | |
| location / { | |
| try_files $uri $uri/ =404; | |
| } | |
| location ~\.php$ { | |
| # Pass php requests to the php-fpm service (fastcgi) | |
| include fastcgi.conf; | |
| fastcgi_pass unix:/run/php/php7.1-fpm.sock; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user www-data; | |
| worker_processes auto; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| include mime.types; | |
| # Buffer size for POST submissions | |
| client_body_buffer_size 10K; | |
| client_max_body_size 8m; | |
| # Buffer size for Headers | |
| client_header_buffer_size 1k; | |
| # Max time to receive client headers/body | |
| client_body_timeout 12; | |
| client_header_timeout 12; | |
| # Max time to keep a connection open for | |
| keepalive_timeout 15; | |
| # Max time for the client accept/receive a response | |
| send_timeout 10; | |
| # Skip buffering for static files | |
| sendfile on; | |
| # Optimise sendfile packets | |
| tcp_nopush on; | |
| server { | |
| listen 80; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| index index.php index.html; | |
| location / { | |
| try_files $uri $uri/ =404; | |
| } | |
| location ~\.php$ { | |
| # Pass php requests to the php-fpm service (fastcgi) | |
| include fastcgi.conf; | |
| fastcgi_pass unix:/run/php/php7.1-fpm.sock; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user www-data; | |
| worker_processes auto; | |
| load_module modules/ngx_http_image_filter_module.so; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| include mime.types; | |
| # Buffer size for POST submissions | |
| client_body_buffer_size 10K; | |
| client_max_body_size 8m; | |
| # Buffer size for Headers | |
| client_header_buffer_size 1k; | |
| # Max time to receive client headers/body | |
| client_body_timeout 12; | |
| client_header_timeout 12; | |
| # Max time to keep a connection open for | |
| keepalive_timeout 15; | |
| # Max time for the client accept/receive a response | |
| send_timeout 10; | |
| # Skip buffering for static files | |
| sendfile on; | |
| # Optimise sendfile packets | |
| tcp_nopush on; | |
| server { | |
| listen 80; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| index index.php index.html; | |
| location / { | |
| try_files $uri $uri/ =404; | |
| } | |
| location ~\.php$ { | |
| # Pass php requests to the php-fpm service (fastcgi) | |
| include fastcgi.conf; | |
| fastcgi_pass unix:/run/php/php7.1-fpm.sock; | |
| } | |
| location = /thumb.png { | |
| image_filter rotate 180; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user www-data; | |
| worker_processes auto; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| include mime.types; | |
| server { | |
| listen 80; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| index index.php index.html; | |
| location / { | |
| try_files $uri $uri/ =404; | |
| } | |
| location ~\.php$ { | |
| # Pass php requests to the php-fpm service (fastcgi) | |
| include fastcgi.conf; | |
| fastcgi_pass unix:/run/php/php7.1-fpm.sock; | |
| } | |
| location ~* \.(css|js|jpg|png)$ { | |
| access_log off; | |
| add_header Cache-Control public; | |
| add_header Pragma public; | |
| add_header Vary Accept-Encoding; | |
| expires 1M; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user www-data; | |
| worker_processes auto; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| include mime.types; | |
| gzip on; | |
| gzip_comp_level 3; | |
| gzip_types text/css; | |
| gzip_types text/javascript; | |
| server { | |
| listen 80; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| index index.php index.html; | |
| location / { | |
| try_files $uri $uri/ =404; | |
| } | |
| location ~\.php$ { | |
| # Pass php requests to the php-fpm service (fastcgi) | |
| include fastcgi.conf; | |
| fastcgi_pass unix:/run/php/php7.1-fpm.sock; | |
| } | |
| location ~* \.(css|js|jpg|png)$ { | |
| access_log off; | |
| add_header Cache-Control public; | |
| add_header Pragma public; | |
| add_header Vary Accept-Encoding; | |
| expires 1M; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user www-data; | |
| worker_processes auto; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| include mime.types; | |
| # Configure microcache (fastcgi) | |
| fastcgi_cache_path /tmp/nginx_cache levels=1:2 keys_zone=ZONE_1:100m inactive=60m; | |
| fastcgi_cache_key "$scheme$request_method$host$request_uri"; | |
| add_header X-Cache $upstream_cache_status; | |
| server { | |
| listen 80; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| index index.php index.html; | |
| # Cache by default | |
| set $no_cache 0; | |
| # Check for cache bypass | |
| if ($arg_skipcache = 1) { | |
| set $no_cache 1; | |
| } | |
| location / { | |
| try_files $uri $uri/ =404; | |
| } | |
| location ~\.php$ { | |
| # Pass php requests to the php-fpm service (fastcgi) | |
| include fastcgi.conf; | |
| fastcgi_pass unix:/run/php/php7.1-fpm.sock; | |
| # Enable cache | |
| fastcgi_cache ZONE_1; | |
| fastcgi_cache_valid 200 60m; | |
| fastcgi_cache_bypass $no_cache; | |
| fastcgi_no_cache $no_cache; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # How To Create a Self-Signed SSL Certificate for Nginx in Ubuntu 16.04 | |
| # https://www.digitalocean.com/community/tutorials/how-to-create-a-self-signed-ssl-certificate-for-nginx-in-ubuntu-16-04 | |
| user www-data; | |
| worker_processes auto; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| include mime.types; | |
| server { | |
| listen 443 ssl http2; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| index index.php index.html; | |
| ssl_certificate /etc/nginx/ssl/self.crt; | |
| ssl_certificate_key /etc/nginx/ssl/self.key; | |
| location / { | |
| try_files $uri $uri/ =404; | |
| } | |
| location ~\.php$ { | |
| # Pass php requests to the php-fpm service (fastcgi) | |
| include fastcgi.conf; | |
| fastcgi_pass unix:/run/php/php7.1-fpm.sock; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user www-data; | |
| worker_processes auto; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| include mime.types; | |
| server { | |
| listen 443 ssl http2; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| index index.php index.html; | |
| ssl_certificate /etc/nginx/ssl/self.crt; | |
| ssl_certificate_key /etc/nginx/ssl/self.key; | |
| location = /index.html { | |
| http2_push /style.css; | |
| http2_push /thumb.png; | |
| } | |
| location / { | |
| try_files $uri $uri/ =404; | |
| } | |
| location ~\.php$ { | |
| # Pass php requests to the php-fpm service (fastcgi) | |
| include fastcgi.conf; | |
| fastcgi_pass unix:/run/php/php7.1-fpm.sock; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user www-data; | |
| worker_processes auto; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| include mime.types; | |
| # Redirect all traffic to HTTPS | |
| server { | |
| listen 80; | |
| server_name 167.99.93.26; | |
| return 301 https://$host$request_uri; | |
| } | |
| server { | |
| listen 443 ssl http2; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| index index.html; | |
| ssl_certificate /etc/nginx/ssl/self.crt; | |
| ssl_certificate_key /etc/nginx/ssl/self.key; | |
| # Disable SSL | |
| ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
| # Optimise cipher suits | |
| ssl_prefer_server_ciphers on; | |
| ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5; | |
| # Enable DH Params | |
| ssl_dhparam /etc/nginx/ssl/dhparam.pem; | |
| # Enable HSTS | |
| add_header Strict-Transport-Security "max-age=31536000" always; | |
| # SSL sessions | |
| ssl_session_cache shared:SSL:40m; | |
| ssl_session_timeout 4h; | |
| ssl_session_tickets on; | |
| location / { | |
| try_files $uri $uri/ =404; | |
| } | |
| location ~\.php$ { | |
| # Pass php requests to the php-fpm service (fastcgi) | |
| include fastcgi.conf; | |
| fastcgi_pass unix:/run/php/php7.1-fpm.sock; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user www-data; | |
| worker_processes auto; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| include mime.types; | |
| # Define limit zone | |
| limit_req_zone $request_uri zone=MYZONE:10m rate=1r/s; | |
| # Redirect all traffic to HTTPS | |
| server { | |
| listen 80; | |
| server_name 167.99.93.26; | |
| return 301 https://$host$request_uri; | |
| } | |
| server { | |
| listen 443 ssl http2; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| index index.html; | |
| ssl_certificate /etc/nginx/ssl/self.crt; | |
| ssl_certificate_key /etc/nginx/ssl/self.key; | |
| # Disable SSL | |
| ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
| # Optimise cipher suits | |
| ssl_prefer_server_ciphers on; | |
| ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5; | |
| # Enable DH Params | |
| ssl_dhparam /etc/nginx/ssl/dhparam.pem; | |
| # Enable HSTS | |
| add_header Strict-Transport-Security "max-age=31536000" always; | |
| # SSL sessions | |
| ssl_session_cache shared:SSL:40m; | |
| ssl_session_timeout 4h; | |
| ssl_session_tickets on; | |
| location / { | |
| limit_req zone=MYZONE burst=5 nodelay; | |
| try_files $uri $uri/ =404; | |
| } | |
| location ~\.php$ { | |
| # Pass php requests to the php-fpm service (fastcgi) | |
| include fastcgi.conf; | |
| fastcgi_pass unix:/run/php/php7.1-fpm.sock; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user www-data; | |
| worker_processes auto; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| include mime.types; | |
| # Define limit zone | |
| limit_req_zone $request_uri zone=MYZONE:10m rate=1r/s; | |
| # Redirect all traffic to HTTPS | |
| server { | |
| listen 80; | |
| server_name 167.99.93.26; | |
| return 301 https://$host$request_uri; | |
| } | |
| server { | |
| listen 443 ssl http2; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| index index.html; | |
| ssl_certificate /etc/nginx/ssl/self.crt; | |
| ssl_certificate_key /etc/nginx/ssl/self.key; | |
| # Disable SSL | |
| ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
| # Optimise cipher suits | |
| ssl_prefer_server_ciphers on; | |
| ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5; | |
| # Enable DH Params | |
| ssl_dhparam /etc/nginx/ssl/dhparam.pem; | |
| # Enable HSTS | |
| add_header Strict-Transport-Security "max-age=31536000" always; | |
| # SSL sessions | |
| ssl_session_cache shared:SSL:40m; | |
| ssl_session_timeout 4h; | |
| ssl_session_tickets on; | |
| location / { | |
| auth_basic "Secure Area"; | |
| auth_basic_user_file /etc/nginx/.htpasswd; | |
| try_files $uri $uri/ =404; | |
| } | |
| location ~\.php$ { | |
| # Pass php requests to the php-fpm service (fastcgi) | |
| include fastcgi.conf; | |
| fastcgi_pass unix:/run/php/php7.1-fpm.sock; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user www-data; | |
| worker_processes auto; | |
| events { | |
| worker_connections 1024; | |
| } | |
| http { | |
| include mime.types; | |
| server_tokens off; | |
| # Redirect all traffic to HTTPS | |
| server { | |
| listen 80; | |
| server_name 167.99.93.26; | |
| return 301 https://$host$request_uri; | |
| } | |
| server { | |
| listen 443 ssl http2; | |
| server_name 167.99.93.26; | |
| root /sites/demo; | |
| index index.html; | |
| add_header X-Frame-Options "SAMEORIGIN"; | |
| add_header X-XSS-Protection "1; mode=block"; | |
| ssl_certificate /etc/nginx/ssl/self.crt; | |
| ssl_certificate_key /etc/nginx/ssl/self.key; | |
| # Disable SSL | |
| ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
| # Optimise cipher suits | |
| ssl_prefer_server_ciphers on; | |
| ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5; | |
| # Enable DH Params | |
| ssl_dhparam /etc/nginx/ssl/dhparam.pem; | |
| # Enable HSTS | |
| add_header Strict-Transport-Security "max-age=31536000" always; | |
| # SSL sessions | |
| ssl_session_cache shared:SSL:40m; | |
| ssl_session_timeout 4h; | |
| ssl_session_tickets on; | |
| location / { | |
| try_files $uri $uri/ =404; | |
| } | |
| location ~\.php$ { | |
| # Pass php requests to the php-fpm service (fastcgi) | |
| include fastcgi.conf; | |
| fastcgi_pass unix:/run/php/php7.1-fpm.sock; | |
| } | |
| } | |
| } |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| NGINX Reverse Proxy | |
| https://docs.nginx.com/nginx/admin-guide/web-server/reverse-proxy/ | |
| Module ngx_http_proxy_module | |
| http://nginx.org/en/docs/http/ngx_http_proxy_module.html | |
| Using nginx as HTTP load balancer | |
| http://nginx.org/en/docs/http/load_balancing.html | |
| HTTP Load Balancing | |
| https://docs.nginx.com/nginx/admin-guide/load-balancer/http-load-balancer/ | |
| Module ngx_http_upstream_module | |
| http://nginx.org/en/docs/http/ngx_http_upstream_module.html |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Digital Ocean Tutorials | |
| https://www.digitalocean.com/community/search?q=nginx | |
| Nginx Resources | |
| https://github.com/fcambus/nginx-resources | |
| Pitfalls and Common Mistakes | |
| https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment