oojacoboo · June 18, 2019 05:21
diff --git a/nginx.conf b/nginx.conf
 user www-data;

 # One worker process per CPU core.
 worker_processes auto;

 pid /var/run/nginx.pid;
 pcre_jit on;

 error_log /var/log/nginx/error.log warn;

 events {
    # Determines how many clients will be served by each worker process.
    # (Max clients = worker_connections * worker_processes)
    # Should be equal to `ulimit -n`
    #
    worker_connections 1024;

    #
    # Let each process accept multiple connections.
    # Accept as many connections as possible, after nginx gets notification
    # about a new connection.
    # May flood worker_connections, if that option is set too low.
    #
    multi_accept on;

    #
    # Preferred connection method for newer linux versions.
    # Essential for linux, optmized to serve many clients with each thread.
    #
    use epoll;
 }

 http {
    server_tokens       off;
    include             /etc/nginx/mime.types;
    default_type        application/octet-stream;

    access_log          /var/log/nginx/access.log;

 #
    # Override some buffer limitations, will prevent DDOS too.
    client_body_buffer_size 64K;
    client_header_buffer_size 16k;
    client_max_body_size 32M;
    large_client_header_buffers 4 16k;

    # Timeouts
    # The client_body_timeout and client_header_timeout directives are
    # responsible for the time a server will wait for a client body or
    # client header to be sent after request. If neither a body or header
    # is sent, the server will issue a 408 error or Request time out.
    #
    # The keepalive_timeout assigns the timeout for keep-alive connections
    # with the client. Simply put, Nginx will close connections with the
    # client after this period of time.
    #
    # Finally, the send_timeout is a timeout for transmitting a response
    # to the client. If the client does not receive anything within this
    # time, then the connection will be closed. Send the client a "request
    # timed out" if the body is not loaded by this time. Default 60.
    client_body_timeout   32;
    client_header_timeout 32;
    # Every 60 seconds server broadcasts Sync packets, so 90 is a conservative upper bound. Default is 65
    keepalive_timeout 90;
    send_timeout 300;

    gzip                on;
    gzip_disable        "MSIE [1-6]\.";
    # Only allow proxy request with these headers to be gzipped.
    gzip_proxied        expired no-cache no-store private auth;
    # Default is 6 (1<n<9), but 2 -- even 1 -- is enough. The higher it is, the more CPU cycles will be wasted.
    gzip_comp_level     6;
    gzip_min_length     100; # Default 20
    gzip_types          text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

    # Sendfile copies data between one FD and other from within the kernel.
    # More efficient than read() + write(), since the requires transferring
    # data to and from the user space.
    sendfile            on;
    # Tcp_nopush causes nginx to attempt to send its HTTP response head in one
    # packet, instead of using partial frames. This is useful for prepending
    # headers before calling sendfile, or for throughput optimization.
     tcp_nopush          on;
    # Don't buffer data-sends (disable Nagle algorithm).
    # Good for sending frequent small bursts of data in real time.
    tcp_nodelay         on;

    types_hash_max_size 2048;

    index               index.php;

    upstream php {
        # PHP hostname is added on the network by default by Docker
        server api-php:9000;
    }

    # Main server config
    server {
        listen 80;
        root /srv/www;

        error_page 404 /error/page-not-found/index.html;
        error_page 418 /error/generic/index.html;
        error_page 500 /error/exception/index.html;
        error_page 502 503 504 /error/maintenance/index.html;

        # URL specific redirects
        include /etc/nginx/redirects.conf;
        if ($redirect_uri) {
            return 301 $redirect_uri;
        }

        #
        # Front controllers
        #

        # Redirect frontcontroller URLs with `.php` to clean URLs; remove when no longer needed
        location ~ ^/(index|control|my(?:post|rent|place))\.php(.*)  {
            # $1 = either index, control, index/outpost, mypost, myplace, or myrent
            # $2 = anything that was after `.php`
            return 301 /$1$2;
        }

        ...
 }
diff --git a/redirects.conf b/redirects.conf
 map $request_uri $redirect_uri {
    /guardian/forgotpassword          /account/signin-assistance;
 }
	user www-data;

	# One worker process per CPU core.
	worker_processes auto;

	pid /var/run/nginx.pid;
	pcre_jit on;

	error_log /var/log/nginx/error.log warn;

	events {
	# Determines how many clients will be served by each worker process.
	# (Max clients = worker_connections * worker_processes)
	# Should be equal to `ulimit -n`
	#
	worker_connections 1024;

	#
	# Let each process accept multiple connections.
	# Accept as many connections as possible, after nginx gets notification
	# about a new connection.
	# May flood worker_connections, if that option is set too low.
	#
	multi_accept on;

	#
	# Preferred connection method for newer linux versions.
	# Essential for linux, optmized to serve many clients with each thread.
	#
	use epoll;
	}

	http {
	server_tokens off;
	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	access_log /var/log/nginx/access.log;

	#
	# Override some buffer limitations, will prevent DDOS too.
	client_body_buffer_size 64K;
	client_header_buffer_size 16k;
	client_max_body_size 32M;
	large_client_header_buffers 4 16k;

	# Timeouts
	# The client_body_timeout and client_header_timeout directives are
	# responsible for the time a server will wait for a client body or
	# client header to be sent after request. If neither a body or header
	# is sent, the server will issue a 408 error or Request time out.
	#
	# The keepalive_timeout assigns the timeout for keep-alive connections
	# with the client. Simply put, Nginx will close connections with the
	# client after this period of time.
	#
	# Finally, the send_timeout is a timeout for transmitting a response
	# to the client. If the client does not receive anything within this
	# time, then the connection will be closed. Send the client a "request
	# timed out" if the body is not loaded by this time. Default 60.
	client_body_timeout 32;
	client_header_timeout 32;
	# Every 60 seconds server broadcasts Sync packets, so 90 is a conservative upper bound. Default is 65
	keepalive_timeout 90;
	send_timeout 300;

	gzip on;
	gzip_disable "MSIE [1-6]\.";
	# Only allow proxy request with these headers to be gzipped.
	gzip_proxied expired no-cache no-store private auth;
	# Default is 6 (1<n<9), but 2 -- even 1 -- is enough. The higher it is, the more CPU cycles will be wasted.
	gzip_comp_level 6;
	gzip_min_length 100; # Default 20
	gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;

	# Sendfile copies data between one FD and other from within the kernel.
	# More efficient than read() + write(), since the requires transferring
	# data to and from the user space.
	sendfile on;
	# Tcp_nopush causes nginx to attempt to send its HTTP response head in one
	# packet, instead of using partial frames. This is useful for prepending
	# headers before calling sendfile, or for throughput optimization.
	tcp_nopush on;
	# Don't buffer data-sends (disable Nagle algorithm).
	# Good for sending frequent small bursts of data in real time.
	tcp_nodelay on;

	types_hash_max_size 2048;

	index index.php;

	upstream php {
	# PHP hostname is added on the network by default by Docker
	server api-php:9000;
	}

	# Main server config
	server {
	listen 80;
	root /srv/www;

	error_page 404 /error/page-not-found/index.html;
	error_page 418 /error/generic/index.html;
	error_page 500 /error/exception/index.html;
	error_page 502 503 504 /error/maintenance/index.html;

	# URL specific redirects
	include /etc/nginx/redirects.conf;
	if ($redirect_uri) {
	return 301 $redirect_uri;
	}

	#
	# Front controllers
	#

	# Redirect frontcontroller URLs with `.php` to clean URLs; remove when no longer needed
	location ~ ^/(index\|control\|my(?:post\|rent\|place))\.php(.*) {
	# $1 = either index, control, index/outpost, mypost, myplace, or myrent
	# $2 = anything that was after `.php`
	return 301 /$1$2;
	}

	...
	}
	map $request_uri $redirect_uri {
	/guardian/forgotpassword /account/signin-assistance;
	}