Skip to content

Instantly share code, notes, and snippets.

@renekreijveld

renekreijveld/nginx.conf

Last active July 22, 2024 15:00
Show Gist options
  • Save renekreijveld/70e31fdb855a8a91ea98150a2e0bc9bb to your computer and use it in GitHub Desktop.
Save renekreijveld/70e31fdb855a8a91ea98150a2e0bc9bb to your computer and use it in GitHub Desktop.
Download ZIP
NginX config for Homebrew based NginX, MariaDB, PHP development stack
Raw
nginx.conf
# user setting for this machine
user <your_username> staff;
# you must set worker processes based on your CPU cores, nginx does not benefit from setting more than that
worker_processes auto;
# only log critical errors
error_log /opt/homebrew/var/log/nginx/error.log crit;
events {
# determines how much clients will be served per worker
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
server_names_hash_bucket_size 512;
client_max_body_size 256M;
# copies data between one FD and other from within the kernel
# faster than read() + write()
sendfile on;
# send headers in one piece, it is better than sending them one by one
tcp_nopush on;
# reduce the data that needs to be sent over network -- for testing environment
gzip on;
# gzip_static on;
gzip_min_length 10240;
gzip_comp_level 1;
gzip_vary on;
gzip_disable msie6;
gzip_proxied expired no-cache no-store private auth;
gzip_types
# text/html is always compressed by HttpGzipModule
text/css
text/javascript
text/xml
text/plain
text/x-component
application/javascript
application/x-javascript
application/json
application/xml
application/rss+xml
application/atom+xml
font/truetype
font/opentype
application/vnd.ms-fontobject
image/svg+xml;
# localhost server http
server {
listen 80;
server_name localhost;
charset utf-8;
root /Users/<your_username>/Development/Sites;
index index.php kick.php index.html index.htm;
# redirect http to https
location / {
return 301 https://$host$request_uri;
}
}
# localhost server https
server {
listen 443 ssl;
listen [::]:443 ssl;
http2 on;
ssl_certificate /opt/homebrew/etc/nginx/certs/localhost.pem;
ssl_certificate_key /opt/homebrew/etc/nginx/certs/localhost-key.pem;
ssl_ciphers HIGH:!aNULL:!MD5;
server_name localhost;
root /Users/<your_username>/Development/Sites;
index index.php kick.php index.html index.htm;
charset utf-8;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
location / {
autoindex on;
try_files $uri $uri/ /index.php$is_args$args;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
# wildcard host *.dev.test server http
server {
listen 80;
server_name ~^(?<subdomain>[^.]+).dev.test;
charset utf-8;
root /Users/<your_username>/Development/Sites/$1;
index index.php kick.php index.html index.htm;
# Redirect to ssl
location / {
return 301 https://$host$request_uri;
}
}
# wildcard host *.dev.test server https
server {
listen 443 ssl;
listen [::]:443 ssl;
http2 on;
ssl_certificate /opt/homebrew/etc/nginx/certs/_wildcard.dev.test.pem;
ssl_certificate_key /opt/homebrew/etc/nginx/certs/_wildcard.dev.test-key.pem;
ssl_ciphers HIGH:!aNULL:!MD5;
server_name ~^(?<subdomain>[^.]+).dev.test;
root /Users/<your_username>/Development/Sites/$subdomain;
index index.php kick.php index.html index.htm;
charset utf-8;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
location / {
autoindex on;
try_files $uri $uri/ /index.php$is_args$args;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
}
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
include servers/*;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment