renekreijveld · February 28, 2025 07:51
diff --git a/nginx.conf b/nginx.conf
 # user setting for this machine
 user your_username staff;

 # you must set worker processes based on your CPU cores, nginx does not benefit from setting more than that
 worker_processes auto;

 # only log critical errors
 error_log /opt/homebrew/var/log/nginx/error.log crit;

 events {
    # determines how much clients will be served per worker
    worker_connections  1024;
 }

 http {
    include mime.types;
    default_type application/octet-stream;
    server_names_hash_bucket_size 512;
    client_max_body_size 256M;
    client_body_timeout 300s;

    # copies data between one FD and other from within the kernel
    # faster than read() + write()
    sendfile on;

    # send headers in one piece, it is better than sending them one by one
    tcp_nopush on;

    # reduce the data that needs to be sent over network -- for testing environment
    gzip on;
    # gzip_static on;
    gzip_min_length 10240;
    gzip_comp_level 1;
    gzip_vary on;
    gzip_disable msie6;
    gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
    gzip_types text/cache-manifest text/css text/javascript text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy text/xml image/bmp image/svg+xml image/x-icon application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-javascript application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype font/truetype;

    # localhost server http
    server {
        listen 80;
        server_name localhost;

        charset utf-8;

        # Enforce HTTPS
        return 301 https://$server_name$request_uri;
    }

    # localhost server https
    server {
        listen 443 ssl;
        listen [::]:443 ssl;

        http2 on;

        ssl_certificate      /opt/homebrew/etc/nginx/certs/localhost.pem;
        ssl_certificate_key  /opt/homebrew/etc/nginx/certs/localhost-key.pem;
        ssl_ciphers          HIGH:!aNULL:!MD5;
    
        server_name localhost;

        root /Users/your_username/Development/Sites;
        index index.php kick.php index.html index.htm;

        charset utf-8;

        add_header X-Frame-Options "SAMEORIGIN";
        add_header X-XSS-Protection "1; mode=block";
        add_header X-Content-Type-Options "nosniff";

        location / {
            autoindex on;
            try_files $uri $uri/ /index.php$is_args$args;

            proxy_buffer_size 128k;
            proxy_buffers 4 256k;
            proxy_busy_buffers_size 256k;
        }

        location ~ \.php$ {
            fastcgi_pass   127.0.0.1:9083;
            fastcgi_index  index.php;
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        fastcgi_params;
        }    
    }

    include servers/*;
 }
	# user setting for this machine
	user your_username staff;

	# you must set worker processes based on your CPU cores, nginx does not benefit from setting more than that
	worker_processes auto;

	# only log critical errors
	error_log /opt/homebrew/var/log/nginx/error.log crit;

	events {
	# determines how much clients will be served per worker
	worker_connections 1024;
	}

	http {
	include mime.types;
	default_type application/octet-stream;
	server_names_hash_bucket_size 512;
	client_max_body_size 256M;
	client_body_timeout 300s;

	# copies data between one FD and other from within the kernel
	# faster than read() + write()
	sendfile on;

	# send headers in one piece, it is better than sending them one by one
	tcp_nopush on;

	# reduce the data that needs to be sent over network -- for testing environment
	gzip on;
	# gzip_static on;
	gzip_min_length 10240;
	gzip_comp_level 1;
	gzip_vary on;
	gzip_disable msie6;
	gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
	gzip_types text/cache-manifest text/css text/javascript text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy text/xml image/bmp image/svg+xml image/x-icon application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/wasm application/x-font-ttf application/x-javascript application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype font/truetype;

	# localhost server http
	server {
	listen 80;
	server_name localhost;

	charset utf-8;

	# Enforce HTTPS
	return 301 https://$server_name$request_uri;
	}

	# localhost server https
	server {
	listen 443 ssl;
	listen [::]:443 ssl;

	http2 on;

	ssl_certificate /opt/homebrew/etc/nginx/certs/localhost.pem;
	ssl_certificate_key /opt/homebrew/etc/nginx/certs/localhost-key.pem;
	ssl_ciphers HIGH:!aNULL:!MD5;

	server_name localhost;

	root /Users/your_username/Development/Sites;
	index index.php kick.php index.html index.htm;

	charset utf-8;

	add_header X-Frame-Options "SAMEORIGIN";
	add_header X-XSS-Protection "1; mode=block";
	add_header X-Content-Type-Options "nosniff";

	location / {
	autoindex on;
	try_files $uri $uri/ /index.php$is_args$args;

	proxy_buffer_size 128k;
	proxy_buffers 4 256k;
	proxy_busy_buffers_size 256k;
	}

	location ~ \.php$ {
	fastcgi_pass 127.0.0.1:9083;
	fastcgi_index index.php;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	include fastcgi_params;
	}
	}

	include servers/*;
	}