- People talk about two servers: a web server (e.g. Nginx, Apache, etc.) and a app server (e.g. Language specific servers like Unicorn, Node.js, Tomcat, Http-Kit, etc.). There are exceptions where app servers not required at all (as web server itself provides preprocessors for handling), but let's not talk about now.
- Web servers are really fast and supports lot of standard and commonly used MIME-type requests. Concept of serving a file is -- forming and sending a response of bytes of data and labeling it with requested MIME-type by a client (e.g. web browser).
- Every response format (in layman's language, a file) is recognized by it's MIME-type, for e.g. a PNG image file has "image/png" MIME-type. JavaScript file has "text/javascript". HTML responses (or files) has "text/html". Plain text files have "text/plain".
- Modern Browsers supports a lot of standard MIME-types. Images, videos, text files (XML, HTML, SVG, JS), and they better know how to visualize it. Browser also knows unrec
孙松 sunsongxp
sunsongxp
/ nginx_assets.md
Created
January 25, 2018 08:13
— forked from vishaltelangre/nginx_assets.md
Serving Static Assets via Nginx
sunsongxp
/ haproxy.cfg
Last active
February 1, 2018 16:26
— forked from fumin/haproxy.cfg
Haproxy config file for SSL and basic authentication
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Haproxy config file for SSL and basic authentication | |
| # | |
| # Since ssl is needed, we need to use | |
| # `make TARGET=linux26 USE_OPENSSL=1 ADDLIB=-lz` to install haproxy. | |
| # Also, haproxy version must be haproxy-1.5-dev19 or above. | |
| # | |
| # An example curl command that queryies pic-collage.com/api/collages/feed is | |
| # `curl -k -v -u 'collages:password' 'https://ec2-ip.compute-1.amazonaws.com/api/collages/feed'` | |
| # userlist permitted |
sunsongxp
/ haproxy-cors.md
Created
January 25, 2018 07:39
— forked from nasrulhazim/haproxy-cors.md
Setting Up CORS in HAProxy
frontend localnodes
bind *:80
reqadd X-Forwarded-Proto:\ http
# Add CORS headers when Origin header is present
capture request header origin len 128
http-response add-header Access-Control-Allow-Origin %[capture.req.hdr(0)] if { capture.req.hdr(0) -m found }
rspadd Access-Control-Allow-Methods:\ GET,\ HEAD,\ OPTIONS,\ POST,\ PUT if { capture.req.hdr(0) -m found }
rspadd Access-Control-Allow-Credentials:\ true if { capture.req.hdr(0) -m found }
sunsongxp
/ ansible-summary.md
Created
January 21, 2018 08:39
— forked from andreicristianpetcu/ansible-summary.md
This is an ANSIBLE Cheat Sheet from Jon Warbrick
Jon Warbrick, July 2014, V3.2 (for Ansible 1.7)
First one found from of
sunsongxp
/ nginx.conf
Last active
June 9, 2018 10:34
— forked from plentz/nginx.conf
Best nginx configuration for improved security(and performance). Complete blog post here http://tautt.com/best-nginx-configuration-for-security/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # to generate your dhparam.pem file, run in the terminal | |
| openssl dhparam -out /etc/nginx/ssl/dhparam.pem 2048 | |
| # https://www.digitalocean.com/community/tutorials/how-to-set-up-basic-http-authentication-with-nginx-on-ubuntu-14-04 | |
| # to generate Basic HTTP Authentication key file | |
| # auth_basic "realm" will be added to HTTP response like the line below. | |
| # www-authenticate: Basic realm="realm" | |
| sudo apt install apache2-utils | |
| sudo htpasswd -c /etc/nginx/.htpasswd nginx |
sunsongxp
/ nginx-tuning.md
Created
January 21, 2018 06:35
— forked from denji/nginx-tuning.md
NGINX tuning for best performance
Moved to git repository: https://github.com/denji/nginx-tuning
For this configuration you can use web server you like, i decided, because i work mostly with it to use nginx.
Generally, properly configured nginx can handle up to 400K to 500K requests per second (clustered), most what i saw is 50K to 80K (non-clustered) requests per second and 30% CPU load, course, this was 2 x Intel Xeon with HyperThreading enabled, but it can work without problem on slower machines.
You must understand that this config is used in testing environment and not in production so you will need to find a way to implement most of those features best possible for your servers.
sunsongxp
/ Install PIP to user site on macOS.md
Created
January 4, 2018 07:22
— forked from haircut/Install PIP to user site on macOS.md
How to install and use pip without sudo or admin on macOS
Most recently tested on macOS Sierra (10.12.6)
- Download the installation script;
curl https://bootstrap.pypa.io/get-pip.py -o ~/Downloads/get-pip.py - Run the installation, appending the
--userflag;python ~/Downloads/get-pip.py --user. pip will be installed to ~/Library/Python/2.7/bin/pip - Make sure
~/Library/Python/2.7/binis in your$PATH. Forbashusers, edit thePATH=line in~/.bashrcto append the local Python path; ie.PATH=$PATH:~/Library/Python/2.7/bin. Apply the changes,source ~/.bashrc. - Use pip! Remember to append
--userwhen installing modules; ie.pip install <package_name> --user
sunsongxp
/ ip_routing_win7.txt
Created
January 1, 2018 11:09
— forked from mouseroot/ip_routing_win7.txt
Enable IP Routing in Windows 7
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. Open regedit | |
| 2. Navigate to "HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\" | |
| 3. Change IPEnableRouter to 1 | |
| 4. Run services->Routing and Remote->start | |
| (reboot may be nessesary) |
sunsongxp
/ AnsibleVaultDiff.md
Created
December 31, 2017 02:25
— forked from leedm777/AnsibleVaultDiff.md
Ansible vault diff in Git
Normally, when you diff an [Ansible vault][], all you see is gibberish.
$ git diff -- group_vars/all/vault.yml
diff --git a/group_vars/all/vault.yml b/group_vars/all/vault.yml
index 245ccf4..90bf9ee 100644
--- a/group_vars/all/vault.yml
+++ b/group_vars/all/vault.yml
@@ -1,111 +1,111 @@
$ANSIBLE_VAULT;1.1;AES256
sunsongxp
/ ubuntu.ipxe
Created
May 24, 2017 15:27
— forked from simonjgreen/ubuntu.ipxe
Ubuntu 14.04 iPXE and Preseed
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!ipxe | |
| #dhcp | |
| echo Starting Ubuntu x64 installer for ${hostname} | |
| set base-url http://archive.ubuntu.com/ubuntu/dists/trusty/main/installer-amd64/current/images/netboot/ubuntu-installer/amd64 | |
| kernel ${base-url}/linux | |
| initrd ${base-url}/initrd.gz | |
| imgargs linux auto=true fb=false priority=critical preseed/locale=en_GB kbd-chooser/method=gb preseed/url=http://172.16.195.128/ubuntuPreseed.cfg | |
| # DEBCONF_DEBUG=5 | |
| boot || | |
| # If everything failed, give the user some options |