/etc/nginx/nginx.conf
worker_cpu_affinity
worker_rlimit_nofile
$ grep processor /proc/cpuinfo |wc # プロセッサ数
$ cat /proc/sys/fs/file-max # ファイルディスクリプタ上限
user nginx;
worker_processes 1; # num / auto
error_log /var/log/nginx/error.log warn; # debug, info, notice, warn, error, crit, alert, emerg
pid /var/run/nginx.pid;
events {
worker_connections 512;
multi_accept on;
}
http {
server_tokens off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main 'time:$time_iso8601\t'...
access_log /var/log/nginx/access.log ltsv;
charset UTF-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 75;
keepalive_requests 100;
set_real_ip_from 10.0.0.0/8;
real_ip_header X-Forwarded-For;
client_header_timeout 10;
client_body_timeout 10;
client_body_buffer_size 32k;
client_body_temp_path /dev/shm/client_body_temp 1 2;
client_max_body_size 1m;
client_header_buffer_size 1k;
large_client_header_buffers 4 8k;
limit_conn_zone $binary_remote_addr zone=addr:10m;
limit_conn addr 100;
proxy_buffering on;
proxy_buffer_size 8k;
proxy_buffers 100 8k;
proxy_cache_path /var/lib/nginx/cache levels=1:2 keys_zone=CACHE:512m inactive=1d max_size=60g;
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_proxied expired no-cache no-store private auth;
gzip_vary off;
gzip_types text/plain
text/css
text/xml
...
application/json;
gzip_min_length 1000;
gzip_disable "MSIE [1-6]\.";
open_file_cache max=100 inactive=10s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
server_names_hash_bucket_size 64
types_hash_max_size 1024;
types_hash_bucket_size 64;
listen 80 default_server;
server_name_in_redirect off;
port_in_redirect on;
proxy_pass http://127.0.0.1:3000;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-Server $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header X-Powered-By;
proxy_ignore_headers Expires;
proxy_connect_timeout
proxy_send_timeout
proxy_read_timeout
proxy_redirect off;
proxy_intercept_errors on;
error_page 404 /404.html;
error_page 403 =404 /notfound.html; # 403の場合404に変換される。
error_page 500 502 503 504 /50x.html;
include /etc/nginx/vhost.d/*.conf;
server {
listen 80 default_server;
server_name localhost;
root /path/public
rewrite /(.*)/index.html $1.html permanent;
satisfy any;
auth_basic "basic authentication";
auth_basic_user_file /etc/nginx/.htpasswd;
try_files $uri $uri.html $uri/index.html @unicorn;
location / {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
expires 10d;
add_header Cache-Control public;
break;
internal;
}
}
}
NAMEベース:
http{
server{
server_name www.aaa.tld;
}
server{
server_name www.bbb.tld;
}
}
IPベース:
http{
server{
listen 192.168.0.1:80;
server_name www.aaa.tld;
}
server{
listen 192.168.0.2:80;
server_name www.bbb.tld;
}
}
SSL:
http{
listen 443 ssl;
ssl on;
ssl_certificate /path/to/cert.pem;
ssl_certificate_key /path/to/cert.key;
}
バーチャルホスト設定:
/etc/nginx/sites-available/virtualhost.com
$ cd /etc/nginx/sites-enabled/
$ ln -s /etc/nginx/sites-available/virtualhost.com virtualhost.com
include /etc/nginx/sites-enabled/*;
