Last active
July 28, 2023 21:54
-
-
Save bearcatsandor/ef359938d27e29474ab72a6ed13a7b5e to your computer and use it in GitHub Desktop.
Nginx config for a new migration
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
nginx.conf: | |
user www-data; | |
worker_processes auto; | |
pid /var/run/nginx.pid; | |
include /etc/nginx/modules-enabled/*.conf; | |
events { | |
worker_connections 768; | |
# multi_accept on; | |
} | |
http { | |
## | |
# Basic Settings | |
## | |
sendfile on; | |
tcp_nopush on; | |
tcp_nodelay on; | |
keepalive_timeout 65; | |
types_hash_max_size 2048; | |
# server_tokens off; | |
# server_names_hash_bucket_size 64; | |
# server_name_in_redirect off; | |
include /etc/nginx/mime.types; | |
default_type application/octet-stream; | |
## | |
# SSL Settings | |
## | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE | |
ssl_prefer_server_ciphers on; | |
## | |
# Logging Settings | |
## | |
access_log /var/log/nginx/access.log; | |
error_log /var/log/nginx/error.log; | |
## | |
# Gzip Settings | |
## | |
#gzip on; | |
#gzip_disable "msie6"; | |
# gzip_vary on; | |
# gzip_proxied any; | |
# gzip_comp_level 6; | |
# gzip_buffers 16 8k; | |
# gzip_http_version 1.1; | |
# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; | |
# Upstream to abstract backend connections(s) for php | |
upstream php { | |
server unix:/tmp/php-cgi.socket; | |
server 127.0.0.1; | |
} | |
## | |
# Virtual Host Configs | |
## | |
include /etc/nginx/conf.d/*.conf; | |
include /etc/nginx/sites-enabled/*; | |
## | |
# Setting suggested by WPMUDEV | |
## | |
# Enable Gzip compression | |
gzip on; | |
# Compression level (1-9) | |
gzip_comp_level 5; | |
# Don't compress anything under 256 bytes | |
gzip_min_length 256; | |
# Compress output of these MIME-types | |
gzip_types | |
application/atom+xml | |
application/javascript | |
application/json | |
application/rss+xml | |
application/vnd.ms-fontobject | |
application/x-font-ttf | |
application/x-font-opentype | |
application/x-font-truetype | |
application/x-javascript | |
application/x-web-app-manifest+json | |
application/xhtml+xml | |
application/xml | |
font/eot | |
font/opentype | |
font/otf | |
image/svg+xml | |
image/x-icon | |
image/vnd.microsoft.icon | |
text/css | |
text/plain | |
text/javascript | |
text/x-component; | |
# Disable gzip for bad browsers | |
gzip_disable "MSIE [1-6]\.(?!.*SV1)"; | |
# for ewww and webp | |
map $http_accept $webp_suffix { | |
default ""; | |
"~*webp" ".webp"; | |
} | |
} | |
#mail { | |
# # See sample authentication script at: | |
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript | |
# | |
# # auth_http localhost/auth.php; | |
# # pop3_capabilities "TOP" "USER"; | |
# # imap_capabilities "IMAP4rev1" "UIDPLUS"; | |
# | |
# server { | |
# listen localhost:110; | |
# protocol pop3; | |
# proxy on; | |
# } | |
# | |
# server { | |
# listen localhost:143; | |
# protocol imap; | |
# proxy on; | |
# } | |
#} | |
sites-enabled/accessmontana.com | |
server { | |
listen 80; | |
listen [::]:80; | |
location / { | |
try_files $uri $uri/ /index.php?$args; | |
} | |
root /var/www/accessmontana.com; | |
#access_log /var/log/nginx/accessmontana.com.access combined; | |
# Add index.php to the list if you are using PHP | |
index index.html index.htm index.php; | |
server_name accessmontana.com www.accessmontana.com; | |
client_max_body_size 500M; # allows file uploads up to 500mb | |
location = /favicon.ico { | |
log_not_found off; | |
access_log off; | |
} | |
location = /robots.txt { | |
allow all; | |
log_not_found off; | |
access_log off; | |
} | |
location ~ \.php$ { | |
try_files $uri =404; | |
include fastcgi_params; | |
fastcgi_pass unix:/run/php/php-fpm.sock; | |
fastcgi_split_path_info ^(.+\.php)(.*)$; | |
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |
fastcgi_buffers 16 16k; | |
fastcgi_buffer_size 32k; | |
} | |
# hide user.ini (used by wordfence) | |
location ~ ^/\.user.ini { | |
deny all; | |
} | |
# Cache static files for as long as possible | |
location ~*.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|cur)$ { | |
expires max; | |
log_not_found off; | |
access_log off; | |
} | |
# Apply webp rules as per | |
# https://docs.ewww.io/article/16-ewww-io-and-webp-images | |
location ~* ^.+\.(png|jpe?g)$ { | |
add_header Vary Accept; | |
try_files $uri$webp_suffix $uri =404; | |
} | |
# Stuff after this line is all managed by Certbot | |
} | |
ls modules-enabled/ | |
50-mod-http-echo.conf | |
50-mod-http-geoip2.conf | |
50-mod-http-subs-filter.conf | |
50-mod-http-xslt-filter.conf | |
50-mod-stream.conf | |
50-mod-http-dav-ext.conf | |
50-mod-http-geoip.conf | |
50-mod-http-image-filter.conf | |
50-mod-http-upstream-fair.conf | |
50-mod-mail.conf | |
70-mod-stream-geoip.conf |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment