-
-
Save centminmod/0d455e15ca4ef836a96c4cd39bcac62d to your computer and use it in GitHub Desktop.
caddy 0.10.9 vs nginx h2load test 16/09/17 config files
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# /etc/caddy/conf.d/caddybench.domain.com.ssl.conf | |
caddybench.domain.com:443 { | |
gzip { | |
level 5 | |
min_length 1400 | |
} | |
#browse | |
header / { | |
#Strict-Transport-Security "max-age=31536000" | |
#Cache-Control "max-age=86400" | |
X-Content-Type-Options "nosniff" | |
X-Frame-Options "SAMEORIGIN" | |
X-XSS-Protection "1; mode=block" | |
X-Powered-By "Caddy via CentminMod" | |
#-Server | |
} | |
timeouts { | |
read 10s | |
header 10s | |
write 20s | |
idle 2m | |
} | |
root /home/nginx/domains/caddybench.domain.com/public | |
fastcgi / 127.0.0.1:9000 { | |
ext .php | |
split .php | |
index index.php | |
connect_timeout 10s | |
read_timeout 10s | |
send_timeout 10s | |
} | |
errors /home/nginx/domains/caddybench.domain.com/log/caddy-caddybench.domain.com-errors.log { | |
rotate_size 100 # Rotate after 100 MB | |
rotate_age 14 # Keep log files for 14 days | |
rotate_keep 10 # Keep at most 10 log files | |
rotate_compress | |
} | |
log / /home/nginx/domains/caddybench.domain.com/log/caddy-caddybench.domain.com-access.ssl.log "{remote} {when} {method} {uri} {proto} {status} {size} {>User-Agent} {latency}" { | |
rotate_size 100 # Rotate after 100 MB | |
rotate_age 14 # Keep log files for 14 days | |
rotate_keep 10 # Keep at most 10 log files | |
rotate_compress | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# /etc/caddy/conf.d/caddybench.domain.com.ssl.conf | |
caddybench.domain.com:443 { | |
gzip { | |
level 5 | |
min_length 1400 | |
} | |
proxy / caddybench.domain.com:80 | |
cache { | |
match_path / | |
match_header Content-Type image/jpg image/png text/html | |
status_header X-Cache-Status | |
default_max_age 5m | |
path /tmp/caddy-cache | |
} | |
#browse | |
header / { | |
#Strict-Transport-Security "max-age=31536000" | |
#Cache-Control "max-age=86400" | |
X-Content-Type-Options "nosniff" | |
X-Frame-Options "SAMEORIGIN" | |
X-XSS-Protection "1; mode=block" | |
X-Powered-By "Caddy via CentminMod" | |
#-Server | |
} | |
timeouts { | |
read 10s | |
header 10s | |
write 20s | |
idle 2m | |
} | |
root /home/nginx/domains/caddybench.domain.com/public | |
fastcgi / 127.0.0.1:9000 { | |
ext .php | |
split .php | |
index index.php | |
connect_timeout 10s | |
read_timeout 10s | |
send_timeout 10s | |
} | |
errors /home/nginx/domains/caddybench.domain.com/log/caddy-caddybench.domain.com-errors.log { | |
rotate_size 100 # Rotate after 100 MB | |
rotate_age 14 # Keep log files for 14 days | |
rotate_keep 10 # Keep at most 10 log files | |
rotate_compress | |
} | |
log / /home/nginx/domains/caddybench.domain.com/log/caddy-caddybench.domain.com-access.ssl.log "{remote} {when} {method} {uri} {proto} {status} {size} {>User-Agent} {latency}" { | |
rotate_size 100 # Rotate after 100 MB | |
rotate_age 14 # Keep log files for 14 days | |
rotate_keep 10 # Keep at most 10 log files | |
rotate_compress | |
} | |
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# /usr/local/nginx/conf/conf.d/nginxbench.domain.com.ssl.conf | |
#x# HTTPS-DEFAULT | |
server { | |
server_name nginxbench.domain.com www.nginxbench.domain.com; | |
return 302 https://$server_name$request_uri; | |
include /usr/local/nginx/conf/staticfiles.conf; | |
} | |
# server_name nginxbench.domain.com www.nginxbench.domain.com; | |
server { | |
listen 443 ssl http2; | |
server_name nginxbench.domain.com www.nginxbench.domain.com; | |
include /usr/local/nginx/conf/ssl/nginxbench.domain.com/nginxbench.domain.com.crt.key.conf; | |
include /usr/local/nginx/conf/ssl_include.conf; | |
http2_max_field_size 16k; | |
http2_max_header_size 32k; | |
# mozilla recommended | |
#ssl_ciphers ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS; | |
ssl_ciphers ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS; | |
ssl_prefer_server_ciphers on; | |
#add_header Alternate-Protocol 443:npn-spdy/3; | |
# before enabling HSTS line below read centminmod.com/nginx_domain_dns_setup.html#hsts | |
#add_header Strict-Transport-Security "max-age=31536000; includeSubdomains;"; | |
add_header X-Frame-Options SAMEORIGIN; | |
add_header X-Xss-Protection "1; mode=block" always; | |
add_header X-Content-Type-Options "nosniff" always; | |
#spdy_headers_comp 5; | |
ssl_buffer_size 1369; | |
ssl_session_tickets on; | |
# enable ocsp stapling | |
resolver 8.8.8.8 8.8.4.4 valid=10m; | |
resolver_timeout 10s; | |
ssl_stapling on; | |
ssl_stapling_verify on; | |
# ngx_pagespeed & ngx_pagespeed handler | |
#include /usr/local/nginx/conf/pagespeed.conf; | |
#include /usr/local/nginx/conf/pagespeedhandler.conf; | |
#include /usr/local/nginx/conf/pagespeedstatslog.conf; | |
# limit_conn limit_per_ip 16; | |
# ssi on; | |
access_log /home/nginx/domains/nginxbench.domain.com/log/access.log combined buffer=256k flush=5m; | |
error_log /home/nginx/domains/nginxbench.domain.com/log/error.log; | |
include /usr/local/nginx/conf/autoprotect/nginxbench.domain.com/autoprotect-nginxbench.domain.com.conf; | |
root /home/nginx/domains/nginxbench.domain.com/public; | |
# uncomment cloudflare.conf include if using cloudflare for | |
# server and/or vhost site | |
#include /usr/local/nginx/conf/cloudflare.conf; | |
include /usr/local/nginx/conf/503include-main.conf; | |
location / { | |
include /usr/local/nginx/conf/503include-only.conf; | |
# block common exploits, sql injections etc | |
#include /usr/local/nginx/conf/block.conf; | |
# Enables directory listings when index file not found | |
#autoindex on; | |
# Shows file listing times as local time | |
#autoindex_localtime on; | |
# Wordpress Permalinks example | |
#try_files $uri $uri/ /index.php?q=$uri&$args; | |
} | |
include /usr/local/nginx/conf/pre-staticfiles-local-nginxbench.domain.com.conf; | |
include /usr/local/nginx/conf/pre-staticfiles-global.conf; | |
include /usr/local/nginx/conf/staticfiles.conf; | |
include /usr/local/nginx/conf/php.conf; | |
include /usr/local/nginx/conf/drop.conf; | |
#include /usr/local/nginx/conf/errorpage.conf; | |
include /usr/local/nginx/conf/vts_server.conf; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment