Last active
December 16, 2015 04:59
-
-
Save grantmacken/5381105 to your computer and use it in GitHub Desktop.
My Nginx config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ./nginx-production.sh | |
| #=========== | |
| #Grant MacKenzie <grantmacken@gmail.com> | |
| #v0.1, May 2013 | |
| #................................................................................ | |
| # dBin='~/bin' | |
| # if [ ! -d ~/bin ] ; then | |
| # mkdir ~/bin | |
| # fi | |
| # git clone https://gist.github.com/5381105.git | |
| # cd 5381133 | |
| # chmod +x devConfig.sh | |
| # sudo ./devConfig.sh | |
| #................................................................................ | |
| if [ ! -d /usr/local/nginx/cache ] ; then | |
| mkdir /usr/local/nginx/cache | |
| fi | |
| if [ ! -d /usr/local/nginx/proxy ] ; then | |
| mkdir /usr/local/nginx/proxy | |
| fi | |
| # | |
| # the only dif line | |
| cp nginx-dev.conf /usr/local/nginx/conf/nginx.conf | |
| # | |
| cp proxy.conf /usr/local/nginx/conf/proxy.conf | |
| cp proxy_cache.conf /usr/local/nginx/conf/proxy_cache.conf | |
| cp gzip.conf /usr/local/nginx/conf/gzip.conf | |
| cp productionServer.conf /usr/local/nginx/conf/productionServer.conf | |
| cp developmentServer.conf /usr/local/nginx/conf/developmentServer.conf | |
| # remove proxy cache | |
| cd /usr/local/nginx/cache | |
| rm -rf * | |
| nginx -V | |
| nginx -t | |
| nginx -s reload |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80 default deferred; | |
| server_name ~^(www\.)?(?<domain>.+)$; | |
| charset utf-8; | |
| access_log /var/log/nginx/file.log main; | |
| # root set to eXist data file system | |
| root /usr/local/eXist/webapp/WEB-INF/data/fs/db/apps/$domain; | |
| ####################### | |
| # development server | |
| # for local testing server | |
| ###################### | |
| ############# | |
| # a bundle of rewrites for serving html pages | |
| # eXist templating handles html pages so they get proxied as html | |
| ############# | |
| rewrite ^/?(?:index|index.html)?$ /index.html break; | |
| rewrite ^/?([\w\-_]+)/?(?:index|index.html)?$ /$1/index.html break; | |
| rewrite ^/?((?:[\w\-_]+)/(?:[\w\-_]+))(?:.html)?$ /$1.html break; | |
| location ~* ^(.*)\.html$ { | |
| gzip_static off; | |
| try_files $uri @proxy; | |
| } | |
| ########################## | |
| # IMAGES | |
| # look for images on disk first, reverse proxied thru eXist if not found | |
| # images don't have to have an extension ref. try files | |
| # don't bother to gzip or look for gzip file | |
| # don't make browser cache images with expires set to -0 | |
| # SVG images are the exception as we want to gzip these | |
| # don't use proxy cache on dev server | |
| # ####################### | |
| location ~* ^(/resources/images/svg.+)$ { | |
| gzip_static on; | |
| expires -1; | |
| try_files $uri $uri.svg.gz $uri.svg @proxy; | |
| log_not_found off; | |
| } | |
| location ~* ^(/resources/images.+)$ { | |
| gzip_static off; | |
| expires -1; | |
| try_files $uri $uri.jpg $uri.jpeg $uri.gif $uri.png $uri.ico @proxy; | |
| log_not_found off; | |
| } | |
| ########################## | |
| # STYLES AND SCRIPTS | |
| # look for gzipped css on disk first [ filename.css.gz ] | |
| # look for css on disk next [ filename.css ] | |
| # css don't have to have an extension ref. try files | |
| # don't make browser cache css with expires set to -0 | |
| # ####################### | |
| location ~* ^(/resources/styles.+)$ { | |
| gzip_static on; | |
| expires -1; | |
| try_files $uri $uri.css.gz $uri.css @proxy; | |
| } | |
| location ~* ^(/resources/scripts)$ { | |
| gzip_static on; | |
| expires -1; | |
| try_files $uri $uri.js.gz $uri $uri.js @proxy; | |
| } | |
| ########################## | |
| # our development reverse proxy | |
| # does not include a proxy cache | |
| # ####################### | |
| location @proxy { | |
| rewrite ^/?(.*)$ /exist/apps/$domain/$1 break; | |
| proxy_pass http://localhost:8080; | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ###################### | |
| # Gzip Configuration. | |
| # allows for on-the-fly gzip compression however if | |
| # gzip static on | |
| # if file on disk with gZip extension then grab that | |
| # to test if serving static files turn gzip off | |
| ##################### | |
| gzip on; | |
| gzip_vary on; | |
| gzip_disable msie6; | |
| gzip_min_length 0; | |
| #gzip_min_length 1000; | |
| gzip_http_version 1.1; | |
| #gzip_comp_level 9; | |
| gzip_comp_level 6; | |
| gzip_proxied any; | |
| # what file types to compress (text/html is always compressed | |
| gzip_types text/plain | |
| text/css | |
| text/javascript | |
| application/x-javascript | |
| text/xml | |
| image/svg+xml | |
| application/xml | |
| application/xml+rss; | |
| # | |
| # Disable for IE < 6 | |
| gzip_disable "MSIE [1-6].(?!.*SV1)"; | |
| ###################### | |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pid logs/nginx.pid; | |
| worker_processes 1; | |
| events { | |
| worker_connections 512; | |
| use epoll; | |
| } | |
| http { | |
| include mime.types; | |
| include gzip.conf; | |
| #include proxy.conf; | |
| default_type application/octet-stream; | |
| sendfile on; | |
| tcp_nopush on; | |
| tcp_nodelay off; | |
| chunked_transfer_encoding on; | |
| if_modified_since before; | |
| merge_slashes on; | |
| access_log off; | |
| log_format main '$remote_addr - $remote_user [$time_local] ' | |
| '"$request" $status $body_bytes_sent ' | |
| '"$http_referer" "$http_user_agent" ' | |
| ' gzip_ratio "$gzip_ratio"'; | |
| #include productionServer.conf; | |
| include developmentServer.conf; | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pid logs/nginx.pid; | |
| worker_processes 1; | |
| events { | |
| worker_connections 512; | |
| # use epoll most likely the default anyway; | |
| use epoll; | |
| } | |
| http { | |
| include mime.types; | |
| include gzip.conf; | |
| include proxy.conf; | |
| default_type application/octet-stream; | |
| sendfile on; | |
| tcp_nopush on; | |
| tcp_nodelay off; | |
| # altered defaults | |
| chunked_transfer_encoding on; | |
| if_modified_since before; | |
| merge_slashes on; | |
| access_log off; | |
| #log_format log_with_ratio "'$host ', gzip_ratio '$gzip_ratio' "; | |
| log_format main '$remote_addr - $remote_user [$time_local] ' | |
| '"$request" $status $body_bytes_sent ' | |
| '"$http_referer" "$http_user_agent" ' | |
| ' gzip_ratio "$gzip_ratio"'; | |
| include productionServer.conf; | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| pid logs/nginx.pid; | |
| worker_processes 1; | |
| events { | |
| worker_connections 512; | |
| use epoll; | |
| } | |
| http { | |
| include mime.types; | |
| include gzip.conf; | |
| #include proxy.conf; | |
| default_type application/octet-stream; | |
| sendfile on; | |
| tcp_nopush on; | |
| tcp_nodelay off; | |
| chunked_transfer_encoding on; | |
| if_modified_since before; | |
| merge_slashes on; | |
| access_log off; | |
| log_format main '$remote_addr - $remote_user [$time_local] ' | |
| '"$request" $status $body_bytes_sent ' | |
| '"$http_referer" "$http_user_agent" ' | |
| ' gzip_ratio "$gzip_ratio"'; | |
| #include productionServer.conf; | |
| include developmentServer.conf; | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # ./nginx-production.sh | |
| #=========== | |
| #Grant MacKenzie <grantmacken@gmail.com> | |
| #v0.1, May 2013 | |
| #................................................................................ | |
| # dBin='~/bin' | |
| # if [ ! -d ~/bin ] ; then | |
| # mkdir ~/bin | |
| # fi | |
| # | |
| # git clone https://gist.github.com/5381105.git | |
| # cd 5381105 | |
| # chmod +x prodConfig.sh | |
| # sudo ./prodConfig.sh | |
| #................................................................................ | |
| if [ ! -d /usr/local/nginx/cache ] ; then | |
| mkdir /usr/local/nginx/cache | |
| fi | |
| if [ ! -d /usr/local/nginx/proxy ] ; then | |
| mkdir /usr/local/nginx/proxy | |
| fi | |
| # the only dif line | |
| cp nginx-prod.conf /usr/local/nginx/conf/nginx.conf | |
| cp proxy.conf /usr/local/nginx/conf/proxy.conf | |
| cp proxy_cache.conf /usr/local/nginx/conf/proxy_cache.conf | |
| cp gzip.conf /usr/local/nginx/conf/gzip.conf | |
| cp productionServer.conf /usr/local/nginx/conf/productionServer.conf | |
| # remove proxy cache | |
| cd /usr/local/nginx/cache | |
| rm -rf * | |
| nginx -V | |
| nginx -t | |
| nginx -s reload |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80 default deferred; | |
| server_name ~^(www\.)?(?<domain>.+)$; | |
| charset utf-8; | |
| access_log /var/log/nginx/file.log main; | |
| # root set to eXist data file system | |
| root /usr/local/eXist/webapp/WEB-INF/data/fs/db/apps/$domain; | |
| ####################### | |
| # production server locations | |
| # for remote production server | |
| # | |
| ###################### | |
| ############# | |
| # a bundle of rewrites for serving html pages | |
| # eXist templating handles html pages so they get proxied as html | |
| ############# | |
| rewrite ^/?(?:index|index.html)?$ /index.html break; | |
| rewrite ^/?([\w\-_]+)/?(?:index|index.html)?$ /$1/index.html break; | |
| rewrite ^/?((?:[\w\-_]+)/(?:[\w\-_]+))(?:.html)?$ /$1.html break; | |
| location ~* ^(.*)\.html$ { | |
| gzip_static off; | |
| try_files $uri @proxy; | |
| } | |
| ########################## | |
| # IMAGES | |
| # look for images on disk first, reverse proxied thru eXist if not found | |
| # images don't have to have an extension ref. try files | |
| # don't bother to gzip or look for gzip file | |
| # make browser cache images with expires set to max into the future | |
| # SVG images are the exception as we want to gzip these and | |
| # cache to fs them once received from eXist | |
| # ####################### | |
| location ~* ^(/resources/images/svg.+)$ { | |
| include proxy_cache.conf; | |
| gzip_static on; | |
| expires max; | |
| add_header Pragma public; | |
| try_files $uri $uri.svg.gz $uri.svg @proxy; | |
| log_not_found off; | |
| } | |
| location ~* ^(/resources/images.+)$ { | |
| gzip_static off; | |
| expires max; | |
| #add_header Expires "Thu, 31 Dec 2037 23:55:55 GMT"; | |
| #add_header Cache-Control "public, max-age=315360000"; | |
| add_header Pragma public; | |
| try_files $uri $uri.jpg $uri.jpeg $uri.gif $uri.png $uri.ico @proxy; | |
| log_not_found off; | |
| } | |
| ########################## | |
| # STYLES AND SCRIPTS | |
| # look for gzipped css on disk first [ filename.css.gz ] | |
| # look for css on disk next [ filename.css ] | |
| # css don't have to have an extension ref. try files | |
| # make browser cache images with expires set to max into the future | |
| # ####################### | |
| location ~* ^(/resources/styles.+)$ { | |
| gzip_static on; | |
| expires max; | |
| add_header Pragma public; | |
| #add_header Cache-Control "public, must-revalidate, proxy-revalidate"; | |
| try_files $uri $uri.css.gz $uri.css @proxy; | |
| } | |
| location ~* ^(/resources/scripts)$ { | |
| gzip_static on; | |
| expires max; | |
| add_header Pragma public; | |
| #add_header Cache-Control "public, must-revalidate, proxy-revalidate"; | |
| try_files $uri $uri.js.gz $uri $uri.js @proxy; | |
| } | |
| ########################## | |
| # our production reverse proxy | |
| # also includes a proxy cache | |
| # ####################### | |
| location @proxy { | |
| include proxy_cache.conf; | |
| rewrite ^/?(.*)$ /exist/apps/$domain/$1 break; | |
| proxy_pass http://localhost:8080; | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| ###################### | |
| # proxy Configuration. | |
| # http://wiki.nginx.org/HttpProxyModule | |
| # /exist/apps/doc/production_web_proxying.xml | |
| # todo include file | |
| ####################### | |
| proxy_redirect off; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header nginx-request-uri $request_uri; | |
| # optional no jetty cookies | |
| #proxy_set_header Cookie ""; | |
| proxy_hide_header Set-Cookie; | |
| client_max_body_size 10m; | |
| client_body_buffer_size 128k; | |
| # increase timeout | |
| proxy_connect_timeout 300; | |
| proxy_send_timeout 120; | |
| proxy_read_timeout 120; | |
| #increase proxy memory buffer for faster responses: | |
| proxy_buffers 4 32k; | |
| proxy_busy_buffers_size 32k; | |
| proxy_temp_file_write_size 32k; | |
| # end proxy defaults | |
| # set proxy_cache_path here but enable with include proxy_cache.conf on location basis | |
| proxy_cache_path /usr/local/nginx/cache levels=1:2 keys_zone=muCache:8m inactive=600m max_size=1000m; | |
| proxy_temp_path /usr/local/nginx/proxy; | |
| proxy_cache_key "$scheme$request_method$host$request_uri"; |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # PROXY CACHE | |
| proxy_cache muCache; | |
| proxy_cache_valid 200 302 1d; | |
| proxy_cache_valid 301 301 1d; | |
| proxy_cache_valid 404 1m; | |
| #proxy_cache_valid any 1m; | |
| proxy_ignore_headers "X-Accel-Redirect" "X-Accel-Expires" "Expires" "Cache-Control" "Set-Cookie"; | |
| #proxy_pass_header Set-Cookie; | |
| #Specifies in what cases a response will not be cached, e.g. | |
| #proxy_no_cache $cookie_nocache $arg_nocache $arg_comment; | |
| #proxy_no_cache $http_pragma $http_authorization; | |
| # no jetty cookies | |
| #proxy_set_header Cookie ""; | |
| #proxy_hide_header Set-Cookie; | |
| add_header X-Cache-Status $upstream_cache_status; |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment