最終的なnginx.confとビルド時のコマンド
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user nginx; | |
| pid /var/run/nginx.pid; | |
| worker_processes auto; | |
| worker_rlimit_nofile 8192; | |
| error_log /var/log/nginx/error.log warn; | |
| events { | |
| worker_connections 2048; | |
| multi_accept on; | |
| use epoll; | |
| } | |
| http { | |
| include /etc/nginx/mime.types; | |
| default_type application/octet-stream; | |
| server_tokens off; | |
| sendfile on; | |
| tcp_nopush on; | |
| keepalive_timeout 75; | |
| gzip on; | |
| gzip_vary on; | |
| gzip_types text/css text/javascript application/javascript; | |
| gzip_comp_level 1; | |
| proxy_cache_path /var/cache/nginx/cache levels=1:2 keys_zone=example:8m max_size=50m inactive=120m; | |
| proxy_temp_path /var/cache/nginx/tmp; | |
| proxy_redirect off; | |
| proxy_set_header Host $host; | |
| proxy_set_header X-Real-IP $remote_addr; | |
| proxy_set_header X-Forwarded-Host $host; | |
| proxy_set_header X-Forwarded-Server $host; | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| # | |
| # DDos対策 | |
| # | |
| # 同時接続数制限を行う際のメモリ領域を10MB確保 | |
| limit_conn_zone $binary_remote_addr zone=limit_conn_example:10m; | |
| # 1秒あたり50リクエストを超えるペースだと503を返す | |
| limit_req_zone $binary_remote_addr zone=limit_req_example:10m rate=50r/s; | |
| geoip_country /usr/share/GeoIP/GeoIP.dat; | |
| geoip_city /usr/share/GeoIP/GeoLiteCity.dat; | |
| log_format ltsv "remote_addr:$remote_addr\t" | |
| "remote_user:$remote_user\t" | |
| "time_local:$time_local\t" | |
| "request:$request\t" | |
| "status:$status\t" | |
| "body_bytes_sent:$body_bytes_sent\t" | |
| "http_refer:$http_referer\t" | |
| "http_user_agent:$http_user_agent\t" | |
| "request_time:$request_time\t" | |
| "cache:$upstream_http_x_cache\t" | |
| "runtime:$upstream_http_x_runtime\t" | |
| "apptime:$upstream_response_time\t" | |
| "vhost:$host\t" | |
| "geoip_country_name:$geoip_city_country_name\t" | |
| "geoip_country_code3:$geoip_city_country_code3\t" | |
| "geoip_city:$geoip_city"; | |
| access_log /var/log/nginx/access.log ltsv; | |
| server { | |
| listen 80; | |
| # listen 443 ssl spdy default_server; | |
| server_name www.example.com; | |
| location / { | |
| # 1つのIPからの同時接続数が100を超えると503が返る | |
| limit_conn limit_conn_example 100; | |
| # 1秒あたり50リクエストを超えた場合、100リクエストまで待つ | |
| limit_req zone=limit_req_example burst=100; | |
| proxy_pass http://example; | |
| proxy_cache example; | |
| proxy_cache_valid 200 302 60m; | |
| proxy_cache_valid 404 10m; | |
| } | |
| location ~* ^.+.(jpg|gif|png|css|js|ico|woff) { | |
| root /path/to/example/public; | |
| expires 10d; | |
| } | |
| } | |
| upstream exapmle { | |
| server unix:/path/to/example/shared/tmp/sockets/unicorn.sock; | |
| } | |
| } |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ ./configure \ | |
| --user=nginx \ | |
| --group=nginx \ | |
| --prefix=/etc/nginx \ | |
| --sbin-path=/usr/sbin/nginx \ | |
| --conf-path=/etc/nginx/nginx.conf \ | |
| --error-log-path=/var/log/nginx/error.log \ | |
| --pid-path=/var/run/nginx.pid \ | |
| --lock-path=/var/run/nginx.lock \ | |
| --http-log-path=/var/log/nginx/access.log \ | |
| --with-http_realip_module \ | |
| --with-http_addition_module \ | |
| --with-http_image_filter_module \ | |
| --with-http_geoip_module \ | |
| --with-http_ssl_module \ | |
| --with-http_spdy_module \ | |
| --with-http_gzip_static_module \ | |
| --with-http_gunzip_module \ | |
| --with-ipv6 \ | |
| --with-pcre=/tmp/pcre-8.36 | |
| $ make | |
| $ make install |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment