rdiezv/ghost-performance-nginx-config.conf

## ghost-performance-nginx-config.conf
# sets the proxy cache path location, max size 2g
proxy_cache_path  /data/nginx/cache  levels=1:2 keys_zone=STATIC:100m inactive=24h max_size=2g;

# transfers the `Host` header to the backend
proxy_set_header        Host $host;

# uses the defined STATIC cache zone
proxy_cache             STATIC;

# cache 200 10 minutes, 404 1 minute, others status codes not cached
proxy_cache_valid 200 10m;
proxy_cache_valid 404 1m;

proxy_cache_key "$scheme$host$request_uri";
proxy_cache_use_stale   error timeout invalid_header updating http_500 http_502 http_503 http_504;
proxy_http_version 1.1;

# transfers real client IP to your ghost app,
# otherwise you would see your server ip
proxy_set_header        X-Real-IP        $remote_addr;
proxy_set_header        X-Forwarded-For  $proxy_add_x_forwarded_for;

client_max_body_size  20m;
client_body_buffer_size    128k;

# default expires (browser cache) set to 1 minute
expires 1m;

# gzip every proxied responses
gzip_proxied any;

# gzip only if user asks it
gzip_vary on;

# gzip only theses mime types
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript application/json application/javascript;
gzip_static on;

# add a cache HIT/MISS header
add_header X-Cache $upstream_cache_status;

# do not show incoming Etags, if-modified-since is sufficient
proxy_hide_header Etag;

server {
  listen 80;
  server_name function.fr;

  # add some caching on static assets
  location ~* \.(jpg|jpeg|png|gif|ico|css|js|eot|woff)$ {
    # ghost sends Cache-Control max-age=0 on CSS/JS for now
    # see https://github.com/TryGhost/Ghost/issues/1405?source=c#issuecomment-28196957
    proxy_ignore_headers "Cache-Control";
    expires 10y;
    proxy_pass http://ghost;
  }

  # remove caching on admin urls
  # AND on /signout/ which is badly routed for now
  # https://github.com/TryGhost/Ghost/issues/1439
  location ~ ^/(?:ghost|signout) {
    expires 0;
    add_header Cache-Control "no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0";
    proxy_pass http://ghost;
  }

  location / {
    # ghost sends a `set-cookie` header on every request
    # nginx says "no caching" if `set-cookie` is set
    # we do not need cookies on non-admin pages (blog posts)
    # so we ignore cookies and we hide them on pages other than /ghost/ (admin)
    proxy_ignore_headers "Set-Cookie";
    proxy_hide_header "Set-Cookie";
    proxy_pass http://ghost;
  }
}

upstream ghost {
  server localhost:2368;
}
	# sets the proxy cache path location, max size 2g
	proxy_cache_path /data/nginx/cache levels=1:2 keys_zone=STATIC:100m inactive=24h max_size=2g;

	# transfers the `Host` header to the backend
	proxy_set_header Host $host;

	# uses the defined STATIC cache zone
	proxy_cache STATIC;

	# cache 200 10 minutes, 404 1 minute, others status codes not cached
	proxy_cache_valid 200 10m;
	proxy_cache_valid 404 1m;

	proxy_cache_key "$scheme$host$request_uri";
	proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
	proxy_http_version 1.1;

	# transfers real client IP to your ghost app,
	# otherwise you would see your server ip
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;

	client_max_body_size 20m;
	client_body_buffer_size 128k;

	# default expires (browser cache) set to 1 minute
	expires 1m;

	# gzip every proxied responses
	gzip_proxied any;

	# gzip only if user asks it
	gzip_vary on;

	# gzip only theses mime types
	gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript application/json application/javascript;
	gzip_static on;

	# add a cache HIT/MISS header
	add_header X-Cache $upstream_cache_status;

	# do not show incoming Etags, if-modified-since is sufficient
	proxy_hide_header Etag;

	server {
	listen 80;
	server_name function.fr;

	# add some caching on static assets
	location ~* \.(jpg\|jpeg\|png\|gif\|ico\|css\|js\|eot\|woff)$ {
	# ghost sends Cache-Control max-age=0 on CSS/JS for now
	# see https://github.com/TryGhost/Ghost/issues/1405?source=c#issuecomment-28196957
	proxy_ignore_headers "Cache-Control";
	expires 10y;
	proxy_pass http://ghost;
	}

	# remove caching on admin urls
	# AND on /signout/ which is badly routed for now
	# https://github.com/TryGhost/Ghost/issues/1439
	location ~ ^/(?:ghost\|signout) {
	expires 0;
	add_header Cache-Control "no-cache, private, no-store, must-revalidate, max-stale=0, post-check=0, pre-check=0";
	proxy_pass http://ghost;
	}

	location / {
	# ghost sends a `set-cookie` header on every request
	# nginx says "no caching" if `set-cookie` is set
	# we do not need cookies on non-admin pages (blog posts)
	# so we ignore cookies and we hide them on pages other than /ghost/ (admin)
	proxy_ignore_headers "Set-Cookie";
	proxy_hide_header "Set-Cookie";
	proxy_pass http://ghost;
	}
	}

	upstream ghost {
	server localhost:2368;
	}