Created
April 5, 2018 09:11
-
-
Save reizist/15b839b9430c8b90a8cbfd4d43c59d69 to your computer and use it in GitHub Desktop.
社内イスコン
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# For more information on configuration, see: | |
# * Official English Documentation: http://nginx.org/en/docs/ | |
# * Official Russian Documentation: http://nginx.org/ru/docs/ | |
user nginx; | |
worker_processes auto; | |
# error_log /var/log/nginx/error.log; | |
pid /run/nginx.pid; | |
# Load dynamic modules. See /usr/share/nginx/README.dynamic. | |
include /usr/share/nginx/modules/*.conf; | |
# load_module /usr/lib64/nginx/modules/ngx_http_small_light_module.so; | |
events { | |
worker_connections 4000; | |
use epoll; | |
multi_accept on; | |
} | |
http { | |
log_format ltsv "time:$time_local" | |
"\thost:$remote_addr" | |
"\tforwardedfor:$http_x_forwarded_for" | |
"\treq:$request" | |
"\tstatus:$status" | |
"\tmethod:$request_method" | |
"\turi:$request_uri" | |
"\tsize:$body_bytes_sent" | |
"\treferer:$http_referer" | |
"\tua:$http_user_agent" | |
"\treqtime:$request_time" | |
"\tcache:$upstream_http_x_cache" | |
"\truntime:$upstream_http_x_runtime" | |
"\tapptime:$upstream_response_time" | |
"\tvhost:$host" | |
"\tsession_id:$cookie_session_id" | |
"\tlocation:$sent_http_location"; | |
# access_log /var/log/nginx/access.log ltsv; | |
access_log off; | |
sendfile on; | |
tcp_nopush on; | |
tcp_nodelay on; | |
keepalive_timeout 15; | |
types_hash_max_size 2048; | |
gzip on; | |
gzip_types text/css | |
text/javascript | |
application/javascript | |
application/json; | |
gzip_min_length 1000; | |
gzip_proxied any; | |
gzip_vary on; | |
reset_timedout_connection on; | |
client_header_timeout 15; | |
client_body_timeout 15; | |
client_max_body_size 10m; | |
client_body_buffer_size 32k; | |
client_header_buffer_size 2k; | |
large_client_header_buffers 4 8k; | |
include /etc/nginx/mime.types; | |
default_type application/octet-stream; | |
# Load modular configuration files from the /etc/nginx/conf.d directory. | |
# See http://nginx.org/en/docs/ngx_core_module.html#include | |
# for more information. | |
include /etc/nginx/conf.d/*.conf; | |
proxy_cache_path /var/cache/nginx keys_zone=zone1:1m max_size=1g inactive=24h; | |
proxy_temp_path /var/cache/nginx_tmp; | |
server { | |
listen 80; | |
server_name 80 default_server; | |
return 301 https://$host$request_uri; | |
} | |
server { | |
listen 443 ssl http2 default_server; | |
#listen 80 default_server; | |
#listen [::]:80 default_server; | |
server_name _; | |
ssl_stapling on; | |
resolver 8.8.8.8; # google-public-dns-a.google.com | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
ssl_certificate /etc/letsencrypt/live/r-isucon.blue/fullchain.pem; | |
ssl_certificate_key /etc/letsencrypt/live/r-isucon.blue/privkey.pem; | |
ssl_session_cache shared:SSL:10m; | |
ssl_dhparam dhparam.pem; | |
ssl_ciphers ECDHE+AESGCM:DHE+AESGCM:HIGH:!aNULL:!MD5; | |
ssl_prefer_server_ciphers on; | |
# Force using https | |
add_header Strict-Transport-Security "max-age=15768000; includeSubdomains"; | |
# Load configuration files for the default server block. | |
include /etc/nginx/default.d/*.conf; | |
location ~ ^/(stylesheets|js|fonts)/ { | |
open_file_cache max=100; | |
expires 30d; | |
root /opt/isucon/public; | |
} | |
location ~ ^/dx/300/dy/300/(.+)$ { | |
open_file_cache max=10000; | |
expires 30d; | |
root /opt/isucon/uploads; | |
# jpeg 画像の場合のみ変換 | |
# proxy_pass http://127.0.0.1:9003/$3?p=$width; | |
# proxy_cache zone1; | |
# # headerにcache hitしたかどうか | |
# add_header X-Nginx-Cache $upstream_cache_status; | |
# proxy_set_header X-Real-IP $remote_addr; | |
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
# proxy_set_header Host $http_host; | |
} | |
location ~ ^/dx/50/dy/50/(.+)$ { | |
open_file_cache max=10000; | |
expires 30d; | |
root /opt/isucon/uploads; | |
# jpeg 画像の場合のみ変換 | |
# proxy_pass http://127.0.0.1:9003/$3?p=$width; | |
# proxy_cache zone1; | |
# # headerにcache hitしたかどうか | |
# add_header X-Nginx-Cache $upstream_cache_status; | |
# proxy_set_header X-Real-IP $remote_addr; | |
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
# proxy_set_header Host $http_host; | |
} | |
location ~ ^/dx/25/dy/25/(.+)$ { | |
open_file_cache max=10000; | |
expires 30d; | |
root /opt/isucon/uploads; | |
# jpeg 画像の場合のみ変換 | |
# proxy_pass http://127.0.0.1:9003/$3?p=$width; | |
# proxy_cache zone1; | |
# # headerにcache hitしたかどうか | |
# add_header X-Nginx-Cache $upstream_cache_status; | |
# proxy_set_header X-Real-IP $remote_addr; | |
# proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
# proxy_set_header Host $http_host; | |
} | |
error_page 404 /404.html; | |
location = /40x.html { | |
} | |
error_page 500 502 503 504 /50x.html; | |
location = /50x.html { | |
} | |
location ~ / { | |
proxy_pass http://localhost:3000; | |
} | |
} | |
# server { | |
# root /opt/isucon/uploads; | |
# listen 9003; | |
# server_name localhost; | |
# sendfile off; | |
# small_light on; | |
# small_light_getparam_mode on; | |
# small_light_pattern_define 300 dw=300,dh=300,da=l,q=60,jpeghint=y,e=imagemagick; | |
# small_light_pattern_define 50 dw=50,dh=50,da=l,q=60,jpeghint=y,e=imagemagick; | |
# small_light_pattern_define 25 dw=25,dh=25,da=l,q=60,jpeghint=y,e=imagemagick; | |
# access_log /var/log/nginx/light.log ltsv; | |
# } | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment