From d5b7d91a17ac26f8ec3781c1faacc61cc785c21c Mon Sep 17 00:00:00 2001 From: Jose Quintana Date: Tue, 16 Mar 2021 09:14:24 +0100 Subject: refactor: prod server adjustments --- nginx/nginx.conf | 73 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 73 insertions(+) create mode 100644 nginx/nginx.conf (limited to 'nginx/nginx.conf') diff --git a/nginx/nginx.conf b/nginx/nginx.conf new file mode 100644 index 0000000..c45d90c --- /dev/null +++ b/nginx/nginx.conf @@ -0,0 +1,73 @@ +user nginx; +worker_processes auto; +error_log stderr crit; +pid /var/run/nginx.pid; + +events { + worker_connections 2048; + use epoll; +} + +http { + include /etc/nginx/mime.types; + default_type application/octet-stream; + + open_file_cache max=200000 inactive=20s; + open_file_cache_valid 30s; + open_file_cache_min_uses 2; + open_file_cache_errors on; + + access_log off; + error_log stderr crit; + + sendfile on; + sendfile_max_chunk 512k; + tcp_nopush on; + tcp_nodelay on; + types_hash_max_size 4096; + + keepalive_timeout 35; + + gzip on; + gzip_min_length 10240; + gzip_comp_level 1; + gzip_vary on; + gzip_disable msie6; + gzip_proxied expired no-cache no-store private auth; + # text/html is always compressed by HttpGzipModule + gzip_types + text/css + text/javascript + text/xml + text/plain + text/x-component + application/javascript + application/x-javascript + application/json + application/xml + application/rss+xml + application/atom+xml + font/truetype + font/opentype + application/vnd.ms-fontobject + image/svg+xml; + + reset_timedout_connection on; + client_body_timeout 10; + send_timeout 5; + + server_tokens off; + add_header X-Frame-Options SAMEORIGIN; + add_header X-Content-Type-Options nosniff; + add_header X-XSS-Protection "1; mode=block"; + + client_body_buffer_size 128k; + large_client_header_buffers 4 256k; + + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + include /etc/nginx/conf.d/*.conf; +} -- cgit v1.2.3