nginx.conf production

nginx.conf

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110

####################################################################### # # This is the main Nginx configuration file. # # More information about the configuration options is available on # * the English wiki - http://wiki.nginx.org/Main # * the Russian documentation - http://sysoev.ru/nginx/ # ####################################################################### #---------------------------------------------------------------------- # Main Module - directives that cover basic functionality # # http://wiki.nginx.org/NginxHttpMainModule # #---------------------------------------------------------------------- user nginx; worker_processes 2; error_log /var/log/nginx/error.log; #error_log /var/log/nginx/error.log notice; #error_log /var/log/nginx/error.log info; pid /var/run/nginx.pid; #---------------------------------------------------------------------- # Events Module # # http://wiki.nginx.org/NginxHttpEventsModule # #---------------------------------------------------------------------- events { worker_connections 1024; } #---------------------------------------------------------------------- # HTTP Core Module # # http://wiki.nginx.org/NginxHttpCoreModule # #---------------------------------------------------------------------- http { include /etc/nginx/mime.types; default_type application/octet-stream; map $scheme $fastcgi_https { ## Detect when HTTPS is used default off; https on; } log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; tcp_nopush on; tcp_nodelay on; client_header_timeout 10m; client_body_timeout 10m; send_timeout 10m; proxy_read_timeout 2m; fastcgi_read_timeout 3m; client_header_buffer_size 1k; large_client_header_buffers 4 4k; output_buffers 1 32k; postpone_output 1460; keepalive_timeout 60 15; types_hash_max_size 2048; ## # Gzip Settings ## gzip on; gzip_disable "msie6"; gzip_comp_level 6; #gzip_comp_level 9; gzip_min_length 1100; gzip_buffers 16 8k; gzip_proxied any; # gzip_http_version 1.1; gzip_types text/plain application/xml text/css text/js text/xml application/x-javascript text/javascript application/json application/xml+rss; # fastcgi nodes ### Below is example only upstream base_backend { #server unix:/var/run/php-fpm.sock; server 127.0.0.1:9000; } # Load config files from the /etc/nginx/conf.d directory include /etc/nginx/conf.d/*.conf; include /etc/nginx/conf.d/sites-enabled/*; }

---

base.conf

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80

server { listen 80; server_name base.com; rewrite / $scheme://www.$host$request_uri permanent; ## Forcibly prepend a www } server { listen 80 default; server_name www.base.com *.base.com x.x.x.x; ## Domain is here twice so server_name_in_redirect will favour the www root /var/www/vhosts/base.com/httpdocs; ## These locations would be hidden by .htaccess normally autoindex off; location /app/ { deny all; } location /includes/ { deny all; } location /lib/ { deny all; } location /media/downloadable/ { deny all; } location /pkginfo/ { deny all; } location /report/config.xml { deny all; } location /var/ { deny all; } location = /RELEASE_NOTES.txt { deny all; } location = /LICENSE_AFL.txt { deny all; } location = /LICENSE.html { deny all; } location = /LICENSE.txt { deny all; } location = /php.ini.sample { deny all; } location = /index.php.sample { deny all; } location /. { return 404; } location ~* \.(png|gif|jpg|jpeg|css|js|swf|ico|txt|xml|bmp|pdf|doc|docx|ppt|pptx|zip)$ { access_log off; expires 30d; } location ~* ^(/downloader|/js|/404|/report)(.*) { include /etc/nginx/fastcgi_params; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME $document_root$1/index.php$1; fastcgi_read_timeout 600; fastcgi_pass base_backend; } location @handler { ## Magento uses a common front handler rewrite / /index.php; } location ~ \.php/ { ## Forward paths like /js/index.php/x.js to relevant handler rewrite ^(.*\.php)/ $1 last; } location ~ \.php$ { ## Execute PHP scripts expires off; ## Do not cache dynamic content fastcgi_pass base_backend; fastcgi_param HTTPS $fastcgi_https; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; include fastcgi_params; ## See /etc/nginx/fastcgi_params } location / { index index.html index.php; ## Allow a static html file to be shown first try_files $uri $uri/ @handler; ## If missing pass the URI to Magento's front handler expires 30d; ## Assume all files are cachable if ($request_uri ~* "\.(png|gif|jpg|jpeg|css|js|swf|ico|txt|xml|bmp|pdf|doc|docx|ppt|pptx|zip)$") { expires max; } # set fastcgi settings, not allowed in the "if" block include /etc/nginx/fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root/index.php; fastcgi_param SCRIPT_NAME /index.php; fastcgi_param MAGE_RUN_CODE default; fastcgi_param MAGE_RUN_TYPE store; # rewrite - if file not found, pass it to the backend if (!-f $request_filename) { fastcgi_pass base_backend; break; } } }