| |
| |
| |
| |
|
|
| user nginx-app; |
| worker_processes auto; |
| error_log /var/log/nginx/error.log warn; |
| pid /var/run/nginx.pid; |
|
|
| |
| worker_rlimit_nofile 8192; |
|
|
| events { |
| worker_connections 4096; |
| use epoll; |
| multi_accept on; |
| } |
|
|
| http { |
| |
| include /etc/nginx/mime.types; |
| default_type application/octet-stream; |
|
|
| |
| log_format main '$remote_addr - $remote_user [$time_local] "$request" ' |
| '$status $body_bytes_sent "$http_referer" ' |
| '"$http_user_agent" "$http_x_forwarded_for"'; |
|
|
| access_log /var/log/nginx/access.log main; |
|
|
| |
| sendfile on; |
| tcp_nopush on; |
| tcp_nodelay on; |
| keepalive_timeout 65; |
| types_hash_max_size 2048; |
| server_tokens off; |
|
|
| |
| client_body_buffer_size 10K; |
| client_header_buffer_size 1k; |
| client_max_body_size 8m; |
| large_client_header_buffers 2 1k; |
|
|
| |
| client_body_timeout 12; |
| client_header_timeout 12; |
| send_timeout 10; |
|
|
| |
| gzip on; |
| gzip_vary on; |
| gzip_proxied any; |
| gzip_comp_level 6; |
| gzip_types |
| text/plain |
| text/css |
| text/xml |
| text/javascript |
| application/json |
| application/javascript |
| application/xml+rss |
| application/rss+xml |
| font/truetype |
| font/opentype |
| application/vnd.ms-fontobject |
| image/svg+xml; |
| gzip_min_length 1000; |
| gzip_disable "msie6"; |
|
|
| |
| add_header X-Frame-Options "SAMEORIGIN" always; |
| add_header X-Content-Type-Options "nosniff" always; |
| add_header X-XSS-Protection "1; mode=block" always; |
| add_header Referrer-Policy "strict-origin-when-cross-origin" always; |
|
|
| |
| include /etc/nginx/conf.d/*.conf; |
| } |
|
|
