Spaces:
Running
Running
| # ============================================================================ | |
| # NGINX MAIN CONFIGURATION (Production) | |
| # ============================================================================ | |
| # Purpose: Core nginx settings for production deployment | |
| # | |
| # This file configures: | |
| # - Worker processes and connections | |
| # - Logging | |
| # - MIME types | |
| # - HTTP settings | |
| # | |
| # Server-specific config is in conf.d/default.conf | |
| # ============================================================================ | |
| user nginx; | |
| worker_processes auto; # Auto-detect CPU cores and create one worker per core | |
| # Error logging | |
| error_log /var/log/nginx/error.log warn; | |
| pid /var/run/nginx.pid; | |
| # Events block - connection handling | |
| events { | |
| worker_connections 1024; # Max concurrent connections per worker | |
| use epoll; # Efficient connection processing on Linux | |
| multi_accept on; # Accept multiple connections at once | |
| } | |
| # HTTP block - main configuration | |
| http { | |
| # MIME types | |
| include /etc/nginx/mime.types; | |
| default_type application/octet-stream; | |
| # Logging format | |
| log_format main '$remote_addr - $remote_user [$time_local] "$request" ' | |
| '$status $body_bytes_sent "$http_referer" ' | |
| '"$http_user_agent" "$http_x_forwarded_for"'; | |
| access_log /var/log/nginx/access.log main; | |
| # Performance optimizations | |
| sendfile on; # Efficient file transfer | |
| tcp_nopush on; # Send headers in one packet | |
| tcp_nodelay on; # Don't buffer data | |
| keepalive_timeout 65; # Keep connections alive for 65s | |
| types_hash_max_size 2048; # Increase MIME types hash table size | |
| # Gzip compression | |
| gzip on; | |
| gzip_vary on; | |
| gzip_proxied any; | |
| gzip_comp_level 6; | |
| gzip_types text/plain text/css text/xml text/javascript | |
| application/json application/javascript application/xml+rss | |
| application/rss+xml font/truetype font/opentype | |
| application/vnd.ms-fontobject image/svg+xml; | |
| gzip_disable "msie6"; | |
| # Security headers | |
| add_header X-Frame-Options "SAMEORIGIN" always; | |
| add_header X-Content-Type-Options "nosniff" always; | |
| add_header X-XSS-Protection "1; mode=block" always; | |
| # Hide nginx version | |
| server_tokens off; | |
| # Buffer sizes | |
| client_body_buffer_size 10K; | |
| client_header_buffer_size 1k; | |
| client_max_body_size 8m; | |
| large_client_header_buffers 2 1k; | |
| # Timeouts | |
| client_body_timeout 12; | |
| client_header_timeout 12; | |
| send_timeout 10; | |
| # Include server configurations | |
| include /etc/nginx/conf.d/*.conf; | |
| } | |