nginx.conf.orig (3357B)
1 # /etc/nginx/nginx.conf 2 3 user nginx; 4 5 # Set number of worker processes automatically based on number of CPU cores. 6 worker_processes auto; 7 8 # Enables the use of JIT for regular expressions to speed-up their processing. 9 pcre_jit on; 10 11 # Configures default error logger. 12 error_log /var/log/nginx/error.log warn; 13 14 # Includes files with directives to load dynamic modules. 15 include /etc/nginx/modules/*.conf; 16 17 # Uncomment to include files with config snippets into the root context. 18 # NOTE: This will be enabled by default in Alpine 3.15. 19 #include /etc/nginx/conf.d/*.conf; 20 21 events { 22 # The maximum number of simultaneous connections that can be opened by 23 # a worker process. 24 worker_connections 1024; 25 } 26 27 http { 28 # Includes mapping of file name extensions to MIME types of responses 29 # and defines the default type. 30 include /etc/nginx/mime.types; 31 default_type application/octet-stream; 32 33 # Name servers used to resolve names of upstream servers into addresses. 34 # It's also needed when using tcpsocket and udpsocket in Lua modules. 35 #resolver 1.1.1.1 1.0.0.1 2606:4700:4700::1111 2606:4700:4700::1001; 36 37 # Don't tell nginx version to the clients. Default is 'on'. 38 server_tokens off; 39 40 # Specifies the maximum accepted body size of a client request, as 41 # indicated by the request header Content-Length. If the stated content 42 # length is greater than this size, then the client receives the HTTP 43 # error code 413. Set to 0 to disable. Default is '1m'. 44 client_max_body_size 1m; 45 46 # Sendfile copies data between one FD and other from within the kernel, 47 # which is more efficient than read() + write(). Default is off. 48 sendfile on; 49 50 # Causes nginx to attempt to send its HTTP response head in one packet, 51 # instead of using partial frames. Default is 'off'. 52 tcp_nopush on; 53 54 55 # Enables the specified protocols. Default is TLSv1 TLSv1.1 TLSv1.2. 56 # TIP: If you're not obligated to support ancient clients, remove TLSv1.1. 57 ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3; 58 59 # Path of the file with Diffie-Hellman parameters for EDH ciphers. 60 # TIP: Generate with: `openssl dhparam -out /etc/ssl/nginx/dh2048.pem 2048` 61 #ssl_dhparam /etc/ssl/nginx/dh2048.pem; 62 63 # Specifies that our cipher suits should be preferred over client ciphers. 64 # Default is 'off'. 65 ssl_prefer_server_ciphers on; 66 67 # Enables a shared SSL cache with size that can hold around 8000 sessions. 68 # Default is 'none'. 69 ssl_session_cache shared:SSL:2m; 70 71 # Specifies a time during which a client may reuse the session parameters. 72 # Default is '5m'. 73 ssl_session_timeout 1h; 74 75 # Disable TLS session tickets (they are insecure). Default is 'on'. 76 ssl_session_tickets off; 77 78 79 # Enable gzipping of responses. 80 #gzip on; 81 82 # Set the Vary HTTP header as defined in the RFC 2616. Default is 'off'. 83 gzip_vary on; 84 85 86 # Helper variable for proxying websockets. 87 map $http_upgrade $connection_upgrade { 88 default upgrade; 89 '' close; 90 } 91 92 93 # Specifies the main log format. 94 log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 95 '$status $body_bytes_sent "$http_referer" ' 96 '"$http_user_agent" "$http_x_forwarded_for"'; 97 98 # Sets the path, format, and configuration for a buffered log write. 99 access_log /var/log/nginx/access.log main; 100 101 102 # Includes virtual hosts configs. 103 include /etc/nginx/http.d/*.conf; 104 } 105 106 # TIP: Uncomment if you use stream module. 107 #include /etc/nginx/stream.conf;