The basic configuration is as follows:
user www www;
worker_processes auto; #Generally the default is 1, but it can also be the number of cpu, or auto, automatically adjusted
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
error_log /data/logs/error_nginx.log error;
pid /var/run/nginx.pid;
worker_rlimit_nofile 51200; #This instruction refers to the maximum number of file descriptors opened by an nginx process. The theoretical value should be the maximum number of open files (ulimit -n) divided by the number of nginx processes, but nginx The allocation request is not so uniform, so it is best to keep the same value as ulimit -n.
Now the number of open files in the Linux 2.6 kernel is 65535, and worker_rlimit_nofile should fill in 65535 accordingly
events {
use epoll; #Used network io model, Linux defaults to epoll, FreeBSD recommends kqueue
worker_connections 51200; #The maximum number of simultaneous connections allowed for each worker process, (the maximum number of connections for nginx: Maxclient = work_processes * worker_connections)
multi_accept on; #If multi_accept is disabled, a nginx worker process can only accept a new connection at the same time. Otherwise, a worker process can accept all new connections at the same time. If nginx uses the kqueue connection method, then this instruction will be ignored, because this method will report the number of new connections waiting to be accepted
}
http {
include mime.types; ##File extension and file type mapping table
default_type application/octet-stream; #This type will make the browser think that the response is a normal file stream and prompt the user to download the file
log_format log_json ‘{"time_local":"$time_local",‘
‘"@timestamp": "$time_iso8601",‘
‘"domain":"$host",‘
‘"server_addr":"$server_addr",‘
‘"http_x_forwarded_for":"$http_x_forwarded_for",’
‘"remote_addr":"$remote_addr",‘
‘"request_method":"$request_method",‘
‘"user_agent":"$http_user_agent",‘
‘"request_uri":"$request_uri",‘
‘"http_referer":"$http_referer",‘
‘"size":$body_bytes_sent,‘
‘"request_time":$request_time,‘
‘"upstream_addr":"$upstream_addr",‘
‘"upstream_response_time":"$upstream_response_time",’
‘"upstream_status":"$upstream_status",‘
‘"upstream_connect_time":"$upstream_connect_time",‘
‘"scheme":"$scheme",‘
‘"status":$status}’;
access_log /data/logs/access_nginx.log log_json;
server_names_hash_bucket_size 128; #The hash table size of the server name, the size limit of the number of domain names following the server_name parameter
client_header_buffer_size 32k; #This command is similar to client_body_buffer_size. It allocates a buffer for the request header. If the request header size is larger than the specified buffer, use the large_client_header_buffers instruction to allocate a larger buffer
large_client_header_buffers 4 32k; #Used to specify the maximum number and size of buffers for larger message headers in client requests, "4" is the number, "128" is the size, and the maximum buffer is 4 32KB. These buffers are allocated on demand only when the default buffer is insufficient. Release the buffer when the request is processed or the connection is switched to keep alive
client_max_body_size 1024m; #This command sets the maximum request body size that NGINX can handle. If the request is larger than the specified size, NGINX sends back an HTTP 413 (Request Entity too large) error. This instruction is very important if the server handles large file uploads. By default, the instruction value is 1m
client_body_buffer_size 10m; #Nginx allocates the buffer size of the requested data. If the requested data is smaller than client_body_buffer_size, the data will be stored in the memory directly. If the requested value is greater than client_body_buffer_size and less than client_max_body_size, the data will be stored in a temporary file first, in which temporary file?
In the path specified by client_body_temp, the default path value is /tmp/. Therefore, the configured client_body_temp address must allow the user group of the executing Nginx to have read and write permissions. Otherwise, when the transmitted data is larger than client_body_buffer_size, an error will be reported if writing to the temporary file fails.
sendfile on; #Open the efficient file transfer mode, set the tcp_nopush and tcp_nodely instructions to on to prevent network congestion
tcp_nopush on; #Prevent network congestion
tcp_nodelay on; #Prevent network congestion
keepalive_timeout 120; #A tcp connection generated by http after transmitting the last response, how many seconds will elapse before closing the connection
server_tokens off; #Modify or hide the version number of Nginx
fastcgi_connect_timeout 300; #Specify the timeout for connecting to the back-end FastCGI. FastCGI is a scalable and high-speed communication interface between the HTTP server and the dynamic scripting language. Most popular HTTP servers support FastCGI, including Apache, Nginx and lighttpd, etc.
fastcgi_send_timeout 300; #The timeout time for fastCGI request, this value refers to the timeout time for sending to fastCGI after two handshake has been completed
fastcgi_read_timeout 300; #Receive fastCGI response timeout, this value has completed two handshake after receiving fastCGI response timeout time
fastcgi_buffer_size 64k; #Specify how much buffer is needed to read the first part of the fastCGI response, generally the first part of the response will not exceed 1k, generally set to 64k
fastcgi_buffers 8 128k; #Specify how much and how much buffer is needed locally to buffer fastCGI responses
fastcgi_busy_buffers_size 128k; #The default value is twice that of fastcgi_buffers
fastcgi_temp_file_write_size 128k; #How big data block is used when writing fastcgi_temp_path, the default value is twice fastcgi_buffers
fastcgi_intercept_errors on; #This directive specifies whether to pass 4xx and 5xx error messages to the client, or allow nginx to use error_page to process error messages.
#Gzip Compression
vhost_traffic_status_zone;
gzip on; #Enable gzip compression output
gzip_buffers 16 8k; # means to apply for 16 units of 8k memory as the compression result stream cache, the default value is to apply for the same memory space as the original data to store the gzip compression result
gzip_comp_level 6; #Compression level, set the compression level of gzip, the value is [1-9], the larger the value, the higher the compression rate, the more resources are consumed during compression, usually a reasonable value is 3-5
gzip_http_version 1.1; #Compressed version (default 1.1, if the front end is squid2.5 please use 1.0)
gzip_min_length 256; #Used to set the minimum number of bytes allowed to be compressed. The number of page bytes is obtained from the content-length of the header. The default value is 0. It is compressed regardless of the size of the page. It is recommended to set it to be greater than The number of bytes of 1k, less than 1k may be more compressed, the larger the minimum compressed file size
gzip_proxied any;
Nginx is enabled when it is used as a reverse proxy. According to certain requests and responses, it is determined whether to enable gzip compression in the response to the proxy request. Whether to compress depends on the "Via" field in the request header. Multiple instructions can be specified at the same time. Two different parameters have the following meanings:
|
gzip_vary on; #Allows the front-end cache server to cache gzip-compressed pages, for example, use squid to cache nginx-compressed data gzip_types text/xml application/xml application/atom+xml application/rss+xml application /xhtml+xml image/svg+xml text/javascript application/javascript application/x-jav ascript text/x-json application/json application/x-web-app-manifest+json text/css text/plain text/x-component font/opentype application/x-font-ttf application/vnd.ms-fontobject image/ x-icon;
gzip_disable "MSIE [1-6]\.(?!.*SV1)"; #IE6 is not very friendly to Gzip, don’t give it Gzip
#If you have a lot of static files to serve through Nginx then caching of the files' metadata (not the actual files' contents) can save some latency.
open_file_cache max=1000 inactive=20s; #A cache is defined for 1,000 elements. The expiration time of the inactive parameter configuration is 20 seconds. There is no need to set the inactive time period for this instruction. By default, the inactive time period is 60 seconds.
|
enable this command to store the cache of the following information:
|
open_file_cache_valid 30s; #The instruction defines the time period (in seconds), after which the elements in open_file_cache will be revalidated. By default, recheck the element after 60 seconds
open_file_cache_min_uses 2; #NGINX will clear elements from the cache after the period of inactivity. This directive can be used to configure the minimum number of visits to mark the element for active use. By default, the minimum number of visits is set to 1 or more
open_file_cache_errors on; #NGINX can cache errors that occur during file access. But this needs to be enabled by setting the open_file_cache_errors directive. If error caching is enabled, NGINX will report the same error when accessing resources (not looking up resources). By default, error caching is set to off.
######################## default #################### #######After adding hosts, accessing a non-existent domain name will display the default page
server {
listen 10080;
listen 80;
server_name _;
access_log /data/logs/default_access_nginx.log log_json;
root /usr/local/nginx/html;
index index.html index.htm index.php;
location / {
default_type text/html;
expires 7d;
return 200 ‘hello world!!!’; #Return to set value when frequently visited
}
location /nginx_status { #nginx status monitoring
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
# location ~ [^/]\.php(/|$) {
# #fastcgi_pass remote_php_ip:9000;
# fastcgi_pass unix:/dev/shm/php-cgi.sock;
# fastcgi_index index.php;
# include fastcgi.conf;
#}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
expires 30d;
access_log off;
}
location ~ .*\.(js|css)?$ {
expires 7d;
access_log off;
}
location ~ /\.ht {
deny all;
}
location /vt_status {#Traffic statistics, there are pages
vhost_traffic_status_display;
vhost_traffic_status_display_format html;
allow 127.0.0.1;
allow 10.0.0.0/8;
deny all;
}
}
######################### vhost ################# ##########Introduce other files, write separately to facilitate maintenance
include vhost/*.conf;
include vhost/internal/*.conf;
include upstream/*.conf;
}
Log format:
{ “time_local”:”22/Jul/2019:03:42:58 +0800″,”@timestamp”: “2019-07-22T03:42:58+08:00″,”domain”:”www.baidu. com”,”server_addr”:”xx.xx.xx”,”http_x_forwarded_for”:”-“,”remote_addr”:”10.23.10.28″,”request_method”:”GET”,”user_agent”:”curl/7.29. 0″,”request_uri”:”/idfd/v1/server/live”,”http_referer”:”-“,”size”:17,”request_time”:0.011,”upstream_addr”:”10.10.31.73:8081″, “upstream_response_time”:”0.011″,”upstream_status”:”200″,”upstream_connect_time”:”0.001″,”scheme”:”http”,”status”:200}
user www www;
worker_processes auto; #Generally the default is 1, but it can also be the number of cpu, or auto, automatically adjusted
#error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
#pid logs/nginx.pid;
error_log /data/logs/error_nginx.log error;
pid /var/run/nginx.pid;
worker_rlimit_nofile 51200; #This instruction refers to the maximum number of file descriptors opened by an nginx process. The theoretical value should be the maximum number of open files (ulimit -n) divided by the number of nginx processes, but nginx The allocation request is not so uniform, so it is best to keep the same value as ulimit -n.
Now the number of open files in the Linux 2.6 kernel is 65535, and worker_rlimit_nofile should fill in 65535 accordingly
events {
use epoll; #Used network io model, Linux defaults to epoll, FreeBSD recommends kqueue
worker_connections 51200; #The maximum number of simultaneous connections allowed for each worker process, (the maximum number of connections for nginx: Maxclient = work_processes * worker_connections)
multi_accept on; #If multi_accept is disabled, a nginx worker process can only accept a new connection at the same time. Otherwise, a worker process can accept all new connections at the same time. If nginx uses the kqueue connection method, then this instruction will be ignored, because this method will report the number of new connections waiting to be accepted
}
http {
include mime.types; ##File extension and file type mapping table
default_type application/octet-stream; #This type will make the browser think that the response is a normal file stream and prompt the user to download the file
log_format log_json ‘{"time_local":"$time_local",‘
‘"@timestamp": "$time_iso8601",‘
‘"domain":"$host",‘
‘"server_addr":"$server_addr",‘
‘"http_x_forwarded_for":"$http_x_forwarded_for",’
‘"remote_addr":"$remote_addr",‘
‘"request_method":"$request_method",‘
‘"user_agent":"$http_user_agent",‘
‘"request_uri":"$request_uri",‘
‘"http_referer":"$http_referer",‘
‘"size":$body_bytes_sent,‘
‘"request_time":$request_time,‘
‘"upstream_addr":"$upstream_addr",‘
‘"upstream_response_time":"$upstream_response_time",’
‘"upstream_status":"$upstream_status",‘
‘"upstream_connect_time":"$upstream_connect_time",‘
‘"scheme":"$scheme",‘
‘"status":$status}’;
access_log /data/logs/access_nginx.log log_json;
server_names_hash_bucket_size 128; #The hash table size of the server name, the size limit of the number of domain names following the server_name parameter
client_header_buffer_size 32k; #This command is similar to client_body_buffer_size. It allocates a buffer for the request header. If the request header size is larger than the specified buffer, use the large_client_header_buffers instruction to allocate a larger buffer
large_client_header_buffers 4 32k; #Used to specify the maximum number and size of buffers for larger message headers in client requests, "4" is the number, "128" is the size, and the maximum buffer is 4 32KB. These buffers are allocated on demand only when the default buffer is insufficient. Release the buffer when the request is processed or the connection is switched to keep alive
client_max_body_size 1024m; #This command sets the maximum request body size that NGINX can handle. If the request is larger than the specified size, NGINX sends back an HTTP 413 (Request Entity too large) error. This instruction is very important if the server handles large file uploads. By default, the instruction value is 1m
client_body_buffer_size 10m; #Nginx allocates the buffer size of the requested data. If the requested data is smaller than client_body_buffer_size, the data will be stored in the memory directly. If the requested value is greater than client_body_buffer_size and less than client_max_body_size, the data will be stored in a temporary file first, in which temporary file?
In the path specified by client_body_temp, the default path value is /tmp/. Therefore, the configured client_body_temp address must allow the user group of the executing Nginx to have read and write permissions. Otherwise, when the transmitted data is larger than client_body_buffer_size, an error will be reported if writing to the temporary file fails.
sendfile on; #Open the efficient file transfer mode, set the tcp_nopush and tcp_nodely instructions to on to prevent network congestion
tcp_nopush on; #Prevent network congestion
tcp_nodelay on; #Prevent network congestion
keepalive_timeout 120; #A tcp connection generated by http after transmitting the last response, how many seconds will elapse before closing the connection
server_tokens off; #Modify or hide the version number of Nginx
fastcgi_connect_timeout 300; #Specify the timeout for connecting to the back-end FastCGI. FastCGI is a scalable and high-speed communication interface between the HTTP server and the dynamic scripting language. Most popular HTTP servers support FastCGI, including Apache, Nginx and lighttpd, etc.
fastcgi_send_timeout 300; #The timeout time for fastCGI request, this value refers to the timeout time for sending to fastCGI after two handshake has been completed
fastcgi_read_timeout 300; #Receive fastCGI response timeout, this value has completed two handshake after receiving fastCGI response timeout time
fastcgi_buffer_size 64k; #Specify how much buffer is needed to read the first part of the fastCGI response, generally the first part of the response will not exceed 1k, generally set to 64k
fastcgi_buffers 8 128k; #Specify how much and how much buffer is needed locally to buffer fastCGI responses
fastcgi_busy_buffers_size 128k; #The default value is twice that of fastcgi_buffers
fastcgi_temp_file_write_size 128k; #How big data block is used when writing fastcgi_temp_path, the default value is twice fastcgi_buffers
fastcgi_intercept_errors on; #This directive specifies whether to pass 4xx and 5xx error messages to the client, or allow nginx to use error_page to process error messages.
#Gzip Compression
vhost_traffic_status_zone;
gzip on; #Enable gzip compression output
gzip_buffers 16 8k; # means to apply for 16 units of 8k memory as the compression result stream cache, the default value is to apply for the same memory space as the original data to store the gzip compression result
gzip_comp_level 6; #Compression level, set the compression level of gzip, the value is [1-9], the larger the value, the higher the compression rate, the more resources are consumed during compression, usually a reasonable value is 3-5
gzip_http_version 1.1; #Compressed version (default 1.1, if the front end is squid2.5 please use 1.0)
gzip_min_length 256; #Used to set the minimum number of bytes allowed to be compressed. The number of page bytes is obtained from the content-length of the header. The default value is 0. It is compressed regardless of the size of the page. It is recommended to set it to be greater than The number of bytes of 1k, less than 1k may be more compressed, the larger the minimum compressed file size
gzip_proxied any;
Nginx is enabled when it is used as a reverse proxy. According to certain requests and responses, it is determined whether to enable gzip compression in the response to the proxy request. Whether to compress depends on the "Via" field in the request header. Multiple instructions can be specified at the same time. Two different parameters have the following meanings:
|
gzip_vary on; #Allows the front-end cache server to cache gzip-compressed pages, for example, use squid to cache nginx-compressed data gzip_types text/xml application/xml application/atom+xml application/rss+xml application /xhtml+xml image/svg+xml text/javascript application/javascript application/x-javascript text/x-json application/json application/x-web-app-manifest+json text/css text/plain text/x-component font/opentype application/x-font-ttf application/vnd.ms-fontobject image/x -icon;
gzip_disable "MSIE [1-6]\.(?!.*SV1)"; #IE6 is not very friendly to Gzip, don’t give it Gzip
#If you have a lot of static files to serve through Nginx then caching of the files' metadata (not the actual files' contents) can save some latency.
open_file_cache max=1000 inactive=20s; #A cache is defined for 1,000 elements. The expiration time of the inactive parameter configuration is 20 seconds. There is no need to set the inactive time period for this instruction. By default, the inactive time period is 60 seconds.
|
enable this command to store the cache of the following information:
|
open_file_cache_valid 30s; #The instruction defines the time period (in seconds), after which the elements in open_file_cache will be revalidated. By default, recheck the element after 60 seconds
open_file_cache_min_uses 2; #NGINX will clear elements from the cache after the period of inactivity. This directive can be used to configure the minimum number of visits to mark the element for active use. By default, the minimum number of visits is set to 1 or more
open_file_cache_errors on; #NGINX can cache errors that occur during file access. But this needs to be enabled by setting the open_file_cache_errors directive. If error caching is enabled, NGINX will report the same error when accessing resources (not looking up resources). By default, error caching is set to off.
######################## default #################### #######After adding hosts, accessing a non-existent domain name will display the default page
server {
listen 10080;
listen 80;
server_name _;
access_log /data/logs/default_access_nginx.log log_json;
root /usr/local/nginx/html;
index index.html index.htm index.php;
location / {
default_type text/html;
expires 7d;
return 200 ‘hello world!!!’; #Return to set value when frequently visited
}
location /nginx_status { #nginx status monitoring
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
# location ~ [^/]\.php(/|$) {
# #fastcgi_pass remote_php_ip:9000;
# fastcgi_pass unix:/dev/shm/php-cgi.sock;
# fastcgi_index index.php;
# include fastcgi.conf;
#}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
expires 30d;
access_log off;
}
location ~ .*\.(js|css)?$ {
expires 7d;
access_log off;
}
location ~ /\.ht {
deny all;
}
location /vt_status {#Traffic statistics, there are pages
vhost_traffic_status_display;
vhost_traffic_status_display_format html;
allow 127.0.0.1;
allow 10.0.0.0/8;
deny all;
}
}
######################### vhost ################# ##########Introduce other files, write separately to facilitate maintenance
include vhost/*.conf;
include vhost/internal/*.conf;
include upstream/*.conf;
}
Log format:
{ “time_local”:”22/Jul/2019:03:42:58 +0800″,”@timestamp”: “2019-07-22T03:42:58+08:00″,”domain”:”www.baidu. com”,”server_addr”:”xx.xx.xx”,”http_x_forwarded_for”:”-“,”remote_addr”:”10.23.10.28″,”request_method”:”GET”,”user_agent”:”curl/7.29. 0″,”request_uri”:”/idfd/v1/server/live”,”http_referer”:”-“,”size”:17,”request_time”:0.011,”upstream_addr”:”10.10.31.73:8081″, “upstream_response_time”:”0.011″,”upstream_status”:”200″,”upstream_connect_time”:”0.001″,”scheme”:”http”,”status”:200}
Enable this command to store the following information in the cache:
- Open file descriptor and related metadata, such as size, modification time, etc.
- Any errors related to the existence of files and directories, such as “Permission denied”, “File not found”, etc.
- The cache defines a fixed size, and during overflow, it removes the least recently used (LRU) element.
- The cache evicts elements after a period of inactivity. This command is disabled by default.