github.com/ddev/ddev@v1.23.2-0.20240519125000-d824ffe36ff3/containers/ddev-webserver/ddev-webserver-base-files/etc/nginx/nginx.conf (about)

     1  # Configuration File - Nginx Server Configs
     2  # http://nginx.org/en/docs/dirindex.html
     3  
     4  # Run as a unique, less privileged user for security reasons.
     5  # user nginx nginx;
     6  
     7  # Sets the worker threads to the number of CPU cores available in the system for best performance.
     8  # Should be > the number of CPU cores.
     9  # Maximum number of connections = worker_processes * worker_connections
    10  worker_processes auto;
    11  
    12  # Maximum number of open files per worker process.
    13  # Should be > worker_connections.
    14  # worker_rlimit_nofile 8192;
    15  
    16  events {
    17    # If you need more connections than this, you start optimizing your OS.
    18    # That's probably the point at which you hire people who are smarter than you as this is *a lot* of requests.
    19    # Should be < worker_rlimit_nofile.
    20    worker_connections 1024;
    21  }
    22  
    23  # Log errors and warnings to this file
    24  # This is only used when you don't override it on a server{} level
    25  # error_log  logs/error.log warn;
    26  
    27  # The file storing the process ID of the main process
    28  # pid        /var/run/nginx.pid;
    29  
    30  http {
    31  
    32    # Hide nginx version information.
    33    server_tokens off;
    34    # As of 2020-11, google.com still supports TLSv1 and TLSv1.1, so continuing to support
    35    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    36  
    37    # Specify MIME types for files.
    38    include       mime.types;
    39  
    40    default_type  application/octet-stream;
    41  
    42    # Update charset_types to match updated mime.types.
    43    # text/html is always included by charset module.
    44    charset_types text/css text/plain text/vnd.wap.wml application/javascript application/json application/rss+xml application/xml;
    45  
    46    # Include $http_x_forwarded_for within default format used in log files
    47    # log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    48    #                   '$status $body_bytes_sent "$http_referer" '
    49    #                   '"$http_user_agent" "$http_x_forwarded_for"';
    50  
    51    # Log access to this file
    52    # This is only used when you don't override it on a server{} level
    53    # access_log logs/access.log main;
    54  
    55    # How long to allow each connection to stay idle.
    56    # Longer values are better for each individual client, particularly for SSL,
    57    # but means that worker connections are tied up longer.
    58    keepalive_timeout 2;
    59  
    60    # Speed up file transfers by using sendfile() to copy directly
    61    # between descriptors rather than using read()/write().
    62    # For performance reasons, on FreeBSD systems w/ ZFS
    63    # this option should be disabled as ZFS's ARC caches
    64    # frequently used files in RAM by default.
    65    sendfile        on;
    66  
    67    # Don't send out partial frames; this increases throughput
    68    # since TCP frames are filled up before being sent out.
    69    # tcp_nopush      on;
    70  
    71    # Sets the maximum allowed size of the client request body, specified in the
    72    # "Content-Length" request header field. If the size in a request exceeds the
    73    # configured value, the 413 error is returned to the client.
    74    client_max_body_size 0;
    75  
    76    # Enable gzip compression.
    77    gzip on;
    78  
    79    # Compression level (1-9).
    80    # 5 is a perfect compromise between size and CPU usage, offering about
    81    # 75% reduction for most ASCII files (almost identical to level 9).
    82    gzip_comp_level    5;
    83  
    84    # Don't compress anything that's already small and unlikely to shrink much
    85    # if at all (the default is 20 bytes, which is bad as that usually leads to
    86    # larger files after gzipping).
    87    gzip_min_length    256;
    88  
    89    # Compress data even for clients that are connecting to us via proxies,
    90    # identified by the "Via" header (required for CloudFront).
    91    gzip_proxied       any;
    92  
    93    # Tell proxies to cache both the gzipped and regular version of a resource
    94    # whenever the client's Accept-Encoding capabilities header varies;
    95    # Avoids the issue where a non-gzip capable client (which is extremely rare
    96    # today) would display gibberish if their proxy gave them the gzipped version.
    97    gzip_vary          on;
    98  
    99    # Compress all output labeled with one of the following MIME-types.
   100    gzip_types
   101      application/atom+xml
   102      application/javascript
   103      application/json
   104      application/ld+json
   105      application/manifest+json
   106      application/rss+xml
   107      application/vnd.geo+json
   108      application/vnd.ms-fontobject
   109      application/x-font-ttf
   110      application/x-web-app-manifest+json
   111      application/xhtml+xml
   112      application/xml
   113      font/opentype
   114      image/bmp
   115      image/svg+xml
   116      image/x-icon
   117      text/cache-manifest
   118      text/css
   119      text/plain
   120      text/vcard
   121      text/vnd.rim.location.xloc
   122      text/vtt
   123      text/x-component
   124      text/x-cross-domain-policy
   125      text/javascript;
   126  
   127    # Set https to 'on' if x-forwarded-proto is https
   128    map $http_x_forwarded_proto $fcgi_https {
   129      default off;
   130      https on;
   131    }
   132  
   133    # Double the default value for large_client_header_buffers - large cookie payloads
   134    large_client_header_buffers 4 16k;
   135  
   136    # Include files in the sites-enabled folder.
   137    include /etc/nginx/sites-enabled/*.conf;
   138  }
   139  
   140  daemon off;