github.com/drud/ddev@v1.21.5-alpha1.0.20230226034409-94fcc4b94453/containers/ddev-webserver/ddev-webserver-base-files/etc/nginx/nginx.conf (about)

     1  # Configuration File - Nginx Server Configs
     2  # http://nginx.org/en/docs/dirindex.html
     3  
     4  # Run as a unique, less privileged user for security reasons.
     5  # user nginx nginx;
     6  
     7  # Sets the worker threads to the number of CPU cores available in the system for best performance.
     8  # Should be > the number of CPU cores.
     9  # Maximum number of connections = worker_processes * worker_connections
    10  worker_processes auto;
    11  
    12  # Maximum number of open files per worker process.
    13  # Should be > worker_connections.
    14  # worker_rlimit_nofile 8192;
    15  
    16  events {
    17    # If you need more connections than this, you start optimizing your OS.
    18    # That's probably the point at which you hire people who are smarter than you as this is *a lot* of requests.
    19    # Should be < worker_rlimit_nofile.
    20    worker_connections 1024;
    21  }
    22  
    23  # Log errors and warnings to this file
    24  # This is only used when you don't override it on a server{} level
    25  # error_log  logs/error.log warn;
    26  
    27  # The file storing the process ID of the main process
    28  # pid        /var/run/nginx.pid;
    29  
    30  http {
    31  
    32    # Hide nginx version information.
    33    server_tokens off;
    34    # As of 2020-11, google.com still supports TLSv1 and TLSv1.1, so continuing to support
    35    ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
    36  
    37    # Specify MIME types for files.
    38    include       mime.types;
    39    default_type  application/octet-stream;
    40  
    41    # Update charset_types to match updated mime.types.
    42    # text/html is always included by charset module.
    43    charset_types text/css text/plain text/vnd.wap.wml application/javascript application/json application/rss+xml application/xml;
    44  
    45    # Include $http_x_forwarded_for within default format used in log files
    46    # log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    47    #                   '$status $body_bytes_sent "$http_referer" '
    48    #                   '"$http_user_agent" "$http_x_forwarded_for"';
    49  
    50    # Log access to this file
    51    # This is only used when you don't override it on a server{} level
    52    # access_log logs/access.log main;
    53  
    54    # How long to allow each connection to stay idle.
    55    # Longer values are better for each individual client, particularly for SSL,
    56    # but means that worker connections are tied up longer.
    57    keepalive_timeout 2;
    58  
    59    # Speed up file transfers by using sendfile() to copy directly
    60    # between descriptors rather than using read()/write().
    61    # For performance reasons, on FreeBSD systems w/ ZFS
    62    # this option should be disabled as ZFS's ARC caches
    63    # frequently used files in RAM by default.
    64    sendfile        on;
    65  
    66    # Don't send out partial frames; this increases throughput
    67    # since TCP frames are filled up before being sent out.
    68    # tcp_nopush      on;
    69  
    70    # Sets the maximum allowed size of the client request body, specified in the
    71    # "Content-Length" request header field. If the size in a request exceeds the
    72    # configured value, the 413 error is returned to the client.
    73    client_max_body_size 0;
    74  
    75    # Enable gzip compression.
    76    gzip on;
    77  
    78    # Compression level (1-9).
    79    # 5 is a perfect compromise between size and CPU usage, offering about
    80    # 75% reduction for most ASCII files (almost identical to level 9).
    81    gzip_comp_level    5;
    82  
    83    # Don't compress anything that's already small and unlikely to shrink much
    84    # if at all (the default is 20 bytes, which is bad as that usually leads to
    85    # larger files after gzipping).
    86    gzip_min_length    256;
    87  
    88    # Compress data even for clients that are connecting to us via proxies,
    89    # identified by the "Via" header (required for CloudFront).
    90    gzip_proxied       any;
    91  
    92    # Tell proxies to cache both the gzipped and regular version of a resource
    93    # whenever the client's Accept-Encoding capabilities header varies;
    94    # Avoids the issue where a non-gzip capable client (which is extremely rare
    95    # today) would display gibberish if their proxy gave them the gzipped version.
    96    gzip_vary          on;
    97  
    98    # Compress all output labeled with one of the following MIME-types.
    99    gzip_types
   100      application/atom+xml
   101      application/javascript
   102      application/json
   103      application/ld+json
   104      application/manifest+json
   105      application/rss+xml
   106      application/vnd.geo+json
   107      application/vnd.ms-fontobject
   108      application/x-font-ttf
   109      application/x-web-app-manifest+json
   110      application/xhtml+xml
   111      application/xml
   112      font/opentype
   113      image/bmp
   114      image/svg+xml
   115      image/x-icon
   116      text/cache-manifest
   117      text/css
   118      text/plain
   119      text/vcard
   120      text/vnd.rim.location.xloc
   121      text/vtt
   122      text/x-component
   123      text/x-cross-domain-policy;
   124  
   125    # Set https to 'on' if x-forwarded-proto is https
   126    map $http_x_forwarded_proto $fcgi_https {
   127      default off;
   128      https on;
   129    }
   130  
   131    # Double the default value for large_client_header_buffers - large cookie payloads
   132    large_client_header_buffers 4 16k;
   133  
   134    # Include files in the sites-enabled folder.
   135    include /etc/nginx/sites-enabled/*.conf;
   136  }
   137  
   138  daemon off;