Shulou(Shulou.com)06/02 Report--

Configuration file structure

Global configuration (user, worker_processes, error_log, pid)

Events (Network connection related, worker_connections)

Http (the most important part, most of the functions are put here)

Server (virtual host related)

Location (inside server)

Global configuration item structure

Https://coding.net/u/aminglinux/p/nginx/git/blob/master/3z/global.md

Events configuration item structure

Https://coding.net/u/aminglinux/p/nginx/git/blob/master/3z/events.md

Http configuration item

Https://coding.net/u/aminglinux/p/nginx/git/blob/master/3z/http.md

Server configuration item

Https://coding.net/u/aminglinux/p/nginx/git/blob/master/3z/server.md

Nginx.conf global configuration

User nobody

# define the users running the nginx service, and add groups, such as user nobody nobody

Worker_processes 1

# define the number of nginx child processes, that is, the number of processes that provide services. This value is recommended to be consistent with the number of service cpu cores.

# in addition to defining numbers, it can also be defined as auto, which means to let the system adjust automatically.

Error_log logs/error.log

# define the path of the error log, which can be relative (relative to prefix path) or absolute.

# the configuration can be defined here or in http, server or location

Error_log logs/error.log notice

# define the error log path and log level.

# error log level: common error log levels are [debug | info | notice | warn | error | crit | alert | emerg]. The higher the level, the less information is recorded.

# if it is not defined, the default is error

Pid logs/nginx.pid

# define the path where the pid file of the nginx process is located, either relative or absolute.

Worker_rlimit_nofile 100000

# define the limit on the maximum number of files opened by nginx. If not set, this value is consistent with the operating system (ulimit-n) limit.

# set this value high and nginx will not have a "too many open files" problem.

# events configuration section

Worker_connections 1024

# define the maximum number of connections that can be opened at the same time for each work_process, that is, a maximum of so many connections are allowed.

Accept_mutex on

# when there is only one network connection request server at a certain time, multiple sleeping processes on the server will be woken up at the same time, which will lose some server performance.

The accept_mutex in # Nginx is set to on, which will serialize multiple Nginx processes (worker processer) when receiving connections to prevent multiple processes from competing for resources.

# the default is on.

Multi_accept on

# nginx worker processer can receive multiple newly arrived network connections at the same time, as long as the parameter is set to on.

# the default is off, that is, each worker process can only receive one newly arrived network connection at a time.

Use epoll

The # Nginx server provides multiple event driver models to process network messages.

# the supported types are: select, poll, kqueue, epoll, rtsing, / dev/poll and eventport.

Select: can only be used under Windows. This event model does not recommend the default preference for poll:Nginx on high-load systems, but kqueue is not available on all systems: this is the most efficient epoll in FreeBSD 4.1, OpenBSD2.9+, NetBSD 2.0, and MacOS X systems: this is the most efficient way in the Linux 2.6 + kernel rtsig: real-time signals, available in the Linux 2.2.19 kernel However, it is not suitable for high-traffic systems / dev/poll: Solaris 7 11, 99pm, eventport: Solaris 10, the most efficient way of the operating system, eventport: HP10, the most efficient way of operating system eventport: HP 5.1A +

# http configuration section

# official documentation http://nginx.org/en/docs/

# reference link: https://segmentfault.com/a/1190000012672431

# reference link: https://segmentfault.com/a/1190000002797601

# reference link: http's header https://kb.cnblogs.com/page/92320/

MIME-Type

Include mime.types; / / cat conf/mime.types

# define the media types of network resources recognized by nginx (for example, text, html, js, css, streaming media, etc.)

Default_type application/octet-stream

# define the default type. If you do not define a line change, the default is text/plain.

Log_format

# log_format main'$remote_addr-$remote_user [$time_local] "$request"'

'$status $body_bytes_sent "$http_referer"'

'"$http_user_agent"$http_x_forwarded_for"'

# where main is the name in log format, followed by a string of internal variables of nginx.

Access_log logs/access.log main

# define the path of the log and the log format used. This parameter can be defined in the server configuration block.

Sendfile on

# whether to call the sendfile function to transfer files. The default is off. Using the sendfile function to transfer files can reduce the switch between user mode and kernel mode, thus improving server performance.

# for ordinary applications, set it to on. If it is used for downloading and other application disk IO heavy-loaded applications, you can set it to off to balance the processing speed of disk and network Imando and reduce the load of the system.

Sendfile_max_chunk 128k

# this parameter limits the maximum value that Nginx worker process can transfer data each time it calls the sendfile () function. The default value is 0. If set to 0, there is no limit.

Tcp_nopush on

# when tcp_nopush is set to on, the tcp_cork method is called for data transfer.

# using this method will have the effect that when the application generates data, the kernel does not immediately encapsulate the packet, but when the amount of data accumulates to a certain amount, it will be encapsulated and then transmitted. This helps to solve the problem of network congestion.

# the default is on. For example: couriers receive and send express delivery, and parcels will not be sent until a certain amount is accumulated, thus saving transportation costs.

Keepalive_timeout 65 60

# this parameter has two values. The first value sets the maximum time in seconds for the nginx server to remain connected after the session between the server and the client ends. The default is 75s.

# the second value can be omitted. It is set for the client's browser. You can see that there is an item Keep-Alive: timeout=60 in the header message through curl-I. if you don't set it, there is no such item.

# after the second value is set, the browser will decide when to actively close the connection based on this value, and the Nginx server will not worry about it. However, some browsers do not recognize this parameter.

Send_timeout

# this timeout is the timeout for sending a response, that is, the Nginx server sent a packet to the client, but the client never received the packet.

# if a connection exceeds the timeout defined by send_timeout, Nginx will close the connection.

Client_max_body_size 10m

When a browser sends a request with a large HTTP packet, it will have a Content-Length field in its header, and client_max_body_size is used to limit the size of the value shown by Content-Length.

# the configuration of this restricted packet can tell the user that the request is too large to be accepted without waiting for Nginx to receive all the HTTP packets. A 413 status code is returned.

# for example, when a user tries to upload a 1GB file, Nginx finds that Content-Length exceeds the value defined by client_max_body_size after receiving the header

# send the 413 (Request Entity Too Large) response directly to the client.

Gzip on

# whether to enable gzip compression.

Gzip_min_length 1k

# set the minimum number of bytes of pages allowed to be compressed. The number of page bytes is obtained from the content-length of the header header. The default value is 20. It is recommended to set the number of bytes greater than 1k. Less than 1k may increase the pressure.

Gzip_buffers 4 16k

# set up the system to get several units of buffer to store the compressed result data stream of gzip. 4 16k represents the allocation of 4 16k buffer.

Gzip_http_version 1.1

# it is used to identify the version of the http protocol. Early browsers do not support Gzip compression, and users will see garbled code, so this option is added to support the previous version.

# if you use a Nginx reverse proxy and expect Gzip compression to be enabled, set it to 1.1 because the end communication is http/1.1.

Gzip_comp_level 6

# gzip compression ratio, 1 compression ratio minimum processing speed is the fastest, 9 compression ratio is the largest but processing speed is the slowest (transmission is fast but consumes cpu)

Gzip_types mime-type...

# match the mime type for compression, whether specified or not, the "text/html" type will always be compressed.

# check the corresponding type in conf/mime.conf.

# example: gzip_types text/plain application/x-javascript text/css text/html application/xml

Gzip_proxied any

When # Nginx is enabled as a reverse proxy, you can decide whether the results returned by the backend server will be compressed or not. The prerequisite for matching is that the backend server must return a header header containing "Via".

# the following values are available:

# off-turn off compression of all agent result data

# expired-enable compression if the header header contains "Expires" header information

# no-cache-enable compression if the header header contains "Cache-Control:no-cache" header information

# no-store-enable compression if the header header contains "Cache-Control:no-store" header information

# private-enable compression if the header header contains "Cache-Control:private" header information

# no_last_modified-enable compression if the header header does not contain "Last-Modified" header information

# no_etag-enable compression if the header header does not contain "ETag" header information

# auth-enable compression if the header header contains "Authorization" header information

# any-unconditionally enable compression

Gzip_vary on

# is related to the gzip header, and a Vary: Accept-Encoding is added to the response header, which allows the front-end cache server to cache gzip-compressed pages, for example, using Squid to cache Nginx-compressed data.

Nginx.conf server partial configuration

Server {} is contained within http {}, and each server {} is a virtual host (site).

The following is the content of the server {} section of the nginx.conf configuration file.

Server {

Listen 80; / / listening port is 80. You can customize other ports or add IP addresses, such as listen 127.0.0.1 listen 8080.

Server_name localhost; / / defines the domain name of the website, which can be written multiple and separated by spaces.

# charset koi8-r; / / defines the character set of a website, which is generally not set, but is set in the page code.

# access_log logs/host.access.log main; / / defines access logs, which can be set for each server (that is, each site).

# # there are many location configuration segments location / {root html; / / in server {} to define the website root directory, which can be a relative path or an absolute path. Index index.html index.htm; / / defines the default page of the site. } # error_page 404 / 404.html; / / define the page # redirect server error pages to the static page / 50x.html#error_page 500502503504 / 50x.htl; / / when the status code is 500,502,503,504, visit 50x.htmllocation = / 50x.html {root html / / define the path where the 50x.html is located} # proxy the PHP scripts to Apache listening on 127.0.0.1 php 80 script # defines that when accessing the php script, the location {} part of the instruction # location ~\ .php$ {# proxy_pass http://127.0.0.1; / / proxy_pass will be executed and the url link to be accessed will be specified, and the proxy will be implemented with proxy_pass. #} # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000##location ~\ .php$ {# root html;# fastcgi_pass 127.0.0.1 FastCGI 9000; / / define the listening port and address of the FastCGI server. Two forms are supported: 1 unix:/path/to/sockt# fastcgi_index index.php;# fastcgi_param SCRIPT_FILENAME / scripts$fastcgi_script_name / / define the SCRIPT_FILENAME variable, and the following path / scripts is the directory # include fastcgi_params specified by the above root / / reference the prefix/conf/fastcgi_params file, which defines the fastcgi-related variables #} # deny access to .htaccess files, if Apache's document root# concurs with nginx's one# # location ~ /\ .ht {/ / accessed url, which begins with / .ht, such as www.example.com/.htaccess, will be rejected and a 403 status code will be returned. # deny all; / / the all here refers to all requests. #}

}

Another virtual host using mix of IP-, name-, and port-based configuration

#

# server {

Listen 8000; / / listen on port 8000 listen somename:8080; / / specify ip:portserver_name somename alias another.alias; / / specify multiple server_namelocation / {root html;index index.html index.htm;}

#}

HTTPS server

#

# server {

Listen 443 ssl; / / listens to port 443, that is, the following sslserver_name localhost; is the ssl-related configuration ssl_certificate cert.pem; / / specify the pem file path ssl_certificate_key cert.key; / / specify the key file path ssl_session_cache shared:SSL:1m; / / specify the session cache size ssl_session_timeout 5m; / / specify the session timeout ssl_protocols TLSv1 TLSv1.1 TLSv1.2; / / specify the ssl protocol ssl_ciphers high / / specify ssl algorithm ssl_prefer_server_ciphers on; / / give priority to server algorithm location / {root html;index index.html index.htm;}

#}

The configuration files of online nginx will not be shared, involving confidentiality agreements.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.