2019-04-03 07:42:41 +00:00
|
|
|
user www-data;
|
|
|
|
|
|
|
|
worker_processes 1;
|
|
|
|
|
|
|
|
pid /run/nginx.pid;
|
|
|
|
|
|
|
|
events {
|
|
|
|
worker_connections 1024;
|
|
|
|
}
|
|
|
|
|
|
|
|
http {
|
|
|
|
include mime.types;
|
|
|
|
default_type application/octet-stream;
|
|
|
|
|
|
|
|
# the collectd config depends on this log format
|
|
|
|
log_format combined2 '$remote_addr - [$time_local] '
|
|
|
|
'"$request" $status $body_bytes_sent $request_time '
|
|
|
|
'"$http_referer" "$host" "$http_user_agent"';
|
|
|
|
|
|
|
|
# required for long host names
|
|
|
|
server_names_hash_bucket_size 128;
|
|
|
|
|
|
|
|
access_log /var/log/nginx/access.log combined2;
|
|
|
|
|
|
|
|
sendfile on;
|
|
|
|
|
|
|
|
# timeout for client to finish sending headers
|
|
|
|
client_header_timeout 30s;
|
|
|
|
|
|
|
|
# timeout for reading client request body (successive read timeout and not whole body!)
|
|
|
|
client_body_timeout 60s;
|
|
|
|
|
|
|
|
# keep-alive connections timeout in 65s. this is because many browsers timeout in 60 seconds
|
|
|
|
keepalive_timeout 65s;
|
|
|
|
|
|
|
|
# zones for rate limiting
|
|
|
|
limit_req_zone $binary_remote_addr zone=admin_login:10m rate=10r/s; # 10 request a second
|
|
|
|
|
|
|
|
|
|
|
|
# default http server that returns 404 for any domain we are not listening on
|
|
|
|
server {
|
|
|
|
listen 80 default_server;
|
|
|
|
listen [::]:80 default_server;
|
|
|
|
server_name does_not_match_anything;
|
|
|
|
|
|
|
|
location / {
|
|
|
|
return 404;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
2019-04-03 08:36:19 +00:00
|
|
|
include conf.d/*.conf;
|
2019-04-03 07:42:41 +00:00
|
|
|
}
|