From 3f1fa2ca53ad8c2aa1d8232af2c747bee3fbaf2e Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C6=ACHE=20=D0=AFAW=20=E2=98=A3?= Date: Sat, 30 Dec 2017 00:17:47 +0100 Subject: [PATCH] Create nginx.conf --- static/nginx.conf | 107 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 107 insertions(+) create mode 100644 static/nginx.conf diff --git a/static/nginx.conf b/static/nginx.conf new file mode 100644 index 0000000..7c6c4c8 --- /dev/null +++ b/static/nginx.conf @@ -0,0 +1,107 @@ +# Suggestions? => https://github.com/theraw/The-World-Is-Yours/issues +# Problems? => https://github.com/theraw/The-World-Is-Yours/issues +# Errors? => https://github.com/theraw/The-World-Is-Yours/issues + +user root; +pid /var/run/nginx.pid; + +worker_processes auto; +worker_rlimit_nofile 65535; + +events { + multi_accept on; + use epoll; + worker_connections 65535; +} + +http { + log_format main '$remote_addr - $remote_user [$time_local] ' + '"$request" $status $body_bytes_sent ' + '"$http_referer" "$http_user_agent"' + 'rt=$request_time uct="$upstream_connect_time" uht="$upstream_header_time" urt="$upstream_response_time"'; + + geoip2 /nginx/db/GeoLite2-Country.mmdb { + $geoip2_data_country_code default=US country iso_code; + $geoip2_data_country_name country names en; + } + + # EX Ban China! + #map $geoip2_data_country_code $allowed_country { + # default yes; + # CN no; + #} + + # Don't Go with "Nginx Can Handle Everything" ! + limit_conn_zone $server_name zone=max:1m; + limit_req_zone $binary_remote_addr zone=one:1m rate=1r/s; + + map $http_upgrade $connection_upgrade { + default upgrade; + '' close; + } + + # Example Of Backend + #upstream varnish { + # zone tcp_servers 64k; + # server 10.10.10.39:80; + #} + + client_body_buffer_size 1M; + client_header_buffer_size 1M; + client_body_timeout 90s; + client_header_timeout 90s; + client_max_body_size 2m; + keepalive_timeout 15s; + port_in_redirect off; + sendfile on; + server_names_hash_bucket_size 6969; + server_name_in_redirect off; + server_tokens off; + tcp_nodelay on; + tcp_nopush on; + types_hash_max_size 2048; + resolver 8.8.8.8 8.8.4.4; + + ## Real IP Forwarding ## + # set_real_ip_from 127.0.0.1; + + # CloudFlare IPs + # List from: https://www.cloudflare.com/ips-v4 + #set_real_ip_from 103.21.244.0/22; + #set_real_ip_from 103.22.200.0/22; + #set_real_ip_from 103.31.4.0/22; + #set_real_ip_from 104.16.0.0/12; + #set_real_ip_from 108.162.192.0/18; + #set_real_ip_from 131.0.72.0/22; + #set_real_ip_from 141.101.64.0/18; + #set_real_ip_from 162.158.0.0/15; + #set_real_ip_from 172.64.0.0/13; + #set_real_ip_from 173.245.48.0/20; + #set_real_ip_from 188.114.96.0/20; + #set_real_ip_from 190.93.240.0/20; + #set_real_ip_from 197.234.240.0/22; + #set_real_ip_from 198.41.128.0/17; + #set_real_ip_from 199.27.128.0/21; + # IPV6 Isn't Accepted Sorry! + + # Replace with correct visitor IP + real_ip_header X-Forwarded-For; + real_ip_recursive on; + + ## MIME ## + include /nginx/mime.types; + default_type application/octet-stream; + + ## Logging Settings ## + access_log /nginx/logs/access.log; + error_log /nginx/logs/error.log; + + # Proxy Settings + proxy_cache_path /tmp/dope_dynamic levels=1:2 keys_zone=dope_dynamic:20m inactive=10m max_size=2500m; + proxy_cache_path /tmp/dope_static levels=1:2 keys_zone=dope_static:20m inactive=10m max_size=2500m; + proxy_temp_path /tmp/dope_temp; + + ## Virtual Host Configs ## + include /nginx/live/*; + include /nginx/conf.d/*; +}