aboutsummaryrefslogtreecommitdiff
path: root/deploy/nginx.conf
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--deploy/nginx.conf60
1 files changed, 60 insertions, 0 deletions
diff --git a/deploy/nginx.conf b/deploy/nginx.conf
new file mode 100644
index 0000000..d4fe348
--- /dev/null
+++ b/deploy/nginx.conf
@@ -0,0 +1,60 @@
+user nginx;
+worker_processes 1;
+daemon off;
+
+events {
+ # The maximum number of simultaneous connections that can be opened by
+ # a worker process
+ worker_connections 1024;
+}
+
+http {
+ # Includes mapping of file name extensions to MIME types of responses
+ # and defines the default type.
+ include /etc/nginx/mime.types;
+ default_type application/octet-stream;
+
+ # Don't tell nginx version to the clients. Default is 'on'.
+ server_tokens off;
+
+ # Specifies the maximum accepted body size of a client request, as
+ # indicated by the request header Content-Length. If the stated content
+ # length is greater than this size, then the client receives the HTTP
+ # error code 413. Set to 0 to disable. Default is '1m'.
+ client_max_body_size 1m;
+
+ # Sendfile copies data between one FD and other from within the kernel,
+ # which is more efficient than read() + write(). Default is off.
+ sendfile on;
+
+ # Causes nginx to attempt to send its HTTP response head in one packet,
+ # instead of using partial frames. Default is 'off'.
+ tcp_nopush on;
+
+ # Enables or disables the use of the TCP_NODELAY option. The option is
+ # enabled when a connection is transitioned into the keep-alive state.
+ # Additionally, it is enabled on SSL connections, for unbuffered
+ # proxying, and for WebSocket proxying.
+ tcp_nodelay on;
+
+ # Specifies the main log format.
+ log_format main '$remote_addr - $remote_user [$time_local] "$request" '
+ '$status $body_bytes_sent "$http_referer" '
+ '"$http_user_agent" "$http_x_forwarded_for"';
+ server {
+ listen 80;
+ listen [::]:80;
+ server_name _;
+ root /var/www/www.adyxax.org/;
+ index index.html;
+ error_page 404 /404.html;
+
+ location /static {
+ include /etc/nginx/headers_static.conf;
+ }
+ location / {
+ include headers_secure.conf;
+ add_header Cache-Control "private, max-age=0, must-revalidate, no-transform";
+ }
+ }
+}