ARCHIVE/xrpl-dev-portal
1
0
Fork 0
mirror of https://github.com/XRPLF/xrpl-dev-portal.git synced 2025-11-04 11:55:50 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
42d9aee9d07af5bbefeb4c0de2c8a13b7c4beb21
xrpl-dev-portal/conf/nginx.conf.erb
Justin Lynn 9770be775f add nginx override config for deployment
2014-03-04 16:25:50 -08:00

181 lines
5.3 KiB
Plaintext
Raw Blame History

# Set another default user than root for security reasons
user www www;
# As a thumb rule: One per CPU. If you are serving a large amount
# of static files, which requires blocking disk reads, you may want
# to increase this from the number of cpu_cores available on your
# system.
#
# The maximum number of connections for Nginx is calculated by:
# max_clients = worker_processes * worker_connections
worker_processes 3;
daemon off;
# Maximum file descriptors that can be opened per process
# This should be > worker_connections
worker_rlimit_nofile 8192;
events {
# When you need > 8000 * cpu_cores connections, you start optimizing
# your OS, and this is probably the point at where you hire people
# who are smarter than you, this is *a lot* of requests.
worker_connections 8000;
}
http {
# Set the mime-types via the mime.types external file
include mime.types;
# And the fallback mime-type
default_type application/octet-stream;
# Hide nginx version
server_tokens off;
# ~2 seconds is often enough for HTML/CSS, but connections in
# Nginx are cheap, so generally it's safe to increase it
keepalive_timeout 20;
sendfile on;
tcp_nopush on; # off may be better for Comet/long-poll stuff
tcp_nodelay off; # on may be better for Comet/long-poll stuff
# Enable Gzip:
gzip on;
gzip_http_version 1.0;
gzip_comp_level 5;
gzip_min_length 512;
gzip_buffers 4 8k;
gzip_proxied any;
gzip_types
# text/html is always compressed by HttpGzipModule
text/css
text/plain
text/x-component
application/javascript
application/json
application/xml
application/xhtml+xml
application/x-font-ttf
application/x-font-opentype
application/vnd.ms-fontobject
image/svg+xml
image/x-icon;
# This should be turned on if you are going to have pre-compressed copies (.gz) of
# static files available. If not it should be left off as it will cause extra I/O
# for the check. It would be better to enable this in a location {} block for
# a specific directory:
# gzip_static on;
gzip_disable "msie6";
gzip_vary on;
server {
listen <%= ENV['PORT'] %>;
# The host name to respond to
server_name dev.ripple.com;
# Path for static files
root www;
#Specify a charset
charset utf-8;
# Custom 404 page
error_page 404 /404.html;
if ($http_x_forwarded_proto != "https") {
rewrite ^(.*)$ https://$server_name$1 permanent;
}
# Expire rules for static content
# Built-in filename-based cache busting
# https://github.com/h5bp/html5-boilerplate/blob/5370479476dceae7cc3ea105946536d6bc0ee468/.htaccess#L403
# This will route all requests for /css/style.20120716.css to /css/style.css
# Read also this: github.com/h5bp/html5-boilerplate/wiki/cachebusting
# This is not included by default, because it'd be better if you use the build
# script to manage the file names.
location ~* (.+)\.(\d+)\.(js|css|png|jpg|jpeg|gif)$ {
try_files $uri $1.$3;
}
# No default expire rule. This config mirrors that of apache as outlined in the
# html5-boilerplate .htaccess file. However, nginx applies rules by location,
# the apache rules are defined by type. A concequence of this difference is that
# if you use no file extension in the url and serve html, with apache you get an
# expire time of 0s, with nginx you'd get an expire header of one month in the
# future (if the default expire rule is 1 month). Therefore, do not use a
# default expire rule with nginx unless your site is completely static
# cache.appcache, your document html and data
location ~* \.(?:manifest|appcache|html|xml|json)$ {
expires -1;
access_log logs/static.log;
}
# Feed
location ~* \.(?:rss|atom)$ {
expires 1h;
add_header Cache-Control "public";
}
# Favicon
location ~* \.ico$ {
expires 1w;
access_log off;
add_header Cache-Control "public";
}
# Media: images, video, audio, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|gz|svg|svgz|mp4|ogg|ogv|webm)$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
}
# CSS and Javascript
location ~* \.(?:css|js)$ {
expires 1y;
access_log off;
add_header Cache-Control "public";
}
# Cross domain webfont access
location ~* \.(ttf|ttc|otf|eot|woff|font.css)$ {
add_header "Access-Control-Allow-Origin" "*";
# Also, set cache rules for webfonts.
#
# See http://wiki.nginx.org/HttpCoreModule#location
# And https://github.com/h5bp/server-configs/issues/85
# And https://github.com/h5bp/server-configs/issues/86
expires 1M;
access_log off;
add_header Cache-Control "public";
}
# Force the latest IE version
# Use ChromeFrame if it's installed for a better experience for the poor IE folk
add_header "X-UA-Compatible" "IE=Edge,chrome=1";
# Prevent clients from accessing hidden files (starting with a dot)
location ~* (^|/)\. {
return 403;
}
# Prevent clients from accessing to backup/config/source files
location ~* (\.(bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$ {
return 403;
}
# Prevent mobile network providers from modifying your site
add_header "Cache-Control" "no-transform";
}
}
Reference in New Issue View Git Blame Copy Permalink