From 22203a5d6c78d216f624c2d72b500cbfdadca6da Mon Sep 17 00:00:00 2001 From: Chris McKee Date: Wed, 25 Jul 2012 22:34:16 +0100 Subject: [PATCH] Cleanup mess made doing pointless merge --- nginx/mime.types | 168 ++++++++++++------------ nginx/nginx.conf | 75 +---------- nginx/sites-available/README.md | 4 + nginx/sites-available/default.conf | 92 +++++++++++++ nginx/sites-available/www-redirect.conf | 12 ++ nginx/sites-enabled/README.md | 5 + 6 files changed, 203 insertions(+), 153 deletions(-) create mode 100644 nginx/sites-available/README.md create mode 100644 nginx/sites-available/default.conf create mode 100644 nginx/sites-available/www-redirect.conf create mode 100644 nginx/sites-enabled/README.md diff --git a/nginx/mime.types b/nginx/mime.types index 02a8b1a..dd021c6 100644 --- a/nginx/mime.types +++ b/nginx/mime.types @@ -1,93 +1,93 @@ -# this file is used by the nginx.conf - types { - text/html html htm shtml; - text/css css; - # application/rss+xml causes some browsers to start a download - text/xml rss; - image/gif gif; - image/jpeg jpeg jpg; - application/json json; - # http://www.rfc-editor.org/rfc/rfc4329.txt - application/javascript js; - application/atom+xml atom; + text/html html htm shtml; + text/css css; + text/cache-manifest manifest appcache; + text/mathml mml; + text/plain txt; + text/vnd.sun.j2me.app-descriptor jad; + text/vnd.wap.wml wml; + text/x-component htc; + text/x-vcard vcf; - text/cache-manifest manifest appcache; - text/mathml mml; - text/plain txt; - text/vnd.sun.j2me.app-descriptor jad; - text/vnd.wap.wml wml; - text/x-component htc; + # JavaScript + application/javascript js jsonp; + application/json json; - image/png png; - image/svg+xml svg svgz; - image/tiff tif tiff; - image/vnd.wap.wbmp wbmp; - image/webp webp; - image/x-icon ico; - image/x-jng jng; - image/bmp bmp; + # Images + image/png png; + image/svg+xml svg svgz; + image/tiff tif tiff; + image/vnd.wap.wbmp wbmp; + image/webp webp; + image/x-icon ico; + image/x-jng jng; + image/bmp bmp; + image/gif gif; + image/jpeg jpeg jpg; - application/xml xml; - application/java-archive jar war ear; - application/mac-binhex40 hqx; - application/msword doc; - application/pdf pdf; - application/postscript ps eps ai; - application/rtf rtf; - application/vnd.ms-excel xls; - application/vnd.ms-fontobject eot; - application/vnd.ms-powerpoint ppt; - application/vnd.wap.wmlc wmlc; - application/xhtml+xml xhtml; - application/vnd.google-earth.kml+xml kml; - application/vnd.google-earth.kmz kmz; - application/x-7z-compressed 7z; - application/x-chrome-extension crx; - application/x-cocoa cco; - application/x-font-ttf ttf ttc; - application/x-java-archive-diff jardiff; - application/x-java-jnlp-file jnlp; - application/x-makeself run; - application/x-perl pl pm; - application/x-pilot prc pdb; - application/x-rar-compressed rar; - application/x-redhat-package-manager rpm; - application/x-sea sea; - application/x-shockwave-flash swf; - application/x-stuffit sit; - application/x-tcl tcl tk; - application/x-web-app-manifest+json webapp; - application/x-x509-ca-cert der pem crt; - application/x-xpinstall xpi; - application/zip zip; + application/xml rss atom xml rdf; + application/java-archive jar war ear; + application/mac-binhex40 hqx; + application/msword doc; + application/pdf pdf; + application/postscript ps eps ai; + application/rtf rtf; + application/vnd.ms-excel xls; + application/vnd.ms-powerpoint ppt; + application/vnd.wap.wmlc wmlc; + application/xhtml+xml xhtml; + application/vnd.google-earth.kml+xml kml; + application/vnd.google-earth.kmz kmz; + application/x-7z-compressed 7z; + application/x-chrome-extension crx; + application/x-opera-extension oex; + application/x-xpinstall xpi; + application/x-cocoa cco; + application/x-java-archive-diff jardiff; + application/x-java-jnlp-file jnlp; + application/x-makeself run; + application/x-perl pl pm; + application/x-pilot prc pdb; + application/x-rar-compressed rar; + application/x-redhat-package-manager rpm; + application/x-sea sea; + application/x-shockwave-flash swf; + application/x-stuffit sit; + application/x-tcl tcl tk; + application/x-x509-ca-cert der pem crt; + application/zip zip; - application/octet-stream bin exe dll; - application/octet-stream deb; - application/octet-stream dmg; - application/octet-stream iso img; - application/octet-stream msi msp msm; - application/octet-stream safariextz; + application/octet-stream bin exe dll; + application/octet-stream deb; + application/octet-stream dmg; + application/octet-stream iso img; + application/octet-stream msi msp msm; + application/octet-stream safariextz; - audio/midi mid midi kar; - audio/mpeg mp3; - audio/ogg oga ogg; - audio/x-m4a m4a; - audio/x-realaudio ra; - audio/x-wav wav; + # Audio + audio/midi mid midi kar; + audio/mpeg mp3; + audio/ogg oga ogg; + audio/mp4 m4a f4a f4b aac; + audio/x-realaudio ra; + audio/x-wav wav; - video/3gpp 3gpp 3gp; - video/mp4 m4v mp4; - video/mpeg mpeg mpg; - video/ogg ogv; - video/quicktime mov; - video/webm webm; - video/x-flv flv; - video/x-mng mng; - video/x-ms-asf asx asf; - video/x-ms-wmv wmv; - video/x-msvideo avi; + # Video + video/3gpp 3gpp 3gp; + video/mp4 mp4 m4v f4v f4p; + video/mpeg mpeg mpg; + video/ogg ogv; + video/quicktime mov; + video/webm webm; + video/x-flv flv; + video/x-mng mng; + video/x-ms-asf asx asf; + video/x-ms-wmv wmv; + video/x-msvideo avi; - font/opentype otf; - font/woff woff; + # Webfonts + application/vnd.ms-fontobject eot; + application/x-font-ttf ttf ttc; + application/x-font-opentype otf; + application/x-font-woff woff; } diff --git a/nginx/nginx.conf b/nginx/nginx.conf index b84f621..1f5296a 100644 --- a/nginx/nginx.conf +++ b/nginx/nginx.conf @@ -60,19 +60,17 @@ http { gzip_types # text/html is always compressed by HttpGzipModule text/css - text/javascript - text/xml text/plain text/x-component application/javascript - application/x-javascript application/json application/xml - application/rss+xml - font/truetype - font/opentype + application/xhtml+xml + application/x-font-ttf + application/x-font-opentype application/vnd.ms-fontobject - image/svg+xml; + image/svg+xml + image/x-icon; # This should be turned on if you are going to have pre-compressed copies (.gz) of # static files available. If not it should be left off as it will cause extra I/O @@ -83,67 +81,6 @@ http { gzip_disable "MSIE [1-6]\."; gzip_vary on; - server { - # listen 80 default_server deferred; # for Linux - # listen 80 default_server accept_filter=httpready; # for FreeBSD - listen 80 default_server; + include sites-enabled/*.conf; - # e.g. "localhost" to accept all connections, or "www.example.com" - # to handle the requests for "example.com" (and www.example.com) - # server_name www.example.com; - - # Path for static files - root /sites/example.com/public; - - #Specify a charset - charset utf-8; - - # Custom 404 page - error_page 404 /404.html; - - # No default expire rule. This config mirrors that of apache as outlined in the - # html5-boilerplate .htaccess file. However, nginx applies rules by location, the apache rules - # are defined by type. A concequence of this difference is that if you use no file extension in - # the url and serve html, with apache you get an expire time of 0s, with nginx you'd get an - # expire header of one month in the future (if the default expire rule is 1 month). - # Therefore, do not use a default expire rule with nginx unless your site is completely static - - # cache.appcache, your document html and data - location ~* \.(?:manifest|appcache|html|xml|json)$ { - expires -1; - access_log logs/static.log; - } - - # Feed - location ~* \.(?:rss|atom)$ { - expires 1h; - add_header Cache-Control "public"; - } - - # Favicon - location ~* \.ico$ { - expires 1w; - access_log off; - add_header Cache-Control "public"; - } - - # Media: images, video, audio, HTC, WebFonts - location ~* \.(?:jpg|jpeg|gif|png|ico|gz|svg|svgz|ttf|otf|woff|eot|mp4|ogg|ogv|webm)$ { - expires 1M; - access_log off; - add_header Cache-Control "public"; - } - - # CSS and Javascript - location ~* \.(?:css|js)$ { - expires 1y; - access_log off; - add_header Cache-Control "public"; - } - - # opt-in to the future - add_header "X-UA-Compatible" "IE=Edge,chrome=1"; - - } } - diff --git a/nginx/sites-available/README.md b/nginx/sites-available/README.md new file mode 100644 index 0000000..ec63c51 --- /dev/null +++ b/nginx/sites-available/README.md @@ -0,0 +1,4 @@ +Sites Available +--------------- + +Define host definitions here diff --git a/nginx/sites-available/default.conf b/nginx/sites-available/default.conf new file mode 100644 index 0000000..48252a3 --- /dev/null +++ b/nginx/sites-available/default.conf @@ -0,0 +1,92 @@ +server { + # listen 80 default_server deferred; # for Linux + # listen 80 default_server accept_filter=httpready; # for FreeBSD + listen 80 default_server; + + # listen on the non-www host -- the www-host is declared in www-redirect.conf + # here + server_name example.com; + + # Path for static files + root /sites/example.com/public; + + #Specify a charset + charset utf-8; + + # Custom 404 page + error_page 404 /404.html; + + # Built-in filename-based cache busting + # https://github.com/h5bp/html5-boilerplate/blob/5370479476dceae7cc3ea105946536d6bc0ee468/.htaccess#L403 + # This will route all requests for /css/style.20120716.css to /css/style.css + # Read also this: github.com/h5bp/html5-boilerplate/wiki/cachebusting + # This is disabled by default, because it'd be better if you use the build + # script to manage the file names. + # location ~* (.+)\.(\d+)\.(js|css|png|jpg|jpeg|gif)$ { + # try_files $uri $1.$3; + # } + + # No default expire rule. This config mirrors that of apache as outlined in the + # html5-boilerplate .htaccess file. However, nginx applies rules by location, the apache rules + # are defined by type. A concequence of this difference is that if you use no file extension in + # the url and serve html, with apache you get an expire time of 0s, with nginx you'd get an + # expire header of one month in the future (if the default expire rule is 1 month). + # Therefore, do not use a default expire rule with nginx unless your site is completely static + + # cache.appcache, your document html and data + location ~* \.(?:manifest|appcache|html|xml|json)$ { + expires -1; + access_log logs/static.log; + } + + # Feed + location ~* \.(?:rss|atom)$ { + expires 1h; + add_header Cache-Control "public"; + } + + # Favicon + location ~* \.ico$ { + expires 1w; + access_log off; + add_header Cache-Control "public"; + } + + # Media: images, video, audio, HTC, WebFonts + location ~* \.(?:jpg|jpeg|gif|png|ico|gz|svg|svgz|ttf|otf|woff|eot|mp4|ogg|ogv|webm)$ { + expires 1M; + access_log off; + add_header Cache-Control "public"; + } + + # CSS and Javascript + location ~* \.(?:css|js)$ { + expires 1y; + access_log off; + add_header Cache-Control "public"; + } + + # opt-in to the future + add_header "X-UA-Compatible" "IE=Edge,chrome=1"; + + # Cross domain AJAX requests + # add_header "Access-Control-Allow-Origin" "*"; + + # Cross domain webfont access + location ~* \.(ttf|ttc|otf|eot|woff|font.css)$ { + add_header "Access-Control-Allow-Origin" "*"; + } + + # Prevent mobile network providers from modifying your site + # add_header "Cache-Control" "no-transform"; + + # Prevent clients from accessing hidden files (starting with a dot) + location ~* (^|/)\. { + return 403; + } + + # Prevent clients from accessing to backup/config/source files + location ~* (\.(bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$ { + return 403; + } +} diff --git a/nginx/sites-available/www-redirect.conf b/nginx/sites-available/www-redirect.conf new file mode 100644 index 0000000..f477b1d --- /dev/null +++ b/nginx/sites-available/www-redirect.conf @@ -0,0 +1,12 @@ +# www to non-www redirect -- duplicate content is BAD: +# https://github.com/h5bp/html5-boilerplate/blob/5370479476dceae7cc3ea105946536d6bc0ee468/.htaccess#L362 +# Choose between www and non-www, listen on the *wrong* one and redirect to +# the right one -- http://wiki.nginx.org/Pitfalls#Server_Name +server { + # don't forget to tell on which port this server listens + listen 80; + # listen on the www host + server_name www.example.com + # and redirect to the non-www host (declared below) + return 301 $scheme://example.com$request_uri; +} diff --git a/nginx/sites-enabled/README.md b/nginx/sites-enabled/README.md new file mode 100644 index 0000000..8cd3dec --- /dev/null +++ b/nginx/sites-enabled/README.md @@ -0,0 +1,5 @@ +Sites Enabled +------------- + +Symlink to `../sites-available/` for any site you want to enable. Conversely, remove the symlink +in this folder to disable a site without permanently deleting the site's configuration.