# Set another default user than root for security reasons user www www; # As a thumb rule: One per CPU. If you are serving a large amount # of static files, which requires blocking disk reads, you may want # to increase this from the number of cpu_cores available on your # system. # # The maximum number of connections for Nginx is calculated by: # max_clients = worker_processes * worker_connections worker_processes 1; # Maximum file descriptors that can be opened per process # This should be > worker_connections worker_rlimit_nofile 8192; events { # When you need > 8000 * cpu_cores connections, you start optimizing # your OS, and this is probably the point at where you hire people # who are smarter than you, this is *a lot* of requests. worker_connections 8000; # This sets up some smart queueing for accept(2)'ing requests # Set it to "on" if you have > worker_processes accept_mutex off; # These settings are OS specific, by defualt Nginx uses select(2), # however, for a large number of requests epoll(2) and kqueue(2) # are generally faster than the default (select(2)) # use epoll; # enable for Linux 2.6+ # use kqueue; # enable for *BSD (FreeBSD, OS X, ..) } # Change these paths to somewhere that suits you! error_log logs/error.log; pid logs/nginx.pid; http { # Set the mime-types via the mime.types external file include nginx-mime.types; # And the fallback mime-type default_type application/octet-stream; # Format for our log files log_format main '$remote_addr - $remote_user [$time_local] $status ' '"$request" $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; # Click tracking! access_log logs/access.log main; # ~2 seconds is often enough for HTML/CSS, but connections in # Nginx are cheap, so generally it's safe to increase it keepalive_timeout 5; # You usually want to serve static files with Nginx sendfile on; tcp_nopush on; # off may be better for Comet/long-poll stuff tcp_nodelay off; # on may be better for Comet/long-poll stuff # Enable Gzip gzip on; gzip_http_version 1.0; gzip_comp_level 2; gzip_min_length 1100; gzip_buffers 4 8k; gzip_proxied any; gzip_types text/plain text/xml application/xml application/xml+rss text/css text/javascript application/javascript application/json image/svg+xml font/truetype font/opentype application/vnd.ms-fontobject; gzip_static on; gzip_proxied expired no-cache no-store private auth; gzip_disable "MSIE [1-6]\."; gzip_vary on; server { # listen 80 default deferred; # for Linux # listen 80 default accept_filter=httpready; # for FreeBSD listen 80 default; # e.g. "localhost" to accept all connections, or "www.example.com" # to handle the requests for "example.com" (and www.example.com) server_name _; # Path for static files root /sites/example.com/public; expires 1M; # Static assets location ~* ^.+\.(manifest|appcache)$ { expires -1; root /sites/example.com/public; access_log logs/static.log; } # Set expires max on static file types location ~* ^.+\.(css|js|jpg|jpeg|gif|png|ico|gz|svg|svgz|ttf|otf|woff|eot|mp4|ogg|ogv|webm)$ { expires max; root /sites/example.com/public; access_log logs/static.log; } # opt-in to the future add_header "X-UA-Compatible" "IE=Edge,chrome=1"; } }