From 6d94af5c491053345621261f27fabe7c4de87fd4 Mon Sep 17 00:00:00 2001 From: ITQ Date: Sat, 5 Jul 2025 12:21:01 +0300 Subject: [PATCH] feat: added nginx server config --- terraform/configs/nginx/nginx.conf | 120 +++++++++++++++++++++++++++++ 1 file changed, 120 insertions(+) create mode 100644 terraform/configs/nginx/nginx.conf diff --git a/terraform/configs/nginx/nginx.conf b/terraform/configs/nginx/nginx.conf new file mode 100644 index 0000000..14a8347 --- /dev/null +++ b/terraform/configs/nginx/nginx.conf @@ -0,0 +1,120 @@ +# This config was inspired by: https://github.com/antonputra/tutorials/blob/226/lessons/226/nginx/nginx.conf + +# Defines user and group credentials used by worker processes. +user www-data; + +# Defines the number of worker processes. Generally, it should match the number of CPU cores. +worker_processes auto; + +# Binds worker processes to the sets of CPUs. +worker_cpu_affinity auto; + +# Change the default thread pool settings +thread_pool default threads=2 max_queue=16384; + +# Limit on the maximum number of open files (RLIMIT_NOFILE) for worker processes. +worker_rlimit_nofile 32768; + +# Logging configuration. +error_log /var/log/nginx/error.log notice; + +# Defines a file that will store the process ID of the main process. +pid /var/run/nginx.pid; + +events { + # Maximum number of simultaneous connections that can be opened by a worker process. + worker_connections 16384; + + # Serve many clients each thread (Linux only) + use epoll; + + # Accept as many connections as possible. If it is disabled, a worker process will accept one new connection at a time. + multi_accept on; +} + +http { + # Copies data between one FD and other from within the kernel + # faster than read() + write() + sendfile on; + + # Use the default thread pool for asynchronous file I/O + aio threads; + + # Only use AIO is used for when larger than or equal to this size + directio 6m; + + # Send headers in one piece, it is better than sending them one by one + tcp_nopush on; + + # Don't buffer data sent, good for small data bursts in real time + tcp_nodelay on; + + # Disable logging if a file can't be found + log_not_found off; + + # Server will close connection after this time + keepalive_timeout 60; + + # Max size of types hash tables (processing static sets of data. eg. server names, map directives or mime types) + types_hash_max_size 2048; + + # Max allowed size of the client request body + client_max_body_size 250M; + + # If the request body size is more than the buffer size, then the entire (or partial) + # request body is written into a temporary file + client_body_buffer_size 512k; + + # Request timed out + client_body_timeout 300s; + + # Allow the server to close connection on non responding client, this will free up memory + reset_timedout_connection on; + + # Include MIME (Multipurpose Internet Mail Extensions) types. + include /etc/nginx/mime.types; + + # Defines the default MIME type of a response + default_type application/octet-stream; + + # Configures logging. + log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + '$status $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + + # Sets the path, format, and configuration for a buffered log write. + access_log /var/log/nginx/access.log main; + + # Disable compression. + gzip off; + + server { + listen 80 default_server; + listen [::]:80 default_server; + + server_name _; + + root /var/www; + index index.html index.htm; + + location / { + try_files $uri $uri/ =404; + } + } + + server { + listen 81 default_server http2; + listen [::]:81 default_server http2; + + server_name _; + + root /var/www; + index index.html index.htm; + + location / { + try_files $uri $uri/ =404; + } + } + + include /etc/nginx/conf.d/*.conf; +}