1 | user www-data; |
2 | worker_processes auto; |
3 | pid /run/nginx.pid; |
4 | include /etc/nginx/modules-enabled/*.conf; |
5 |
|
6 | events { |
7 | worker_connections 768; |
8 | # multi_accept on; |
9 | } |
10 |
|
11 | http { |
12 | sendfile on; |
13 | tcp_nopush on; |
14 | tcp_nodelay on; |
15 | keepalive_timeout 65; |
16 | types_hash_max_size 2048; |
17 | # server_tokens off; |
18 |
|
19 | # server_names_hash_bucket_size 64; |
20 | # server_name_in_redirect off; |
21 |
|
22 | include /etc/nginx/mime.types; |
23 | default_type application/octet-stream; |
24 |
|
25 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE |
26 | ssl_prefer_server_ciphers on; |
27 |
|
28 | access_log /var/log/nginx/access.log; |
29 | error_log /var/log/nginx/error.log; |
30 |
|
31 | gzip on; |
32 |
|
33 | # gzip_vary on; |
34 | gzip_proxied any; |
35 | gzip_comp_level 8; |
36 | # gzip_buffers 16 8k; |
37 | # gzip_http_version 1.1; |
38 | gzip_types *; |
39 |
|
40 | server { |
41 | listen 443 ssl http2; |
42 | listen [::]:443 ssl http2; |
43 | return 404; |
44 | } |
45 |
|
46 | include /etc/nginx/conf.d/*.conf; |
47 | include /etc/nginx/sites-enabled/*; |
48 |
|
49 | # import server configuration |
50 | include /etc/nginx/joshstock.in/*.conf; |
51 | } |
52 |
|