| 1 | user www-data; |
| 2 | worker_processes auto; |
| 3 | pid /run/nginx.pid; |
| 4 | include /etc/nginx/modules-enabled/*.conf; |
| 5 | include /etc/nginx/env/*.conf; |
| 6 |
|
| 7 | events { |
| 8 | worker_connections 768; |
| 9 | # multi_accept on; |
| 10 | } |
| 11 |
|
| 12 | http { |
| 13 | sendfile on; |
| 14 | tcp_nopush on; |
| 15 | tcp_nodelay on; |
| 16 | keepalive_timeout 65; |
| 17 | types_hash_max_size 2048; |
| 18 | # server_tokens off; |
| 19 |
|
| 20 | # server_names_hash_bucket_size 64; |
| 21 | # server_name_in_redirect off; |
| 22 |
|
| 23 | include /etc/nginx/mime.types; |
| 24 | default_type application/octet-stream; |
| 25 |
|
| 26 | ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE |
| 27 | ssl_prefer_server_ciphers on; |
| 28 |
|
| 29 | access_log /var/log/nginx/access.log; |
| 30 | error_log /var/log/nginx/error.log; |
| 31 |
|
| 32 | gzip on; |
| 33 |
|
| 34 | # gzip_vary on; |
| 35 | gzip_proxied any; |
| 36 | gzip_comp_level 8; |
| 37 | # gzip_buffers 16 8k; |
| 38 | # gzip_http_version 1.1; |
| 39 | gzip_types *; |
| 40 |
|
| 41 | include /etc/nginx/conf.d/*.conf; |
| 42 | include /etc/nginx/sites-enabled/*; |
| 43 | } |
| 44 |
|
Index