nginx.conf 1.4 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374
  1. user www-data;
  2. worker_processes 4;
  3. pid /run/nginx.pid;
  4. include /etc/nginx/modules-enabled/*.conf;
  5. events {
  6. worker_connections 768;
  7. # multi_accept on;
  8. }
  9. http {
  10. ##
  11. # Basic Settings
  12. ##
  13. # increase body size that nextcloud can receive large files
  14. client_max_body_size 64m;
  15. sendfile on;
  16. tcp_nopush on;
  17. tcp_nodelay on;
  18. keepalive_timeout 65;
  19. types_hash_max_size 2048;
  20. # server_tokens off;
  21. {% if 'frontend' in salt['pillar.get']('node:roles', []) %}
  22. server_names_hash_bucket_size 64;
  23. {%- else %}
  24. # server_names_hash_bucket_size 64;
  25. {%- endif %}
  26. # server_name_in_redirect off;
  27. include /etc/nginx/mime.types;
  28. default_type application/octet-stream;
  29. ##
  30. # SSL Settings
  31. ##
  32. ssl_prefer_server_ciphers on;
  33. ssl_protocols TLSv1.2 TLSv1.3;
  34. ssl_ciphers 'EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH';
  35. ssl_dhparam /etc/ssl/dhparam.pem;
  36. ssl_ecdh_curve secp384r1;
  37. ssl_session_cache shared:SSL:10m;
  38. ssl_session_timeout 1d;
  39. ##
  40. # Logging Settings
  41. ##
  42. access_log /var/log/nginx/access.log;
  43. error_log /var/log/nginx/error.log;
  44. ##
  45. # Gzip Settings
  46. ##
  47. gzip on;
  48. gzip_disable "msie6";
  49. # gzip_vary on;
  50. # gzip_proxied any;
  51. # gzip_comp_level 6;
  52. # gzip_buffers 16 8k;
  53. # gzip_http_version 1.1;
  54. # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
  55. ##
  56. # Virtual Host Configs
  57. ##
  58. include /etc/nginx/conf.d/*.conf;
  59. include /etc/nginx/sites-enabled/*;
  60. }