diff options
Diffstat (limited to 'meta-openembedded/meta-webserver/recipes-httpd/nginx/files')
4 files changed, 59 insertions, 108 deletions
diff --git a/meta-openembedded/meta-webserver/recipes-httpd/nginx/files/default_server.site b/meta-openembedded/meta-webserver/recipes-httpd/nginx/files/default_server.site new file mode 100644 index 0000000000..7a8a215cfa --- /dev/null +++ b/meta-openembedded/meta-webserver/recipes-httpd/nginx/files/default_server.site @@ -0,0 +1,14 @@ +# Default server configuration +server { + listen 80 default_server; + listen [::]:80 default_server; + + root /var/www/localhost/html; + + index index.html index.htm; + + server_name _; + + # redirect server error pages to the static page /50x.html + error_page 500 502 503 504 /50x.html; +} diff --git a/meta-openembedded/meta-webserver/recipes-httpd/nginx/files/nginx.conf b/meta-openembedded/meta-webserver/recipes-httpd/nginx/files/nginx.conf index 69d3a2adc9..6d219422b3 100644 --- a/meta-openembedded/meta-webserver/recipes-httpd/nginx/files/nginx.conf +++ b/meta-openembedded/meta-webserver/recipes-httpd/nginx/files/nginx.conf @@ -1,118 +1,47 @@ - user www; -worker_processes 1; - -error_log /var/log/nginx/error.log; -#error_log logs/error.log notice; -#error_log logs/error.log info; - -pid /run/nginx/nginx.pid; - +worker_processes 1; +pid /run/nginx/nginx.pid; +include /etc/nginx/modules-enabled/*.conf; events { - worker_connections 1024; + worker_connections 768; + # multi_accept on; } - http { - include mime.types; + # Basic Settings + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + # server_tokens off; + + # server_names_hash_bucket_size 64; + # server_name_in_redirect off; + + include /etc/nginx/mime.types; default_type application/octet-stream; - log_format main '$remote_addr - $remote_user [$time_local] "$request" ' - '$status $body_bytes_sent "$http_referer" ' - '"$http_user_agent" "$http_x_forwarded_for"'; - - access_log /var/log/nginx/access.log main; - - sendfile on; - #tcp_nopush on; - - #keepalive_timeout 0; - keepalive_timeout 65; - - #gzip on; - - server { - listen 80; - server_name localhost; - - #charset koi8-r; - - #access_log logs/host.access.log main; - - location / { - root /var/www/localhost/html; - index index.html index.htm; - } - - #error_page 404 /404.html; - - # redirect server error pages to the static page /50x.html - # - error_page 500 502 503 504 /50x.html; - location = /50x.html { - root /var/www/localhost/html; - } - - # proxy the PHP scripts to Apache listening on 127.0.0.1:80 - # - #location ~ \.php$ { - # proxy_pass http://127.0.0.1; - #} - - # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 - # - #location ~ \.php$ { - # root html; - # fastcgi_pass 127.0.0.1:9000; - # fastcgi_index index.php; - # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; - # include fastcgi_params; - #} - - # deny access to .htaccess files, if Apache's document root - # concurs with nginx's one - # - #location ~ /\.ht { - # deny all; - #} - } - - - # another virtual host using mix of IP-, name-, and port-based configuration - # - #server { - # listen 8000; - # listen somename:8080; - # server_name somename alias another.alias; - - # location / { - # root html; - # index index.html index.htm; - # } - #} - - - # HTTPS server - # - #server { - # listen 443; - # server_name localhost; - - # ssl on; - # ssl_certificate cert.pem; - # ssl_certificate_key cert.key; + # SSL Settings + ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; # Dropping SSLv3, ref: POODLE + ssl_prefer_server_ciphers on; - # ssl_session_timeout 5m; + ## Logging + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; - # ssl_protocols SSLv2 SSLv3 TLSv1; - # ssl_ciphers HIGH:!aNULL:!MD5; - # ssl_prefer_server_ciphers on; + ## Gzip settings + gzip on; - # location / { - # root html; - # index index.html index.htm; - # } - #} + gzip_vary on; + gzip_proxied any; + gzip_comp_level 6; + gzip_buffers 16 8k; + gzip_http_version 1.1; + gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; + ## Virtual Host Configs + include /etc/nginx/conf.d/*.conf; + include /etc/nginx/sites-enabled/*; } diff --git a/meta-openembedded/meta-webserver/recipes-httpd/nginx/files/nginx.service b/meta-openembedded/meta-webserver/recipes-httpd/nginx/files/nginx.service index ce99061717..c6fc0495f1 100644 --- a/meta-openembedded/meta-webserver/recipes-httpd/nginx/files/nginx.service +++ b/meta-openembedded/meta-webserver/recipes-httpd/nginx/files/nginx.service @@ -1,11 +1,15 @@ [Unit] -Description=Nginx Server -After=network.target +Description=The NGINX HTTP and reverse proxy server +After=syslog.target network.target remote-fs.target nss-lookup.target + [Service] Type=forking PIDFile=/run/nginx/nginx.pid +ExecStartPre=@SBINDIR@/nginx -t ExecStart=@SBINDIR@/nginx -ExecStop=@SBINDIR@/nginx -s stop ExecReload=@SBINDIR@/nginx -s reload +ExecStop=@BINDIR@/kill -s QUIT $MAINPID +PrivateTmp=true + [Install] WantedBy=multi-user.target diff --git a/meta-openembedded/meta-webserver/recipes-httpd/nginx/files/proxy_params b/meta-openembedded/meta-webserver/recipes-httpd/nginx/files/proxy_params new file mode 100644 index 0000000000..df75bc5d74 --- /dev/null +++ b/meta-openembedded/meta-webserver/recipes-httpd/nginx/files/proxy_params @@ -0,0 +1,4 @@ +proxy_set_header Host $http_host; +proxy_set_header X-Real-IP $remote_addr; +proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; +proxy_set_header X-Forwarded-Proto $scheme; |