user www-data;
worker_processes
4;
pid
/run/nginx.pid;
# user和pid应该按默认设置 - 我们不会更改这些内容,因为更改与否没有什么不同。
#It is
common practice to run 1 worker process per core. Anything above this won't
hurt your system, but it will leave idle processes usually just lying about.
#grep
processor /proc/cpuinfo | wc –l
events {
worker_connections 768;
# multi_accept
on;
}
#The
worker_connections command tells our worker processes how many people can
simultaneously be served by Nginx. The default value is 768.
#ulimit
–n ##We can check our core's limitations
by issuing a ulimit command.
#In
this case, we can server 768 clients/second.
http {
##
# Basic Settings
##
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
#
server_tokens off;
#
server_tokens 并不会让nginx执行的速度更快,但它可以关闭在错误页面中的nginx版本数字,这样对于安全性是有好处的。
#
Combined to sendfile, tcp_nopush ensures that the packets are full before being
sent to the client. This greatly reduces network overhead and speeds the way
files are sent. Then, when it reaches the last – probably halt – packet, Nginx
removes tcp_nopush. Then, tcp_nodelay forces the socket to send the data,
saving up to 0.2 seconds per file.
#
tcp_nopush 告诉nginx在一个数据包里发送所有头文件,而不一个接一个的发送。
#
tcp_nodelay 告诉nginx不要缓存数据,而是一段一段的发送--当需要及时发送数据时,就应该给应用设置这个属性,这样发送一小块数据信息时就不能立即得到返回值。
#
client_body_timeout: Defines a timeout for reading client request body. The
timeout is set only for a period between two successive read operations, not
for the transmission of the whole request body. If a client does not transmit
anything within this time, the 408 (Request Time-out) error is returned to the
client.
#
client_header_timeout: Defines a timeout for reading client request header. If
a client does not transmit the entire header within this time, the 408 (Request
Time-out) error is returned to the client.
#
client_header_timeout 和client_body_timeout
设置请求头和请求体(各自)的超时时间。我们也可以把这个设置低些。
#
keepalive_timeout, Nginx will close connections with the client after this
period of time.
#
keepalive_timeout 给客户端分配keep-alive链接超时时间。服务器将在这个超时时间过后关闭链接。我们将它设置低些可以让ngnix持续工作的时间更长。
#
send_timeout: Sets a timeout for transmitting a response to the client. The
timeout is set only between two successive write operations, not for the
transmission of the whole response. If the client does not receive anything
within this time, the connection is closed.
#
send_timeout 指定客户端的响应超时时间。这个设置不会用于整个转发器,而是在两次客户端读取操作之间。如果在这段时间内,客户端没有读取任何数据,nginx就会关闭连接。
#
types_hash_max_size影响散列表的冲突率。types_hash_max_size越大,就会消耗更多的内存,但散列key的冲突率会降低,检索速度就更快。types_hash_max_size越小,消耗的内存就越小,但散列key的冲突率可能上升。(To quickly process static sets of
data such as server names, map directive’s values, MIME types, names of request header strings,
nginx uses hash tables.)
# server_names_hash_bucket_size 64;
# server_name_in_redirect off;
#
server_names_hash_bucket_size: Sets the bucket size for the server names hash
tables. (increases the amount of memory that is allocated to parsing domain
names (since we are now using multiple domains.)
#
server_name_in_redirect: Enables or disables the use of the primary server
name, specified by the server_name directive, in absolute redirects issued by
nginx. When the use of the primary server name is disabled, the name from the
“Host” request header field is used. If this field is not present, the IP
address of the server is used.
include /etc/nginx/mime.types;
default_type application/octet-stream;
#
default_type 设置文件使用的默认的MIME-type。
##
# SSL Settings
##
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; #
Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
##
# Logging Settings
##
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
#
access_log 设置nginx是否将存储访问日志。关闭这个选项可以让读取磁盘IO操作更快。
##
# Gzip Settings
##
gzip on;
gzip_disable "msie6";
#gzip
compression is enabled by the gzip on directive
#Internet
Explorer 6 does support gzip
# gzip_vary
on;
# gzip_proxied any;
# gzip_comp_level 6;
# gzip_buffers 16 8k;
# gzip_http_version 1.1;
# gzip_types text/plain text/css
application/json application/javascript text/xml application/xml
application/xml+rss text/javascript;
# gzip_proxied
允许或者禁止压缩基于请求和响应的响应流。我们设置为any,意味着将会压缩所有的请求。
#
gzip_comp_level 设置数据的压缩等级。这个等级可以是1-9之间的任意数值,9是最慢但是压缩比最大的。我们设置为4,这是一个比较折中的设置。
#
gzip_type 设置需要压缩的数据格式。上面例子中已经有一些了,你也可以再添加更多的格式。
##
# Virtual Host Configs
##
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
#
instructs Nginx to look for server blocks in the sites-enabled directory. (This
directory layout was introduced by Debian contributors.)
}
#mail
{
# # See sample authentication script at:
# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
#
# # auth_http localhost/auth.php;
# # pop3_capabilities "TOP"
"USER";
# # imap_capabilities "IMAP4rev1"
"UIDPLUS";
#
# server {
# listen localhost:110;
# protocol pop3;
# proxy on;
# }
#
# server {
# listen localhost:143;
# protocol imap;
# proxy on;
# }
#}
