nginx

Transcript

1. None

2. Hi! I'm Bert.

3. nginx From russia with love

4. nginx is a combined webserver and a reverse proxy.

5. Why nginx? • event based -> more connections, less overhead

   • efficiency • smaller memory footprint • friendly configuration format

6. Problems? • No support for .htaccess files • less documentation

   (but enough!), growing very fast

7. Modules • core modules: core, events • standard http modules

   • optional http modules Overview: http://wiki.nginx.org/Modules

8. Main configuration file /etc/nginx/nginx.conf

9. error_log /var/log/nginx/error.log; http { access_log /var/log/nginx/access.log; }

10. http { gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; }

11. http { include /etc/nginx/conf.d/*.conf; include /etc/nginx/sites-enabled/*; }

12. Default server block configuration file /etc/nginx/sites-available/default

13. server { listen 80; server_name www.example.be; server_name_in_redirect off; root /home/sites/default_www;

    client_max_body_size 64M; }

14. server_name 1. full, static names www.example.be 2. names with a

    wildcard at the start *.example.be 3. names with a wildcard at the end www.example.* 4. names with regex ~^www\d+\.example\.be$ 5. wildcard _

15. server { listen 80; server_name www.example.be; server_name_in_redirect off; root /home/sites/default_www;

    client_max_body_size 64M; }

16. server { listen 80; server_name www.example.be; server_name_in_redirect off; root /home/sites/default_www;

    client_max_body_size 64M; }

17. server { location ~ ^(.+\.php)(.*)$ { include fastcgi_params; fastcgi_pass 127.0.0.1:9000;

    fastcgi_index index.php; } }

18. server { location / { if (!-e $request_filename) { rewrite

    ^(.*)$ /index.php last; } } }

19. rewrites.

20. server { listen 80 default; server_name _ example.be; rewrite ^(.*)

    http://www.example.be$1 permanent; } server { server_name www.example.be }

21. server { listen 80; server_name www.example.be; rewrite ^/routebeschrijving /nl/praktisch/ routebeschrijving-and-parkeren

    permanent; rewrite ^/media/(.*)$ /mp3/$1.mp3 last; rewrite_log on; }

22. flags 1. last (stop processing, restart search for location blocks)

    2. break (stop rewrite processing, continue non-rewrite processing in current location block) 3. redirect (302) 4. permanent (301)

23. gzip.

24. server { gzip on; gzip_disable "MSIE [1-6]\.(?!.*SV1)"; gzip_comp_level 6; gzip_types

    text/plain text/html text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js ; }

25. caching.

26. server { location ~ \.(css|js)$ { expires 31d; add_header Pragma

    "public"; add_header Cache-Control "public, must-revalidate, proxy-revalidate"; } }

27. access.

28. server { location / { allow 10.1.1.0/16; deny all; }

    }

29. test and activate changes sudo /etc/init.d/nginx reload

30. Other modules • Auth Basic - Basic HTTP authentication •

    Browser - Interpret "User-Agent" string • SSL - HTTPS/SSL support • ...

31. server { valid_referers none blocked www.example.be example.be; if($invalid_referer) { return

    403; } if($http_cookie ~* "id=([^;] +)(?;;|$)") { set $id $1; } if ($http_user_agent ~ MSIE) { rewrite ^(.*)$ /msie/$1 break; }

32. Questions?

33. [email protected] bertpattyn.iswijs.be