6492c9b71f
collectd does not use this anymore (eb47476c83)
This makes nginx work better with a variety of tools like Wazuh and ossec
https://forum.cloudron.io/topic/6077/nginx-logs-format/
https://forum.cloudron.io/topic/6161/implement-default-nginx-logging
43 lines
1.1 KiB
Nginx Configuration File
43 lines
1.1 KiB
Nginx Configuration File
user www-data;
|
|
|
|
# detect based on available CPU cores
|
|
worker_processes auto;
|
|
|
|
# this is 4096 by default. See /proc/<PID>/limits and /etc/security/limits.conf
|
|
# usually twice the worker_connections (one for uptsream, one for downstream)
|
|
# see also LimitNOFILE=16384 in systemd drop-in
|
|
worker_rlimit_nofile 8192;
|
|
|
|
pid /run/nginx.pid;
|
|
|
|
events {
|
|
# a single worker has these many simultaneous connections max
|
|
worker_connections 4096;
|
|
}
|
|
|
|
http {
|
|
include mime.types;
|
|
default_type application/octet-stream;
|
|
|
|
# required for long host names
|
|
server_names_hash_bucket_size 128;
|
|
|
|
access_log /var/log/nginx/access.log combined;
|
|
|
|
sendfile on;
|
|
|
|
# timeout for client to finish sending headers
|
|
client_header_timeout 30s;
|
|
|
|
# timeout for reading client request body (successive read timeout and not whole body!)
|
|
client_body_timeout 60s;
|
|
|
|
# keep-alive connections timeout in 65s. this is because many browsers timeout in 60 seconds
|
|
keepalive_timeout 65s;
|
|
|
|
# zones for rate limiting
|
|
limit_req_zone $binary_remote_addr zone=admin_login:10m rate=10r/s; # 10 request a second
|
|
|
|
include applications/*.conf;
|
|
}
|