user gtmdaemon; worker_processes auto; worker_priority -15; worker_cpu_affinity auto; worker_rlimit_nofile 50000; events { # worker_connections benefits from a large value in that it reduces error counts worker_connections 20000; multi_accept on; } http { default_type text/plain; proxy_redirect off; proxy_http_version 1.1; proxy_set_header Connection ""; proxy_headers_hash_max_size 4096; proxy_buffers 64 4k; proxy_buffer_size 16384; proxy_headers_hash_bucket_size 1024; gzip on; gzip_comp_level 7; gzip_proxied any; gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/json image/svg+xml; log_format standard '"$time_iso8601" ' '"$request_method" ' '"$scheme" ' '"$host" ' '"$server_protocol" ' '"$status" ' '"$bytes_sent" ' '"$http_referer" ' '"$http_user_agent" ' '"$request_time" ' '"$upstream_cache_status" ' '"$upstream_http_vary" ' '"$sent_http_cache_control" ' '"$upstream_response_length" ' '"$upstream_status" ' '"$ssl_cipher" ' '"$ssl_server_name" ' '"$ssl_session_reused" ' '"$tcpinfo_rtt" ' '"$upstream_connect_time" ' '"$upstream_response_time" ' '"$gzip_ratio" ' '"$request_id" ' '"$request_uri" ' '"$uri" ' '"$upstream_addr" '; access_log /var/log/nginx/ruc-access.log standard; error_log /var/log/nginx/ruc-error.log warn; proxy_cache_path /mnt/ngx_cache_data levels=1:2 use_temp_path=off keys_zone=shared_cache:32m max_size=12288m; ssl_session_cache shared:global_ssl_cache:128m; # Generic/common server for listen port configs server { listen *:80 so_keepalive=120s:30s:20 reuseport bind default_server; listen *:443 ssl http2 so_keepalive=120s:30s:20 reuseport bind default_server; ssl_certificate /etc/nginx/current/tls/certs/default.crt; ssl_certificate_key /etc/nginx/current/tls/private/default.key; location / { proxy_set_header "vvrh1" "$arg_vv1"; add_header "Edge-Cache-Status" "$upstream_cache_status" always; add_header "Origin-Response-Status" "$upstream_status" always; add_header "Origin-IP" "$upstream_addr"; proxy_cache_key $scheme://$host:$server_port; proxy_cache_lock off; proxy_cache_background_update on; proxy_cache_methods GET HEAD; proxy_cache_min_uses 0; proxy_cache shared_cache; proxy_cache_use_stale off; proxy_cache_revalidate off; proxy_pass http://127.0.0.1:9000; } } #### server for vary testing server { listen 9000; location / { more_set_headers "Cache-control: public,max-age=30"; more_set_headers "Vary: vvrh1"; more_set_headers "vvrh1-val-rec: $http_vvrh1"; return 200 $time_iso8601; } } # configuration file /etc/nginx/current/mime.types: # Mime-type to file extension mappings types { text/html html htm shtml; text/css css; text/xml xml rss; image/gif gif; image/jpeg jpeg jpg; application/x-javascript js; text/plain txt; text/x-component htc; text/mathml mml; image/png png; image/x-icon ico; image/x-jng jng; image/vnd.wap.wbmp wbmp; application/java-archive jar war ear; application/mac-binhex40 hqx; application/pdf pdf; application/x-cocoa cco; application/x-java-archive-diff jardiff; application/x-java-jnlp-file jnlp; application/x-makeself run; application/x-perl pl pm; application/x-pilot prc pdb; application/x-rar-compressed rar; application/x-redhat-package-manager rpm; application/x-sea sea; application/x-shockwave-flash swf; application/x-stuffit sit; application/x-tcl tcl tk; application/x-x509-ca-cert der pem crt; application/x-xpinstall xpi; application/zip zip; application/octet-stream deb; application/octet-stream bin exe dll; application/octet-stream dmg; application/octet-stream eot; application/octet-stream iso img; application/octet-stream msi msp msm; audio/mpeg mp3; audio/x-realaudio ra; video/mpeg mpeg mpg; video/quicktime mov; video/x-flv flv; video/x-msvideo avi; video/x-ms-wmv wmv; video/x-ms-asf asx asf; video/x-mng mng; application/json json; image/svg+xml svg; } }