666threesixes666 · May 20, 2015 01:01
diff --git a/nginxconfig b/nginxconfig
 =========/etc/nginx/nginx.conf
 user nginx nginx;

 worker_processes 4;
 worker_rlimit_nofile 64000;

 error_log /var/log/nginx/error_log info;

 events {
 	worker_connections 16000;
 	multi_accept on;
 	use epoll;
 }

 http {
 	log_format main
 		'$remote_addr - $remote_user [$time_local] '
 		'"$request" $status $bytes_sent '
 		'"$http_referer" "$http_user_agent" '
 		'"$gzip_ratio"';

 	access_log off;

 	keepalive_requests 100000;
 	open_file_cache max=1000 inactive=20s;
 	open_file_cache_valid 30s;
 	open_file_cache_min_uses 2;
 	open_file_cache_errors on;

 	disable_symlinks off;
 	ignore_invalid_headers on;
 	server_tokens off;

 	keepalive_timeout 20;
 	client_header_timeout 20;
 	client_body_timeout 20;
 	reset_timedout_connection on;
 	send_timeout 20;

 	sendfile on;
 	tcp_nopush on;
 	tcp_nodelay on;

 	include /etc/nginx/mime.types;
 	default_type application/octet-stream;
 	charset UTF-8;

 	gzip on;
 # BEGIN W3TC Browser Cache
 gzip_types text/x-component text/richtext image/svg+xml text/xsd text/xsl;
 # END W3TC Browser Cache

 	gzip_vary on;
 	gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js image/x-icon image/bmp;

 	include /etc/nginx/sites-enabled/*;
 }

 ======= /etc/nginx/sites-available/localhost
 fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m;
 fastcgi_cache_key "$scheme$request_method$host$request_uri";

 proxy_redirect off;
 proxy_set_header Host $host;
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
 proxy_cache_path /etc/nginx/cache2 levels=1:2 keys_zone=STATIC:8m max_size=1000m inactive=600m;
 proxy_temp_path /var/cache/tmp;

 #expires    24d;
 add_header Cache-Control "public";

 server {
 	listen 127.0.0.1:8080;
 	server_name localhost;
 #ssl stuff
 #	listen 127.0.0.1:443;
 #	server_name localhost;
 #	ssl on;
 #	ssl_certificate /etc/ssl/nginx/nginx.pem;
 #	ssl_certificate_key /etc/ssl/nginx/nginx.key;

 	access_log /var/log/nginx/localhost.access_log main;
 	error_log /var/log/nginx/localhost.error_log info;

 	root /var/www/localhost/htdocs;
 	index index.php index.cgi index.htm index.html @rails;
 	autoindex on;

 	location ~* \.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|pdf|txt|tar|wav|bmp|rtf|js|flv|swf|html|htm)$ {
 		expires max;
 		access_log off;
                log_not_found off;
 	}

 	location /wiki {
 		index index.php;
 		rewrite "^(wiki)$" $1/ permanent;
 		#rewrite "^/wiki/([^?]*)(?:\?(.*))?" /mediawiki/index.php?title=$1&$args last;
 		rewrite "^/?wiki(/.*)?" /mediawiki/index.php?title=$1&$args last;
 	}   

        location /wordpress {
                try_files $uri $uri/ /wordpress/index.php?$args;
        }

        location ~ \.php$ {
                fastcgi_pass 127.0.0.1:9000;
 		include fastcgi.conf;
                #fastcgi_pass unix:/var/run/php5-fpm.sock;
 		fastcgi_cache MYAPP;
 		fastcgi_cache_valid 200 301 60m;
        }

 	location /rails/ {
 	    proxy_pass http://127.0.0.1:3000/;
            proxy_cache            STATIC;
            proxy_cache_valid      200 301 60m;
            proxy_cache_use_stale  error timeout invalid_header updating http_500 http_502 http_503 http_504;
 	}

 	location /python/ {
 	    proxy_set_header Host $host;
 	    proxy_set_header X-Real-IP $remote_addr;
 	    proxy_pass http://127.0.0.1:8000/; #python
            proxy_cache            STATIC;
            proxy_cache_valid      200 301 60m;
 	}
 	
 	location /git/ {
 	include             fastcgi_params;
 	fastcgi_param       SCRIPT_FILENAME /var/www/localhost/cgi-bin/cgit.cgi;
 	fastcgi_pass	    127.0.0.1:9000;
 	}
           location /rutorrent {
               include scgi_params;
               scgi_pass localhost:5000;
           }
 #start drupal

 #server_name spaceball-1.mkultra.gov;
 #	listen 127.0.0.1:8080;
 #        root /var/www/localhost/htdocs; ## <-- Your only path reference.
 
        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }
 
        location = /robots.txt {
                allow all;
                log_not_found off;
                access_log off;
        }
 
        # Very rarely should these ever be accessed outside of your lan
        location ~* \.(txt|log)$ {
                allow 192.168.0.0/16;
                deny all;
        }
 
        location ~ \..*/.*\.php$ {
                return 403;
        }
 
        # No no for private
        location ~ ^/sites/.*/private/ {
                return 403;
        }
 
        # Block access to "hidden" files and directories whose names begin with a
        # period. This includes directories used by version control systems such
        # as Subversion or Git to store control files.
        location ~ (^|/)\. {
                return 403;
        }
 
        location /drupal {
                # This is cool because no php is touched for static content
                try_files $uri @rewrite;
        }
 
        location @rewrite {
                # Drupal in a subdirectory
                rewrite ^/([^/]*)/(.*)(/?)$ /$1/index.php?q=$2&$args;
        }
 
 #        location ~ \.php$ {
 #                fastcgi_pass 127.0.0.1:9000;
 #		include fastcgi.conf;
 #        }

        location ~ ^/sites/.*/files/styles/ {
                try_files $uri @rewrite;
        }
 
 #        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
 #                expires max;
 #                log_not_found off;
 #        } 
 }

 # SSL example
 #server {
 #	listen 127.0.0.1:443;
 #	server_name localhost;

 #	ssl on;
 #	ssl_certificate /etc/ssl/nginx/nginx.pem;
 #	ssl_certificate_key /etc/ssl/nginx/nginx.key;

 #	access_log /var/log/nginx/localhost.ssl_access_log main;
 #	error_log /var/log/nginx/localhost.ssl_error_log info;

 #	root /usr/share/nginx/html;
 #	index index.cgi index.htm index.html index.php;
 #}
	=========/etc/nginx/nginx.conf
	user nginx nginx;

	worker_processes 4;
	worker_rlimit_nofile 64000;

	error_log /var/log/nginx/error_log info;

	events {
	worker_connections 16000;
	multi_accept on;
	use epoll;
	}

	http {
	log_format main
	'$remote_addr - $remote_user [$time_local] '
	'"$request" $status $bytes_sent '
	'"$http_referer" "$http_user_agent" '
	'"$gzip_ratio"';

	access_log off;

	keepalive_requests 100000;
	open_file_cache max=1000 inactive=20s;
	open_file_cache_valid 30s;
	open_file_cache_min_uses 2;
	open_file_cache_errors on;

	disable_symlinks off;
	ignore_invalid_headers on;
	server_tokens off;

	keepalive_timeout 20;
	client_header_timeout 20;
	client_body_timeout 20;
	reset_timedout_connection on;
	send_timeout 20;

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;
	charset UTF-8;

	gzip on;
	# BEGIN W3TC Browser Cache
	gzip_types text/x-component text/richtext image/svg+xml text/xsd text/xsl;
	# END W3TC Browser Cache

	gzip_vary on;
	gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js image/x-icon image/bmp;

	include /etc/nginx/sites-enabled/*;
	}

	======= /etc/nginx/sites-available/localhost
	fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m;
	fastcgi_cache_key "$scheme$request_method$host$request_uri";

	proxy_redirect off;
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_cache_path /etc/nginx/cache2 levels=1:2 keys_zone=STATIC:8m max_size=1000m inactive=600m;
	proxy_temp_path /var/cache/tmp;

	#expires 24d;
	add_header Cache-Control "public";

	server {
	listen 127.0.0.1:8080;
	server_name localhost;
	#ssl stuff
	# listen 127.0.0.1:443;
	# server_name localhost;
	# ssl on;
	# ssl_certificate /etc/ssl/nginx/nginx.pem;
	# ssl_certificate_key /etc/ssl/nginx/nginx.key;

	access_log /var/log/nginx/localhost.access_log main;
	error_log /var/log/nginx/localhost.error_log info;

	root /var/www/localhost/htdocs;
	index index.php index.cgi index.htm index.html @rails;
	autoindex on;

	location ~* \.(jpg\|jpeg\|gif\|png\|ico\|css\|zip\|tgz\|gz\|rar\|bz2\|pdf\|txt\|tar\|wav\|bmp\|rtf\|js\|flv\|swf\|html\|htm)$ {
	expires max;
	access_log off;
	log_not_found off;
	}

	location /wiki {
	index index.php;
	rewrite "^(wiki)$" $1/ permanent;
	#rewrite "^/wiki/([^?])(?:\?(.))?" /mediawiki/index.php?title=$1&$args last;
	rewrite "^/?wiki(/.*)?" /mediawiki/index.php?title=$1&$args last;
	}

	location /wordpress {
	try_files $uri $uri/ /wordpress/index.php?$args;
	}

	location ~ \.php$ {
	fastcgi_pass 127.0.0.1:9000;
	include fastcgi.conf;
	#fastcgi_pass unix:/var/run/php5-fpm.sock;
	fastcgi_cache MYAPP;
	fastcgi_cache_valid 200 301 60m;
	}

	location /rails/ {
	proxy_pass http://127.0.0.1:3000/;
	proxy_cache STATIC;
	proxy_cache_valid 200 301 60m;
	proxy_cache_use_stale error timeout invalid_header updating http_500 http_502 http_503 http_504;
	}

	location /python/ {
	proxy_set_header Host $host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_pass http://127.0.0.1:8000/; #python
	proxy_cache STATIC;
	proxy_cache_valid 200 301 60m;
	}

	location /git/ {
	include fastcgi_params;
	fastcgi_param SCRIPT_FILENAME /var/www/localhost/cgi-bin/cgit.cgi;
	fastcgi_pass 127.0.0.1:9000;
	}
	location /rutorrent {
	include scgi_params;
	scgi_pass localhost:5000;
	}
	#start drupal

	#server_name spaceball-1.mkultra.gov;
	# listen 127.0.0.1:8080;
	# root /var/www/localhost/htdocs; ## <-- Your only path reference.

	location = /favicon.ico {
	log_not_found off;
	access_log off;
	}

	location = /robots.txt {
	allow all;
	log_not_found off;
	access_log off;
	}

	# Very rarely should these ever be accessed outside of your lan
	location ~* \.(txt\|log)$ {
	allow 192.168.0.0/16;
	deny all;
	}

	location ~ \../.\.php$ {
	return 403;
	}

	# No no for private
	location ~ ^/sites/.*/private/ {
	return 403;
	}

	# Block access to "hidden" files and directories whose names begin with a
	# period. This includes directories used by version control systems such
	# as Subversion or Git to store control files.
	location ~ (^\|/)\. {
	return 403;
	}

	location /drupal {
	# This is cool because no php is touched for static content
	try_files $uri @rewrite;
	}

	location @rewrite {
	# Drupal in a subdirectory
	rewrite ^/([^/])/(.)(/?)$ /$1/index.php?q=$2&$args;
	}

	# location ~ \.php$ {
	# fastcgi_pass 127.0.0.1:9000;
	# include fastcgi.conf;
	# }

	location ~ ^/sites/.*/files/styles/ {
	try_files $uri @rewrite;
	}

	# location ~* \.(js\|css\|png\|jpg\|jpeg\|gif\|ico)$ {
	# expires max;
	# log_not_found off;
	# }
	}

	# SSL example
	#server {
	# listen 127.0.0.1:443;
	# server_name localhost;

	# ssl on;
	# ssl_certificate /etc/ssl/nginx/nginx.pem;
	# ssl_certificate_key /etc/ssl/nginx/nginx.key;

	# access_log /var/log/nginx/localhost.ssl_access_log main;
	# error_log /var/log/nginx/localhost.ssl_error_log info;

	# root /usr/share/nginx/html;
	# index index.cgi index.htm index.html index.php;
	#}