Nginx
Nginx
, Nginx .

- .
, - Ngnix . , . , .
Nginx
, - Debian, Ubuntu.
- Ubuntu Debian
- wget
- Vim ( )
, sudo.
Nginx
:- Nginx
- , HTTP Mail
- Nginx
Nginx, .
Nginx , event section
, http section
, mail section
..
/etc/ngnix/ngnix.conf
, - /etc/nginx
.
, . user nginx
, worker_processes 1
, error_log /var/log/nginx/error.log warn
, pid /var/run/nginx.pid
.
event
, werker_processes
.
()
Nginx . , http section
ngx_http_core module
, even section
ngx_event module
, mail
ngx_mail module
.
Nginx . , worker_processes
, auto
:
worker_processes auto;
;
, Nginx . Nginx:
- ,
-
;
-
{}
- Nginx.
- ,
#
, .
Nginx
Nginx , . :
- Workers
- /
, , nginx :
cd nginx && ls
conf
. nginx.conf
. Nginx.
, conf
nginx.conf
vim, :
cd conf sudo vim nginx.conf
nginx.conf

Workers
- Nginx . , . .
vim, i
nginx.conf
. events
:
events { worker_processes auto; worker_connections 1024; worker_rlimit_nofile 20960; multi_accept on; mutex_accept on; mutex_accept_delay 500ms; use epoll; epoll_events 512; }
- worker_processes: Nginx.
auto
, Nginx , , . ,lscpu
. - worker_connections: , . -
512
,1024
, . - worker_rlimit_nofile: -
worker_connections
. . - multi_accept: . , .
- mutex_accept: . Nginx, , , .
- mutex_accept_delay: .
accept_mutex
mutex
, accept_mutex_delay. . - use: .
epoll
, Ubuntu.epoll
Linux. - epoll_events: , Nginx .
/
- Nginx .
- . sendfile()
.
http section
, location section
server section
.
location section
server section
http section
, .
location section
, http section
:
location /pdf/ { sendfile on; aio on; } location /audio/ { directio 4m directio_alignment 512 }
- Sendfile: , on.
Sendfile
, . . - Directio: , .
Directio
- . , . - Aio: . - , .
- directio_alignment: .
directio
.
, tcp_nodelay
tcp_nopush
, .
, "", . . Nagle
.
HTTP
:
http { tcp_nopush on; tcp_nodelay on; }
- tcp_nodelay: , , . .
- tcp_nopush: tcp_nodelay , . , ,
- tcp_nopush, .
, Nginx . - , .
server
.
server { client_body_buffer_size 8k; client_max_body_size 2m; client_body_in_single_buffer on; client_body_temp_pathtemp_files 1 2; client_header_buffer_size 1m; large_client_header_buffers 4 8k; }
,
- client_body_buffer_size: . - 64- ,
16k
. - 32- ,8k
. - client_max_body_size: ,
2m
.1m
. - client_body_in_file_only: ,
client_body_buffer_size
,client_body_in_file_only
, Nginx . . - client_body_in_single_buffer: . . , .
- client_header_buffer_size: .
1m
. - large_client_header_buffers: .
4
8k
.
- , , . , gzip
, gzip_comp_level
, gzip_min_length
, .
http
, :
http { gzip on; gzip_comp_level 2; gzip_min_length 1000; gzip_types text/xml text/css; gzip_http_version 1.1; gzip_vary on; gzip_disable "MSIE [4-6] \."; }
- gzip: ,
on
. . - gzip_comp_level: . , . 1 9 2 3.
- gzip_min_length: , gzip. content-length . 20 .
- gzip_types: gzip MIME-. , text/html . , , text/css,
- gzip_http_version: HTTP- , .
1.1
. - gzip_vary: Vary: Accept Encoding, gzip .
- gzip_disable: , Internet Explorer 6, gzip. User-Agent gzip .
, . Nginx open_file_cache
.
server
, location
http
:
http { open_file_cache max=1,000 inactive=30s; open_file_cache_valid 30s; open_file_cache_min_uses 4; open_file_cache_errors on; }
- open_file_cache: . , Nginx. , , , ,
- open_file_cache_valid: ,
open_file_cache
. - open_file_cache_min_uses: , inactive
open_file_cache
, , . - open_file_cache_errors: , Nginx , , . , , , , Nginx
, , keepalive_timeout
keepalive_requests
, .
HTTP
:
http { keepalive_timeout 30s; keepalive_requests 30; send_timeout 30s; }
- keepalive_timeout: 30 . - 75 .
- keepalive_requests: . 20 30.
- keepalive_disable:
keepalive
, . - send_timeout: .
Nginx
Nginx, -. -, SQL .
:
-
-
- DDoS
-
.
HTTP
, , . , , .
apt-get install -y apache-utils
htpasswd
. htpasswd
apache2-utils
.
sudo htpasswd -c /etc/apache2/ .htpasswd mike
:
cat etc/apache2/ .htpasswd
location
:
location /admin { basic_auth "Admin Area"; auth_basic_user_file /etc/apache2/ .htpasswd; }
Allow
basic_auth
allow
.
location
:
location /admin { allow 192.168.34.12; allow 192.168.12.34; }
error access , . ..
- error_log: ,
syslog
stderr
. , . - access_log:
access.log
http
:
http { access_log logs/access.log combined; error_log logs/warn.log warn; }
DDoS
DDoS . - .
limit_req_zone
limit_req
. location
, server
limit_req_zone $binary_remote_addr zone=one:10m rate=30r/m; server { location /admin.html { limit_req zone=one; } }
limit_conn
limit_conn_zone
. , .
location
server
server { location /products/ { limit_conn addr 10; } }
client_body_timeout
. , . , 408 (Request Time-out)
. client_header_timeout
. , 408 (Request Time-out)
.
server
.
server { client_body_timeout 5s; client_header_timeout 5s; }
auto_index
. location
, off
.
location / { auto_index off; }
, , - Nginx . , , . Nginx - , .