I installed the Nginx on a dedicated server using the below codes:
cd /usr/local/src
wget http://nginxcp.com/latest/nginxadmin.tar
tar xf nginxadmin.tar
cd publicnginx
./nginxinstaller install
Nginx service status is up in Nginx Admin panel in WHM (please see the below image).
Below is also the configuration file as in Configuration Editor:
user nobody;
# no need for more workers in the proxy mode
worker_processes 2;
error_log /var/log/nginx/error.log info;
worker_rlimit_nofile 20480;
events {
worker_connections 5120; # increase for busier servers
use epoll; # you should use epoll here for Linux kernels 2.6.x
}
http {
server_name_in_redirect off;
server_names_hash_max_size 10240;
server_names_hash_bucket_size 1024;
include mime.types;
default_type application/octet-stream;
server_tokens off;
# remove/commentout disable_symlinks if_not_owner;if you get Permission denied error
# disable_symlinks if_not_owner;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 5;
gzip on;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
gzip_proxied any;
gzip_http_version 1.0;
gzip_min_length 1000;
gzip_comp_level 6;
gzip_buffers 16 8k;
# You can remove image/png image/x-icon image/gif image/jpeg if you have slow CPU
gzip_types text/plain text/xml text/css application/x-javascript application/xml application/javascript application/xml+rss text/javascript application/atom+xml;
ignore_invalid_headers on;
client_header_timeout 3m;
client_body_timeout 3m;
send_timeout 3m;
reset_timedout_connection on;
connection_pool_size 256;
client_header_buffer_size 256k;
large_client_header_buffers 4 256k;
client_max_body_size 200M;
client_body_buffer_size 128k;
request_pool_size 32k;
output_buffers 4 32k;
postpone_output 1460;
proxy_temp_path /tmp/nginx_proxy/;
proxy_cache_path /var/cache/nginx levels=1:2 keys_zone=microcache:5m max_size=1000m;
client_body_in_file_only on;
log_format bytes_log "$msec $bytes_sent .";
log_format custom_microcache '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent" nocache:$no_cache';
include "/etc/nginx/vhosts/*";
}
My images are located in http://images.domain.com, so my question is how to add the Nginx proxy cache configuration that can cache the images on my images sub-domain for two hours?
By nginx static files are serves perfectly.
My configuration for images.domain.com.
server {
listen 80;
server_name images.domain.com;
set $path /home/images.domain.com;
set $webroot $path/public_html;
location ~* ^.+\.(jpg|jpeg|gif|png|zip|tgz|gz|rar|bz2|tar|wav|bmp|wmv|avi|3gp|mp3|mp4|css|js|ico)$ {
access_log /var/log/nginx/imgages.domain.com.log main;
root $webroot;
expires 2h;
}
}
Related
I have a rails application that is running on Nginx and Puma in production environment.
There is a problem with web page loading (TTBF delay), and I am trying to figure out a reason.
On backend side in production.log I see that my web page is rendered fast enough in 134ms:
Completed 200 OK in 134ms (Views: 49.9ms | ActiveRecord: 29.3ms)
But in browser I see that TTFB is 311.49ms:
I understand that there may be a problem in settings or processes count may be not optimal, but cannot find a a reason of ~177ms delay.. Will be grateful for some advices.
My VPS properties and configurations are listed below.
Environment
Nginx 1.10.3
Puma 3.12.0 (rails 5.2)
PostgreSQL
Sidekiq
ElasticSearch
VPS properties
Ubuntu 16.04 (64-bit)
8 cores (2.4 GHz)
16gb of RAM.
Network Bandwidth: 1000 Mbps
nginx.conf
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 8096;
multi_accept on;
use epoll;
}
http {
# Basic Settings
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Logging Settings
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
# Gzip Settings
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
web_app.conf
upstream puma {
server unix:///home/deploy/apps/web_app/shared/tmp/sockets/web_app-puma.sock fail_timeout=0;
}
log_format timings '$remote_addr - $time_local '
'"$request" $status '
'$request_time $upstream_response_time';
server {
server_name web_app.com;
# SSL configuration
ssl on;
listen 443 ssl http2;
listen [::]:443 ssl http2;
ssl_protocols TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
ssl_prefer_server_ciphers on;
ssl_buffer_size 4k;
ssl_certificate /etc/ssl/certs/cert.pem;
ssl_certificate_key /etc/ssl/private/key.pem;
root /home/deploy/apps/web_app/shared/public;
access_log /home/deploy/apps/web_app/current/log/nginx.access.log;
error_log /home/deploy/apps/web_app/current/log/nginx.error.log info;
access_log /home/deploy/apps/web_app/current/log/timings.log timings;
location ^~ /assets/ {
#gzip_static on;
expires max;
add_header Cache-Control public;
add_header Vary Accept-Encoding;
access_log off;
}
try_files $uri/index.html $uri #puma;
location #puma {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_request_buffering off;
proxy_pass http://puma;
}
error_page 500 502 503 504 /500.html;
client_body_buffer_size 8K;
client_max_body_size 10M;
client_header_buffer_size 1k;
large_client_header_buffers 2 16k;
client_body_timeout 10s;
keepalive_timeout 10;
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
}
puma.rb
threads 1, 6
port 3000
environment 'production'
workers 8
preload_app!
before_fork { ActiveRecord::Base.connection_pool.disconnect! if defined?(ActiveRecord) }
on_worker_boot { ActiveRecord::Base.establish_connection if defined?(ActiveRecord) }
plugin :tmp_restart
Check the true response time of the backend
The backend might claim it's answering/rendering in 130ms, that doesn't mean it's actually doing that. You can define a logformat like this:
log_format timings '$remote_addr - $time_local '
'"$request" $status '
'$request_time $upstream_response_time';
and apply it with:
access_log /var/log/nginx/timings.log timings;
This will tell how long the backend actually takes to respond.
Others possible way to debug
Check the raw latency between you and the server (i.e. with ping or by querying from the server itself)
Check how fast static content is served to get a baseline
Use caching
Add something like this to your location block:
proxy_cache_path /path/to/cache levels=1:2 keys_zone=my_cache:10m max_size=10g
inactive=60m use_temp_path=off;
proxy_cache my_cache;
If your backend supports a "moddified since" header:
proxy_cache_revalidate on;
Disable buffering
You can instruct nginx to forward the responses from the backend without buffering them. This might reduce response time:
proxy_buffering off;
Since version 1.7.11 there also exists a directive that allows nginx to forward a reponse to a backend without buffering it.
proxy_request_buffering off;
I have a form in Symfony 2.7 to upload videos between 100MB - 500 MB to my web. The upload speed is around 700 kbps so a 100MB video last more than 15 minutes to be uploaded. This is too much, users run out of my website! I’ve tried with Wetransfer and the same video last only 30 seconds to upload with an upload speed of 30Mbps. (wetransfer upload speed is more than 30 times higher!)
I have a digitalocean VPS, nginx, symfony2.7 application.
I have been reading a lot of Nginx configuration and testing diferents configs but the speed remain very low. I have done changes in php.ini, nginx.conf but I don't understand what is happening..
This is my vps speed:
~$ curl -s https://raw.githubusercontent.com/sivel/speedtest-cli/master/speedtest.py | python -
Retrieving speedtest.net configuration...
Testing from DigitalOcean (xxx.xxx.xxx.xxx)...
Retrieving speedtest.net server list...
Selecting best server based on ping...
Hosted by Citybridge (New York City, NY) [16.98 km]: 2.628 ms
Testing download speed................................................................................
Download: 380.93 Mbit/s
Testing upload speed....................................................................................................
Upload: 352.91 Mbit/s
Nginx.conf and sites-available/domain:
user www-data;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 1024;
}
http {
client_max_body_size 1000M;
client_body_buffer_size 32M;
proxy_buffer_size 32M;
proxy_buffers 16 8M;
client_header_buffer_size 16k;
large_client_header_buffers 8 16k;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
gzip_types text/css application/x-javascript text/xml application/xml text/javascript application/javascript text/x-js;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
server {
listen 443 ssl;
server_name www.*****.org;
ssl_certificate /etc/letsencrypt/live/***.org/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/***.org/privkey.pem;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_ciphers *****;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_stapling on;
ssl_stapling_verify on;
add_header Strict-Transport-Security max-age=15768000;
root /var/www/****/web;
if ($http_user_agent ~* (libwww-perl) ) {
return 403;
}
location ~ /.well-know{
allow all;
}
location / {
try_files $uri /app.php$is_args$args;
}
location ~ ^/app\.php(/|$) {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
error_log /var/log/nginx/***.log;
access_log /var/log/nginx/***.log;
location ~* .(jpg|jpeg|png|gif|ico|css|js)$ {
expires 1d;
}
}
Any idea? Thanks in advance
I added expires in my /etc/nginx/nginx.conf debian server
But it don't appear on the header of website files :
Accept-Ranges bytes
Cache-Control public
Connection keep-alive
Content-Length 122623
Content-Type image/jpeg
Date Tue, 10 Nov 2015 09:48:45 GMT
Etag "561cb1f6-1deff"
Last-Modified Tue, 13 Oct 2015 07:25:42 GMT
Server nginx
X-Powered-By PleskLin
Here is my nginx.conf :
#user nginx;
worker_processes auto;
#error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;
#pid /var/run/nginx.pid;
events {
worker_connections 1024;
multi_accept on;
}
http {
client_header_timeout 3000;
client_body_timeout 3000;
fastcgi_read_timeout 3000;
fastcgi_send_timeout 3000;
fastcgi_connect_timeout 3000;
client_max_body_size 32m;
fastcgi_buffers 16 128k;
fastcgi_buffer_size 128k;
proxy_buffers 16 128k;
proxy_buffer_size 128k;
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#tcp_nodelay on;
gzip on;
#gzip_disable "MSIE [1-6]\.(?!.*SV1)";
gzip_comp_level 9;
gzip_http_version 1.1;
gzip_proxied any;
gzip_min_length 10;
gzip_buffers 16 8k;
gzip_types text/plain text/css application/javascript text/xml application/xml application/xml+rss text/javascript application/xhtml+xml;
# Disable for IE < 6 because there are some known problems
gzip_disable “MSIE [1-6].(?!.*SV1)”;
# Add a vary header for downstream proxies to avoid sending cached gzipped files to IE6
gzip_vary on;
server_tokens off;
server {
listen 80;
index index.php index.html;
# Expire rules for static content
# cache.appcache, your document html and data
location ~* \.(?:manifest|appcache|html?|xml|json)$ {
expires -1;
# access_log logs/static.log; # I don't usually include a static log
}
# Feed
location ~* \.(?:rss|atom)$ {
expires 1h;
add_header Pragma public;
add_header Cache-Control "public";
}
# Media: images, icons, video, audio, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
expires 1M;
access_log off;
add_header Pragma public;
add_header Cache-Control "public";
}
# CSS and Javascript
location ~* \.(?:css|js)$ {
expires 1y;
access_log off;
add_header Pragma public;
add_header Cache-Control "public";
}
}
include /etc/nginx/conf.d/*.conf;
}
Anyone see what is the problem ?
I'm not an expert at all, I just copy past from tutorial...
Thanks
I found it.
It's because I'm using nginx with plesk.
I need to put the expires with the admin panel
I tried to insert browser expire dates for all static types in nginx.
I copy this:
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires 365d;
}
before "server_tokens off;" at my:
/etc/nginx/nginx.conf
and get this error:
nginx: [emerg] "location" directive is not allowed here in /etc/nginx/nginx.conf:54
Anyone could help me?
Here the current working config!
#user nginx;
worker_processes 1;
#error_log /var/log/nginx/error.log;
#error_log /var/log/nginx/error.log notice;
#error_log /var/log/nginx/error.log info;
#pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log /var/log/nginx/access.log main;
sendfile off;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#tcp_nodelay on;
# output compression saves bandwidth
gzip on;
gzip_http_version 1.1;
gzip_vary on;
gzip_comp_level 6;
gzip_proxied any;
gzip_types text/plain text/css application/json application/javascript application/x-javascript text/javascript text/xml application/xml application/rss+xml application/atom+xml application/rdf+xml;
# make sure gzip does not lose large gzipped js or css files
# see http://blog.leetsoft.com/2007/07/25/nginx-gzip-ssl.html
gzip_buffers 16 8k;
# Disable gzip for certain browsers.
gzip_disable “MSIE [1-6].(?!.*SV1)”;
server_tokens off;
include /etc/nginx/conf.d/*.conf;
}
All based on a Ubuntu 12.04 VPS
Ensure your location block is inside the server or location block.
Source: http://nginx.org/en/docs/http/ngx_http_core_module.html#location
i want to setting my nginx.conf and .htacccess(codeigniter) i was tried setting rewrite in my nginx.conf, but not success,
this is my nginx.conf
worker_processes 4;
events {
worker_connections 1024;
}
http {
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 65;
types_hash_max_size 2048;
server_tokens off;
include mime.types;
default_type text/plain;
log_format gzip '$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" "$gzip_ratio"';
access_log /usr/local/logs/nginx/access.log gzip buffer=32k;
error_log /usr/local/logs/nginx/error.log notice;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
server {
listen 80;
server_name localhost;
root /usr/local/var/www;
index index.php index.html;
location ~ \.php$ {
fastcgi_pass unix:/tmp/php-fpm.sock;
}
include fastcgi_params;
}
include /usr/local/etc/nginx/conf.d/*;
include /usr/local/etc/nginx/sites-enabled/*;
}
for this case, my .htaccess file is empty,
anyone help me...
thx