I want activate gzip compression in my nginx and unicorn:
I have this in my rails app in config/unicorn.rb:
working_directory "/home/user/project.com/current"
shared_path = '/home/user/project.com/shared'
pid "#{shared_path}/pids/unicorn.pid"
stderr_path "#{shared_path}/log/unicorn.log"
stdout_path "#{shared_path}/log/unicorn.log"
listen '/tmp/unicorn.project.sock'
worker_processes 2
timeout 30
I have this in my nginx.conf in my rails app:
upstream unicorn {
server unix:/tmp/unicorn.project.sock fail_timeout=0;
}
server {
listen 80 default;
root ~/project.com/current/public;
try_files $uri/index.html $uri #unicorn;
location #unicorn {
proxy_pass http://unicorn;
}
error_page 500 502 503 504 /500.html;
}
How can I enable for this config sth like:
gzip_static on;
expires max;
add_header Cache-Control public;
Thank you!
Add to server { } block in your config:
location ~ ^/(assets)/ {
root /path/to/public;
gzip_static on; # to serve pre-gzipped version
expires max;
add_header Cache-Control public;
}
Checkout Rails guides for additional information.
This is what I have in my nginx.conf for gzip:
gzip on;
gzip_buffers 16 8k;
gzip_comp_level 9;
gzip_http_version 1.0;
gzip_min_length 0;
gzip_types text/plain text/css image/x-icon image/png image/jpg image/jpeg text/js text/php application/javascript application/x-javascript;
gzip_vary on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
You can also log the gzip compression:
log_format main
'$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$gzip_ratio"';
Related
I've googled a lot, but still can't resolve "You can reduce your startup time if you configure your web server to host .unityweb files using gzip compression." message.
Here my simple localhost config and a screenshot from Chrome web inspector. Looks like encoding is working...
Thank you in advance!
http {
include mime.types;
default_type application/octet-stream;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/octet-stream .unityweb;
server {
listen 80;
server_name localhost;
location / {
root html;
index index.html index.htm;
gzip_static on;
}
location ~ .+\.unityweb$ {
add_header Content-Encoding gzip;
add_header Content-Type application/octet-stream;
}
}
}
On my case
clear Web Browser Cache.
solve.
I'm testing nginx locally as a reverse proxy
I want to redirect wildcard subdomain http to https
The subdomains are handled programmatically in the application
server {
listen 80;
server_name ~^(.*)\.localhost$;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
gzip on;
gzip_comp_level 6;
gzip_vary on;
gzip_min_length 1000;
gzip_proxied any;
gzip_types text/plain text/html text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip_buffers 16 8k;
server_name ~^(.*)\.localhost$;
# SSL Certs
ssl_certificate /path/to/server.crt;
ssl_certificate_key /path/to/server.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
location / {
proxy_pass http://localhost:3333;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
}
accessing https directly from the chrome works fine
accessing http does literally nothing, not even a page refresh
We just moved to another server, we are using Nginx as webservice
and we are using custom admin url for magento 1.9 like admin.domain.com
I can access magento admin through this url: https://admin.domain.com/index.php/admin
so is there anyway I can access it using this url only admin.domain.com
here it's my nginx config
server {
listen 888.888.888.888:80;
server_name domain.com *.domain.com www.domain.com;
root /home/admin/web/domain.com/public_html;
index index.php index.html index.htm;
access_log /var/log/nginx/domains/domain.com.log combined;
access_log /var/log/nginx/domains/domain.com.bytes bytes;
error_log /var/log/nginx/domains/domain.com.error.log error;
location / {
try_files $uri $uri/ #handler;
expires 30d;
}
location /app/ { deny all; }
location /includes/ { deny all; }
location /lib/ { deny all; }
location /media/downloadable/ { deny all; }
location /pkginfo/ { deny all; }
location /report/config.xml { deny all; }
location /var/ { deny all; }
location /var/export/ {
auth_basic "Restricted";
auth_basic_user_file htpasswd;
autoindex on;
}
location /. {
return 404;
}
location #handler {
rewrite / /index.php;
}
location ~ .php/ {
rewrite ^(.*.php)/ $1 last;
}
location ~ \.php$ {
try_files $uri =404;
expires off;
fastcgi_read_timeout 900s;
fastcgi_index index.php;
fastcgi_pass 127.0.0.1:9002;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
rewrite ^/minify/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last;
rewrite ^/skin/m/([0-9]+)(/.*.(js|css))$ /lib/minify/m.php?f=$2&d=$1 last;
location /lib/minify/ {
allow all;
}
gzip on;
gzip_comp_level 6;
gzip_min_length 256;
gzip_proxied any;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/vnd.ms-fontobject application/x-font-ttf font/opentype image/svg+xml image/x-icon;
error_page 403 /error/404.html;
error_page 404 /error/404.html;
error_page 500 502 503 504 /error/50x.html;
location /error/ {
alias /home/admin/web/domain.com/document_errors/;
}
location ~* "/\.(htaccess|htpasswd)$" {
deny all;
return 404;
}
location /vstats/ {
alias /home/admin/web/domain.com/stats/;
include /home/admin/web/domain.com/stats/auth.conf*;
}
include /etc/nginx/conf.d/phpmyadmin.inc*;
include /etc/nginx/conf.d/phppgadmin.inc*;
include /etc/nginx/conf.d/webmail.inc*;
include /home/admin/conf/web/nginx.domain.com.conf*;
}
Here is what you need to do:
Create two exact servers
Make sure that your files are sync'd (root
/var/www/vhosts/example.com;)
Your admin server will become your master and you can use Lsync to
make sure they are always sync'd
Domain admin.example.com will have one IP and your production server
will have another Ip address
You nginx config files can be identical.
In Magento you will choose custom url for admin and point that URL
To your new admin server
Any files changes and uploads will go to Admin and will get sync'd
to your slave server via the Lsync process.
You can run Redis through ElastiCache or simply run it on the admin
server
You should use RDS for your database server
Store sessions and cache in REDIS
DO NOT SYNC YOUR VAR FOLDER
so I have vagrant with port forwarding
here is vagrantfile
Vagrant.configure("2") do |config|
config.vm.provider "virtualbox" do |v|
v.memory = 2048
v.cpus = 4
end
config.berkshelf.enabled = true
config.berkshelf.berksfile_path = "./Berksfile"
config.omnibus.chef_version = :latest
config.vm.network :forwarded_port, guest: 80, host: 8080
config.vm.network :forwarded_port, guest: 22, host: 2020
end
Here is nginx.conf
user www-data;
worker_processes 4;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_requests 100;
keepalive_timeout 65;
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_proxied any;
gzip_vary off;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/rss+xml application/atom+xml text/javascript application/javascript application/json text/mathml;
gzip_min_length 1000;
gzip_disable "MSIE [1-6]\.";
variables_hash_max_size 1024;
variables_hash_bucket_size 64;
server_names_hash_bucket_size 64;
types_hash_max_size 2048;
types_hash_bucket_size 64;
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
here is sites_enabled/default
server {
listen 80;
server_name precise64;
access_log /var/log/nginx/localhost.access.log;
root /vagrant/site/www/public;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_pass unix:/run/php/php7.1-fpm.sock;
fastcgi_index index.php;
}
}
The issue is that everytime I go to http://localhost:8080/somedirectory on my browser, nginx ends up redirecting (301) to http://localhost/somedirectory
If I access a specific file, it doesn't do the redirect as expected
why is that happening and how can I prevent nginx from dropping the port?
I don't see a redirect in your NGINX config so my guess is that it's coming from your PHP app.
I'm having a 301 redirect issue for multiple sites pointing to our primary site although the intended affected sites are in their own server blocks. If I disable the primary site, the others work as intended, so it seems something in the primary config is trumping the others. Any help would be appreciated.
/etc/nginx/nginx.conf:
user nginx;
worker_processes 8;
worker_rlimit_nofile 100000;
error_log /var/log/nginx/error.log notice;
pid /var/run/nginx.pid;
events {
worker_connections 4096;
multi_accept on;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
#access_log /var/log/nginx/access.log;
access_log off;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
open_file_cache max=2000 inactive=20s;
open_file_cache_valid 60s;
open_file_cache_min_uses 5;
open_file_cache_errors off;
client_max_body_size 50M;
client_body_buffer_size 1m;
client_body_timeout 15;
client_header_timeout 15;
keepalive_timeout 2 2;
send_timeout 15;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
fastcgi_buffers 256 16k;
fastcgi_buffer_size 128k;
fastcgi_connect_timeout 3s;
fastcgi_send_timeout 120s;
fastcgi_read_timeout 120s;
fastcgi_busy_buffers_size 256k;
fastcgi_max_temp_file_size 0;
reset_timedout_connection on;
server_names_hash_bucket_size 100;
fastcgi_cache_path /var/cache/nginx levels=1:2 keys_zone=microcache:10m max_size=1000m inactive=60m;
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
include /etc/nginx/conf.d/*.conf;
}
This is the vhost conf that appears to be trumping other vhosts. /etc/nginx/conf.d/site1.conf:
server {
listen 10.10.10.1:80;
listen 10.10.10.1:443 ssl;
server_name ^site1\.org$ ^www\.site1\.org$ ^old\.site1domain\.org$;
ssl_certificate ...;
ssl_certificate_key ...;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
keepalive_timeout 70;
root /var/www/vhosts/site1.org/httpdocs;
index index.php;
client_max_body_size 128M;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_index index.php;
fastcgi_pass unix:/var/run/php-fpm/site1.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include /etc/nginx/fastcgi_params;
include /etc/nginx/fastcgi.conf;
open_file_cache max=4000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
}
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
if ($scheme != "https") {
rewrite ^ https://site1.org$uri permanent;
}
if ($host != "site1.org") {
rewrite ^ https://site1.org$uri permanent;
}
#wp-super-cache
....
location ~* .(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|css|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|tar|mid|midi|wav|bmp)$ {
expires max;
}
}
Phew. OK, here is an example of a different vhost config, which does not seem to be answering requests (instead, i get a 301 to the vhost above, with or without the redirects commented out).
/etc/nginx/conf.d/site2.conf:
server {
listen 10.10.10.1:80;
server_name ^sub1\.site2\.org$;
allow all;
proxy_redirect / http://10.10.10.1:6969;
location / {
proxy_pass http://10.10.10.1:6969;
}
}
However, for some reason, this SSL proxy works as intended (on different IP):
/etc/nginx/conf.d/site3.conf:
server {
listen 10.10.10.2:443 ssl;
server_name ^sub3\.site1\.org$;
ssl_certificate ...;
ssl_certificate_key ...;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
allow all;
proxy_redirect / http://sub3.site1.org:80/;
location / {
proxy_pass http://sub3.site1.org:80/;
}
proxy_set_header Host $http_host;
}
Here is what I get when I attempt to connect to http://sub1.site2.org:
[c09 79] /etc/nginx/conf.d # wget {sub1.site2.url}
--2015-11-25 09:09:28-- {sub1.site2.url}
Resolving sub1.site2.org... 10.10.10.1
Connecting to sub1.site2.org|10.10.10.1|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: {site1.url} [following]
and so on...
Thanks in advance.
Your server_name directives are all invalid so none of them match. So nginx uses the first server container as the default and processes all requests through that.
It then hits your rewrite ^ https://site1.org$uri permanent; conditional rewrite.
If you must use regex in your server_names (although it's less efficient unless you really need it), you must prefix the name with ~. Otherwise, just use the plain name.
server_name site1.org www.site1.org old.site1domain.org;
See this document for details.