X-Git-Url: https://git.cyclocoop.org/?a=blobdiff_plain;f=etc%2Fnginx%2Fnginx.conf;h=216e273adc0963d5b4560c48b7e587a14654a8fc;hb=5c42a4d606c3fb4de3420b220d45077b08f13a40;hp=f8d0328d028763586fad2fd489f4cb293e3195ce;hpb=2d48a198262604098443c6a90e58b0084600a4d7;p=lhc%2Fateliers.git

diff --git a/etc/nginx/nginx.conf b/etc/nginx/nginx.conf
index f8d0328..216e273 100644
--- a/etc/nginx/nginx.conf
+++ b/etc/nginx/nginx.conf
@@ -1,5 +1,4 @@
 # DOC: http://blog.martinfjordvald.com/2010/07/nginx-primer/
-daemon on;
 events {
 	multi_accept on;
 	use epoll;
@@ -9,9 +8,7 @@ http {
 	log_format main
 	 '$remote_addr - $remote_user [$time_local] "$request" '
 	 '$status $body_bytes_sent "$http_referer" '
-	 '"$http_user_agent" "$http_x_forwarded_for" nocache:$no_cache document_root:$document_root'
-	 ' fastcgi_script_name:$fastcgi_script_name'
-	 ' request_filename:$request_filename';
+	 '"$http_user_agent" "$http_x_forwarded_for"';
 	access_log /var/log/nginx/access.log main buffer=32k;
 	client_body_buffer_size 4K;
 		# NOTE: % getconf PAGESIZE
@@ -24,13 +21,16 @@ http {
 	default_type application/octet-stream;
 	error_log /var/log/nginx/error.log warn;
 	error_page 403 = 404;
-	fastcgi_cache_key "$request_method $scheme://$host$request_uri";
+	fastcgi_cache_key "$request_method $scheme://$http_host$request_uri";
 	fastcgi_cache_path /run/shm/cache/nginx/fastcgi
+	 inactive=10m
+	 keys_zone=microcache:2M
 	 levels=1:2
-	 keys_zone=microcache:10m
-	 inactive=5m
-	 max_size=64m;
-	fastcgi_cache microcache;
+	 loader_files=100000
+	 loader_sleep=1
+	 loader_threshold=2592000000
+	 max_size=64M;
+	fastcgi_temp_path /run/shm/tmp/nginx/ 1 2;
 	gzip on;
 	gzip_buffers 16 8k;
 	gzip_comp_level 6;
@@ -81,9 +81,25 @@ http {
 		#       This is useful for prepending headers before calling sendfile,
 		#       or for throughput optimization.
 	types_hash_max_size 2048;
+	## Add here all user agents that are to be blocked.
+	map $http_user_agent $bad_bot {
+		default 0;
+		libwww-perl                      1;
+		~(?i)(httrack|htmlparser|libwww) 1;
+	 }
+	## Add here all referrers that are to blocked.
+	#map $http_referer $bad_referer {
+	#	default 0;
+	#	~(?i)(babes|casino|click|diamond|forsale|girl|jewelry|love|nudit|organic|poker|porn|poweroversoftware|replica|sex|teen|webcam|zippo) 1;
+	# }
+	geo $not_local {
+		default 1;
+		127.0.0.1 0;
+	 }
+	include /etc/nginx/site.d/*/http.conf;
 	include /etc/nginx/site.d/*/server.conf;
  }
-pid /var/run/nginx.pid;
+pid /run/nginx.pid;
 user www-data;
 worker_processes 2;