Mudanças entre as edições de "Nginx"

De MochilaWiki
Ir para navegaçãoIr para pesquisar
 
(30 revisões intermediárias por 2 usuários não estão sendo mostradas)
Linha 1: Linha 1:
-> nginx (compilado) + spawn-fcgi (php-fastcgi)
+
== instalando Nginx ==
  
 
<source lang="bash">
 
<source lang="bash">
apt-get install libpcre3-dev libssl-dev build-essential php5-cgi
+
apt-get install libpcre3-dev libssl-dev build-essential
 
cd /usr/src
 
cd /usr/src
 
wget -c http://nginx.org/download/nginx-0.8.54.tar.gz
 
wget -c http://nginx.org/download/nginx-0.8.54.tar.gz
 
tar zxvf nginx-0.8.54.tar.gz
 
tar zxvf nginx-0.8.54.tar.gz
 
cd nginx-0.8.54/
 
cd nginx-0.8.54/
wget http://download.snake.de/dist/ngx-fancyindex-0.3.tar.gz
 
tar zxvf ngx-fancyindex-0.3.tar.gz
 
 
./configure --prefix=/usr/local/nginx --user=www-data --group=www-data \
 
./configure --prefix=/usr/local/nginx --user=www-data --group=www-data \
 
--without-mail_pop3_module --without-mail_imap_module --with-sha1=/usr/lib \
 
--without-mail_pop3_module --without-mail_imap_module --with-sha1=/usr/lib \
Linha 14: Linha 12:
 
--with-http_ssl_module --http-log-path=/var/log/nginx/access.log \
 
--with-http_ssl_module --http-log-path=/var/log/nginx/access.log \
 
--conf-path=/etc/nginx/nginx.conf  --pid-path=/var/run/nginx.pid \
 
--conf-path=/etc/nginx/nginx.conf  --pid-path=/var/run/nginx.pid \
--add-module=ngx-fancyindex-0.3
+
--with-http_sub_module --with-http_ssl_module --with-http_gzip_static_module \
 +
--with-http_stub_status_module
 
make
 
make
 
make install
 
make install
 
cd /usr/src
 
cd /usr/src
 +
wget http://pub.nkosi.org/nginx/iredmail/nginx-init
 +
wget http://pub.nkosi.org/iredmail/nginx-logrotate
 +
wget http://pub.nkosi.org/iredmail/nginx.conf
 +
mkdir /etc/nginx/sites-enabled
 +
mv nginx.conf /etc/nginx/
 +
mv nginx-init /etc/init.d/nginx
 +
mv nginx-logrotate /etc/logrotate.d/nginx
 +
chmod 755 /etc/init.d/nginx
 +
update-rc.d nginx defaults
 +
</source>
 +
 +
iniciando serviços
 +
/etc/init.d/nginx start
 +
 +
=== Instalando versão recente em Ubuntu 18.04 ===
 +
 +
em /etc/apt/sources.list.d/nginx.list insira
 +
deb [arch=amd64] http://nginx.org/packages/mainline/ubuntu/ bionic nginx
 +
deb-src http://nginx.org/packages/mainline/ubuntu/ bionic nginx
 +
 +
<source lang="bash">
 +
sudo wget https://nginx.org/keys/nginx_signing.key
 +
sudo apt-key add nginx_signing.key
 +
sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
 +
sudo apt-get update
 +
sudo apt-get install nginx
 +
</source>
 +
 +
 +
 +
Referências
 +
* https://www.linuxbabe.com/ubuntu/install-nginx-latest-version-ubuntu-18-04
 +
* https://www.nginx.com/resources/wiki/start/topics/tutorials/install/
 +
* https://www.techrepublic.com/article/how-to-install-the-latest-version-of-nginx-on-ubuntu-server-18-04/
 +
* https://askubuntu.com/questions/1229740/how-to-upgrade-to-latest-stable-nginx-on-ubuntu-18
 +
* https://www.linuxbabe.com/ubuntu/install-nginx-latest-version-ubuntu-18-04
 +
 +
== cgi ==
 +
para aplicações que ficam em /usr/lib/cgi-bin
 +
 +
<source lang="bash">
 +
apt-get install fcgiwrap
 +
</source>
 +
 +
<source lang="nginx">
 +
 +
        location /cgi-bin/ {
 +
                gzip off;
 +
                root  /usr/lib;
 +
                fastcgi_pass  unix:/var/run/fcgiwrap.socket;
 +
                include /etc/nginx/fastcgi_params;
 +
                fastcgi_param SCRIPT_FILENAME  /usr/lib$fastcgi_script_name;
 +
        }
 +
</source>
 +
 +
 +
== com php - spawn-fcgi  ==
 +
<source lang="bash">
 +
apt-get install php5-cgi
 
wget http://www.lighttpd.net/download/spawn-fcgi-1.6.3.tar.gz
 
wget http://www.lighttpd.net/download/spawn-fcgi-1.6.3.tar.gz
 
tar -xf spawn*
 
tar -xf spawn*
Linha 24: Linha 82:
 
make
 
make
 
cp src/spawn-fcgi /usr/bin/spawn-fcgi
 
cp src/spawn-fcgi /usr/bin/spawn-fcgi
wget http://pub.nkosi.org/nginx/iredmail/nginx-init
 
 
wget http://pub.nkosi.org/nginx/iredmail/php-fastcgi-bin
 
wget http://pub.nkosi.org/nginx/iredmail/php-fastcgi-bin
 
wget http://pub.nkosi.org/nginx/iredmail/php-fastcgi-init
 
wget http://pub.nkosi.org/nginx/iredmail/php-fastcgi-init
wget http://pub.nkosi.org/iredmail/nginx-logrotate
 
wget http://pub.nkosi.org/iredmail/nginx.conf
 
mkdir /etc/nginx/sites-enabled
 
mv nginx.conf /etc/nginx/
 
mv nginx-init /etc/init.d/nginx
 
 
mv php-fastcgi-bin /usr/bin/php-fastcgi
 
mv php-fastcgi-bin /usr/bin/php-fastcgi
 
mv php-fastcgi-init /etc/init.d/php-fastcgi
 
mv php-fastcgi-init /etc/init.d/php-fastcgi
mv nginx-logrotate /etc/logrotate.d/nginx
 
 
echo cgi.fix_pathinfo = 1 >> /etc/php5/cgi/php.ini
 
echo cgi.fix_pathinfo = 1 >> /etc/php5/cgi/php.ini
chmod 755 /etc/init.d/nginx
 
 
chmod a+x /usr/bin/php-fastcgi
 
chmod a+x /usr/bin/php-fastcgi
 
chmod 755 /etc/init.d/php-fastcgi
 
chmod 755 /etc/init.d/php-fastcgi
 
update-rc.d php-fastcgi defaults
 
update-rc.d php-fastcgi defaults
update-rc.d nginx defaults
+
/etc/init.d/php-fastcgi start
 
</source>
 
</source>
  
iniciando serviços
+
== com perl ==
/etc/init.d/php-fastcgi start
+
<source lang="bash">
/etc/init.d/nginx start
+
apt-get install libfcgi-perl
 
+
wget http://pub.nkosi.org/nginx/fastcgi-wrapper.pl-text
parando serviços
+
wget http://pub.nkosi.org/nginx/perl-fastcgi
/etc/init.d/php-fastcgi stop
+
mv perl-fastcgi /etc/init.d/
/etc/init.d/nginx stop
+
mv fastcgi-wrapper.pl-text /usr/bin/fastcgi-wrapper.pl
 +
chmod a+x /usr/bin/fastcgi-wrapper.pl
 +
chmod 755 /etc/init.d/perl-fastcgi
 +
update-rc.d perl-fastcgi defaults
 +
/etc/init.d/perl-fastcgi start
 +
</source>
  
 
== sintaxe para nginx.conf ==
 
== sintaxe para nginx.conf ==
Linha 145: Linha 200:
 
         }
 
         }
 
</source>
 
</source>
 +
 +
ou
 +
 +
<source lang="nginx">
 +
        location = /direotorio/login.php {
 +
                return 301 http://novoendereco.com.br/login.php;
 +
        }
 +
</source>
 +
  
 
listando itens de um diretório - simples
 
listando itens de um diretório - simples
Linha 158: Linha 222:
  
 
listando itens de um diretório -  fancyindex
 
listando itens de um diretório -  fancyindex
 +
baixe o pacote [http://download.snake.de/dist/ngx-fancyindex-0.3.tar.gz ngx-fancyindex-0.3] e acrescente em "configure" --add-module=ngx-fancyindex-0.3
 +
 
<source lang="nginx">
 
<source lang="nginx">
 
location  /  {
 
location  /  {
Linha 184: Linha 250:
  
 
* [http://pub.nkosi.org/nginx/cgi-bin.php.txt cgi-bin.php]
 
* [http://pub.nkosi.org/nginx/cgi-bin.php.txt cgi-bin.php]
 +
 +
<source lang="nginx">
 +
        location ~  \.pl$ {
 +
                gzip off;
 +
                fastcgi_pass  127.0.0.1:8999;
 +
                fastcgi_param SCRIPT_FILENAME /usr/lib/cgi-bin$fastcgi_script_name;
 +
                include fastcgi_params;
 +
                fastcgi_param SCRIPT_NAME awstats.pl;
 +
        }
 +
</source>
  
 
Para deixar publico a pasta /usr/share/doc
 
Para deixar publico a pasta /usr/share/doc
Linha 244: Linha 320:
 
auth_basic            "Restricted";
 
auth_basic            "Restricted";
 
auth_basic_user_file  /etc/awstats/webstats.example.com.htpasswd;
 
auth_basic_user_file  /etc/awstats/webstats.example.com.htpasswd;
 +
 +
client_body_buffer_size    128K;
 +
client_header_buffer_size  128K;
 +
client_max_body_size          1M;
 +
large_client_header_buffers 1 1k;
 +
error_page  404  /404.html;
 +
</source>
 +
 +
<source lang="nginx">
 +
location = /favicon.ico {
 +
log_not_found off;
 +
access_log off;
 +
}
 +
</source>
 +
 +
<source lang="nginx">
 +
location = /robots.txt {
 +
allow all;
 +
log_not_found off;
 +
access_log off;
 +
}
 +
</source>
 +
 +
<source lang="nginx">
 +
location ~* \.(txt|log)$ {
 +
allow 192.168.0.0/16;
 +
deny all;
 +
}
 +
</source>
 +
 +
<source lang="nginx">
 +
location ~* ^.+\.(css|js)$ {
 +
root /folder/to/static/files;
 +
expires 30d;
 +
}
 +
</source>
 +
 +
<source lang="nginx">
 +
location ~* \.(jpg|jpeg|gif|png|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|tar|wav|bmp|rtf|swf|ico|flv|txt|xml|docx|xlsx)$ {
 +
  root /srv/hatchepsut/;
 +
  index index.php;
 +
  access_log off;
 +
  expires 30d;
 +
}
 +
</source>
 +
 +
páginas de erro
 +
<source lang="nginx">
 +
error_page 404 /index.php;
 +
error_page 403 /403.html;
 +
 +
location ^~ /error_images/ {
 +
root  /var/www/static_pages/error_pages;
 +
access_log        off;
 +
expires          30d;
 +
}
 +
 +
 +
location = /403.html {
 +
  root  /var/www/static_pages/error_pages;
 +
}
 +
 +
        error_page  500 502 503 504  /50x.html;
 +
        location = /50x.html {
 +
                root  /var/www/nginx-default;
 +
        }
 +
 +
      error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497
 +
                500 501 502 503 504 505 506 507 /error_page.html;
 +
      location  /error_page.html {
 +
          internal;
 +
</source>
 +
 +
userdir
 +
<source lang="nginx">
 +
location ~ ^/~(.+?)(/.*)?$ {
 +
      alias /home/$1/public_html$2;
 +
      autoindex on;
 +
}
 +
</source>
 +
 +
definindo um vhost como padrão do servidor - nginx
 +
<source lang="nginx">
 +
server {
 +
listen 80 default;
 +
}
 +
</source>
 +
 +
== tamanho do arquivo para upload nginx+php-fpm ==
 +
acrescente os valores em /etc/php5/fpm/domain.tld.conf
 +
<source lang="php">
 +
max_execution_time = 240
 +
upload_max_filesize = 32M
 +
post_max_size = 32M
 +
memory_limit = 32M
 
</source>
 
</source>
  
[[Categoria:web]]
+
o arquivo de configuração do site /etc/nginx/sites-enabled/domain.tld fica
 +
<source lang="nginx">
 +
server {
 +
        server_name domain.tld www.domain.tld;
 +
        root /var/www/project;
 +
        index  index.html index.php;
 +
        client_header_timeout 240;
 +
        client_body_timeout 240;
 +
        fastcgi_read_timeout 240;
 +
        client_max_body_size 32m;
 +
        client_body_buffer_size 128k;
 +
 
 +
        location ~ \.php$ {
 +
fastcgi_param PHP_VALUE "upload_max_filesize = 32M \n post_max_size=33M";
 +
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
 +
                fastcgi_pass  127.0.0.1:9000;
 +
                fastcgi_index  index.php ;
 +
                include fastcgi_params;
 +
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 +
        }
 +
 
 +
}
 +
</source>
 +
 
 +
== arquivos SSI ==
 +
 
 +
<source lang="nginx">
 +
location /reportagens/ {
 +
        ssi on;
 +
        ssi_last_modified on;
 +
        ssi_min_file_chunk 1k;
 +
        ssi_silent_errors off;
 +
#      ssi_types text/html;
 +
        ssi_value_length 256;
 +
        root /var/www/reportagens/public_html/;
 +
        index 01.shtml ;
 +
 
 +
    location ~ \.shtml$ {
 +
        fastcgi_pass  127.0.0.1:9001;
 +
        fastcgi_index  index.shtml;
 +
        include fastcgi_params;
 +
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 +
    }
 +
 
 +
}
 +
</source>
 +
 
 +
 
 +
== proxy ==
 +
 
 +
No caso de ter uma aplicação rodando em http://quijaua.net/bantu/galeria ficou assim
 +
 
 +
ajuste no apache
 +
<source lang="apache">
 +
<VirtualHost *:81>
 +
        ServerName galeriainterna.net
 +
        DirectoryIndex index.php
 +
        DocumentRoot /var/www/html/galeria/public_html/cms/
 +
        ErrorLog /var/log/apache2/galeria-error.log
 +
        CustomLog /var/log/apache2/galeria-access.log common
 +
</VirtualHost>
 +
</source>
 +
 
 +
altere em 80 para 81 em /etc/apache2/ports.conf
 +
sed 's/80/81/g' /etc/apache2/ports.conf
 +
 
 +
 
 +
ajuste no nginx
 +
<source lang="nginx">
 +
server {
 +
    listen          80;
 +
    server_name quijaua.net;
 +
    root  /var/www/html/galeria/public_html/cms;
 +
 
 +
    index      index.php;
 +
    access_log /var/log/nginx/galeria.access.log main;
 +
    error_log /var/log/nginx/galeria.error.log info;
 +
 
 +
    location /bantu/galeria {
 +
        proxy_set_header X-Real-IP  $remote_addr;
 +
        proxy_set_header X-Forwarded-For $remote_addr;
 +
        proxy_set_header Host $host;
 +
        proxy_pass      http://galeriainterna.net:81;
 +
    }
 +
}
 +
</source>
 +
 
 +
== gzip ==
 +
<source lang="nginx">
 +
gzip on;
 +
gzip_vary on;
 +
gzip_proxied any;
 +
gzip_comp_level 6;
 +
gzip_buffers 16 8k;
 +
gzip_http_version 1.1;
 +
gzip_types image/svg+xml text/plain text/xml text/css text/javascript application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript application/x-font-ttf application/vnd.ms-fontobject font/opentype font/ttf font/eot font/otf;
 +
</source>
 +
 
 +
fonte https://www.wpfastestcache.com/tutorial/how-to-enable-gzip-on-nginx/
 +
 
 +
[[Categoria:Servidor]]

Edição atual tal como às 00h22min de 27 de novembro de 2020

instalando Nginx

apt-get install libpcre3-dev libssl-dev build-essential
cd /usr/src
wget -c http://nginx.org/download/nginx-0.8.54.tar.gz
tar zxvf nginx-0.8.54.tar.gz
cd nginx-0.8.54/
./configure --prefix=/usr/local/nginx --user=www-data --group=www-data \
--without-mail_pop3_module --without-mail_imap_module --with-sha1=/usr/lib \
--without-mail_smtp_module --with-http_stub_status_module \
--with-http_ssl_module --http-log-path=/var/log/nginx/access.log \
--conf-path=/etc/nginx/nginx.conf  --pid-path=/var/run/nginx.pid \
--with-http_sub_module --with-http_ssl_module --with-http_gzip_static_module \
--with-http_stub_status_module
make
make install
cd /usr/src
wget http://pub.nkosi.org/nginx/iredmail/nginx-init
wget http://pub.nkosi.org/iredmail/nginx-logrotate
wget http://pub.nkosi.org/iredmail/nginx.conf
mkdir /etc/nginx/sites-enabled
mv nginx.conf /etc/nginx/
mv nginx-init /etc/init.d/nginx
mv nginx-logrotate /etc/logrotate.d/nginx
chmod 755 /etc/init.d/nginx
update-rc.d nginx defaults

iniciando serviços

/etc/init.d/nginx start

Instalando versão recente em Ubuntu 18.04

em /etc/apt/sources.list.d/nginx.list insira

deb [arch=amd64] http://nginx.org/packages/mainline/ubuntu/ bionic nginx
deb-src http://nginx.org/packages/mainline/ubuntu/ bionic nginx
sudo wget https://nginx.org/keys/nginx_signing.key
sudo apt-key add nginx_signing.key
sudo cp /etc/nginx/nginx.conf /etc/nginx/nginx.conf.bak
sudo apt-get update
sudo apt-get install nginx


Referências

cgi

para aplicações que ficam em /usr/lib/cgi-bin

apt-get install fcgiwrap
        location /cgi-bin/ {
                gzip off;
                root  /usr/lib;
                fastcgi_pass  unix:/var/run/fcgiwrap.socket;
                include /etc/nginx/fastcgi_params;
                fastcgi_param SCRIPT_FILENAME  /usr/lib$fastcgi_script_name;
        }


com php - spawn-fcgi

apt-get install php5-cgi
wget http://www.lighttpd.net/download/spawn-fcgi-1.6.3.tar.gz
tar -xf spawn*
cd spawn*
./configure
make
cp src/spawn-fcgi /usr/bin/spawn-fcgi
wget http://pub.nkosi.org/nginx/iredmail/php-fastcgi-bin
wget http://pub.nkosi.org/nginx/iredmail/php-fastcgi-init
mv php-fastcgi-bin /usr/bin/php-fastcgi
mv php-fastcgi-init /etc/init.d/php-fastcgi
echo cgi.fix_pathinfo = 1 >> /etc/php5/cgi/php.ini
chmod a+x /usr/bin/php-fastcgi
chmod 755 /etc/init.d/php-fastcgi
update-rc.d php-fastcgi defaults
/etc/init.d/php-fastcgi start

com perl

apt-get install libfcgi-perl
wget http://pub.nkosi.org/nginx/fastcgi-wrapper.pl-text
wget http://pub.nkosi.org/nginx/perl-fastcgi
mv perl-fastcgi /etc/init.d/
mv fastcgi-wrapper.pl-text /usr/bin/fastcgi-wrapper.pl
chmod a+x /usr/bin/fastcgi-wrapper.pl
chmod 755 /etc/init.d/perl-fastcgi
update-rc.d perl-fastcgi defaults
/etc/init.d/perl-fastcgi start

sintaxe para nginx.conf

em nginx.conf:

user www-data;
worker_processes  1;

error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    access_log  /var/log/nginx/access.log;
    sendfile        on;
    keepalive_timeout  65;
    tcp_nodelay        on;
    gzip  on;
    gzip_http_version 1.0;
    gzip_comp_level 2;
    gzip_proxied any;
    gzip_min_length  1100;
    gzip_buffers 16 8k;
    gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript image/gif image/jpeg image/png;
    gzip_disable "MSIE [1-6].(?!.*SV1)";
    gzip_vary on;

    include /etc/nginx/sites-enabled/*;
}

vhost simples - em /etc/nginx/sites-enabled/pub.nkosi.net

    server {
        listen          80;
        server_name pub.nkosi.net;

        location / {
                root   /var/www/quijaua.com.br/pub/;
                index  index.html;
        }
  }

acrescentando log

access_log   /var/log/nginx/quijaua.com.br/pub/access.log;
error_log  /var/log/nginx/quijaua.com.br/pub/error.log info;

e para cada domínio cria o respectivo diretório

mkdir -p /var/log/nginx/quijaua.com.br/pub/

Desativa visualização de .htaccess & .htpassword

location ~ /\.ht {
   deny  all;
}

rodando php

        location / {
            root   /usr/share/apache2/;
            index  index.php index.html;
        }

         location ~ \.php$ {
            root            /usr/share/apache2/;
            include         fastcgi_params;
            fastcgi_pass    127.0.0.1:9000;
            fastcgi_index   index.php;
            fastcgi_param   SCRIPT_FILENAME /usr/share/apache2$fastcgi_script_name;
            fastcgi_param SERVER_NAME $http_host;
            fastcgi_ignore_client_abort on;
        }

redirecionamento

        location / {
                rewrite ^ https://mail.elegbara.net/webmail permanent;
        }

ou

        location = /direotorio/login.php {
                return 301 http://novoendereco.com.br/login.php;
        }


listando itens de um diretório - simples

location  /  {
  root   /var/www/pub/;
  autoindex  on;
  autoindex_exact_size on
}

listando itens de um diretório - fancyindex baixe o pacote ngx-fancyindex-0.3 e acrescente em "configure" --add-module=ngx-fancyindex-0.3

location  /  {
  root   /var/www/pub/;
  fancyindex on;
  fancyindex_exact_size off;
}

rodando perl/cgi

        location ~ ^/cgi-bin/.*\.pl$ {
                gzip off;
                fastcgi_pass  127.0.0.1:9000;
                include fastcgi_params;
                fastcgi_index cgi-bin.php;
                fastcgi_param SCRIPT_FILENAME /usr/share/apache2/cgi-bin.php;
                fastcgi_param SCRIPT_NAME /cgi-bin/cgi-bin.php;
                fastcgi_param X_SCRIPT_FILENAME /usr/lib$fastcgi_script_name;
                fastcgi_param X_SCRIPT_NAME $fastcgi_script_name;
        }
        location ~  \.pl$ {
                gzip off;
                fastcgi_pass  127.0.0.1:8999;
                fastcgi_param SCRIPT_FILENAME /usr/lib/cgi-bin$fastcgi_script_name;
                include fastcgi_params;
                fastcgi_param SCRIPT_NAME awstats.pl;
        }

Para deixar publico a pasta /usr/share/doc

        location /doc {
                root   /usr/share;
        }

Ou um arquivo no caminho /srv/hatchepsut/nginx-powered.png

        location = /nginx-powered.png {
                root   /srv/hatchepsut;
                access_log   off;
        }

Alias

	location ^~ /phppgadmin {
        	alias /usr/share/phppgadmin/;
	}

Reescrita

        location /old_stuff/ {
            rewrite   ^/old_stuff/(.*)$  /new_stuff/$1  permanent;
        }

entrada para log

  log_format   main '$remote_addr - $remote_user [$time_local]  $status '
    '"$request" $body_bytes_sent "$http_referer" '
    '"$http_user_agent" "$http_x_forwarded_for"';
                #permite o acesso para o ip         
                allow 127.0.0.1;

                #nega o acesso para todos
                deny all;

                #permite listar conteúdo da pasta
                autoindex on;

                #codificação da página
		charset utf-8; 
		charset         on;

                #não gera log
		access_log   off;

                #expira em 30 dias
		expires      30d;

                #restrição por senha - htpasswd
		auth_basic            "Restricted";
		auth_basic_user_file  /etc/awstats/webstats.example.com.htpasswd;

		client_body_buffer_size     128K;
		client_header_buffer_size   128K;
		client_max_body_size          1M;
		large_client_header_buffers 1 1k;
		error_page  404  /404.html;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~* \.(txt|log)$ {
allow 192.168.0.0/16;
deny all;
}
location ~* ^.+\.(css|js)$ {
root /folder/to/static/files;
expires 30d;
}
location ~* \.(jpg|jpeg|gif|png|css|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|ppt|tar|wav|bmp|rtf|swf|ico|flv|txt|xml|docx|xlsx)$ {
  root /srv/hatchepsut/;
  index index.php;
  access_log off;
  expires 30d;
 }

páginas de erro

	error_page 404 /index.php; 
	error_page 403 /403.html; 

	location ^~ /error_images/ { 
	root   /var/www/static_pages/error_pages; 
	access_log        off; 
	expires           30d; 
	} 


	location = /403.html { 
  	root   /var/www/static_pages/error_pages; 
	} 

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
                root   /var/www/nginx-default;
        }

      error_page 400 401 402 403 404 405 406 407 408 409 410 411 412 413 414 415 416 417 495 496 497
                 500 501 502 503 504 505 506 507 /error_page.html;
      location  /error_page.html {
          internal;

userdir

location ~ ^/~(.+?)(/.*)?$ {
      alias /home/$1/public_html$2;
      autoindex on;
}

definindo um vhost como padrão do servidor - nginx

server {
listen 80 default;
}

tamanho do arquivo para upload nginx+php-fpm

acrescente os valores em /etc/php5/fpm/domain.tld.conf

max_execution_time = 240
upload_max_filesize = 32M
post_max_size = 32M
memory_limit = 32M

o arquivo de configuração do site /etc/nginx/sites-enabled/domain.tld fica

server {
        server_name domain.tld www.domain.tld;
        root /var/www/project;
        index  index.html index.php;
        client_header_timeout 240;
        client_body_timeout 240;
        fastcgi_read_timeout 240;
        client_max_body_size 32m;
        client_body_buffer_size 128k;

        location ~ \.php$ {
		fastcgi_param PHP_VALUE "upload_max_filesize = 32M \n post_max_size=33M";
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass   127.0.0.1:9000;
                fastcgi_index  index.php ;
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        }

}

arquivos SSI

location /reportagens/ {
        ssi on;
        ssi_last_modified on;
        ssi_min_file_chunk 1k;
        ssi_silent_errors off;
#       ssi_types text/html;
        ssi_value_length 256;
        root /var/www/reportagens/public_html/;
        index 01.shtml ;

     location ~ \.shtml$ {
         fastcgi_pass   127.0.0.1:9001;
         fastcgi_index  index.shtml;
         include fastcgi_params;
         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
     }

}


proxy

No caso de ter uma aplicação rodando em http://quijaua.net/bantu/galeria ficou assim

ajuste no apache

<VirtualHost *:81>
        ServerName galeriainterna.net
        DirectoryIndex index.php
        DocumentRoot /var/www/html/galeria/public_html/cms/
        ErrorLog /var/log/apache2/galeria-error.log
        CustomLog /var/log/apache2/galeria-access.log common
</VirtualHost>

altere em 80 para 81 em /etc/apache2/ports.conf

sed 's/80/81/g' /etc/apache2/ports.conf


ajuste no nginx

server {
     listen          80;
     server_name quijaua.net;
     root  /var/www/html/galeria/public_html/cms;

     index      index.php;
     access_log /var/log/nginx/galeria.access.log main;
     error_log /var/log/nginx/galeria.error.log info;

     location /bantu/galeria {
        proxy_set_header X-Real-IP  $remote_addr;
        proxy_set_header X-Forwarded-For $remote_addr;
        proxy_set_header Host $host;
        proxy_pass      http://galeriainterna.net:81;
     }
}

gzip

gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types image/svg+xml text/plain text/xml text/css text/javascript application/xml application/xhtml+xml application/rss+xml application/javascript application/x-javascript application/x-font-ttf application/vnd.ms-fontobject font/opentype font/ttf font/eot font/otf;

fonte https://www.wpfastestcache.com/tutorial/how-to-enable-gzip-on-nginx/