nginx [Docs]

Docs

User Tools

Site Tools

Trace: nginx

Sidebar

  1. Design patterns

  2. SOLID

  3. Symfony

  4. PHP

  5. Algorithms

  6. Doctrine

  7. Mongo

  8. Refactoring

  9. PSRs -Composer - Http - Nginx - Git - Agile - Software architecture patterns - Resque - Leetcode - Codility

  10. Linux Essentials

nginx

Table of Contents

Nginx

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. NGINX is known for its high performance, stability, rich feature set, simple configuration, and low resource consumption

the nginx configuration file can be found in: /etc/nginx/nginx.conf

This file consists of:

  • directive: the option that consists of name and parameters; it should end with a semicolon
    gzip on;
  • context: the section where you can declare directives (similar to scope in programming languages)
    worker_processes 2; # directive in global context
http {              # http context
gzip on;        # directive in http context
server {          # server context
  listen 80;      # directive in server context
  }
}

Processing requests

Inside nginx, you can specify multiple virtual servers, each described by a server { } context. 

server {
  listen      *:80 default_server;
  server_name netguru.co;
  return 200 "Hello from netguru.co";
}
 
server {
  listen      *:80;
  server_name foo.co;
  return 200 "Hello from foo.co";
}
 
server {
  listen      *:81;
  server_name bar.co;
  return 200 "Hello from bar.co";
}

Nginx will first check the listen directive to test which virtual server is listening on the given IP:port combination. Then, the value from server_name directive is tested against the Host header, which stores the domain name of the server.

Nginx will choose the virtual server in the following order:

  1. Server listing on IP:port, with a matching server_name directive;
  2. Server listing on IP:port, with the default_server flag;
  3. Server listing on IP:port, first one defined;
  4. If there are no matches, refuse the connection.

server_name directive

server_name netguru.co www.netguru.co; # exact match
server_name *.netguru.co;              # wildcard matching
server_name netguru.*;                 # wildcard matching
server_name  ~^[0-9]*\.netguru\.co$;   # regexp matching

Gzip

Enabling gzip should significantly reduce the weight of your response, thus it will appear faster on the client side.

SSL and TLS

SSL (standing for Socket Secure Layer) is a protocol providing a secure connection over HTTP. Technically SSL and TLS are different (as each is describing the different version of a protocol) - but many use those names interchangeably.

Base SSL/TLS setup
server {
  listen 443 ssl default_server;
  listen [::]:443 ssl default_server;
 
  ssl_certificate /etc/nginx/ssl/netguru.crt;
  ssl_certificate_key /etc/nginx/ssl/netguru.key;
}

enter image description here

Reverse proxy

A reverse proxy is an intermediary proxy service which takes a client request, passes it on to one or more servers, and subsequently delivers the server’s response to the client. Benefits:

  • Load Balancing
  • Increases security
  • Easy loggin and auditing

https://medium.com/@mohsin061/forward-proxy-and-reverse-proxy-500b9bd4bf8e

PHP

PHP-FPM 

  location ~* \.php$ {
        fastcgi_pass unix:/run/php/php7.0-fpm.sock;      
  }
#fastcgi_pass   127.0.0.1:9000; #tcp connection
#fastcgi_pass   unix:/tmp/php5-fpm.sock; #unix socket

Using a socket (e.g. listen = '/tmp/php-fpm.sock') makes sense when both the front-end (e.g. Nginx) and php-fpm are in the same box and

C10K problem is referred for the network socket unable to handle a large number of client (10,000) at the same time.

enter image description here

nginx.txt · Last modified: 2020/07/02 16:06 (external edit)

Page Tools

Except where otherwise noted, content on this wiki is licensed under the following license: CC Attribution-Share Alike 4.0 International
CC Attribution-Share Alike 4.0 International Donate Powered by PHP Valid HTML5 Valid CSS Driven by DokuWiki