From 41b094e7e8d0d4292100b62424b60d23046c3e5c Mon Sep 17 00:00:00 2001 From: VirtuBox Date: Fri, 15 Dec 2017 17:39:24 +0100 Subject: [PATCH] Update nginx.conf --- etc/nginx/nginx.conf | 19 +++++++++++++------ 1 file changed, 13 insertions(+), 6 deletions(-) diff --git a/etc/nginx/nginx.conf b/etc/nginx/nginx.conf index 1bd4d97..3de10ff 100644 --- a/etc/nginx/nginx.conf +++ b/etc/nginx/nginx.conf @@ -1,11 +1,13 @@ user www-data; worker_processes auto; -worker_rlimit_nofile 100000; +worker_cpu_affinity auto; +worker_rlimit_nofile 16384500; pid /run/nginx.pid; events { - worker_connections 8096; - multi_accept on; + worker_connections 16384; + multi_accept on; + use epoll; } http { @@ -36,6 +38,10 @@ http { client_max_body_size 100m; + #GeoIP (optional) + #geoip_country /usr/local/share/GeoIP/GeoIP.dat; + #geoip_city /usr/local/share/GeoIP/GeoLiteCity.dat; + ## # GeoIP module configuration, before removing comments # read the tutorial : https://gist.github.com/VirtuBox/9ed03c9bd9169202c358a8be181b7840 @@ -48,12 +54,12 @@ http { ## ssl_protocols TLSv1.2 TLSv1.3; - ssl_ciphers 'TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-CHACHA20-POLY1305-D:ECDHE-RSA-CHACHA20-POLY1305-D:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384'; + ssl_ciphers 'TLS13-CHACHA20-POLY1305-SHA256:TLS13-AES-256-GCM-SHA384:TLS13-AES-128-GCM-SHA256:EECDH+AESGCM:EECDH+CHACHA20'; ssl_prefer_server_ciphers on; ssl_session_cache shared:SSL:20m; ssl_session_timeout 15m; ssl_session_tickets off; - ssl_ecdh_curve X25519:P-521:P-384; + ssl_ecdh_curve X25519:sect571r1:secp521r1:secp384r1; ## # Basic Settings @@ -68,7 +74,8 @@ http { # Logging Settings ## - access_log /var/log/nginx/access.log; + #access_log /var/log/nginx/access.log; #Disabled for performance + access_log off; error_log /var/log/nginx/error.log; # Log format Settings