Upload
edorian
View
1.334
Download
2
Embed Size (px)
DESCRIPTION
Citation preview
NGINXTHE WEB SERVER YOU MIGHT ACTUALLY LIKE
ABOUT MEPHP since 10 yearsCICleanCodeDevOpsTDDShipping
GET IN TOUCH
stackoverflow: Twitter: @__edorianXing / G+: Volker DuschIRC: edorianMail: [email protected]
LET'S GO
WHY ANOTHER WEBSERVER?
WHY NOT LIGHTTPD?
THE BASICSIntroMultiple Servers / DomainsStatic contentSSLError pagesRewritesAuthCachingLoad BalancingProxyPHP!
INTRO/etc/nginx/nginx.conf/etc/nginx/conf.d/*.conf
NGINX CONF BASICSuser nginx;worker_processes 6;worker_cpu_affinity 000001 000010 000100 001000 010000 100000;
error_log /var/log/nginx/error.log warn;pid /var/run/nginx.pid;
events { worker_connections 1024;}
NGINX CONF BASICShttp { include /etc/nginx/mime.types; default_type application/octet-stream;
access_log /var/log/nginx/access.log main; sendfile on; keepalive_timeout 65;
include /etc/nginx/conf.d/*.conf;}
SERVERSserver { server_name *.wallbash.com *.wallbash.de; listen 80; // ...}
server { server_name _; listen 80; // ...}
STATIC CONTENTlocation / { root /var/www/myApp/html/}
FANCY STATIC CONTENTlocation ~ ̂\/(js|img|css) {}
DENY ACCESS TO ALL .DOT-FILESlocation ~ /\. { access_log off; log_not_found off; deny all;}
SSLssl_certificate wildcard.crt;ssl_certificate_key wildcard.key;
ssl_session_timeout 5m;ssl_session_cache shared:SSL:10m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;ssl_prefer_server_ciphers on;ssl_ciphers ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM;ssl_ecdh_curve secp521r1;
ERROR PAGESerror_page 500 501 502 503 504 /500.html;
location /500.html { internal;}
location /500 { return 500;}
REWRITESserver { server_name http://*; listen 80; rewrite ̂ https://$host$request_uri permanent;}
CACHINGlocation ~ ̂\/(js|img|css) { expires 14d;}
AUTHlocation / { auth_basic "Restricted"; auth_basic_user_file /etc/nginx/conf.d/myApp.htpasswd;}
LOAD BALANCINGupstream web_workers { server www1.example.com; server www2.example.com; server www3.example.com; server www4.example.com;}
LOAD BALANCING LEGACYupstream web_workers { ip_hash; server www1.example.com; server www2.example.com; server www3.example.com; server www4.example.com;}
PROXYlocation / { proxy_pass http://localhost:8000; proxy_set_header X-Real-IP $remote_addr; proxy_cache zone;}
PHP!
PHP-FPM!?!FastCGI Process Manager
FPM-CONFIG[myApp]
listen = 9000
;listen.allowed_clients = 127.0.0.1
user = phpgroup = php
pm = dynamicpm.max_children = 50pm.start_servers = 5pm.min_spare_servers = 5pm.max_spare_servers = 35
slowlog = /var/log/php-fpm/myApp-slow.log
NGINX + PHPlocation / { fastcgi_pass 127.0.01.1:9000; fastcgi_param SCRIPT_FILENAME /var/www/myApp/html/index.php; include fastcgi_params;}
SCALING!location / { fastcgi_pass anontherServer:9000; fastcgi_param SCRIPT_FILENAME /var/www/myApp/html/index.php; include fastcgi_params;}
THANKS HELGI!@hhttp://helgi.ws/Further reading:https://speakerdeck.com/u/helgi/p/cranking-nginx-to-11-phptek-2012
THANK YOU