bezrukovp
1/6/2013 - 11:01 AM

nginx + php-fpm + reverse proxy

nginx + php-fpm + reverse proxy

# ninxit server config

upstream ninxit {
    ip_hash;
    server unix:/var/run/nginx_ninxit.sock;
}

server {
   server_name ninxit.com;
   rewrite ^ http://www.ninxit.com$request_uri? permanent;
}

server {
    listen 80;
    server_name www.ninxit.com;
    root /usr/local/ninxit;

    access_log /var/log/nginx/ninxit_access.log main;
    error_log /var/log/nginx/ninxit_error.log;
    port_in_redirect off;
    
    location ~ /\. {
        deny all;
        access_log off;
        log_not_found off;
    }
    location = /robots.txt {
        access_log off;
        log_not_found off;
    }
    location = /favicon.ico {
        access_log off;
        log_not_found off;
    }
    location /wp-admin {
        proxy_pass http://ninxit;
    }
    location ~ .*.php {
        proxy_pass http://ninxit;
    }
    location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
        log_not_found off;
        proxy_pass http://ninxit;
    }
    
    location / {
        set $mobile "";
        if ($http_user_agent ~* '(docomo|j-phone|vodafone|mot-|up\.browser|ddipocket|astel|pdxgw|palmscape|xiino|sharp pda browser|windows ce|l-mode|willcom|softbank|semulator|vemulator|j-emulator|emobile|mixi-mobile-converter)') {
            set $mobile "@ktai";
        }
        if ($http_user_agent ~* '(iphone|ipod|opera mini|android.*mobile|netfront|psp|blackberry)') {
            set $mobile "@mobile";
        }
        if ($http_cookie ~* "wptouch(_switch_cookie=normal|-pro-view=desktop)") {
            set $mobile "@mobile.off";
        }
        
        set $do_not_cache 0;
        if ($http_cookie ~* "comment_author_[^=]*=([^%]+)%7c|wordpress_logged_in_[^=]*=([^%]+)%7c") {
            set $do_not_cache 1;
        }

        proxy_no_cache     $do_not_cache;
        proxy_cache_bypass $do_not_cache;
        proxy_cache czone;
        proxy_cache_key "$scheme://$host$request_uri$mobile";
        proxy_cache_valid  200 301 302 30m;
        proxy_cache_valid  404 5m;
        proxy_cache_use_stale  error timeout invalid_header updating
                               http_500 http_502 http_503 http_504;
        proxy_pass http://ninxit;
        proxy_redirect off;
    }
}

server {
    listen unix:/var/run/nginx_ninxit.sock;
    server_name www.ninxit.com;
    root /usr/local/ninxit;

    access_log /var/log/nginx/ninxit_access.log main;
    error_log /var/log/nginx/ninxit_error.log;
    port_in_redirect off;

    location / {
        index index.php;

        if (-f $request_filename) {
            expires 14d;
            break;
        }

        if (!-e $request_filename) {
            rewrite ^(.+)$  /blog/index.php?q=$1 last;
        }
    }

    location ~ \.php$ {
        fastcgi_pass   unix:/var/run/php-fpm/php-fpm.sock;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }
}
user              nginx;
worker_processes  2;

error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    keepalive_timeout  5;

    gzip              on;
    gzip_http_version 1.0;
    gzip_vary         on;
    gzip_comp_level   6;
    gzip_types        text/xml text/css application/xhtml+xml application/xml application/rss+xml application/atom_xml application/x-javascript application/x-httpd-php;
    gzip_disable      "MSIE [1-6]\.";

    proxy_cache_path  /var/cache/nginx levels=1:2 keys_zone=czone:4m max_size=50m inactive=120m;
    proxy_temp_path   /var/tmp/nginx;
    proxy_cache_key   "$scheme://$host$request_uri";
    proxy_set_header  Host               $host;
    proxy_set_header  X-Real-IP          $remote_addr;
    proxy_set_header  X-Forwarded-Host   $host;
    proxy_set_header  X-Forwarded-Server $host;
    proxy_set_header  X-Forwarded-For    $proxy_add_x_forwarded_for;
    
    # Load config files from the /etc/nginx/conf.d directory
    # The default server is in conf.d/default.conf
    include /etc/nginx/conf.d/*.conf;
}