Easy to understand and extend Nginx configuration template
- GZIP compression support
- PHP handling support
- Cache for static files
- SSL support with http2
- Stronger cypher. SSL rating A+.
- It never will replace any built-in configuration. Upgrading your Nginx will be always safe.
Just put the code in your /etc/nginx
To create a site, add a file with extension .conf in sites-enabled/ folder. Example:
/etc/nginx/sites-enabled/example.conf
# Force HTTPS
{
server_name mywebsite.com;
return 301 https://$server_name$request_uri;
}
server
{
server_name mywebsite.com;
root /var/www/$server_name/;
listen 443 ssl http2;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
access_log /var/log/nginx/mywebsite.com.log combined buffer=10k flush=1m;
error_log /var/log/nginx/mywebsite.com.error.log error;
set $APPLICATION_ENV production;
include templates/default.conf;
include templates/php.conf;
#include templates/no-php.conf;
#include templates/limits.conf;
include templates/gzip.conf;
include templates/static-cache.conf;
include templates/ssl.conf;
}
sudo openssl req -x509 -nodes -days 3650 -newkey rsa:2048 -keyout /etc/nginx/ssl/nginx.key -out /etc/nginx/ssl/nginx.crt
And complete the prompt:
Country Name (2 letter code) [XX]:CA
State or Province Name (full name):Quebec
Locality Name (eg, city) [Default City]:Montreal
Organization Name (eg, company) [Default Company Ltd]:ACME
Organizational Unit Name (eg, section) []:
Common Name (eg, your name or your server's hostname) []:*.domain.com
Email Address []:
openssl dhparam -out /etc/nginx/ssl/dhparams.pem 2048