Mini Shell
Direktori : /etc/nginx/conf.d/ |
|
Current File : //etc/nginx/conf.d/ea-nginx.conf |
map $host $CPANEL_APACHE_PROXY_IP {
default 127.0.0.1;
}
map $host $CPANEL_APACHE_PROXY_PORT {
default 81;
}
map $host $CPANEL_APACHE_PROXY_SSL_IP {
default 127.0.0.1;
}
map $host $CPANEL_APACHE_PROXY_SSL_PORT {
default 444;
}
map $host $CPANEL_SERVICE_SUBDOMAIN {
default 0;
}
server_names_hash_max_size 6392;
server_names_hash_bucket_size 256;
client_max_body_size 128m;
ssl_protocols TLSv1.2 TLSv1.3;
proxy_ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256;
proxy_ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:TLS_AES_256_GCM_SHA384:TLS_CHACHA20_POLY1305_SHA256:TLS_AES_128_GCM_SHA256;
ssl_dhparam /usr/local/cpanel/etc/dhparam_from_cpanel.pem;
################################################################
#### This is to support keepalive; this is not load balancing ##
################################################################
upstream apache_backend_https_168_119_70_163 {
server 168.119.70.163:444; # needs to be before keepalive configs
# set in /etc/nginx/ea-nginx/settings.json, default is 32
keepalive 32;
# set in EA4 global config (WHM/Service Configuration/Apache Configuration)
keepalive_timeout 5; # no suffix means seconds
# set in EA4 global config (WHM/Service Configuration/Apache Configuration)
# Apache being set to Unlimited results in 1000 here since NGINX does not have an equivalent to unlimited
keepalive_requests 100;
# keepalive_time can be set in /etc/nginx/ea-nginx/settings.json
# To see how your keepalive config tuning behaves:
# 1. Ensure NGINX caching is disabled
# 2. Ensure NGINX `worker_processes` is 1
# 3. make sure Apache and NGINX are restarted fully
# * There should be no lingering TCP connections between NGINX to Apache.
# 4. Monitor TCP connections between NGINX to Apache:
# * `netstat -an | grep -c :444`
# 5. Generate traffic with `ab` with various concurrent connections to various
# * Using step 4 to see if the number of connections is what you are aiming for
}
upstream apache_backend_http_168_119_70_163 {
server 168.119.70.163:81; # needs to be before keepalive configs
# set in /etc/nginx/ea-nginx/settings.json, default is 32
keepalive 32;
# set in EA4 global config (WHM/Service Configuration/Apache Configuration)
keepalive_timeout 5; # no suffix means seconds
# set in EA4 global config (WHM/Service Configuration/Apache Configuration)
# Apache being set to Unlimited results in 1000 here since NGINX does not have an equivalent to unlimited
keepalive_requests 100;
# keepalive_time can be set in /etc/nginx/ea-nginx/settings.json
# To see how your keepalive config tuning behaves:
# 1. Ensure NGINX caching is disabled
# 2. Ensure NGINX `worker_processes` is 1
# 3. make sure Apache and NGINX are restarted fully
# * There should be no lingering TCP connections between NGINX to Apache.
# 4. Monitor TCP connections between NGINX to Apache:
# * `netstat -an | grep -c :81`
# 5. Generate traffic with `ab` with various concurrent connections to various
# * Using step 4 to see if the number of connections is what you are aiming for
}
Zerion Mini Shell 1.0