dinislage/web2py
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
a9d20cf3b4ae16adf45593c121f974b4d11684ce
web2py/scripts/nginx_scgi.conf
mdipierro 706324b9c6 cleanup of whitespaces in scripts
2013-03-29 02:30:15 -05:00

116 lines
4.5 KiB
Plaintext
Raw Blame History

user nginx nginx;
worker_processes 1;
error_log /var/log/nginx/error_log info;
events {
worker_connections 1024;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main
'$remote_addr - $remote_user [$time_local] '
'"$request" $status $bytes_sent '
'"$http_referer" "$http_user_agent" '
'"$gzip_ratio"';
client_header_timeout 10m;
client_body_timeout 10m;
send_timeout 10m;
connection_pool_size 256;
client_header_buffer_size 1k;
large_client_header_buffers 4 2k;
request_pool_size 4k;
gzip on;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_types text/plain;
output_buffers 1 32k;
postpone_output 1460;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 75 20;
ignore_invalid_headers on;
ssl_session_cache shared:SSL:10m;
index index.html;
server {
listen 127.0.0.1;
server_name localhost;
access_log /var/log/nginx/localhost.access_log main;
error_log /var/log/nginx/localhost.error_log info;
root /var/www/localhost/htdocs;
}
# SSL example
server {
listen 127.0.0.1:443;
server_name localhost;
ssl on;
ssl_certificate /etc/ssl/nginx/nginx-server.pem;
ssl_client_certificate /etc/ssl/nginx/cacert.pem;
ssl_certificate_key /etc/ssl/nginx/nginx.key;
ssl_verify_client optional;
access_log /var/log/nginx/localhost.ssl_access_log main;
error_log /var/log/nginx/localhost.ssl_error_log info;
root /var/www/localhost/htdocs;
set $web2pyroot /home/Desktop/source/michelecomitini-facebookaccess;
location /pki/ {
root /var/www/localhost/html;
}
location ^/(.*)/static/(.*) {
alias $web2pyroot/applications/$1/static/$2;
}
location / {
include /etc/nginx/scgi_params;
scgi_pass 127.0.0.1:4000;
#Module ngx_http_ssl_module supports the following built-in variables:
#$ssl_cipher returns the cipher suite being used for the currently established SSL/TLS connection
#$ssl_client_serial returns the serial number of the client certificate for the currently established SSL/TLS connection — if applicable, i.e., if client authentication is activated in the connection
#$ssl_client_s_dn returns the subject Distinguished Name (DN) of the client certificate for the currently established SSL/TLS connection — if applicable, i.e., if client authentication is activated in the connection
#$ssl_client_i_dn returns the issuer DN of the client certificate for the currently established SSL/TLS connection — if applicable, i.e., if client authentication is activated in the connection
#$ssl_protocol returns the protocol of the currently established SSL/TLS connection — depending on the configuration and client available options it's one of SSLv2, SSLv3 or TLSv1
#$ssl_session_id the Session ID of the established secure connection — requires Nginx version greater or equal to 0.8.20
#$ssl_client_cert
#$ssl_client_raw_cert
#$ssl_client_verify takes the value "SUCCESS" when the client certificate is successfully verified
scgi_param SSL_PROTOCOL $ssl_protocol;
scgi_param HTTPS on;
scgi_param SSL_CIPHER $ssl_cipher;
scgi_param SSL_CLIENT_SERIAL $ssl_client_serial;
scgi_param SSL_CLIENT_S_DN $ssl_client_s_dn;
scgi_param SSL_CLIENT_I_DN $ssl_client_i_dn;
scgi_param SSL_SESSION_ID $ssl_session_id;
scgi_param SSL_CLIENT_CERT $ssl_client_cert;
scgi_param SSL_CLIENT_RAW_CERT $ssl_client_raw_cert;
scgi_param SSL_CLIENT_VERIFY $ssl_client_verify;
}
}
}
Reference in New Issue View Git Blame Copy Permalink