demo config

This is a max-optimizal nginx config:

#####################
# global config
#####################

# daemon on;
# master_process on;
# timer_resolution 100ms;
# lock_file /var/run/nginx.lock;
# worker_priority -10;

user admin admin;
pid /var/run/nginx.pid;
worker_processes auto;
worker_rlimit_nofile 102400;
error_log /var/log/nginx/error.log;

#####################
# event config
#####################

events {
    use epoll;
    worker_connections 51200;
    multi_accept off;
}

#####################
# http config
#####################

http {
    server_tokens off;
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;


    keepalive_timeout 10;
    client_header_timeout 10;
    client_body_timeout 10;
    reset_timedout_connection on;
    send_timeout 10;

    # 限制同一IP并发连接数
    limit_conn_zone $binary_remote_addr zone=manyconns:5m;
    limit_conn_status 405;
    limit_conn manyconns 100;

    # 限制同一IP请求量, 每秒不超过2个req, 峰值为10, 那么客户端以5req/s
    # 的速度,每5秒发一次,平均下来,不超过rate限制,不会报错
    limit_req_zone $binary_remote_addr zone=manyreqs:10m rate=2r/s;
    limit_req_status 404;
    limit_req zone=manyreqs burst=10 nodelay;

    include /etc/nginx/mime.types;
    default_type text/html;
    charset UTF-8;


    gzip on;
    gzip_disable "msie[1-6]";   # 为IE6关闭gzip, 兼容老浏览器
    gzip_min_length  1100;
    gzip_comp_level   6;
    gzip_buffers     16 8k;
    gzip_types  text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/png image/gif image/jpeg;
    gzip_proxied any;

    ##
    #client_body,client_header config
    ##

    client_body_temp_path   /dev/shm/nginx/client_body_temp 1 2;
    client_body_timeout     60s;
    client_header_timeout   60s;
    client_max_body_size    1m;

    ##
    #request state
    ##
    req_status_zone server "$host,$server_addr:$server_port" 10M;

    ##
    #uwsgi global
    ##

    uwsgi_temp_path             /dev/shm/nginx/uwsgi_temp 2 2;
    uwsgi_max_temp_file_size    1024m;
    uwsgi_temp_file_write_size  8k;
    uwsgi_buffering             on;
    uwsgi_ignore_client_abort   on;
    uwsgi_buffer_size           8k;
    uwsgi_buffers               24 8k;
    uwsgi_busy_buffers_size     8k;
    uwsgi_connect_timeout       60s;
    uwsgi_send_timeout          60s;
    uwsgi_read_timeout          60s;


    # uwsgi cache
    # 配置uwsgi cache 后, nginx 会多启动两个进程 (cache manager process) 和 (cache loader process)
    uwsgi_cache_path /tmp/uwsgi_cache levels=1:2 keys_zone=CACHE:10m inactive=10s;

    ##
    #proxy config
    ##

    proxy_buffering             on;
    proxy_buffers               8 4k;

    proxy_temp_path             /dev/shm/nginx/proxy_temp 1 2;
    proxy_cache_path            /dev/shm/nginx/proxy_cache  levels=1:2 keys_zone=cache:128m inactive=1d max_size=1g;
    proxy_connect_timeout       60s;
    proxy_read_timeout          60s;
    proxy_send_timeout          60s;

    #####################
    # http config
    #####################

    upstream mysite
    {
        # ip_hash;
        # keepalive;
        # least_conn;
        server unix:/tmp/mysite.sock weight=10 max_fails=1 fail_timeout=10;
        server 192.168.1.1:8080 weight=20 backup; # 标示这个server不会做load balancer, 除非其他server挂了
        server 192.168.1.1:8080 weight=20 down;  # 标示这个server不可用
    }

    server {
        # listen 80 backlog=2048 deferred keepalive=on fastopen=100;
        listen 80 backlog=1024 deferred;
        server_name     localhost;

        location / {
            uwsgi_pass  mysite;
        }

        location /cached {
            uwsgi_cache CACHE;
            uwsgi_buffering on;
            uwsgi_cache_key $scheme$request_method$host$request_uri$args;
            uwsgi_pass  mysite;
            uwsgi_cache_valid 200 20s;

            uwsgi_pass  mysite;
        }

        location /nginx_status {

            limit_except GET {
                allow 192.168.1.0/32;
                deny  all;
            }

            access_log off;
            stub_status on;
            access_log off;
            allow 127.0.0.1;
        }

        location /reqstat {
            access_log off;
            allow 127.0.0.1;
            deny all;
            req_status_show;
        }
    }

    include /usr/local/nginx/conf/sites-enabled/*.conf;
}