user www-data;

# Newer version of Nginx calculates the worker_processes,
# based on the CPU cores. Use this feature:
worker_processes auto;

pid /run/nginx.pid;

# number of file descriptors used for nginx
# the limit for the maximum file descriptors on the server is usually set by the OS.
# if you don't set FD's then OS settings will be used.
worker_rlimit_nofile 100000;

events {
    # determines how much clients will be served per worker
    # max clients = worker_connections * worker_processes
    # max clients is also limited by the number of socket connections available on the system (~64k)
    worker_connections 4096;

    # accept as many connections as possible
    multi_accept on;

    # mutex config:
    accept_mutex on;
    accept_mutex_delay 100ms; # default: 500 -> 100 ms

    # optmized to serve many clients with each thread, essential for linux
    use epoll;
}

http {

    ##
    # Basic Settings
    ##

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 30;
    types_hash_max_size 2048;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    server_names_hash_bucket_size  128;

    server_tokens off;

    # cache informations about FDs, frequently accessed files
    # can boost performance:
    open_file_cache max=200000 inactive=20s;
    open_file_cache_valid 30s;
    open_file_cache_min_uses 2;
    open_file_cache_errors on;

    # allow the server to close connection on non responding client,
    # this will free up memory
    reset_timedout_connection on;

    # request timed out -- default 60
    client_body_timeout 10s;

    # if client stop responding, free up memory -- default 60
    send_timeout 2s;

    ##
    # gzip Settings
    ##
    gzip on;
    gzip_static on;
    gzip_min_length 10240;
    gzip_comp_level 1;
    gzip_vary on;
    gzip_disable msie6;
    gzip_proxied expired no-cache no-store private auth;
    gzip_types
      text/html
      text/css
      text/javascript
      text/xml
      text/plain
      text/x-component
      application/javascript
      application/x-javascript
      application/json
      application/xml
      application/rss+xml
      application/atom+xml
      font/truetype
      font/opentype
      application/vnd.ms-fontobject
      image/svg+xml;

    ##
    # Logging Settings
    ##

    log_format ltsv "time:$time_local\thost:$remote_addr"
                    "\tforwardedfor:$http_x_forwarded_for\t"
                    "method:$request_method\tpath:$request_uri\tprotocol:$server_protocol"
                    "\tstatus:$status\tsize:$body_bytes_sent\treferer:$http_referer"
                    "\tua:$http_user_agent\ttaken_sec:$request_time"
                    "\tbackend:$upstream_addr\tbackend_status:$upstream_status"
                    "\tcache:$upstream_http_x_cache\tbackend_runtime:$upstream_response_time"
                    "\tvhost:$host";

    access_log /var/log/nginx/access.log ltsv;
    error_log /var/log/nginx/error.log;

    ##
    # Virtual Host Configs
    ##

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}

stream {
    include /etc/nginx/stream-enabled/*;
}