Ubuntu and Debian - Nginx Configuration


Whether you have installed Nginx using the package manager or from source, you will need to look at the main configuration file and see what may need changing and optimising.

Although I'll make some suggestions, the aim is not to change a great deal at this point. Rather, we will look at the main settings, see what they mean and what a change will actually do.

Contents

Defaults

So why only a few changes to the default? Well, it's difficult to give a definitive configuration as there are so many variables to consider such as expected site traffic, Server size, site type, etc.

During this article we'll discuss the main settings and you can make any decisions as to what you feel are best for your site. Any changes I do suggest are simply that: suggestions.

My advice is very simple: experiment. Find what works best on your setup.

nginx.conf

Assuming you installed via the package manager, open up the main Nginx config file:

sudo nano /etc/nginx/nginx.conf

If you installed from source, the location may be different:

sudo nano /usr/local/nginx/conf/nginx.conf

The default file is very similar in both case (again, assuming you followed the articles shown above):

user www-data;
worker_processes  1;

error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
}

http {
    include       /etc/nginx/mime.types;
    default_type  application/octet-stream;

    access_log  /var/log/nginx/access.log;

    sendfile        on;
    #tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;
    tcp_nodelay        on;

    gzip  on;

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}

The main difference you will see if you installed from source is the path in the 'include' setting which would be something like:

include /usr/local/nginx/sites-enabled/*;

Beyond that, any changes are minor and can be adjusted as discussed below although I won't mention some of the more obvious settings such access logs and pid's.

user

Default:

user www-data;

As you can imagine, this sets the nginx user.

I always push for consistency across servers and the default web server user on Debian based systems is www-data. As such, keep this as the www-data user.

You can also add a group to this setting and it may be an idea to do so as follows:

user www-data www-data;

worker_processes

Default:

worker_processes  1;

Nginx can have more than one worker process running at the same time.

To take advantage of SMP and to enable good efficiency I would recommend changing this to read:

worker_processes  4;

Although you can experiment with this number (and I encourage you to do so) setting it at more than 4 processes may actually cause Nginx to be less efficienct on your Server.

worker_connections

Default:

events {
    worker_connections  1024;
}

Note the worker_connections setting is placed inside the 'events' module.

Sets the number of connections that each worker can handle. This is a good default setting.

You can work out the maximum clients value from this and the worker_processes settings:

max_clients = worker_processes * worker_connections

http module

Next comes the http module which contains base settings for http access:

include       /etc/nginx/mime.types;
default_type  application/octet-stream;

Unless you have an overwhelming desire, I would leave these settings alone (again, for those who installed via source, adjust the paths to those of your install).

You can, of course, add more includes if you want to customise it but messing with mime-types usually ends up with broken web pages and download errors.

Mind you, it is good fun to play with!

sendfile

Default:

sendfile        on;

Sendfile is used when the server (Nginx) can actually ignore the contents of the file it is sending. It uses the kernel sendfile support instead of using it's own resources on the request.

It is generally used for larger files (such as images) which do not need use of a multiple request/confirmation system to be served — thus freeing resources for items that do need that level of 'supervision' from Nginx.

Keep it an on unless you know why you need to turn it off.

tcp

Default:

#tcp_nopush      on;
tcp_nodelay      on;

tcp_nopush: Sends the HTTP response headers in one packet. You can read more about tcp_nopush on this page.

I would change the default here and uncomment the setting as it is useful when combined with the sendfile option we set earlier.

tcp_nodelay: Disables the Nagle buffering algorithm. Well, that cleared that one up!

Actually, it is for use with items than do not require a response. General web use does require a response from the client and so, going against the default, I would change this to off.

You can read more about tcp_nodelay here.

So there you are. After saying I wouldn't change a lot, I have changed the two default tcp settings. Your experience may show otherwise and, again, all I can say is experiment with your site/app - what do you need?

keepalive

Default:

#keepalive_timeout  0;
keepalive_timeout  65;

The default is very high and can easily be reduced to a few seconds (an initial setting of 2 or 3 is a good place to start and you will rarely need more than that). If no new requests are received during this time the connection is killed.

OK, but what does it mean? Well, once a connection has been established and the client has requested a file, this says "sit there and ignore everyone else until the time limit is reached or you get a new request from the client."

Why would you want a higher time? In cases where there will be a lot of interactivity on the site. However, in most cases, people will go to a page, read it for a while and then click for the next page. You don't want the connection to sit there doing nothing, ignoring other users.

gzip

Default:

gzip  on;

Good. We like gzip. It allows for instant, real time compression.

However, I would add a few more settings as follows:

gzip_comp_level 2;
gzip_proxied any;
gzip_types      text/plain text/html text/css application/x-javascript text/xml
                application/xml application/xml+rss text/javascript;

I think those are self explanatory and simply add to the gzip setting. You can read more about the various gzip settings on this page.

include

Default:

include /etc/nginx/sites-enabled/*;

If you installed from source, we added this line:

include /usr/local/nginx/sites-enabled/*;

Either way, it defines what files to include that are located outside of the main nginx.conf.

In this case, it points to the 'sites-enabled' directory and will include any symlinked files; thus enabling any sites linked from the 'sites-available' directory.

Summary

There is a lot going on in this article, especially considering that 'nginx.conf' is such a small config file.

However, taking one setting at a time, we can see that each one is not only essential but rather flexible.

The next article will take you through setting up virtual hosts and then move onto mongrel and thin integration for your Ruby on Rails applications.

 



Was this content helpful?




© 2014 Rackspace US, Inc.

Except where otherwise noted, content on this site is licensed under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License


See license specifics and DISCLAIMER