Nginx เป็นโปรแกรม web server ที่มีประสิทธิภาพสูง ผมเองก็เลือกใช้ nginx เป็น web server หลักของระบบสารสนเทศที่ผมได้พัฒนาเองเป็นหลัก ผมได้มีการใช้ reverse proxy, http redirect to https, https with let’s encrypt, http2, และการใช้ php-fpm เพื่อกันลืมผมเลยจะโพสตัวอย่าง nginx configuration เก็บไว้ เผื่อไว้กลับมาดูในวันข้างหน้า ดังนี้ครับ

File : /etc/nginx/nginx.conf

worker_processes  4;

events {
    worker_connections  1024;
}

http {
    include       mime.types;
    default_type  application/octet-stream;
    sendfile      on;
    keepalive_timeout  65;
    tcp_nopush    on;
    tcp_nodelay   on;

    gzip  on;
    gzip_min_length 1000;
    gzip_proxied any;
    gzip_types text/plain text/html text/css text/xml
               application/x-javascript application/xml
               application/atom+xml text/javascript;

    error_log /var/log/nginx/error.log error;

    upstream music {
        server 127.0.0.1:1600;
    }

    upstream erotic {
        server 127.0.0.1:1601;
    }

    upstream spa {
        server 127.0.0.1:1602;
    }

    upstream dharma {
        server 127.0.0.1:1603;
    }

    upstream ssh {
        server 127.0.0.1:4200;
    }

    server {
        listen       80 default_server;
        listen  [::]:80 default_server;
        listen       443 ssl http2 default_server;
        listen  [::]:443 ssl http2 default_server;
        server_name  zemore.arit.rmutsv.ac.th;

        ssl_certificate      /etc/letsencrypt/archive/zemore.arit.rmutsv.ac.th/fullchain1.pem;
        ssl_certificate_key  /etc/letsencrypt/archive/zemore.arit.rmutsv.ac.th/privkey1.pem;

        if ($scheme = http) {
            return 301 https://$server_name$request_uri;
        }

        root  /web;
        index  index.html index.htm index.php;
        autoindex on;

        location ~ \.php$ {
#               fastcgi_pass   unix:/run/php-fpm/php-fpm.sock;
                fastcgi_pass   127.0.0.1:4500;
                fastcgi_index  index.php;
                include        fastcgi.conf;
        }

        location /music {
            proxy_pass_header Server;
            proxy_set_header Host $http_host;
            proxy_redirect off;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Scheme $scheme;
            proxy_pass http://music;
        }

        location /dharma {
            proxy_pass_header Server;
            proxy_set_header Host $http_host;
            proxy_redirect off;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Scheme $scheme;
            proxy_pass http://dharma;
        }

        location /erotic {
            proxy_pass_header Server;
            proxy_set_header Host $http_host;
            proxy_redirect off;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Scheme $scheme;
            proxy_pass http://erotic;
        }

        location /spa {
            proxy_pass_header Server;
            proxy_set_header Host $http_host;
            proxy_redirect off;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Scheme $scheme;
            proxy_pass http://spa;
        }

        location /ssh/ {
            rewrite /ssh/(.*) /$1  break;
            proxy_pass_header Server;
            proxy_set_header Host $http_host;
            proxy_redirect off;
            proxy_set_header X-Real-IP $remote_addr;
            proxy_set_header X-Scheme $scheme;
            proxy_pass http://ssh;
        }

        error_page   500 502 503 504  /50x.html;
        location = /50x.html {
            root   /usr/share/nginx/html;
        }
    }
}