public samples

conf.d/maps.conf

@@ -0,0 +1,26 @@
+#limit GET querries
+geo $whitelist {
+    default 0;
+    127.0.0.1/32 1;
+    164.132.206.135/32 1;
+}
+
+map $request_method $request_method_check {
+    default 0;
+    "GET" 1;
+}
+
+map $request_method_check:$arg_apiKey $request_check {
+    default 0;
+    "1:freekey" 1;
+}
+
+map $whitelist:$request_check $limit_request {
+    default 0; 
+    "0:1" 1;
+}
+
+map $limit_request $limit {
+    1     $binary_remote_addr;
+    0     "";
+}

conf.d/upstreams.conf

@@ -0,0 +1,12 @@
+upstream default {
+    server unix:/var/run/php5-fpm.sock;
+}
+
+upstream php56 {
+    server 127.0.0.1:9000;
+}
+
+
+upstream sample.com {
+    server unix:/var/run/php5-sample.com.sock;
+}

custom.d/fpm-status.conf

@@ -0,0 +1,9 @@
+location ~ ^/fpm-(status|ping)-(.+) {
+    rewrite ^/fpm-(status|ping)-(.+) /fpm-$1 break;
+    include fastcgi_params;
+    fastcgi_pass $2;
+    fastcgi_param SCRIPT_FILENAME $fastcgi_script_name;
+}
+
+
+

custom.d/locations.conf

@@ -0,0 +1,15 @@
+location / {
+    try_files $uri $uri/ =404;
+}
+
+location ~ \.php$ {
+    try_files $uri =404;
+    fastcgi_pass $fpmpool;
+    include fastcgi.conf;
+}
+
+location ~* \.(gif|jpg|jpeg|png|bmp|wmv|avi|mpg|mpeg|mp4|htm|html|js|css|deb|bz2|swf|pdf|ico|txt|woff|woff2)$ {
+    expires max;
+    access_log  off;
+    log_not_found off;
+}

custom.d/restricted.conf

@@ -0,0 +1,8 @@
+satisfy any;
+auth_basic "Restricted";
+auth_basic_user_file .adm.passwd;
+
+allow 127.0.0.1;
+allow ;
+
+deny all;

custom.d/restrictions.conf

@@ -0,0 +1,15 @@
+location = /favicon.ico {
+    log_not_found off;
+    access_log off;
+}
+
+location = /robots.txt {
+    allow all;
+    log_not_found off;
+    access_log off;
+}
+
+location ~ /\. { deny all; }
+
+location ~* /(?:uploads|files)/.*\.php$ { deny all; }
+

nginx.conf

@@ -0,0 +1,64 @@
+user  www-data;
+worker_processes  auto;
+
+events {
+    worker_connections  1024;
+}
+
+http {
+
+    ##
+    # Basic Settings
+    ##
+
+    sendfile on;
+    tcp_nopush on;
+    tcp_nodelay on;
+    keepalive_timeout 65;
+    types_hash_max_size 2048;
+    server_tokens off;
+
+    reset_timedout_connection on;
+
+    # server_names_hash_bucket_size 64;
+    # server_name_in_redirect off;
+
+    include mime.types;
+    default_type application/octet-stream;
+
+
+    ##
+    # Logging Settings
+    ##
+
+    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+                      '$status $body_bytes_sent "$http_referer" '
+                      '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log /var/log/nginx/access.log;
+    error_log /var/log/nginx/error.log;
+
+    ##
+    # Gzip Settings
+    ##
+
+    gzip             on;
+    gzip_disable     "MSIE [1-6]\.";
+
+    gzip_min_length  256;
+    gzip_comp_level 3;
+    gzip_buffers 64 32K;
+    gzip_proxied     expired no-cache no-store private auth;
+    gzip_types       text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;
+
+    gzip_vary        on;
+
+    open_file_cache             max=1000 inactive=40s;
+    open_file_cache_valid       60s;
+    open_file_cache_min_uses    2;
+    open_file_cache_errors      on;
+
+    include conf.d/*.conf;
+    include sites-enabled/*;
+}
+

sites-available/default

@@ -0,0 +1,8 @@
+server {
+        listen 80 default_server;
+        listen 443 ssl default_server;
+        server_name _;
+        access_log off;
+        return 444;
+}
+

sites-available/sample.com

@@ -0,0 +1,15 @@
+server {
+    listen 80;
+    server_name sample.com www.sample.com;
+
+    access_log /var/log/nginx/sample_access.log geo;
+    error_log /var/log/nginx/sample_error.log warn;
+
+    set $fpmpool php56;
+    root /home/sample/htdocs;
+
+    index index.html index.php;
+
+    include custom.d/restrictions.conf;
+    include custom.d/locations.conf;
+}

sites-available/stat

@@ -0,0 +1,30 @@
+server {
+	listen 80 default_server;
+
+	access_log /var/log/nginx/stat.access.log;
+	error_log /var/log/nginx/stat.error.log warn;
+
+	server_name localhost stat.sample.com;
+
+	index index.html index.php;
+
+	root /var/cache/munin/www;
+
+	set $fpmpool default;
+
+	include custom.d/restricted.conf;
+	include custom.d/fpm-status.conf;
+
+	location /nginx_status {
+		stub_status on;
+		access_log   off;
+	}
+
+	location ~* \.php$ {
+		include fastcgi_params;
+		fastcgi_pass $fpmpool;
+		fastcgi_index index.php;
+		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+	}
+}
+