apt-get install nginx php5-fpm
/etc/php5/fpm/pool.d/www.conf
;listen = 127.0.0.1:9000 listen = /var/run/php5-fpm.sock
/etc/nginx/conf.d/php5-fpm.conf
upstream php5-fpm-sock {
server unix:/var/run/php5-fpm.sock;
}
/etc/nginx/sites-available/default
server {
listen 80 default_server;
root /usr/share/nginx/html;
index index.php index.html;
access_log /var/log/nginx/default-access_log;
error_log /var/log/nginx/default-error_log;
location / {
try_files $uri $uri/ /index.php?$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_index index.php;
fastcgi_pass php5-fpm-sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include /etc/nginx/fastcgi_params;
}
}
service nginx restart
server {
server_name mysite.com;
root /srv/www/mysite.com/htdocs;
# Enable compression, this will help if you have for instance advagg‎ module
# by serving Gzip versions of the files.
gzip_static on;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# This matters if you use drush prior to 5.x
# After 5.x backups are stored outside the Drupal install.
#location = /backup {
# deny all;
#}
# Very rarely should these ever be accessed outside of your lan
location ~* \.(txt|log)$ {
allow 192.168.0.0/16;
deny all;
}
location ~ \..*/.*\.php$ {
return 403;
}
# No no for private
location ~ ^/sites/.*/private/ {
return 403;
}
# Block access to "hidden" files and directories whose names begin with a
# period. This includes directories used by version control systems such
# as Subversion or Git to store control files.
location ~ (^|/)\. {
return 403;
}
location / {
# This is cool because no php is touched for static content
try_files $uri @rewrite;
}
location @rewrite {
# You have 2 options here
# For D7 and above:
# Clean URLs are handled in drupal_environment_initialize().
rewrite ^ /index.php;
# For Drupal 6 and bwlow:
# Some modules enforce no slash (/) at the end of the URL
# Else this rewrite block wouldn't be needed (GlobalRedirect)
#rewrite ^/(.*)$ /index.php?q=$1;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
#NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
# Fighting with Styles? This little gem is amazing.
# This is for D6
#location ~ ^/sites/.*/files/imagecache/ {
# This is for D7 and D8
location ~ ^/sites/.*/files/styles/ {
try_files $uri @rewrite;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires max;
log_not_found off;
}
access_log /srv/www/mysite.com/log/access_log;
error_log /srv/www/mysite.com/log/error_log;
}
/etc/nginx/conf.d/secure.conf
server_tokens off; autoindex off;
/etc/nginx/conf.d/cache.conf
proxy_cache_path /data/nginx/cache levels=1:2 keys_zone=one:10m max_size=200m;
vhost :
server {
...
proxy_cache one;
proxy_cache_valid any 5m;
proxy_buffering off;
add_header X-Cache-Status $upstream_cache_status;
...
}