Commit 539ecb5e authored by omega8cc's avatar omega8cc

Nginx: Update config includes to match optional BOA features improvements #unforkboa

parent 0bafbad7
......@@ -28,6 +28,12 @@ class Provision_Config_Drupal_Settings extends Provision_Config {
$this->version = provision_version();
$this->api_version = provision_api_version();
$this->cloaked = drush_get_option('provision_db_cloaking', $this->context->service('http')->cloaked_db_creds());
if (provision_hosting_feature_enabled('subdirs')) {
$this->data['subdirs_support_enabled'] = TRUE;
}
else {
$this->data['subdirs_support_enabled'] = drush_get_option('subdirs_support');
}
foreach (array('db_type', 'db_user', 'db_passwd', 'db_host', 'db_name', 'db_port') as $key) {
$this->creds[$key] = urldecode($this->data[$key]);
......
......@@ -17,6 +17,15 @@ print '<?php' ?>
* to avoid further confusion.
*/
<?php if ($subdirs_support_enabled): ?>
/**
* Detecting subdirectory mode
*/
if (isset($_SERVER['SITE_SUBDIR']) && isset($_SERVER['RAW_HOST'])) {
$base_url = 'http://' . $_SERVER['RAW_HOST'] . '/' . $_SERVER['SITE_SUBDIR'];
}
<?php endif; ?>
<?php if ($this->cloaked): ?>
if (isset($_SERVER['db_name'])) {
/**
......
......@@ -5,6 +5,11 @@
#######################################################
<?php
$nginx_config_mode = drush_get_option('nginx_config_mode');
if (!$nginx_config_mode && $server->nginx_config_mode) {
$nginx_config_mode = $server->nginx_config_mode;
}
$nginx_is_modern = drush_get_option('nginx_is_modern');
if (!$nginx_is_modern && $server->nginx_is_modern) {
$nginx_is_modern = $server->nginx_is_modern;
......@@ -15,49 +20,96 @@ if (!$nginx_has_gzip && $server->nginx_has_gzip) {
$nginx_has_gzip = $server->nginx_has_gzip;
}
$nginx_config_mode = drush_get_option('nginx_config_mode');
if (!$nginx_config_mode && $server->nginx_config_mode) {
$nginx_config_mode = $server->nginx_config_mode;
$nginx_has_upload_progress = drush_get_option('nginx_has_upload_progress');
if (!$nginx_has_upload_progress && $server->nginx_has_upload_progress) {
$nginx_has_upload_progress = $server->nginx_has_upload_progress;
}
$satellite_mode = drush_get_option('satellite_mode');
if (!$satellite_mode && $server->satellite_mode) {
$satellite_mode = $server->satellite_mode;
}
if ($nginx_is_modern) {
print " limit_conn_zone \$binary_remote_addr zone=gulag:10m;\n";
print " limit_conn_zone \$binary_remote_addr zone=limreq:10m;\n";
}
else {
print " limit_zone gulag \$binary_remote_addr 10m;\n";
print " limit_zone limreq \$binary_remote_addr 10m;\n";
}
if ($nginx_has_gzip) {
print " gzip_static on;\n";
}
if ($nginx_has_upload_progress) {
print " upload_progress uploads 1m;\n";
}
?>
<?php if ($nginx_config_mode == 'extended'): ?>
<?php if ($satellite_mode == 'boa'): ?>
## FastCGI params
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE ApacheSolarisNginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
fastcgi_param USER_DEVICE $device;
fastcgi_param GEOIP_COUNTRY_CODE $geoip_country_code;
fastcgi_param GEOIP_COUNTRY_CODE3 $geoip_country_code3;
fastcgi_param GEOIP_COUNTRY_NAME $geoip_country_name;
fastcgi_param REDIRECT_STATUS 200;
fastcgi_index index.php;
<?php endif; ?>
## Size Limits
client_body_buffer_size 64k;
client_header_buffer_size 32k;
large_client_header_buffers 32 32k;
<?php if ($satellite_mode == 'boa'): ?>
client_max_body_size 100m;
<?php endif; ?>
connection_pool_size 256;
request_pool_size 4k;
server_names_hash_bucket_size 512;
fastcgi_buffer_size 128k;
fastcgi_buffers 256 4k;
fastcgi_busy_buffers_size 256k;
fastcgi_temp_file_write_size 256k;
large_client_header_buffers 32 32k;
<?php if ($satellite_mode == 'boa'): ?>
map_hash_bucket_size 192;
<?php endif; ?>
request_pool_size 4k;
server_names_hash_bucket_size 512;
<?php if ($satellite_mode == 'boa'): ?>
server_names_hash_max_size 8192;
types_hash_bucket_size 512;
variables_hash_max_size 1024;
<?php endif; ?>
## Timeouts
client_body_timeout 60;
client_header_timeout 60;
send_timeout 60;
client_body_timeout 180;
client_header_timeout 180;
send_timeout 180;
lingering_time 30;
lingering_timeout 5;
fastcgi_connect_timeout 60;
fastcgi_send_timeout 300;
fastcgi_read_timeout 300;
fastcgi_connect_timeout 10s;
fastcgi_send_timeout 180s;
fastcgi_read_timeout 180s;
## Open File Performance
open_file_cache max=8000 inactive=30s;
open_file_cache_valid 60s;
open_file_cache_valid 99s;
open_file_cache_min_uses 3;
open_file_cache_errors on;
......@@ -73,19 +125,49 @@ if ($nginx_has_gzip) {
recursive_error_pages on;
reset_timedout_connection on;
fastcgi_intercept_errors on;
<?php if ($satellite_mode == 'boa'): ?>
server_tokens off;
fastcgi_hide_header 'Link';
fastcgi_hide_header 'X-Generator';
fastcgi_hide_header 'X-Powered-By';
fastcgi_hide_header 'X-Drupal-Cache';
<?php endif; ?>
## SSL performance
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
<?php if ($satellite_mode == 'boa'): ?>
## GeoIP support
geoip_country /usr/share/GeoIP/GeoIP.dat;
<?php endif; ?>
## Compression
gzip_buffers 16 8k;
gzip_comp_level 5;
gzip_http_version 1.1;
gzip_min_length 10;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip_comp_level 8;
gzip_http_version 1.0;
gzip_min_length 50;
gzip_types
application/atom+xml
application/javascript
application/json
application/rss+xml
application/vnd.ms-fontobject
application/x-font-opentype
application/x-font-ttf
application/x-javascript
application/xhtml+xml
application/xml
application/xml+rss
font/opentype
image/svg+xml
image/x-icon
text/css
text/javascript
text/plain
text/xml;
gzip_vary on;
gzip_proxied any;
## SSL performance
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
<?php endif; ?>
## Default index files
......@@ -102,6 +184,9 @@ if ($nginx_has_gzip) {
<?php print $extra_config; ?>
<?php if ($nginx_config_mode == 'extended'): ?>
<?php if ($satellite_mode == 'boa'): ?>
error_log /var/log/nginx/error.log crit;
<?php endif; ?>
#######################################################
### nginx default maps
#######################################################
......@@ -137,15 +222,23 @@ map $request_uri $key_uri {
###
map $http_user_agent $is_crawler {
default '';
~*HTTrack|BrokenLinkCheck|2009042316.*Firefox.*3\.0\.10|MJ12|HTMLParser|PECL|Automatic|SiteBot|BuzzTrack|Sistrix|Offline|Screaming|Nutch|Mireo|SWEB|Morfeus|GSLFbot is_crawler;
~*HTTrack|BrokenLinkCheck|2009042316.*Firefox.*3\.0\.10|MJ12|HTMLParser|PECL|Automatic|SiteBot|BuzzTrack|Sistrix|Offline|Nutch|Mireo|SWEB|Morfeus|GSLFbot|HiScan|Riddler|DBot|CCBot is_crawler;
}
###
### Deny all known bots on some URIs.
### Deny all known bots/spiders on some URIs.
###
map $http_user_agent $is_bot {
default '';
~*crawl|goog|yahoo|yandex|spider|bot|tracker|click|parser is_bot;
~*crawl|bot|spider|tracker|click|parser|google|yahoo|yandex|baidu|bing is_bot;
}
###
### Deny almost all crawlers under high load.
###
map $http_user_agent $deny_on_high_load {
default '';
~*crawl|spider|tracker|click|parser|google|yahoo|yandex|baidu|bing deny_on_high_load;
}
###
......@@ -165,10 +258,31 @@ server {
listen *:<?php print $http_port; ?>;
server_name _;
location / {
<?php if ($satellite_mode == 'boa'): ?>
expires 99s;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
add_header Access-Control-Allow-Origin *;
root /var/www/nginx-default;
index index.html index.htm;
<?php else: ?>
return 404;
<?php endif; ?>
}
}
<?php if ($satellite_mode == 'boa'): ?>
server {
listen *:<?php print $http_port; ?>;
server_name 127.0.0.1;
location /nginx_status {
stub_status on;
access_log off;
allow 127.0.0.1;
deny all;
}
}
<?php endif; ?>
#######################################################
### nginx virtual domains
#######################################################
......
This diff is collapsed.
......@@ -20,9 +20,11 @@ class Provision_Service_http_nginx extends Provision_Service_http_public {
$this->server->setProperty('nginx_config_mode', 'extended');
$this->server->setProperty('nginx_is_modern', FALSE);
$this->server->setProperty('nginx_has_gzip', FALSE);
$this->server->setProperty('nginx_has_upload_progress', FALSE);
$this->server->setProperty('provision_db_cloaking', TRUE);
$this->server->setProperty('phpfpm_mode', 'port');
$this->server->setProperty('subdirs_support', FALSE);
$this->server->setProperty('satellite_mode', 'vanilla');
if (provision_hosting_feature_enabled('subdirs')) {
$this->server->subdirs_support = TRUE;
$this->configs['site'][] = 'Provision_Config_Nginx_Subdir';
......@@ -52,6 +54,7 @@ class Provision_Service_http_nginx extends Provision_Service_http_public {
// Check if some nginx features are supported and save them for later.
$this->server->shell_exec($path . ' -V');
$this->server->nginx_is_modern = preg_match("/nginx\/1\.((1\.(8|9|(1[0-9]+)))|((2|3|4|5|6|7|8|9)\.))/", implode('', drush_shell_exec_output()), $match);
$this->server->nginx_has_upload_progress = preg_match("/upload/", implode('', drush_shell_exec_output()), $match);
$this->server->nginx_has_gzip = preg_match("/http_gzip_static_module/", implode('', drush_shell_exec_output()), $match);
// Use basic nginx configuration if this control file exists.
......@@ -75,6 +78,16 @@ class Provision_Service_http_nginx extends Provision_Service_http_public {
drush_log(dt('PHP-FPM port mode detected -SAVE- NO socket found @path.', array('@path' => '/var/run/php5-fpm.sock')));
}
// Check if there is BOA specific global.inc file to enable extra Nginx locations
if (provision_file()->exists('/data/conf/global.inc')->status()) {
$this->server->satellite_mode = 'boa';
drush_log(dt('BOA mode detected -SAVE- YES file found @path.', array('@path' => '/data/conf/global.inc')));
}
else {
$this->server->satellite_mode = 'vanilla';
drush_log(dt('Vanilla mode detected -SAVE- NO file found @path.', array('@path' => '/data/conf/global.inc')));
}
// Set correct subdirs_support value on server save
if (provision_hosting_feature_enabled('subdirs')) {
$this->server->subdirs_support = TRUE;
......@@ -102,6 +115,7 @@ class Provision_Service_http_nginx extends Provision_Service_http_public {
// Check if some nginx features are supported and save them for later.
$this->server->shell_exec($path . ' -V');
$this->server->nginx_is_modern = preg_match("/nginx\/1\.((1\.(8|9|(1[0-9]+)))|((2|3|4|5|6|7|8|9)\.))/", implode('', drush_shell_exec_output()), $match);
$this->server->nginx_has_upload_progress = preg_match("/upload/", implode('', drush_shell_exec_output()), $match);
$this->server->nginx_has_gzip = preg_match("/http_gzip_static_module/", implode('', drush_shell_exec_output()), $match);
// Use basic nginx configuration if this control file exists.
......@@ -125,6 +139,16 @@ class Provision_Service_http_nginx extends Provision_Service_http_public {
drush_log(dt('PHP-FPM port mode detected -VERIFY- NO socket found @path.', array('@path' => '/var/run/php5-fpm.sock')));
}
// Check if there is BOA specific global.inc file to enable extra Nginx locations
if (provision_file()->exists('/data/conf/global.inc')->status()) {
$this->server->satellite_mode = 'boa';
drush_log(dt('BOA mode detected -VERIFY- YES file found @path.', array('@path' => '/data/conf/global.inc')));
}
else {
$this->server->satellite_mode = 'vanilla';
drush_log(dt('Vanilla mode detected -VERIFY- NO file found @path.', array('@path' => '/data/conf/global.inc')));
}
// Set correct subdirs_support value on server verify
if (provision_hosting_feature_enabled('subdirs')) {
$this->server->subdirs_support = TRUE;
......
......@@ -39,8 +39,10 @@ class Provision_Service_http_nginx_ssl extends Provision_Service_http_ssl {
$this->server->setProperty('nginx_config_mode', 'extended');
$this->server->setProperty('nginx_is_modern', FALSE);
$this->server->setProperty('nginx_has_gzip', FALSE);
$this->server->setProperty('nginx_has_upload_progress', FALSE);
$this->server->setProperty('provision_db_cloaking', TRUE);
$this->server->setProperty('phpfpm_mode', 'port');
$this->server->setProperty('satellite_mode', 'vanilla');
}
function save_server() {
......@@ -60,6 +62,7 @@ class Provision_Service_http_nginx_ssl extends Provision_Service_http_ssl {
// Check if some nginx features are supported and save them for later.
$this->server->shell_exec($path . ' -V');
$this->server->nginx_is_modern = preg_match("/nginx\/1\.((1\.(8|9|(1[0-9]+)))|((2|3|4|5|6|7|8|9)\.))/", implode('', drush_shell_exec_output()), $match);
$this->server->nginx_has_upload_progress = preg_match("/upload/", implode('', drush_shell_exec_output()), $match);
$this->server->nginx_has_gzip = preg_match("/http_gzip_static_module/", implode('', drush_shell_exec_output()), $match);
// Use basic nginx configuration if this control file exists.
......@@ -82,6 +85,16 @@ class Provision_Service_http_nginx_ssl extends Provision_Service_http_ssl {
$this->server->phpfpm_mode = 'port';
drush_log(dt('PHP-FPM port mode detected -SAVE- NO socket found @path.', array('@path' => '/var/run/php5-fpm.sock')));
}
// Check if there is BOA specific global.inc file to enable extra Nginx locations
if (provision_file()->exists('/data/conf/global.inc')->status()) {
$this->server->satellite_mode = 'boa';
drush_log(dt('BOA mode detected -SAVE- YES file found @path.', array('@path' => '/data/conf/global.inc')));
}
else {
$this->server->satellite_mode = 'vanilla';
drush_log(dt('Vanilla mode detected -SAVE- NO file found @path.', array('@path' => '/data/conf/global.inc')));
}
}
function verify_server_cmd() {
......@@ -101,6 +114,7 @@ class Provision_Service_http_nginx_ssl extends Provision_Service_http_ssl {
// Check if some nginx features are supported and save them for later.
$this->server->shell_exec($path . ' -V');
$this->server->nginx_is_modern = preg_match("/nginx\/1\.((1\.(8|9|(1[0-9]+)))|((2|3|4|5|6|7|8|9)\.))/", implode('', drush_shell_exec_output()), $match);
$this->server->nginx_has_upload_progress = preg_match("/upload/", implode('', drush_shell_exec_output()), $match);
$this->server->nginx_has_gzip = preg_match("/http_gzip_static_module/", implode('', drush_shell_exec_output()), $match);
// Use basic nginx configuration if this control file exists.
......@@ -124,6 +138,16 @@ class Provision_Service_http_nginx_ssl extends Provision_Service_http_ssl {
drush_log(dt('PHP-FPM port mode detected -VERIFY- NO socket found @path.', array('@path' => '/var/run/php5-fpm.sock')));
}
// Check if there is BOA specific global.inc file to enable extra Nginx locations
if (provision_file()->exists('/data/conf/global.inc')->status()) {
$this->server->satellite_mode = 'boa';
drush_log(dt('BOA mode detected -VERIFY- YES file found @path.', array('@path' => '/data/conf/global.inc')));
}
else {
$this->server->satellite_mode = 'vanilla';
drush_log(dt('Vanilla mode detected -VERIFY- NO file found @path.', array('@path' => '/data/conf/global.inc')));
}
// Call the parent at the end. it will restart the server when it finishes.
parent::verify_server_cmd();
}
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment