Asif Bacchus 715ae9cd38 feature(DOCKERFILE): set up nginx to run as non-root
- add libcap
- use setcap (via libcap) to allow nginx to bind to ports <1024
- set permissions on nginx directories
- change nginx pid location to /etc/nginx
2021-01-07 10:06:17 -07:00

51 lines
1.4 KiB
Nginx Configuration File

### NGINX main configuration
worker_processes 1;
pid /etc/nginx/nginx.pid;
error_log /var/log/nginx/error.log warn;
# include dynamically linked modules
include /etc/nginx/modules/*.conf;
events {
worker_connections 1024;
multi_accept off;
use epoll;
http {
server_names_hash_bucket_size 128;
default_type application/octet-stream;
charset utf-8;
include /etc/nginx/mime.types;
# set default index and webroot
index index.html index.htm default.htm;
root /usr/share/nginx/html;
# logging options (off by default for performance)
log_format main '$remote_addr - $remote_user [$time_local] $request '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'"$host" server="$server_name" '
'reqtime="$request_time" '
'uaddr="$upstream_addr" ustat="$upstream_status" '
'utime="$upstream_response_time" ulen="$upstream_response_length" '
access_log <ACCESS_LOG_SETTING>;
# server configuration options
server_tokens off;
real_ip_recursive on;
include /etc/nginx/ssl-config/*.conf;
include /etc/nginx/config/*.conf;
# include health status stub-site
include /etc/nginx/health.conf;
# include enabled server blocks from sites/*.conf
include /etc/nginx/sites/*.conf;