Works On

Viewing:

Alpine Linux v3.21

Same on:

Other versions:

CentOS Stream 9 Debian 10 (Buster) Debian 11 (Bullseye) Debian 12 (Bookworm) Debian 13 (Trixie) Debian 9 (Stretch) Red Hat Enterprise Linux 8 (Ootpa) Red Hat Enterprise Linux 9 (Plow) Ubuntu 18.04 LTS (Bionic Beaver) Ubuntu 20.04 LTS (Focal Fossa) Ubuntu 22.04 LTS (Jammy Jellyfish) Ubuntu 24.04 LTS (Noble Numbat)

Details

Size: 103 lines
MD5: ecf0959e962cce90ce15a0f693d11ecc
SHA256: ca4278d6b81120988a6056c2a71891ea2719aad4535d2fc4f7ab7ac8da560c2f

/etc/nginx/nginx.conf

# /etc/nginx/nginx.conf

user nginx;

# Set number of worker processes automatically based on number of CPU cores.
worker_processes auto;

# Enables the use of JIT for regular expressions to speed-up their processing.
pcre_jit on;

# Configures default error logger.
error_log /var/log/nginx/error.log warn;

# Includes files with directives to load dynamic modules.
include /etc/nginx/modules/*.conf;

# Include files with config snippets into the root context.
include /etc/nginx/conf.d/*.conf;

events {
	# The maximum number of simultaneous connections that can be opened by
	# a worker process.
	worker_connections 1024;
}

http {
	# Includes mapping of file name extensions to MIME types of responses
	# and defines the default type.
	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	# Name servers used to resolve names of upstream servers into addresses.
	# It's also needed when using tcpsocket and udpsocket in Lua modules.
	#resolver 1.1.1.1 1.0.0.1 [2606:4700:4700::1111] [2606:4700:4700::1001];

	# Don't tell nginx version to the clients. Default is 'on'.
	server_tokens off;

	# Specifies the maximum accepted body size of a client request, as
	# indicated by the request header Content-Length. If the stated content
	# length is greater than this size, then the client receives the HTTP
	# error code 413. Set to 0 to disable. Default is '1m'.
	client_max_body_size 1m;

	# Sendfile copies data between one FD and other from within the kernel,
	# which is more efficient than read() + write(). Default is off.
	sendfile on;

	# Causes nginx to attempt to send its HTTP response head in one packet,
	# instead of using partial frames. Default is 'off'.
	tcp_nopush on;


	# Enables the specified protocols. Default is TLSv1 TLSv1.1 TLSv1.2.
	# TIP: If you're not obligated to support ancient clients, remove TLSv1.1.
	ssl_protocols TLSv1.1 TLSv1.2 TLSv1.3;

	# Path of the file with Diffie-Hellman parameters for EDH ciphers.
	# TIP: Generate with: `openssl dhparam -out /etc/ssl/nginx/dh2048.pem 2048`
	#ssl_dhparam /etc/ssl/nginx/dh2048.pem;

	# Specifies that our cipher suits should be preferred over client ciphers.
	# Default is 'off'.
	ssl_prefer_server_ciphers on;

	# Enables a shared SSL cache with size that can hold around 8000 sessions.
	# Default is 'none'.
	ssl_session_cache shared:SSL:2m;

	# Specifies a time during which a client may reuse the session parameters.
	# Default is '5m'.
	ssl_session_timeout 1h;

	# Disable TLS session tickets (they are insecure). Default is 'on'.
	ssl_session_tickets off;


	# Enable gzipping of responses.
	#gzip on;

	# Set the Vary HTTP header as defined in the RFC 2616. Default is 'off'.
	gzip_vary on;


	# Helper variable for proxying websockets.
	map $http_upgrade $connection_upgrade {
		default upgrade;
		'' close;
	}


	# Specifies the main log format.
	log_format main '$remote_addr - $remote_user [$time_local] "$request" '
			'$status $body_bytes_sent "$http_referer" '
			'"$http_user_agent" "$http_x_forwarded_for"';

	# Sets the path, format, and configuration for a buffered log write.
	access_log /var/log/nginx/access.log main;


	# Includes virtual hosts configs.
	include /etc/nginx/http.d/*.conf;
}

Copy & Paste

curl:

curl https://exampleconfig.com/api/v1/config/original/ecf0959e962cce90ce15a0f693d11ecc?hint=nginx.conf

wget:

wget -O nginx.conf https://exampleconfig.com/api/v1/config/original/ecf0959e962cce90ce15a0f693d11ecc?hint=nginx.conf

For AI Agents

<prompt><role>DevOps agent</role><source url='https://exampleconfig.com/api/v1/config/original/ecf0959e962cce90ce15a0f693d11ecc?hint=nginx.conf' /><config><app>NGINX</app><os>Alpine Linux v3.21</os><location>/etc/nginx/nginx.conf</location><lines>103</lines><md5>ecf0959e962cce90ce15a0f693d11ecc</md5><sha256>ca4278d6b81120988a6056c2a71891ea2719aad4535d2fc4f7ab7ac8da560c2f</sha256></config></prompt>

Paste into Claude, ChatGPT, or any AI assistant.

Install NGINX

Alpine Linux

sudo apk add nginx

Debian

sudo apt update && sudo apt install nginx

Red Hat Enterprise Linux

sudo yum install nginx

Ubuntu

sudo apt update && sudo apt install nginx

File Location

File Path

/etc/nginx/nginx.conf

FAQ

When should I use this nginx.conf?

Use it to restore a missing default, confirm what shipped, or diff against your current NGINX config.

How do I restore NGINX defaults?

Download the file, back up the current one in /etc/nginx/nginx.conf, replace it, then reload or restart NGINX.

Is nginx.conf safe for production?

It is the vendor default for Alpine Linux v3.21. Treat it as a baseline and review security and performance settings before production use.

How does this differ from other OS versions?

Defaults vary by distro and version. This copy matches Alpine Linux v3.21.

Can I use this for NGINX troubleshooting?

Yes. Diff it against yours to find drift, then restore only the sections you need.

NGINX /etc/nginx/nginx.conf