# Nginx production configuration sample

This config assumes that nginx is run from docker image [_/nginx](https://hub.docker.com/_/nginx/).

## docker commands
 
    docker network create nginx
    
    mkdir -p /etc/myproject/nginx
    cd /etc/myproject/nginx
    mkdir -p ssl/default && openssl req -x509 -newkey rsa:2048 -nodes -keyout ssl/default/privkey.pem -out ssl/default/fullchain.pem -days 36500 -subj '/CN=localhost'
    openssl dhparam -out ssl/dhparam.pem 4096

    docker run \
        -d --restart=always \
        --name nginx \
        -p 80:80 -p 443:443 \
        --net nginx \
        --log-driver=syslog --log-opt syslog-facility=local5 -v /dev/log:/dev/log \
        -v /etc/myproject/nginx/nginx.conf:/etc/nginx/nginx.conf:ro \
        -v /etc/myproject/nginx/conf.d/:/etc/nginx/conf.d/:ro \
        -v /etc/myproject/nginx/plugins.d/:/etc/nginx/plugins.d/:ro \
        -v /etc/myproject/nginx/sites-enabled.d/:/etc/nginx/sites-enabled.d/:ro \
        -v /etc/myproject/nginx/ssl/:/etc/nginx/ssl/:ro \
        -v /var/myproject/www/:/var/www:ro \
        nginx:mainline-alpine
        
        
        # call this then to gracefully reload configs
        docker kill -s HUP nginx

Note that we don't overlay the whole `/etc/nginx/` folder of the container, so you can easily include stock nginx configs:

    fastcgi.conf
    fastcgi_params
    koi-utf
    koi-win
    mime.types
    nginx.conf
    scgi_params
    uwsgi_params
    win-utf

## This config contains the following ones:

* [Nginx performance optimizations](https://gist.github.com/KostyaEsmukov/d145c45b8f204dbe8419a23940b51963)
* [Nginx A+ score on Qualys SSL Labs](https://gist.github.com/KostyaEsmukov/3f1e80db9154887e34b16fbc34b39b84)

## See also:

- https://gist.github.com/plentz/6737338