According to GTMetrix:
There are 6 static components without a far-future expiration date.
http://linuxedgr.disqus.com/recent_comments_widget.js?num_items=5&hide_mods=0&hide_avatars=0&avatar_size=32&excerpt_length=100
http://s7.addthis.com/js/300/addthis_widget.js#pubid=ra-548e3c553a19ddf3
http://fonts.googleapis.com/css?family=Open+Sans:400italic,700italic,400,700
http://www.google-analytics.com/ga.js
http://a.disquscdn.com/count.js
http://linuxedgr.disqus.com/count-data.js?1=egkatastasi-tou-nginx&1=eisagogi-ston-nginx&1=new-dedicated-server-in-da-house-me-5-euro&1=o-epimenon-nika&1=pos-mporo-na-kano-encrypt-kai-decrypt-arxeia-xrismopoiontas-to-openssl-toolkit&1=pos-sindeo-ena-domain-apo-tin-IPHost-me-tin-ip-tou-server-mou
At my /etc/nginx/vhosts.d/www.linuxed.gr.conf
server {
listen 80;
# Δώσε το absolute path που εχεις τα αρχεία του website
root /var/www/html/linuxed;
# Όριστε το index file
index index.html index.html index.php;
# Δώσε το όνομα του domain και το alias
# τα οποια πρεπει να τα εχει δηλώσει και στο /etc/hosts
server_name www.linuxed.gr linuxed.gr;
# Συμπίεση
gzip on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_proxied any;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# specify a vary: accept-encoding header
gzip_vary on;
# Όριστε μία 404 page
error_page 404 /error-404.html;
location = /error-404.html {
root /var/www/html/linuxed/;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html/;
}
# Disable favicon.ico logging
location = /favicon.ico {
log_not_found off;
access_log off;
}
# Allow robots and disable logging
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
############################
# Leverage browser caching #
############################
location ~* \.(jpg|jpeg|png|gif|ico|css|js)$ {
expires max;
log_not_found off;
add_header Pragma public;
add_header Cache-Control "public";
}
# Deny access to htaccess and htpasswd files
location ~ /\.ht {
deny all;
}
}
Also here's my /etc/nginx/nginx.conf
user nginx;
worker_processes 4;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
}
http {
include mime.types;
default_type application/octet-stream;
types_hash_max_size 2048;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log off;
# Tcp_nopush causes nginx to attempt to send its HTTP response head in one packet,
# instead of using partial frames. This is useful for prepending headers before
# calling sendfile or for throughput optimization.
tcp_nopush on;
# don't buffer data-sends (disable Nagle algorithm). Good for sending frequent
# small bursts of data in real time.
tcp_nodelay on;
sendfile on;
# allow the server to close the connection after a client stops responding.
#Frees up socket-associated memory.
reset_timedout_connection on;
gzip on;
gzip_disable "msie6";
client_body_buffer_size 10k;
client_header_buffer_size 1k;
client_max_body_size 8m;
large_client_header_buffers 2 1k;
client_body_timeout 12;
client_header_timeout 12;
keepalive_timeout 15;
send_timeout 10;
include conf.d/*.conf;
include vhosts.d/*.conf;
}
I think my configuration is quite right. How ever I am getting this message at GTMetrix website. How can I fix that?
All 6 resources which GTMetrix pointed out are from external domains and the expiration headers were not set with far-future expiration date because they might get changed very frequently and thus caching them may not give desired results.
You cannot do any thing from your server side about the expiration header warnings for those external resource. What GTMetrix displays is just a warning which can be ignored.
Related
I'm trying to use proxy_set_header directive in my nginx config to add a request header. However my nginx container can't be started due to this error.
So I check the nginx config in my container and it looks like the variable is empty and Nginx treat it as if there's a missing argument.
Here is my nginx.conf
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
server_names_hash_bucket_size 256;
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [cache:$upstream_cache_status] [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/rss+xml text/javascript font/truetype font/opentype application/vnd.ms-fontobject image/svg+xml;
include /etc/nginx/conf.d/*.conf;
server {
listen 80;
server_name ${DOMAIN_NAME_CLIENT};
large_client_header_buffers 4 16k;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_read_timeout 1800;
proxy_connect_timeout 1800;
location /graphql {
auth_basic off;
proxy_pass http://${PRIVATE_IP_CLIENT}:3000;
proxy_set_header HOST nginx;
proxy_pass_request_headers on;
limit_except GET POST OPTIONS { deny all; }
}
location / {
auth_basic off;
limit_except GET POST { deny all; }
proxy_pass http://${PRIVATE_IP_CLIENT}:3000;
proxy_pass_request_headers on;
proxy_set_header proxied nginx;
}
}
}
I have Implemented the Nginx cache with https reverse proxy in centos, My response time taking more than 1.5 seconds for each request. My nginx server configuration was 4 core, 8gb ram.
My configuration looks like below (nginx.config)
`user nginx;
worker_processes auto;
worker_rlimit_nofile 100000;
error_log /var/log/nginx/error.log;
pid /var/run/nginx.pid;
# Load dynamic modules. See /usr/share/nginx/README.dynamic.
include /usr/share/nginx/modules/*.conf;
events {
worker_connections 80000;
use epoll;
multi_accept on;
}
http {
ssl_session_cache shared:SSL:10m;
ssl_session_timeout 10m;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
log_format rt_cache '$remote_addr - $upstream_cache_status [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
# Below pattern will print
# Time stamp | Client IP | client Dev apps Name| Request | Status Returned| Time taken in ms| size Returned in bytes| Referer | hit or miss | User agent
log_format bf_log_format '[$time_local]|'
'$remote_addr|'
'$http_x_developer_username|$http_x_forwarded_for|'
'"$request"|'
'$status|$upstream_response_time|$body_bytes_sent|'
'"$http_referer"|'
'"$upstream_cache_status"|'
'"$http_user_agent"';
log_format json_log_format escape=json '{'
'"time": "$time_iso8601",'
'"trace_id": "$request_id",'
'"http": {'
'"body_bytes_sent": "$body_bytes_sent",'
'"x_developer_username": "$http_x_developer_username",'
'"remote_addr": "$remote_addr",'
'"method": "$request_method",'
'"request": "$request_uri",'
'"schema": "$scheme",'
'"request_time": "$request_time",'
'"host": "$host",'
'"uri": "$uri",'
'"user_agent": "$http_user_agent",'
'"status": "$status"'
'},'
'"proxy": {'
'"host": "$proxy_host"'
'},'
'"upstream": {'
'"response_time": "$upstream_response_time sec",'
'"cache_status": "$upstream_cache_status"'
'}'
'}';
# access_log /var/log/nginx/access.log main;
# access_log /var/log/nginx/access.log json_log_format;
access_log off;
sendfile on;
sendfile_max_chunk 512k;
# directio 4m;
# directio_alignment 512;
tcp_nopush on;
tcp_nodelay on;
reset_timedout_connection on;
keepalive_requests 100000;
types_hash_max_size 2048;
# reduce the data that needs to be sent over network -- for testing environment
gzip on;
# gzip_static on;
gzip_min_length 10240;
gzip_comp_level 1;
gzip_vary on;
gzip_disable msie6;
gzip_proxied expired no-cache no-store private auth;
gzip_types
text/css
text/javascript
text/xml
text/plain
text/x-component
application/javascript
application/x-javascript
application/json
application/xml
application/rss+xml
application/atom+xml
font/truetype
font/opentype
application/vnd.ms-fontobject
image/svg+xml;
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Load modular configuration files from the /etc/nginx/conf.d directory.
# See http://nginx.org/en/docs/ngx_core_module.html#include
# for more information.
proxy_cache_path /opt/nginx/cache levels=1:2 keys_zone=api-cache:3000m max_size=100g inactive=43200m use_temp_path=off;
proxy_temp_path /opt/nginx/cache/other;
include /etc/nginx/conf.d/ssl.conf;
}`
My ssl.confg looks like below
server {
server_name _;
root /usr/share/nginx/html;
listen 443 ssl http2 default_server;
listen [::]:443 ssl;
ssl_certificate "/etc/private/ssl/cert.pem";
ssl_certificate_key "/etc/private/ssl/key.pem";
# ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
keepalive_timeout 100;
# Load configuration files for the default server block.
include /etc/nginx/default.d/*.conf;
location / {
}
error_page 404 /404.html;
location = /40x.html {
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
}
location /health {
default_type application/json;
return 200 '{"status":"UP"}';
}
location /nginx-status {
stub_status;
}
location /trellotest {
proxy_cache_bypass $http_no_cache_purge $arg_nocache;
proxy_cache_methods GET POST;
add_header Cache-Control "public";
proxy_cache api-cache;
proxy_cache_valid 200 40320m;
add_header X-Cache $upstream_cache_status;
add_header X-Time $request_time;
proxy_ignore_headers X-Accel-Expires Expires Cache-Control;
proxy_pass https://mytrelloapp;
}
}
If possible, Anyone could you please advise me if we have anyway to improve the above configurations?
We have a problem with Nginx. We have a converter server it's convert MP4 video to MP3 file and 300 user online, so when they start download their MP3 files at the same time, server time response become so huge like if it is freezed even if %vCPU doesn't exceeds 10% when he start the conversion using mpeg library.
My server Configuration :
16 vCPU.
RAM:30G
Data transfert :5TB.
Nginx Configuration (nginx.conf)
user www-data;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
worker_rlimit_nofile 20240;
events {
worker_connections 4000;
multi_accept on;
use epoll;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log off;
limit_req_zone $binary_remote_addr zone=one:10m rate=1r/s;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
server_tokens off;
client_header_timeout 10m;
client_body_timeout 10m;
send_timeout 10m;
client_max_body_size 700m;
connection_pool_size 256;
client_body_buffer_size 1024k;
client_header_buffer_size 8k;
keepalive_timeout 30;
keepalive_requests 100000;
reset_timedout_connection on;
open_file_cache max=200000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
#include /etc/nginx/conf.d/*.conf;
}
Web site nginx configuration:
server {
listen 80 default_server;
listen [::]:80 default_server ipv6only=on;
root /var/www/html;
index index.php index.html index.htm;
client_max_body_size 700m;
connection_pool_size 256;
client_body_buffer_size 1024k;
client_header_buffer_size 8k;
limit_rate 125k;
limit_req zone=one burst=5;
# Make site accessible from http://localhost/
server_name localhost;
location / {
try_files $uri $uri/ =404;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
}
Do you know where the problem may come ?
The module ngx_pagespeed(Nginx) works very well for HTTP. However, I cannot get it working with HTTPS. My whole website is using HTTPS and ngx_pagespeed seems to have none of their filters working. The module itself is loaded, but do nothing. I'm using WordPress for the website with the latest ngx_pagespeed module on CentOS 7.
Here my nginx.conf
user nginx nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /run/nginx.pid;
events {
use epoll;
worker_connections 1024;
multi_accept on;
}
http {
##
# MIME types
##
include /etc/nginx/mime.types;
default_type application/octet-stream;
# Update charset_types due to updated mime.types
charset_types text/xml text/plain text/vnd.wap.wml application/x-javascript application/rss+xml text/css application/javascript application/json;
##
# Misc
##
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
client_max_body_size 20m;
client_body_buffer_size 128k;
client_body_timeout 15;
client_header_timeout 15;
keepalive_timeout 65;
reset_timedout_connection on;
send_timeout 15;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
open_file_cache max=1000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
server_tokens off;
##
# Logging Settings
##
access_log /var/log/nginx/access.log main;
##
# Gzip Settings - Ngx_pagespeed to by default.
##
# gzip on;
# gzip_min_length 256;
# gzip_comp_level 4;
# gzip_proxied any;
# gzip_vary on;
# gzip_types
# application/atom+xml
# application/javascript
# application/json
# application/rss+xml
# application/vnd.ms-fontobject
# application/x-font-ttf
# application/x-web-app-manifest+json
# application/xhtml+xml
# application/xml
# font/opentype
# image/svg+xml
# image/x-icon
# text/css
# text/plain
# text/x-component;
## Enable clickjacking protection in modern browsers.
## https://developer.mozilla.org/en/The_X-FRAME-OPTIONS_response_header
add_header X-Frame-Options sameorigin;
##
# Host Configs
##
include /etc/nginx/conf.d/*.conf;
}
And here is my example.conf
##
# WWW to NON-WWW
##
server {
listen 80;
server_name www.example.com;
return 301 $scheme://example.com$request_uri;
}
##
# Force HTTPS
##
server {
listen 80;
server_name example.com;
return 301 https://example.com$request_uri;
}
##
# The right way to add support for HSTS.
# http://trac.nginx.org/nginx/ticket/289
##
map $scheme $hsts_header {
https max-age=31536000;
}
##
# Phuchan site
##
server {
listen 443 ssl spdy;
# Certs sent to the client in SERVER HELLO are concatenated in ssl_certificate.
ssl on;
ssl_certificate /etc/ssl/certs/ssl-bundle.crt;
ssl_certificate_key /etc/ssl/private/myserver.key;
# Diffie-Hellman parameter for DHE ciphersuites, recommended 2048 bits.
ssl_dhparam /etc/ssl/certs/dhparam.pem;
# Intermediate configuration.
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers 'AES256+EECDH:AES256+EDH';
ssl_prefer_server_ciphers on;
ssl_session_cache builtin:1000 shared:SSL:10m;
ssl_session_timeout 10m;
# OCSP Stapling
ssl_stapling on;
ssl_stapling_verify on;
ssl_trusted_certificate /etc/ssl/certs/trustchain.crt;
resolver 8.8.8.8 8.8.4.4 valid=300s;
# PageSpeed
pagespeed on;
pagespeed FetchHttps enable;
#pagespeed MapOriginDomain "http://localhost" "https://example.com";
# Needs to exist and be writable by nginx. Use tmpfs for best performance.
pagespeed FileCachePath /var/ngx_pagespeed_cache;
# Ensure requests for pagespeed optimized resources go to the pagespeed handler
# and no extraneous headers get set.
location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {
add_header "" "";
}
location ~ "^/pagespeed_static/" { }
location ~ "^/ngx_pagespeed_beacon$" { }
# Honoring no-transform Cache-Control Headers
pagespeed DisableRewriteOnNoTransform off;
# Lower-casing HTML element and attribute names
pagespeed LowercaseHtmlNames on;
pagespeed RewriteLevel OptimizeForBandwidth;
# Preserve URL Relativity
pagespeed PreserveUrlRelativity on;
# Misc
add_header Strict-Transport-Security $hsts_header;
add_header X-Content-Type-Options nosniff;
server_name example.com;
root /srv/www/example.com;
index index.php index.htm index.html;
error_log /var/log/nginx/error-example.log error;
location / {
# This is cool because no php is touched for static content.
# include the "?$args" part so non-default permalinks doesn't break when using query string
try_files $uri $uri/ /index.php?$args;
}
##
# PHP-FPM
##
location ~ \.php$ {
try_files $uri = 404;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
##
# Server the assets folder
##
location ^~ /assets {
alias /srv/assets;
}
##
# Simple cache for static files. Tweaked for SSL use.
##
location ~ \.(js|css|png|jpeg|jpg|gif|ico|swf|flv|pdf|zip)$ {
expires 24h;
add_header Cache-Control public;
}
##
# WordPress stuff
##
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
try_files $uri $uri/ /index.php?$args;
log_not_found off;
access_log off;
}
# Deny all attempts to access hidden files such as .htaccess, .htpasswd, .DS_Store (Mac).
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~ /\. {
deny all;
}
# Deny access to any files with a .php extension in the uploads directory
# Works in sub-directory installs and also in multisite network
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)
location ~* /(?:uploads|files)/.*\.php$ {
deny all;
}
# Set variable $skip_cache to 0
set $skip_cache 0;
# Do not cache POST/HEAD requests
if ($request_method ~ ^(HEAD|POST)$) {
set $skip_cache 1;
}
# Do not cache URLs with a query string
if ($query_string != "") {
set $skip_cache 1;
}
# Do not cache URLs containing the following segments
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|/feed/|index.php|sitemap(_index)?.xml") {
set $skip_cache 1;
}
# Do not cache logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $skip_cache 1;
}
##
# Rewrite for XML Sitemap Generator
##
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml$ "/index.php?xml_sitemap=params=$2" last;
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.xml\.gz$ "/index.php?xml_sitemap=params=$2;zip=true" last;
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html$ "/index.php?xml_sitemap=params=$2;html=true" last;
rewrite ^/sitemap(-+([a-zA-Z0-9_-]+))?\.html.gz$ "/index.php?xml_sitemap=params=$2;html=true;zip=true" last;
}
You must provide https-specific configuration to enable rewriting of https resources.
From https://developers.google.com/speed/pagespeed/module/https_support :
PageSpeed rewrites HTML documents requested via https. PageSpeed is able to serve these documents because the server passes the HTML document through all its output filters, including *_pagespeed. But by default, PageSpeed will only rewrite non-HTML resources which are served via http. Due to the complexity and security required to manage client SSL certificates, PageSpeed requires the server administrator to explicitly enable https fetching.
https://developers.google.com/speed/pagespeed/module/https_support provides more details on what configuration is needed in different situations.
I fixed that with https://developers.google.com/speed/pagespeed/module/https_support#load_from_file. The second argument should point to the root of your website.
Trying to setup Laravel 4.1 installation on a nginx server (first time) and I'm given "not found" for every Laravel route instead of the view expected. The main page loads fine.
Please note, site can only be accessed by IP which is why I have the filler IP 123.123.123.123 for server_name.
etc/nginx/nginx.conf:
listen 80;
user nginx;
worker_processes 4;
worker_rlimit_nofile 200000;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 4000;
use epoll;
multi_accept on;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
include /etc/nginx/conf.d/*.conf;
include /etc/nginx/sites-enabled/*;
}
etc/nginx/site-available/mysite.conf:
server {
listen 80;
server_name 123.123.123.123 "";
access_log /srv/www/mysite/logs/access.log;
error_log /srv/www/mysite/logs/error.log;
root /srv/www/mysite/public_html/public;
rewrite_log on;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log /var/log/nginx/access.log main buffer=16k;
gzip on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
gzip_http_version 1.1;
gzip_vary on;
gzip_proxied any;
#gzip_proxied expired no-cache no-store private auth;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript text/x-js;
open_file_cache max=200000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 90;
keepalive_requests 100000;
reset_timedout_connection on;
client_body_timeout 30;
send_timeout 30;
# Remove trailing slash to please Laravel routing system.
if (!-d $request_filename) {
rewrite ^/(.+)/$ /$1 permanent;
}
location / {
index index.html index.htm index.php;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_pass 127.0.0.1:9000;
}
# We don't need .ht files with nginx.
location ~ /\.ht {
deny all;
}
# Set header expirations.
location ~* \.(?:ico|css|js|jpe?g|JPG|png|svg|woff)$ {
expires 365d;
}
}
Maybe you should give this: http://daylerees.com/nginx-configuration-for-daylerees-dot-com a look. It might solve your problem.