user www-data;
worker_processes auto;
worker_priority -5;
worker_rlimit_nofile 1024000;
timer_resolution 10000ms;
pid /run/nginx.pid;
load_module modules/modules/ngx_http_headers_more_filter_module.so;
load_module modules/modules/ngx_http_naxsi_module.so;
load_module modules/modules/ngx_http_echo_module.so;
load_module modules/modules/ngx_http_socks_module.so;
load_module modules/modules/ndk_http_module.so;
load_module modules/modules/ngx_http_lua_module.so;

events {
	worker_connections  8096;
	use epoll;
	multi_accept on;
}

http {

	##
	# Basic Settings
	##
	server_tokens off;

	# Keep Alive
	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	
	reset_timedout_connection on;

	lua_shared_dict blocked_cookies 100M;
	
	# Timeouts
	client_body_timeout 30s;
	client_header_timeout 30s;
	keepalive_timeout 240s;
	keepalive_requests 200000;
	send_timeout 120s;
	client_max_body_size 10m;
	client_body_buffer_size 10m;
	proxy_connect_timeout 120s;
	proxy_send_timeout 120s;
	proxy_read_timeout 120s;

	log_format detailed escape=json
	'{' 
		'"timestamp": "$time_iso8601",'
		'"remote_addr": "$remote_addr",'
		'"upstream_addr": "$upstream_addr",'
		'"connection": "$connection",'
		'"connection_requests": "$connection_requests",'
		'"request_time": "$request_time",'
		'"upstream_response_time": "$upstream_response_time",'
		'"status": "$status",'
		'"upstream_status": "$upstream_status",'
		'"body_bytes_sent": "$body_bytes_sent ",'
		'"request": "$request",'
		'"http_user_agent": "$http_user_agent"'
	  '}';
	#access_log /var/log/site.access.log detailed;
	proxy_redirect          off;

	# Gzipping Content
	gzip on;
	gzip_comp_level    5;
	gzip_min_length    256;
	gzip_proxied       any;
 	gzip_vary          on;
    	gzip_types       application/x-javascript text/css application/javascript text/javascript text/plain text/xml application/json application/vnd.ms-fontobject application/x-font-opentype application/x-font-truetype application/x-font-ttf application/xml font/eot font/opentype font/otf image/svg+xml image/vnd.microsoft.icon;
    	gzip_disable "MSIE [1-6]\.";


	include /etc/nginx/mime.types;
	default_type application/octet-stream;
	include /etc/nginx/naxsi_core.rules;

	add_header X-Content-Type-Options "nosniff";
	add_header X-Frame-Options "SAMEORIGIN";
	add_header X-Xss-Protection "1; mode=block";

	##
	# Virtual Host Configs
	##
	include /etc/nginx/sites-enabled/*;
}