user www; error_log /var/log/nginx-error.log; load_module /usr/local/libexec/nginx/ngx_http_auth_ldap_module.so; # ---- Process control # # For reverse proxying like this: # Max clients = worker_processes * worker_connections/4 # worker_processes 8; # -- Set to logical CPU core count worker_rlimit_nofile 4096; # -- Max number of file handles per worker proc events { worker_connections 50000; # -- Max number of connections per worker proc } http { include mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; log_format timed_combined '$remote_addr - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"$http_referer" "$http_user_agent" $upstream_addr $upstream_status ($request_time' 's)'; access_log /var/log/nginx-access.log timed_combined; sendfile on; tcp_nopush on; keepalive_timeout 10; keepalive_requests 5; gzip on; gzip_types text/javascript application/javascript text/plain text/xml text/csv application/x-javascript application/json; gzip_vary on; gzip_disable "msi6" server_tokens off; server_names_hash_bucket_size 128; ldap_server ssoldap_beta { url ldap://127.0.0.1:389/dc=Organizations,dc=xxxxxx?uid?sub?(objectClass=person); binddn "uid=authenticate,dc=System,dc=xxxxxxx"; binddn_passwd xxxxxxxxxx; group_attribute member; require group "cn=Beta Testers,dc=Groups,dc=xxxxxx"; require valid_user; } include /share/conf/nginx/sites/*.conf; }