Nginx常用配置详解(二)

http协议块配置

http协议配置块位于总体配置块中,总体格式如下:

    http {
        ... ...
        server {
            ...
            server_name
            root
            location [OPERATOR] /uri/ {
                ...
            }
        }
        server {
            ...
        }
    }

http配置块按功能分类,大致可以分为以下五类:

  1. 与套接字相关的配置

  2. 定义路径相关的配置

  3. 定义客户端请求的相关配置

  4. 对客户端进行限制的相关配置

一、与套接字相关的配置

server

Syntax: server { ... }
Default: —
Context: http

Sets configuration for a virtual server. There is no clear separation between IP-based (based on the IP address) and name-based (based on the “Host” request header field) virtual servers. Instead, the listen directives describe all addresses and ports that should accept connections for the server, and the server_name directive lists all server names.
设定一个虚拟主机。不需要明确区分基于ip和基于host的虚拟主机。相应的,listen指令描述了此虚拟主机接收连接监听的地址和端口,server_name字段描述了所有虚拟主机的名称。

listen
Syntax: listen address[:port] [default_server] [ssl] [http2 | spdy] [proxy_protocol] [setfib=number] [fastopen=number] [backlog=number] [rcvbuf=size] [sndbuf=size] [accept_filter=filter] [deferred] [bind] [ipv6only=on|off] [reuseport] [so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]];
        listen port [default_server] [ssl] [http2 | spdy] [proxy_protocol] [setfib=number] [fastopen=number] [backlog=number] [rcvbuf=size] [sndbuf=size] [accept_filter=filter] [deferred] [bind] [ipv6only=on|off] [reuseport] [so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]];
        listen unix:path [default_server] [ssl] [http2 | spdy] [proxy_protocol] [backlog=number] [rcvbuf=size] [sndbuf=size] [accept_filter=filter] [deferred] [bind] [so_keepalive=on|off|[keepidle]:[keepintvl]:[keepcnt]];
Default: listen *:80 | *:8000;
Context: server

Sets the address and port for IP, or the path for a UNIX-domain socket on which the server will accept requests. Both address and port, or only address or only port can be specified. An address may also be a hostname。
设定IP的addressport,或是设定服务器接收响应的UNIX域套接字的path。可以同时设定addressport,或者仅仅设定address,仅仅设定portaddress也可以是hostname。
例如

 listen 127.0.0.1:8000;
 listen 127.0.0.1;
 listen 8000;
 listen *:8000;
 listen localhost:8000;

UNIX-domain sockets (0.8.21) are specified with the “unix:” prefix:
UNIX域套接字需要在行首用unix:指明

  listen unix:/var/run/nginx.sock;

由于选项过多,且绝大多数目前阶段应用不上,简要解释部分常用的

default_server

The default_server parameter, if present, will cause the server to become the default server for the specified address:port pair. If none of the directives have the default_server parameter then the first server with the address:port pair will be the default server for this pair.
设定当前监听的ip地址和端口为虚拟主机,如果未明确指明默认虚拟主机,第一个虚拟主机成为该部分的默认主机。

ssl

The ssl parameter (0.7.14) allows specifying that all connections accepted on this port should work in SSL mode. This allows for a more compact configuration for the server that handles both HTTP and HTTPS requests.
ssl字段允许指明从该端口接收的所有连接必须以SSL协议模式工作,无论接收的请求是HTTP协议的还是HTTPS协议。

http2

The http2 parameter (1.9.5) configures the port to accept HTTP/2 connections. Normally, for this to work the ssl parameter should be specified as well, but nginx can also be configured to accept HTTP/2 connections without SSL.
http2字段配置该端口可以接受http2协议的连接,通常http2协议需要指明ssl,但是nginx可以被配置成为接收不需要SSL协议的http2协议。

spdy

The spdy parameter (1.3.15-1.9.4) allows accepting SPDY connections on this port. Normally, for this to work the ssl parameter should be specified as well, but nginx can also be configured to accept SPDY connections without SSL.
spdy字段允许该端口接收SPDY连接,通常spdy协议需要指明ssl,但是nginx可以被配置成为接收不需要SSL协议的spdy协议。

proxy_protocol

The proxy_protocol parameter (1.5.12) allows specifying that all connections accepted on this port should use the PROXY protocol.
proxy_protocol字段允许指明该端口所有接收的连接使用PROXY协议。

backlog

sets the backlog parameter in the listen() call that limits the maximum length for the queue of pending connections. By default, backlog is set to -1 on FreeBSD, DragonFly BSD, and macOS, and to 511 on other platforms.
在listen()中设定backlog字段可以限制后援队列长度。默认在FreeBSD, DragonFly BSD, 和 macOS平台该值为-1,其他平台该值为511

rcvbuf

sets the receive buffer size (the SO_RCVBUF option) for the listening socket.
设定监听套接字的接收缓冲大小。

sndbuf

sets the send buffer size (the SO_SNDBUF option) for the listening socket.
设定监听套接字的发送缓冲大小。

server_name

Syntax: server_name name ...;
Default: server_name "";
Context: server

Sets names of a virtual server, for example:
设定虚拟主机的名称例如

 server {
     server_name example.com www.example.com;
 }

The first name becomes the primary server name.
第一个名称成为虚拟主机的主名称。
Server names can include an asterisk (“*”) replacing the first or last part of a name:
虚拟主机名称可以在起始和末尾用通配符

*
替代

 server {
     server_name example.com *.example.com www.example.*;
 }

The first two of the names mentioned above can be combined in one:
前两个地址可以缩写成为一个

 server {
     server_name .example.com;
 }

It is also possible to use regular expressions in server names, preceding the name with a tilde (“~”):
还可以使用正则表达式匹配虚拟主机名称,正则表达式前要用~

 server {
     server_name www.example.com ~^www\d+\.example\.com$;
 }

Regular expressions can contain captures (0.7.40) that can later be used in other directives:
正则表达式的分组可以用于其它字段。

 server {
     server_name ~^(www\.)?(.+)$;

     location / {
         root /sites/$2;
     }
 }

 server {
     server_name _;

     location / {
         root /sites/default;
     }
 }

Named captures in regular expressions create variables (0.8.25) that can later be used in other directives:
正则表达式匹配的优先级要低于其他字段。

server {
    server_name ~^(www\.)?(?<domain>.+)$;

    location / {
        root /sites/$domain;
    }
}

server {
    server_name _;

    location / {
        root /sites/default;
    }
}

If the directive’s parameter is set to “$hostname” (0.9.4), the machine’s hostname is inserted.
如果设定为变量$hostname会插入机器的hostname。(0.9.4之后的版本可用)
It is also possible to specify an empty server name (0.7.11):
也可以插入空的虚拟机主机名称(0.7.11之后的版本可用)

server {
    server_name www.example.com "";
}

It allows this server to process requests without the “Host” header field — instead of the default server — for the given address:port pair. This is the default setting.
允许虚拟主机响应没有Host头部的,该头部将会替换成默认虚拟主机,给予一个ip地址和端口段。该项为默认设置。

Before 0.8.48, the machine’s hostname was used by default. 
0.8.48版本前,机器的hostname为默认的。

During searching for a virtual server by name, if the name matches more than one of the specified variants, (e.g. both a wildcard name and regular expression match), the first matching variant will be chosen, in the following order of priority:
当搜寻一个虚拟的主机的名称时。如果该名称可以匹配多个字段(包括通配符和正则表达式的字段),优先匹配原则如下:

the exact name
the longest wildcard name starting with an asterisk, e.g. “*.example.com”
the longest wildcard name ending with an asterisk, e.g. “mail.*”
the first matching regular expression (in order of appearance in the configuration file)

1.字符串精确匹配
2.左侧*通配符
3.右侧*通配符
4.正则表达式

tcp_nodelay

Syntax: tcp_nodelay on | off;
Default: tcp_nodelay on;
Context: http, server, location

Enables or disables the use of the TCP_NODELAY option. The option is enabled only when a connection is transitioned into the keep-alive state.
启用或禁用TCP_NODELAY设置,当连接转换为长连接状态,这个选项必须启用。

sendfile

Syntax: sendfile on | off;
Default: sendfile off;
Context: http, server, location, if in location

Enables or disables the use of sendfile().
In this configuration, sendfile() is called with the SF_NODISKIO flag which causes it not to block on disk I/O, but, instead, report back that the data are not in memory. nginx then initiates an asynchronous data load by reading one byte. On the first read, the FreeBSD kernel loads the first 128K bytes of a file into memory, although next reads will only load data in 16K chunks. This can be changed using the read_ahead directive.
启用或禁用sendfile()功能。
在此项配置中,sentfile()被称为SF_NODISKIO标记,该标记引起不阻塞在磁盘I/O,相应的报告数据不在内存中。nginx然后会启用一个异步加载数据读取一个字节。第一次阅读,FreeBSD内容加载文件的第一个128K字节至内存,尽管接下来的读取只会在16K块中加载数据。可以在read_ahead指令中修改此条目。

tcp_nopush

Syntax: tcp_nopush on | off;
Default: tcp_nopush off;
Context: http, server, location

Enables or disables the use of the TCP_NOPUSH socket option on FreeBSD or the TCP_CORK socket option on Linux. The options are enabled only when sendfile is used. Enabling the option allows
禁用或启用TCP_NOPUSH套接字的使用,其工作于FreeBSD系统或Linux系统的TCP_CORK套接字选项。这个宣讲只有在sendfile使用时启用,启用这个选项允许

  • sending the response header and the beginning of a file in one packet, on Linux and FreeBSD 4.;
    在包起始位置发送响应报文头部(工作于Linux和FreeBSD 4.

  • sending a file in full packets.
    在完整的数据包中发送文件

二、定义路径相关的配置

root

Syntax: root path;
Default: root html;
Context: http, server, location, if in location

Sets the root directory for requests. For example, with the following configuration
设置响应的根目录,例如使用如下配置
location /i/ {
root /data/w3;
}

The /data/w3/i/top.gif file will be sent in response to the “/i/top.gif” request.
/data/w3/i/top.gif文件会发送到/i/top.gif响应报文中
The path value can contain variables, except $document_root and $realpath_root.
这个值可以是变量,$document_root$realpath_root不可以使用。

root指令取代的根目录在location目录中替代最左端的/

alias

设定网站别名,用法基本与root相同。
alias指令取代的根目录在location目录中替代至最右端的/

location

Syntax: location [ = | ~ | ~* | ^~ ] uri { ... }
        location @name { ... }
Default: —
Context: server, location

Sets configuration depending on a request URI.
根据请求的URI设置配置。
The matching is performed against a normalized URI, after decoding the text encoded in the “%XX” form, resolving references to relative path components “.” and “..”, and possible compression of two or more adjacent slashes into a single slash.
匹配时针对规范化的URI执行的,解码了% XX格式的文本,解析相对路径的引用...,压缩两个或更多相邻的/至一个/
A location can either be defined by a prefix string, or by a regular expression. Regular expressions are specified with the preceding “~*” modifier (for case-insensitive matching), or the “~” modifier (for case-sensitive matching). To find location matching a given request, nginx first checks locations defined using the prefix strings (prefix locations). Among them, the location with the longest matching prefix is selected and remembered. Then regular expressions are checked, in the order of their appearance in the configuration file. The search of regular expressions terminates on the first match, and the corresponding configuration is used. If no match with a regular expression is found then the configuration of the prefix location remembered earlier is used.
location可以由前缀字符串定义,也可以由正则表达式定义。正在表达式用~×表示不区分大小写匹配,用~表示区分大小写匹配。根据被给予的请求报文寻找location时,nginx优先查询使用前置字符串定义的location。匹配字符串时最长匹配的字符串将会被选择,并且被记住。然后会按照配置文件中出现的次序检查正则表达式。匹配第一次正则表达式后会终止,并使用相应的配置。如果没有发现合适的正则表达式匹配,则会使用之前记住的字符串匹配的信息。
location blocks can be nested, with some exceptions mentioned below.
location配置块可以嵌套。

Regular expressions can contain captures (0.7.40) that can later be used in other directives.
正则表达式可以捕获分组信息(0.7.40),之后用在其他指令
If the longest matching prefix location has the “^~” modifier then regular expressions are not checked.
如果最长匹配字段有^~修饰符,不检查正则匹配。
Also, using the “=” modifier it is possible to define an exact match of URI and location. If an exact match is found, the search terminates. For example, if a “/” request happens frequently, defining “location = /” will speed up the processing of these requests, as search terminates right after the first comparison. Such a location cannot obviously contain nested locations.
同样的,使用=修饰符可以定义一个精确的URI和location匹配,如果发现精确匹配,查询终止。例如:如果“/”请求频繁出现,定义“location = /”可以在第一次比较后终止查询,从而加速这些请求的进程。这种location不能嵌套location。

Let’s illustrate the above by an example:
用下面的例子举例说明

location = / {
    [ configuration A ]
}

location / {
    [ configuration B ]
}

location /documents/ {
    [ configuration C ]
}

location ^~ /p_w_picpaths/ {
    [ configuration D ]
}

location ~* \.(gif|jpg|jpeg)$ {
    [ configuration E ]
}

The “/” request will match configuration A, the “/index.html” request will match configuration B, the “/documents/document.html” request will match configuration C, the “/p_w_picpaths/1.gif” request will match configuration D, and the “/documents/1.jpg” request will match configuration E.
“/”请求会匹配到A,
“/index.html”会匹配到B,
“/documents/document.html”请求会匹配到C,
“/p_w_picpaths/1.gif”会匹配到D,
“/documents/1.jpg”会匹配到E。
The “@” prefix defines a named location. Such a location is not used for a regular request processing, but instead used for request redirection. They cannot be nested, and cannot contain nested locations.
“@”定义名称location。这样的location不用于一个普通请求,而用于请求重定向。他们不能被嵌套,也不能嵌套其他location。
If a location is defined by a prefix string that ends with the slash character, and requests are processed by one of proxy_pass, fastcgi_pass, uwsgi_pass, scgi_pass, or memcached_pass, then the special processing is performed. In response to a request with URI equal to this string, but without the trailing slash, a permanent redirect with the code 301 will be returned to the requested URI with the slash appended. If this is not desired, an exact match of the URI and location could be defined like this:
如果一个location定义字符串匹配时以/结尾,而且请求被proxy_pass, fastcgi_pass, uwsgi_pass, scgi_pass, memcached_pass中的一个处理,将会执行特殊的处理方式。响应请求URI等于这个字符串时,不需要尾部有/,将会返回一个301状态码的永久重定向,并携带一个/。如果不需要的话可以像如下方法额外添加URI和location的定义。

location /user/ {
    proxy_pass http://user.example.com;
}

location = /user {
    proxy_pass http://login.example.com;
}

index

Syntax: index file ...;
Default: index index.html;
Context: http, server, location

Defines files that will be used as an index. The file name can contain variables. Files are checked in the specified order. The last element of the list can be a file with an absolute path. Example:
定义被用作索引的文件。该文件名可以包含变量。多文件按顺序检查。列表最后元素可以是一个包含绝对路径文件。例如

index index.$geo.html index.0.html /index.html;

It should be noted that using an index file causes an internal redirect, and the request can be processed in a different location. For example, with the following configuration:
值得注意的是,使用索引文件会造成内部重定向,请求会被指向不同的location。如下面例子所示

location = / {
    index index.html;
}

location / {
    ...
}

a “/” request will actually be processed in the second location as “/index.html”.
一个“/”请求事实首先被解析成为index.html,而后被解析到第二location中。

error_page

Syntax: error_page code ... [=[response]] uri;
Default: —
Context: http, server, location, if in location

Defines the URI that will be shown for the specified errors. A uri value can contain variables.
定义显示指定错误的URI。uri值可以使用变量。

Example:
例如

error_page 404             /404.html;
error_page 500 502 503 504 /50x.html;

This causes an internal redirect to the specified uri with the client request method changed to “GET” (for all methods other than “GET” and “HEAD”).
这将导致将内部重定向到指定的uri,而客户端请求方法改为“GET”(除“GET”和“HEAD”之外的所有方法)。
Furthermore, it is possible to change the response code to another using the “=response” syntax, for example:
此外,还可以使用“=response”语法将状态响应代码更改为另一个,例如:

error_page 404 =200 /empty.gif;

If an error response is processed by a proxied server or a FastCGI/uwsgi/SCGI server, and the server may return different response codes (e.g., 200, 302, 401 or 404), it is possible to respond with the code it returns:
如果代理服务器或FastCGI / uwsgi / SCGI服务器处理错误响应,服务器可能会返回不同的响应代码,(例如200, 302, 401 或 404),可以响应返回码。

error_page 404 = /404.php;

If there is no need to change URI and method during internal redirection it is possible to pass error processing into a named location:
如果在内部重定向中不需要更改URI和方法,则可以将错误处理传入指定的位置:

location / {
    error_page 404 = @fallback;
}

location @fallback {
    proxy_pass http://backend;
}

If uri processing leads to an error, the status code of the last occurred error is returned to the client.
如果uri处理导致错误,那么最后一个发生错误的状态代码将返回给客户端。
It is also possible to use URL redirects for error processing:
也可以使用URL重定向错误处理。

error_page 403      http://example.com/forbidden.html;
error_page 404 =301 http://example.com/notfound.html;

In this case, by default, the response code 302 is returned to the client. It can only be changed to one of the redirect status codes (301, 302, 303, 307, and 308).
在这种情况下,默认情况下,响应代码302被返回给客户端。它只能更改为一个重定向状态码(301、302、303、307和308)。
These directives are inherited from the previous level if and only if there are no error_page directives defined on the current level.
只有在当前级别没有定义error_page指令的情况下,将从上一级继承error_page信息。

try_files

Syntax: try_files file ... uri;
        try_files file ... =code;
Default: —
Context: server, location

Checks the existence of files in the specified order and uses the first found file for request processing; the processing is performed in the current context. The path to a file is constructed from the file parameter according to the root and alias directives. It is possible to check directory’s existence by specifying a slash at the end of a name, e.g. “$uri/”. If none of the files were found, an internal redirect to the uri specified in the last parameter is made. For example:
检查指定顺序文件是否存在,使用第一个找到的文件进行处理,该处理在当前上下文执行。根据root和alias指令从文件参数构建文件路径。可以检查目录是否存在,需要后置/例如“$uri/”。如果未找到文件,内部重定向到最后一个参数中指定的uri。例如:

location /p_w_picpaths/ {
    try_files $uri /p_w_picpaths/default.gif;
}

location = /p_w_picpaths/default.gif {
    expires 30s;
}

三、定义客户端请求的相关配置

keepalive_timeout

Syntax: keepalive_timeout timeout [header_timeout];
Default: keepalive_timeout 75s;
Context: http, server, location

The first parameter sets a timeout during which a keep-alive client connection will stay open on the server side. The zero value disables keep-alive client connections. The optional second parameter sets a value in the “Keep-Alive: timeout=time” response header field. Two parameters may differ.
第一个字段设定了长连接客户端打开服务端的延迟,0值禁用长连接。第二字段设定HEAD字段中“Keep-Alive: timeout=time”time值。两个字段可以不同。
The “Keep-Alive: timeout=time” header field is recognized by Mozilla and Konqueror. MSIE closes keep-alive connections by itself in about 60 seconds.
Mozilla和Konqueror浏览器认可HEADER头字段中 “Keep-Alive: timeout=time”值。MSIE长连接60秒后自动关闭。

keepalive_requests

Syntax: keepalive_requests number;
Default: keepalive_requests 100;
Context: http, server, location
This directive appeared in version 0.8.0.

Sets the maximum number of requests that can be served through one keep-alive connection. After the maximum number of requests are made, the connection is closed.
设定请求的长连接的最大值,一旦超过最大值,连接关闭。

keepalive_disable

Syntax: keepalive_disable none | browser ...;
Default: keepalive_disable msie6;
Context: http, server, location

Disables keep-alive connections with misbehaving browsers. The browser parameters specify which browsers will be affected. The value msie6 disables keep-alive connections with old versions of MSIE, once a POST request is received. The value safari disables keep-alive connections with Safari and Safari-like browsers on macOS and macOS-like operating systems. The value none enables keep-alive connections with all browsers.
在不适合的浏览器访问时禁用长连接功能。browser指明那个浏览器收到影响。msie6值表示一旦收到老版本的MSIE浏览器POST请求,禁用长连接功能。safari值表示macOS和macOS类的操作系统上的Safari和类Safari的浏览器禁用长连接功能。none值表示所有浏览器启用长连接功能。

send_timeout

Syntax: send_timeout time;
Default: send_timeout 60s;
Context: http, server, location

Sets a timeout for transmitting a response to the client. The timeout is set only between two successive write operations, not for the transmission of the whole response. If the client does not receive anything within this time, the connection is closed.
设定一个传送响应报文到客户端的超时时间。该超时时间只是两个写操作之间的,不应用于全部响应。如果客户端在这个时间不接受,连接关闭。

client_body_buffer_size

Syntax: client_body_buffer_size size;
Default: client_body_buffer_size 8k|16k;
Context: http, server, location

Sets buffer size for reading client request body. In case the request body is larger than the buffer, the whole body or only its part is written to a temporary file. By default, buffer size is equal to two memory pages. This is 8K on x86, other 32-bit platforms, and x86-64. It is usually 16K on other 64-bit platforms.
设定读取客户机请求主体设置缓冲区大小,万一请求主体大于缓冲区,整个主体或主体的某一部分被写到一个临时文件。默认情况下,缓冲区大小等于两个内存页,32位系统为8K,64位系统为16K。

client_body_temp_path

Syntax: client_body_temp_path path [level1 [level2 [level3]]];
Default: client_body_temp_path client_body_temp;
Context: http, server, location

Defines a directory for storing temporary files holding client request bodies. Up to three-level subdirectory hierarchy can be used under the specified directory. For example, in the following configuration
定义用于存储客户端请求主体的临时文件的目录。在指定的目录下可以使用至多3级的子目录层次结构。例如,在以下配置中

client_body_temp_path /spool/nginx/client_temp 1 2;

a path to a temporary file might look like this:
一个临时文件文件可能根如下文件类似:

/spool/nginx/client_temp/7/45/00000123457

client_body_temp_path /var/tmp/client_body 2 1 1
1:表示用一位16进制数字表示一级子目录;0-f
2:表示用2位16进程数字表示二级子目录:00-ff
3:表示用2位16进程数字表示三级子目录:00-ff

四、对客户端进行限制的相关配置

limit_rate

Syntax: limit_rate rate;
Default: limit_rate 0;
Context: http, server, location, if in location

Limits the rate of response transmission to a client. The rate is specified in bytes per second. The zero value disables rate limiting. The limit is set per a request, and so if a client simultaneously opens two connections, the overall rate will be twice as much as the specified limit.
限制传输到客户端的响应速率。速率以每秒bytes指定。0值表示不限制。限制是根据每个请求设置的,如果一个客户端同时打开两个连接,总限制为指明限制的两倍。
Rate limit can also be set in the $limit_rate variable. It may be useful in cases where rate should be limited depending on a certain condition:
速度限制同样可以在$limit_rate变量中设定。当限制需要基于确定的情况时也许有用:

server {

    if ($slow) {
        set $limit_rate 4k;
    }

    ...
}

Rate limit can also be set in the “X-Accel-Limit-Rate” header field of a proxied server response. This capability can be disabled using the proxy_ignore_headers, fastcgi_ignore_headers, uwsgi_ignore_headers, and scgi_ignore_headers directives.
限速也可以在代理服务器响应中“X-Accel-Limit-Rate” HEARER字段中设定。可以使用proxy_ignore_header、fastcgi_ignore_header、uwsgi_ignore_header和scgi_ignore_header指令禁用此功能。

limit_except

Syntax: limit_except method ... { ... }
Default: —
Context: location

Limits allowed HTTP methods inside a location. The method parameter can be one of the following: GET, HEAD, POST, PUT, DELETE, MKCOL, COPY, MOVE, OPTIONS, PROPFIND, PROPPATCH, LOCK, UNLOCK, or PATCH. Allowing the GET method makes the HEAD method also allowed. Access to other methods can be limited using the ngx_http_access_module and ngx_http_auth_basic_module modules directives:
限制允许的HTTP方法访问一个location。这个方法字段可以是GET, HEAD, POST, PUT, DELETE, MKCOL, COPY, MOVE, OPTIONS, PROPFIND, PROPPATCH, LOCK, UNLOCK, PATCH中的一个.允许GET方法也会使HEAD方法可用。允许其他方法需要用到ngx_http_access_modulengx_http_auth_basic_module模块中的指令。

limit_except GET {
    allow 192.168.1.0/32;
    deny  all;
}

Please note that this will limit access to all methods except GET and HEAD.
注:这将限制除了GETHEAD之外的所有方法。

五、 文件操作优化的配置

aio

Syntax: aio on | off | threads[=pool];
Default: aio off;
Context: http, server, location
This directive appeared in version 0.8.11.

Enables or disables the use of asynchronous file I/O (AIO) on FreeBSD and Linux:
在FreeBSD、Linux系统中启用或禁用异步文件I/O

location /video/ {
    aio            on;
    output_buffers 1 64k;
}

On FreeBSD, AIO can be used starting from FreeBSD 4.3. Prior to FreeBSD 11.0, AIO can either be linked statically into a kernel:
在FreeBSD上,FreeBSD 4.3以后开始支持AIO。FreeBSD 11.0之前,AIO可以静态链接到内核。

options VFS_AIO

或动态加载成为一个内核模块

kldload aio

On Linux, AIO can be used starting from kernel version 2.6.22. Also, it is necessary to enable directio, or otherwise reading will be blocking:
Linux系统上,Linux2.6.22之后支持AIO,同样的必须启用directio,否则读取会被阻塞。

location /video/ {
    aio            on;
    directio       512;
    output_buffers 1 128k;
}

On Linux, directio can only be used for reading blocks that are aligned on 512-byte boundaries (or 4K for XFS). File’s unaligned end is read in blocking mode. The same holds true for byte range requests and for FLV requests not from the beginning of a file: reading of unaligned data at the beginning and end of a file will be blocking.
Linux系统上,directio只能用于读取512K对齐的块(XFS文件系统为4K)。文件未对齐的结尾在读取时处于阻塞模式。对于字节范围请求和FLV请求,同样适用于文件的开头:在文件开始和结束时读取未对齐的数据将被阻塞。
When both AIO and sendfile are enabled on Linux, AIO is used for files that are larger than or equal to the size specified in the directio directive, while sendfile is used for files of smaller sizes or when directio is disabled.
Linux系统上同时启用AIO和sendfile时,AIO作用域大于或等于directio指令指明的文件大小。sendfile用于小于directio指令指明的文件大小,或者directio禁用的情况。

location /video/ {
    sendfile       on;
    aio            on;
    directio       8m;
}

Finally, files can be read and sent using multi-threading (1.7.11), without blocking a worker process:
最后,文件的读取和发送可以不被一个worker进程阻塞,使用多线程模式

location /video/ {
    sendfile       on;
    aio            threads;
}

Read and send file operations are offloaded to threads of the specified pool. If the pool name is omitted, the pool with the name “default” is used. The pool name can also be set with variables:
读取和发送文件操作将卸载到指定池的线程。如果这个池的名称是省略的,这个池将使用“default” 作为名称。池名称可以同样用变量设置

aio threads=pool$disk;

By default, multi-threading is disabled, it should be enabled with the —with-threads configuration parameter. Currently, multi-threading is compatible only with the epoll, kqueue, and eventport methods. Multi-threaded sending of files is only supported on Linux.
默认情况下,多线程被禁用,可以使用--with-threads控制字段启用。一般来说,多线程仅兼容epoll, kqueue, eventport方法。仅Linux系统支持多线程发送文件。

directio

Syntax: directio size | off;
Default: directio off;
Context: http, server, location

This directive appeared in version 0.7.7.

Enables the use of the O_DIRECT flag (FreeBSD, Linux), the F_NOCACHE flag (macOS), or the directio() function (Solaris), when reading files that are larger than or equal to the specified size. The directive automatically disables (0.7.15) the use of sendfile for a given request. It can be useful for serving large files:
当读取的文件大于指定块时,启用O_DIRECT标记(FreeBSD, Linux),F_NOCACHE标记(macOS)或是directio()函数(Solaris)。该指令自动禁用(0.7.15)sendfile对给定请求的使用。发送大文件时使用:

directio 4m;

or when using aio on Linux.
或在Linux系统使用aio。

open_file_cache

Syntax: open_file_cache off;
        open_file_cache max=N [inactive=time];
Default: open_file_cache off;
Context: http, server, location

Configures a cache that can store:
配置一个可以存储如下信息的缓存:

  • open file descriptors, their sizes and modification times;

  • information on existence of directories;

  • file lookup errors, such as “file not found”, “no read permission”, and so on. (Caching of errors should be enabled separately by the open_file_cache_errors directive. )
    -

  • open file 描述符,他们的大小和修改时间

  • 存在的目录信息

  • 文件查询错误,如“file not found”,“no read permission”等等(错误缓存需要从open_file_cache_errors单独启用。)

The directive has the following parameters:
该指令有如下字段
max
sets the maximum number of elements in the cache; on cache overflow the least recently used (LRU) elements are removed;
设定缓存中元素数量的最大值,当溢出时使用LRU算法。
inactive
defines a time after which an element is removed from the cache if it has not been accessed during this time; by default, it is 60 seconds;
定义一段时间,如果这段时间某元素未被访问,则从缓存中移除该元素。默认情况下,时长60秒。
off
disables the cache
禁用缓存
Example:
例如

open_file_cache          max=1000 inactive=20s;
open_file_cache_valid    30s;
open_file_cache_min_uses 2;
open_file_cache_errors   on;
open_file_cache_errors
Syntax: open_file_cache_errors on | off;
Default: open_file_cache_errors off;
Context: http, server, location

Enables or disables caching of file lookup errors by open_file_cache.
启用或禁用open_file_cache中的文件查看错误。

open_file_cache_min_uses
Syntax: open_file_cache_min_uses number;
Default: open_file_cache_min_uses 1;
Context: http, server, location

Sets the minimum number of file accesses during the period configured by the inactive parameter of the open_file_cache directive, required for a file descriptor to remain open in the cache.
设定在open_file_cache中inactive配置的期间文件的最小访问数值,要求在缓存中保持文件描述符保持打开状态。

open_file_cache_valid
Syntax: open_file_cache_valid time;
Default: open_file_cache_valid 60s;
Context: http, server, location

Sets a time after which open_file_cache elements should be validated.
设定缓存项有效性的检查时间间隔。