# /etc/nginx/nginx.conf

# Worker 进程数（auto = CPU 核心数）
worker_processes auto;

# Worker 进程最大打开文件数
worker_rlimit_nofile 65535;

events {
    # 每个 Worker 的最大并发连接数
    worker_connections 10240;

    # 使用 epoll（Linux）或 kqueue（macOS/BSD）
    use epoll;

    # 多个 Worker 同时 accept 的优化
    multi_accept on;
}

http {
    # 启用 sendfile 零拷贝
    sendfile on;

    # 优化数据包发送
    tcp_nopush on;      # 合并数据包，减少网络开销（配合 sendfile）
    tcp_nodelay on;     # 禁用 Nagle 算法，减少延迟

    # Keepalive 连接
    keepalive_timeout 65s;
    keepalive_requests 1000;    # 单个连接最多处理 1000 个请求
}

http {
    # 客户端请求缓冲
    client_body_buffer_size 16k;        # 请求体缓冲区
    client_header_buffer_size 1k;       # 请求头缓冲区
    large_client_header_buffers 4 8k;   # 大请求头缓冲

    # 代理缓冲（反向代理场景）
    proxy_buffer_size 4k;               # 响应头缓冲区
    proxy_buffers 8 16k;                # 响应体缓冲区（8 个 16KB）
    proxy_busy_buffers_size 32k;        # 忙碌缓冲区大小

    # FastCGI 缓冲（PHP-FPM 场景）
    fastcgi_buffer_size 4k;
    fastcgi_buffers 16 16k;
    fastcgi_busy_buffers_size 32k;
}

http {
    gzip on;
    gzip_vary on;
    gzip_proxied any;
    gzip_comp_level 4;        # 压缩级别 1-9（4 为最佳性价比）
    gzip_min_length 256;       # 小于 256B 不压缩
    gzip_buffers 16 8k;
    gzip_http_version 1.1;
    gzip_types
        text/plain
        text/css
        text/xml
        text/javascript
        application/javascript
        application/json
        application/xml
        application/rss+xml
        image/svg+xml
        font/woff2;

    # 预压缩（如果有 .gz 文件）
    gzip_static on;
}

# open_file_cache 缓存文件元数据
open_file_cache max=10000 inactive=60s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;

# 大文件异步 I/O
aio threads;
thread_pool default threads=32 max_queue=65536;
directio 512k;    # 大于 512K 的文件使用 direct I/O

# 长期缓存
location ~* \.(css|js|jpg|png|svg|woff2?)$ {
    expires 1y;
    add_header Cache-Control "public, immutable";
    access_log off;
}

# /etc/sysctl.conf

# === 网络优化 ===
# TCP 连接队列
net.core.somaxconn = 65535
net.core.netdev_max_backlog = 65535
net.ipv4.tcp_max_syn_backlog = 65535

# TCP 连接复用
net.ipv4.tcp_tw_reuse = 1
net.ipv4.tcp_fin_timeout = 10

# TCP Keepalive
net.ipv4.tcp_keepalive_time = 600
net.ipv4.tcp_keepalive_intvl = 30
net.ipv4.tcp_keepalive_probes = 10

# 端口范围
net.ipv4.ip_local_port_range = 1024 65535

# 缓冲区
net.core.rmem_max = 16777216
net.core.wmem_max = 16777216
net.ipv4.tcp_rmem = 4096 87380 16777216
net.ipv4.tcp_wmem = 4096 65536 16777216

# === 文件描述符 ===
fs.file-max = 655350

# 应用: sudo sysctl -p

# /etc/security/limits.conf
*    soft    nofile    655350
*    hard    nofile    655350
*    soft    nproc     65535
*    hard    nproc     65535

# /etc/nginx/nginx.conf — 高性能生产配置

user nginx;
worker_processes auto;
worker_rlimit_nofile 65535;
pid /var/run/nginx.pid;

events {
    worker_connections 10240;
    use epoll;
    multi_accept on;
}

http {
    # 基本
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65s;
    keepalive_requests 1000;
    types_hash_max_size 2048;
    server_tokens off;

    # Buffer
    client_body_buffer_size 16k;
    client_header_buffer_size 1k;
    large_client_header_buffers 4 8k;
    client_max_body_size 10m;

    # Gzip
    gzip on;
    gzip_vary on;
    gzip_comp_level 4;
    gzip_min_length 256;
    gzip_types text/plain text/css application/javascript application/json
               image/svg+xml font/woff2;

    # 文件缓存
    open_file_cache max=10000 inactive=60s;
    open_file_cache_valid 30s;
    open_file_cache_min_uses 2;

    # 日志
    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log warn;

    include /etc/nginx/conf.d/*.conf;
}

# 1. 使用 wrk 压测
wrk -t12 -c400 -d30s http://localhost/
# -t12: 12 个线程
# -c400: 400 个并发连接
# -d30s: 持续 30 秒

# 2. 使用 ab (Apache Bench)
ab -n 10000 -c 100 http://localhost/

# 3. 使用 hey
hey -n 10000 -c 200 http://localhost/

# 4. 监控 Nginx 状态
watch -n 1 'curl -s http://localhost/nginx_status'

# 5. 监控系统资源
htop
iostat -x 1
sar -n DEV 1