nginx Cheatsheet

Top configs.

Testing config

nginx -t validates configuration without applying. Run before every reload to catch syntax errors.

nginx -T outputs the full effective configuration. Useful for debugging include directives and overrides.

nginx -V shows compiled-in modules. Useful when troubleshooting feature availability.

Reload and restart

nginx -s reload reloads configuration without dropping connections. Reload, not restart.

nginx -s stop graceful shutdown after pending requests complete. nginx -s quit immediate stop.

systemctl reload nginx wraps the signal sending; preferred in systemd-managed environments.

Logs and debugging

Access log: /var/log/nginx/access.log by default. Track request volume, status codes, latency.

Error log: /var/log/nginx/error.log. Configuration issues, upstream failures, SSL problems.

error_log /var/log/nginx/debug.log debug for verbose. Don't leave on; high volume. Useful for tracking specific issue.

Upstream patterns

upstream block defines backend servers. Round-robin by default; least_conn or ip_hash for different distribution.

Health checks: nginx Plus or third-party modules. Open-source nginx uses passive checks (mark unhealthy on connection failure).

keepalive directive maintains pooled connections to upstreams. Significantly reduces connection establishment overhead.

Performance tuning

worker_processes auto matches CPU count. worker_connections 1024 default; raise to 4096+ for high-traffic sites.

sendfile on enables zero-copy file serving. Important for static content workloads.

Open file descriptors: ulimit -n at OS level; worker_rlimit_nofile in nginx config. Match to expected concurrent connections.