diff --git a/.gitattributes b/.gitattributes index 813ba022..78178b79 100644 --- a/.gitattributes +++ b/.gitattributes @@ -16,3 +16,4 @@ .travis.yml export-ignore /.git* export-ignore +/test export-ignore diff --git a/.gitignore b/.gitignore index 29b0d3b4..74c39475 100644 --- a/.gitignore +++ b/.gitignore @@ -2,3 +2,6 @@ /conf.d/*.conf !/conf.d/.default.conf !/conf.d/no-ssl.default.conf +/test/* +!/test/vhosts/ +/k6/ diff --git a/.travis.yml b/.travis.yml new file mode 100644 index 00000000..acf3f527 --- /dev/null +++ b/.travis.yml @@ -0,0 +1,42 @@ +# https://docs.travis-ci.com/ + +services: + - docker + +addons: + hosts: + - server.localhost + - www-server.localhost + - www.server.localhost + - secure.server.localhost + - www.secure.server.localhost + apt: + packages: + - docker-ce + +install: + - curl -sSL https://github.com/loadimpact/k6/releases/download/v0.23.1/k6-v0.23.1-linux64.tar.gz | tar -xz + - mv k6-v0.23.1-linux64 k6 + - curl -sSL https://github.com/h5bp/server-configs-test/releases/download/0.0.4/server-configs-test.tar.gz | tar -xz -C test/ + +before_script: + - docker pull nginx + - | + docker run -d -p 80:80 -p 443:443 --name server \ + -v $TRAVIS_BUILD_DIR/test/fixtures:/var/www/server.localhost \ + -v $TRAVIS_BUILD_DIR/test/vhosts:/etc/nginx/conf.d \ + -v $TRAVIS_BUILD_DIR/test/certs:/etc/nginx/certs \ + -v $TRAVIS_BUILD_DIR/h5bp:/etc/nginx/h5bp \ + -v $TRAVIS_BUILD_DIR/nginx.conf:/etc/nginx/nginx.conf \ + -v $TRAVIS_BUILD_DIR/mime.types:/etc/nginx/mime.types \ + nginx + +script: + - ./k6/k6 run test/lib/index.js + - ./k6/k6 run test/lib/precompressed-files-gzip.js + +after_success: ./k6/k6 run test/lib/benchmark.js + +after_failure: + - docker ps -a + - docker logs server diff --git a/README.md b/README.md index 890e4ffd..80cd668e 100644 --- a/README.md +++ b/README.md @@ -1,5 +1,7 @@ # [Nginx Server Configs](https://github.com/h5bp/server-configs-nginx) +[![Build Status](https://img.shields.io/travis/h5bp/server-configs-nginx/master.svg)](https://travis-ci.org/h5bp/server-configs-nginx) + **Nginx Server Configs** is a collection of configuration snippets that can help your server improve the web site's performance and security, while also ensuring that resources are served with the correct content-type and are diff --git a/test/vhosts/default.conf b/test/vhosts/default.conf new file mode 100644 index 00000000..6f117e90 --- /dev/null +++ b/test/vhosts/default.conf @@ -0,0 +1,22 @@ +server { + listen [::]:80 default_server deferred; + listen 80 default_server deferred; + + server_name _; + + return 301 https://$host$request_uri; +} + + +server { + listen [::]:443 ssl default_server; + listen 443 ssl default_server; + + server_name _; + + include h5bp/ssl/ssl_engine.conf; + include h5bp/ssl/certificate_files.conf; + include h5bp/ssl/policy_intermediate.conf; + + return 444; +} diff --git a/test/vhosts/secure.server.localhost.conf b/test/vhosts/secure.server.localhost.conf new file mode 100644 index 00000000..c14058fc --- /dev/null +++ b/test/vhosts/secure.server.localhost.conf @@ -0,0 +1,30 @@ +server { + listen [::]:443 ssl http2; + listen 443 ssl http2; + + server_name www.secure.server.localhost; + + include h5bp/ssl/ssl_engine.conf; + include h5bp/ssl/certificate_files.conf; + include h5bp/ssl/policy_intermediate.conf; + + return 301 $scheme://secure.server.localhost$request_uri; +} + +server { + listen [::]:443 ssl http2; + listen 443 ssl http2; + + server_name secure.server.localhost; + + include h5bp/ssl/ssl_engine.conf; + include h5bp/ssl/certificate_files.conf; + include h5bp/ssl/policy_intermediate.conf; + + root /var/www/server.localhost; + + include h5bp/basic.conf; + include h5bp/errors/custom_errors.conf; + + include h5bp/security/strict-transport-security.conf; +} diff --git a/test/vhosts/server.localhost.conf b/test/vhosts/server.localhost.conf new file mode 100644 index 00000000..c1e525f1 --- /dev/null +++ b/test/vhosts/server.localhost.conf @@ -0,0 +1,28 @@ +server { + listen [::]:80; + listen 80; + + server_name www.server.localhost; + + return 301 $scheme://server.localhost$request_uri; +} + +server { + listen [::]:80; + listen 80; + + server_name server.localhost; + + root /var/www/server.localhost; + + include h5bp/basic.conf; + + gzip_min_length 1; + + include h5bp/location/web_performance_filename-based_cache_busting.conf; + include h5bp/errors/custom_errors.conf; + + location ~* /test-pre-gzip { + gzip_static on; + } +} diff --git a/test/vhosts/www-server.localhost.conf b/test/vhosts/www-server.localhost.conf new file mode 100644 index 00000000..3131a4c2 --- /dev/null +++ b/test/vhosts/www-server.localhost.conf @@ -0,0 +1,8 @@ +server { + listen [::]:80; + listen 80; + + server_name www-server.localhost; + + return 301 $scheme://www.www-server.localhost$request_uri; +}