user www-data; worker_processes ${worker_processes}; pid /var/run/nginx.pid; events { worker_connections ${worker_connections}; } http { include /etc/nginx/mime.types; default_type application/octet-stream; charset UTF-8; override_charset on; sendfile on; #tcp_nopush on; keepalive_timeout 15; client_body_timeout 12; client_header_timeout 12; send_timeout 10; access_log off; error_log off; client_body_buffer_size 10K; client_header_buffer_size 1k; client_max_body_size 8m; large_client_header_buffers 2 1k; map $http_upgrade $connection_upgrade { default upgrade; '' close; } # GDPR compatible IP smashinator 5000000 map $remote_addr $ip_anonym1 { default 0.0.0; "~(?P(\d+)\.(\d+))\.(\d+)\.\d+" $ip; "~(?P[^:]+:[^:]+):" $ip; } map $remote_addr $ip_anonym2 { default .0.0; "~(?P(\d+)\.(\d+)\.(\d+))\.\d+" .0.0; "~(?P[^:]+:[^:]+):" ::; } map $ip_anonym1$ip_anonym2 $ip_anonymized { default 0.0.0.0; "~(?P.*)" $ip; } log_format gdpr '$ip_anonymized - $remote_user [$time_local] ' '"$request" $status $body_bytes_sent ' '"" "$http_user_agent"'; include /etc/nginx/sites/*; }