Inline documentation improvements

global/limits.conf

@@ -12,4 +12,6 @@ send_timeout 30;
 
 # Set the maximum allowed size of client request body. This should be set
 # to the value of files sizes you wish to upload to the WordPress Media Library.
+# You may also need to change the values `upload_max_filesize` and `post_max_size` within
+# your php.ini for the changes to apply.
 client_max_body_size 64m;

global/server/defaults.conf

@@ -1,3 +1,6 @@
+# Should be included for most sites, as contains sensible defaults
+# for file exclusions, security and static file caching.
+
 # Exclusions
 include global/server/exclusions.conf;
 

global/server/multisite-subdirectory.conf

@@ -1,4 +1,4 @@
-# Rewrite multisite '.../wp-.*' and '.../*.php'.
+# Rewrite requests to `/wp-.*` on subdirectory installs.
 if (!-e $request_filename) {
 	rewrite /wp-admin$ $scheme://$host$uri/ permanent;
 	rewrite ^/[_0-9a-zA-Z-]+(/wp-.*) $1 last;

global/server/security.conf

@@ -1,3 +1,6 @@
+# Generic security enhancements. Use https://securityheaders.io to test
+# and recommend further improvements.
+
 # Hide Nginx version in error messages and reponse headers.
 server_tokens off;
 

global/server/ssl.conf

@@ -1,3 +1,6 @@
+# Generic SSL enhancements. Use https://www.ssllabs.com/ssltest/ to test
+# and recommend further improvements.
+
 # Don't use outdated SSLv3 protocol. Protects against BEAST and POODLE attacks.
 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
 

nginx.conf

@@ -13,10 +13,11 @@ worker_rlimit_nofile 8192;
 pid /run/nginx.pid;
 
 events {
-	# Set the maximum number of connection each worker process can open
+	# Set the maximum number of connection each worker process can open. Anything higher than this
+	# will require Unix optimisations.
 	worker_connections 8000;
 
-	# Accept all new connections at a time
+	# Accept all new connections as they're opened.
 	multi_accept on;
 }
 

sites-available/default

@@ -1,3 +1,5 @@
+# Catch-all server block, resulting in a 444 response for unknown domains.
+
 server {
 	listen 80 default_server;
 	server_name _;

sites-available/fastcgi-cache.com

@@ -1,4 +1,4 @@
-# Define path to cache and memory zone.
+# Define path to cache and memory zone. The memory zone should be unique.
 # keys_zone=fastcgi-cache.com:100m creates the memory zone and sets the maximum size in MBs.
 # inactive=60m will remove cached items that haven't been accessed for 60 minutes or more.
 fastcgi_cache_path /sites/fastcgi-cache.com/cache levels=1:2 keys_zone=fastcgi-cache.com:100m inactive=60m;
@@ -16,7 +16,7 @@ server {
 	# File to be used as index
 	index index.php;
 
-	# Overrides logs defined in global/logs.conf, allows per site logs.
+	# Overrides logs defined in nginx.conf, allows per site logs.
 	access_log /sites/fastcgi-cache.com/logs/access.log;
 	error_log /sites/fastcgi-cache.com/logs/error.log;
 

sites-available/multisite-subdirectory.com

@@ -11,7 +11,7 @@ server {
 	# File to be used as index
 	index index.php;
 
-	# Overrides logs defined in global/logs.conf, allows per site logs.
+	# Overrides logs defined in nginx.conf, allows per site logs.
 	access_log /sites/multisite-subdirectory.com/logs/access.log;
 	error_log /sites/multisite-subdirectory.com/logs/error.log;
 

sites-available/multisite-subdomain.com

@@ -11,7 +11,7 @@ server {
 	# File to be used as index
 	index index.php;
 
-	# Overrides logs defined in global/logs.conf, allows per site logs.
+	# Overrides logs defined in nginx.conf, allows per site logs.
 	access_log /sites/multisite-subdomain.com/logs/access.log;
 	error_log /sites/multisite-subdomain.com/logs/error.log;
 

sites-available/singlesite.com

@@ -11,7 +11,7 @@ server {
 	# File to be used as index
 	index index.php;
 
-	# Overrides logs defined in global/logs.conf, allows per site logs.
+	# Overrides logs defined in nginx.conf, allows per site logs.
 	access_log /sites/singlesite.com/logs/access.log;
 	error_log /sites/singlesite.com/logs/error.log;
 

sites-available/ssl.com

@@ -16,7 +16,7 @@ server {
 	# File to be used as index
 	index index.php;
 
-	# Overrides logs defined in global/logs.conf, allows per site logs.
+	# Overrides logs defined in nginx.conf, allows per site logs.
 	access_log /sites/ssl.com/logs/access.log;
 	error_log /sites/ssl.com/logs/error.log;