Standard Directory Layout
/etc/nginx/
├── nginx.conf # Main configuration file
├── mime.types # MIME type mappings
├── conf.d/ # Additional configurations
│ └── *.conf # Auto-included .conf files
├── sites-available/ # Available site configs (Debian/Ubuntu)
│ ├── default
│ └── example.com
├── sites-enabled/ # Enabled sites (symlinks)
│ └── default -> ../sites-available/default
├── snippets/ # Reusable config snippets
│ ├── ssl-params.conf
│ └── gzip.conf
├── modules-available/ # Available modules
├── modules-enabled/ # Enabled modules (symlinks)
└── fastcgi_params # FastCGI parametersManaging Sites (Debian/Ubuntu)
# Create site config
sudo nano /etc/nginx/sites-available/example.com
# Enable site (create symlink)
sudo ln -s /etc/nginx/sites-available/example.com /etc/nginx/sites-enabled/
# Disable site (remove symlink)
sudo rm /etc/nginx/sites-enabled/example.com
# Test and reload
sudo nginx -t && sudo systemctl reload nginxRHEL/CentOS Structure
/etc/nginx/
├── nginx.conf
├── conf.d/ # Put your .conf files here
│ ├── default.conf
│ └── example.com.conf
└── default.d/ # Default server config fragmentsCreating Snippets
Snippets let you reuse common configurations:
# /etc/nginx/snippets/ssl-params.conf
ssl_protocols TLSv1.2 TLSv1.3;
ssl_prefer_server_ciphers on;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_stapling on;
ssl_stapling_verify on;# Include in server block
server {
listen 443 ssl http2;
include snippets/ssl-params.conf;
# ...
}Best Practices
- One site per file - Keep each virtual host in its own file
- Use snippets - Reuse common configurations
- Comment your config - Explain non-obvious settings
- Use variables - For repeated values
- Test before reload - Always run
nginx -t
- nginx
- directory
- structure
- sites-available
- sites-enabled