Learn NGINX In Action
// Mental model production-grade untuk memahami NGINX sebagai edge traffic system, bukan sekadar web server atau reverse proxy template.
This overview is designed to help you choose the right entry point quickly. Follow the full track from lesson one, continue from your last checkpoint, or jump straight into a phase that matches what you need right now.
Curriculum Map
Navigate by phase, then choose the lesson that matches your current depth.
Edge Traffic Mental Model
18 minMental model production-grade untuk memahami NGINX sebagai edge traffic system, bukan sekadar web server atau reverse proxy template.
Where NGINX Fits In Modern Architecture
18 minPeta posisi NGINX dalam arsitektur modern: bare metal, VM, container, Kubernetes, CDN, load balancer cloud, service mesh, API gateway, dan internal platform edge.
Master/Worker Runtime
17 minRuntime internal NGINX: master process, worker process, event-driven execution, graceful reload, signal handling, shared zones, dan failure mode production.
Event Loop and Connection Lifecycle
15 minEvent loop dan lifecycle koneksi NGINX: accept, read, parse, route, upstream, buffer, write, keepalive, timeout, backpressure, dan failure modelling.
NGINX Config Language From First Principles
11 minBahasa konfigurasi NGINX dari first principles: directive, block, context, include, parse-time vs runtime, module ownership, validasi, dan pola konfigurasi production-grade.
Context, Directive, Inheritance
12 minContext, directive inheritance, merge semantics, scope boundary, dan cara menghindari bug konfigurasi NGINX yang muncul akibat salah memahami inheritance.
Request Processing Pipeline
14 minRequest processing pipeline NGINX dari listener sampai log: accept connection, virtual server selection, location lookup, rewrite, access, content handler, upstream, response filter, dan observability.
Server Selection, Server Name, and Default Server
11 minServer selection NGINX secara production-grade: listen address/port, default_server, server_name exact/wildcard/regex, Host header, SNI, catch-all, dan hardening virtual host.
Location Matching Algorithm
12 minAlgoritma location matching NGINX dari first principles: exact, prefix, ^~, regex, named location, internal redirect, dan failure mode routing production.
Variables, map, geo, and Evaluation Timing
12 minMental model variable NGINX, map, geo, lazy evaluation, request-time values, dan pola aman untuk routing, policy, cache, dan observability production.
Safe Config Layout for Production
11 minLayout konfigurasi NGINX production-grade: struktur direktori, include boundaries, snippet discipline, environment overlays, config review, validasi CI, dan rollback-friendly design.
NGINX CLI, Signals, Test, Reload, and Rollback
10 minWorkflow operasional NGINX: command line, signal, nginx -t, nginx -T, reload aman, graceful shutdown, reopen log, binary upgrade, rollback, dan deployment checklist.
Build, Package, and Module Strategy
12 minStrategi memilih distribusi NGINX untuk production: OS package, official repository, container image, build from source, dynamic module, reproducibility, patching, rollback, dan supply-chain control.
Open Source vs NGINX Plus Boundaries
11 minBatas praktis NGINX Open Source dan NGINX Plus untuk arsitektur production: fitur, trade-off, failure mode, keputusan biaya, operability, dan cara menjaga portability desain.
Production Baseline Lab
11 minProduction baseline lab for building a safe, inspectable, reloadable, and extensible NGINX skeleton before using it as a web server, reverse proxy, cache, or load balancer.
Static File Serving Internals
9 minDeep dive into NGINX static file serving internals: URI-to-file mapping, root, alias, index, try_files, internal redirects, permission failures, and production-safe filesystem contracts.
root vs alias Footguns
10 minDeep dive into root vs alias semantics, URI-to-filesystem mapping, path traversal risk, location boundary bugs, and production-safe static file layout patterns.
try_files, Internal Redirects, and SPA Routing
8 minDeep dive into try_files, internal redirects, named locations, SPA fallback routing, frontend/backend boundary design, and production-safe missing-file behavior.
MIME Types, default_type, and Content Negotiation
11 minDeep dive into MIME types, default_type, types blocks, content negotiation boundaries, browser sniffing, security headers, and production-safe content classification in NGINX.
sendfile, AIO, directio, and open_file_cache
12 minDeep dive into NGINX static file performance using sendfile, AIO, directio, tcp_nopush, open_file_cache, filesystem metadata caching, and production tuning trade-offs.
Compression Strategy: gzip, Brotli Optional, and Precompressed Assets
14 minProduction-grade compression strategy in NGINX using gzip, gzip_static, optional Brotli modules, precompressed assets, Vary semantics, CPU trade-offs, and safe rollout patterns.
Cache-Control, ETag, and Last-Modified
12 minDeep production treatment of browser cache semantics in NGINX: Cache-Control, Expires, ETag, Last-Modified, conditional requests, immutable assets, HTML revalidation, and cache policy safety.
error_page, Named Location, and Internal Error Flow
11 minMemahami error_page, named location, dan internal location sebagai control-flow error handling di NGINX production, termasuk status code mapping, internal redirect loop, dan observability.
Canonical Redirects, Host Normalization, and Redirect Loop Prevention
12 minMendesain canonical redirects di NGINX secara production-grade, mencakup HTTP ke HTTPS, host normalization, www/non-www, trailing slash, default server, proxy awareness, SEO, dan redirect loop prevention.
rewrite vs return and Routing Discipline
13 minRewrite vs return, routing discipline, redirect correctness, internal URI mutation, loop prevention, and production-safe URL normalization in NGINX.
CORS and OPTIONS Preflight at the Edge
14 minProduction-grade CORS handling in NGINX, including OPTIONS preflight, origin allowlists, credentials, Vary, edge policy boundaries, and failure modes.
Static Site Hardening
11 minProduction-grade static site hardening in NGINX, including directory listing control, hidden files, source leakage, symlink escape, security headers, upload boundaries, and static asset incident playbooks.
Multi-Tenant Static Hosting
11 minProduction-grade multi-tenant static hosting with NGINX, including host-based isolation, path-based risks, wildcard domains, per-tenant roots, cache/log separation, deployment models, and operational guardrails.
Static Assets Production Lab
11 minEnd-to-end production lab for serving static assets with NGINX, including immutable assets, SPA fallback, MIME safety, compression, browser caching, hardened locations, deployment layout, smoke tests, and rollback.
Reverse Proxy Mental Model
12 minReverse proxy mental model for production NGINX, covering edge contracts, upstream contracts, request/response transformation, buffering, trust boundaries, failure semantics, retries, timeouts, and ownership boundaries.
proxy_pass Semantics: Slash, URI Replacement, Variables, and Regex
12 minDeep practical guide to proxy_pass URI semantics, trailing slash behavior, URI replacement, regex and named location traps, variables, rewrite interactions, and production-safe reverse proxy routing.
Forwarded Headers, Real IP, and Trust Boundaries
14 minProduction-grade guide to forwarded headers, real client IP restoration, trust boundaries, Host and scheme propagation, PROXY protocol, spoofing risks, and safe reverse proxy identity design.
Proxy Buffering, Temp Files, and Streaming
11 minProduction-grade guide to NGINX proxy buffering, response buffers, request buffering, temporary files, streaming, slow clients, memory and disk pressure, and safe reverse proxy behavior.
Timeouts for Real Systems
12 minProduction-grade guide to NGINX reverse proxy timeout design, connect/send/read/client/keepalive timeouts, 502/504 behavior, retries, streaming exceptions, latency budgets, and failure propagation.
Request Body Size, Upload, and Backpressure
15 minProduction-grade guide to NGINX request body handling, upload size limits, buffering, temporary files, proxy_request_buffering, slow clients, streaming uploads, and backpressure design.
Response Header Control
13 minProduction-grade guide to NGINX response header control, proxy_set_header, proxy_hide_header, proxy_pass_header, proxy_ignore_headers, add_header, expires, cookie rewriting, inheritance traps, and edge contract design.
WebSocket and Server-Sent Events Proxying
11 minDeep practical guide to proxying WebSocket and Server-Sent Events through NGINX, including Upgrade semantics, long-lived connections, buffering, timeout design, load balancing, observability, and production failure modes.
gRPC Proxying
10 minProduction-oriented guide to gRPC proxying with NGINX, covering HTTP/2 requirements, grpc_pass semantics, TLS termination, deadlines, retries, status mapping, observability, health checks, and failure modelling.
FastCGI, uWSGI, SCGI, and PHP-FPM
13 minProduction-oriented guide to FastCGI, uWSGI, SCGI, and PHP-FPM behind NGINX, covering protocol boundaries, params safety, script path correctness, buffering, timeouts, pools, observability, and failure modelling.
Upstream Keepalive and Connection Reuse
10 minProduction-oriented guide to upstream keepalive and connection reuse in NGINX, covering worker-local pools, HTTP versioning, Connection header handling, backend saturation, port exhaustion, DNS/service discovery, TLS upstream, sizing, observability, and rollout strategy.
DNS Resolution and Dynamic Upstreams
13 minDNS resolution, service discovery, dynamic upstreams, resolver semantics, TTL behavior, Kubernetes and cloud DNS traps, and production patterns for safe dynamic backend discovery in NGINX.
Retry Semantics, Idempotency, and Duplicate Write Prevention
12 minRetry semantics in NGINX reverse proxy, proxy_next_upstream, idempotency, duplicate writes, retry budgets, upstream failure classification, and production-safe retry policy design.
Request Routing with map, split_clients, Header, Cookie, and Canary
13 minProduction-grade request routing with NGINX map, split_clients, header and cookie based routing, canary traffic, shadow-safe routing boundaries, and policy-table driven configuration.
API Gateway Patterns with NGINX: Routing, Shielding, and Policy Edge
13 minAPI Gateway patterns with NGINX Open Source and NGINX Plus boundaries, including routing, policy enforcement, authentication delegation, rate limiting, request shielding, observability, versioning, and failure modelling.
Reverse Proxy Production Lab
11 minProduction reverse proxy lab for Java, Node.js, and Go backends, covering topology, configuration layout, upstream contracts, headers, buffering, timeouts, health endpoints, smoke tests, reload, rollback, and failure drills.
HTTP Load Balancing Mental Model
13 minMental model for HTTP load balancing with NGINX, including scheduling domains, request distribution, capacity, fairness, passive health checks, failure semantics, upstream state, retries, keepalive interaction, and why load balancing is not the same as resilience.
Round Robin, Least Connections, IP Hash, and Generic Hash
12 minDeep dive into NGINX HTTP load balancing algorithms: round robin, least connections, IP hash, generic hash, and the operational consequences of choosing each method.
Weights, Capacity Modelling, and Hotspot Avoidance
8 minProduction-grade capacity modelling for NGINX upstreams: weights, backend capacity, max connections, hot spot avoidance, canary ramping, and overload-safe load balancing design.
Passive Health Checks in NGINX Open Source
9 minPassive health checks in NGINX Open Source: max_fails, fail_timeout, upstream failure inference, retry coupling, limitations, observability, and production-safe failure design.
Active Health Checks and NGINX Plus Boundary
10 minActive health checks and the NGINX Plus boundary: periodic probes, match blocks, mandatory checks, slow start, gRPC/TCP/UDP health checks, operational risks, and Open Source alternatives.
Session Affinity, Sticky Sessions, and Stateful Backend Risk
13 minSession affinity, sticky routing, and stateful backend risk in NGINX: ip_hash, hash, sticky cookie, sticky route, sticky learn, route-bound draining, and migration paths away from accidental statefulness.
Slow Start, Draining, and Upstream Recovery
11 minSlow start, draining, and upstream recovery in NGINX: recovering failed servers safely, reducing cold-start overload, draining sticky backends, and designing deployment playbooks with Open Source and NGINX Plus boundaries.
Canary, Blue-Green, Header-Based Routing, and Progressive Delivery
9 minProgressive delivery with NGINX: rate splitting, canary, blue-green, header and cookie override, route labels, rollback switches, observability, and production-safe rollout discipline.
Circuit-Breaker-Like Patterns in NGINX
7 minCircuit-breaker-like resilience patterns in NGINX: what NGINX can and cannot do, failure classification, passive health checks, retries, rate limits, load shedding, stale cache fallback, backup upstreams, kill switches, and external control-plane integration.
Queueing, Overload, and Load Shedding
12 minQueueing, overload, load shedding, and latency collapse patterns for NGINX as a production edge tier.
Load Balancing Observability
11 minObservability for NGINX upstream load balancing using logs, upstream variables, latency decomposition, retry inference, and failure diagnosis.
Load Balancing Production Lab
9 minProduction lab for NGINX HTTP load balancing with upstream groups, retries, health semantics, overload controls, observability, and failure injection.