Claude Code Plugins

Community-maintained marketplace

Feedback

nginx

@muzhicaomingwang/ai-ideas
1
0

Nginx ops skill for configuring and operating Nginx as reverse proxy, web server, and ingress layer. Use for tasks like writing safe nginx.conf/server blocks, TLS, HTTP/2, caching, rate limiting, load balancing, observability, and troubleshooting 4xx/5xx, timeouts, and performance issues.

Install Skill

1Download skill
2Enable skills in Claude

Open claude.ai/settings/capabilities and find the "Skills" section

3Upload to Claude

Click "Upload skill" and select the downloaded ZIP file

Note: Please verify skill by going through its instructions before using it.

SKILL.md

name nginx
description Nginx ops skill for configuring and operating Nginx as reverse proxy, web server, and ingress layer. Use for tasks like writing safe nginx.conf/server blocks, TLS, HTTP/2, caching, rate limiting, load balancing, observability, and troubleshooting 4xx/5xx, timeouts, and performance issues.

nginx

Use this skill for Nginx 配置、发布与故障排查(ops)。

Defaults / assumptions to confirm

  • Nginx distribution and version (open source vs Plus)
  • Deployment: bare metal/VM, Docker, or Kubernetes ingress-controller
  • TLS termination location and certificate management
  • Upstream architecture (services, ports, health endpoints)

Workflow

  1. Understand traffic and requirements
  • Domains, paths, upstream services, expected QPS.
  • Timeouts, max upload size, websocket needs.
  • Caching requirements and security constraints.
  1. Safe baseline config
  • Use explicit server_name, listen, and default_server strategy.
  • Set client_max_body_size intentionally.
  • Configure proxy_* headers correctly (Host, X-Forwarded-For, X-Request-Id).
  • Define error_page handling and static error responses if needed.
  1. TLS / security
  • Use modern TLS settings; disable legacy protocols/ciphers.
  • Enable HSTS where appropriate.
  • Add basic security headers if not handled elsewhere.
  • Rate limit sensitive endpoints (login, OTP) with limit_req.
  1. Performance
  • Enable gzip/brotli if appropriate.
  • Tune keepalive, buffers, and timeouts.
  • Use upstream keepalive and connection reuse.
  • Avoid expensive regex locations on hot paths.
  1. Load balancing & resilience
  • Use upstreams with health checks (where available) and failover settings.
  • Configure retries carefully to avoid retry storms.
  • Support websocket upgrade when needed.
  1. Observability
  • Access log format with request_id, upstream_time, status, bytes, user agent.
  • Error log level appropriate for production.
  • Export metrics if using nginx-prometheus-exporter or ingress metrics.
  1. Troubleshooting checklist
  • 4xx: routing, auth, body size, CORS, client IP headers.
  • 5xx: upstream failures, timeouts, DNS issues, connection limits.
  • Timeouts: proxy_read_timeout, upstream latency, buffer/backpressure.
  • Performance: worker processes, file descriptors, CPU, TLS overhead.

Outputs

  • Proposed config snippets with rationale.
  • Rollout plan (test config, reload vs restart, rollback steps).
  • Debug report (symptom → evidence → root cause → fix).