Skip to content

Instantly share code, notes, and snippets.

/nginx.conf Secret

Created January 1, 2012 18:50
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save anonymous/2eab42666c609b015bff to your computer and use it in GitHub Desktop.
Save anonymous/2eab42666c609b015bff to your computer and use it in GitHub Desktop.
Download ZIP
nginx.conf
Raw
nginx.conf
worker_processes 4;
events {
worker_connections 1024;
}
http {
passenger_root /usr/local/rvm/gems/ruby-1.9.2-p290@app/gems/passenger-3.0.11;
passenger_ruby /usr/local/rvm/wrappers/ruby-1.9.2-p290@app/ruby;
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# main access log
access_log logs/access.log main;
# main error log
error_log logs/error.log debug;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
# output compression saves bandwidth
gzip on;
gzip_http_version 1.1;
gzip_comp_level 2;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;
gzip_vary on;
# HTTPS Server(s)
server
{
listen 443 ssl;
server_name *.domain.com;
root /home/deploy/domain.com/current/public/;
passenger_enabled on;
charset utf-8;
rack_env production;
passenger_set_cgi_param HTTP_X_FORWARDED_PROTO https;
passenger_set_cgi_param HTTPS on;
keepalive_timeout 70;
rewrite root http://$host$request_uri? permanent;
ssl on;
ssl_certificate /srv/ssl/domain.com.combined.crt;
ssl_certificate_key /srv/ssl/domain.com.key;
ssl_protocols SSLv3 TLSv1;
ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!MEDIUM:!EXP:RC4+RSA:+HIGH;
ssl_prefer_server_ciphers on;
# If the file exists as a static file serve it directly without
# running all the other rewite tests on it
if (-f $request_filename) {
break;
}
# Rails isn't interested by default in any other type of request
# so deal with them here
if ($request_method !~ ^(GET|HEAD|PUT|POST|DELETE|OPTIONS)$ ){
return 405;
}
location ~ ^/(assets|images|javascripts|stylesheets|swfs|system)/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
location = /favicon.ico {
expires max;
add_header Cache-Control public;
}
access_log logs/host-https.access.log main;
error_log logs/host-https.error.log debug;
# this rewrites all the requests to the maintenance.html page if it exists in the doc root. This is for capistrano's disable web task
if (-f $document_root/system/maintenance.html)
{
rewrite ^(.*)$ /system/maintenance.html last;
break;
}
}
# HTTP Server
server
{
listen 80 default;
server_name www.domain.com domain.com;
root /home/deploy/domain.com/current/public/;
passenger_enabled on;
charset utf-8;
rack_env production;
passenger_set_cgi_param HTTP_X_FORWARDED_PROTO http;
passenger_set_cgi_param HTTPS off;
keepalive_timeout 70;
access_log logs/host.access.log main;
error_log logs/host.error.log debug;
# If the file exists as a static file serve it directly without
# running all the other rewite tests on it
if (-f $request_filename) {
break;
}
# Rails isn't interested by default in any other type of request
# so deal with them here
if ($request_method !~ ^(GET|HEAD|PUT|POST|DELETE|OPTIONS)$ ){
return 405;
}
# this rewrites all the requests to the maintenance.html page if it exists in the doc root. This is for capistrano's disable web task
if (-f $document_root/system/maintenance.html)
{
rewrite ^(.*)$ /system/maintenance.html last;
break;
}
location ~ ^/(assets|images|javascripts|stylesheets|swfs|system)/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
# expires headers
location ~* \.(ico|css|js|gif|jp?g|png)(\?[0-9]+)?$ {
gzip_static on;
expires max;
break;
}
location = /favicon.ico {
expires max;
add_header Cache-Control public;
}
include /opt/nginx/conf/ssl-redirect.include;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment