Skip to content

Instantly share code, notes, and snippets.

@chuyeow
Last active December 24, 2015 10:59
Show Gist options
  • Save chuyeow/6788261 to your computer and use it in GitHub Desktop.
Save chuyeow/6788261 to your computer and use it in GitHub Desktop.
Nginx configs for Unicorn and Passenger Enterprise
user www-data www-data;
worker_processes 4; # Rule of thumb is 1 process per core.
error_log logs/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
}
http {
passenger_root /path/to/passenger-enterprise-server-version;
passenger_ruby /path/to/ruby;
passenger_user_switching on;
passenger_default_user www-data;
passenger_spawn_method smart;
passenger_min_instances 12;
passenger_max_pool_size 24;
passenger_pool_idle_time 20;
passenger_max_requests 2000; # If your Passenger processes use more memory over time.
passenger_max_preloader_idle_time 0;
# Passenger Enterprise only configs.
passenger_concurrency_model process;
passenger_rolling_restarts on;
passenger_resist_deployment_errors on;
passenger_max_request_time 0;
passenger_memory_limit 400; # Tweak this according to instance memory / no. of instances
# Turn on cache for file descriptors.
open_file_cache max=1000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
include mime.types;
default_type application/octet-stream;
access_log off;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# Apache 'combined' log format, but logging X-REAL-IP header for reverse proxied servers.
log_format reverse_proxied '$http_x_real_ip - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
sendfile on;
tcp_nodelay on;
tcp_nopush on;
keepalive_timeout 32;
server_names_hash_bucket_size 128;
server_tokens off;
gzip on;
gzip_min_length 512;
gzip_proxied any;
gzip_types text/plain text/xhtml text/xml text/css text/javascript application/json application/x-javascript application/javascript application/xml;
server {
listen 80 default;
server_name _;
access_log /usr/local/nginx/logs/appname.access.log reverse_proxied;
error_log /usr/local/nginx/logs/appname.error.log;
rack_env production;
root /var/apps/appname/current/public;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# Rewrite all the requests to the maintenance.html page if it exists in the doc root.
if (-f $document_root/system/maintenance.html) {
rewrite ^(.*)$ /system/maintenance.html last;
break;
}
# Serve files (CSS, JS, images) in assets/ directory directly,
# with Expires header in the far future.
location /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
break;
}
location / {
passenger_enabled on;
if (-f $request_filename/index.html) {
rewrite (.*) $1/index.html break;
}
}
error_page 500 502 503 504 /500.html;
location = /500.html {
root /var/railsapps/appname/current/public;
}
}
}
user www-data www-data;
worker_processes 4; # Rule of thumb is 1 process per core.
error_log logs/error.log;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
use epoll;
}
http {
# Turn on cache for file descriptors.
open_file_cache max=1000 inactive=20s;
open_file_cache_valid 30s;
open_file_cache_min_uses 2;
open_file_cache_errors on;
include mime.types;
default_type application/octet-stream;
access_log off;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# Apache 'combined' log format, but logging X-REAL-IP header for reverse proxied servers.
log_format reverse_proxied '$http_x_real_ip - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
sendfile on;
tcp_nodelay on;
tcp_nopush on;
keepalive_timeout 32;
server_names_hash_bucket_size 64;
server_tokens off;
gzip on;
gzip_vary on;
gzip_min_length 512;
gzip_proxied any;
gzip_types text/plain text/xhtml text/xml text/css text/javascript application/json application/x-javascript application/javascript application/xml;
upstream unicorn {
server unix:/tmp/unicorn.appname.sock fail_timeout=0;
}
server {
listen 80 default;
server_name _;
access_log /usr/local/nginx/logs/appname.access.log reverse_proxied;
error_log /usr/local/nginx/logs/appname.error.log;
root /var/apps/appname/current/public;
# Rewrite all the requests to the maintenance.html page if it exists in the doc root.
if (-f $document_root/system/maintenance.html) {
rewrite ^(.*)$ /system/maintenance.html last;
break;
}
# Serve files (CSS, JS, images) in assets/ directory directly,
# with Expires header in the far future.
location /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
break;
}
location / {
try_files $uri/index.html $uri @unicorn;
}
location @unicorn {
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
proxy_pass http://unicorn;
}
error_page 500 502 503 504 /500.html;
location = /500.html {
root /var/apps/appname/current/public;
}
keepalive_timeout 5;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment