Created
August 16, 2016 22:04
-
-
Save cryptoquick/4b59e81bef5a30655a6d333efcee9706 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| server { | |
| listen 80 default_server; # if this is not a default server, remove \"default_server\" | |
| listen [::]:80 default_server ipv6only=on; | |
| root /usr/share/nginx/html; # root is irrelevant | |
| index index.html index.htm; # this is also irrelevant | |
| server_name your.app.url; # the domain on which we want to host the application. | |
| # redirect non-SSL to SSL | |
| location / { | |
| rewrite ^ https://$server_name$request_uri? permanent; | |
| } | |
| } | |
| server { | |
| listen 443 ssl; | |
| server_name your.app.url; # this domain must match Common Name (CN) in the SSL certificate | |
| root html; # irrelevant | |
| index index.html; # irrelevant | |
| ssl_certificate /etc/nginx/ssl/app.pem; # full path to SSL certificate and CA certificate concatenated together | |
| ssl_certificate_key /etc/nginx/ssl/app.key; # full path to SSL key | |
| # pass all requests to Meteor | |
| location / { | |
| proxy_pass http://127.0.0.1:3000; | |
| proxy_http_version 1.1; | |
| proxy_set_header Upgrade $http_upgrade; # allow websockets | |
| proxy_set_header Connection "upgrade"; | |
| proxy_set_header X-Forwarded-For $remote_addr; # preserve client IP | |
| # this setting allows the browser to cache the application in a way compatible with Meteor | |
| # on every applicaiton update the name of CSS and JS file is different, so they can be cache infinitely (here: 30 days) | |
| # the root path (/) MUST NOT be cached | |
| if ($uri != '/') { | |
| expires 30d; | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment