Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Nginx http proxy cache to mirror of Rubygems.org
# 在本地服务器建立 rubygems.org 的镜像缓存,以提高 gem 的安装速度
# 此配置设置缓存过期为1天,也就是说,新上的 gem 无法马上安装
# 做这个起什么作用?
# rubygems 的很多资源文件是存放到 Amazon S3 上面的,由于 GFW 对某些 S3 服务器又连接重置或丢包,导致 gem 安装异常缓慢或有时候根本无法连接安装。
# 而通过这种跳板的方式可以很好的解决这个问题,当然前提是 Nginx反向代理 服务器需要在国外
proxy_cache_path /var/cache/rubygems levels=1:2 keys_zone=RUBYGEMS:10m
inactive=24h max_size=1g;
server {
listen 80;
server_name rubygems.org;
location / {
proxy_pass http://rubygems.org;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name production.cf.rubygems.org;
location / {
proxy_pass http://production.cf.rubygems.org;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_cache RUBYGEMS;
proxy_cache_valid 200 1d;
proxy_cache_use_stale error timeout invalid_header updating
http_500 http_502 http_503 http_504;
}
}
server {
listen 80;
server_name production.s3.rubygems.org;
location / {
proxy_pass http://production.s3.rubygems.org;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_cache RUBYGEMS;
proxy_cache_valid 200 1d;
proxy_cache_use_stale error timeout invalid_header updating
http_500 http_502 http_503 http_504;
}
}
server {
listen 443;
server_name rubygems.org;
location / {
proxy_pass https://rubygems.org;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
ssl on;
ssl_certificate /etc/nginx/conf/server.crt;
ssl_certificate_key /etc/nginx/conf/server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
}
$ vi /etc/hosts
your.ip.add.ress rubygems.org
your.ip.add.ress production.cf.rubygems.org
your.ip.add.ress production.s3.rubygems.org
@holin

This comment has been minimized.

Copy link

commented Oct 26, 2011

去掉
server {
listen 443;
server_name rubygems.org;

location / {
proxy_pass https://rubygems.org;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

ssl on;
ssl_certificate /etc/nginx/conf/server.crt;
ssl_certificate_key /etc/nginx/conf/server.key;

ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
}
好像也可以。

不知道这个在什么情况下需要 用到?

@huacnlee

This comment has been minimized.

Copy link
Owner Author

commented Oct 26, 2011

直接访问 rubygems.org 网页的时候,所以如果是在 ssh 环境的服务器下面就不需要这个了。但本地用的时候需要的,要不然 http://rubygems.org 就没法打开了。

@holin

This comment has been minimized.

Copy link

commented Oct 26, 2011

明白。感谢提供这个。

增加证书生成说明可能会让更多的人少走弯路,比如我。

生成SSl证书, 这个是在centos下的情况

openssl genrsa -out server.key 2048

openssl req -new -x509 -key server.key -out server.crt -days 1095

@nateyu

This comment has been minimized.

Copy link

commented Nov 15, 2011

哈哈,不错。最烦安装个gem要等很长时间又什么都做不了。

@twenty-zp

This comment has been minimized.

Copy link

commented Jul 5, 2014

真心没懂啊,,,,具体步骤说下啊

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.