Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Nginx http proxy cache to mirror of Rubygems.org
# 在本地服务器建立 rubygems.org 的镜像缓存,以提高 gem 的安装速度
# 此配置设置缓存过期为1天,也就是说,新上的 gem 无法马上安装
# 做这个起什么作用?
# rubygems 的很多资源文件是存放到 Amazon S3 上面的,由于 GFW 对某些 S3 服务器又连接重置或丢包,导致 gem 安装异常缓慢或有时候根本无法连接安装。
# 而通过这种跳板的方式可以很好的解决这个问题,当然前提是 Nginx反向代理 服务器需要在国外
proxy_cache_path /var/cache/rubygems levels=1:2 keys_zone=RUBYGEMS:10m
inactive=24h max_size=1g;
server {
listen 80;
server_name rubygems.org;
location / {
proxy_pass http://rubygems.org;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
server {
listen 80;
server_name production.cf.rubygems.org;
location / {
proxy_pass http://production.cf.rubygems.org;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_cache RUBYGEMS;
proxy_cache_valid 200 1d;
proxy_cache_use_stale error timeout invalid_header updating
http_500 http_502 http_503 http_504;
}
}
server {
listen 80;
server_name production.s3.rubygems.org;
location / {
proxy_pass http://production.s3.rubygems.org;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_cache RUBYGEMS;
proxy_cache_valid 200 1d;
proxy_cache_use_stale error timeout invalid_header updating
http_500 http_502 http_503 http_504;
}
}
server {
listen 443;
server_name rubygems.org;
location / {
proxy_pass https://rubygems.org;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
ssl on;
ssl_certificate /etc/nginx/conf/server.crt;
ssl_certificate_key /etc/nginx/conf/server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
}
$ vi /etc/hosts
your.ip.add.ress rubygems.org
your.ip.add.ress production.cf.rubygems.org
your.ip.add.ress production.s3.rubygems.org
@holin

This comment has been minimized.

Copy link

@holin holin commented Oct 26, 2011

去掉
server {
listen 443;
server_name rubygems.org;

location / {
proxy_pass https://rubygems.org;
proxy_redirect off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}

ssl on;
ssl_certificate /etc/nginx/conf/server.crt;
ssl_certificate_key /etc/nginx/conf/server.key;

ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
}
好像也可以。

不知道这个在什么情况下需要 用到?

@huacnlee

This comment has been minimized.

Copy link
Owner Author

@huacnlee huacnlee commented Oct 26, 2011

直接访问 rubygems.org 网页的时候,所以如果是在 ssh 环境的服务器下面就不需要这个了。但本地用的时候需要的,要不然 http://rubygems.org 就没法打开了。

@holin

This comment has been minimized.

Copy link

@holin holin commented Oct 26, 2011

明白。感谢提供这个。

增加证书生成说明可能会让更多的人少走弯路,比如我。

生成SSl证书, 这个是在centos下的情况

openssl genrsa -out server.key 2048

openssl req -new -x509 -key server.key -out server.crt -days 1095

@nateyu

This comment has been minimized.

Copy link

@nateyu nateyu commented Nov 15, 2011

哈哈,不错。最烦安装个gem要等很长时间又什么都做不了。

@twenty-zp

This comment has been minimized.

Copy link

@twenty-zp twenty-zp commented Jul 5, 2014

真心没懂啊,,,,具体步骤说下啊

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment