Created
January 18, 2015 11:28
-
-
Save iqbalhasnan/4b4798d2cc929169ef9f to your computer and use it in GitHub Desktop.
NGINX HTTPS AND NON-WWW CLOUDFLARE
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
BEHAVIOUR: | |
http://reka.co -> https://reka.co | |
http://www.reka.co -> https://reka.co | |
https://www.reka.co -> https://reka.co | |
MAKE SURE YOU SET CLOUDFLARE SLL TO (FULL STRICT) | |
upstream unicorn { | |
server unix:/tmp/unicorn.appsname.sock fail_timeout=0; | |
} | |
server { | |
server_name reka.co www.reka.co; | |
return 301 https://$server_name$request_uri; | |
} | |
server { | |
listen 443 ssl spdy; | |
server_name reka.co www.reka.co; | |
ssl_certificate /home/deployer/apps/appsname/shared/ssl.crt; | |
ssl_certificate_key /home/deployer/apps/appsname/shared/appsname.key; | |
root /home/deployer/apps/reka/current/public; | |
access_log /var/log/nginx/reka_access.log; | |
rewrite_log on; | |
## redirect https://www to https://non-www | |
if ($host = 'www.reka.co' ) { | |
return 302 https://$server_name$request_uri; | |
} | |
location ~ ^/assets/robots.txt { | |
root /home/deployer/apps/appsname/current/public; | |
gzip_static on; | |
expires max; | |
add_header Cache-Control public; | |
add_header Access-Control-Allow-Origin *; | |
} | |
location / { | |
#all requests are sent to the UNIX socket | |
proxy_pass http://unicorn; | |
proxy_redirect off; | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto https; | |
client_max_body_size 10m; | |
client_body_buffer_size 128k; | |
proxy_connect_timeout 90; | |
proxy_send_timeout 90; | |
proxy_read_timeout 90; | |
proxy_buffer_size 4k; | |
proxy_buffers 4 32k; | |
proxy_busy_buffers_size 64k; | |
proxy_temp_file_write_size 64k; | |
} | |
error_page 500 502 503 504 /500.html; | |
client_max_body_size 4G; | |
keepalive_timeout 10; | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment