Created
July 25, 2017 18:56
-
-
Save kalepail/e360a2e67a4c207af551ded2e635947e to your computer and use it in GitHub Desktop.
My custom mechanic.conf template for rolling deployments on Meteor
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
{# Let folks know this wasn't a manual configuration #} | |
# This configuration file was generated with mechanic. | |
{% macro server(site, settings, options) %} | |
include "{{ settings.overrides }}/{{ site.shortname }}/top"; | |
server { | |
gzip on; | |
gzip_types text/css text/javascript image/svg+xml | |
application/vnd.ms-fontobject application/x-font-ttf | |
application/x-javascript application/javascript; | |
listen {{ settings.bind }}:{{ options.port }}{% if options.https %} ssl{% endif %}{% if site.default and not site.canonical %} default_server{% endif %}; | |
server_name {{ site.host }}{% if site.aliases and (not site.canonical) %} {{ site.aliases | join(" ") }}{% endif %}; | |
{% if options.https %} | |
ssl on; | |
ssl_session_cache builtin:1000 shared:SSL:10m; | |
ssl_ciphers HIGH:!aNULL:!eNULL:!EXPORT:!CAMELLIA:!DES:!MD5:!PSK:!RC4; | |
ssl_prefer_server_ciphers on; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
ssl_certificate {{ settings.conf }}/../certs/{{ site.shortname }}.cer; | |
ssl_certificate_key {{ settings.conf }}/../certs/{{ site.shortname }}.key; | |
{% endif %} | |
client_max_body_size 32M; | |
access_log {{ settings.logs }}/{{ site.shortname }}.access.log; | |
error_log {{ settings.logs }}/{{ site.shortname }}.error.log; | |
{% if site.https and site['redirect-to-https'] and not options.https %} | |
location / { | |
rewrite ^(.*)$ https://{{ site.host }}$1; | |
} | |
{% else %} | |
include "{{ settings.overrides }}/{{ site.shortname }}/server"; | |
{# We need a named location block in order to use try_files. #} | |
{% if site.backends.length %} | |
location @proxy-{{ site.shortname }}-{{ options.port }} { | |
proxy_pass http://upstream-{{ site.shortname }}; | |
proxy_next_upstream error timeout invalid_header http_500 http_502 | |
http_503 http_504; | |
proxy_redirect off; | |
proxy_buffering off; | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto $scheme; | |
include "{{ settings.overrides }}/{{ site.shortname }}/proxy"; | |
proxy_http_version 1.1; | |
proxy_set_header Upgrade $http_upgrade; | |
proxy_set_header Connection "upgrade"; | |
proxy_set_header X-NginX-Proxy true; | |
} | |
{% endif %} | |
location / { | |
{%- if site.static %}root {{ site.static }};{% endif %} | |
{% if site.autoindex %} | |
autoindex on; | |
{% if site.backends.length %} | |
try_files $uri $uri/ @proxy-{{ site.shortname }}-{{ options.port }}; | |
{% endif %} | |
{% else %} | |
{% if site.backends.length %} | |
try_files $uri @proxy-{{ site.shortname }}-{{ options.port }}; | |
{% endif %} | |
{% endif %} | |
expires 7d; | |
include "{{ settings.overrides }}/{{ site.shortname }}/location"; | |
} | |
{% endif %} | |
} | |
{% if not options.https %} | |
{% if site.default or (site.canonical and site.aliases) %} | |
server { | |
listen {{ settings.bind }}:{{ options.port }}{% if site.default and site.canonical %} default_server{% endif %}; | |
server_name _{{ site.shortname }}_{{ options.port }}{% if site.aliases %} {{ site.aliases | join(' ') }}{% endif %}; | |
# canonicalize | |
location / { | |
rewrite ^(.*)$ http://{{ site.host }}$1; | |
} | |
} | |
{% endif %} | |
{% endif %} | |
{% endmacro %} | |
{% macro renderSite(site, settings) %} | |
{% if site.backends.length %} | |
upstream upstream-{{ site.shortname }} { | |
{% for backend in site.backends -%} | |
server {{ backend }}; | |
{%- endfor %} | |
} | |
{% endif %} | |
{{ server(site, settings, { port: 80 }) }} | |
{% if (site.https) %} | |
{{ server(site, settings, { port: 443, https: true }) }} | |
{% endif %} | |
{% endmacro %} | |
{% for site in sites %} | |
{{ renderSite(site, settings) }} | |
{% endfor %} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment