Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Nginx conf rails app (for SSL LetsEncrypt)
# Example My App
# Deploy on: /home/deploy/apps/myapp (user 'deploy' with root privilegies)
#
# 1) Setup NGINX config below and...
# 2) Install and setup LetsEncrypt:
# 2.1) $ sudo add-apt-repository ppa:certbot/certbot
# 2.2) $ sudo apt-get update
# 2.3) $ sudo apt-get install python-certbot-nginx
# 2.4) $ sudo certbot --nginx -d mysiteapp.com -d www.mysiteapp.com
# 2.5) Choose 2 and ENTER
# 2.6) Done.
#
upstream myapp_puma {
# shared/sockets path
server unix:///home/deploy/apps/myapp/shared/tmp/sockets/puma.sock fail_timeout=0;
}
server {
listen 80;
server_name myapp.com.br www.myapp.com.br;
root /home/deploy/apps/myapp/current/public/;
location / {
# if file does not exist, use the last, in this case, @app
try_files $uri $uri/index.html $uri.html @app;
}
# Cache
location ~* \.(?:jpg|jpeg|gif|png|ico|xml)$ {
access_log off;
log_not_found off;
expires 5m;
add_header Cache-Control "public";
}
location ~* \.(?:css|js)$ {
access_log off;
log_not_found off;
add_header Cache-Control "no-cache, public, must-revalidate, proxy-revalidate";
}
location ~* \.(eot|otf|ttf|woff|woff2|svg|oft)$ {
access_log off;
log_not_found off;
add_header Access-Control-Allow-Origin *;
add_header Cache-Control "public";
expires 5m;
}
location @app {
proxy_buffers 8 24k;
proxy_buffer_size 2k;
proxy_pass http://myapp_puma;
proxy_redirect off;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Host $host;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
location ~ /\.ht {
deny all;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment