Skip to content

Instantly share code, notes, and snippets.

@mrrooijen
Forked from mikhailov/installation.sh
Created November 25, 2010 14:10
Show Gist options
  • Save mrrooijen/715438 to your computer and use it in GitHub Desktop.
Save mrrooijen/715438 to your computer and use it in GitHub Desktop.
user app;
worker_processes 2;
error_log /home/app/logs/nginx.error.log info;
events {
worker_connections 1024;
}
http {
passenger_root /usr/local/lib/ruby/gems/1.8/gems/passenger-3.0.0;
passenger_ruby /usr/local/bin/ruby;
# Passenger never sleeps!
passenger_pool_idle_time 0;
# Use more instances, because memory is enough
passenger_max_pool_size 15;
include mime.types;
default_type application/octet-stream;
client_max_body_size 25m;
gzip on;
gzip_disable "msie6";
gzip_vary on;
gzip_min_length 512;
gzip_buffers 256 8k;
gzip_comp_level 3;
gzip_proxied any;
gzip_types text/plain text/css application/x-javascript text/xml application/xml;
server_tokens off;
sendfile on;
keepalive_timeout 65;
include /opt/nginx/conf/nginx_host.conf;
# Start application instantly
passenger_pre_start https://127.0.0.1/;
}
server {
listen 80;
server_name *.server.com
# There is ssl-only content, so redirection is permanent
# No need to use ssl_requirement plugin here
rewrite ^(.*) https://$host$1 permanent;
# Block bots who like track urls (php usually)
location ~ \.php$ {
deny all;
}
}
# HTTPS server
server {
listen 443;
server_name *.server.com
ssl on;
ssl_certificate /etc/ssl/selfsigned/cert.pem;
ssl_certificate_key /etc/ssl/selfsigned/cert.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
ssl_prefer_server_ciphers on;
root /home/app/public_html/your_project/current/public;
index index.html;
passenger_enabled on;
# Spawn 10 instances, because memory is enough
passenger_min_instances 10;
error_page 500 502 504 /500.html;
location = /50x.html {
root html;
}
# 503 -> static for POSTs could cause 405
recursive_error_pages on;
# Maintenance page handle
if (-f $document_root/system/maintenance.html) {
return 503;
}
error_page 503 @503;
location @503 {
error_page 405 = /system/maintenance.html;
# Serve static assets if found.
if (-f $request_filename) {
break;
}
if (-f $document_root/system/maintenance.html) {
rewrite ^(.*)$ /system/maintenance.html break;
}
rewrite ^(.*)$ /503.html break;
}
# Block bots who like track urls (php usually)
location ~ \.php$ {
deny all;
}
# Set max-age headers to assets
location ~* \.(png|gif|jpg|jpeg|css|js|swf|ico)(\?[0-9]+)?$ {
access_log off;
expires max;
break;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment