Skip to content

Instantly share code, notes, and snippets.

@rottmanj
Created August 22, 2012 18:17
Show Gist options
  • Save rottmanj/3428098 to your computer and use it in GitHub Desktop.
Save rottmanj/3428098 to your computer and use it in GitHub Desktop.
nginx + unicorn
upstream unicorn-staging {
server unix:/data/appname/staging/current/tmp/sockets/unicorn-staging.sock fail_timeout=0;
}
server {
listen 80 deferred;
listen 443;
ssl on;
root /data/appname/staging/current/public;
server_name foo;
access_log /data/appname/staging/current/log/unicorn-staging-access.log;
error_log /data/appname/staging/current/log/unicorn-staging-error.log;
client_max_body_size 4G;
ssl_certificate /data/appname/staging/shared/certs/appname.crt;
ssl_certificate_key /data/appname/staging/shared/certs/appname.key;
location / {
proxy_pass http://unicorn-staging;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto https; # for SSL, add this
client_max_body_size 10m;
client_body_buffer_size 128k;
proxy_connect_timeout 90;
proxy_send_timeout 90;
proxy_read_timeout 90;
proxy_buffer_size 4k;
proxy_buffers 4 32k;
proxy_busy_buffers_size 64k;
proxy_temp_file_write_size 64k;
index index.html index.htm;
}
location ~ \.(jpg|png|mp3|ogg)$ {
valid_referers server_names;
if ($invalid_referer) {
return 403;
}
}
location ~ \.(jpg|png|mp3|ogg|js|css|html|gif)$ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
location ~ ^/(images|javascripts|stylesheets|assets)/ {
root /data/appname/staging/current/public; # for asset pipeline and other static files
expires max;
break;
}
# redirect server error pages to the stat
error_page 500 502 503 504 /50x.html;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment