Skip to content

Instantly share code, notes, and snippets.

@rpanachi
Forked from rogerleite/nginx.conf
Created August 7, 2012 00:00
Show Gist options
  • Save rpanachi/3279751 to your computer and use it in GitHub Desktop.
Save rpanachi/3279751 to your computer and use it in GitHub Desktop.
Configuração Nginx
user www-data;
worker_processes 4;
error_log logs/error.log;
#error_log logs/error.log notice;
#error_log logs/error.log info;
pid logs/nginx.pid;
events {
worker_connections 1024;
accept_mutex off; # "on" if nginx worker_processes > 1
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
#access_log logs/access.log main;
sendfile on;
tcp_nopush off;
keepalive_timeout 10;
gzip on;
gzip_proxied any;
gzip_min_length 1400;
gzip_vary on;
gzip_http_version 1.1;
gzip_disable "MSIE [1-6]\.";
gzip_types text/plain text/css image/png image/gif image/jpeg application/x-javascript text/xml application/xml application/xml+rss text/javascript;
# Unicorn
upstream domain_server {
# This is the socket we configured in unicorn.rb
server unix:/var/local/apps/domain/tmp/sockets/unicorn.sock
fail_timeout=0;
}
# Redirect
server {
listen 80;
server_name www.domain.com.br;
rewrite ^(.*) http://domain.com.br$1 permanent;
}
# Application
server {
listen 80;
server_name domain.com.br;
client_max_body_size 4G;
keepalive_timeout 5;
root /var/local/apps/domain/public;
location / {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
if (!-f $request_filename) {
proxy_pass http://domain_server;
break;
}
#auth_basic "Acesso restrito";
#auth_basic_user_file htpasswd;
}
error_page 500 502 503 504 /500.html;
location = /500.html {
root /var/local/apps/domain/public;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 30d;
log_not_found off;
}
}
# Assets
server {
listen 80 default;
#server_name domain.com.br;
server_name ~^assets%d.domain.com.br;
root /var/local/apps/domain/public;
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
expires 30d;
log_not_found off;
}
}
}

Basico

$ adduser deploy
$ usermod -s /bin/bash deploy
$ mkdir /home/deploy
$ mkdir /var/local/apps
$ chown deploy /var/local/apps
$ apt-get update
$ apt-get install build-essential libssl-dev zlib1g-dev libreadline5-dev git-core libxml2-dev libxslt-dev libcurl4-openssl-dev -y
$ apt-get install htop zip curl duplicity imagemagick ufw -y
$ ssh-keygen

SSH configs

Editar o arquivo /etc/ssh/sshd_config, mudar o "Port", "PermitRootLogin" e "Banner". Restart SSH

$ /etc/init.d/ssh restart

Firewall

ufw default deny
ufw allow 80
ufw allow 443
ufw allow 5022
ufw logging on
ufw enable

Install Ruby

$ cd /tmp && wget http://pyyaml.org/download/libyaml/yaml-0.1.4.tar.gz
$ tar xzvf yaml-0.1.4.tar.gz
$ cd yaml-0.1.4
$ ./configure --prefix=/usr/local
$ make && make install

$ cd /tmp && wget http://ftp.ruby-lang.org/pub/ruby/1.9/ruby-1.9.3-p194.tar.gz
$ tar -xvzf ruby-1.9.3-p194.tar.gz
$ cd ruby-1.9.3-p194/
$ ./configure --prefix=/usr/local
$ make && make install

Atualiza rubygems e instala o bundler

$ gem update --system
$ gem install bundler --no-ri --no-rdoc

Install Nginx

$ cd /tmp && wget http://nginx.org/download/nginx-1.2.2.tar.gz
$ tar xvzf nginx-1.2.2.tar.gz
$ cd nginx-1.2.2
$ apt-get install libpcre3-dev
$ ./configure --prefix='/opt/nginx' --with-http_ssl_module --with-cc-opt='-Wno-error' --with-http_stub_status_module
$ make && make install

Copiar o nginx.conf para a pasta /opt/nginx/conf/ e alterar o domain para o nome do app.

Install Redis

Adicionar no /etc/apt/sources.list

# redis https://launchpad.net/~rwky/+archive/redis
deb http://ppa.launchpad.net/rwky/redis/ubuntu lucid main
deb-src http://ppa.launchpad.net/rwky/redis/ubuntu lucid main

$ apt-key adv --keyserver keyserver.ubuntu.com --recv-keys 5862E31D
$ apt-get update
$ apt-get install redis-server

Install Mysql

$ apt-get install mysql-server libmysqlclient16 libmysqlclient16-dev

Cria o usuário do projeto.

$ mysql -uroot -p
mysql> CREATE USER 'rails'@'localhost' IDENTIFIED BY 'senha';
mysql> GRANT ALTER,DELETE,INSERT,SELECT,UPDATE,DROP,INDEX,CREATE ON xxx_production.* TO 'rails'@'localhost';
mysql> FLUSH PRIVILEGES;
mysql> exit
$ cat /dev/null > ~/.mysql_history
$ chmod 600 ~/.mysql_history

O projeto

Subir a chave cat ~/.ssh/id_rsa.pub para o account do BitBuckut. Entrar em /var/local/apps e executar o git clone. No projeto executar:

$ bundle install --deployment --without development test

Configurar o config/database.yml

Logrotate

Criar o arquivo myapp dentro do diretório "/etc/logrotate.d/". Exemplo do arquivo myapp:

# Rotate Rails application logs weekly
/var/local/apps/myapp/log/*.log {
  weekly
  missingok
  rotate 52
  compress
  delaycompress
  notifempty
  copytruncate
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment