Created
October 12, 2015 13:29
-
-
Save seanhandley/a39d3b82ed04511b9d20 to your computer and use it in GitHub Desktop.
NginX with Unicorn
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
server { | |
listen 80; | |
server_name www.example.com; | |
return 301 https://example.com$request_uri; | |
} | |
upstream rails_app { | |
server unix:/var/run/rails/my_app/unicorn.sock fail_timeout=0; | |
} | |
server { | |
listen *:443; | |
server_name www.example.com | |
index index.html index.htm; | |
access_log /var/log/nginx/my_ap.access.log; | |
error_log /var/log/nginx/my_app.error.log; | |
ssl on; | |
ssl_certificate /etc/ssl/certs/cert.pem; | |
ssl_certificate_key /etc/ssl/certs/cert.pem; | |
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; | |
ssl_ciphers EECDH+CHACHA20:EECDH+AES128:RSA+AES128:EECDH+AES256:RSA+AES256:EECDH+3DES:RSA+3DES:!MD5; | |
ssl_prefer_server_ciphers on; | |
add_header Strict-Transport-Security "max-age=31536000"; | |
location / { | |
proxy_pass http://rails_app; | |
proxy_read_timeout 90; | |
proxy_connect_timeout 90; | |
proxy_redirect off; | |
proxy_set_header X-Forwarded-Proto https; | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment