Skip to content

Instantly share code, notes, and snippets.

@ssoroka

ssoroka/nginx.site.conf

Last active August 29, 2015 13:58
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save ssoroka/9948403 to your computer and use it in GitHub Desktop.
Save ssoroka/9948403 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
nginx.site.conf
upstream unicorn {
server unix:/var/run/.unicorn.sock fail_timeout=0;
}
server {
listen 80 default_server deferred;
server_name example.com;
root /home/username/apps/projectname/current/public;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri @unicorn;
location @unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 20M;
keepalive_timeout 10;
}
server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/certs/example.com-bundle.crt;
ssl_certificate_key /etc/ssl/private/example.com.key;
#enables SSLv3/TLSv1, but not SSLv2 which is weak and should no longer be used.
ssl_protocols SSLv3 TLSv1;
#Disables all weak ciphers
ssl_ciphers ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM;
server_name example.com;
root /home/username/apps/projectname/current/public;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
try_files $uri/index.html $uri @unicorn;
location @unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
proxy_pass http://unicorn;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 20M;
keepalive_timeout 10;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment