vjt/awesome-nginx.conf

## awesome-nginx.conf
#
#   mmm  m     m  mmm    mmm    mmm   mmmmm   mmm
#  "   # "m m m" #"  #  #   "  #" "#  # # #  #"  #
#  m"""#  #m#m#  #""""   """m  #   #  # # #  #""""
#  "mm"#   # #   "#mm"  "mmm"  "#m#"  # # #  "#mm"
#
# nginx configuration For Ruby/Rack web applications
#
# Cooked up with style, care and a bit of *secret*
# nerdy spice. :-)
#
#  - vjt@openssl.it  Mon Jan 31 20:39:51 CET 2011
#
user nginx;
worker_processes 1;

error_log /var/log/nginx/error.log;
pid       /var/run/nginx.pid;

events {
    # If you're on Linux, you'd better use epoll
    use kqueue;
    worker_connections 256;
}

http {
    include         /etc/nginx/mime.types;
    default_type    application/octet-stream;

    log_format main '$remote_addr - $remote_user [$time_local] '
                    '"$request" $status  $body_bytes_sent "$http_referer" '
                    '"$http_user_agent" "$http_x_forwarded_for"';

    access_log      /var/log/nginx/access.log main;

    sendfile        on;
    tcp_nopush      on;
    tcp_nodelay     on;

    # Where your Rails upstream is located. nginx works well
    # with mongrel/thin, works *better* with unicorn, that
    # can be configured to listen onto a UNIX socket as well,
    # bypassing the TCP/IP stack for incoming requests.
    #
    upstream rails {
      server 127.0.0.1:8080; # Unicorn default port is 8080
      #server unix:/var/run/nginx/rails.sock;
    }

    # HTTP server
    #
    server {
        listen      80;
        server_name example.com;

        # Let's say that your Rails app is in /var/www/example...
        set  $app /var/www/example;
        # ...thus nginx root is in /var/www/example/public.
        root $app/public;

        # Set a limit to POST data sent by clients. If you
        # plan to receive large file uploads, you must raise
        # up this value.
        client_max_body_size 8M;

        # Errors generated by Rails
        error_page 400     /400.html;
        error_page 422     /422.html;
        error_page 500 504 /500.html;

        # Errors generated *outside* Rails
        error_page 502     @502;
        error_page 503     @503;

        # If the public/system/maintenance.html file exists,
        # return a 503 error, that ...
        if (-f $document_root/system/maintenance.html) {
          return 503;
        }

        # ... will serve the very same file. This construct
        # is needed in order to stop the request before
        # handing it to Rails.
        location @503 {
          rewrite ^ /system/maintenance.html break;
        }

        # When a 502 error occurs - that is, Rails is not
        # running, serve the 502.html file
        location @502 {
          rewrite ^ /502.html break;
        }

        # Add client-side caching headers to static files
        #
        location ~ ^/(stylesheets|javascripts|images|system/avatars) {
            expires 720h;
        }

        # If you plan to serve files from your app, you'd
        # better read the send_file documentation and set
        # up the following X-Accel-Redirect block. This
        # configures the $app/tmp directory contents to be
        # served directly by nginx, without hogging up the
        # Rails backend.
        #
        #location /tmp {
        #  internal;
        #  root $app;
        #}

        # Hand over the request to Rails, setting headers
        # that will be interpreted by request.remote_ip,
        # request.ssl? and request.host
        #
        location / {
            proxy_set_header    X-Real-IP         $remote_addr;
            proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
            proxy_set_header    X-Forwarded-Proto http;
            proxy_set_header    Host              $http_host;
            proxy_redirect      off;

            # If the file exists as a static file serve it directly
            #
            if (-f $request_filename) {
                break;
            }

            # If you use Rails file caching, you should enable
            # the following block. But you'd better use memcached
            # anyway :-)
            #
            #if (-f $request_filename.html) {
            #    rewrite ^ $1.html break;
            #}

            # Oh yeah, hand over the request to Rails! Yay! :-D
            proxy_pass http://rails;
        }
    }

    # HTTPS Server
    #
    server {
        listen      443;
        server_name example.com;

        # These directives should point to your SSL certificate
        # and corresponding private key
        #
        ssl on;
        ssl_certificate     /etc/nginx/server.crt;
        ssl_certificate_key /etc/nginx/server.key;

        # The rest of the configuration is the same as above,
        # but without comments :-)
        set  $app /var/www/example;
        root $app/public;

        client_max_body_size 8M;

        error_page 400     /400.html;
        error_page 422     /422.html;
        error_page 500 504 /500.html;

        error_page 502     @502;
        error_page 503     @503;

        if (-f $document_root/system/maintenance.html) {
          return 503;
        }

        location @503 {
          rewrite ^ /system/maintenance.html break;
        }

        location @502 {
          rewrite ^ /502.html break;
        }

        location ~ ^/(stylesheets|javascripts|images|system/avatars) {
            expires 720h;
        }

        # For X-Accel-Redirect
        #
        #location /tmp {
        #  internal;
        #  root $app;
        #}

        location / {
            proxy_set_header    X-Real-IP         $remote_addr;
            proxy_set_header    X-Forwarded-For   $proxy_add_x_forwarded_for;
            proxy_set_header    X-Forwarded-Proto https;
            proxy_set_header    Host              $http_host;
            proxy_redirect      off;

            if (-f $request_filename) {
                break;
            }

            #if (-f $request_filename.html) {
            #    rewrite ^ $1.html break;
            #}

            proxy_pass http://rails;
        }
    }
}
#
# vim: ft=nginx
	#
	# mmm m m mmm mmm mmm mmmmm mmm
	# " # "m m m" #" # # " #" "# # # # #" #
	# m"""# #m#m# #"""" """m # # # # # #""""
	# "mm"# # # "#mm" "mmm" "#m#" # # # "#mm"
	#
	# nginx configuration For Ruby/Rack web applications
	#
	# Cooked up with style, care and a bit of secret
	# nerdy spice. :-)
	#
	# - vjt@openssl.it Mon Jan 31 20:39:51 CET 2011
	#
	user nginx;
	worker_processes 1;

	error_log /var/log/nginx/error.log;
	pid /var/run/nginx.pid;

	events {
	# If you're on Linux, you'd better use epoll
	use kqueue;
	worker_connections 256;
	}

	http {
	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	log_format main '$remote_addr - $remote_user [$time_local] '
	'"$request" $status $body_bytes_sent "$http_referer" '
	'"$http_user_agent" "$http_x_forwarded_for"';

	access_log /var/log/nginx/access.log main;

	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;

	# Where your Rails upstream is located. nginx works well
	# with mongrel/thin, works better with unicorn, that
	# can be configured to listen onto a UNIX socket as well,
	# bypassing the TCP/IP stack for incoming requests.
	#
	upstream rails {
	server 127.0.0.1:8080; # Unicorn default port is 8080
	#server unix:/var/run/nginx/rails.sock;
	}

	# HTTP server
	#
	server {
	listen 80;
	server_name example.com;

	# Let's say that your Rails app is in /var/www/example...
	set $app /var/www/example;
	# ...thus nginx root is in /var/www/example/public.
	root $app/public;

	# Set a limit to POST data sent by clients. If you
	# plan to receive large file uploads, you must raise
	# up this value.
	client_max_body_size 8M;

	# Errors generated by Rails
	error_page 400 /400.html;
	error_page 422 /422.html;
	error_page 500 504 /500.html;

	# Errors generated outside Rails
	error_page 502 @502;
	error_page 503 @503;

	# If the public/system/maintenance.html file exists,
	# return a 503 error, that ...
	if (-f $document_root/system/maintenance.html) {
	return 503;
	}

	# ... will serve the very same file. This construct
	# is needed in order to stop the request before
	# handing it to Rails.
	location @503 {
	rewrite ^ /system/maintenance.html break;
	}

	# When a 502 error occurs - that is, Rails is not
	# running, serve the 502.html file
	location @502 {
	rewrite ^ /502.html break;
	}

	# Add client-side caching headers to static files
	#
	location ~ ^/(stylesheets\|javascripts\|images\|system/avatars) {
	expires 720h;
	}

	# If you plan to serve files from your app, you'd
	# better read the send_file documentation and set
	# up the following X-Accel-Redirect block. This
	# configures the $app/tmp directory contents to be
	# served directly by nginx, without hogging up the
	# Rails backend.
	#
	#location /tmp {
	# internal;
	# root $app;
	#}

	# Hand over the request to Rails, setting headers
	# that will be interpreted by request.remote_ip,
	# request.ssl? and request.host
	#
	location / {
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto http;
	proxy_set_header Host $http_host;
	proxy_redirect off;

	# If the file exists as a static file serve it directly
	#
	if (-f $request_filename) {
	break;
	}

	# If you use Rails file caching, you should enable
	# the following block. But you'd better use memcached
	# anyway :-)
	#
	#if (-f $request_filename.html) {
	# rewrite ^ $1.html break;
	#}

	# Oh yeah, hand over the request to Rails! Yay! :-D
	proxy_pass http://rails;
	}
	}

	# HTTPS Server
	#
	server {
	listen 443;
	server_name example.com;

	# These directives should point to your SSL certificate
	# and corresponding private key
	#
	ssl on;
	ssl_certificate /etc/nginx/server.crt;
	ssl_certificate_key /etc/nginx/server.key;

	# The rest of the configuration is the same as above,
	# but without comments :-)
	set $app /var/www/example;
	root $app/public;

	client_max_body_size 8M;

	error_page 400 /400.html;
	error_page 422 /422.html;
	error_page 500 504 /500.html;

	error_page 502 @502;
	error_page 503 @503;

	if (-f $document_root/system/maintenance.html) {
	return 503;
	}

	location @503 {
	rewrite ^ /system/maintenance.html break;
	}

	location @502 {
	rewrite ^ /502.html break;
	}

	location ~ ^/(stylesheets\|javascripts\|images\|system/avatars) {
	expires 720h;
	}

	# For X-Accel-Redirect
	#
	#location /tmp {
	# internal;
	# root $app;
	#}

	location / {
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto https;
	proxy_set_header Host $http_host;
	proxy_redirect off;

	if (-f $request_filename) {
	break;
	}

	#if (-f $request_filename.html) {
	# rewrite ^ $1.html break;
	#}

	proxy_pass http://rails;
	}
	}
	}
	#
	# vim: ft=nginx