*AWESOME* nginx configuration for Ruby/Rack web applications
# | |
# mmm m m mmm mmm mmm mmmmm mmm | |
# " # "m m m" #" # # " #" "# # # # #" # | |
# m"""# #m#m# #"""" """m # # # # # #"""" | |
# "mm"# # # "#mm" "mmm" "#m#" # # # "#mm" | |
# | |
# nginx configuration For Ruby/Rack web applications | |
# | |
# Cooked up with style, care and a bit of *secret* | |
# nerdy spice. :-) | |
# | |
# - vjt@openssl.it Mon Jan 31 20:39:51 CET 2011 | |
# | |
user nginx; | |
worker_processes 1; | |
error_log /var/log/nginx/error.log; | |
pid /var/run/nginx.pid; | |
events { | |
# If you're on Linux, you'd better use epoll | |
use kqueue; | |
worker_connections 256; | |
} | |
http { | |
include /etc/nginx/mime.types; | |
default_type application/octet-stream; | |
log_format main '$remote_addr - $remote_user [$time_local] ' | |
'"$request" $status $body_bytes_sent "$http_referer" ' | |
'"$http_user_agent" "$http_x_forwarded_for"'; | |
access_log /var/log/nginx/access.log main; | |
sendfile on; | |
tcp_nopush on; | |
tcp_nodelay on; | |
# Where your Rails upstream is located. nginx works well | |
# with mongrel/thin, works *better* with unicorn, that | |
# can be configured to listen onto a UNIX socket as well, | |
# bypassing the TCP/IP stack for incoming requests. | |
# | |
upstream rails { | |
server 127.0.0.1:8080; # Unicorn default port is 8080 | |
#server unix:/var/run/nginx/rails.sock; | |
} | |
# HTTP server | |
# | |
server { | |
listen 80; | |
server_name example.com; | |
# Let's say that your Rails app is in /var/www/example... | |
set $app /var/www/example; | |
# ...thus nginx root is in /var/www/example/public. | |
root $app/public; | |
# Set a limit to POST data sent by clients. If you | |
# plan to receive large file uploads, you must raise | |
# up this value. | |
client_max_body_size 8M; | |
# Errors generated by Rails | |
error_page 400 /400.html; | |
error_page 422 /422.html; | |
error_page 500 504 /500.html; | |
# Errors generated *outside* Rails | |
error_page 502 @502; | |
error_page 503 @503; | |
# If the public/system/maintenance.html file exists, | |
# return a 503 error, that ... | |
if (-f $document_root/system/maintenance.html) { | |
return 503; | |
} | |
# ... will serve the very same file. This construct | |
# is needed in order to stop the request before | |
# handing it to Rails. | |
location @503 { | |
rewrite ^ /system/maintenance.html break; | |
} | |
# When a 502 error occurs - that is, Rails is not | |
# running, serve the 502.html file | |
location @502 { | |
rewrite ^ /502.html break; | |
} | |
# Add client-side caching headers to static files | |
# | |
location ~ ^/(stylesheets|javascripts|images|system/avatars) { | |
expires 720h; | |
} | |
# If you plan to serve files from your app, you'd | |
# better read the send_file documentation and set | |
# up the following X-Accel-Redirect block. This | |
# configures the $app/tmp directory contents to be | |
# served directly by nginx, without hogging up the | |
# Rails backend. | |
# | |
#location /tmp { | |
# internal; | |
# root $app; | |
#} | |
# Hand over the request to Rails, setting headers | |
# that will be interpreted by request.remote_ip, | |
# request.ssl? and request.host | |
# | |
location / { | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto http; | |
proxy_set_header Host $http_host; | |
proxy_redirect off; | |
# If the file exists as a static file serve it directly | |
# | |
if (-f $request_filename) { | |
break; | |
} | |
# If you use Rails file caching, you should enable | |
# the following block. But you'd better use memcached | |
# anyway :-) | |
# | |
#if (-f $request_filename.html) { | |
# rewrite ^ $1.html break; | |
#} | |
# Oh yeah, hand over the request to Rails! Yay! :-D | |
proxy_pass http://rails; | |
} | |
} | |
# HTTPS Server | |
# | |
server { | |
listen 443; | |
server_name example.com; | |
# These directives should point to your SSL certificate | |
# and corresponding private key | |
# | |
ssl on; | |
ssl_certificate /etc/nginx/server.crt; | |
ssl_certificate_key /etc/nginx/server.key; | |
# The rest of the configuration is the same as above, | |
# but without comments :-) | |
set $app /var/www/example; | |
root $app/public; | |
client_max_body_size 8M; | |
error_page 400 /400.html; | |
error_page 422 /422.html; | |
error_page 500 504 /500.html; | |
error_page 502 @502; | |
error_page 503 @503; | |
if (-f $document_root/system/maintenance.html) { | |
return 503; | |
} | |
location @503 { | |
rewrite ^ /system/maintenance.html break; | |
} | |
location @502 { | |
rewrite ^ /502.html break; | |
} | |
location ~ ^/(stylesheets|javascripts|images|system/avatars) { | |
expires 720h; | |
} | |
# For X-Accel-Redirect | |
# | |
#location /tmp { | |
# internal; | |
# root $app; | |
#} | |
location / { | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Forwarded-Proto https; | |
proxy_set_header Host $http_host; | |
proxy_redirect off; | |
if (-f $request_filename) { | |
break; | |
} | |
#if (-f $request_filename.html) { | |
# rewrite ^ $1.html break; | |
#} | |
proxy_pass http://rails; | |
} | |
} | |
} | |
# | |
# vim: ft=nginx |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
This comment has been minimized.
Very nice indeed!😄 Will try this out quite soon.