Skip to content

Instantly share code, notes, and snippets.

Show Gist options
  • Save vrillusions/9863666 to your computer and use it in GitHub Desktop.
Save vrillusions/9863666 to your computer and use it in GitHub Desktop.
1. Open a command prompt and navigate to /etc/nginx/ssl
2. issue "openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr"
3. Get your certificate - Go to your certificate authority and give them the CSR
4. copy your new crt to the /etc/nginx/ssl and give it read priveledges
5. reconfigure your nginx.conf, here is mine. The first part redirects 80 to 443, the second part listens to 443 and is optimized to return Ruby on Rails application requests using gzip and unicorn.
upstream unicorn{
server unix:/tmp/unicorn.domain.sock fail_timeout=0;
}
server {
listen 80;
server_name domain.com;
return 301 https://www.domain.com;
}
server {
listen 443 default;
server_name domain.com;
root /your_root_path/public;
try_files $uri/index.html $uri @unicorn;
ssl on;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
location ^~ /assets/ {
gzip_static on;
expires max;
add_header Cache-Control public;
}
location @unicorn {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto https; # New header for SSL
proxy_redirect off;
proxy_pass http://unicorn;
}
error_page 500 502 503 504 /500.html;
client_max_body_size 4G;
keepalive_timeout 10;
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment