Forked from Austio/NGINX on Ruby on Rails with Unicorn and GZIP assets
Created
March 29, 2014 21:56
-
-
Save vrillusions/9863666 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 1. Open a command prompt and navigate to /etc/nginx/ssl | |
| 2. issue "openssl req -new -newkey rsa:2048 -nodes -keyout server.key -out server.csr" | |
| 3. Get your certificate - Go to your certificate authority and give them the CSR | |
| 4. copy your new crt to the /etc/nginx/ssl and give it read priveledges | |
| 5. reconfigure your nginx.conf, here is mine. The first part redirects 80 to 443, the second part listens to 443 and is optimized to return Ruby on Rails application requests using gzip and unicorn. | |
| upstream unicorn{ | |
| server unix:/tmp/unicorn.domain.sock fail_timeout=0; | |
| } | |
| server { | |
| listen 80; | |
| server_name domain.com; | |
| return 301 https://www.domain.com; | |
| } | |
| server { | |
| listen 443 default; | |
| server_name domain.com; | |
| root /your_root_path/public; | |
| try_files $uri/index.html $uri @unicorn; | |
| ssl on; | |
| ssl_certificate /etc/nginx/ssl/server.crt; | |
| ssl_certificate_key /etc/nginx/ssl/server.key; | |
| location ^~ /assets/ { | |
| gzip_static on; | |
| expires max; | |
| add_header Cache-Control public; | |
| } | |
| location @unicorn { | |
| proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
| proxy_set_header Host $http_host; | |
| proxy_set_header X-Forwarded-Proto https; # New header for SSL | |
| proxy_redirect off; | |
| proxy_pass http://unicorn; | |
| } | |
| error_page 500 502 503 504 /500.html; | |
| client_max_body_size 4G; | |
| keepalive_timeout 10; | |
| } | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment