Last active
May 9, 2021 04:27
-
-
Save yuyasat/f081d89d7497f7e30544a7738c2c4fc7 to your computer and use it in GitHub Desktop.
ElasticBeanstalk(ALB, Rails)でのconf
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
files: | |
/etc/nginx/conf.d/redirect.conf: | |
mode: "000644" | |
owner: root | |
group: root | |
content: | | |
server { | |
listen 81; | |
rewrite ^ https://$host$request_uri permanent; | |
} | |
/opt/elasticbeanstalk/support/conf/webapp_healthd.conf: | |
mode: "0644" | |
owner: root | |
group: root | |
content: | | |
upstream my_app { | |
server unix:///var/run/puma/my_app.sock; | |
} | |
log_format healthd '$msec"$uri"' | |
'$status"$request_time"$upstream_response_time"' | |
'$http_x_forwarded_for'; | |
log_format ltsv 'time:$time_iso8601\t' | |
'remote_addr:$remote_addr\t' | |
'request_method:$request_method\t' | |
'request_length:$request_length\t' | |
'request_uri:$request_uri\t' | |
'https:$https\t' | |
'uri:$uri\t' | |
'query_string:$query_string\t' | |
'status:$status\t' | |
'bytes_sent:$bytes_sent\t' | |
'body_bytes_sent:$body_bytes_sent\t' | |
'referer:$http_referer\t' | |
'useragent:$http_user_agent\t' | |
'forwardedfor:$http_x_forwarded_for\t' | |
'request_time:$request_time\t' | |
'upstream_response_time:$upstream_response_time'; | |
server { | |
listen 80; | |
server_name _ localhost; # need to listen to localhost for worker tier | |
client_max_body_size 100m; | |
# force SSL | |
# redirect http to https | |
set $needRedir 0; | |
if ($http_user_agent ~ "ELB-HealthChecker") { | |
set $http_x_forwarded_proto "https"; | |
} | |
if ($http_user_agent ~ "aws-sqsd") { | |
set $http_x_forwarded_proto "https"; | |
} | |
if ($http_x_forwarded_proto != 'https') { | |
set $needRedir 1; | |
} | |
if ($needRedir = 1) { | |
rewrite ^(.*)$ https://$host$1 permanent; | |
} | |
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") { | |
set $year $1; | |
set $month $2; | |
set $day $3; | |
set $hour $4; | |
} | |
access_log /var/log/nginx/nginx_access.log ltsv; | |
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd; | |
error_log /var/log/nginx/nginx_error.log warn; | |
location / { | |
proxy_set_header Host $host; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_pass http://my_app; | |
} | |
location /assets { | |
alias /var/app/current/public/assets; | |
gzip_static on; | |
gzip on; | |
expires max; | |
add_header Cache-Control public; | |
} | |
location /public { | |
alias /var/app/current/public; | |
gzip_static on; | |
gzip on; | |
expires max; | |
add_header Cache-Control public; | |
} | |
} | |
commands: | |
nginx_reload: | |
command: "/sbin/service nginx reload" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
option_settings: | |
aws:elasticbeanstalk:environment: | |
LoadBalancerType: application | |
aws:elbv2:listener:443: | |
DefaultProcess: https | |
ListenerEnabled: true | |
SSLCertificateArns: arn:aws:acm:ap-northeast-1:766816810352:certificate/dc070015-0022-4e09-99ea-5808d026cbaa | |
Protocol: HTTPS | |
aws:elasticbeanstalk:environment:process:https: | |
Port: 80 | |
Protocol: HTTP | |
StickinessEnabled: true | |
HealthCheckPath: /sys/health_check | |
HealthCheckTimeout: 5 # 30 | |
HealthCheckInterval: 20 # 60 | |
MatcherHTTPCode: 200 | |
aws:elbv2:listener:80: | |
DefaultProcess: http | |
ListenerEnabled: true | |
Protocol: HTTP | |
aws:elasticbeanstalk:environment:process:http: | |
Port: 81 | |
Protocol: HTTP | |
HealthCheckPath: / | |
HealthCheckTimeout: 5 # 30 | |
HealthCheckInterval: 20 # 60 | |
HealthyThresholdCount: 2 | |
MatcherHTTPCode: 301 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment