johnnncodes · September 20, 2019 17:43
diff --git a/nginx.conf b/nginx.conf
 # A commented nginx configuration file for Ruby on Rails
 #
 # Author: Tommaso Pavese
 #         [email protected]
 #         www.wonderingmachine.com
 #
 # Tested with:
 #   nginx v 1.4.1 - 1.4.4
 #   Rails 3.2 - 4.0
 #
 # Tested in production with Unicorn and Thin.
 # Also works with Puma (tested in dev).
 #
 # 
 #
 # Docs:
 # http://nginx.org/en/docs/
 #
 # Configuration measurement units:
 # http://nginx.org/en/docs/syntax.html
 #
 # Each module can define its variables, the core ones:
 # http://nginx.org/en/docs/http/ngx_http_core_module.html#variables
 #    
 # 
 # As reference, the official example for nginx + unicorn:
 # https://github.com/defunkt/unicorn/blob/master/examples/nginx.conf
 #
 #
 # In order to bind to port 80, the master process must be executed as root:
 # sudo /usr/sbin/nginx -c /etc/nginx/nginx.conf
 #

 # How to execute the worker processes
 user user_name group_name;

 # A single worker is enough for load balancing and reverse proxing.
 # However:
 #  Disk I/O can block an nginx worker (depends on disk read performance).
 #  If the server is serving a lot of static files (e.g. assets) it is
 #  a good idea to increase the number of worker processes.
 worker_processes 1;


 # The limit on the maximum number of open files for worker processes.
 # "open files" is intended as UNIX open file descriptors.
 # This overrides the limit set by the OS for the user the workers run as.
 # Run `ulimit -a` in a shell to see the current limit.
 worker_rlimit_nofile 2048;


 error_log  /var/log/nginx/error.log warn;
 pid        /var/run/nginx.pid;



 # --------------------------------------------------------

 events {
  worker_connections 1024; # increase if you have lots of clients
  accept_mutex off;        # "on" if nginx worker_processes > 1
  use epoll;               # best for Linux 2.6+ ("kqueue" for FreeBSD, OSX)
 }



 # --------------------------------------------------------

 http {
  # MIME types
  include mime.types;                     # relative path, that is: /etc/nginx/mime.types
  default_type application/octet-stream;  # fallback type

  # log
  access_log /var/log/nginx/access.log combined;

  # TCP settings
  tcp_nopush on;
  tcp_nodelay off;


  # use unix sendfile()
  sendfile on;

  # compression
  gzip on;
  gzip_http_version 1.0;
  gzip_proxied any;
  gzip_min_length 500;
  gzip_disable "MSIE [1-6]\.";
  gzip_types text/plain text/xml text/css
             text/comma-separated-values
             text/javascript application/x-javascript
             application/atom+xml;
             # text/html is included by default


  # According to the HTTP standard headers with underscores are perfectly valid,
  # but nginx defaults to dropping them as a safety measure when working with CGI scripts.
  underscores_in_headers on;




  # --------------------------------------------------------
  # It's possible to organize the server configuration in different files.
  #
  # Typically, these site-specific files contain at least:
  #  - a server{} block
  #  - an upstream{} block
  #
  #  The convention is to store configuration files in:
  #    /etc/nginx/sites-availbale/
  #
  #  and then symlink them into:
  #    /etc/nginx/sites-enabled/
  #
  # with:
  #  $ ln -s /etc/nginx/sites-availbale/example.com.conf /etc/nginx/sites-enabled/example.com.conf 
  #
  # After that, send a HUP signal to the nginx master to reload the configuration on the fly:
  #  $ sudo kill -HUP `cat /var/run/nginx.pid`
  #
  #
  include /etc/nginx/sites-enabled/*;





  # --------------------------------------------------------
  # upstream destinations
  #
  # http://nginx.org/en/docs/http/ngx_http_upstream_module.html#upstream
  #
  # fail_timeout=0 means we always retry an upstream even if it failed
  # to return a good HTTP response.
  # This happens when the Unicorn master nukes a single worker for timing out.
  #
  # Sockets can be opened at any location where the user has writing access,
  # even inside the rails_root/tmp/sockets directory
  #
  # We can also use IP addresses and domain names, and mix them together.
  #
  # If more that one destination server is specified, the requests
  # are distributed using a weighted round-robin balancing method.
  #
  upstream rails_app_one {
    server unix:/tmp/rails_app_one.sock fail_timeout=0;
  }


  upstream rails_app_two {
    server unix:/tmp/rails_app_two.sock fail_timeout=0;
    server 192.168.0.7:8080             fail_timeout=0;
    server 127.0.0.1:3000               weight=3 fail_timeout=0;
  }



  # --------------------------------------------------------
  # servers


  # This server listens to port 80 and 443, and is configured to accept
  # both HTTP and HTTPS traffic on the same domain.
  # The Rails app can then decide to enforce HTTPS on the whole application
  # or only on specific controllers.
  #
  server {
    # Only one server can use the 'default_server' and 'deferred' options.
    listen 80 default_server deferred;

    # http://nginx.org/en/docs/http/ngx_http_core_module.html#server_name
    #
    # Also accepts lists of names, wildcard characters and regular expressions.
    # Make sure that they all match the SSL/TSL certificate, if using one.
    # See the last server block for more examples.
    server_name www.example.com;

    # HTTPS
    # http://nginx.org/en/docs/http/configuring_https_servers.html
    #
    # If the key has a passphrase, nginx will require it each time it will
    # boot or restart (making automatic management impossible).
    listen 443 ssl;
    ssl_certificate     /etc/nginx/sslfiles/example_com_chained.crt;
    ssl_certificate_key /etc/nginx/sslfiles/example_com_ssl_nopf.key;
    ssl_session_cache   shared:example_ssl_cache:1m;
    ssl_session_timeout 5m;


    client_max_body_size 4G; # default 1M
    keepalive_timeout 20s;   # default 75s

    root /var/www/example/current/public;

    # http://nginx.org/en/docs/http/ngx_http_core_module.html#try_files
    #
    # Tries files in sequence until one is found.
    # See comment block at the end of the file for detailed examples.
    # The last one is the rails app.
    #
    # /maintenance.html can be symlinked into public/ to stop requests
    # before they reach the rails app (e.g. while updating the DB).
    # When it does not exist (normally), it's quickly skipped.
    #
    try_files /maintenance.html $uri $uri/index.html $uri.html @rails_app;

    error_page 500 502 503 504 /500.html;

    # The location directory allows very creative configurations.
    # http://nginx.org/en/docs/http/ngx_http_core_module.html#location
    #
    # This is just a named location to be used in try_files.
    location @rails_app {
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # client IP
      proxy_set_header X-Forwarded-Proto $scheme; # pass scheme (for HTTPS)
      proxy_set_header Host $http_host; # the full host, for redirects within Rails
      proxy_redirect off; # disable nginx redirect-rewrite logic
      proxy_pass http://rails_app_one; # http is to be used even for https traffic
    }
  }

  # A redirect from the naked domain to www
  #
  # This listens to port 80, thus it can't handle HTTPS traffic.
  # (therefore, using $scheme instead of http is a bit useless)
  #
  # If the certificate is also compatible with the naked domain,
  # then this server block can be improved by replicating here
  # the SSL configuration of the main server.
  server {
    listen 80;
    server_name example.com;
    return 301 $scheme://www.example.com$request_uri;
  }



  # ----------------------------


  server {
    listen 80;
    server_name .winter.is.coming.com
                www.winteriscoming.com
                *.winteriscoming.net;

    client_max_body_size 4G;
    keepalive_timeout 10s;

    root /var/www/winteriscoming/current/public;
    try_files $uri $uri/index.html $uri.html @rails_app;
    error_page 500 502 503 504 /500.html;

    location @rails_app {
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_set_header Host $http_host;
      proxy_redirect off;
      proxy_pass http://rails_app_two;
    }
  }

 }

 # A note on $uri and the try_files directive:
 #
 # try_files /maintenance.html $uri $uri/index.html $uri.html @rails_app;
 #
 #
 # /maintenance.html
 #     if this file exists (likely a symlink), the app is probably not
 #     available (updating the DB?). We serve it directly.
 #
 # $uri
 #     it could be an asset.
 #     e.g. assets/application.css
 #
 # $uri/index.html
 #     it could be a directory in the file system. In that
 #     case we look for an index.html file.
 #
 # $uri.html
 #     it could be an actual html file.
 #     e.g. 500.html
 #
 # @rails_app
 #     finally, if all other tests fail, we pass the request to the app
 #
	# A commented nginx configuration file for Ruby on Rails
	#
	# Author: Tommaso Pavese
	# [email protected]
	# www.wonderingmachine.com
	#
	# Tested with:
	# nginx v 1.4.1 - 1.4.4
	# Rails 3.2 - 4.0
	#
	# Tested in production with Unicorn and Thin.
	# Also works with Puma (tested in dev).
	#
	#
	#
	# Docs:
	# http://nginx.org/en/docs/
	#
	# Configuration measurement units:
	# http://nginx.org/en/docs/syntax.html
	#
	# Each module can define its variables, the core ones:
	# http://nginx.org/en/docs/http/ngx_http_core_module.html#variables
	#
	#
	# As reference, the official example for nginx + unicorn:
	# https://github.com/defunkt/unicorn/blob/master/examples/nginx.conf
	#
	#
	# In order to bind to port 80, the master process must be executed as root:
	# sudo /usr/sbin/nginx -c /etc/nginx/nginx.conf
	#

	# How to execute the worker processes
	user user_name group_name;

	# A single worker is enough for load balancing and reverse proxing.
	# However:
	# Disk I/O can block an nginx worker (depends on disk read performance).
	# If the server is serving a lot of static files (e.g. assets) it is
	# a good idea to increase the number of worker processes.
	worker_processes 1;


	# The limit on the maximum number of open files for worker processes.
	# "open files" is intended as UNIX open file descriptors.
	# This overrides the limit set by the OS for the user the workers run as.
	# Run `ulimit -a` in a shell to see the current limit.
	worker_rlimit_nofile 2048;


	error_log /var/log/nginx/error.log warn;
	pid /var/run/nginx.pid;



	# --------------------------------------------------------

	events {
	worker_connections 1024; # increase if you have lots of clients
	accept_mutex off; # "on" if nginx worker_processes > 1
	use epoll; # best for Linux 2.6+ ("kqueue" for FreeBSD, OSX)
	}



	# --------------------------------------------------------

	http {
	# MIME types
	include mime.types; # relative path, that is: /etc/nginx/mime.types
	default_type application/octet-stream; # fallback type

	# log
	access_log /var/log/nginx/access.log combined;

	# TCP settings
	tcp_nopush on;
	tcp_nodelay off;


	# use unix sendfile()
	sendfile on;

	# compression
	gzip on;
	gzip_http_version 1.0;
	gzip_proxied any;
	gzip_min_length 500;
	gzip_disable "MSIE [1-6]\.";
	gzip_types text/plain text/xml text/css
	text/comma-separated-values
	text/javascript application/x-javascript
	application/atom+xml;
	# text/html is included by default


	# According to the HTTP standard headers with underscores are perfectly valid,
	# but nginx defaults to dropping them as a safety measure when working with CGI scripts.
	underscores_in_headers on;




	# --------------------------------------------------------
	# It's possible to organize the server configuration in different files.
	#
	# Typically, these site-specific files contain at least:
	# - a server{} block
	# - an upstream{} block
	#
	# The convention is to store configuration files in:
	# /etc/nginx/sites-availbale/
	#
	# and then symlink them into:
	# /etc/nginx/sites-enabled/
	#
	# with:
	# $ ln -s /etc/nginx/sites-availbale/example.com.conf /etc/nginx/sites-enabled/example.com.conf
	#
	# After that, send a HUP signal to the nginx master to reload the configuration on the fly:
	# $ sudo kill -HUP `cat /var/run/nginx.pid`
	#
	#
	include /etc/nginx/sites-enabled/*;





	# --------------------------------------------------------
	# upstream destinations
	#
	# http://nginx.org/en/docs/http/ngx_http_upstream_module.html#upstream
	#
	# fail_timeout=0 means we always retry an upstream even if it failed
	# to return a good HTTP response.
	# This happens when the Unicorn master nukes a single worker for timing out.
	#
	# Sockets can be opened at any location where the user has writing access,
	# even inside the rails_root/tmp/sockets directory
	#
	# We can also use IP addresses and domain names, and mix them together.
	#
	# If more that one destination server is specified, the requests
	# are distributed using a weighted round-robin balancing method.
	#
	upstream rails_app_one {
	server unix:/tmp/rails_app_one.sock fail_timeout=0;
	}


	upstream rails_app_two {
	server unix:/tmp/rails_app_two.sock fail_timeout=0;
	server 192.168.0.7:8080 fail_timeout=0;
	server 127.0.0.1:3000 weight=3 fail_timeout=0;
	}



	# --------------------------------------------------------
	# servers


	# This server listens to port 80 and 443, and is configured to accept
	# both HTTP and HTTPS traffic on the same domain.
	# The Rails app can then decide to enforce HTTPS on the whole application
	# or only on specific controllers.
	#
	server {
	# Only one server can use the 'default_server' and 'deferred' options.
	listen 80 default_server deferred;

	# http://nginx.org/en/docs/http/ngx_http_core_module.html#server_name
	#
	# Also accepts lists of names, wildcard characters and regular expressions.
	# Make sure that they all match the SSL/TSL certificate, if using one.
	# See the last server block for more examples.
	server_name www.example.com;

	# HTTPS
	# http://nginx.org/en/docs/http/configuring_https_servers.html
	#
	# If the key has a passphrase, nginx will require it each time it will
	# boot or restart (making automatic management impossible).
	listen 443 ssl;
	ssl_certificate /etc/nginx/sslfiles/example_com_chained.crt;
	ssl_certificate_key /etc/nginx/sslfiles/example_com_ssl_nopf.key;
	ssl_session_cache shared:example_ssl_cache:1m;
	ssl_session_timeout 5m;


	client_max_body_size 4G; # default 1M
	keepalive_timeout 20s; # default 75s

	root /var/www/example/current/public;

	# http://nginx.org/en/docs/http/ngx_http_core_module.html#try_files
	#
	# Tries files in sequence until one is found.
	# See comment block at the end of the file for detailed examples.
	# The last one is the rails app.
	#
	# /maintenance.html can be symlinked into public/ to stop requests
	# before they reach the rails app (e.g. while updating the DB).
	# When it does not exist (normally), it's quickly skipped.
	#
	try_files /maintenance.html $uri $uri/index.html $uri.html @rails_app;

	error_page 500 502 503 504 /500.html;

	# The location directory allows very creative configurations.
	# http://nginx.org/en/docs/http/ngx_http_core_module.html#location
	#
	# This is just a named location to be used in try_files.
	location @rails_app {
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; # client IP
	proxy_set_header X-Forwarded-Proto $scheme; # pass scheme (for HTTPS)
	proxy_set_header Host $http_host; # the full host, for redirects within Rails
	proxy_redirect off; # disable nginx redirect-rewrite logic
	proxy_pass http://rails_app_one; # http is to be used even for https traffic
	}
	}

	# A redirect from the naked domain to www
	#
	# This listens to port 80, thus it can't handle HTTPS traffic.
	# (therefore, using $scheme instead of http is a bit useless)
	#
	# If the certificate is also compatible with the naked domain,
	# then this server block can be improved by replicating here
	# the SSL configuration of the main server.
	server {
	listen 80;
	server_name example.com;
	return 301 $scheme://www.example.com$request_uri;
	}



	# ----------------------------


	server {
	listen 80;
	server_name .winter.is.coming.com
	www.winteriscoming.com
	*.winteriscoming.net;

	client_max_body_size 4G;
	keepalive_timeout 10s;

	root /var/www/winteriscoming/current/public;
	try_files $uri $uri/index.html $uri.html @rails_app;
	error_page 500 502 503 504 /500.html;

	location @rails_app {
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_set_header Host $http_host;
	proxy_redirect off;
	proxy_pass http://rails_app_two;
	}
	}

	}

	# A note on $uri and the try_files directive:
	#
	# try_files /maintenance.html $uri $uri/index.html $uri.html @rails_app;
	#
	#
	# /maintenance.html
	# if this file exists (likely a symlink), the app is probably not
	# available (updating the DB?). We serve it directly.
	#
	# $uri
	# it could be an asset.
	# e.g. assets/application.css
	#
	# $uri/index.html
	# it could be a directory in the file system. In that
	# case we look for an index.html file.
	#
	# $uri.html
	# it could be an actual html file.
	# e.g. 500.html
	#
	# @rails_app
	# finally, if all other tests fail, we pass the request to the app
	#
No results found