Revisions
-
mikhailov renamed this gist
Nov 23, 2010 . 1 changed file with 0 additions and 0 deletions.There are no files selected for viewing
File renamed without changes. -
Nov 23, 2010 .There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,46 @@ user app; worker_processes 2; error_log /home/app/logs/nginx.error.log info; events { worker_connections 1024; } http { passenger_root /usr/local/lib/ruby/gems/1.8/gems/passenger-3.0.0; passenger_ruby /usr/local/bin/ruby; # Passenger never sleeps! passenger_pool_idle_time 0; # Use more instances, because memory is enough passenger_max_pool_size 15; include mime.types; default_type application/octet-stream; client_max_body_size 25m; gzip on; gzip_disable "msie6"; gzip_vary on; gzip_min_length 512; gzip_buffers 256 8k; gzip_comp_level 3; gzip_proxied any; gzip_types text/plain text/css application/x-javascript text/xml application/xml; server_tokens off; sendfile on; keepalive_timeout 65; include /opt/nginx/conf/nginx_host.conf; # Start application instantly passenger_pre_start https://127.0.0.1/; } This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters. Learn more about bidirectional Unicode charactersOriginal file line number Diff line number Diff line change @@ -0,0 +1,80 @@ server { listen 80; server_name *.server.com # There is ssl-only content, so redirection is permanent # No need to use ssl_requirement plugin here rewrite ^(.*) https://$host$1 permanent; # Block bots who like track urls (php usually) location ~ \.php$ { deny all; } } # HTTPS server server { listen 443; server_name *.server.com ssl on; ssl_certificate /etc/ssl/selfsigned/cert.pem; ssl_certificate_key /etc/ssl/selfsigned/cert.key; ssl_session_timeout 5m; ssl_protocols SSLv2 SSLv3 TLSv1; ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP; ssl_prefer_server_ciphers on; root /home/app/public_html/your_project/current/public; index index.html; passenger_enabled on; # Spawn 10 instances, because memory is enough passenger_min_instances 10; error_page 500 502 504 /500.html; location = /50x.html { root html; } # 503 -> static for POSTs could cause 405 recursive_error_pages on; # Maintenance page handle if (-f $document_root/system/maintenance.html) { return 503; } error_page 503 @503; location @503 { error_page 405 = /system/maintenance.html; # Serve static assets if found. if (-f $request_filename) { break; } if (-f $document_root/system/maintenance.html) { rewrite ^(.*)$ /system/maintenance.html break; } rewrite ^(.*)$ /503.html break; } # Block bots who like track urls (php usually) location ~ \.php$ { deny all; } # Set max-age headers to assets location ~* \.(png|gif|jpg|jpeg|css|js|swf|ico)(\?[0-9]+)?$ { access_log off; expires max; break; } }