Created
November 3, 2011 14:35
-
-
Save adamvaughan/1336641 to your computer and use it in GitHub Desktop.
nginx configuration
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| user nobody nogroup; | |
| worker_processes 1; | |
| error_log /var/log/nginx_error.log; | |
| pid /var/run/nginx.pid; | |
| events { | |
| worker_connections 1024; | |
| accept_mutex off; | |
| # use epoll; # enable for Linux 2.6+ | |
| use kqueue; # enable for FreeBSD, OSX | |
| } | |
| http { | |
| include mime.types; | |
| default_type application/octet-stream; | |
| log_format main '$remote_addr - $remote_user [$time_local] "$request" $status $body_bytes_sent "$http_referer" "$http_user_agent" "$http_x_forwarded_for"'; | |
| access_log /var/log/nginx_access.log combined; | |
| sendfile on; | |
| tcp_nopush on; | |
| tcp_nodelay off; | |
| keepalive_timeout 5; | |
| gzip on; | |
| gzip_http_version 1.0; | |
| gzip_proxied any; | |
| gzip_min_length 500; | |
| gzip_disable "MSIE [1-6]\."; | |
| gzip_types text/plain text/xml text/css text/comma-separated-values text/javascript application-x-javascript application/atom+xml; | |
| # Upstream application example: | |
| # | |
| # upstream name { | |
| # # fail_timeout=0 means we always retry an upstream even if it failed | |
| # # to return a good HTTP response (in case the Unicorn master nukes a | |
| # # single worker for timing out). | |
| # | |
| # # for UNIZ domain socket setups | |
| # server unix:/tmp/.sock fail_timeout=0; | |
| # | |
| # # for TCP setups, point these to your backend servers | |
| # # server 191.168.0.7:8080 fail_timeout=0; | |
| # # server 191.168.0.8:8080 fail_timeout=0; | |
| # # server 191.168.0.9:8080 fail_timeout=0; | |
| # } | |
| upstream chrome_app_server { | |
| server unix:/Users/adam/code/chrome/tmp/sockets/unicorn.sock fail_timeout=0; | |
| } | |
| upstream core_app_server { | |
| server unix:/Users/adam/code/core/tmp/sockets/unicorn.sock fail_timeout=0; | |
| } | |
| upstream alarm_app_server { | |
| server unix:/Users/adam/code/alarm/tmp/sockets/unicorn.sock fail_timeout=0; | |
| } | |
| upstream synops_app_server { | |
| server unix:/Users/adam/code/synops/tmp/sockets/unicorn.sock fail_timeout=0; | |
| } | |
| upstream webwalkui_app_server { | |
| server unix:/Users/adam/code/webwalkui/tmp/sockets/unicorn.sock fail_timeout=0; | |
| } | |
| upstream configurator_app_server { | |
| server unix:/Users/adam/code/configurator/tmp/sockets/unicorn.sock fail_timeout=0; | |
| } | |
| upstream analytics_app_server { | |
| server unix:/Users/adam/code/analytics/tmp/sockets/unicorn.sock fail_timeout=0; | |
| } | |
| server { | |
| # listen 443 default deferred; # for Linux | |
| # listen 443 default accept_filter=httpready; # for FreeBSD | |
| listen 443; # for OSX | |
| client_max_body_size 4G; | |
| server_name chrome.ssbe.localhost; | |
| keepalive_timeout 5; | |
| # path for static files | |
| root /Users/adam/code/chrome/public; | |
| # Prefer to serve static files directly from nginx to avoid unnecessary | |
| # data copies from the application server. | |
| try_files $uri/index.html $uri.html $uri @app; | |
| ssl on; | |
| ssl_certificate /usr/local/etc/nginx/certs/server.crt; | |
| ssl_certificate_key /usr/local/etc/nginx/certs/server.key; | |
| ssl_session_cache shared:SSL:500m; | |
| # don't use Difie-Hellman Ephemeral... its really slow | |
| # http://matt.io/technobabble/hivemind_devops_alert:_nginx_does_not_suck_at_ssl/ur | |
| ssl_ciphers ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:!kEDH; | |
| location @app { | |
| proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for; | |
| # enable this if and only if you use HTTPS, this helps Rack | |
| # set the proper protocol for doing redirects | |
| proxy_set_header X-Forwarded-Proto https; | |
| # pass the Host: header from the client right along so redirects | |
| # can be set properly within the Rack application | |
| proxy_set_header Host $http_host; | |
| # we don't want nginx trying to do something clever with | |
| # redirects, we set the Host: header above already | |
| proxy_redirect off; | |
| proxy_pass http://chrome_app_server; | |
| } | |
| } | |
| server { | |
| # listen 443 default deferred; # for Linux | |
| # listen 443 default accept_filter=httpready; # for FreeBSD | |
| listen 443; # for OSX | |
| client_max_body_size 4G; | |
| server_name core.ssbe.localhost; | |
| keepalive_timeout 5; | |
| # path for static files | |
| root /Users/adam/code/core/public; | |
| # Prefer to serve static files directly from nginx to avoid unnecessary | |
| # data copies from the application server. | |
| try_files $uri/index.html $uri.html $uri @app; | |
| ssl on; | |
| ssl_certificate /usr/local/etc/nginx/certs/server.crt; | |
| ssl_certificate_key /usr/local/etc/nginx/certs/server.key; | |
| ssl_session_cache shared:SSL:500m; | |
| # don't use Difie-Hellman Ephemeral... its really slow | |
| # http://matt.io/technobabble/hivemind_devops_alert:_nginx_does_not_suck_at_ssl/ur | |
| ssl_ciphers ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:!kEDH; | |
| location @app { | |
| proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for; | |
| # enable this if and only if you use HTTPS, this helps Rack | |
| # set the proper protocol for doing redirects | |
| proxy_set_header X-Forwarded-Proto https; | |
| # pass the Host: header from the client right along so redirects | |
| # can be set properly within the Rack application | |
| proxy_set_header Host $http_host; | |
| # we don't want nginx trying to do something clever with | |
| # redirects, we set the Host: header above already | |
| proxy_redirect off; | |
| proxy_pass http://core_app_server; | |
| } | |
| # Rails error pages | |
| error_page 500 502 503 504 /500.html; | |
| location = /500.html { | |
| } | |
| } | |
| server { | |
| # listen 80 default deferred; # for Linux | |
| # listen 80 default accept_filter=httpready; # for FreeBSD | |
| listen 80; # for OSX | |
| client_max_body_size 4G; | |
| server_name core.ssbe.localhost; | |
| keepalive_timeout 5; | |
| # path for static files | |
| root /Users/adam/code/core/public; | |
| # Prefer to serve static files directly from nginx to avoid unnecessary | |
| # data copies from the application server. | |
| try_files $uri/index.html $uri.html $uri @app; | |
| location @app { | |
| proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for; | |
| # pass the Host: header from the client right along so redirects | |
| # can be set properly within the Rack application | |
| proxy_set_header Host $http_host; | |
| # we don't want nginx trying to do something clever with | |
| # redirects, we set the Host: header above already | |
| proxy_redirect off; | |
| proxy_pass http://core_app_server; | |
| } | |
| # Rails error pages | |
| error_page 500 502 503 504 /500.html; | |
| location = /500.html { | |
| } | |
| } | |
| server { | |
| # listen 443 default deferred; # for Linux | |
| # listen 443 default accept_filter=httpready; # for FreeBSD | |
| listen 443; # for OSX | |
| client_max_body_size 4G; | |
| server_name alarm.ssbe.localhost; | |
| keepalive_timeout 5; | |
| # path for static files | |
| root /Users/adam/code/alarm/public; | |
| # Prefer to serve static files directly from nginx to avoid unnecessary | |
| # data copies from the application server. | |
| try_files $uri/index.html $uri.html $uri @app; | |
| ssl on; | |
| ssl_certificate /usr/local/etc/nginx/certs/server.crt; | |
| ssl_certificate_key /usr/local/etc/nginx/certs/server.key; | |
| ssl_session_cache shared:SSL:500m; | |
| # don't use Difie-Hellman Ephemeral... its really slow | |
| # http://matt.io/technobabble/hivemind_devops_alert:_nginx_does_not_suck_at_ssl/ur | |
| ssl_ciphers ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:!kEDH; | |
| location @app { | |
| proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for; | |
| # enable this if and only if you use HTTPS, this helps Rack | |
| # set the proper protocol for doing redirects | |
| proxy_set_header X-Forwarded-Proto https; | |
| # pass the Host: header from the client right along so redirects | |
| # can be set properly within the Rack application | |
| proxy_set_header Host $http_host; | |
| # we don't want nginx trying to do something clever with | |
| # redirects, we set the Host: header above already | |
| proxy_redirect off; | |
| proxy_pass http://alarm_app_server; | |
| } | |
| # Rails error pages | |
| error_page 500 502 503 504 /500.html; | |
| location = /500.html { | |
| } | |
| } | |
| server { | |
| # listen 80 default deferred; # for Linux | |
| # listen 80 default accept_filter=httpready; # for FreeBSD | |
| listen 80; # for OSX | |
| client_max_body_size 4G; | |
| server_name alarm.ssbe.localhost; | |
| keepalive_timeout 5; | |
| # path for static files | |
| root /Users/adam/code/alarm/public; | |
| # Prefer to serve static files directly from nginx to avoid unnecessary | |
| # data copies from the application server. | |
| try_files $uri/index.html $uri.html $uri @app; | |
| location @app { | |
| proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for; | |
| # pass the Host: header from the client right along so redirects | |
| # can be set properly within the Rack application | |
| proxy_set_header Host $http_host; | |
| # we don't want nginx trying to do something clever with | |
| # redirects, we set the Host: header above already | |
| proxy_redirect off; | |
| proxy_pass http://alarm_app_server; | |
| } | |
| # Rails error pages | |
| error_page 500 502 503 504 /500.html; | |
| location = /500.html { | |
| } | |
| } | |
| server { | |
| # listen 443 default deferred; # for Linux | |
| # listen 443 default accept_filter=httpready; # for FreeBSD | |
| listen 443; # for OSX | |
| client_max_body_size 4G; | |
| server_name synops.ssbe.localhost; | |
| keepalive_timeout 5; | |
| # path for static files | |
| root /Users/adam/code/synops/public; | |
| # Prefer to serve static files directly from nginx to avoid unnecessary | |
| # data copies from the application server. | |
| try_files $uri/index.html $uri.html $uri @app; | |
| ssl on; | |
| ssl_certificate /usr/local/etc/nginx/certs/server.crt; | |
| ssl_certificate_key /usr/local/etc/nginx/certs/server.key; | |
| ssl_session_cache shared:SSL:500m; | |
| # don't use Difie-Hellman Ephemeral... its really slow | |
| # http://matt.io/technobabble/hivemind_devops_alert:_nginx_does_not_suck_at_ssl/ur | |
| ssl_ciphers ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:!kEDH; | |
| location @app { | |
| proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for; | |
| # enable this if and only if you use HTTPS, this helps Rack | |
| # set the proper protocol for doing redirects | |
| proxy_set_header X-Forwarded-Proto https; | |
| # pass the Host: header from the client right along so redirects | |
| # can be set properly within the Rack application | |
| proxy_set_header Host $http_host; | |
| # we don't want nginx trying to do something clever with | |
| # redirects, we set the Host: header above already | |
| proxy_redirect off; | |
| proxy_pass http://synops_app_server; | |
| } | |
| # Rails error pages | |
| error_page 500 502 503 504 /500.html; | |
| location = /500.html { | |
| } | |
| } | |
| server { | |
| # listen 80 default deferred; # for Linux | |
| # listen 80 default accept_filter=httpready; # for FreeBSD | |
| listen 80; # for OSX | |
| client_max_body_size 4G; | |
| server_name synops.ssbe.localhost; | |
| keepalive_timeout 5; | |
| # path for static files | |
| root /Users/adam/code/synops/public; | |
| # Prefer to serve static files directly from nginx to avoid unnecessary | |
| # data copies from the application server. | |
| try_files $uri/index.html $uri.html $uri @app; | |
| location @app { | |
| proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for; | |
| # pass the Host: header from the client right along so redirects | |
| # can be set properly within the Rack application | |
| proxy_set_header Host $http_host; | |
| # we don't want nginx trying to do something clever with | |
| # redirects, we set the Host: header above already | |
| proxy_redirect off; | |
| proxy_pass http://synops_app_server; | |
| } | |
| # Rails error pages | |
| error_page 500 502 503 504 /500.html; | |
| location = /500.html { | |
| } | |
| } | |
| server { | |
| # listen 443 default deferred; # for Linux | |
| # listen 443 default accept_filter=httpready; # for FreeBSD | |
| listen 443; # for OSX | |
| client_max_body_size 4G; | |
| server_name webwalk.ssbe.localhost; | |
| keepalive_timeout 5; | |
| # path for static files | |
| root /Users/adam/code/webwalkui/public; | |
| # Prefer to serve static files directly from nginx to avoid unnecessary | |
| # data copies from the application server. | |
| try_files $uri/index.html $uri.html $uri @app; | |
| ssl on; | |
| ssl_certificate /usr/local/etc/nginx/certs/server.crt; | |
| ssl_certificate_key /usr/local/etc/nginx/certs/server.key; | |
| ssl_session_cache shared:SSL:500m; | |
| # don't use Difie-Hellman Ephemeral... its really slow | |
| # http://matt.io/technobabble/hivemind_devops_alert:_nginx_does_not_suck_at_ssl/ur | |
| ssl_ciphers ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:!kEDH; | |
| location @app { | |
| proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for; | |
| # enable this if and only if you use HTTPS, this helps Rack | |
| # set the proper protocol for doing redirects | |
| proxy_set_header X-Forwarded-Proto https; | |
| # pass the Host: header from the client right along so redirects | |
| # can be set properly within the Rack application | |
| proxy_set_header Host $http_host; | |
| # we don't want nginx trying to do something clever with | |
| # redirects, we set the Host: header above already | |
| proxy_redirect off; | |
| proxy_pass http://webwalkui_app_server; | |
| } | |
| # Rails error pages | |
| error_page 500 502 503 504 /500.html; | |
| location = /500.html { | |
| } | |
| } | |
| server { | |
| # listen 80 default deferred; # for Linux | |
| # listen 80 default accept_filter=httpready; # for FreeBSD | |
| listen 80; # for OSX | |
| client_max_body_size 4G; | |
| server_name webwalk.ssbe.localhost; | |
| keepalive_timeout 5; | |
| # path for static files | |
| root /Users/adam/code/webwalkui/public; | |
| # Prefer to serve static files directly from nginx to avoid unnecessary | |
| # data copies from the application server. | |
| try_files $uri/index.html $uri.html $uri @app; | |
| location @app { | |
| proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for; | |
| # pass the Host: header from the client right along so redirects | |
| # can be set properly within the Rack application | |
| proxy_set_header Host $http_host; | |
| # we don't want nginx trying to do something clever with | |
| # redirects, we set the Host: header above already | |
| proxy_redirect off; | |
| proxy_pass http://webwalkui_app_server; | |
| } | |
| # Rails error pages | |
| error_page 500 502 503 504 /500.html; | |
| location = /500.html { | |
| } | |
| } | |
| server { | |
| # listen 443 default deferred; # for Linux | |
| # listen 443 default accept_filter=httpready; # for FreeBSD | |
| listen 443; # for OSX | |
| client_max_body_size 4G; | |
| server_name config.ssbe.localhost; | |
| keepalive_timeout 5; | |
| # path for static files | |
| root /Users/adam/code/configurator/public; | |
| # Prefer to serve static files directly from nginx to avoid unnecessary | |
| # data copies from the application server. | |
| try_files $uri/index.html $uri.html $uri @app; | |
| ssl on; | |
| ssl_certificate /usr/local/etc/nginx/certs/server.crt; | |
| ssl_certificate_key /usr/local/etc/nginx/certs/server.key; | |
| ssl_session_cache shared:SSL:500m; | |
| # don't use Difie-Hellman Ephemeral... its really slow | |
| # http://matt.io/technobabble/hivemind_devops_alert:_nginx_does_not_suck_at_ssl/ur | |
| ssl_ciphers ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:!kEDH; | |
| location @app { | |
| proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for; | |
| # enable this if and only if you use HTTPS, this helps Rack | |
| # set the proper protocol for doing redirects | |
| proxy_set_header X-Forwarded-Proto https; | |
| # pass the Host: header from the client right along so redirects | |
| # can be set properly within the Rack application | |
| proxy_set_header Host $http_host; | |
| # we don't want nginx trying to do something clever with | |
| # redirects, we set the Host: header above already | |
| proxy_redirect off; | |
| proxy_pass http://configurator_app_server; | |
| } | |
| # Rails error pages | |
| error_page 500 502 503 504 /500.html; | |
| location = /500.html { | |
| } | |
| } | |
| server { | |
| # listen 80 default deferred; # for Linux | |
| # listen 80 default accept_filter=httpready; # for FreeBSD | |
| listen 80; # for OSX | |
| client_max_body_size 4G; | |
| server_name config.ssbe.localhost; | |
| keepalive_timeout 5; | |
| # path for static files | |
| root /Users/adam/code/configurator/public; | |
| # Prefer to serve static files directly from nginx to avoid unnecessary | |
| # data copies from the application server. | |
| try_files $uri/index.html $uri.html $uri @app; | |
| location @app { | |
| proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for; | |
| # pass the Host: header from the client right along so redirects | |
| # can be set properly within the Rack application | |
| proxy_set_header Host $http_host; | |
| # we don't want nginx trying to do something clever with | |
| # redirects, we set the Host: header above already | |
| proxy_redirect off; | |
| proxy_pass http://configurator_app_server; | |
| } | |
| # Rails error pages | |
| error_page 500 502 503 504 /500.html; | |
| location = /500.html { | |
| } | |
| } | |
| server { | |
| # listen 443 default deferred; # for Linux | |
| # listen 443 default accept_filter=httpready; # for FreeBSD | |
| listen 443; # for OSX | |
| client_max_body_size 4G; | |
| server_name analytics.ssbe.localhost; | |
| keepalive_timeout 5; | |
| # path for static files | |
| root /Users/adam/code/analytics/public; | |
| # Prefer to serve static files directly from nginx to avoid unnecessary | |
| # data copies from the application server. | |
| try_files $uri/index.html $uri.html $uri @app; | |
| ssl on; | |
| ssl_certificate /usr/local/etc/nginx/certs/server.crt; | |
| ssl_certificate_key /usr/local/etc/nginx/certs/server.key; | |
| ssl_session_cache shared:SSL:500m; | |
| # don't use Difie-Hellman Ephemeral... its really slow | |
| # http://matt.io/technobabble/hivemind_devops_alert:_nginx_does_not_suck_at_ssl/ur | |
| ssl_ciphers ALL:!ADH:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP:!kEDH; | |
| location @app { | |
| proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for; | |
| # enable this if and only if you use HTTPS, this helps Rack | |
| # set the proper protocol for doing redirects | |
| proxy_set_header X-Forwarded-Proto https; | |
| # pass the Host: header from the client right along so redirects | |
| # can be set properly within the Rack application | |
| proxy_set_header Host $http_host; | |
| # we don't want nginx trying to do something clever with | |
| # redirects, we set the Host: header above already | |
| proxy_redirect off; | |
| proxy_pass http://analytics_app_server; | |
| } | |
| # Rails error pages | |
| error_page 500 502 503 504 /500.html; | |
| location = /500.html { | |
| } | |
| } | |
| server { | |
| # listen 80 default deferred; # for Linux | |
| # listen 80 default accept_filter=httpready; # for FreeBSD | |
| listen 80; # for OSX | |
| client_max_body_size 4G; | |
| server_name analytics.ssbe.localhost; | |
| keepalive_timeout 5; | |
| # path for static files | |
| root /Users/adam/code/analytics/public; | |
| # Prefer to serve static files directly from nginx to avoid unnecessary | |
| # data copies from the application server. | |
| try_files $uri/index.html $uri.html $uri @app; | |
| location @app { | |
| proxy_set_header X-Forwarded_For $proxy_add_x_forwarded_for; | |
| # pass the Host: header from the client right along so redirects | |
| # can be set properly within the Rack application | |
| proxy_set_header Host $http_host; | |
| # we don't want nginx trying to do something clever with | |
| # redirects, we set the Host: header above already | |
| proxy_redirect off; | |
| proxy_pass http://analytics_app_server; | |
| } | |
| # Rails error pages | |
| error_page 500 502 503 504 /500.html; | |
| location = /500.html { | |
| } | |
| } | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment