Config files for nginx and unicorn.

deploy.rb

namespace :deploy do

  # To avoid having to add a password for sudo, visudo and add
  # deployusername ALL=(ALL) NOPASSWD: /etc/init.d/unicorn reload

  task :start do
    sudo "/etc/init.d/unicorn start"
  end
  task :stop do
    sudo "/etc/init.d/unicorn stop"
  end
  task :restart do
    sudo "/etc/init.d/unicorn reload"
  end

end

host

upstream unicorn {
	# fail_timeout=0 means we always retry an upstream even if it failed
	# to return a good HTTP response (in case the Unicorn master nukes a
	# single worker for timing out).

	# for UNIX domain socket setups:
	server unix:/tmp/unicorn.socket fail_timeout=0;
}

server {
	
        # Default site used
	listen 80 default;
	
	server_name somewebsite.com;

	root /apps/my_app/current/public;
	access_log /var/log/nginx/my_app.log;
	rewrite_log on;

	# Show a maintenance page if one exists.
	if (-f $document_root/system/maintenance.html) {
		rewrite ^(.*)$ /system/maintenance.html break;
	}

	error_page 500 502 503 504  $document_root/500.html;	
	error_page 404 $document_root/404.html;

	client_max_body_size            5m;
	client_body_buffer_size         128k;

        # try_files attempts to use files in public first. it is more efficient than
        # running if statements each request (and is the preferred method from nginx docs)
        # sets up unicorn as the fallback url so anything not found ends up there
	try_files  $uri/index.html $uri.html $uri @unicorn;

	location @unicorn {
	    proxy_redirect     off;
	    proxy_set_header   Host             $host;
	    proxy_set_header   X-Real-IP        $remote_addr;
	    proxy_set_header   X-Forwarded-For  $proxy_add_x_forwarded_for;

	    proxy_connect_timeout      90;
	    proxy_send_timeout         90;
	    proxy_read_timeout         90;

	    proxy_buffer_size          4k;
	    proxy_buffers              4 32k;
	    proxy_busy_buffers_size    64k;
	    proxy_temp_file_write_size 64k;
	    proxy_pass http://unicorn;
	}
}

nginx.conf

user webmin webmin;
worker_processes  4;

error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

events {
    worker_connections  1024;
    accept_mutex on;
}

http {

    include       /etc/nginx/mime.types;
    access_log  /var/log/nginx/access.log;

    sendfile on;

    tcp_nopush on; # off may be better for *some* Comet/long-poll stuff
    tcp_nodelay off; # on may be better for some Comet/long-poll stuff

    gzip on;
    gzip_http_version 1.0;
    gzip_proxied any;
    gzip_min_length 500;
    gzip_disable "MSIE [1-6]\.";
    gzip_types text/plain text/html text/xml text/css text/comma-separated-values text/javascript application/x-javascript application/atom+xml;

    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
}

unicorn

#!/bin/sh
set -u
set -e
# Example init script, this can be used with nginx, too,
# since nginx and unicorn accept the same signals

# Feel free to change any of the following variables for your app:
APP_NAME=
APP_ROOT=/apps/yoursite/current
PID=$APP_ROOT/tmp/pids/unicorn.pid
ENV=production
CMD="sudo -u webmin /usr/local/bin/unicorn -D -E $ENV -c config/unicorn.rb"

old_pid="$PID.oldbin"

cd $APP_ROOT || exit 1

sig () {
	test -s "$PID" && kill -$1 `cat $PID`
}

oldsig () {
	test -s $old_pid && kill -$1 `cat $old_pid`
}

case $1 in
start)
	sig 0 && echo >&2 "Already running" && exit 0
	$CMD
	;;
stop)
	sig QUIT && exit 0
	echo >&2 "Not running"
	;;
force-stop)
	sig TERM && exit 0
	echo >&2 "Not running"
	;;
restart|reload)
	sig HUP && echo reloaded OK && exit 0
	echo >&2 "Couldn't reload, starting '$CMD' instead"
	$CMD
	;;
upgrade)
	sig USR2 && exit 0
	echo >&2 "Couldn't upgrade, starting '$CMD' instead"
	$CMD
	;;
rotate)
        sig USR1 && echo rotated logs OK && exit 0
        echo >&2 "Couldn't rotate logs" && exit 1
        ;;
*)
	echo >&2 "Usage: $0 <start|stop|restart|upgrade|rotate|force-stop>"
	exit 1
	;;
esac

unicorn.rb

# See http://unicorn.bogomips.org/Unicorn/Configurator.html for complete
# documentation.

deploy_to = "/apps/mysite"

current_path = "#{deploy_to}/current"
shared_path = "#{deploy_to}/shared"
shared_bundler_gems_path = "#{shared_path}/gems"

working_directory current_path

worker_processes 2
preload_app true
timeout 30

# Chose a socket or tcp, we're using tcp here.
#listen "/tmp/unicorn.sock", :backlog => 64
pid "#{shared_path}/pids/unicorn.pid"

user 'webmin', 'webmin'
stderr_path "#{shared_path}/log/unicorn.stderr.log"
stdout_path "#{shared_path}/log/unicorn.stdout.log"

# if GC.respond_to?(:copy_on_write_friendly=)
#   GC.copy_on_write_friendly = true
# end

before_fork do |server, worker|
  
  defined?(ActiveRecord::Base) and ActiveRecord::Base.connection.disconnect!
  
  old_pid = "#{server.config[:pid]}.oldbin"
  if old_pid != server.pid
    begin
      sig = (worker.nr + 1) >= server.worker_processes ? :QUIT : :TTOU
      Process.kill(sig, File.read(old_pid).to_i)
    rescue Errno::ENOENT, Errno::ESRCH
    end
  end
  
end

after_fork do |server, worker|

  port     = (3000 + worker.nr)
  addr     = "127.0.0.1:#{port}"
  server.listen(addr, :tries => -1, :delay => 5, :backlog => 64)
  
  # Setup a pid for our children for monitoring.
  child_pid = server.config[:pid].sub('.pid', ".#{port}.pid")
  system("echo #{Process.pid} > #{child_pid}")
  
  defined?(ActiveRecord::Base) and ActiveRecord::Base.establish_connection
  
end

before_exec do |server|
  paths = (ENV["PATH"] || "").split(File::PATH_SEPARATOR) 
  paths.unshift "#{shared_bundler_gems_path}/bin"
  ENV["PATH"] = paths.uniq.join(File::PATH_SEPARATOR)

  ENV['GEM_HOME'] = ENV['GEM_PATH'] = shared_bundler_gems_path
  ENV['BUNDLE_GEMFILE'] = "#{current_path}/Gemfile"
end