mattapayne · July 5, 2015 22:27 · mattapayne · Jul 5, 2015
diff --git a/matts-nginx-conf b/matts-nginx-conf
 worker_processes 10;

 pid /var/run/nginx.pid;

 events
 {
  worker_connections 1024;
 }


 http {

  include           /etc/nginx/mime.types;
  default_type      application/octet-stream;

  sendfile          on;
  tcp_nopush        on;
  tcp_nodelay       off;
  server_tokens     off;
  charset           utf-8;

  gzip              on;
  gzip_http_version 1.0;
  gzip_comp_level   2;
  gzip_proxied      any;
  gzip_types        text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;

  # configure log format like to Apache's "combined" log format
  log_format        main
                      '$remote_addr - $remote_user [$time_local] '
                      '"$request" $status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_cookie"';

  # default log files
  error_log         /var/log/nginx/error.log notice;
  access_log        /var/log/nginx/access.log main;

  upstream unicorn_server {
   # This is the socket we configured in unicorn.rb
   server unix:/home/matt/code/thinkific/tmp/sockets/unicorn.sock
   fail_timeout=0;
  }

  server {
    listen 80;
    listen 443 default ssl;
    ssl_certificate /home/matt/.ssl/cert.txt;
    ssl_certificate_key /home/matt/.ssl/key.txt;
    client_max_body_size 4G;
    large_client_header_buffers 4 32k;
    ssl_session_cache    shared:SSL:1m;
    ssl_session_timeout  5m;
    ssl_ciphers  HIGH:!aNULL:!MD5;
    ssl_prefer_server_ciphers  on;
    ssl_verify_client off;
    ssl_protocols        SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    server_name lvh.me;


    keepalive_timeout 65;

    # Location of our static files
    root /home/matt/code/thinkific/public;

    location / {
      proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header Host $http_host;
      proxy_set_header X-Forwarded-Proto $scheme;
      proxy_redirect off;

      # If you don't find the filename in the static files
      # Then request it from the unicorn server
      if (!-f $request_filename) {
        proxy_pass http://unicorn_server;
        break;
      }
    }

    location ~* \.(eot|ttf|woff)$ {
      add_header Access-Control-Allow-Origin *;
    }

    # this rewrites all the requests to the maintenance.html
    # page if it exists in the doc root. This is for capistrano's
    # disable web task
    if (-f $document_root/system/maintenance.html)
    {
      rewrite  ^(.*)$  /system/maintenance.html last;
      break;
    }

    error_page   500 502 503 504  /500.html;
    location = /500.html
    {
      root /home/matt/code/thinkific/public;
    }
    error_page 404  /404.html;
    location = /404.html
    {
      root /home/matt/code/thinkific/public;
    }
  }
 }
	worker_processes 10;

	pid /var/run/nginx.pid;

	events
	{
	worker_connections 1024;
	}


	http {

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	sendfile on;
	tcp_nopush on;
	tcp_nodelay off;
	server_tokens off;
	charset utf-8;

	gzip on;
	gzip_http_version 1.0;
	gzip_comp_level 2;
	gzip_proxied any;
	gzip_types text/plain text/css application/x-javascript text/xml application/xml application/xml+rss text/javascript;

	# configure log format like to Apache's "combined" log format
	log_format main
	'$remote_addr - $remote_user [$time_local] '
	'"$request" $status $body_bytes_sent "$http_referer" '
	'"$http_user_agent" "$http_cookie"';

	# default log files
	error_log /var/log/nginx/error.log notice;
	access_log /var/log/nginx/access.log main;

	upstream unicorn_server {
	# This is the socket we configured in unicorn.rb
	server unix:/home/matt/code/thinkific/tmp/sockets/unicorn.sock
	fail_timeout=0;
	}

	server {
	listen 80;
	listen 443 default ssl;
	ssl_certificate /home/matt/.ssl/cert.txt;
	ssl_certificate_key /home/matt/.ssl/key.txt;
	client_max_body_size 4G;
	large_client_header_buffers 4 32k;
	ssl_session_cache shared:SSL:1m;
	ssl_session_timeout 5m;
	ssl_ciphers HIGH:!aNULL:!MD5;
	ssl_prefer_server_ciphers on;
	ssl_verify_client off;
	ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
	server_name lvh.me;


	keepalive_timeout 65;

	# Location of our static files
	root /home/matt/code/thinkific/public;

	location / {
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_set_header Host $http_host;
	proxy_set_header X-Forwarded-Proto $scheme;
	proxy_redirect off;

	# If you don't find the filename in the static files
	# Then request it from the unicorn server
	if (!-f $request_filename) {
	proxy_pass http://unicorn_server;
	break;
	}
	}

	location ~* \.(eot\|ttf\|woff)$ {
	add_header Access-Control-Allow-Origin *;
	}

	# this rewrites all the requests to the maintenance.html
	# page if it exists in the doc root. This is for capistrano's
	# disable web task
	if (-f $document_root/system/maintenance.html)
	{
	rewrite ^(.*)$ /system/maintenance.html last;
	break;
	}

	error_page 500 502 503 504 /500.html;
	location = /500.html
	{
	root /home/matt/code/thinkific/public;
	}
	error_page 404 /404.html;
	location = /404.html
	{
	root /home/matt/code/thinkific/public;
	}
	}
	}