olisikh · October 25, 2012 08:39
diff --git a/nginx.conf b/nginx.conf
 user www-data;
 worker_processes 4;
 pid /var/run/nginx.pid;

 events {
    worker_connections 768;
    # multi_accept on;
 }

 http {

    ##
    # Basic Settings
    ##
    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    types_hash_max_size 2048;
    # server_tokens off;

    # server_names_hash_bucket_size 64;
    # server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # Logging Settings
    ##
    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log debug;

    ##
    # Gzip Settings
    ##
    gzip_min_length 1000;
    gzip_types text/css text/xml application/x-javascript application/atom+xml text/plain
    gzip on;
    gzip_disable "msie6";
    gzip_vary on;
    # gzip_proxied any;
    # gzip_comp_level 6;
    gzip_buffers 16 8k;
    gzip_http_version 1.1;

    ##
    # Set proxy cache path
    ##
    proxy_cache_path /usr/share/nginx/cache keys_zone=one:10m;

    ##
    # Main website Tomcat instance
    ##
    upstream main {
        server local.wimh.co:8080;
    }

    server {
        listen         80;
    	return 301 https://$host$request_uri;    #redirect to https    
    }       

    server {
        listen              443; #https
        server_name local.wimh.co;

        ##
        # SSL configuration
        ##
        ssl                 on;
        ssl_certificate     /srv/ssl/server.crt;
        ssl_certificate_key /srv/ssl/server.key;

        location / {
            # Proxy all the requests to Tomcat
            proxy_pass            http://main;
            proxy_redirect        off;
            proxy_set_header      Host $http_host;
            proxy_set_header      X-Real-IP $remote_addr;
            proxy_set_header      X-Forwarded-For $proxy_add_x_forwarded_for;
            proxy_cache           one;
            proxy_cache_min_uses  1;
            proxy_cache_valid     200 302 1m;
            proxy_cache_valid     404 1m;
            proxy_cache_use_stale error timeout invalid_header http_500 http_502 http_503 http_504;
            try_files $uri $uri/  @proxy;
        }
    
        location @proxy {
            proxy_pass http://main;
        }
    }

    ##
    # nginx-naxsi config
    ##
    # Uncomment it if you installed nginx-naxsi
    ##

    #include /etc/nginx/naxsi_core.rules;

    ##
    # nginx-passenger config
    ##
    # Uncomment it if you installed nginx-passenger
    ##
    
    #passenger_root /usr;
    #passenger_ruby /usr/bin/ruby;

    ##
    # Virtual Host Configs
    ##
    include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;
 }


 #mail {
 #   # See sample authentication script at:
 #   # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
 # 
 #   # auth_http localhost/auth.php;
 #   # pop3_capabilities "TOP" "USER";
 #   # imap_capabilities "IMAP4rev1" "UIDPLUS";
 # 
 #   server {
 #       listen     localhost:110;
 #       protocol   pop3;
 #       proxy      on;
 #   }
 # 
 #   server {
 #       listen     localhost:143;
 #       protocol   imap;
 #       proxy      on;
 #   }
 #}
	user www-data;
	worker_processes 4;
	pid /var/run/nginx.pid;

	events {
	worker_connections 768;
	# multi_accept on;
	}

	http {

	##
	# Basic Settings
	##
	sendfile on;
	tcp_nopush on;
	tcp_nodelay on;
	keepalive_timeout 65;
	types_hash_max_size 2048;
	# server_tokens off;

	# server_names_hash_bucket_size 64;
	# server_name_in_redirect off;

	include /etc/nginx/mime.types;
	default_type application/octet-stream;

	##
	# Logging Settings
	##
	access_log /var/log/nginx/access.log;
	error_log /var/log/nginx/error.log debug;

	##
	# Gzip Settings
	##
	gzip_min_length 1000;
	gzip_types text/css text/xml application/x-javascript application/atom+xml text/plain
	gzip on;
	gzip_disable "msie6";
	gzip_vary on;
	# gzip_proxied any;
	# gzip_comp_level 6;
	gzip_buffers 16 8k;
	gzip_http_version 1.1;

	##
	# Set proxy cache path
	##
	proxy_cache_path /usr/share/nginx/cache keys_zone=one:10m;

	##
	# Main website Tomcat instance
	##
	upstream main {
	server local.wimh.co:8080;
	}

	server {
	listen 80;
	return 301 https://$host$request_uri; #redirect to https
	}

	server {
	listen 443; #https
	server_name local.wimh.co;

	##
	# SSL configuration
	##
	ssl on;
	ssl_certificate /srv/ssl/server.crt;
	ssl_certificate_key /srv/ssl/server.key;

	location / {
	# Proxy all the requests to Tomcat
	proxy_pass http://main;
	proxy_redirect off;
	proxy_set_header Host $http_host;
	proxy_set_header X-Real-IP $remote_addr;
	proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
	proxy_cache one;
	proxy_cache_min_uses 1;
	proxy_cache_valid 200 302 1m;
	proxy_cache_valid 404 1m;
	proxy_cache_use_stale error timeout invalid_header http_500 http_502 http_503 http_504;
	try_files $uri $uri/ @proxy;
	}

	location @proxy {
	proxy_pass http://main;
	}
	}

	##
	# nginx-naxsi config
	##
	# Uncomment it if you installed nginx-naxsi
	##

	#include /etc/nginx/naxsi_core.rules;

	##
	# nginx-passenger config
	##
	# Uncomment it if you installed nginx-passenger
	##

	#passenger_root /usr;
	#passenger_ruby /usr/bin/ruby;

	##
	# Virtual Host Configs
	##
	include /etc/nginx/conf.d/*.conf;
	include /etc/nginx/sites-enabled/*;
	}


	#mail {
	# # See sample authentication script at:
	# # http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
	#
	# # auth_http localhost/auth.php;
	# # pop3_capabilities "TOP" "USER";
	# # imap_capabilities "IMAP4rev1" "UIDPLUS";
	#
	# server {
	# listen localhost:110;
	# protocol pop3;
	# proxy on;
	# }
	#
	# server {
	# listen localhost:143;
	# protocol imap;
	# proxy on;
	# }
	#}