Skip to content

Instantly share code, notes, and snippets.

@stephenmckinney

stephenmckinney/default

Created July 25, 2012 19:28
Show Gist options
  • Save stephenmckinney/3178056 to your computer and use it in GitHub Desktop.
Save stephenmckinney/3178056 to your computer and use it in GitHub Desktop.
Download ZIP
Django Nginx Conf to fw HTTPS to HTTP
Raw
default
# Apache server
upstream django {
server 127.0.0.1:9000;
}
# Redirect all requests on the root subdomain to the www domain.
server {
listen 80;
server_name example.com;
rewrite ^(.*) http://www.example.com$1 permanent;
}
# Redirect all requests to the previous production subdomain to the www domain.
server {
listen 80;
server_name production.example.com;
rewrite ^(.*) http://www.example.com$1 permanent;
}
# Serve admin, donation form, and static assets over SSL.
server {
listen 443;
server_name www.example.com;
ssl on;
ssl_certificate /etc/ssl/certs/example.com.crt;
ssl_certificate_key /etc/ssl/private/example.com.key;
access_log /var/log/nginx/ssl.example.com.access.log;
error_log /var/log/nginx/ssl.example.com.error.log;
location /admin {
proxy_pass http://django;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Protocol https;
}
location /donate {
proxy_pass http://django;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Protocol https;
}
location /static {
alias /var/www/static;
access_log off;
expires max;
}
location /media/admin {
alias /var/www/admin-media;
access_log off;
expires 30d;
}
location /media {
alias /var/www/media/;
access_log off;
client_max_body_size 100M;
expires max;
}
# Redirect all other requests to non-SSL site.
location / {
rewrite ^(.*) http://$server_name$1 permanent;
}
}
# Forward admin, donation form to SSL.
# Serve static asset over non-SSL.
# Redirect any other request to Apache for Django.
server {
listen 80;
server_name www.example.com;
root /var/apps/nti_env/ntiproject;
access_log /var/log/nginx/example.com.access.log;
error_log /var/log/nginx/example.com.error.log;
gzip on;
gzip_http_version 1.0;
gzip_comp_level 2;
gzip_min_length 1100;
gzip_buffers 4 8k;
gzip_proxied any;
gzip_types text/plain text/xml application/xml application/xml+rss
text/css text/javascript application/javascript application/x-javascript application/json;
gzip_static on;
gzip_proxied expired no-cache no-store private auth;
gzip_disable "MSIE [1-6]\.";
gzip_vary on;
keepalive_timeout 65;
# These URIs should only be served over SSL.
location /admin {
rewrite ^/admin(.*) https://$server_name/admin$1 permanent;
}
location /donate {
rewrite ^ https://$server_name/donate permanent;
}
# These URIs will be served over non-SSL.
location /static {
alias /var/www/static;
access_log off;
expires max;
}
location /media/admin {
alias /var/www/admin-media;
access_log off;
expires 30d;
}
location /media {
alias /var/www/media/;
access_log off;
client_max_body_size 100M;
expires max;
}
location /favicon.ico {
alias /var/www/static/assets/favicon.ico;
access_log off;
expires 30d;
}
location /robots.txt {
alias /var/www/robots.txt;
access_log off;
}
# Setup named location for Django requests and handle proxy details.
location / {
client_max_body_size 100M;
proxy_pass http://django;
proxy_redirect off;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment