Nginx conf for thin clusters with shared ssl and redirect to ssl

gistfile1.txt

user  nobody;
worker_processes  1;

#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;

#pid        logs/nginx.pid;


events {
    worker_connections  1024;
}

http {
  include       mime.types;
  default_type  application/octet-stream;

  log_format    main  '$remote_addr - $remote_user [$time_local] $request '
                      '"$status" $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

  access_log    /var/log/nginx.access.log  main;

  sendfile      on;

  keepalive_timeout  65;


# THIN CLUSTERS
  upstream rails_application_cluster {
    server unix:/tmp/thin.portal.0.sock;
  }



# Shared certficates
ssl_certificate      /etc/ssl/web/mycert.crt;
ssl_certificate_key  /etc/ssl/web/mykey.key;


# VHOSTS
server {
    listen       443;
    server_name  rails_application_ex.com;
    ssl on;
    root /home/user/rails_application/current/public;

    location / {
      proxy_set_header X_FORWARDED_PROTO https;
      proxy_set_header  X-Real-IP  $remote_addr;
      proxy_set_header  X-Forwarded-For $proxy_add_x_forwarded_for;
      proxy_set_header Host $http_host;
      proxy_redirect off;

      if (-f $request_filename/index.html) {
        rewrite (.*) $1/index.html break;
      }
      if (-f $request_filename.html) {
        rewrite (.*) $1.html break;
      }
      if (!-f $request_filename) {
        proxy_pass http://rails_application_cluster;
        break;
      }
    }
}

# REWRITE TO SSL
server {
    listen 80;
    server_name rails_application_ex.com;
    rewrite ^ https://rails_application_ex.com/ permanent;
    }


}