Skip to content

Instantly share code, notes, and snippets.

@weapp

weapp/ nginx suggestions.md

Last active November 23, 2022 15:27
Show Gist options
  • Save weapp/93606941a41273eb15bb to your computer and use it in GitHub Desktop.
Save weapp/93606941a41273eb15bb to your computer and use it in GitHub Desktop.
Download ZIP
Nginx conf json errors
Raw
errors.min.nginxconf
map $status $error_msg {
default "";
500 "Internal Server Error";
502 "Bad Gateway";
503 "Service Temporarily Unavailable";
504 "Gateway Timeout";
400 "Bad Request";
401 "Unauthorized";
403 "Forbidden";
404 "Not Found";
408 "Request Timeout";
418 "I\'m a teapot";
}
server {
listen 80;
server_name example.com;
root /home/manu/project/example;
index index.html;
error_page 400 401 403 404 408 418 500 502 503 504 /$status.htm;
location /500 { return 500 '{"error": {"status_code": $status, "status": "$error_msg"}}'; }
location /502 { return 502 '{"error": {"status_code": $status, "status": "$error_msg"}}'; }
location /503 { return 503 '{"error": {"status_code": $status, "status": "$error_msg"}}'; }
location /504 { return 504 '{"error": {"status_code": $status, "status": "$error_msg"}}'; }
location /400 { return 400 '{"error": {"status_code": $status, "status": "$error_msg"}}'; }
location /401 { return 401 '{"error": {"status_code": $status, "status": "$error_msg"}}'; }
location /403 { return 403 '{"error": {"status_code": $status, "status": "$error_msg"}}'; }
location /404 { return 404 '{"error": {"status_code": $status, "status": "$error_msg"}}'; }
location /408 { return 408 '{"error": {"status_code": $status, "status": "$error_msg"}}'; }
location /418 { return 418 '{"error": {"status_code": $status, "status": "$error_msg"}}'; }
location / {
proxy_pass http://rails;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $http_host;
#proxy_set_header Host static.example.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Raw
errors.nginxconf
server {
listen 80;
server_name example.com;
root /home/manu/project/example;
index index.html;
error_page 500 /500.html;
location /500.html{
return 500 '{"error": {"status_code": 500,"status": " Internal Server Error"}}';
}
error_page 502 /502.html;
location /502.html{
return 502 '{"error": {"status_code": 502,"status": "Bad Gateway"}}';
}
error_page 503 /503.html;
location /503.html{
return 503 '{"error": {"status_code": 503,"status": "Service Temporarily Unavailable"}}';
}
error_page 504 /504.html;
location /504.html{
return 504 '{"error": {"status_code": 504,"status": "Gateway Timeout"}}';
}
error_page 400 /400.html;
location /400.html{
return 400 '{"error": {"status_code": 400,"status": "Bad Request"}}';
}
error_page 401 /401.html;
location /401.html{
return 401 '{"error": {"status_code": 401,"status": "Unauthorized"}}';
}
error_page 403 /403.html;
location /403.html{
return 403 '{"error": {"status_code": 403,"status": "Forbidden"}}';
}
error_page 404 /404.html;
location /404.html{
return 404 '{"error": {"status_code": 404,"status": "Not Found"}}';
}
error_page 408 /408.html;
location /408.html{
return 408 '{"error": {"status_code": 408,"status": "Request Timeout}}';
}
error_page 418 /418.html;
location /418.html{
return 418 '{"error": {"status_code": 418,"status": "I\'m a teapot"}}';
}
# location @four_o_four {
# internal;
# #more_set_headers "X-Host: web4.ourdomain.com";
# #more_set_headers "Content-Type: application/json";
# return 502 '{"status":"Bad Gateway"}';
# }
location / {
proxy_pass http://rails;
proxy_next_upstream error timeout invalid_header http_500 http_502 http_503 http_504;
proxy_redirect off;
proxy_buffering off;
proxy_set_header Host $http_host;
#proxy_set_header Host static.example.com;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
Raw
unicorn.nginxconf
# This is example contains the bare mininum to get nginx going with
# Unicorn or Rainbows! servers. Generally these configuration settings
# are applicable to other HTTP application servers (and not just Ruby
# ones), so if you have one working well for proxying another app
# server, feel free to continue using it.
#
# The only setting we feel strongly about is the fail_timeout=0
# directive in the "upstream" block. max_fails=0 also has the same
# effect as fail_timeout=0 for current versions of nginx and may be
# used in its place.
#
# Users are strongly encouraged to refer to nginx documentation for more
# details and search for other example configs.
# you generally only need one nginx worker unless you're serving
# large amounts of static files which require blocking disk reads
worker_processes 1;
# # drop privileges, root is needed on most systems for binding to port 80
# # (or anything < 1024). Capability-based security may be available for
# # your system and worth checking out so you won't need to be root to
# # start nginx to bind on 80
user nobody nogroup; # for systems with a "nogroup"
# user nobody nobody; # for systems with "nobody" as a group instead
# Feel free to change all paths to suite your needs here, of course
pid /path/to/nginx.pid;
error_log /path/to/nginx.error.log;
events {
worker_connections 1024; # increase if you have lots of clients
accept_mutex off; # "on" if nginx worker_processes > 1
# use epoll; # enable for Linux 2.6+
# use kqueue; # enable for FreeBSD, OSX
}
http {
# nginx will find this file in the config directory set at nginx build time
include mime.types;
# fallback in case we can't determine a type
default_type application/octet-stream;
# click tracking!
access_log /path/to/nginx.access.log combined;
# you generally want to serve static files with nginx since neither
# Unicorn nor Rainbows! is optimized for it at the moment
sendfile on;
tcp_nopush on; # off may be better for *some* Comet/long-poll stuff
tcp_nodelay off; # on may be better for some Comet/long-poll stuff
# we haven't checked to see if Rack::Deflate on the app server is
# faster or not than doing compression via nginx. It's easier
# to configure it all in one place here for static files and also
# to disable gzip for clients who don't get gzip/deflate right.
# There are other gzip settings that may be needed used to deal with
# bad clients out there, see http://wiki.nginx.org/NginxHttpGzipModule
gzip on;
gzip_http_version 1.0;
gzip_proxied any;
gzip_min_length 500;
gzip_disable "MSIE [1-6]\.";
gzip_types text/plain text/html text/xml text/css
text/comma-separated-values
text/javascript application/x-javascript
application/atom+xml;
# this can be any application server, not just Unicorn/Rainbows!
upstream app_server {
# fail_timeout=0 means we always retry an upstream even if it failed
# to return a good HTTP response (in case the Unicorn master nukes a
# single worker for timing out).
# for UNIX domain socket setups:
server unix:/path/to/.unicorn.sock fail_timeout=0;
# for TCP setups, point these to your backend servers
# server 192.168.0.7:8080 fail_timeout=0;
# server 192.168.0.8:8080 fail_timeout=0;
# server 192.168.0.9:8080 fail_timeout=0;
}
server {
# enable one of the following if you're on Linux or FreeBSD
# listen 80 default deferred; # for Linux
# listen 80 default accept_filter=httpready; # for FreeBSD
# If you have IPv6, you'll likely want to have two separate listeners.
# One on IPv4 only (the default), and another on IPv6 only instead
# of a single dual-stack listener. A dual-stack listener will make
# for ugly IPv4 addresses in $remote_addr (e.g ":ffff:10.0.0.1"
# instead of just "10.0.0.1") and potentially trigger bugs in
# some software.
# listen [::]:80 ipv6only=on; # deferred or accept_filter recommended
client_max_body_size 4G;
server_name _;
# ~2 seconds is often enough for most folks to parse HTML/CSS and
# retrieve needed images/icons/frames, connections are cheap in
# nginx so increasing this is generally safe...
keepalive_timeout 5;
# path for static files
root /path/to/app/current/public;
# Prefer to serve static files directly from nginx to avoid unnecessary
# data copies from the application server.
#
# try_files directive appeared in in nginx 0.7.27 and has stabilized
# over time. Older versions of nginx (e.g. 0.6.x) requires
# "if (!-f $request_filename)" which was less efficient:
# http://bogomips.org/unicorn.git/tree/examples/nginx.conf?id=v3.3.1#n127
try_files $uri/index.html $uri.html $uri @app;
location @app {
# an HTTP header important enough to have its own Wikipedia entry:
# http://en.wikipedia.org/wiki/X-Forwarded-For
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
# enable this if you forward HTTPS traffic to unicorn,
# this helps Rack set the proper URL scheme for doing redirects:
# proxy_set_header X-Forwarded-Proto $scheme;
# pass the Host: header from the client right along so redirects
# can be set properly within the Rack application
proxy_set_header Host $http_host;
# we don't want nginx trying to do something clever with
# redirects, we set the Host: header above already.
proxy_redirect off;
# set "proxy_buffering off" *only* for Rainbows! when doing
# Comet/long-poll/streaming. It's also safe to set if you're using
# only serving fast clients with Unicorn + nginx, but not slow
# clients. You normally want nginx to buffer responses to slow
# clients, even with Rails 3.1 streaming because otherwise a slow
# client can become a bottleneck of Unicorn.
#
# The Rack application may also set "X-Accel-Buffering (yes|no)"
# in the response headers do disable/enable buffering on a
# per-response basis.
# proxy_buffering off;
proxy_pass http://app_server;
}
# Rails error pages
error_page 500 502 503 504 /500.html;
location = /500.html {
root /path/to/app/current/public;
}
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment