### ### HTTP-Config generated with magic_recipes_two at: <%= Time.now.strftime("%Y-%m-%d .. %H:%M .. %Z") %> ### <% joiner = "\n " %> upstream thin_<%= fetch(:application) %>_<%= fetch(:stage) %>_cluster { <% fetch(:app_instances).to_i.times do |i| %> server unix:/tmp/thin.<%= fetch(:application) %>.<%= fetch(:stage) %>.<%= i %>.sock max_fails=1 fail_timeout=15s; <% end %> } <% if fetch(:proxy_cache_rails) %> # Proxy-Caching - Rails - Sites proxy_cache_path <%= fetch(:proxy_cache_rails_directory) %> levels=<%= fetch(:proxy_cache_rails_levels) %> keys_zone=<%= fetch(:proxy_cache_rails_name) %>:<%= fetch(:proxy_cache_rails_size) %> inactive=<%= fetch(:proxy_cache_rails_time) %> max_size=<%= fetch(:proxy_cache_rails_max) %>; <% end %><% if fetch(:proxy_cache_media) %> # Proxy-Caching - Media (Dragonfly) - Files proxy_cache_path <%= fetch(:proxy_cache_media_directory) %> levels=<%= fetch(:proxy_cache_media_levels) %> keys_zone=<%= fetch(:proxy_cache_media_name) %>:<%= fetch(:proxy_cache_media_size) %> inactive=<%= fetch(:proxy_cache_media_time) %> max_size=<%= fetch(:proxy_cache_media_max) %>; <% end %> # HTTP Server <% if fetch(:nginx_use_ssl) %> <% if fetch(:nginx_major_domain) %> server { listen 80<%= ' default_server' if fetch(:default_site) %>; server_name <%= Array(fetch(:nginx_domains)).map{ |d| d.gsub(/^\*?\./, "") }.join(joiner) %> <%= ".#{fetch(:nginx_major_domain).gsub(/^\*?\./, "")}" %>; # return 301 https://<%= fetch(:nginx_major_domain).gsub(/^\*?\./, "") %>$request_uri; location ^~ /assets/ico/ { root <%= current_path %>/public; gzip_static on; expires max; add_header Cache-Control public; } location / { return 301 https://<%= fetch(:nginx_major_domain).gsub(/^\*?\./, "") %>$request_uri; } } server { listen 80; server_name <%= Array(fetch(:nginx_domains)).map{ |d| "~^(?\w+)#{ Regexp.escape( ".#{d.gsub(/^\*?\./, "")}" ) }" }.join(joiner) %> <%= "~^#{Regexp.escape("www.")}(?\w+)#{ Regexp.escape( ".#{fetch(:nginx_major_domain).gsub(/^\*?\./, "")}" ) }" %> <%= "~^(?\w+)#{ Regexp.escape( ".#{fetch(:nginx_major_domain).gsub(/^\*?\./, "")}" ) }" %>; # return 301 https://$sub.<%= fetch(:nginx_major_domain).gsub(/^\*?\./, "") %>$request_uri; location ^~ /assets/ico/ { root <%= current_path %>/public; gzip_static on; expires max; add_header Cache-Control public; } location / { return 301 https://$sub.<%= fetch(:nginx_major_domain).gsub(/^\*?\./, "") %>$request_uri; } } <% else %> server { listen 80; server_name <%= Array(fetch(:nginx_domains)).map{ |d| d[0] == "." ? d : ".#{d}"}.join(joiner) %>; # return 301 https://$host$request_uri; location ^~ /assets/ico/ { root <%= current_path %>/public; gzip_static on; expires max; add_header Cache-Control public; } location / { return 301 https://$host$request_uri; } } <% end %> <% elsif fetch(:nginx_remove_https) %> <% if fetch(:nginx_major_domain) %> server { listen 443; server_name <%= Array(fetch(:nginx_domains)).map{ |d| d.gsub(/^\*?\./, "") }.join(joiner) %> <%= ".#{fetch(:nginx_major_domain).gsub(/^\*?\./, "")}" %>; return 301 http://<%= fetch(:nginx_major_domain).gsub(/^\*?\./, "") %>$request_uri; } server { listen 443; server_name <%= Array(fetch(:nginx_domains)).map{ |d| "~^(?\w+)#{ Regexp.escape( ".#{d.gsub(/^\*?\./, "")}" ) }" }.join(joiner) %> <%= "~^#{Regexp.escape("www.")}(?\w+)#{ Regexp.escape( ".#{fetch(:nginx_major_domain).gsub(/^\*?\./, "")}" ) }" %> <%= "~^(?\w+)#{ Regexp.escape( ".#{fetch(:nginx_major_domain).gsub(/^\*?\./, "")}" ) }" %>; return 301 http://$sub.<%= fetch(:nginx_major_domain).gsub(/^\*?\./, "") %>$request_uri; } <% else %> server { listen 443; server_name <%= Array(fetch(:nginx_domains)).map{ |d| d[0] == "." ? d : ".#{d}"}.join(joiner) %>; return 301 http://$host$request_uri; } <% end %> <% end %> <% if fetch(:nginx_major_domain) %> <% if fetch(:nginx_use_ssl) %> # ssl-domain server { listen 443; server_name <%= Array(fetch(:nginx_domains)).map{ |d| d.gsub(/^\*?\./, "") }.join(joiner) %>; return 301 https://<%= fetch(:nginx_major_domain).gsub(/^\*?\./, "") %>$request_uri; ssl on; ssl_certificate <%= fetch(:nginx_ssl_certificate_path) %>/<%= fetch(:nginx_old_ssl_certificate) %>; ssl_certificate_key <%= fetch(:nginx_ssl_certificate_key_path) %>/<%= fetch(:nginx_old_ssl_certificate_key) %>; } # ssl-with-subdomain server { listen 443; server_name <%= Array(fetch(:nginx_domains)).map{ |d| "~^(?\w+)\.#{ Regexp.escape( d.gsub(/^\*?\./, "") ) }" }.join(joiner) %>; return 301 https://$sub.<%= fetch(:nginx_major_domain).gsub(/^\*?\./, "") %>$request_uri; ssl on; ssl_certificate <%= fetch(:nginx_ssl_certificate_path) %>/<%= fetch(:nginx_old_ssl_certificate) %>; ssl_certificate_key <%= fetch(:nginx_ssl_certificate_key_path) %>/<%= fetch(:nginx_old_ssl_certificate_key) %>; } <% else %> server { listen 80; server_name <%= Array(fetch(:nginx_domains)).map{ |d| d.gsub(/^\*?\./, "") }.join(joiner) %>; return 301 http://<%= fetch(:nginx_major_domain).gsub(/^\*?\./, "") %>$request_uri; } server { listen 80; server_name <%= Array(fetch(:nginx_domains)).map{ |d| "~^(?\w+)\.#{ Regexp.escape( d.gsub(/^\*?\./, "") ) }" }.join(joiner) %>; return 301 http://$sub.<%= fetch(:nginx_major_domain).gsub(/^\*?\./, "") %>$request_uri; } <% end %> <% end %> server { <% if fetch(:nginx_use_ssl) %> listen 443<%= ' default_server ssl' if fetch(:default_site) %>; ssl on; ssl_certificate <%= fetch(:nginx_ssl_certificate_path) %>/<%= fetch(:nginx_ssl_certificate) %>; ssl_certificate_key <%= fetch(:nginx_ssl_certificate_key_path) %>/<%= fetch(:nginx_ssl_certificate_key) %>; <% else %> listen 80<%= ' default deferred' if fetch(:default_site) %>; <% end %> <% if fetch(:nginx_major_domain) %> server_name <%= ".#{fetch(:nginx_major_domain).gsub(/^\*?\./, "")}" %>; <% else %> server_name <%= Array( fetch(:nginx_domains) ).join(joiner) %>; <% end %> <% if fetch(:nginx_remove_www) %> if ($host ~* ^www\.(.*)) { set $host_without_www $1; rewrite ^(.*) http://$host_without_www$1 permanent; } <% end %> root <%= current_path %>/public; access_log <%= fetch(:nginx_log_path) %>/nginx-access.log; error_log <%= fetch(:nginx_log_path) %>/nginx-error.log; error_page 404 /404.html; location /404.html { root <%= fetch(:deploy_to) %>/current/<%= fetch(:nginx_static_dir) %>; } error_page 500 502 503 504 /500.html; location /500.html { root <%= fetch (:deploy_to) %>/current/<%= fetch(:nginx_static_dir) %>; } client_max_body_size 4G; keepalive_timeout 10; location ^~ /assets/ { gzip_static on; expires max; add_header Cache-Control public; } <% if fetch(:proxy_cache_media) %> # Media-Path with NginX-Proxy-Cache location ^~ /<%= fetch(:proxy_cache_media_path) %>/ { auth_basic off; proxy_cache <%= fetch(:proxy_cache_media_name) %>; proxy_cache_lock on; add_header X-Cache-Status $upstream_cache_status; proxy_cache_bypass $http_bypass_proxy; proxy_pass $scheme://thin_<%= fetch(:application) %>_<%= fetch(:stage) %>_cluster; } <% end %> try_files $uri/index.html $uri @thin_<%= fetch(:application) %>_<%= fetch(:stage) %>; location @thin_<%= fetch(:application) %>_<%= fetch(:stage) %> { # rewrite Headers for correct behavior proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $host:$server_port; proxy_redirect off; <% if fetch(:proxy_cache_rails) %> # cache rails actions (need public header) proxy_cache <%= fetch(:proxy_cache_rails_name) %>; proxy_cache_lock on; <% if fetch(:proxy_cache_rails_200) %> proxy_cache_valid 200 302 <%= fetch(:proxy_cache_rails_200) %>; <% end %> <% if fetch(:proxy_cache_rails_404) %> proxy_cache_valid 404 <%= fetch(:proxy_cache_rails_404) %>; <% end %> proxy_cache_use_stale <%= Array( fetch(:proxy_cache_rails_stale) ).join(" ") %>; proxy_ignore_headers Set-Cookie; proxy_cache_bypass $http_bypass_proxy; add_header X-Cache-Status $upstream_cache_status; <% end %> # pass request to thin upstream proxy_pass http://thin_<%= fetch(:application) %>_<%= fetch(:stage) %>_cluster; } }