55 lines
1.5 KiB
Plaintext
55 lines
1.5 KiB
Plaintext
# Generated by Chef
|
|
<% if File.exist?(@ssl_cert) && File.exist?(@ssl_key) -%>
|
|
upstream _akkounts {
|
|
server localhost:<%= @port %>;
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl http2;
|
|
add_header Strict-Transport-Security "max-age=15768000";
|
|
|
|
ssl_certificate <%= @ssl_cert %>;
|
|
ssl_certificate_key <%= @ssl_key %>;
|
|
|
|
server_name <%= @domain %>;
|
|
|
|
access_log <%= node[:nginx][:log_dir] %>/<%= @domain %>.access.log json;
|
|
error_log <%= node[:nginx][:log_dir] %>/<%= @domain %>.error.log warn;
|
|
|
|
root <%= @root_dir %>;
|
|
|
|
location ~ ^/(assets|packs|images|javascripts|stylesheets|swfs|system)/ {
|
|
access_log off;
|
|
gzip_static on;
|
|
expires max;
|
|
add_header Cache-Control public;
|
|
}
|
|
|
|
try_files $uri/index.html $uri @app;
|
|
|
|
location @app {
|
|
# an HTTP header important enough to have its own Wikipedia entry:
|
|
# http://en.wikipedia.org/wiki/X-Forwarded-For
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
|
|
# enable this if and only if you use HTTPS, this helps Rack
|
|
# set the proper protocol for doing redirects:
|
|
proxy_set_header X-Forwarded-Proto https;
|
|
|
|
# pass the Host: header from the client right along so redirects
|
|
# can be set properly within the Rack application
|
|
proxy_set_header Host $http_host;
|
|
|
|
# we don't want nginx trying to do something clever with
|
|
# redirects, we set the Host: header above already.
|
|
proxy_redirect off;
|
|
|
|
# Increase number of buffers. Default is 8
|
|
proxy_buffers 1024 8k;
|
|
|
|
proxy_pass http://_akkounts;
|
|
proxy_http_version 1.1;
|
|
}
|
|
}
|
|
<% end -%>
|