nginx-rails-example.conf

#daemon off;
#user  nobody;
worker_processes auto; # guess number of cpus
worker_priority -5;

error_log  logs/error.log; # append notice, info, etc. to filter
pid        logs/nginx.pid;

events {
    worker_connections 2048;
    multi_accept on;
    use epoll; # we are on linux 2.6+
}

http {
    client_max_body_size      25m;
    client_body_buffer_size   128k;
    client_body_temp_path     /tmp/client_body_temp;
    
    server_names_hash_bucket_size  128;

    passenger_root /home/whereever/.rvm/gems/ruby-2.1.2/gems/passenger-4.0.41;
    passenger_ruby /home/whereever/.rvm/gems/ruby-2.1.2/wrappers/ruby;
    passenger_spawn_method smart; # works for passenger
    passenger_pre_start localhost; # prevents the delay for the first user

    include       mime.types;
    default_type  application/octet-stream;

    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';
    #access_log  logs/access.log  main;
    #access_log off; # consider for increasing performance with less disk IO

    sendfile        on;
    tcp_nopush     on;

    #keepalive_timeout  0;
    keepalive_timeout  65;

    charset UTF-8;

    gzip on;
    # gzip_static on; # would look for pre-zipped assets first
    gzip_proxied any;
    gzip_min_length 256;
    gzip_comp_level 4;
    gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
    
    # redirect to https
    server {
        listen       80;
        server_name  .foo.com;
        rewrite ^ https://foo.com$request_uri? permanent;
    }

    # main site
    server {
        listen       443;
        server_name  .foo.com;

        root /srv/foo_production/current/public;
        passenger_enabled on;
        passenger_set_cgi_param SECRET_KEY_BASE "xxx";
        passenger_set_cgi_param S3_BUCKET_NAME "someplaceons3";
        passenger_set_cgi_param AWS_ACCESS_KEY_ID "xxx";
        passenger_set_cgi_param AWS_SECRET_ACCESS_KEY "xxx";
        rails_env "production";
	    
        # redirect json based command somewhere else... 
        rewrite ^(.*).json$ https://api.foo.com$1.json;

        ssl                  on;
        ssl_certificate      /opt/nginx/ssl/new.foo.crt;
        ssl_certificate_key  /opt/nginx/ssl/new.foo.pem;

        ssl_session_timeout  5m;

        ssl_protocols  SSLv2 SSLv3 TLSv1;
        ssl_ciphers  HIGH:!aNULL:!MD5;
        ssl_prefer_server_ciphers   on;
    }

    # Redirect all to .com 
    server {
        server_name .foodoo.co .baz.com .bazfoo.info;
        rewrite ^ https://foo.com$request_uri? permanent;
    }
    
    # nginx status check for new relic   
    server {
        listen 127.0.0.1:80;
        server_name localhost;

        location = /nginx_stub_status {
            stub_status on;
            allow 127.0.0.1;
            deny all;
        }
    }
}