Commit 9dde7d2

@@ -0,0 +1,54 @@
+upstream unicorn {
+  server unix:<%= @shared_path %>/sockets/unicorn.sock fail_timeout=0;
+}
+
+client_max_body_size 4G;
+
+server {
+  listen 80 default deferred;
+  server_name <%= @domain %>;
+  rewrite        ^ https://$server_name$request_uri? permanent;
+}
+
+server {
+  listen 443;
+  server_name  <%= @domain %>;
+  root         <%= @current_path %>/public;
+  ssl on;
+  ssl_certificate             <%= @ssl_certificate %>;
+  ssl_certificate_key         <%= @ssl_certificate_key %>;
+  error_log /var/log/nginx/<%= @application %>.error.log;
+  access_log /var/log/nginx/<%= @application %>.access.log;
+
+  if ($http_user_agent ~* (wget|easouspider|ahrefsbot|httrack|htmlparser|libwww) ) {
+    return 403;
+  }
+
+  # Deny access based on the Referer header.
+  if ($http_referer ~* (babes|click|diamond|forsale|girl|jewelry|love|nudit|organic|poker|porn|poweroversoftware|sex|teen|webcam|zippo|casino|replica) ) {
+    return 444;
+  }
+
+  if ($host = '<%= @domain.gsub(/www/, '') %>' ) {
+    rewrite  ^/(.*)$  https://<%= @domain %>/$1  permanent;
+  }
+
+  try_files $uri/index.html $uri @unicorn;
+  location ^~ /assets/ {
+    gzip_static on;
+    expires max;
+    add_header Cache-Control public;
+  }
+
+  location @unicorn {
+    proxy_set_header X_FORWARDED_PROTO https;
+    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+    proxy_set_header HOST $http_host;
+    proxy_set_header  X-Url-Scheme $scheme;
+    proxy_redirect off;
+    proxy_pass http://unicorn;
+  }
+
+  error_page 500 502 503 504 /500.html;
+  keepalive_timeout 10;
+}