master
1user root;
2
3error_log /var/log/nginx/error.log warn;
4pid /var/run/nginx.pid;
5
6events {
7 worker_connections 8096;
8 multi_accept on;
9 use epoll;
10}
11
12http {
13 include /etc/nginx/mime.types;
14 default_type application/octet-stream;
15
16 log_format main '$remote_addr - $remote_user [$time_local] "$request" '
17 '$status $body_bytes_sent "$http_referer" '
18 '"$http_user_agent" "$http_x_forwarded_for"';
19
20 access_log /var/log/nginx/access.log main;
21
22 sendfile on;
23 tcp_nopush on;
24 tcp_nodelay on;
25 keepalive_timeout 15;
26
27 upstream backend {
28 server web:3000 fail_timeout=0;
29 }
30
31 server {
32 listen 80 deferred;
33 add_header Strict-Transport-Security max-age=15768000;
34 server_tokens off;
35 rewrite ^ https://$server_name$request_uri? permanent;
36 }
37
38 server {
39 listen 443 default_server ssl;
40 server_tokens off;
41 root /var/www/public;
42 ssl_certificate /etc/nginx/server.crt;
43 ssl_certificate_key /etc/nginx/server.key;
44
45 ssl_session_timeout 5m;
46 ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
47 add_header Strict-Transport-Security "max-age=63072000; includeSubdomains; preload";
48 add_header X-Frame-Options "DENY";
49
50 try_files $uri/index.html $uri @application;
51 location ^~ /assets/ {
52 gzip_static on;
53 expires max;
54 add_header Cache-Control public;
55 }
56 location /cable {
57 proxy_pass https://backend;
58 proxy_set_header X_FORWARDED_PROTO https;
59 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
60 proxy_set_header HOST $http_host;
61 proxy_set_header X-Url-Scheme $scheme;
62 proxy_set_header X-Real-IP $remote_addr;
63 proxy_set_header Upgrade $http_upgrade;
64 proxy_set_header Connection "upgrade";
65 }
66 location @application {
67 proxy_set_header X_FORWARDED_PROTO https;
68 proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
69 proxy_set_header HOST $http_host;
70 proxy_set_header X-Url-Scheme $scheme;
71 proxy_redirect off;
72 proxy_pass https://backend;
73 }
74
75 error_page 500 502 503 504 /500.html;
76 keepalive_timeout 10;
77 }
78}