diff --git a/nginx.conf.sigil b/nginx.conf.sigil new file mode 100644 index 0000000..8d41788 --- /dev/null +++ b/nginx.conf.sigil @@ -0,0 +1,92 @@ +upstream {{ .APP }} { +{{ range .DOKKU_APP_LISTENERS | split " " }} + server {{ . }}; +{{ end }} +} + +server { + listen [::]:{{ .NGINX_PORT }}; + listen {{ .NGINX_PORT }}; + server_name {{ .NOSSL_SERVER_NAME }}; + access_log /var/log/nginx/{{ .APP }}-access.log; + error_log /var/log/nginx/{{ .APP }}-error.log; + return 301 https://$host:{{ .NGINX_SSL_PORT }}$request_uri; +} + +server { + listen [::]:{{ .NGINX_SSL_PORT }} ssl spdy; + listen {{ .NGINX_SSL_PORT }} ssl spdy; + server_name {{ .SSL_SERVER_NAME }}; + access_log /var/log/nginx/{{ .APP }}-access.log; + error_log /var/log/nginx/{{ .APP }}-error.log; + + ssl_certificate {{ .APP_SSL_PATH }}/server.crt; + ssl_certificate_key {{ .APP_SSL_PATH }}/server.key; + + client_max_body_size 1G; + + keepalive_timeout 70; + add_header Alternate-Protocol {{ .NGINX_SSL_PORT }}:npn-spdy/2; + + location /apps/ { + alias {{ .DOKKU_ROOT }}/{{ .APP }}/apps/; + } + + location / { + gzip on; + gzip_min_length 1100; + gzip_buffers 4 32k; + gzip_types text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml application/rss+xml font/truetype application/x-font-ttf font/opentype application/vnd.ms-fontobject image/svg+xml; + gzip_vary on; + gzip_comp_level 6; + + proxy_pass http://{{ .APP }}; + proxy_request_buffering off; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Port $server_port; + proxy_set_header X-Request-Start $msec; + } + include {{ .DOKKU_ROOT }}/{{ .APP }}/nginx.conf.d/*.conf; +} + +server { + listen [::]:{{ .NGINX_SSL_PORT }} ssl spdy; + listen {{ .NGINX_SSL_PORT }} ssl spdy; + server_name api.{{ .SSL_SERVER_NAME }}; + access_log /var/log/nginx/{{ .APP }}-api-access.log; + error_log /var/log/nginx/{{ .APP }}-api-error.log; + + ssl_certificate {{ .APP_SSL_PATH }}/server.crt; + ssl_certificate_key {{ .APP_SSL_PATH }}/server.key; + + client_max_body_size 1G; + + keepalive_timeout 70; + add_header Alternate-Protocol {{ .NGINX_SSL_PORT }}:npn-spdy/2; + + location / { + gzip on; + gzip_min_length 1100; + gzip_buffers 4 32k; + gzip_types text/css text/javascript text/xml text/plain text/x-component application/javascript application/x-javascript application/json application/xml application/rss+xml font/truetype application/x-font-ttf font/opentype application/vnd.ms-fontobject image/svg+xml; + gzip_vary on; + gzip_comp_level 6; + + proxy_pass http://{{ .APP }}/api/; + proxy_request_buffering off; + proxy_http_version 1.1; + proxy_set_header Upgrade $http_upgrade; + proxy_set_header Connection "upgrade"; + proxy_set_header Host $http_host; + proxy_set_header X-Forwarded-Proto $scheme; + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header X-Forwarded-Port $server_port; + proxy_set_header X-Request-Start $msec; + } + include {{ .DOKKU_ROOT }}/{{ .APP }}/nginx.conf.d/*.conf; +}