help with ssl config nginx -> thin -> rails
Karl Johnson
karljohn at gmail.com
Fri Jan 13 15:42:42 UTC 2012
Ignore all of the regex's for now, they were left over from a previous
developer who configured the instance. I'll remove them.
My biggest concern though is around what the address(s) should be for
devmode-secure.
What should that look like in the config if the IP plus 443 causes it to
loopback to nginx?
Thanks for your help.
Karl
On Thu, Jan 12, 2012 at 5:29 PM, Valentin V. Bartenev <ne at vbart.ru> wrote:
> On Thursday 12 January 2012 22:30:43 Karl Johnson wrote:
> [...]
> >
> ^.+.(jpg|jpeg|gif|png|ico|css|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|txt|tar|mi
> > d|midi|wav|bmp|rtf|ttf|woff|svg|eot)$ {
> > root /var/www/dev/public/;
> > expires 10y;
> > add_header Cache-Control public;
> > }
> > location ~ ^(/javascripts/.*)$ {
> > root /var/www/dev/public/;
> > expires 10y;
> > add_header Cache-Control public;
> > }
>
> Why did you put regexp captures everywhere and don't use them?
>
> >
> > if (-f $request_filename/index.html) {
> > rewrite (.*) $1/index.html break;
> > }
> > if (-f $request_filename.html) {
> > rewrite (.*) $1.html break;
> > }
> > if (!-f $request_filename) {
> > proxy_pass http://developmentmode;
> > break;
> > }
>
> It's ugly. Please read:
> http://wiki.nginx.org/IfIsEvil
> http://wiki.nginx.org/Pitfalls
>
> ..and use the "try_files" directive:
> http://nginx.org/en/docs/http/ngx_http_core_module.html#try_files
>
> [...]
> > }
> > }
> > server {
> > listen 443;
> > server_name govenga.com www.govenga.com;
> [...]
> > proxy_pass https://devmode-secure;
> [...]
>
> and above:
>
> >
> > upstream devmode-secure{
> > server 127.0.0.1:443;
> > }
> >
>
> ...looks like you set up a loopback proxy pass to nginx itself.
>
>
> wbr, Valentin V. Bartenev
>
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mailman.nginx.org/pipermail/nginx/attachments/20120113/bf91dfdc/attachment.html>
More information about the nginx
mailing list