adapted Nginx configuration for SSL

This commit is contained in:
Hauke Klement
2015-03-14 14:33:08 +01:00
parent e52150651c
commit 2f17d414da

View File

@ -2,24 +2,39 @@ upstream puma {
server unix:///var/www/app/shared/tmp/sockets/puma.sock;
}
server {
listen 80 default deferred;
return 301 https://codeocean.openhpi.de$request_uri;
server_name codeocean.openhpi.de;
}
server {
client_max_body_size 4G;
error_page 500 502 503 504 /500.html;
keepalive_timeout 10;
listen 80;
listen 443 ssl;
root /var/www/app/current/public;
server_name 172.16.23.112;
try_files $uri/index.html $uri @app;
server_name codeocean.openhpi.de;
try_files $uri @puma;
ssl_certificate /etc/nginx/ssl/ssl-bundle.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
ssl_ciphers HIGH:!ADH:!EXPORT56:RC4+RSA:+MEDIUM;
ssl_prefer_server_ciphers on;
ssl_protocols SSLv3 TLSv1;
ssl_session_timeout 5m;
location / {
access_log /var/www/app/current/log/nginx.access.log;
error_log /var/www/app/current/log/nginx.error.log;
proxy_http_version 1.1;
proxy_pass http://puma;
proxy_read_timeout 900;
proxy_redirect off;
proxy_set_header Connection '';
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
location ^~ /assets/ {