nginx configuration

1. # Set another default user than root for security reasons
2. #user www www;
3.  
4. # As a thumb rule: One per CPU. If you are serving a large amount
5. # of static files, which requires blocking disk reads, you may want
6. # to increase this from the number of cpu_cores available on your
7. # system.
8. #
9. # The maximum number of connections for Nginx is calculated by:
10. # max_clients = worker_processes * worker_connections
11. worker_processes 1;
12.  
13. # Maximum file descriptors that can be opened per process
14. # This should be > worker_connections
15. worker_rlimit_nofile 8192;
16.  
17. events {
18. # When you need > 8000 * cpu_cores connections, you start optimizing
19. # your OS, and this is probably the point at where you hire people
20. # who are smarter than you, this is *a lot* of requests.
21. worker_connections 8000;
22. }
23.  
24. # Change these paths to somewhere that suits you!
25. error_log logs/nginx-error.log;
26. pid logs/nginx.pid;
27.  
28. http {
29. # Set the mime-types via the mime.types external file
30. include nginx-mime.types;
31.  
32. # And the fallback mime-type
33. default_type application/octet-stream;
34.  
35. # Format for our log files
36. log_format main '$remote_addr - $remote_user [$time_local] $status '
37. '"$request" $body_bytes_sent "$http_referer" '
38. '"$http_user_agent" "$http_x_forwarded_for"';
39.  
40. # Click tracking!
41. access_log logs/access.log main;
42.  
43. # ~2 seconds is often enough for HTML/CSS, but connections in
44. # Nginx are cheap, so generally it's safe to increase it
45. keepalive_timeout 20;
46.  
47. # You usually want to serve static files with Nginx
48. sendfile on;
49.  
50. tcp_nopush on; # off may be better for Comet/long-poll stuff
51. tcp_nodelay off; # on may be better for Comet/long-poll stuff
52.  
53. # Enable Gzip:
54. gzip on;
55. gzip_http_version 1.0;
56. gzip_comp_level 5;
57. gzip_min_length 512;
58. gzip_buffers 4 8k;
59. gzip_proxied any;
60. gzip_types
61. # text/html is always compressed by HttpGzipModule. Durrrr
62. text/css
63. text/javascript
64. text/xml
65. text/plain
66. text/x-component
67. application/javascript
68. application/x-javascript
69. application/json
70. application/xml
71. application/rss+xml
72. font/truetype
73. font/opentype
74. application/vnd.ms-fontobject
75. image/svg+xml;
76.  
77. # This should be turned on if you are going to have pre-compressed copies (.gz) of
78. # static files available. If not it should be left off as it will cause extra I/O
79. # for the check. It would be better to enable this in a location {} block for
80. # a specific directory:
81. # gzip_static on;
82.  
83. gzip_disable "MSIE [1-6]\.";
84. gzip_vary on;
85.  
86. # Directories
87. client_body_temp_path tmp/client_body/ 2 2;
88. fastcgi_temp_path tmp/fastcgi/;
89. proxy_temp_path tmp/proxy/;
90. uwsgi_temp_path tmp/uwsgi/;
91.  
92. client_max_body_size 5M;
93.  
94. # Logging
95. access_log logs/nginx-access.log combined;
96. #
97.  
98.  
99. server {
100. listen 443;
101.  
102. if ($host ~* ^([a-z0-9\-]+\.(com|net|org))$) {
103. set $host_with_www www.$1;
104. set $wwwtoggle 1;
105. #rewrite ^(.*)$ $scheme://$host_with_www$1 permanent;
106. }
107. if ($host ~ "buffbrew.ticketometer.com") {
108. rewrite ^(.*)$ http://www.ticketometer.com/Open-House-at-Buffalo-Bayou-Brewing-Company permanent;
109. }
110.  
111. server_name www.ticketometer.com;
112.  
113.  
114. location ~ ^/(img|images|js|css|static|learn-more)/ {
115. root /home/ubuntu/site/app/ticketometer/static;
116. #expire max;
117. }
118.  
119. location ~* ^.+\.(ico|js|css|txt|png|jpg|html)$ {
120. root /home/ubuntu/site/app/ticketometer/static;
121. #expire max;
122. }
123.  
124. set $ssltoggle 2;
125. if ($uri ~ ^/(img|images|js|css|static|learn-more)/) {
126. set $ssltoggle 1;
127. }
128.  
129. if ($request_uri = '/') {
130. set $ssltoggle 1;
131. }
132. if ($uri ~ "/learn") {
133. set $ssltoggle 1;
134. }
135. if ($uri ~ "/order") {
136. set $ssltoggle 1;
137. }
138. if ($uri ~ "/order/addtocart") {
139. set $ssltoggle 2;
140. }
141. if ($uri ~ "/facebook") {
142. set $ssltoggle 1;
143. }
144. if ($uri ~ "/my") {
145. set $ssltoggle 1;
146. }
147. if ($uri ~ "/event") {
148. set $ssltoggle 1;
149. }
150.  
151. if ($wwwtoggle = 1) {
152. set $ssltoggle "{$ssltoggle}W";
153. }
154. if ($ssltoggle = 2W) {
155. rewrite ^/(.*) http://$host_with_www/$1 permanent;
156. }
157. if ($ssltoggle != 1) {
158. rewrite ^(.*)$ http://$server_name$1 permanent;
159. }
160. if ($wwwtoggle = 1) {
161. rewrite ^/(.*) $scheme://$host_with_www/$1 permanent;
162. }
163.  
164.  
165. #Specify a charset
166. charset utf-8;
167.  
168. # Custom 404 page
169. error_page 404 404.html;
170.  
171. # No default expire rule. This config mirrors that of apache as outlined in the
172. # html5-boilerplate .htaccess file. However, nginx applies rules by location, the apache rules
173. # are defined by type. A concequence of this difference is that if you use no file extension in
174. # the url and serve html, with apache you get an expire time of 0s, with nginx you'd get an
175. # expire header of one month in the future (if the default expire rule is 1 month).
176. # Therefore, do not use a default expire rule with nginx unless your site is completely static
177.  
178. # cache.appcache, your document html and data
179. location ~* \.(?:manifest|appcache|html|xml|json)$ {
180. expires -1;
181. access_log logs/static.log;
182. }
183.  
184. # Feed
185. location ~* \.(?:rss|atom)$ {
186. expires 1h;
187. add_header Cache-Control "public";
188. }
189.  
190. # Favicon
191. location ~* \.ico$ {
192. expires 1w;
193. access_log off;
194. add_header Cache-Control "public";
195. }
196.  
197. # Media: images, video, audio, HTC, WebFonts
198. location ~* \.(?:jpg|jpeg|gif|png|ico|gz|svg|svgz|ttf|otf|woff|eot|mp4|ogg|ogv|webm)$ {
199. expires 1M;
200. access_log off;
201. add_header Cache-Control "public";
202. }
203.  
204. # CSS and Javascript
205. location ~* \.(?:css|js)$ {
206. expires 1y;
207. access_log off;
208. add_header Cache-Control "public";
209. }
210.  
211. # opt-in to the future
212. add_header "X-UA-Compatible" "IE=Edge,chrome=1";
213.  
214. # Finally, send all non-media requests to the uwsgi server.
215. location / {
216. send_timeout 360;
217. uwsgi_pass unix:/home/ubuntu/site/sock/uwsgi.sock;
218. include uwsgi_params;
219. }
220.  
221. }
222.  
223. server {
224.  
225. if ($host ~* ^([a-z0-9\-]+\.(com|net|org))$) {
226. set $host_with_www www.$1;
227. set $wwwtoggle 1;
228. #rewrite ^(.*)$ $scheme://$host_with_www$1 permanent;
229. }
230. if ($host ~ "buffbrew.ticketometer.com") {
231. rewrite ^(.*)$ http://www.ticketometer.com/Open-House-at-Buffalo-Bayou-Brewing-Company permanent;
232. }
233.  
234. # listen 80 default_server deferred; # for Linux
235. # listen 80 default_server accept_filter=httpready; # for FreeBSD
236. listen 80;
237. server_name www.ticketometer.com;
238.  
239. # e.g. "localhost" to accept all connections, or "www.example.com"
240. # to handle the requests for "example.com" (and www.example.com)
241. # server_name www.example.com;
242.  
243. # Path for static files
244. # serve static files
245. location ~ ^/(img|images|js|css|static|learn-more)/ {
246. root /home/ubuntu/site/app/ticketometer/static;
247. #expire max;
248. }
249.  
250. location ~* ^.+\.(ico|js|css|txt|png|jpg|html)$ {
251. root /home/ubuntu/site/app/ticketometer/static;
252. #expire max;
253. }
254.  
255. #if ($uri = '/') {
256. # set $ssltoggle 1;
257. #}
258. location = / {
259. rewrite ^(.*)$ https://$server_name$1 permanent;
260. }
261. if ($uri ~ "/learn") {
262. set $ssltoggle 1;
263. }
264. if ($uri ~ "/order") {
265. set $ssltoggle 1;
266. }
267. if ($uri ~ "/order/addtocart") {
268. set $ssltoggle 2;
269. }
270. if ($uri ~ "/my") {
271. set $ssltoggle 1;
272. }
273. if ($uri ~ "/event") {
274. set $ssltoggle 1;
275. }
276.  
277. if ($wwwtoggle = 1) {
278. set $ssltoggle "{$ssltoggle}W";
279. }
280. if ($ssltoggle = 1W) {
281. rewrite ^/(.*) https://$host_with_www/$1 permanent;
282. }
283. if ($ssltoggle = 1) {
284. rewrite ^(.*)$ https://$server_name$1 permanent;
285. }
286. if ($wwwtoggle = 1) {
287. rewrite ^/(.*) $scheme://$host_with_www/$1 permanent;
288. }
289.  
290.  
291. #Specify a charset
292. charset utf-8;
293.  
294. # Custom 404 page
295. error_page 404 404.html;
296.  
297. # No default expire rule. This config mirrors that of apache as outlined in the
298. # html5-boilerplate .htaccess file. However, nginx applies rules by location, the apache rules
299. # are defined by type. A concequence of this difference is that if you use no file extension in
300. # the url and serve html, with apache you get an expire time of 0s, with nginx you'd get an
301. # expire header of one month in the future (if the default expire rule is 1 month).
302. # Therefore, do not use a default expire rule with nginx unless your site is completely static
303.  
304. # cache.appcache, your document html and data
305. location ~* \.(?:manifest|appcache|html|xml|json)$ {
306. expires -1;
307. access_log logs/static.log;
308. }
309.  
310. # Feed
311. location ~* \.(?:rss|atom)$ {
312. expires 1h;
313. add_header Cache-Control "public";
314. }
315.  
316. # Favicon
317. location ~* \.ico$ {
318. expires 1w;
319. access_log off;
320. add_header Cache-Control "public";
321. }
322.  
323. # Media: images, video, audio, HTC, WebFonts
324. location ~* \.(?:jpg|jpeg|gif|png|ico|gz|svg|svgz|ttf|otf|woff|eot|mp4|ogg|ogv|webm)$ {
325. expires 1M;
326. access_log off;
327. add_header Cache-Control "public";
328. }
329.  
330. # CSS and Javascript
331. location ~* \.(?:css|js)$ {
332. expires 1y;
333. access_log off;
334. add_header Cache-Control "public";
335. }
336.  
337. # opt-in to the future
338. add_header "X-UA-Compatible" "IE=Edge,chrome=1";
339.  
340. # Finally, send all non-media requests to the uwsgi server.
341. location / {
342. send_timeout 360;
343. uwsgi_pass unix:/home/ubuntu/site/sock/uwsgi.sock;
344. include uwsgi_params;
345. }
346.  
347. }
348. }