From 0f85c3b59c3e975d1249a9f1dff054261a0b07f8 Mon Sep 17 00:00:00 2001 From: Nicolas Bally Date: Thu, 14 Sep 2017 00:04:05 +0200 Subject: [PATCH] nginx ssl --- config/nginx.conf | 47 ++++++++++++++++++++++++++++++++--------------- 1 file changed, 32 insertions(+), 15 deletions(-) diff --git a/config/nginx.conf b/config/nginx.conf index aec57ce..e1323a9 100644 --- a/config/nginx.conf +++ b/config/nginx.conf @@ -2,27 +2,44 @@ upstream ballalama3_app_unicorn { server unix:/home/web/ballalama3_app/shared/unicorn.sock fail_timeout=0; } + server { - listen 80; - server_name ballalama.com; - root /home/web/ballalama3_app/current/public; - try_files $uri/index.html $uri @unicorn; - location @unicorn { - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - proxy_redirect off; - proxy_pass http://ballalama3_app_unicorn; - } + listen 443 ssl; - error_page 500 502 503 504 /500.html; - client_max_body_size 4G; - keepalive_timeout 10; + server_name ballalama.com; + root /home/web/ballalama3_app/current/public; + + ssl on; + ssl_certificate /etc/nginx/ssl/ballalama3_app/monserveur.crt; + ssl_certificate_key /etc/nginx/ssl/ballalama3_app/monserveur.key; + + + try_files $uri/index.html $uri @unicorn; + + #access_log /var/log/nginx/YOUR_APP_NAME_access.log combined; + #error_log /var/log/nginx/YOUR_APP_NAME_error.log; + + location @unicorn { + proxy_set_header X-Forwarded-For $remote_addr; + proxy_set_header Host $http_host; + proxy_redirect off; + proxy_pass http://ballalama3_app_unicorn; + proxy_set_header X-Forwarded-Proto https; + } + + error_page 500 502 503 504 /500.html; + client_max_body_size 4G; + keepalive_timeout 10; } + + + + server { listen 80; - server_name www.ballalama.com ballalama3.quartz.xyz; - rewrite ^(.*) http://ballalama.com$1 permanent; + server_name ballalama.com www.ballalama.com ballalama3.quartz.xyz; + rewrite ^(.*) https://ballalama.com$1 permanent; }