-
Notifications
You must be signed in to change notification settings - Fork 1
/
nginx.conf
75 lines (68 loc) · 2.52 KB
/
nginx.conf
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
# This configuration is based from the CloudFoundry static buildpack's default, which you can view here:
# https://github.com/cloudfoundry/staticfile-buildpack/blob/bd7a288e11b27f1c5095d62bcd09780a14c5151e/conf/nginx.conf
worker_processes 1;
daemon off;
error_log <%= ENV["APP_ROOT"] %>/nginx/logs/error.log;
events { worker_connections 1024; }
http {
charset utf-8;
log_format cloudfoundry '$http_x_forwarded_for - $http_referer - [$time_local] "$request" $status $body_bytes_sent';
access_log <%= ENV["APP_ROOT"] %>/nginx/logs/access.log cloudfoundry;
default_type application/octet-stream;
include mime.types;
sendfile on;
gzip on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gunzip on;
gzip_static always;
gzip_types text/plain text/css text/js text/xml text/javascript application/javascript application/x-javascript application/json application/xml application/xml+rss;
gzip_vary on;
tcp_nopush on;
keepalive_timeout 30;
port_in_redirect off; # Ensure that redirects don't include the internal container PORT - <%= ENV["PORT"] %>
server_tokens off;
server {
listen <%= ENV["PORT"] %>;
server_name localhost;
location / {
root <%= ENV["APP_ROOT"] %>/public;
<% if File.exists?(File.join(ENV["APP_ROOT"], "nginx/conf/.enable_pushstate")) %>
if (!-e $request_filename) {
rewrite ^(.*)$ / break;
}
<% end %>
index index.html index.htm Default.htm;
<% if File.exists?(File.join(ENV["APP_ROOT"], "nginx/conf/.enable_directory_index")) %>
autoindex on;
<% end %>
<% if File.exists?(auth_file = File.join(ENV["APP_ROOT"], "nginx/conf/.htpasswd")) %>
auth_basic "Restricted"; #For Basic Auth
auth_basic_user_file <%= auth_file %>; #For Basic Auth
<% end %>
<% if ENV["FORCE_HTTPS"] %>
if ($http_x_forwarded_proto != "https") {
return 301 https://$host$request_uri;
}
<% end %>
<% if File.exists?(File.join(ENV["APP_ROOT"], "nginx/conf/.enable_ssi")) %>
ssi on;
<% end %>
<% if File.exists?(File.join(ENV["APP_ROOT"], "nginx/conf/.enable_hsts")) %>
add_header Strict-Transport-Security "max-age=31536000";
<% end %>
if ($host != "n/a") {
return 301 https://n/a$request_uri;
}
}
<% unless File.exists?(File.join(ENV["APP_ROOT"], "nginx/conf/.enable_dotfiles")) %>
location ~ /\. {
deny all;
return 404;
}
<% end %>
}
}