Permalink
Switch branches/tags
Nothing to show
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
196 lines (167 sloc) 5.89 KB
daemon off;
worker_processes <%= ENV["NGINX_WORKERS"] || 4 %>;
events {
use epoll;
accept_mutex on;
multi_accept on;
worker_connections 1024;
}
http {
gzip on;
gzip_disable "MSIE [1-6]\.(?!.*SV1)";
gzip_comp_level 2;
gzip_min_length 512;
gzip_proxied any;
gzip_vary on;
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
server_tokens off;
tcp_nopush on;
tcp_nodelay on;
log_format l2met "measure#nginx.service=$request_time request_id=$http_x_request_id";
access_log logs/nginx/access.log l2met;
error_log logs/nginx/error.log;
include mime.types;
default_type application/octet-stream;
sendfile on;
<% if ENV["NAKED_DOMAIN"] && !ENV["NAKED_DOMAIN"].empty? %>
server {
listen <%= ENV["PORT"] %>;
server_name <%= ENV["NAKED_DOMAIN"] %>;
return 301 $scheme://www.<%= ENV["NAKED_DOMAIN"] %>$request_uri;
}
<% end %>
server {
<% if ENV["NAKED_DOMAIN"] && !ENV["NAKED_DOMAIN"].empty? %>
server_name www.<%= ENV["NAKED_DOMAIN"] %>;
<% else %>
server_name _;
<% end %>
listen <%= ENV["PORT"] %>;
keepalive_timeout 5;
root dist;
index index.html;
port_in_redirect off;
include <%= ENV["HOME"] %>/config/nginx.d/*.conf;
<% if ENV["CLIENT_MAX_BODY_SIZE"] %>
client_max_body_size <%= ENV["CLIENT_MAX_BODY_SIZE"] %>;
<% end %>
<% if ENV["FORCE_HTTPS"] && ENV["FORCE_HTTPS"] == "true" %>
set $cloudflare NO;
if ($http_cf_visitor ~* 'http') {
set $cloudflare YES;
}
if ($http_cf_visitor ~* '"http"') {
return 301 https://$host$request_uri;
}
set $cloudflare_heroku "${cloudflare}";
if ($http_x_forwarded_proto ~* 'http') {
set $cloudflare_heroku "${cloudflare_heroku}YES";
}
if ($http_x_forwarded_proto !~* 'https') {
set $cloudflare_heroku "${cloudflare_heroku}HTTP";
}
if ($cloudflare_heroku = NOYESHTTP) {
return 301 https://$host$request_uri;
}
<% end %>
<% if ENV["BASIC_AUTH_USER"] && ENV["BASIC_AUTH_PASSWORD"] %>
auth_basic "Restricted";
auth_basic_user_file <%= "#{ENV["HOME"]}/config/htpasswd" %>;
<% end %>
<% if ENV["API_URL"] %>
location <%= ENV["API_PREFIX_PATH"] || "/api/" %> {
proxy_pass <%= ENV["API_URL"] %>;
proxy_set_header Real-IP $remote_addr;
proxy_set_header Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header NginX-Proxy true;
proxy_ssl_session_reuse off;
proxy_redirect off;
<% if ENV["NGINX_DEBUG"] %>add_header Ember-Cli-Proxy on;<% end %>
}
<% end %>
<% if ENV["ACME_CHALLENGE"] %>
location ^~ /.well-known/acme-challenge/ {
return 200 '<%= ENV['ACME_CHALLENGE'] %>';
add_header Content-Type text/plain;
}
<% end %>
<% if ENV["PRERENDER_HOST"] %>
# Based on the official Prerender.io gist https://gist.github.com/thoop/8165802
location @prerender {
<% if ENV["PRERENDER_TOKEN"] %>
proxy_set_header X-Prerender-Token <%= ENV["PRERENDER_TOKEN"] %>;
<% end %>
set $prerender 0;
if ($http_user_agent ~* "baiduspider|twitterbot|facebookexternalhit|rogerbot|linkedinbot|embedly|quora link preview|showyoubot|outbrain|pinterest|slackbot|whatsapp") {
set $prerender 1;
}
if ($args ~ "_escaped_fragment_") {
set $prerender 1;
}
if ($http_user_agent ~ "Prerender") {
set $prerender 0;
}
if ($uri ~ "\.(js|css|xml|less|png|jpg|jpeg|gif|pdf|doc|txt|ico|rss|zip|mp3|rar|exe|wmv|doc|avi|ppt|mpg|mpeg|tif|wav|mov|psd|ai|xls|mp4|m4a|swf|dat|dmg|iso|flv|m4v|torrent)") {
set $prerender 0;
}
# Resolve using Google's DNS server to force DNS resolution and prevent caching of IPs
resolver 8.8.8.8;
if ($prerender = 1) {
# Setting Prerender.io as a variable forces DNS resolution since Nginx caches IPs and doesn't play well with load balancing
set $prerender <%= ENV["PRERENDER_HOST"] %>;
<% if ENV["FORCE_HTTPS"] && ENV["FORCE_HTTPS"] == "true" %>
rewrite .* /https://$host$request_uri? break;
<% else %>
rewrite .* /$scheme://$host$request_uri? break;
<% end %>
proxy_pass http://$prerender;
}
if ($prerender = 0) {
rewrite .* /index.html break;
}
}
<% end %>
location ~* \index.html$ {
expires -1;
<% if ENV["NGINX_DEBUG"] %>add_header Ember-Cli-Html on;<% end %>
}
location ~* \.(ogg|ogv|svgz|mp4|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|html|txt|htm)$ {
expires max;
log_not_found off;
access_log off;
add_header Cache-Control public;
fastcgi_hide_header Set-Cookie;
<% if ENV["NGINX_DEBUG"] %>add_header Ember-Cli-Speed on;<% end %>
}
location ~* \.(eot|oft|svg|ttf|woff)$ {
add_header Access-Control-Allow-Origin *;
expires max;
log_not_found off;
access_log off;
add_header Cache-Control public;
fastcgi_hide_header Set-Cookie;
<% if ENV["NGINX_DEBUG"] %>add_header Ember-Cli-Font on;<% end %>
}
location ~ /\. {
deny all;
<% if ENV["NGINX_DEBUG"] %>add_header Ember-Cli-Denied on;<% end %>
}
location / {
expires -1;
<% if ENV["IP_WHITELIST"] %>
set_real_ip_from 10.0.0.0/8;
real_ip_header X-Forwarded-For;
<% ENV["IP_WHITELIST"].split(",").each do |ip| %>
allow <%= ip %>;
<% end %>
deny all;
<% end %>
<% if ENV["PRERENDER_HOST"] %>
try_files $uri @prerender;
<% else %>
try_files $uri $uri/ /index.html =404;
<% end %>
<% if ENV["NGINX_DEBUG"] %>add_header Ember-Cli-Base-Location on;<% end %>
}
}
}