# Nginx configuration file for WebYaST user webyast webyast; worker_processes 1; error_log /var/log/webyast/error.log info; pid /var/run/webyast.pid; # keep $PATH variable env PATH; events { worker_connections 1024; } http { # read passenger_root option from external file (in rubygem-passenger-nginx package) include /etc/nginx/conf.d/passenger_root.include; passenger_ruby /usr/bin/ruby; passenger_pool_idle_time 300; passenger_min_instances 0; passenger_default_user webyast; passenger_user webyast; passenger_max_pool_size 1; passenger_max_instances_per_app 1; passenger_spawn_method conservative; client_body_temp_path /srv/www/webyast/tmp/tmp_webyast 1 2; fastcgi_temp_path /srv/www/webyast/tmp/fastcgi_webyast 1 2; proxy_temp_path /srv/www/webyast/tmp/proxy_webyast 1 2; include mime.types; default_type application/octet-stream; access_log /var/log/webyast/access.log; passenger_log_level 0; passenger_debug_log_file /var/log/webyast/passenger.log; sendfile on; #tcp_nopush on; #keepalive_timeout 0; keepalive_timeout 65; gzip on; gzip_static on; gzip_buffers 16 8k; gzip_comp_level 9; gzip_http_version 1.0; gzip_proxied any; gzip_min_length 0; gzip_types text/plain text/css image/x-icon image/png image/gif image/jpeg application/x-javascript text/javascript; gzip_vary on; server { listen 4984; underscores_in_headers on; server_name localhost; root /srv/www/webyast/public; passenger_enabled on; rails_framework_spawner_idle_time 300; rails_app_spawner_idle_time 300; ssl on; ssl_certificate /etc/nginx/certs/webyast.pem; ssl_certificate_key /etc/nginx/certs/webyast.key; ssl_session_timeout 5m; ssl_protocols TLSv1; ssl_ciphers ALL:!aNULL:!eNULL:!SSLv2:!LOW:!EXP:!MD5:@STRENGTH; ssl_prefer_server_ciphers on; # redirect HTTP requests to HTTPS # Error 497 is internal code for Error 400 "The plain HTTP request was sent to HTTPS port" error_page 497 https://$host:4984$request_uri; location ~* \.(png|gif|jpg|jpeg|css|js|swf|ico)(\?[0-9]+)?$ { passenger_enabled on; access_log off; expires max; add_header Cache-Control public; } } }