diff options
Diffstat (limited to 'config')
| -rw-r--r-- | config/httpd-force-ssl.conf.example (renamed from config/httpd-force-ssl.conf-example) | 0 | ||||
| -rw-r--r-- | config/httpd-ssl.conf.example (renamed from config/httpd-ssl.conf-example) | 0 | ||||
| -rw-r--r-- | config/nginx-ssl.conf-example | 32 | ||||
| -rw-r--r-- | config/nginx.conf.example | 43 | ||||
| -rw-r--r-- | config/packages | 1 | ||||
| -rwxr-xr-x | config/sysvinit-passenger.ugly | 59 |
6 files changed, 122 insertions, 13 deletions
diff --git a/config/httpd-force-ssl.conf-example b/config/httpd-force-ssl.conf.example index 0e89afe62..0e89afe62 100644 --- a/config/httpd-force-ssl.conf-example +++ b/config/httpd-force-ssl.conf.example diff --git a/config/httpd-ssl.conf-example b/config/httpd-ssl.conf.example index 8f099b8a6..8f099b8a6 100644 --- a/config/httpd-ssl.conf-example +++ b/config/httpd-ssl.conf.example diff --git a/config/nginx-ssl.conf-example b/config/nginx-ssl.conf-example new file mode 100644 index 000000000..c623c8e96 --- /dev/null +++ b/config/nginx-ssl.conf-example @@ -0,0 +1,32 @@ +upstream alaveteli { + server 127.0.0.1:3000; +} + +server { + listen 443; + server_name www.example.com; + root /var/www/alaveteli/alaveteli/public; + + server_tokens off; + + try_files $uri/index.html $uri @alaveteli; + + access_log /var/log/nginx/alaveteli_ssl_access.log; + error_log /var/log/nginx/alaveteli_ssl_error.log error; + + ssl on; + ssl_certificate /etc/ssl/certs/www.example.com.cert; + ssl_certificate_key /etc/ssl/private/www.example.com.key; + ssl_ciphers ECDHE-RSA-AES256-SHA384:AES256-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!AESGCM; + + location @alaveteli { + proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto https; + proxy_set_header X-Sendfile-Type X-Accel-Redirect; + proxy_set_header X-Accel-Mapping /var/www/alaveteli/alaveteli/cache/zips/production/download=/download; + proxy_redirect off; + proxy_pass http://alaveteli; + } +} diff --git a/config/nginx.conf.example b/config/nginx.conf.example index 56e720abb..be937b7fd 100644 --- a/config/nginx.conf.example +++ b/config/nginx.conf.example @@ -1,29 +1,46 @@ upstream alaveteli { - server 127.0.0.1:3300; + server 127.0.0.1:3000; } +# Example to redirect other domains to the canonical URL. Also redirects the +# unqualified domain to the FQDN www.example.com, which is recommended. +# +# server { +# server_name example.com example.org www.example.org; +# rewrite ^(.*) http://www.example.com$1 permanent; +# } + server { listen 80; + # Set the server name to your domain name if you have multiple nginx servers + # running on your machine + # server_name www.example.com; root /var/www/alaveteli/alaveteli/public; - location / { - proxy_set_header X-Real-IP $remote_addr; - proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; - proxy_set_header Host $http_host; - proxy_set_header X-Forwarded-Proto http; - proxy_redirect off; - try_files $uri @ruby; - } + server_tokens off; + + access_log /var/log/nginx/alaveteli_access.log; + error_log /var/log/nginx/alaveteli_error.log error; + + try_files $uri/index.html $uri @alaveteli; + + error_page 500 502 503 504 /500.html; + error_page 404 /404.html; + error_page 422 /422.html; location /download { internal; - alias /var/www/alaveteli/alaveteli/cache/zips/development/download; + alias /var/www/alaveteli/alaveteli/cache/zips/production/download; } - location @ruby { - proxy_pass http://alaveteli; + location @alaveteli { proxy_set_header Host $http_host; + proxy_set_header X-Real-IP $remote_addr; + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + proxy_set_header X-Forwarded-Proto http; proxy_set_header X-Sendfile-Type X-Accel-Redirect; - proxy_set_header X-Accel-Mapping /var/www/alaveteli/alaveteli/cache/zips/development/download=/download; + proxy_set_header X-Accel-Mapping /var/www/alaveteli/alaveteli/cache/zips/production/download=/download; + proxy_redirect off; + proxy_pass http://alaveteli; } } diff --git a/config/packages b/config/packages index 200a8c34f..e11fa1d52 100644 --- a/config/packages +++ b/config/packages @@ -9,6 +9,7 @@ gettext ghostscript gnuplot-nox irb | irb1.8 +libapache2-mod-passenger libicu-dev libmagic-dev libmagickwand-dev diff --git a/config/sysvinit-passenger.ugly b/config/sysvinit-passenger.ugly new file mode 100755 index 000000000..0940a4d63 --- /dev/null +++ b/config/sysvinit-passenger.ugly @@ -0,0 +1,59 @@ +#! /bin/sh +### BEGIN INIT INFO +# Provides: application-passenger-!!(*= $site *)!! +# Required-Start: $local_fs $network +# Required-Stop: $local_fs $network +# Default-Start: 2 3 4 5 +# Default-Stop: 0 1 6 +# Short-Description: Starts the Passenger app server for the "!!(*= $site *)!!" site +# Description: The Passenger app server for the "!!(*= $site *)!!" site +### END INIT INFO + +# This example sysvinit script is based on the helpful example here: +# http://richard.wallman.org.uk/2010/02/howto-deploy-a-catalyst-application-using-fastcgi-and-nginx/ + +PATH=/usr/local/sbin:/usr/local/bin:/sbin:/bin:/usr/sbin:/usr/bin +NAME=!!(*= $site *)!! +SITE_HOME=!!(*= $vhost_dir *)!!/!!(*= $vcspath *)!! +DESC="Alaveteli app server" +USER=!!(*= $user *)!! + +set -e + +start_daemon() { + echo -n "Starting $DESC: " + rm -f "$SITE_HOME/public/down.html" + echo "$NAME." +} + +stop_daemon() { + echo -n "Stopping $DESC: " + cp "$SITE_HOME/public/down.default.html" "$SITE_HOME/public/down.html" + echo "$NAME." +} + +restart_daemon() { + echo -n "Restarting $DESC: " + rm -f "$SITE_HOME/public/down.html" + touch "$SITE_HOME/tmp/restart.txt" + echo "$NAME." +} + +case "$1" in + start) + start_daemon + ;; + stop) + stop_daemon + ;; + reload|restart|force-reload) + restart_daemon + ;; + *) + N=/etc/init.d/$NAME + echo "Usage: $N {start|stop|reload|restart|force-reload}" >&2 + exit 1 + ;; +esac + +exit 0 |