-
Notifications
You must be signed in to change notification settings - Fork 4
NGINX Configuration
NGINX configuration for our production / staging AWS Elastic Beanstalk Environment. This is all done using .ebextension-files. This just documents the final result. The file handling this configuration process is:
.ebextensions/03nginx.config
On our Elastic Beanstalk instances, the user's configuration files for NGINX are found in:
/etc/nginx/conf.d
Another file then picks up these modular configurations and includes them in the main configuration:
/etc/nginx/nginx.config
The default NGINX configuration Elastic Beanstalk uses to serve our webapp:
/etc/nginx/conf.d/webapp_healthd.conf
This file is a symlink to the place from where Elastic Beanstalk then launches NGINX:
/opt/elasticbeanstalk/support/conf/webapp_healthd.conf
Warning: this is likely to change when Amazon updates their infrastructure stack (e.g. new Ruby version, new NGINX version)
To prevent timeout when users upload larger files / multiple files, we increase the client_max_body_size value by adding this file:
/etc/nginx/conf.d/proxy.conf
We serve our robots.txt as a static file with NGINX:
location /robots.txt {
alias /var/app/current/public/robots.txt;
}Our assets are served via CDN. To have modern browsers (Chrome, Firefox) allow our fonts, we need CORS headers on the assets:
location /assets {
alias /var/app/current/public/assets;
gzip_static on;
gzip on;
expires max;
add_header Cache-Control public;
add_header Access-Control-Allow-Origin *;
}On depoy, we replace Elastic Beanstalk's default etc/nginx/conf.d/webapp_healthd.conf file with our custom webapp_healthd.conf configuration file and restart NGINX.
Contents of our configuration file:
upstream my_app {
server unix:///var/run/puma/my_app.sock;
}
log_format healthd '$msec"$uri"'
'$status"$request_time"$upstream_response_time"'
'$http_x_forwarded_for';
server {
listen 80;
server_name _ localhost; # need to listen to localhost for worker tier
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
}
access_log /var/log/nginx/access.log main;
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
location /robots.txt {
alias /var/app/current/public/robots.txt;
}
location / {
proxy_pass http://my_app; # match the name of upstream directive which is defined above
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /assets {
alias /var/app/current/public/assets;
gzip_static on;
gzip on;
expires max;
add_header Cache-Control public;
add_header Access-Control-Allow-Origin *;
}
location /public {
alias /var/app/current/public;
gzip_static on;
gzip on;
expires max;
add_header Cache-Control public;
}
}With this configuration in place, we use another Elastic Beanstalk command to restart NGINX:
container_commands:
01_reload_nginx:
command: "sudo service nginx reload"