added nginx configuration, ASS runscript

This commit is contained in:
nilsding 2015-04-02 01:12:01 +02:00
parent 4857c47b9e
commit 64405b32ff
2 changed files with 104 additions and 0 deletions

33
docs/ass.rb Normal file
View file

@ -0,0 +1,33 @@
# This ASS runscript starts justask in development mode on a FreeBSD host.
# (c) 2015 nilsding
# This file is a modification of https://github.com/retrospring/ass/blob/master/scripts/example-rails.rb
Runscript.new do
before_start do
# set Rails environment to development
setenv :RAILS_ENV, 'development'
# install bundle
sh %|bundle install --without production mysql|
# edit and copy example justask config
sh %|sed -i .old -e 's/justask.rrerr.net/justask.local/g' -e 's/"Anonymous"/"Arno Nym"/g' -e 's/enabled: tru/enabled: fals/g' ./config/justask.yml.example|
sh %|cp ./config/justask.yml.example ./config/justask.yml|
# edit and copy postgres database config
sh %|sed -i .old -e 's/_production/_producktion/g' -e 's/justask_development/ja_devel/g' -e 's/username: postgres/username: nilsding/g' ./config/database.yml.postgres|
sh %|cp ./config/database.yml.postgres ./config/database.yml|
# migrate the database
sh %|bundle exec rake db:migrate|
end
start do
sh %|bundle exec rails server -b 127.0.0.1 -p 16933|, pid: :rails, wait: false
end
stop do
unset :RAILS_ENV
kill :rails, with: :SIGINT
end
end

71
docs/nginx.conf Normal file
View file

@ -0,0 +1,71 @@
# justask nginx config
# Redirect www.retrospring.net to retrospring.net, because it looks nicer.
server {
listen *:80;
listen *:443;
server_name www.retrospring.net;
return 301 $scheme://retrospring.net$request_uri;
}
# This is a normal HTTP host which redirects all traffic to the HTTPS host.
server {
listen *:80;
# Replace retrospring.net with your FQDN.
server_name retrospring.net;
server_tokens off;
# root doesn't have to be a valid path since we are redirecting
root /nowhere;
rewrite ^ https://$server_name$request_uri permanent;
}
# The actual configuration.
server {
# SSL settings
listen 443 ssl;
ssl on;
ssl_certificate /usr/local/etc/nginx/ssl/certs/retrospring.net/retrospring.net.pem;
ssl_certificate_key /usr/local/etc/nginx/ssl/certs/retrospring.net/retrospring.net.key;
# use this header only if all subdomains support HTTPS!
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains";
ssl_session_cache builtin:1000 shared:SSL:10m;
# forward secrecy settings
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers 'EDH+CAMELLIA:EDH+aRSA:EECDH+aRSA+AESGCM:EECDH+aRSA+SHA384:EECDH+aRSA+SHA256:EECDH:+CAMELLIA256:+AES256:+CAMELLIA128:+AES128:!aNULL:!eNULL:!LOW:!3DES:!MD5:!EXP:!PSK:!DSS:!RC4:!SEED:!ECDSA:CAMELLIA256-SHA:AES256-SHA:CAMELLIA128-SHA:AES128-SHA';
# Replace retrospring.net with your FQDN
server_name retrospring.net;
server_tokens off;
# Replace /usr/home/justask/justask with the path to your justask installation
root /usr/home/justask/justask/public;
access_log /var/log/nginx/justask.log;
client_max_body_size 5M;
error_page 404 = /404.html;
error_page 422 = /422.html;
error_page 500 = /500.html;
error_page 502 = /502.html;
try_files $uri @justask;
location @justask {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_max_temp_file_size 0;
# Replace /usr/home/justask/justask with the path to your justask installation
proxy_pass http://unix:/usr/home/justask/justask/tmp/sockets/justask.sock;
break;
}
}