From 253f0ab4599030cc18eebbab1611c7c83cc2262e Mon Sep 17 00:00:00 2001 From: Eric Wong Date: Mon, 23 Nov 2009 22:28:05 -0800 Subject: Add examples for nginx and unicorn These should help make things easier for folks unfamiliar with nginx setups. --- examples/nginx.conf | 139 +++++++++++++++++++++++++++++++++++++++++++++++ examples/unicorn.conf.rb | 78 ++++++++++++++++++++++++++ 2 files changed, 217 insertions(+) create mode 100644 examples/nginx.conf create mode 100644 examples/unicorn.conf.rb (limited to 'examples') diff --git a/examples/nginx.conf b/examples/nginx.conf new file mode 100644 index 0000000..d42ade8 --- /dev/null +++ b/examples/nginx.conf @@ -0,0 +1,139 @@ +# This is example contains the bare mininum to get nginx going with +# Unicorn or Rainbows! servers. Generally these configuration settings +# are applicable to other HTTP application servers (and not just Ruby +# ones), so if you have one working well for proxying another app +# server, feel free to continue using it. +# +# The only setting we feel strongly about is the fail_timeout=0 +# directive in the "upstream" block. max_fails=0 also has the same +# effect as fail_timeout=0 for current versions of nginx and may be +# used in its place. +# +# Users are strongly encouraged to refer to nginx documentation for more +# details and search for other example configs. + +# you generally only need one nginx worker unless you're serving +# large amounts of static files which require blocking disk reads +worker_processes 1; + +# # drop privileges, root is needed on most systems for binding to port 80 +# # (or anything < 1024). Capability-based security may be available for +# # your system and worth checking out so you won't need to be root to +# # start nginx to bind on 80 +user nobody nogroup; # for systems with a "nogroup" +# user nobody nobody; # for systems with "nobody" as a group instead + +# Feel free to change all paths to suite your needs here, of course +pid /tmp/nginx.pid; +error_log /tmp/nginx.error.log; + +events { + worker_connections 1024; # increase if you have lots of clients + accept_mutex off; # "on" if nginx worker_processes > 1 + # use epoll; # enable for Linux 2.6+ + # use kqueue; # enable for FreeBSD, OSX +} + +http { + # nginx will find this file in the config directory set at nginx build time + include mime.types; + + # fallback in case we can't determine a type + default_type application/octet-stream; + + # click tracking! + access_log /tmp/nginx.access.log combined; + + # you generally want to serve static files with nginx since neither + # Unicorn nor Rainbows! is optimized for it at the moment + sendfile on; + + tcp_nopush on; # off may be better for *some* Comet/long-poll stuff + tcp_nodelay off; # on may be better for some Comet/long-poll stuff + + # we haven't checked to see if Rack::Deflate on the app server is + # faster or not than doing compression via nginx. It's easier + # to configure it all in one place here for static files and also + # to disable gzip for clients who don't get gzip/deflate right. + # There are other other gzip settings that may be needed used to deal with + # bad clients out there, see http://wiki.nginx.org/NginxHttpGzipModule + gzip on; + gzip_http_version 1.0; + gzip_proxied any; + gzip_min_length 500; + gzip_disable "MSIE [1-6]\."; + gzip_types text/plain text/html text/xml text/css + text/comma-separated-values + text/javascript application/x-javascript + application/atom+xml; + + # this can be any application server, not just Unicorn/Rainbows! + upstream app_server { + # fail_timeout=0 means we always retry an upstream even if it failed + # to return a good HTTP response (in case the Unicorn master nukes a + # single worker for timing out). + + # for UNIX domain socket setups: + server unix:/tmp/.sock fail_timeout=0; + + # for TCP setups, point these to your backend servers + # server 192.168.0.7:8080 fail_timeout=0; + # server 192.168.0.8:8080 fail_timeout=0; + # server 192.168.0.9:8080 fail_timeout=0; + } + + server { + # listen 80 default deferred; # for Linux + # listen 80 default accept_filter=httpready; # for FreeBSD + listen 80 default; + + client_max_body_size 4G; + server_name _; + + # ~2 seconds is often enough for most folks to parse HTML/CSS and + # retrieve needed images/icons/frames, connections are cheap in + # nginx so increasing this is generally safe... + keepalive_timeout 5; + + # path for static files + root /path/to/app/current/public; + + location / { + # an HTTP header important enough to have its own Wikipedia entry: + # http://en.wikipedia.org/wiki/X-Forwarded-For + proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; + + # enable this if and only if you use HTTPS, this helps Rack + # set the proper protocol for doing redirects: + # proxy_set_header X-Forwarded-Proto https; + + # pass the Host: header from the client right along so redirects + # can be set properly within the Rack application + proxy_set_header Host $http_host; + + # we don't want nginx trying to do something clever with + # redirects, we set the Host: header above already. + proxy_redirect off; + + # set "proxy_buffering off" *only* for Rainbows! when doing + # Comet/long-poll stuff. It's also safe to set if you're + # using only serving fast clients with Unicorn + nginx. + # Otherwise you _want_ nginx to buffer responses to slow + # clients, really. + # proxy_buffering off; + + # Try to serve static files from nginx, no point in making an + # *application* server like Unicorn/Rainbows! serve static files. + if (!-f $request_filename) { + proxy_pass http://app_server; + break; + } + } + + # Rails error pages + error_page 500 502 503 504 /500.html; + location = /500.html { + root /path/to/app/current/public; + } + } +} diff --git a/examples/unicorn.conf.rb b/examples/unicorn.conf.rb new file mode 100644 index 0000000..e209894 --- /dev/null +++ b/examples/unicorn.conf.rb @@ -0,0 +1,78 @@ +# Sample configuration file for Unicorn (not Rack) +# +# See http://unicorn.bogomips.org/Unicorn/Configurator.html for complete +# documentation. + +# Use at least one worker per core if you're on a dedicated server, +# more will usually help for _short_ waits on databases/caches. +worker_processes 4 + +# Help ensure your application will always spawn in the symlinked +# "current" directory that Capistrano sets up. +working_directory "/path/to/app/current" # available in 0.94.0+ + +# listen on both a Unix domain socket and a TCP port, +# we use a shorter backlog for quicker failover when busy +listen "/tmp/.sock", :backlog => 64 +listen 8080, :tcp_nopush => true + +# nuke workers after 30 seconds instead of 60 seconds (the default) +timeout 30 + +# feel free to point this anywhere accessible on the filesystem +pid "/path/to/app/shared/pids/unicorn.pid" + +# some applications/frameworks log to stderr or stdout, so prevent +# them from going to /dev/null when daemonized here: +stderr_path "/path/to/app/shared/log/unicorn.stderr.log" +stdout_path "/path/to/app/shared/log/unicorn.stdout.log" + +# combine REE with "preload_app true" for memory savings +# http://rubyenterpriseedition.com/faq.html#adapt_apps_for_cow +preload_app true +GC.respond_to?(:copy_on_write_friendly=) and + GC.copy_on_write_friendly = true + +before_fork do |server, worker| + # the following is highly recomended for Rails + "preload_app true" + # as there's no need for the master process to hold a connection + defined?(ActiveRecord::Base) and + ActiveRecord::Base.connection.disconnect! + + # The following is only recommended for memory/DB-constrained + # installations. It is not needed if your system can house + # twice as many worker_processes as you have configured. + # + # # This allows a new master process to incrementally + # # phase out the old master process with SIGTTOU to avoid a + # # thundering herd (especially in the "preload_app false" case) + # # when doing a transparent upgrade. The last worker spawned + # # will then kill off the old master process with a SIGQUIT. + # old_pid = "#{server.config[:pid]}.oldbin" + # if old_pid != server.pid + # begin + # sig = (worker.nr + 1) >= server.worker_processes ? :QUIT : :TTOU + # Process.kill(sig, File.read(old_pid).to_i) + # rescue Errno::ENOENT, Errno::ESRCH + # end + # end + # + # # *optionally* throttle the master from forking too quickly by sleeping + # sleep 1 +end + +after_fork do |server, worker| + # per-process listener ports for debugging/admin/migrations + # addr = "127.0.0.1:#{9293 + worker.nr}" + # server.listen(addr, :tries => -1, :delay => 5, :tcp_nopush => true) + + # the following is *required* for Rails + "preload_app true", + defined?(ActiveRecord::Base) and + ActiveRecord::Base.establish_connection + + # if preload_app is true, then you may also want to check and + # restart any other shared sockets/descriptors such as Memcached, + # and Redis. TokyoCabinet file handles are safe to reuse + # between any number of forked children (assuming your kernel + # correctly implements pread()/pwrite() system calls) +end -- cgit v1.2.3-24-ge0c7