nginx.conf

daemon off;
worker_processes  2;

error_log  /dev/console;
pid  /var/run/nginx.pid;

events {
  worker_connections  1024;
}

http {
  include   /etc/nginx/mime.types;
  default_type  application/octet-stream;

  log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    '$status $body_bytes_sent "$http_referer" '
    '"$http_user_agent" "$http_x_forwarded_for"';

  access_log  /dev/console;

  sendfile  on;
  tcp_nopush   on;

  keepalive_timeout  30;
  keepalive_requests  100000;

  gzip  on;
  
upstream unicorn {
  server unix:/var/run/unicorn/unicorn.sock;
}

server {
  listen 8080;
  location /stats {
    stub_status on;
  }
}

server {
  listen 80; 
  listen 443 ssl;
  access_log /dev/console;
  error_log /dev/console;
  ssl_certificate /server.crt;
  ssl_certificate_key /server.key;

  location / { 
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header X_FORWARDED_PROTO https;
    proxy_redirect off;
    if (!-f $request_filename) {
      proxy_pass http://unicorn;
      break;
    }   
  }
  location ~* ^/assets/ {
    # Per RFC2616 - 1 year maximum expiry
    # http://www.w3.org/Protocols/rfc2616/rfc2616-sec14.html
    root /app/public;
    expires 1y;
    add_header Cache-Control public;

    # Some browsers still send conditional-GET requests if there's a
    # Last-Modified header or an ETag header even if they haven't
    # reached the expiry date sent in the Expires header.
    add_header Last-Modified "";
    add_header ETag "";
    break;
  }
  error_page 500 502 503 504 /500.html;
  error_page 404 /404.html;
  location = /500.html {
    root /app/public;
  }
  location = /404.html {
    root /app/public;
  }
  location = /404 {
    root /app/public;
  }
  location = /favicon.ico {
    root /app/public;
  }
}
}