環境
- nginx version: nginx/1.4.2
- unicorn v4.7.0
- Rails 4.0.2
- ruby 2.0.0p247 (2013-06-27 revision 41674) [x86_64-linux]
Unicorn
$APP_ROOT/bin/unicorn.sh
#!/bin/sh
set -e
TIMEOUT=${TIMEOUT-60}
APP_ROOT=`cd \`dirname $0\`/..; pwd`
PID=$APP_ROOT/log/unicorn.pid
RAILS_ENV=production
CMD="bundle exec unicorn -D -c $APP_ROOT/config/unicorn.rb -E $RAILS_ENV"
INIT_CONF=$APP_ROOT/config/init.conf
action="$1"
set -u
old_pid="$PID.oldbin"
cd $APP_ROOT || exit 1
sig () {
test -s "$PID" && kill -$1 `cat $PID`
}
oldsig () {
test -s $old_pid && kill -$1 `cat $old_pid`
}
case $action in
start)
sig 0 && echo >&2 "Already running" && exit 0
$CMD
;;
stop)
sig QUIT && exit 0
echo >&2 "Not running"
;;
force-stop)
sig TERM && exit 0
echo >&2 "Not running"
;;
restart|reload)
sig HUP && echo reloaded OK && exit 0
echo >&2 "Couldn't reload, starting '$CMD' instead"
$CMD
;;
upgrade)
if sig USR2 && sleep 2 && sig 0 && oldsig QUIT
then
n=$TIMEOUT
while test -s $old_pid && test $n -ge 0
do
printf '.' && sleep 1 && n=$(( $n - 1 ))
done
echo
if test $n -lt 0 && test -s $old_pid
then
echo >&2 "$old_pid still exists after $TIMEOUT seconds"
exit 1
fi
exit 0
fi
echo >&2 "Couldn't upgrade, starting '$CMD' instead"
$CMD
;;
reopen-logs)
sig USR1
;;
*)
echo >&2 "Usage: $0 <start|stop|restart|upgrade|force-stop|reopen-logs>"
exit 1
;;
esac
$APP_ROOT/conf/unicorn.rb
RAILS_ROOT = File.expand_path("../..", __FILE__)
# Number of worker process
worker_processes 3
# listen "#{RAILS_ROOT}/tmp/unicorn.sock", :backlog => 64
# listen 8080, :tcp_nopush
listen "#{RAILS_ROOT}/tmp/unicorn.sock"
# 60 seconds (the default)
# timeout 30
pid "#{RAILS_ROOT}/log/unicorn.pid"
# By default, the Unicorn Logger will write to stderr.
stderr_path "#{RAILS_ROOT}/log/unicorn.log"
stdout_path "#{RAILS_ROOT}/log/unicorn.log"
preload_app true
# check_client_connection false
before_fork do |server, worker|
old_pid = "#{RAILS_ROOT}/log/unicorn.pid.oldbin"
if File.exists?(old_pid) && server.pid != old_pid
begin
Process.kill("QUIT", File.read(old_pid).to_i)
rescue Errno::ENOENT, Errno::ESRCH
end
end
end
after_fork do |server, worker|
defined?(ActiveRecord::Base) and
ActiveRecord::Base.establish_connection
end
Nginx
/usr/local/nginx/conf/conf.d/example.com.conf
# example.com.conf
# Created by nginx_utils version 0.1.2
upstream backend-unicorn {
# server 127.0.0.1:8080
server unix:/usr/local/rails/example/tmp/unicorn.sock;
}
# Rewrite https
server {
listen 80;
server_name example.com;
access_log /usr/local/nginx/vhosts/example.com/logs/access.log ltsv;
error_log /usr/local/nginx/vhosts/example.com/logs/error.log info;
rewrite ^(.*) https://example.com$1 permanent;
}
server {
listen 443 ssl;
server_name example.com;
root /usr/local/rails/public;
index index.html index.htm;
access_log /usr/local/nginx/vhosts/example.com/logs/ssl_access.log ltsv;
error_log /usr/local/nginx/vhosts/example.com/logs/ssl_error.log info;
ssl on;
ssl_certificate /usr/local/nginx/vhosts/example.com/ssl.crt/server.crt;
ssl_certificate_key /usr/local/nginx/vhosts/example.com/ssl.key/server.key;
ssl_session_timeout 5m;
ssl_protocols SSLv2 SSLv3 TLSv1;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
location / {
try_files $uri @proxy;
}
location @proxy {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Proto https;
proxy_redirect off;
proxy_pass http://backend-unicorn;
}
}