背景
Elastic Beanstalk のバージョンを上げたところ、カスタマイズした nginx の設定が反映されていなかった。
サーバを覗いてみると /etc/nginx/conf.d/
の中に webapp_healthd.conf
という見慣れない設定ファイル(シンボリックリンク)が。
これまではカスタマイズした設定ファイル(webapp.conf)を配置するよう .ebextensions にスクリプトを配置していた。
そのため、設定がコンフリクトしていた模様。
対応
/opt/elasticbeanstalk/support/conf/webapp_healthd.conf
をカスタマイズする。
スクリプト例
※実際の設定はアプリによって異なります
.ebextensions/0n_mod_webapp_healthd.conf
files:
"/opt/elasticbeanstalk/support/conf/webapp_healthd.conf" :
mode: "000644"
owner: root
group: root
content: |
upstream my_app {
server unix:///var/run/puma/my_app.sock;
}
log_format healthd '$msec"$uri"'
'$status"$request_time"$upstream_response_time"'
'$http_x_forwarded_for';
server {
listen 80;
server_name _ localhost; # need to listen to localhost for worker tier
client_max_body_size 50m;
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
}
access_log /var/log/nginx/access.log main;
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
# Location of our static files
root /var/app/current/public;
location / {
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_redirect off;
# If you don't find the filename in the static files
# Then request it from the unicorn server
if (!-f $request_filename) {
proxy_pass http://my_app; # match the name of upstream directive which is defined above
break;
}
}
# force SSL
# redirect http to https
set $redirect "";
if ($http_x_forwarded_proto != 'https') {
set $redirect "1";
}
if ($http_user_agent !~* ELB-HealthChecker) {
set $redirect "${redirect}1";
}
if ($http_host ~ "your-awesome-app.jp") {
set $redirect "${redirect}1";
}
if ($redirect = "111") {
rewrite ^ https://$host$request_uri? permanent;
}
}
参考
おまけ
備忘として変更前のファイル内容を置いておく。
/opt/elasticbeanstalk/support/conf/webapp_healthd.conf(変更前)
upstream my_app {
server unix:///var/run/puma/my_app.sock;
}
log_format healthd '$msec"$uri"'
'$status"$request_time"$upstream_response_time"'
'$http_x_forwarded_for';
server {
listen 80;
server_name _ localhost; # need to listen to localhost for worker tier
if ($time_iso8601 ~ "^(\d{4})-(\d{2})-(\d{2})T(\d{2})") {
set $year $1;
set $month $2;
set $day $3;
set $hour $4;
}
access_log /var/log/nginx/access.log main;
access_log /var/log/nginx/healthd/application.log.$year-$month-$day-$hour healthd;
location / {
proxy_pass http://my_app; # match the name of upstream directive which is defined above
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
location /assets {
alias /var/app/current/public/assets;
gzip_static on;
gzip on;
expires max;
add_header Cache-Control public;
}
location /public {
alias /var/app/current/public;
gzip_static on;
gzip on;
expires max;
add_header Cache-Control public;
}
}