Nginx options and variables
About Nginx
Applications deployed with Cloud 66 use Nginx as their web server, and its configuration is dependent on the resources of your server(s).
Boolean variables
To ensure correct boolean condition checks within your template, always explicitly compare the variable with true or false (even if you are checking for true).
Good syntax:
- if passenger != true
- if passenger != false
- if passenger == true
- if passenger == false
Bad syntax:
- Bad: if passenger
- Bad: if !passenger
Default Nginx configuration
The following table outlines the default configuration of Nginx.
| Category | Attribute | Default value |
|---|---|---|
| General | ||
| user | nginx | |
| worker_processes | Dynamically set based on instance size | |
| error_log | /var/deploy/[app_name]/web_head/shared/log/nginx_error.log | |
| Events | ||
| worker_connections | 1024 | |
| HTTP | ||
| gzip | on | |
| gzip_min_length | 100 | |
| gzip_proxied | expired no-cache no-store private auth | |
| gzip_types | text/plain application/xml text/css application/x-javascript text/javascript | |
| gzip_disable | "MSIE [1-6]\." | |
| passenger_root | [passenger location] | |
| passenger_ruby | [app ruby shell] | |
| passenger_ruby | nginx | |
| passenger_pool_idle_time | 0 | |
| passenger_max_pool_size | 15 | |
| ssl_session_cache | shared:SSL:10m | |
| ssl_session_timeout | 10m | |
| underscores_in_headers | on | |
| default_type | application/octet-stream | |
| client_max_body_size | 50m | |
| sendfile | on | |
| server_tokens | off | |
| keepalive_timeout | 65 | |
| Server | ||
| listen | 80 default_server | |
| server_name | _ or SSL server name | |
| rails_env | [app environment] | |
| client_max_body_size | 50m | |
| root | /var/deploy/[app name]/web_head/current/public | |
| passenger_enabled | on | |
| ssl_certificate_key | /etc/ssl/localcerts/[ssl cerificate file name].key | |
| ssl_certificate | /etc/ssl/localcerts/[ssl cerificate file name].crt |
Nginx CustomConfig variables
The following variables are available for use in your Nginx CustomConfig.
| Variable Name | Type | Description |
|---|---|---|
| allow_ssl | boolean | Is an SSL Certificate configured on the application? |
| app_name | string | Application name (lowercase) |
| blacklist | hash | List of IPs you are blacklisting |
| cors_all_origins | boolean | CORS allow all origins |
| cors_credentials | boolean | CORS allow credentials |
| cors_enabled | boolean | Is CORS enabled on the application? |
| cors_headers | string | CORS allowed custom headers |
| cors_methods | string | CORS Methods |
| cors_origin | string | CORS Origins string |
| cors_origins | array | List of CORS origins |
| deploy_to | string | Application path on the server |
| envars | hash | Hash of all environment variables on the application |
| environment | string | Application environment name (lowercase) |
| has_ha_proxy_load_balancer | boolean | Are you using a HAProxy load balancer? |
| letsencrypt_primary_address | string | Sets the address of the host that "owns" the Let's Encrypt certificate. Can then be used with the proxy_pass directive to serve SSL requests via other hosts. |
| load_balancer_address | string | Address of your load balancer |
| load_balancer_address | string | Address of your load balancer |
| maintenance_mode_active | boolean | Is the application in maintenance mode? |
| passenger | boolean | Is nginx running Passenger or a custom web server? |
| passenger_enterprise | boolean | Are you using Passenger enterprise? |
| passenger_location | string | Passenger location (Passenger only) |
| passenger_pool_max | integer | The maximum number of processes that Passenger will spawn. This value is derived from passenger_process_memory which can be set via the manifest file. See below for an explanation on how this is calculated. |
| passenger_supports_cgi_param | boolean | Does the current Passenger version support CGI param? |
| perfect_forward_secrecy | boolean | Is perfect forward secrecy enabled on the application? |
| red_http_to_https | boolean | Are you redirecting HTTP to HTTPS? |
| red_www | boolean | Are you redirecting traffic to www? |
| ruby_shell | string | /var/deploy/ruby_shell |
| server_address | string | Server address (IP or fqdn) |
| stack_supports_nginx_tcp_and_udp_reverse_proxy | boolean | Does your application support TCP and UDP reverse proxy? |
| supports_realip_module | boolean | Does your Nginx instance use the Real IP module? |
| supports_tcp_proxy | boolean | Does your NGINX version support TCP reverse proxy and load balancing? |
| supports_udp_proxy | boolean | Does your NGINX version support UDP reverse proxy and load balancing? |
| use_ruby_shell | boolean | Used internally |
| user_name | string | User name running the application process |
| websocket_support | boolean | Does this version of Nginx support websocket? |
| workers | integer | Number of CPU cores on the server |
How passenger pool max is calculated
passenger_pool_max is a Cloud-66-specific variable that we use to dynamically set a value in Nginx for the native Passenger setting passenger_max_pool_size.
We calculate the value for passenger_pool_max as follows:
passenger_pool_max = ( server’s memory - reserved_server_memory ) / passenger_process_memory
…and this is rounded down to the nearest integer. So if your server has 4GB of free RAM and each process uses 600MB the your passenger_pool_max will be 6.
Nginx worker configuration
Nginx now supports autodetection of CPU cores (and other system resources) so there is no need to configure your worker processes differently depending on your cloud.
