Dockerfile:
FROM ruby:2.5.0 WORKDIR /usr/src/app COPY . /usr/src/app RUN gem install foreman && apt update && apt install nginx -y COPY nginx.conf /etc/nginx COPY app.conf /etc/nginx/conf.d/default.conf CMD foreman start -f Procfile EXPOSE 80
Procfile:
web: bundle exec rake db:migrate && bundle exec rails s -p 3000 -b '0.0.0.0' nginx: /usr/sbin/nginx -c /etc/nginx/nginx.conf
nginx.conf:
user root;
worker_processes auto;
pid /run/nginx.pid;
events {
worker_connections 2048;
}
http {
client_body_buffer_size 256K;
client_max_body_size 100m;
send_timeout 300s;
sendfile on;
keepalive_timeout 65;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"'
'$request_time $upstream_response_time $pipe';
access_log /var/log/nginx/access.log main;
error_log /var/log/nginx/error.log;
gzip on;
gzip_disable "msie6";
gzip_static on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 9;
gzip_buffers 16 8k;
gzip_http_version 1.0;
gzip_types text/plain text/css application/json image/png image/x-icon image/svg+xml image/gif image/jpeg application/javascript text/xml application/xml application/xml+rss text/javascript;
include /etc/nginx/conf.d/*.conf;
}
daemon off;
app.conf:
upstream ruby {
server 127.0.0.1:3000 fail_timeout=0;
}
server {
listen 80 default_server;
access_log /usr/src/app/log/access.nginx.log;
error_log /usr/src/app/log/error.nginx.log;
root /usr/src/app/public;
location ~* \.(mp4|pdf|jpg|jpeg|gif|png|ico|css|bmp|swf|js|html|txt|svg)$ {
root /usr/src/app/public;
expires max;
}
location / {
try_files $uri/index.html $uri.html $uri @ruby;
}
location @ruby {
proxy_pass http://ruby;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_redirect off;
}
}
Если использется SSL
Не забудьте в EXPOSE указать порт 443
app.conf:
upstream ruby {
server 127.0.0.1:3000 fail_timeout=0;
}
# HTTP host
server {
listen 0.0.0.0:80;
server_name artem.services;
server_tokens off;
return 301 https://$http_host$request_uri;
access_log /usr/src/app/log/access.nginx.log;
error_log /usr/src/app/log/error.nginx.log;
}
# HTTPS host
server {
listen 0.0.0.0:443 ssl;
server_name artem.services;
access_log /usr/src/app/log/access.nginx.log;
error_log /usr/src/app/log/error.nginx.log;
ssl on;
ssl_certificate /etc/nginx/letsencrypt/live/artem.services/fullchain.pem;
ssl_certificate_key /etc/nginx/letsencrypt/live/artem.services/privkey.pem;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_pass https://ruby;
proxy_redirect off;
proxy_http_version 1.1;
}
}