# /etc/nginx/conf.d/rails-5-test.conf

upstream rails-5-test {
  server unix:/home/alea12/run/rails-5-test.sock fail_timeout=0;
}

server {
  listen 80;
  listen [::]:80;
  server_name example.net;
  return 301 https://$host$request_uri;
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;

  ssl_certificate     /etc/letsencrypt/live/example.net/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/example.net/privkey.pem;

  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl on;
  ssl_prefer_server_ciphers on;
  ssl_dhparam /etc/nginx/ssl/dhparam.pem;
  add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains;';

  root /home/alea12/rails-5-test/public;
  try_files $uri/index.html $uri @rails-5-test;

  location / {
    proxy_pass http://rails-5-test;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_redirect off;
  }

  error_page 500 502 503 504 /500.html;
  client_max_body_size 4G;
  keepalive_timeout 30;
}