NGINX Web Server
Brightboxes come with Apache by default, but NGINX is a faster alternative with lower memory requirements. If you don't need all the features of Apache, NGINX is definitely recommended.
The Brightbox GEM does not currently support NGINX, but you can easily set it up manually and use the gem for everything else (monit config, code deploy etc.). It will just create Apache configs that you can ignore.
First stop Apache if it is running. If Apache is listening on port 80, the NGINX install will not complete successfully.
sudo monit stop apache
Then install Passenger-enabled NGINX from our Launchpad PPA:
sudo apt-add-repository ppa:brightbox/passenger-nginx sudo apt-get update sudo apt-get install nginx-full
Point your web browser to your Brightbox server and you should see the 'Welcome to nginx!' holding page.
You can prevent Apache from starting up on the next boot like this:
sudo update-rc.d -f apache2 remove
/etc/nginx/nginx.conf put this base config:
Virtual host config
Create configs for each virtual host in
/etc/nginx/sites-available, symlink them into
/etc/nginx/sites-enabled and reload nginx.
appname should be the name you used when running the Brightbox gem, but it doesn't have to be.
A note on configuring SSL
You need a separate server declaration listening on 443 with the following additional options:
ssl on; ssl_certificate /etc/ssl/certs/myssl.crt; ssl_certificate_key /etc/ssl/private/myssl.key; proxy_set_header X_FORWARDED_PROTO https;
It turns out, array directive overrides (such as proxy_set_header) will clear out any directives set at a higher level. Hence when you set X_FORWARDED_PROTO in for your ssl server, you will also need to set up all the other proxy_set_header directives again. Since I'm generating my server blocks with erb during my cap deployment I was able to move the declarations but still keep things dry.
If the certificate you have bought requires an 'intermediate certificate' or certificate chain (GoDaddy requires this) then you need to merge this into the same file as your SSL Certificate. See the NGINX documentation on SSL Certificate Chains for instructions on how to do this.
Monit service monitoring
First of all delete the Apache monitoring config file :
sudo rm /etc/monit/conf.d/apache.monitrc
Then create a new config file for monitoring Nginx in
check process nginx with pidfile /var/run/nginx.pid start program = "/etc/init.d/nginx start" stop program = "/etc/init.d/nginx stop" group server
Finally we need to resart monit :
sudo /etc/init.d/monit restart