To use Nginx's X-Accel-Redirect
feature with passenger, apparently you use passenger_set_header
and, if mapping to another location, passenger_set_cgi_param
. For instance, here is a configuration which apparently used to work for someone else:
passenger_set_cgi_param HTTP_X_ACCEL_MAPPING "/home/user/rails_app/shared/files/=/documents/";
passenger_pass_header X-Accel-Redirect;
location ~ ^/documents/(\d\d\d)/(\d\d\d)/(\d\d\d)/(.*)$ {
alias /home/user/rails_app/shared/files/$1/$2/$3/$4;
internal;
}
But with passenger 5 they say in release notes:
[Nginx] The
passenger_set_cgi_param
option has been removed and replaced bypassenger_set_header
andpassenger_env_var
.
Not much information about how to use the two together though for X-Accel-Redirect. No up-to-date tutorials or blogs seem to show how to do it either. How is this done? I can get the following nginx.conf to work for the rails development server (non-passenger) but it does not work with passenger.
upstream api_server {
server localhost:5000;
# (starting passenger with ``` RAILS_ENV=development passenger start -a 127.0.0.1 -p 5000 -d ```) not using unix:socket for a good reason
}
server {
listen 9000;
server_name $host;
return 301 https://$host:9443$request_uri;
#error_page 497 https://$host:9443$request_uri;
}
server {
charset UTF-8;
server_name localhost 0.0.0.0;
root /var/www/html/app;
listen 9443 ssl;
ssl on;
ssl_certificate /opt/nginx/conf/ssl/app.chain.pem;
ssl_certificate_key /opt/nginx/conf/ssl/app.key.pem;
error_page 497 https://$host:9443$request_uri;
add_header 'Access-Control-Allow-Origin' '*';
add_header 'Access-Control-Allow-Credentials' 'true';
add_header 'Access-Control-Expose-Headers' 'Content-Length, Content-Type, Keep-Alive, Date, Server, Transfer-Encoding, Cache-Control';
add_header 'Access-Control-Allow-Headers' 'Content-Length, Content-Type, Keep-Alive, Date, Server, Transfer-Encoding, Cache-Control';
passenger_env_var X-Sendfile-Type "X-Accel-Redirect";
passenger_env_var X-Accel-Mapping "/special/place/on/filesystem/=/protected_files/";
passenger_pass_header X-Accel-Redirect;
passenger_pass_header X-Sendfile-Type;
# --------- Serve static applications --------
location / {
try_files $uri $uri/ /index.html;
}
# --------- API --------
location /protected_files/{
# Used for X-Accel-Redirect
internal;
add_header Pragma "no-cache";
alias /special/place/on/filesystem/;
}
location ~ /(api|auth|raw)/ {
# Host + forwarding headers
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
passenger_pass_header Host;
passenger_pass_header X-Real-IP;
passenger_pass_header X-Forwarded-For;
# Configuration for X-Sendfile style fast & authenticated static serving
proxy_set_header X-Sendfile-Type X-Accel-Redirect;
# proxy_set_header X-Accel-Mapping /mounts/test_data_filesystem/=/protected_files/;
proxy_set_header X-Accel-Mapping /special/place/on/filesystem/=/protected_files/;
passenger_env_var X-Sendfile-Type "X-Accel-Redirect";
passenger_env_var X-Accel-Mapping "/special/place/on/filesystem/=/protected_files/";
passenger_pass_header X-Accel-Redirect;
passenger_pass_header X-Sendfile-Type;
proxy_pass http://api_server;
}
Looks like you found an alternate solution, but posting this in case others run into the same issue and wish to upgrade from Passenger 4 syntax to Passenger 5 along with X-Accel-Redirect.
The following is the changes that worked for me:
Passenger 4 version:
Passenger 5 version:
Also, there's a symbolic link to the rails app in
/var/www/shared
,ln -s /path/to/railsapp/public /var/www/shared/storage
, however this can be different based on your nginx configuration.Hope this helps!