upstream discourse { server unix:/var/www/discourse/tmp/sockets/thin.0.sock; server unix:/var/www/discourse/tmp/sockets/thin.1.sock; server unix:/var/www/discourse/tmp/sockets/thin.2.sock; server unix:/var/www/discourse/tmp/sockets/thin.3.sock; } server { listen 80; gzip on; gzip_min_length 1000; gzip_types application/json text/css application/x-javascript; server_name enter.your.web.hostname.here; sendfile on; keepalive_timeout 65; client_max_body_size 2m; location / { root /var/www/discourse/public; ## optional upload anti-hotlinking rules #location ~ ^/uploads/ { # valid_referers none blocked mysite.com *.mysite.com; # if ($invalid_referer) { # return 403; # } #} ## [LEGACY] this is deprecated, leaving it there for a small transition period location ~ ^/t\/[0-9]+\/[0-9]+\/avatar { expires 1d; add_header Cache-Control public; add_header ETag ""; } location ~ ^/(assets|uploads)/ { expires 1y; add_header Cache-Control public; add_header ETag ""; break; } proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header Host $http_host; # If the file exists as a static file serve it directly without # running all the other rewrite tests on it if (-f $request_filename) { break; } if (!-f $request_filename) { proxy_pass http://discourse; break; } } }