├── Procfile ├── bin ├── release ├── nginx-cedar ├── nginx-cedar-14 ├── detect ├── compile └── start-nginx ├── changelog.md ├── config ├── nginx.conf.erb └── mime.types ├── scripts └── build_nginx.sh └── readme.md /Procfile: -------------------------------------------------------------------------------- 1 | web: scripts/build_nginx.sh 2 | -------------------------------------------------------------------------------- /bin/release: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | echo "--- {}" 3 | -------------------------------------------------------------------------------- /bin/nginx-cedar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/genius/nginx-buildpack/master/bin/nginx-cedar -------------------------------------------------------------------------------- /bin/nginx-cedar-14: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/genius/nginx-buildpack/master/bin/nginx-cedar-14 -------------------------------------------------------------------------------- /bin/detect: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | # bin/detect 3 | echo 'nginx-buildpack' 4 | exit 0 5 | -------------------------------------------------------------------------------- /changelog.md: -------------------------------------------------------------------------------- 1 | ## v0.4 2 | 3 | 2012-05-13 4 | 5 | Update NGINX config 6 | 7 | * enabled gzip compression 8 | * using epoll and increasing workers to 4 9 | 10 | ## v0.3 11 | 12 | 2012-05-11 13 | 14 | * Improve process managment using a fifo. 15 | 16 | ## v0.2 17 | 18 | 2012-05-10 19 | 20 | * Improve the handling of app server failures 21 | 22 | ## v0.1 23 | 24 | 2012-05-09 25 | 26 | * NGINX 1.4.1 27 | * inital release 28 | -------------------------------------------------------------------------------- /bin/compile: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | set -e 4 | 5 | mkdir -p "$1/bin/" 6 | cp "bin/nginx-$STACK" "$1/bin/nginx" 7 | nginx_version=$(./bin/nginx-$STACK -V 2>&1 | head -1 | awk '{ print $NF }') 8 | echo "-----> nginx-buildpack: Installed ${nginx_version} to app/bin" 9 | cp bin/start-nginx "$1/bin/" 10 | echo '-----> nginx-buildpack: Added start-nginx to app/bin' 11 | 12 | mkdir -p "$1/config" 13 | 14 | cp config/mime.types "$1/config/" 15 | echo '-----> nginx-buildpack: Default mime.types copied to app/config/' 16 | 17 | if [[ ! -f $1/config/nginx.conf.erb ]]; then 18 | cp config/nginx.conf.erb "$1/config/" 19 | echo '-----> nginx-buildpack: Default config copied to app/config.' 20 | else 21 | echo '-----> nginx-buildpack: Custom config found in app/config.' 22 | fi 23 | exit 0 24 | -------------------------------------------------------------------------------- /config/nginx.conf.erb: -------------------------------------------------------------------------------- 1 | daemon off; 2 | #Heroku dynos have at least 4 cores. 3 | worker_processes <%= ENV['NGINX_WORKERS'] || 4 %>; 4 | 5 | events { 6 | use epoll; 7 | accept_mutex on; 8 | worker_connections 1024; 9 | } 10 | 11 | http { 12 | gzip on; 13 | gzip_comp_level 2; 14 | gzip_min_length 512; 15 | 16 | server_tokens off; 17 | 18 | log_format l2met 'measure#nginx.service=$request_time request_id=$http_x_request_id'; 19 | access_log logs/nginx/access.log l2met; 20 | error_log logs/nginx/error.log; 21 | 22 | include mime.types; 23 | default_type application/octet-stream; 24 | sendfile on; 25 | 26 | #Must read the body in 5 seconds. 27 | client_body_timeout 5; 28 | 29 | upstream app_server { 30 | server unix:/tmp/nginx.socket fail_timeout=0; 31 | } 32 | 33 | server { 34 | listen <%= ENV["PORT"] %>; 35 | server_name _; 36 | keepalive_timeout 5; 37 | 38 | location / { 39 | proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; 40 | proxy_set_header Host $http_host; 41 | proxy_redirect off; 42 | proxy_pass http://app_server; 43 | } 44 | } 45 | } 46 | -------------------------------------------------------------------------------- /scripts/build_nginx.sh: -------------------------------------------------------------------------------- 1 | #!/bin/bash 2 | # Build NGINX and modules on Heroku. 3 | # This program is designed to run in a web dyno provided by Heroku. 4 | # We would like to build an NGINX binary for the builpack on the 5 | # exact machine in which the binary will run. 6 | # Our motivation for running in a web dyno is that we need a way to 7 | # download the binary once it is built so we can vendor it in the buildpack. 8 | # 9 | # Once the dyno has is 'up' you can open your browser and navigate 10 | # this dyno's directory structure to download the nginx binary. 11 | 12 | NGINX_VERSION=${NGINX_VERSION-1.5.7} 13 | PCRE_VERSION=${PCRE_VERSION-8.21} 14 | HEADERS_MORE_VERSION=${HEADERS_MORE_VERSION-0.23} 15 | 16 | nginx_tarball_url=http://nginx.org/download/nginx-${NGINX_VERSION}.tar.gz 17 | pcre_tarball_url=http://garr.dl.sourceforge.net/project/pcre/pcre/${PCRE_VERSION}/pcre-${PCRE_VERSION}.tar.bz2 18 | headers_more_nginx_module_url=https://github.com/agentzh/headers-more-nginx-module/archive/v${HEADERS_MORE_VERSION}.tar.gz 19 | 20 | temp_dir=$(mktemp -d /tmp/nginx.XXXXXXXXXX) 21 | 22 | echo "Serving files from /tmp on $PORT" 23 | cd /tmp 24 | python -m SimpleHTTPServer $PORT & 25 | 26 | cd $temp_dir 27 | echo "Temp dir: $temp_dir" 28 | 29 | echo "Downloading $nginx_tarball_url" 30 | curl -L $nginx_tarball_url | tar xzv 31 | 32 | echo "Downloading $pcre_tarball_url" 33 | (cd nginx-${NGINX_VERSION} && curl -L $pcre_tarball_url | tar xvj ) 34 | 35 | echo "Downloading $headers_more_nginx_module_url" 36 | (cd nginx-${NGINX_VERSION} && curl -L $headers_more_nginx_module_url | tar xvz ) 37 | 38 | ( 39 | cd nginx-${NGINX_VERSION} 40 | ./configure \ 41 | --with-pcre=pcre-${PCRE_VERSION} \ 42 | --prefix=/tmp/nginx \ 43 | --add-module=/${temp_dir}/nginx-${NGINX_VERSION}/headers-more-nginx-module-${HEADERS_MORE_VERSION} 44 | make install 45 | ) 46 | 47 | while true 48 | do 49 | sleep 1 50 | echo "." 51 | done 52 | -------------------------------------------------------------------------------- /bin/start-nginx: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env bash 2 | 3 | psmgr=/tmp/nginx-buildpack-wait 4 | rm -f $psmgr 5 | mkfifo $psmgr 6 | 7 | #Evaluate config to get $PORT 8 | erb config/nginx.conf.erb > config/nginx.conf 9 | 10 | n=1 11 | while getopts :f option ${@:1:2} 12 | do 13 | case "${option}" 14 | in 15 | f) FORCE=$OPTIND; n=$((n+1));; 16 | esac 17 | done 18 | 19 | #Initialize log directory. 20 | mkdir -p logs/nginx 21 | touch logs/nginx/access.log logs/nginx/error.log 22 | echo 'buildpack=nginx at=logs-initialized' 23 | 24 | #Start log redirection. 25 | ( 26 | #Redirect NGINX logs to stdout. 27 | tail -qF -n 0 logs/nginx/*.log 28 | echo 'logs' >$psmgr 29 | ) & 30 | 31 | #Start App Server 32 | ( 33 | #Take the command passed to this bin and start it. 34 | #E.g. bin/start-nginx bundle exec unicorn -c config/unicorn.rb 35 | COMMAND=${@:$n} 36 | echo "buildpack=nginx at=start-app cmd=$COMMAND" 37 | $COMMAND 38 | echo 'app' >$psmgr 39 | ) & 40 | 41 | if [[ -z "$FORCE" ]] 42 | then 43 | FILE="/tmp/app-initialized" 44 | 45 | #We block on app-initialized so that when NGINX binds to $PORT 46 | #are app is ready for traffic. 47 | while [[ ! -f "$FILE" ]] 48 | do 49 | echo 'buildpack=nginx at=app-initialization' 50 | sleep 1 51 | done 52 | echo 'buildpack=nginx at=app-initialized' 53 | fi 54 | 55 | #Start NGINX 56 | ( 57 | #We expect nginx to run in foreground. 58 | #We also expect a socket to be at /tmp/nginx.socket. 59 | echo 'buildpack=nginx at=nginx-start' 60 | bin/nginx -p . -c config/nginx.conf 61 | echo 'nginx' >$psmgr 62 | ) & 63 | 64 | #This read will block the process waiting on a msg to be put into the fifo. 65 | #If any of the processes defined above should exit, 66 | #a msg will be put into the fifo causing the read operation 67 | #to un-block. The process putting the msg into the fifo 68 | #will use it's process name as a msg so that we can print the offending 69 | #process to stdout. 70 | read exit_process <$psmgr 71 | echo "buildpack=nginx at=exit process=$exit_process" 72 | exit 1 73 | -------------------------------------------------------------------------------- /config/mime.types: -------------------------------------------------------------------------------- 1 | 2 | types { 3 | text/html html htm shtml; 4 | text/css css; 5 | text/xml xml; 6 | text/cache-manifest manifest appcache; 7 | image/gif gif; 8 | image/jpeg jpeg jpg; 9 | application/x-javascript js; 10 | application/atom+xml atom; 11 | application/rss+xml rss; 12 | 13 | text/mathml mml; 14 | text/plain txt; 15 | text/vnd.sun.j2me.app-descriptor jad; 16 | text/vnd.wap.wml wml; 17 | text/x-component htc; 18 | 19 | image/png png; 20 | image/tiff tif tiff; 21 | image/vnd.wap.wbmp wbmp; 22 | image/x-icon ico; 23 | image/x-jng jng; 24 | image/x-ms-bmp bmp; 25 | image/svg+xml svg; 26 | 27 | application/java-archive jar war ear; 28 | application/mac-binhex40 hqx; 29 | application/msword doc; 30 | application/pdf pdf; 31 | application/postscript ps eps ai; 32 | application/rtf rtf; 33 | application/vnd.ms-excel xls; 34 | application/vnd.ms-powerpoint ppt; 35 | application/vnd.wap.wmlc wmlc; 36 | application/vnd.google-earth.kml+xml kml; 37 | application/vnd.google-earth.kmz kmz; 38 | application/x-7z-compressed 7z; 39 | application/x-cocoa cco; 40 | application/x-java-archive-diff jardiff; 41 | application/x-java-jnlp-file jnlp; 42 | application/x-makeself run; 43 | application/x-perl pl pm; 44 | application/x-pilot prc pdb; 45 | application/x-rar-compressed rar; 46 | application/x-redhat-package-manager rpm; 47 | application/x-sea sea; 48 | application/x-shockwave-flash swf; 49 | application/x-stuffit sit; 50 | application/x-tcl tcl tk; 51 | application/x-x509-ca-cert der pem crt; 52 | application/x-xpinstall xpi; 53 | application/xhtml+xml xhtml; 54 | application/zip zip; 55 | 56 | application/octet-stream bin exe dll; 57 | application/octet-stream deb; 58 | application/octet-stream dmg; 59 | application/octet-stream eot; 60 | application/octet-stream iso img; 61 | application/octet-stream msi msp msm; 62 | 63 | audio/midi mid midi kar; 64 | audio/mpeg mp3; 65 | audio/ogg ogg; 66 | audio/x-realaudio ra; 67 | 68 | video/3gpp 3gpp 3gp; 69 | video/mpeg mpeg mpg; 70 | video/quicktime mov; 71 | video/x-flv flv; 72 | video/x-mng mng; 73 | video/x-ms-asf asx asf; 74 | video/x-ms-wmv wmv; 75 | video/x-msvideo avi; 76 | } 77 | -------------------------------------------------------------------------------- /readme.md: -------------------------------------------------------------------------------- 1 | # Heroku Buildpack: NGINX 2 | 3 | Nginx-buildpack vendors NGINX inside a dyno and connects NGINX to an app server via UNIX domain sockets. 4 | 5 | ## Motivation 6 | 7 | Some application servers (e.g. Ruby's Unicorn) halt progress when dealing with network I/O. Heroku's Cedar routing stack [buffers only the headers](https://devcenter.heroku.com/articles/http-routing#request-buffering) of inbound requests. (The Cedar router will buffer the headers and body of a response up to 1MB) Thus, the Heroku router engages the dyno during the entire body transfer –from the client to dyno. For applications servers with blocking I/O, the latency per request will be degraded by the content transfer. By using NGINX in front of the application server, we can eliminate a great deal of transfer time from the application server. In addition to making request body transfers more efficient, all other I/O should be improved since the application server need only communicate with a UNIX socket on localhost. Basically, for webservers that are not designed for efficient, non-blocking I/O, we will benefit from having NGINX to handle all I/O operations. 8 | 9 | ## Versions 10 | 11 | * Buildpack Version: 0.4 12 | * NGINX Version: 1.5.7 13 | 14 | ## Requirements 15 | 16 | * Your webserver listens to the socket at `/tmp/nginx.socket`. 17 | * You touch `/tmp/app-initialized` when you are ready for traffic. 18 | * You can start your web server with a shell command. 19 | 20 | ## Features 21 | 22 | * Unified NXNG/App Server logs. 23 | * [L2met](https://github.com/ryandotsmith/l2met) friendly NGINX log format. 24 | * [Heroku request ids](https://devcenter.heroku.com/articles/http-request-id) embedded in NGINX logs. 25 | * Crashes dyno if NGINX or App server crashes. Safety first. 26 | * Language/App Server agnostic. 27 | * Customizable NGINX config. 28 | * Application coordinated dyno starts. 29 | 30 | ### Logging 31 | 32 | NGINX will output the following style of logs: 33 | 34 | ``` 35 | measure.nginx.service=0.007 request_id=e2c79e86b3260b9c703756ec93f8a66d 36 | ``` 37 | 38 | You can correlate this id with your Heroku router logs: 39 | 40 | ``` 41 | at=info method=GET path=/ host=salty-earth-7125.herokuapp.com request_id=e2c79e86b3260b9c703756ec93f8a66d fwd="67.180.77.184" dyno=web.1 connect=1ms service=8ms status=200 bytes=21 42 | ``` 43 | 44 | ### Language/App Server Agnostic 45 | 46 | Nginx-buildpack provides a command named `bin/start-nginx` this command takes another command as an argument. You must pass your app server's startup command to `start-nginx`. 47 | 48 | For example, to get NGINX and Unicorn up and running: 49 | 50 | ```bash 51 | $ cat Procfile 52 | web: bin/start-nginx bundle exec unicorn -c config/unicorn.rb 53 | ``` 54 | 55 | ### Setting the Worker Processes 56 | 57 | You can configure NGINX's `worker_processes` directive via the 58 | `NGINX_WORKERS` environment variable. 59 | 60 | For example, to set your `NGINX_WORKERS` to 8 on a PX dyno: 61 | 62 | ```bash 63 | $ heroku config:set NGINX_WORKERS=8 64 | ``` 65 | 66 | ### Customizable NGINX Config 67 | 68 | You can provide your own NGINX config by creating a file named `nginx.conf.erb` in the config directory of your app. Start by copying the buildpack's [default config file](https://github.com/ryandotsmith/nginx-buildpack/blob/master/config/nginx.conf.erb). 69 | 70 | ### Customizable NGINX Compile Options 71 | 72 | See [scripts/build_nginx.sh](scripts/build_nginx.sh) for the build steps. Configuring is as easy as changing the "./configure" options. 73 | 74 | ### Application/Dyno coordination 75 | 76 | The buildpack will not start NGINX until a file has been written to `/tmp/app-initialized`. Since NGINX binds to the dyno's $PORT and since the $PORT determines if the app can receive traffic, you can delay NGINX accepting traffic until your application is ready to handle it. The examples below show how/when you should write the file when working with Unicorn. 77 | 78 | ## Setup 79 | 80 | Here are 2 setup examples. One example for a new app, another for an existing app. In both cases, we are working with ruby & unicorn. Keep in mind that this buildpack is not ruby specific. 81 | 82 | ### Existing App 83 | 84 | Update Buildpacks 85 | ```bash 86 | $ heroku config:set BUILDPACK_URL=https://github.com/ddollar/heroku-buildpack-multi.git 87 | $ echo 'https://github.com/ryandotsmith/nginx-buildpack.git' >> .buildpacks 88 | $ echo 'https://codon-buildpacks.s3.amazonaws.com/buildpacks/heroku/ruby.tgz' >> .buildpacks 89 | $ git add .buildpacks 90 | $ git commit -m 'Add multi-buildpack' 91 | ``` 92 | Update Procfile: 93 | ``` 94 | web: bin/start-nginx bundle exec unicorn -c config/unicorn.rb 95 | ``` 96 | ```bash 97 | $ git add Procfile 98 | $ git commit -m 'Update procfile for NGINX buildpack' 99 | ``` 100 | Update Unicorn Config 101 | ```ruby 102 | require 'fileutils' 103 | listen '/tmp/nginx.socket' 104 | before_fork do |server,worker| 105 | FileUtils.touch('/tmp/app-initialized') 106 | end 107 | ``` 108 | ```bash 109 | $ git add config/unicorn.rb 110 | $ git commit -m 'Update unicorn config to listen on NGINX socket.' 111 | ``` 112 | Deploy Changes 113 | ```bash 114 | $ git push heroku master 115 | ``` 116 | 117 | ### New App 118 | 119 | ```bash 120 | $ mkdir myapp; cd myapp 121 | $ git init 122 | ``` 123 | 124 | **Gemfile** 125 | ```ruby 126 | source 'https://rubygems.org' 127 | gem 'unicorn' 128 | ``` 129 | 130 | **config.ru** 131 | ```ruby 132 | run Proc.new {[200,{'Content-Type' => 'text/plain'}, ["hello world"]]} 133 | ``` 134 | 135 | **config/unicorn.rb** 136 | ```ruby 137 | require 'fileutils' 138 | preload_app true 139 | timeout 5 140 | worker_processes 4 141 | listen '/tmp/nginx.socket', backlog: 1024 142 | 143 | before_fork do |server,worker| 144 | FileUtils.touch('/tmp/app-initialized') 145 | end 146 | ``` 147 | Install Gems 148 | ```bash 149 | $ bundle install 150 | ``` 151 | Create Procfile 152 | ``` 153 | web: bin/start-nginx bundle exec unicorn -c config/unicorn.rb 154 | ``` 155 | Create & Push Heroku App: 156 | ```bash 157 | $ heroku create --buildpack https://github.com/ddollar/heroku-buildpack-multi.git 158 | $ echo 'https://codon-buildpacks.s3.amazonaws.com/buildpacks/heroku/ruby.tgz' >> .buildpacks 159 | $ echo 'https://github.com/ryandotsmith/nginx-buildpack.git' >> .buildpacks 160 | $ git add . 161 | $ git commit -am "init" 162 | $ git push heroku master 163 | $ heroku logs -t 164 | ``` 165 | Visit App 166 | ``` 167 | $ heroku open 168 | ``` 169 | 170 | ## License 171 | Copyright (c) 2013 Ryan R. Smith 172 | Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions: 173 | The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software. 174 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. 175 | --------------------------------------------------------------------------------