nginx_collatter18.conf

upstream puma {
  # pumaの設定で指定したsocketファイルを指定
  server unix:///Users/qiu/collatter18/tmp/sockets/puma.sock;
}

server {
  # nginxが待ち受けしたいポートを指定
  listen 8080;
  listen [::]:8080;
  server_name collatter.com;
  charset     utf-8;

  return 301 https://$host$request_uri;
} 

server {
  listen 4430 ssl;
  server_name collatter.com;
  charset     utf-8;

  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  #ssl_prefer_server_ciphers on;
  # sslのセッションキャッシュを有効化してCPUの負荷を減らす
  # https://gist.github.com/kenjiskywalker/4698573#sslのセッションキャッシュを有効化してcpuの負荷を減らす
  #ssl_session_cache shared:le_nginx_SSL:1m;
  ssl_session_cache    shared:SSL:10m;
  #ssl_session_timeout 1440m;
  ssl_session_timeout  10m;
  #ssl_ciphers  HIGH:!aNULL:!MD5;
  ssl_ciphers "ALL:!IDEA:!DSS:!DH";
  ssl_prefer_server_ciphers  on;
  add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";


  root /Users/qiu/collatter18/public;

  location ~ ^/assets/ {
    root   /Users/qiu/collatter18/public;
  }
  location ~ ^/uploads/ {
    root   /Users/qiu/collatter18/public;
  }
  location ^~ /.well-known/acme-challenge/ {
      #certbot certonly -w /usr/local/var/www/ -d collatter.com
      root /usr/local/var/www;
  }

  location = /.well-known/acme-challenge/ {
      return 404;
  }

  location / {
    proxy_read_timeout 300;
    proxy_connect_timeout 300;
    proxy_redirect off;
    proxy_set_header Host $host;
    proxy_set_header X-Forwarded-Proto $scheme;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    # 上記server_name で設定した名前で指定
    proxy_pass http://puma;
  }

  #IMPORTANT NOTES:
  # - Congratulations! Your certificate and chain have been saved at:
  #   /etc/letsencrypt/live/collatter.com/fullchain.pem
  #   Your key file has been saved at:
  #   /etc/letsencrypt/live/collatter.com/privkey.pem
  #   Your cert will expire on 2019-05-23. To obtain a new or tweaked
  #   version of this certificate in the future, simply run certbot
  #   again. To non-interactively renew *all* of your certificates, run
  #   "certbot renew"
  ssl_certificate           /etc/letsencrypt/live/collatter.com/fullchain.pem;
  ssl_certificate_key       /etc/letsencrypt/live/collatter.com/privkey.pem;
}