使用Rails应用程序安装SSL证书的nginx配置

我在nginx服务器上用RubyonRails和passenger构建了一个站点。我的客户决定安装SSL证书。我是此类问题的新手,以前从未安装过,我需要确认我的站点启用/默认文件配置正确。 我当前的配置是:

server {
       listen 80;
       listen [::]:80 ipv6only=on;
       server_name www.mysite.com;
       passenger_enabled on;
       rails_env    production;
       root         /home/directory;

       # redirect server error pages to the static page /50x.html
       error_page   500 502 503 504  /50x.html;
       location = /50x.html {
           root   html;
       }

   }

对于添加SSL证书,我将添加另一个服务器块,如下所示:

server {
      listen 443;
      server_name www.mysite.com;
      passenger_enabled on;
      rails_env    production;
      root         /home/directory;

      ssl                  on;
      ssl_certificate      /etc/ssl/my_certificate;
      ssl_certificate_key  /etc/ssl/my_private_key;

      ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
      ssl_ciphers   "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA256:ECDHE-RSA-AES256-SHA:ECDHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES128-SHA256:DHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES256-GCM-SHA384:AES128-GCM-SHA256:AES256-SHA256:AES128-SHA256:AES256-SHA:AES128-SHA:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!MD5:!PSK:!RC4";

      ssl_prefer_server_ciphers   on;
      ssl_session_timeout  10m;
      ssl_session_cache shared:SSL:10m;
      ssl_stapling on



      # redirect server error pages to the static page /50x.html
      error_page   500 502 503 504  /50x.html;
      location = /50x.html {
          root   html;
      }

  }

• 这是配置nginx的正确方法和参数,还是需要将它们组合到一个服务器块中?

• 是否有任何东西丢失,我应该添加到以前的配置中?

• 在: server_name www.mysite.com; 我可以用我的IP地址代替域名吗?

谢谢你提前安排时间