nginx + spdy

So I changed my site, its now a static site running
nginx instead of my old Varnish + LAMP setup.
This simplifies the complexity a lot and allows me to add support for the spdy
protocol. As of this writing Nginx supports spdy/2 and not spdy/3
unfortunately. It's still an experimental feature, so don't run this in your
large production environment just yet. Another cool feature in version 1.4.x
is support for proxying of WebSocket connections, but thats another story.

This is how easy it is to add spdy to Nginx on Ubuntu:

Install Nginx and the extras packages

nginx=stable # use nginx=development for latest development version
add-apt-repository ppa:nginx/$nginx
apt-get update
apt-get install nginx nginx-extras

Create SSL Certificates

openssl genrsa -des3 -out martensson.io.key 1024
cp martensson.io.key martensson.io.key.bak
openssl rsa -in martensson.io.key.bak -out martensson.io.key # remove password
openssl req -new -key martensson.io.key -out martensson.io.csr
openssl x509 -req -days 3650 -in martensson.io.csr -signkey martensson.io.key -out martensson.io.crt

Add the following to your Nginx config

listen 443 ssl spdy;
ssl_certificate      /etc/nginx/ssl/martensson.io.crt;
ssl_certificate_key  /etc/nginx/ssl/martensson.io.key;
ssl_protocols        SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers RC4:HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
keepalive_timeout    60;
ssl_session_cache    shared:SSL:10m;
ssl_session_timeout  10m;
# Tell the browser we do SPDY
add_header        Alternate-Protocol  443:npn-spdy/2;

You can now happily restart Nginx and visit spdycheck to see that everything works.