My recommendation for nginx would be to set it up with essentially one backend and let it handle https (including a redirect from port 80->443), and static files (css, js, logos, which includes "resources"). Unfortunately, we do not have a lean&mean nginx file for posting right now (the config files for nginx tend to get convoluted with many localisms).
i would not recommend to serve content repository files via nginx, at least if these files are not public. There are ways to integrate external authentication schemes into nginx, but we have not tried this. Background delivery is scaling great, there is no need to hand this over to nginx (yesterday, our server delivered 240 GB of data, 180GB were delivered from the backend). Right now, 32 files are concurrently spooled via bgdelivery.
We do not use any special nginx modules. h264 streaming is performed via an aolserver module and bgdelivery, chunked input and range requests are handled via naviserver. We are using naviserver in production since more than a year. Most our updates/fixes/extensions for naviserver are in the public repository at bitkeeper, we have still to clean up openacs integration layer, but we could do this in a month or so.