location ^~ __PATH__ { if ($scheme = http) { rewrite ^ https://$server_name$request_uri? permanent; } alias __FINALPATH__/public/; index index.php; # Bug in Nginx with locations and aliases (see http://stackoverflow.com/a/35102259 ) # try_files $uri $uri/ /index.php?$query_string; # will not work for /admin and /api if (!-e $request_filename) { rewrite ^ __PATH_HACK__/index.php last; } location ~* \.php$ { fastcgi_split_path_info ^(.+.php)(/.+)$; fastcgi_pass unix:/var/run/php-fpm-__NAME__.sock; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $request_filename; fastcgi_param HTTP_PROXY ""; # Fix for https://httpoxy.org/ vulnerability fastcgi_index index.php; fastcgi_read_timeout 600; } # Expire rules for static content location ~* \.(?:manifest|appcache|html?|xml|json)$ { more_set_headers "Cache-Control: max-age=0"; } location ~* \.(?:rss|atom)$ { more_set_headers "Cache-Control: max-age=3600"; } location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|mp4|ogg|ogv|webm|htc)$ { more_set_headers "Cache-Control: max-age=2592000"; access_log off; } location ~* \.(?:css|js)$ { more_set_headers "Cache-Control: max-age=31536000"; access_log off; } location ~* \.(?:ttf|ttc|otf|eot|woff|woff2)$ { more_set_headers "Cache-Control: max-age=2592000"; access_log off; } # Gzip compression gzip on; gzip_comp_level 5; gzip_min_length 256; gzip_proxied any; gzip_vary on; gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; # Include SSOWAT user panel. # include conf.d/yunohost_panel.conf.inc; }