#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location __PATH__/ { alias __FINALPATH__/; if ($scheme = http) { rewrite ^ https://$server_name$request_uri? permanent; } if (!-e $request_filename) { rewrite ^(.*)$ /index.php?pagename=$1; } #allow uploads up to 20MB in size client_max_body_size 20m; client_body_buffer_size 128k; #Default indexes and catch-all index index.php; # make sure webfinger and other well known services aren't blocked # by denying dot files and rewrite request to the front controller location ^~ /.well-known/ { allow all; if (!-e $request_filename) { rewrite ^(.*)$ /index.php?pagename=$1; } } include mime.types; # block these file types location ~* \.(tpl|md|tgz|log|out)$ { deny all; } #Execute and serve PHP files location ~* \.php$ { fastcgi_split_path_info ^(.+?\.php)(/.*)$; try_files $uri =404; fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } # deny access to all dot files location ~ /\. { deny all; } #Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; }