2018-05-05 07:05:08 +02:00
|
|
|
root __FINALPATH__/ ;
|
|
|
|
location __PATH__ {
|
2015-08-23 17:33:13 +02:00
|
|
|
|
|
|
|
# Force https
|
|
|
|
if ($scheme = http) {
|
2017-07-22 02:31:23 +02:00
|
|
|
rewrite ^ https://$server_name$request_uri? permanent;
|
2018-05-05 07:05:08 +02:00
|
|
|
}
|
2018-04-30 20:24:17 +02:00
|
|
|
|
2018-05-05 07:05:08 +02:00
|
|
|
if (!-e $request_filename) {
|
|
|
|
rewrite ^(.*)$ /index.php?q=$1;
|
|
|
|
}
|
2018-04-30 20:24:17 +02:00
|
|
|
}
|
|
|
|
|
2015-08-23 17:33:13 +02:00
|
|
|
|
2018-04-30 20:24:17 +02:00
|
|
|
# Example PHP configuration
|
|
|
|
location ~* \.php$ {
|
|
|
|
try_files $uri =404;
|
|
|
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
|
|
|
fastcgi_pass unix:/var/run/php5-fpm-__NAME__.sock;
|
2015-08-23 17:33:13 +02:00
|
|
|
fastcgi_index index.php;
|
|
|
|
include fastcgi_params;
|
|
|
|
fastcgi_param REMOTE_USER $remote_user;
|
|
|
|
fastcgi_param PATH_INFO $fastcgi_path_info;
|
2018-04-30 20:24:17 +02:00
|
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
|
|
|
|
|
|
client_max_body_size 20m;
|
|
|
|
client_body_buffer_size 128k;
|
2015-08-23 17:33:13 +02:00
|
|
|
}
|
2017-07-22 02:31:23 +02:00
|
|
|
|
2018-04-30 20:24:17 +02:00
|
|
|
# make sure webfinger and other well known services aren't blocked
|
|
|
|
# by denying dot files and rewrite request to the front controller
|
|
|
|
location ^~ /.well-known/ {
|
|
|
|
allow all;
|
|
|
|
rewrite ^/(.*) /index.php?q=$uri&$args last;
|
2017-02-05 16:11:01 +01:00
|
|
|
}
|
2018-04-30 20:24:17 +02:00
|
|
|
|
2017-07-22 02:31:23 +02:00
|
|
|
# statically serve these file types when possible
|
|
|
|
# otherwise fall back to front controller
|
|
|
|
# allow browser to cache them
|
|
|
|
# added .htm for advanced source code editor library
|
2018-04-30 20:24:17 +02:00
|
|
|
location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|map|ttf|woff|woff2|svg)$ {
|
2017-07-22 02:31:23 +02:00
|
|
|
expires 30d;
|
|
|
|
try_files $uri /index.php?q=$uri&$args;
|
2018-04-30 20:24:17 +02:00
|
|
|
}
|
|
|
|
|
2017-07-22 02:31:23 +02:00
|
|
|
# block these file types
|
2018-04-30 20:24:17 +02:00
|
|
|
location ~* \.(tpl|md|tgz|log|out)$ {
|
2017-07-22 02:31:23 +02:00
|
|
|
deny all;
|
2018-04-30 20:24:17 +02:00
|
|
|
}
|
|
|
|
|
2017-07-22 02:31:23 +02:00
|
|
|
# deny access to all dot files
|
2018-04-30 20:24:17 +02:00
|
|
|
location ~ /\. {
|
2017-07-22 02:31:23 +02:00
|
|
|
deny all;
|
|
|
|
}
|
2018-04-30 20:24:17 +02:00
|
|
|
|
|
|
|
#deny access to store
|
|
|
|
|
|
|
|
location ~ /store {
|
|
|
|
deny all;
|
2018-05-05 07:05:08 +02:00
|
|
|
}
|
2018-04-30 20:24:17 +02:00
|
|
|
|
2017-07-22 02:31:23 +02:00
|
|
|
|