spip_ynh/conf/nginx.conf

#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
location __PATH__/ {

	# Path to source
	alias __FINALPATH__/ ;

	# Force usage of https
	if ($scheme = http) {
		rewrite ^ https://$server_name$request_uri? permanent;
	}

 	index index.php;

 	client_max_body_size 30M;

 	try_files $uri $uri/ index.php;

	if (!-e $request_filename)
	{
		rewrite ^/([^/]*)/robots\.txt$    __PATH__/spip.php?page=robots.txt    last;
		rewrite ^/([^/]*)/sitemap\.xml$   __PATH__/spip.php?page=sitemap.xml   last;
		rewrite ^(.+)$ __PATH__/index.php?q=$1 last;
	}

	# Add headers to serve security related headers
	more_set_headers Strict-Transport-Security "max-age=15768000;";
	more_set_headers X-Content-Type-Options nosniff;
	more_set_headers X-Frame-Options "SAMEORIGIN";
	more_set_headers X-XSS-Protection "1; mode=block";
	more_set_headers X-Robots-Tag none;
	more_set_headers X-Download-Options noopen;
	more_set_headers X-Permitted-Cross-Domain-Policies none;

	location ~^/(tmp|config|\.ht)/{
		deny all;
	}
	location ~* \.(jpg|jpeg|gif|css|png|js|ico|swf|mp3|pdf)$ {
		# Le contenu statique, est signalé au navigateur comme étant
		# à garder en cache une semaine. Si il y a un proxy sur la
		# route, celui-ci est autorisé à faire une copie et à la
		# cacher.
		rewrite ^/([^/]*)/favicon\.ico$   __PATH__/spip.php?page=favicon.ico   last;
		expires        1w; 
		more_set_headers  Cache-Control public;
	}
	
	location ~ [^/]\.php(/|$) {
    	fastcgi_split_path_info ^(.+?\.php)(/.*)$;
    	fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock;

    	fastcgi_index index.php;
    	include fastcgi_params;
    	fastcgi_param REMOTE_USER $remote_user;
    	fastcgi_param PATH_INFO $fastcgi_path_info;
    	fastcgi_param SCRIPT_FILENAME $request_filename;
				
		set $ecrire 0;
		if ($uri ~ ^/ecrire.*) {
			set $ecrire 1;
		}
	}

	# Include SSOWAT user panel.
	include conf.d/yunohost_panel.conf.inc;
}