diff options
Diffstat (limited to '.ddev/nginx_full/nginx-site.conf')
-rw-r--r-- | .ddev/nginx_full/nginx-site.conf | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/.ddev/nginx_full/nginx-site.conf b/.ddev/nginx_full/nginx-site.conf new file mode 100644 index 0000000..29646a7 --- /dev/null +++ b/.ddev/nginx_full/nginx-site.conf @@ -0,0 +1,94 @@ +# ddev nginx config for Hubzilla + +server { + listen 80 default_server; + listen 443 ssl default_server; + + root /var/www/html/core; + + ssl_certificate /etc/ssl/certs/master.crt; + ssl_certificate_key /etc/ssl/certs/master.key; + + include /etc/nginx/monitoring.conf; + + index index.php; + charset utf-8; + + # Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html + sendfile off; + error_log /dev/stdout info; + access_log /var/log/nginx/access.log; + + # allow uploads up to 20MB in size + client_max_body_size 20m; + client_body_buffer_size 128k; + + include mime.types; + + # rewrite to front controller as default rule + location / { + # try_files $uri /index.php?q=$uri; + if (!-e $request_filename) { + rewrite ^(.*)$ /index.php?q=$1; + } + } + + # make sure webfinger and other well known services aren't blocked + # by denying dot files and rewrite request to the front controller + location ^~ /.well-known/ { + allow all; + try_files $uri /index.php?q=$uri; + } + + # statically serve these file types when possible + # otherwise fall back to front controller + # allow browser to cache them + # added .htm for advanced source code editor library + location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|map|ttf|woff|woff2|svg)$ { + expires 30d; + try_files $uri /index.php?q=$uri&$args; + } + + # block these file types + location ~* \.(tpl|md|tgz|log|out)$ { + deny all; + } + + # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 + # or a unix socket + # pass the PHP scripts to FastCGI server listening on socket + location ~ \.php$ { + try_files $uri =404; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/run/php-fpm.sock; + fastcgi_buffers 16 16k; + fastcgi_buffer_size 32k; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param SCRIPT_NAME $fastcgi_script_name; + fastcgi_index index.php; + include fastcgi_params; + fastcgi_intercept_errors off; + # fastcgi_read_timeout should match max_execution_time in php.ini + fastcgi_read_timeout 10m; + fastcgi_param SERVER_NAME $host; + fastcgi_param HTTPS $fcgi_https; + } + + # deny access to all dot files + location ~ /\. { + deny all; + } + + #deny access to store + location ~ /store { + deny all; + } + + #deny access to util + location ~ /util { + deny all; + } + + include /etc/nginx/common.d/*.conf; + include /mnt/ddev_config/nginx/*.conf; +} |