From e157d588475749b489730e937cf32aa5cb013d4b Mon Sep 17 00:00:00 2001 From: Lewis Dale Date: Tue, 22 Oct 2024 12:29:18 +0100 Subject: [PATCH] Add nginx template --- nginx.template.conf | 67 +++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 67 insertions(+) create mode 100644 nginx.template.conf diff --git a/nginx.template.conf b/nginx.template.conf new file mode 100644 index 0000000..6e49222 --- /dev/null +++ b/nginx.template.conf @@ -0,0 +1,67 @@ +worker_processes 5; +daemon off; + +worker_rlimit_nofile 8192; + +events { + worker_connections 4096; # Default: 1024 +} + +http { + include $!{nginx}/conf/mime.types; + index index.html index.htm index.php; + + default_type application/octet-stream; + log_format main '$remote_addr - $remote_user [$time_local] $status ' + '"$request" $body_bytes_sent "$http_referer" ' + '"$http_user_agent" "$http_x_forwarded_for"'; + access_log /dev/stdout; + error_log /dev/stdout; + sendfile on; + tcp_nopush on; + server_names_hash_bucket_size 128; # this seems to be required for some vhosts + + server { + listen ${PORT}; + listen [::]:${PORT}; + server_name localhost; + + root /app/; + + add_header X-Frame-Options "SAMEORIGIN"; + add_header X-Content-Type-Options "nosniff"; + + index index.php; + + charset utf-8; + + location = /favicon.ico { access_log off; log_not_found off; } + location = /robots.txt { access_log off; log_not_found off; } + + location ^~ /bin/ { + deny all; + } + location ~ /vendor/.*\.php$ { + deny all; + } + + location / { + # This is cool because no php is touched for static content. + # include the "?$args" part so non-default permalinks doesn't break when using query string + try_files $uri $uri/ /index.php?$args; + } + + location ~ \.php$ { + fastcgi_pass 127.0.0.1:9000; + fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name; + include $!{nginx}/conf/fastcgi_params; + include $!{nginx}/conf/fastcgi.conf; + } + + location ~ /\.(?!well-known).* { + deny all; + } + + + } +} \ No newline at end of file