58 lines
1.5 KiB
Django/Jinja
58 lines
1.5 KiB
Django/Jinja
server {
|
|
listen 443 ssl;
|
|
listen [::]:443 ssl;
|
|
|
|
server_name {{ strichliste_domain }};
|
|
|
|
ssl_certificate_key /etc/nginx/ssl/{{ strichliste_domain }}.key;
|
|
ssl_certificate /etc/nginx/ssl/{{ strichliste_domain }}.crt;
|
|
|
|
root /var/www/strichliste/public;
|
|
|
|
location / {
|
|
# try to serve file directly, fallback to index.php
|
|
try_files $uri /index.php$is_args$args;
|
|
}
|
|
|
|
location ~ ^/index\.php(/|$) {
|
|
fastcgi_split_path_info ^(.+\.php)(/.*)$;
|
|
include fastcgi_params;
|
|
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
fastcgi_param PATH_INFO $fastcgi_path_info;
|
|
|
|
#Avoid sending the security headers twice
|
|
fastcgi_param modHeadersAvailable true;
|
|
fastcgi_param front_controller_active true;
|
|
fastcgi_pass unix:/run/php/php-fpm.sock;
|
|
fastcgi_intercept_errors on;
|
|
fastcgi_request_buffering off;
|
|
|
|
# Prevents URIs that include the front controller. This will 404:
|
|
# http://domain.tld/index.php/some-path
|
|
# Remove the internal directive to allow URIs like this
|
|
internal;
|
|
}
|
|
|
|
# return 404 for all other php files not matching the front controller
|
|
# this prevents access to other php files you don't want to be accessible.
|
|
location ~ \.php$ {
|
|
return 404;
|
|
}
|
|
|
|
|
|
}
|
|
|
|
server {
|
|
listen [::]:80;
|
|
listen 80;
|
|
|
|
server_name {{ strichliste_domain }};
|
|
|
|
if ($host = {{ strichliste_domain }}) {
|
|
return 301 https://$host$request_uri;
|
|
}
|
|
|
|
return 404;
|
|
}
|