mirror of
https://github.com/daledavies/jump.git
synced 2026-01-10 09:22:06 +01:00
124 lines
3.6 KiB
Nginx Configuration File
124 lines
3.6 KiB
Nginx Configuration File
user jumpapp;
|
|
worker_processes auto;
|
|
|
|
events {
|
|
worker_connections 1024;
|
|
}
|
|
|
|
http {
|
|
include mime.types;
|
|
default_type application/octet-stream;
|
|
|
|
# Define custom log format to include reponse times
|
|
log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" '
|
|
'$status $body_bytes_sent "$http_referer" '
|
|
'"$http_user_agent" "$http_x_forwarded_for" '
|
|
'$request_time $upstream_response_time $pipe $upstream_cache_status';
|
|
|
|
access_log /dev/stdout main_timed;
|
|
|
|
keepalive_timeout 5;
|
|
|
|
# Write temporary files to /tmp so they can be created as a non-privileged user
|
|
client_body_temp_path /tmp/client_temp;
|
|
proxy_temp_path /tmp/proxy_temp_path;
|
|
fastcgi_temp_path /tmp/fastcgi_temp;
|
|
uwsgi_temp_path /tmp/uwsgi_temp;
|
|
scgi_temp_path /tmp/scgi_temp;
|
|
|
|
# Default server definition
|
|
server {
|
|
listen [::]:8080 default_server;
|
|
listen 8080 default_server;
|
|
server_name _;
|
|
|
|
sendfile off;
|
|
absolute_redirect off;
|
|
|
|
root /var/www/html;
|
|
index index.php index.html;
|
|
|
|
# Hide nginx server tokens and version number
|
|
server_tokens off;
|
|
|
|
location / {
|
|
# Exclude unused HTTP methods
|
|
limit_except GET HEAD POST { deny all; }
|
|
# First attempt to serve request as file, then
|
|
# as directory, then fall back to index.php
|
|
try_files $uri $uri/ index.php$is_args$args;
|
|
}
|
|
|
|
location ~ \.php$ {
|
|
include fastcgi_params;
|
|
fastcgi_pass unix:/run/php-fpm.sock;
|
|
fastcgi_index $document_root/index.php;
|
|
|
|
fastcgi_split_path_info ^((?U).+\.php)(/?.+)$;
|
|
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
|
|
fastcgi_param PATH_TRANSLATED $document_root/$fastcgi_path_info;
|
|
fastcgi_param PATH_INFO $fastcgi_path_info;
|
|
}
|
|
|
|
# Tell browsers to cache static assets
|
|
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml|svg)$ {
|
|
expires 3d;
|
|
}
|
|
|
|
# Deny access to dot files
|
|
location ~ /\. {
|
|
log_not_found off;
|
|
deny all;
|
|
}
|
|
|
|
# Deny yaml, twig, markdown, ini file access.
|
|
location ~* /.+\.(markdown|md|twig|yaml|yml|ini)$ {
|
|
deny all;
|
|
log_not_found off;
|
|
}
|
|
|
|
# Deny all grunt, package files.
|
|
location ~* (Gruntfile|package)\.(js|json|jsonc)$ {
|
|
deny all;
|
|
log_not_found off;
|
|
}
|
|
|
|
# Deny all composer files.
|
|
location ~* composer\. {
|
|
deny all;
|
|
log_not_found off;
|
|
}
|
|
|
|
# Deny vendor directory.
|
|
location ^~ /vendor/ {
|
|
deny all;
|
|
log_not_found off;
|
|
}
|
|
|
|
# Deny jump version file
|
|
location ^~ .jump-version {
|
|
deny all;
|
|
log_not_found off;
|
|
}
|
|
|
|
# Allow fpm ping from localhost, useful for docker HEALTHCHECK.
|
|
location ~ ^/(fpm-ping)$ {
|
|
access_log off;
|
|
allow 127.0.0.1;
|
|
deny all;
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
include fastcgi_params;
|
|
fastcgi_pass unix:/run/php-fpm.sock;
|
|
}
|
|
}
|
|
|
|
gzip on;
|
|
gzip_proxied any;
|
|
gzip_types text/plain application/xml text/css text/js text/xml application/x-javascript text/javascript application/json application/xml+rss;
|
|
gzip_vary on;
|
|
gzip_disable "msie6";
|
|
|
|
# Include other server configs
|
|
include /etc/nginx/conf.d/*.conf;
|
|
}
|