reorganize nginx config
This commit is contained in:
parent
e1c13393e5
commit
7b38883546
|
@ -1,47 +1,20 @@
|
|||
#SSL:server {
|
||||
#SSL: listen 80 default_server;
|
||||
#SSL: server_name _;
|
||||
#SSL: return 301 https://$server_name$request_uri;
|
||||
#SSL:}
|
||||
|
||||
server {
|
||||
listen 80 default_server;
|
||||
#SSL:listen 443 http2 ssl;
|
||||
#SSL:ssl_certificate /mnt/config/ssl/live/REPLACE_WITH_DOMAIN_NAME/fullchain.pem;
|
||||
#SSL:ssl_certificate_key /mnt/config/ssl/live/REPLACE_WITH_DOMAIN_NAME/privkey.pem;
|
||||
#SSL:ssl_trusted_certificate /mnt/config/ssl/live/REPLACE_WITH_DOMAIN_NAME/chain.pem;
|
||||
|
||||
server_name _;
|
||||
include /mnt/config/etc/nginx.d/_server_local.inc;
|
||||
root /mnt/media;
|
||||
|
||||
autoindex off;
|
||||
expires $expires;
|
||||
set_real_ip_from REPLACE_WITH_TRUSTED_PROXY_SUBNET;
|
||||
real_ip_header X-Real-IP;
|
||||
real_ip_recursive on;
|
||||
|
||||
location ~ /\. {
|
||||
deny all;
|
||||
}
|
||||
|
||||
# ======== #
|
||||
# Security #
|
||||
# ======== #
|
||||
|
||||
location ~ /_h5ai/($|CHANGELOG.md$|README.md$|private/) { deny all; }
|
||||
|
||||
# ======================================== #
|
||||
# YOU CAN DELETE THIS IF YOU DON'T NEED IT #
|
||||
# ======================================== #
|
||||
#location ~ /local/ {
|
||||
# allow 192.168.0.0/16;
|
||||
# deny all;
|
||||
#}
|
||||
|
||||
location ~ /local/ {
|
||||
allow 192.168.0.0/16;
|
||||
deny all;
|
||||
}
|
||||
|
||||
# ======= #
|
||||
# PHP-FPM #
|
||||
# ======= #
|
||||
|
||||
location ~ \.php$ {
|
||||
try_files $uri =404;
|
||||
fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
|
||||
fastcgi_index index.php;
|
||||
include /etc/nginx/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
|
||||
}
|
||||
include /mnt/config/etc/nginx.d/_server_php.inc;
|
||||
}
|
Loading…
Reference in New Issue