92 lines
2.7 KiB
Nginx Configuration File
92 lines
2.7 KiB
Nginx Configuration File
|
user vagrant;
|
||
|
worker_processes auto;
|
||
|
pid /var/run/nginx.pid;
|
||
|
|
||
|
events {
|
||
|
worker_connections 768;
|
||
|
}
|
||
|
|
||
|
http {
|
||
|
sendfile on;
|
||
|
tcp_nopush on;
|
||
|
tcp_nodelay on;
|
||
|
keepalive_timeout 65;
|
||
|
types_hash_max_size 2048;
|
||
|
server_tokens off;
|
||
|
|
||
|
charset utf-8;
|
||
|
|
||
|
gzip on;
|
||
|
gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
|
||
|
|
||
|
include mime.types;
|
||
|
default_type application/octet-stream;
|
||
|
|
||
|
client_max_body_size 100M;
|
||
|
disable_symlinks off;
|
||
|
|
||
|
add_header X-Content-Type-Options nosniff;
|
||
|
add_header X-XSS-Protection "1; mode=block";
|
||
|
|
||
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3;
|
||
|
ssl_prefer_server_ciphers on;
|
||
|
ssl_ciphers 'ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA:ECDHE-RSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-RSA-AES256-SHA256:DHE-RSA-AES256-SHA:ECDHE-ECDSA-DES-CBC3-SHA:ECDHE-RSA-DES-CBC3-SHA:EDH-RSA-DES-CBC3-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:DES-CBC3-SHA:!DSS';
|
||
|
ssl_ecdh_curve secp384r1;
|
||
|
ssl_session_cache shared:SSL:10m;
|
||
|
ssl_session_tickets off;
|
||
|
ssl_stapling on;
|
||
|
ssl_stapling_verify on;
|
||
|
ssl_dhparam dhparam.pem;
|
||
|
|
||
|
error_log /var/log/nginx/error.log crit;
|
||
|
|
||
|
server {
|
||
|
root /www/misuzu/public;
|
||
|
server_name misuzu;
|
||
|
index index.php;
|
||
|
|
||
|
location / {
|
||
|
try_files $uri $uri/ /index.php?$query_string;
|
||
|
}
|
||
|
|
||
|
location ~* \.(eot|otf|ttf|woff|woff2)$ {
|
||
|
add_header Access-Control-Allow-Origin *;
|
||
|
}
|
||
|
|
||
|
location /msz-storage {
|
||
|
alias /www/misuzu/store;
|
||
|
internal;
|
||
|
}
|
||
|
|
||
|
listen 80;
|
||
|
listen 443 ssl;
|
||
|
listen [::]:80;
|
||
|
listen [::]:443 ssl;
|
||
|
|
||
|
location = /favicon.ico {
|
||
|
log_not_found off;
|
||
|
access_log off;
|
||
|
}
|
||
|
|
||
|
location = /robots.txt {
|
||
|
log_not_found off;
|
||
|
access_log off;
|
||
|
}
|
||
|
|
||
|
ssl_certificate misuzu.crt;
|
||
|
ssl_certificate_key misuzu.key;
|
||
|
|
||
|
location ~ [^/]\.php(/|$) {
|
||
|
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||
|
|
||
|
if (!-f $document_root$fastcgi_script_name) {
|
||
|
return 404;
|
||
|
}
|
||
|
|
||
|
fastcgi_pass unix:/var/run/php/php8.1-fpm.sock;
|
||
|
fastcgi_index index.php;
|
||
|
include fastcgi_params;
|
||
|
}
|
||
|
}
|
||
|
}
|