github.com/ddev/ddev@v1.23.2-0.20240519125000-d824ffe36ff3/pkg/ddevapp/webserver_config_assets/nginx-site-drupal6.conf (about)

     1  # ddev drupal6 config
     2  
     3  #ddev-generated
     4  # If you want to take over this file and customize it, remove the line above
     5  # and ddev will respect it and won't overwrite the file.
     6  # See https://ddev.readthedocs.io/en/stable/users/extend/customization-extendibility/#custom-nginx-configuration
     7  
     8  # Parts of this config come from the excellent Perusio config that
     9  # was fine-tuned for Drupal6 and Drupal7:
    10  # https://github.com/perusio/drupal-with-nginx
    11  
    12  ### Defines the $no_slash_uri variable for drupal 6. See https://drupal.org/node/827236.
    13  map $uri $no_slash_uri {
    14      ~^/(?<no_slash>.*)$ $no_slash;
    15  }
    16  
    17  server {
    18      listen 80 default_server;
    19      listen 443 ssl default_server;
    20  
    21      root {{ .Docroot }};
    22  
    23      ssl_certificate /etc/ssl/certs/master.crt;
    24      ssl_certificate_key /etc/ssl/certs/master.key;
    25  
    26      include /etc/nginx/monitoring.conf;
    27  
    28      index index.php index.htm index.html;
    29  
    30      # Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html
    31      sendfile off;
    32      error_log /dev/stdout info;
    33      access_log /var/log/nginx/access.log;
    34  
    35      location / {
    36          absolute_redirect off;
    37          try_files $uri $uri/    @rewrite;
    38      }
    39  
    40      location @rewrite {
    41          rewrite ^/(.*)$ /index.php?q=$1;
    42      }
    43  
    44      # Handle imagecache
    45      location ~* /imagecache/ {
    46          access_log off;
    47          expires 1h;
    48          try_files $uri /index.php?q=$no_slash_uri&$args;
    49      }
    50  
    51  
    52      # pass the PHP scripts to FastCGI server listening on socket
    53      location ~ \.php$ {
    54          try_files $uri =404;
    55          fastcgi_split_path_info ^(.+\.php)(/.+)$;
    56          fastcgi_pass unix:/run/php-fpm.sock;
    57          fastcgi_buffers 16 16k;
    58          fastcgi_buffer_size 32k;
    59          fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    60          fastcgi_param SCRIPT_NAME $fastcgi_script_name;
    61          fastcgi_index index.php;
    62          include fastcgi_params;
    63          fastcgi_intercept_errors off;
    64          # fastcgi_read_timeout should match max_execution_time in php.ini
    65          fastcgi_read_timeout 10m;
    66          fastcgi_param SERVER_NAME $host;
    67          fastcgi_param HTTPS $fcgi_https;
    68      }
    69  
    70      # Expire rules for static content
    71  
    72      # Media: images, icons, video, audio, HTC
    73      location ~* \.(jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|webp|htc)$ {
    74          try_files $uri @rewrite;
    75          expires max;
    76          log_not_found off;
    77      }
    78  
    79      # js and css always loaded
    80      location ~* \.(js|css)$ {
    81          try_files $uri @rewrite;
    82          expires -1;
    83          log_not_found off;
    84      }
    85  
    86      # Prevent clients from accessing hidden files (starting with a dot)
    87      # This is particularly important if you store .htpasswd files in the site hierarchy
    88      # Access to `/.well-known/` is allowed.
    89      # https://www.mnot.net/blog/2010/04/07/well-known
    90      # https://tools.ietf.org/html/rfc5785
    91      location ~* /\.(?!well-known\/) {
    92          deny all;
    93      }
    94  
    95      # Prevent clients from accessing to backup/config/source files
    96      location ~* (?:\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ {
    97          deny all;
    98      }
    99      include /etc/nginx/common.d/*.conf;
   100      include /mnt/ddev_config/nginx/*.conf;
   101  }