github.com/ddev/ddev@v1.23.2-0.20240519125000-d824ffe36ff3/pkg/ddevapp/webserver_config_assets/nginx-site-drupal7.conf (about) 1 # ddev drupal7 config 2 3 #ddev-generated 4 # If you want to take over this file and customize it, remove the line above 5 # and ddev will respect it and won't overwrite the file. 6 # See https://ddev.readthedocs.io/en/stable/users/extend/customization-extendibility/#custom-nginx-configuration 7 8 server { 9 listen 80 default_server; 10 listen 443 ssl default_server; 11 12 root {{ .Docroot }}; 13 14 ssl_certificate /etc/ssl/certs/master.crt; 15 ssl_certificate_key /etc/ssl/certs/master.key; 16 17 include /etc/nginx/monitoring.conf; 18 19 index index.php index.htm index.html; 20 21 # Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html 22 sendfile off; 23 error_log /dev/stdout info; 24 access_log /var/log/nginx/access.log; 25 26 location / { 27 absolute_redirect off; 28 29 # First attempt to serve request as file, then 30 # as directory, then fall back to index.html 31 try_files $uri $uri/ /index.php?q=$uri&$args; 32 } 33 34 location @rewrite { 35 # For D7 and above: 36 # Clean URLs are handled in drupal_environment_initialize(). 37 rewrite ^ /index.php; 38 } 39 40 # Handle image styles for Drupal 7+ 41 location ~ ^/sites/.*/files/styles/ { 42 try_files $uri @rewrite; 43 } 44 45 # pass the PHP scripts to FastCGI server listening on socket 46 location ~ \.php$ { 47 try_files $uri =404; 48 fastcgi_split_path_info ^(.+\.php)(/.+)$; 49 fastcgi_pass unix:/run/php-fpm.sock; 50 fastcgi_buffers 16 16k; 51 fastcgi_buffer_size 32k; 52 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 53 fastcgi_param SCRIPT_NAME $fastcgi_script_name; 54 fastcgi_index index.php; 55 include fastcgi_params; 56 fastcgi_intercept_errors off; 57 # fastcgi_read_timeout should match max_execution_time in php.ini 58 fastcgi_read_timeout 10m; 59 fastcgi_param SERVER_NAME $host; 60 fastcgi_param HTTPS $fcgi_https; 61 } 62 63 # Expire rules for static content 64 65 # Media: images, icons, video, audio, HTC 66 location ~* \.(jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|webp|htc)$ { 67 try_files $uri @rewrite; 68 expires max; 69 log_not_found off; 70 } 71 72 # js and css always loaded 73 location ~* \.(js|css)$ { 74 try_files $uri @rewrite; 75 expires -1; 76 log_not_found off; 77 } 78 79 # Prevent clients from accessing hidden files (starting with a dot) 80 # This is particularly important if you store .htpasswd files in the site hierarchy 81 # Access to `/.well-known/` is allowed. 82 # https://www.mnot.net/blog/2010/04/07/well-known 83 # https://tools.ietf.org/html/rfc5785 84 location ~* /\.(?!well-known\/) { 85 deny all; 86 } 87 88 # Prevent clients from accessing to backup/config/source files 89 location ~* (?:\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ { 90 deny all; 91 } 92 93 ## Regular private file serving (i.e. handled by Drupal). 94 location ^~ /system/files/ { 95 ## For not signaling a 404 in the error log whenever the 96 ## system/files directory is accessed add the line below. 97 ## Note that the 404 is the intended behavior. 98 log_not_found off; 99 access_log off; 100 expires 30d; 101 try_files $uri @rewrite; 102 } 103 include /etc/nginx/common.d/*.conf; 104 include /mnt/ddev_config/nginx/*.conf; 105 }