github.com/ddev/ddev@v1.23.2-0.20240519125000-d824ffe36ff3/pkg/ddevapp/webserver_config_assets/nginx_second_docroot_example-site-php.conf (about) 1 # Example configuration for a second docroot 2 3 #ddev-generated 4 # If you want to take over this file and customize it, rename it to <yourname>.conf, 5 # and remove the ddev-generated line above 6 7 server { 8 # Set the docroot to where it belongs in the codebase 9 root /var/www/html/seconddocroot; 10 # Set the server_name so this config can be selected 11 # You'll need additional_hostnames["seconddocroot"] in config.yaml for this to work 12 server_name seconddocroot.ddev.site; 13 14 listen 80; 15 listen 443 ssl; 16 17 ssl_certificate /etc/ssl/certs/master.crt; 18 ssl_certificate_key /etc/ssl/certs/master.key; 19 20 include /etc/nginx/monitoring.conf; 21 22 index index.php index.htm index.html; 23 24 # Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html 25 sendfile off; 26 error_log /dev/stdout info; 27 access_log /var/log/nginx/access.log; 28 29 location / { 30 absolute_redirect off; 31 try_files $uri $uri/ /index.php?$query_string; 32 } 33 34 location @rewrite { 35 # For D7 and above: 36 # Clean URLs are handled in drupal_environment_initialize(). 37 rewrite ^ /index.php; 38 } 39 40 # pass the PHP scripts to FastCGI server listening on socket 41 location ~ \.php$ { 42 try_files $uri =404; 43 fastcgi_split_path_info ^(.+\.php)(/.+)$; 44 fastcgi_pass unix:/run/php-fpm.sock; 45 fastcgi_buffers 16 16k; 46 fastcgi_buffer_size 32k; 47 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 48 fastcgi_param SCRIPT_NAME $fastcgi_script_name; 49 fastcgi_index index.php; 50 include fastcgi_params; 51 fastcgi_intercept_errors off; 52 # fastcgi_read_timeout should match max_execution_time in php.ini 53 fastcgi_read_timeout 10m; 54 fastcgi_param SERVER_NAME $host; 55 fastcgi_param HTTPS $fcgi_https; 56 } 57 58 # Expire rules for static content 59 # Media: images, icons, video, audio, HTC 60 location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|webp|htc)$ { 61 expires 1M; 62 access_log off; 63 add_header Cache-Control "public"; 64 } 65 66 # Prevent clients from accessing hidden files (starting with a dot) 67 # This is particularly important if you store .htpasswd files in the site hierarchy 68 # Access to `/.well-known/` is allowed. 69 # https://www.mnot.net/blog/2010/04/07/well-known 70 # https://tools.ietf.org/html/rfc5785 71 location ~* /\.(?!well-known\/) { 72 deny all; 73 } 74 75 # Prevent clients from accessing to backup/config/source files 76 location ~* (?:\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ { 77 deny all; 78 } 79 80 include /etc/nginx/common.d/*.conf; 81 include /mnt/ddev_config/nginx/*.conf; 82 }