github.com/ddev/ddev@v1.23.2-0.20240519125000-d824ffe36ff3/pkg/ddevapp/webserver_config_assets/nginx_second_docroot_example-site-php.conf (about)

     1  # Example configuration for a second docroot
     2  
     3  #ddev-generated
     4  # If you want to take over this file and customize it, rename it to <yourname>.conf,
     5  # and remove the ddev-generated line above
     6  
     7  server {
     8      # Set the docroot to where it belongs in the codebase
     9      root /var/www/html/seconddocroot;
    10      # Set the server_name so this config can be selected
    11      # You'll need additional_hostnames["seconddocroot"] in config.yaml for this to work
    12      server_name seconddocroot.ddev.site;
    13  
    14      listen 80;
    15      listen 443 ssl;
    16  
    17      ssl_certificate /etc/ssl/certs/master.crt;
    18      ssl_certificate_key /etc/ssl/certs/master.key;
    19  
    20      include /etc/nginx/monitoring.conf;
    21  
    22      index index.php index.htm index.html;
    23  
    24      # Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html
    25      sendfile off;
    26      error_log /dev/stdout info;
    27      access_log /var/log/nginx/access.log;
    28  
    29      location / {
    30          absolute_redirect off;
    31          try_files $uri $uri/ /index.php?$query_string;
    32      }
    33  
    34      location @rewrite {
    35          # For D7 and above:
    36          # Clean URLs are handled in drupal_environment_initialize().
    37          rewrite ^ /index.php;
    38      }
    39  
    40      # pass the PHP scripts to FastCGI server listening on socket
    41      location ~ \.php$ {
    42          try_files $uri =404;
    43          fastcgi_split_path_info ^(.+\.php)(/.+)$;
    44          fastcgi_pass unix:/run/php-fpm.sock;
    45          fastcgi_buffers 16 16k;
    46          fastcgi_buffer_size 32k;
    47          fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    48          fastcgi_param SCRIPT_NAME $fastcgi_script_name;
    49          fastcgi_index index.php;
    50          include fastcgi_params;
    51          fastcgi_intercept_errors off;
    52          # fastcgi_read_timeout should match max_execution_time in php.ini
    53          fastcgi_read_timeout 10m;
    54          fastcgi_param SERVER_NAME $host;
    55          fastcgi_param HTTPS $fcgi_https;
    56      }
    57  
    58      # Expire rules for static content
    59      # Media: images, icons, video, audio, HTC
    60      location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|webp|htc)$ {
    61          expires 1M;
    62          access_log off;
    63          add_header Cache-Control "public";
    64      }
    65  
    66      # Prevent clients from accessing hidden files (starting with a dot)
    67      # This is particularly important if you store .htpasswd files in the site hierarchy
    68      # Access to `/.well-known/` is allowed.
    69      # https://www.mnot.net/blog/2010/04/07/well-known
    70      # https://tools.ietf.org/html/rfc5785
    71      location ~* /\.(?!well-known\/) {
    72          deny all;
    73      }
    74  
    75      # Prevent clients from accessing to backup/config/source files
    76      location ~* (?:\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ {
    77          deny all;
    78      }
    79  
    80      include /etc/nginx/common.d/*.conf;
    81      include /mnt/ddev_config/nginx/*.conf;
    82  }