github.com/localhostbase/localhostdev@v1.4.1/pkg/ddevapp/testdata/.ddev/nginx-site.conf (about) 1 # ddev default config 2 3 # You can override ddev's configuration by placing an edited copy 4 # of this config (or one of the other ones) in .ddev/nginx-site.conf 5 # See https://ddev.readthedocs.io/en/stable/users/extend/customization-extendibility/#providing-custom-nginx-configuration 6 7 # Set https to 'on' if x-forwarded-proto is https 8 map $http_x_forwarded_proto $fcgi_https { 9 default off; 10 https on; 11 } 12 13 server { 14 listen 80; ## listen for ipv4; this line is default and implied 15 listen [::]:80 default ipv6only=on; ## listen for ipv6 16 # The WEBSERVER_DOCROOT variable is substituted with 17 # its value when the container is started. 18 root $WEBSERVER_DOCROOT; 19 index index.php index.htm index.html; 20 21 # Make site accessible from http://localhost/ 22 server_name _; 23 24 # Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html 25 sendfile off; 26 error_log /var/log/nginx/error.log info; 27 access_log /var/log/nginx/error.log; 28 29 location / { 30 try_files $uri $uri/ /index.php?q=$uri&$args; 31 } 32 33 location @rewrite { 34 # For D7 and above: 35 # Clean URLs are handled in drupal_environment_initialize(). 36 rewrite ^ /index.php; 37 } 38 39 # Handle image styles for Drupal 7+ 40 location ~ ^/sites/.*/files/styles/ { 41 try_files $uri @rewrite; 42 } 43 44 # pass the PHP scripts to FastCGI server listening on socket 45 location ~ \.php$ { 46 try_files $uri =404; 47 fastcgi_split_path_info ^(.+\.php)(/.+)$; 48 fastcgi_pass unix:/run/php-fpm.sock; 49 fastcgi_buffers 16 16k; 50 fastcgi_buffer_size 32k; 51 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 52 fastcgi_param SCRIPT_NAME $fastcgi_script_name; 53 fastcgi_index index.php; 54 include fastcgi_params; 55 fastcgi_intercept_errors on; 56 # fastcgi_read_timeout should match max_execution_time in php.ini 57 fastcgi_read_timeout 360; 58 fastcgi_param SERVER_NAME $host; 59 fastcgi_param HTTPS $fcgi_https; 60 } 61 62 # Expire rules for static content 63 # Feed 64 location ~* \.(?:rss|atom)$ { 65 expires 1h; 66 } 67 68 # Media: images, icons, video, audio, HTC 69 location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ { 70 expires 1M; 71 access_log off; 72 add_header Cache-Control "public"; 73 } 74 75 # Prevent clients from accessing hidden files (starting with a dot) 76 # This is particularly important if you store .htpasswd files in the site hierarchy 77 # Access to `/.well-known/` is allowed. 78 # https://www.mnot.net/blog/2010/04/07/well-known 79 # https://tools.ietf.org/html/rfc5785 80 location ~* /\.(?!well-known\/) { 81 deny all; 82 } 83 84 # Prevent clients from accessing to backup/config/source files 85 location ~* (?:\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ { 86 deny all; 87 } 88 89 ## Regular private file serving (i.e. handled by Drupal). 90 location ^~ /system/files/ { 91 ## For not signaling a 404 in the error log whenever the 92 ## system/files directory is accessed add the line below. 93 ## Note that the 404 is the intended behavior. 94 log_not_found off; 95 access_log off; 96 expires 30d; 97 try_files $uri @rewrite; 98 } 99 100 ## provide a health check endpoint 101 location /healthcheck { 102 access_log off; 103 stub_status on; 104 keepalive_timeout 0; # Disable HTTP keepalive 105 return 200; 106 } 107 108 error_page 400 401 /40x.html; 109 location = /40x.html { 110 root /usr/share/nginx/html; 111 } 112 113 location ~ ^/(phpstatus|ping)$ { 114 access_log off; 115 allow 127.0.0.1; 116 allow all; 117 fastcgi_index index.php; 118 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 119 include fastcgi_params; 120 fastcgi_pass unix:/run/php-fpm.sock; 121 } 122 123 124 } 125