sirtimbly/bendtstudio0-static
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

update nginx

Browse Source
This commit is contained in:
Tim Bendt
2025-11-28 23:07:40 -05:00
parent d9ea9532eb
commit f1b15699d0
1 changed files with 143 additions and 107 deletions
Download Patch File Download Diff File Expand all files Collapse all files

250
nginx.conf
View File

@@ -1,127 +1,163 @@
upstream php { # upstream php {
server unix:/var/run/php/php8.3-fpm.sock; # server unix:/var/run/php/php8.3-fpm.sock;
# }
worker_processes 5;
daemon off;
worker_rlimit_nofile 8192;
events {
worker_connections 4096; # Default: 1024
} }
server { http {
listen 8080; include $!{nginx}/conf/mime.types;
root /var/www/html; index index.html index.htm index.php;
index index.php index.html;
# Block access to hidden files and directories default_type application/octet-stream;
location ~ /\. { log_format main '$remote_addr - $remote_user [$time_local] $status '
deny all; '"$request" $body_bytes_sent "$http_referer" '
} '"$http_user_agent" "$http_x_forwarded_for"';
access_log /dev/stdout;
error_log /dev/stdout;
sendfile on;
tcp_nopush on;
server_names_hash_bucket_size 128; # this seems to be required for some vhosts
# Static files for root directory server {
location / { listen ${PORT};
try_files $uri $uri/ =404; listen [::]:${PORT};
server_name localhost;
# Expires headers for static assets $if(NIXPACKS_PHP_ROOT_DIR) (
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot|bmp|webp|cur)$ { root ${NIXPACKS_PHP_ROOT_DIR};
) else (
root /app;
)
# Block access to hidden files and directories
location ~ /\. {
deny all;
}
add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
# Static files for root directory
location / {
try_files $uri $uri/ =404;
# Expires headers for static assets
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot|bmp|webp|cur)$ {
expires 1y;
add_header Cache-Control "public, immutable";
}
# No cache for HTML
location ~* \.(html)$ {
expires 0;
add_header Cache-Control "no-cache";
}
# No cache for data interchange
location ~* \.(json|xml|jsonld|rdf|rss|atom|geojson|topojson|vtt|webmanifest|appcache)$ {
expires 0;
add_header Cache-Control "no-cache";
}
# No cache for PDFs
location ~* \.(pdf)$ {
expires 0;
add_header Cache-Control "no-cache";
}
# 1 hour for web feeds
location ~* \.(rss|atom)$ {
expires 1h;
add_header Cache-Control "public";
}
}
# Static assets for pancake/third_party
location /pancake/third_party {
alias /var/www/html/pancake/third_party;
expires 1y; expires 1y;
add_header Cache-Control "public, immutable"; add_header Cache-Control "public, immutable";
# MIME types
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot|bmp|webp|cur|flv|mp4|ogv|webm|swf)$ {
expires 1y;
add_header Cache-Control "public, immutable";
}
} }
# No cache for HTML # PHP application for /pancake
location ~* \.(html)$ { location /pancake {
expires 0; try_files $uri $uri/ /pancake/index.php?$query_string;
add_header Cache-Control "no-cache";
} }
# No cache for data interchange # Handle PHP files
location ~* \.(json|xml|jsonld|rdf|rss|atom|geojson|topojson|vtt|webmanifest|appcache)$ {
expires 0; location ~ \.php$ {
add_header Cache-Control "no-cache"; fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include $!{nginx}/conf/fastcgi_params;
include $!{nginx}/conf/fastcgi.conf;
} }
# No cache for PDFs # Gzip compression
location ~* \.(pdf)$ { gzip on;
expires 0; gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/x-javascript application/atom+xml application/rss+xml application/ld+json application/manifest+json application/vnd.geo+json font/opentype image/svg+xml;
add_header Cache-Control "no-cache";
}
# 1 hour for web feeds # Security headers
location ~* \.(rss|atom)$ { add_header X-Content-Type-Options nosniff;
expires 1h; add_header X-UA-Compatible "IE=edge";
add_header Cache-Control "public";
}
}
# Static assets for pancake/third_party # UTF-8 encoding
location /pancake/third_party { charset utf-8;
alias /var/www/html/pancake/third_party;
expires 1y;
add_header Cache-Control "public, immutable";
# MIME types # MIME types
location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot|bmp|webp|cur|flv|mp4|ogv|webm|swf)$ { types {
expires 1y; application/atom+xml atom;
add_header Cache-Control "public, immutable"; application/json json map topojson;
application/ld+json jsonld;
application/rss+xml rss;
application/vnd.geo+json geojson;
application/xml rdf xml;
application/javascript js;
application/manifest+json webmanifest;
application/x-web-app-manifest+json webapp;
text/cache-manifest appcache;
audio/mp4 f4a f4b m4a;
audio/ogg oga ogg opus;
image/bmp bmp;
image/svg+xml svg svgz;
image/webp webp;
video/mp4 f4v f4p m4v mp4;
video/ogg ogv;
video/webm webm;
video/x-flv flv;
image/x-icon cur ico;
application/font-woff woff;
application/font-woff2 woff2;
application/vnd.ms-fontobject eot;
application/x-font-ttf ttc ttf;
font/opentype otf;
application/octet-stream safariextz;
application/x-bb-appworld bbaw;
application/x-chrome-extension crx;
application/x-opera-extension oex;
application/x-xpinstall xpi;
text/vcard vcard vcf;
text/vnd.rim.location.xloc xloc;
text/vtt vtt;
text/x-component htc;
} }
# Error pages
error_page 404 /404.html;
} }
# PHP application for /pancake
location /pancake {
try_files $uri $uri/ /pancake/index.php?$query_string;
}
# Handle PHP files
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS off;
}
# Gzip compression
gzip on;
gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript application/x-javascript application/atom+xml application/rss+xml application/ld+json application/manifest+json application/vnd.geo+json font/opentype image/svg+xml;
# Security headers
add_header X-Content-Type-Options nosniff;
add_header X-UA-Compatible "IE=edge";
# UTF-8 encoding
charset utf-8;
# MIME types
types {
application/atom+xml atom;
application/json json map topojson;
application/ld+json jsonld;
application/rss+xml rss;
application/vnd.geo+json geojson;
application/xml rdf xml;
application/javascript js;
application/manifest+json webmanifest;
application/x-web-app-manifest+json webapp;
text/cache-manifest appcache;
audio/mp4 f4a f4b m4a;
audio/ogg oga ogg opus;
image/bmp bmp;
image/svg+xml svg svgz;
image/webp webp;
video/mp4 f4v f4p m4v mp4;
video/ogg ogv;
video/webm webm;
video/x-flv flv;
image/x-icon cur ico;
application/font-woff woff;
application/font-woff2 woff2;
application/vnd.ms-fontobject eot;
application/x-font-ttf ttc ttf;
font/opentype otf;
application/octet-stream safariextz;
application/x-bb-appworld bbaw;
application/x-chrome-extension crx;
application/x-opera-extension oex;
application/x-xpinstall xpi;
text/vcard vcard vcf;
text/vnd.rim.location.xloc xloc;
text/vtt vtt;
text/x-component htc;
}
# Error pages
error_page 404 /404.html;
} }