Skip to content

Commit

Permalink
Update nginx-site.conf in TestConfigOverrideDetection
Browse files Browse the repository at this point in the history
  • Loading branch information
@rfay
rfay committed May 2, 2019
1 parent d436c44 commit f204597
Showing 1 changed file with 18 additions and 98 deletions.
116 changes: 18 additions & 98 deletions pkg/ddevapp/testdata/TestConfigOverrideDetection/.ddev/nginx-site.conf
View file
Expand Up @@ -11,113 +11,33 @@ map $http_x_forwarded_proto $fcgi_https {
}

server {
listen 80; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
listen 80;
listen [::]:80 default ipv6only=on;

# The WEBSERVER_DOCROOT variable is substituted with
# its value when the container is started.
root $WEBSERVER_DOCROOT;
index index.php index.htm index.html;

# Make site accessible from http://localhost/
server_name _;

# Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html
sendfile off;
error_log /dev/stdout info;
access_log /var/log/nginx/access.log;

location / {
absolute_redirect off;
try_files $uri $uri/ /index.php?q=$uri&$args;
}

location @rewrite {
# For D7 and above:
# Clean URLs are handled in drupal_environment_initialize().
rewrite ^ /index.php;
}

# Handle image styles for Drupal 7+
location ~ ^/sites/.*/files/styles/ {
try_files $uri @rewrite;
}

# pass the PHP scripts to FastCGI server listening on socket
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php-fpm.sock;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_index index.php;
include fastcgi_params;
intercept_errors off;;
# fastcgi_read_timeout should match max_execution_time in php.ini
fastcgi_read_timeout 10m;
fastcgi_param SERVER_NAME $host;
fastcgi_param HTTPS $fcgi_https;
}

# Expire rules for static content
# Feed
location ~* \.(?:rss|atom)$ {
expires 1h;
}
include /etc/nginx/monitoring.conf;

# Media: images, icons, video, audio, HTC
location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
expires 1M;
access_log off;
add_header Cache-Control "public";
}

# Prevent clients from accessing hidden files (starting with a dot)
# This is particularly important if you store .htpasswd files in the site hierarchy
# Access to `/.well-known/` is allowed.
# https://www.mnot.net/blog/2010/04/07/well-known
# https://tools.ietf.org/html/rfc5785
location ~* /\.(?!well-known\/) {
deny all;
}
include /etc/nginx/nginx_default.conf;
include /mnt/ddev_config/nginx/*.conf;
}

# Prevent clients from accessing to backup/config/source files
location ~* (?:\.(?:bak|conf|dist|fla|in[ci]|log|psd|sh|sql|sw[op])|~)$ {
deny all;
}

## Regular private file serving (i.e. handled by Drupal).
location ^~ /system/files/ {
## For not signaling a 404 in the error log whenever the
## system/files directory is accessed add the line below.
## Note that the 404 is the intended behavior.
log_not_found off;
access_log off;
expires 30d;
try_files $uri @rewrite;
}
server {
listen 443 ssl;
listen [::]:443 default ipv6only=on;

## provide a health check endpoint
location /healthcheck {
access_log off;
stub_status on;
keepalive_timeout 0; # Disable HTTP keepalive
return 200;
}
# The WEBSERVER_DOCROOT variable is substituted with
# its value when the container is started.
root $WEBSERVER_DOCROOT;

location ~ ^/(phpstatus|ping)$ {
access_log off;
stub_status on;
keepalive_timeout 0; # Disable HTTP keepalive
allow 127.0.0.1;
allow all;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_pass unix:/run/php-fpm.sock;
}
ssl_certificate /etc/ssl/certs/master.crt;
ssl_certificate_key /etc/ssl/certs/master.key;

include /etc/nginx/monitoring.conf;

include /etc/nginx/nginx_default.conf;
include /mnt/ddev_config/nginx/*.conf;
}

0 comments on commit f204597

Please sign in to comment.