ISPConfig3 devel
blame | history | patch | commit | commitdiff | ignore whitespace
Marius Burkard
2016-07-10 e1ceb050e19c7574bca146a8da7047ee4ff456b5 
 server/conf/nginx_vhost.conf.master


@@ -1,13 +1,14 @@


server {


        listen <tmpl_var name='ip_address'>:80;


        listen <tmpl_var name='ip_address'>:<tmpl_var name='http_port'>;


<tmpl_if name='ipv6_enabled'>


        listen [<tmpl_var name='ipv6_address'>]:80;


        listen [<tmpl_var name='ipv6_address'>]:<tmpl_var name='http_port'>;


</tmpl_if>


      


<tmpl_if name='ssl_enabled'>


        listen <tmpl_var name='ip_address'>:443 ssl;


        listen <tmpl_var name='ip_address'>:<tmpl_var name='https_port'> ssl{tmpl_if name='enable_http2' op='==' value='y'} http2{/tmpl_if}{tmpl_if name='enable_spdy' op='==' value='y'} spdy{/tmpl_if};


      ssl_protocols TLSv1 TLSv1.1 TLSv1.2;


<tmpl_if name='ipv6_enabled'>


        listen [<tmpl_var name='ipv6_address'>]:443 ssl;


        listen [<tmpl_var name='ipv6_address'>]:<tmpl_var name='https_port'> ssl{tmpl_if name='enable_http2' op='==' value='y'} http2{/tmpl_if}{tmpl_if name='enable_spdy' op='==' value='y'} spdy{/tmpl_if};


</tmpl_if>


        ssl_certificate <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.crt;


        ssl_certificate_key <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.key;


@@ -32,6 +33,13 @@


            rewrite ^<tmpl_var name='local_redirect_exclude'>(.*)$ <tmpl_var name='local_redirect_target'>$2 <tmpl_var name='local_redirect_type'>;


        }


</tmpl_loop>


<tmpl_if name='ssl_enabled'>


<tmpl_if name='rewrite_to_https' op='==' value='y'>


        if ($scheme != "https") {


            rewrite ^ https://$http_host$request_uri? permanent;


        }


</tmpl_if>


</tmpl_if>




<tmpl_loop name="own_redirects">


<tmpl_if name='use_rewrite'>


@@ -104,7 +112,7 @@


        access_log /var/log/ispconfig/httpd/<tmpl_var name='domain'>/access.log combined;




        ## Disable .htaccess and other hidden files


        location ~ /\. {


        location ~ /\.(?!well-known/acme-challenge/) {


            deny all;


            access_log off;


            log_not_found off;


@@ -152,9 +160,38 @@


            fastcgi_intercept_errors on;


        }


</tmpl_else>


   <tmpl_if name='php' op='==' value='hhvm'>


         location @php {


            try_files $uri =404;


            include /etc/nginx/fastcgi_params;


            fastcgi_pass unix:/var/run/hhvm/hhvm.<tmpl_var name='system_user'>.sock;


            fastcgi_index index.php;


            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;


            #fastcgi_param PATH_INFO $fastcgi_script_name;


            fastcgi_intercept_errors on;


            error_page 500 501 502 503 = @phpfallback;


         }


			


         location @phpfallback {


            try_files $uri =404;


            include /etc/nginx/fastcgi_params;


<tmpl_if name='use_tcp'>


            fastcgi_pass 127.0.0.1:<tmpl_var name='fpm_port'>;


</tmpl_if>


<tmpl_if name='use_socket'>


            fastcgi_pass unix:<tmpl_var name='fpm_socket'>;


</tmpl_if>


            fastcgi_index index.php;


            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;


            #fastcgi_param PATH_INFO $fastcgi_script_name;


            fastcgi_intercept_errors on;


         }


   </tmpl_else>




        location @php {


            deny all;


        }


   </tmpl_if>


</tmpl_if>


      


<tmpl_if name='cgi' op='==' value='y'>


@@ -177,6 +214,61 @@


<tmpl_loop name="nginx_directives">


        <tmpl_var name='nginx_directive'>


</tmpl_loop>




<tmpl_if name='enable_pagespeed' op='==' value='y'>


        pagespeed on;


        pagespeed FileCachePath /var/ngx_pagespeed_cache;


        <tmpl_if name='ssl_enabled'>pagespeed FetchHttps enable,allow_self_signed;</tmpl_if>






        # let's speed up PageSpeed by storing it in the super duper fast memcached


        pagespeed MemcachedThreads 1;


        pagespeed MemcachedServers "localhost:11211";




        # Filter settings


        pagespeed RewriteLevel CoreFilters;


        pagespeed EnableFilters collapse_whitespace,remove_comments;




        #  Ensure requests for pagespeed optimized resources go to the pagespeed


        #  handler and no extraneous headers get set.


        location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {


                add_header "" "";


                access_log off;


        }


        location ~ "^/ngx_pagespeed_static/" {


                access_log off;


        }


        location ~ "^/ngx_pagespeed_beacon$" {


                access_log off;


        }


        location /ngx_pagespeed_statistics {


                allow 127.0.0.1;


                deny all;


                access_log off;


        }


        location /ngx_pagespeed_global_statistics {


                allow 127.0.0.1;


                deny all;


                access_log off;


        }


        location /ngx_pagespeed_message {


                allow 127.0.0.1;


                deny all;


                access_log off;


        }


        location /pagespeed_console {


                allow 127.0.0.1;


                deny all;


                access_log off;


        }


</tmpl_if>




location ~ /\.well-known/acme-challenge/ {


      root /usr/local/ispconfig/interface/acme/;


      index index.html index.htm;


      try_files $uri =404;


}






<tmpl_loop name="basic_auth_locations">


        location <tmpl_var name='htpasswd_location'> { ##merge##


@@ -208,6 +300,13 @@


</tmpl_if>


        


        server_name <tmpl_var name='rewrite_domain'>;




location ~ /\.well-known/acme-challenge/ {


      root /usr/local/ispconfig/interface/acme/;


      index index.html index.htm;


      try_files $uri =404;


}




<tmpl_if name='alias_seo_redirects2'>


<tmpl_loop name="alias_seo_redirects2">


        if ($http_host <tmpl_var name='alias_seo_redirect_operator'> "<tmpl_var name='alias_seo_redirect_origin_domain'>") {


@@ -228,4 +327,4 @@


        }


</tmpl_if>


}


</tmpl_loop>


</tmpl_loop>