Skip to content

Instantly share code, notes, and snippets.

@huiyonghkw
Last active October 10, 2019 03:03
Show Gist options
  • Save huiyonghkw/9a566c8023f4f9e9e1272970c7a10791 to your computer and use it in GitHub Desktop.
Save huiyonghkw/9a566c8023f4f9e9e1272970c7a10791 to your computer and use it in GitHub Desktop.
Nginx Default Conf
server {
listen 80;
server_name localhost;
root /var/www/localhost;
index index.html index.htm index.php;
access_log /var/log/nginx/log/localhost.access.log main;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
location ~ \.php$ {
fastcgi_pass 127.0.0.1:9000;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
{
expires 1d;
}
location ~ .*\.(js|css)?$
{
expires 2h;
}
location ~ /.well-known {
allow all;
}
location ~ /\.
{
deny all;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
@huiyonghkw
Copy link
Author

huiyonghkw commented Aug 28, 2019

local.lingyang.tech.conf

server {

    listen 80;
    listen [::]:80;

    server_name local.lingyang.tech;
    rewrite ^(.*)$  https://$host$1 permanent;
    
    root /var/www/local.lingyang.tech/public;
    index index.php index.html index.htm;

    location / {
         try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        try_files $uri /index.php =404;
        fastcgi_pass php-upstream;
        fastcgi_index index.php;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        #fixes timeouts
        fastcgi_read_timeout 600;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }

    location /.well-known/acme-challenge/ {
        root /var/www/letsencrypt/;
        log_not_found off;
    }

    #error_log /var/log/nginx/local.lingyang.tech_error.log;
    #access_log /var/log/nginx/local.lingyang.tech_access.log;
}

ssl.local.lingyang.tech.conf

server {

    #listen 80;
    #listen [::]:80;

    # For https
    listen 443 ssl;
    #listen [::]:443 ssl ipv6only=on;
    ssl_certificate /etc/nginx/ssl/2727688_local.lingyang.tech.pem;
    ssl_certificate_key /etc/nginx/ssl/2727688_local.lingyang.tech.key;
    ssl_session_timeout 5m;
    ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE:ECDH:AES:HIGH:!NULL:!aNULL:!MD5:!ADH:!RC4;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_prefer_server_ciphers on;

    server_name local.lingyang.tech;
    root /var/www/local.lingyang.tech/public;
    index index.php index.html index.htm;

    location / {
         try_files $uri $uri/ /index.php$is_args$args;
    }

    location ~ \.php$ {
        try_files $uri /index.php =404;
        fastcgi_pass php-upstream;
        fastcgi_index index.php;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        #fixes timeouts
        fastcgi_read_timeout 600;
        include fastcgi_params;
    }

    location ~ /\.ht {
        deny all;
    }

    location /.well-known/acme-challenge/ {
        root /var/www/letsencrypt/;
        log_not_found off;
    }

    #error_log /var/log/nginx/local.lingyang.tech_error.log;
    #access_log /var/log/nginx/local.lingyang.tech_access.log;
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment