|
worker_processes 1; |
|
error_log stderr warn; |
|
pid /run/nginx.pid; |
|
user nobody; |
|
|
|
events { |
|
worker_connections 1024; |
|
} |
|
|
|
http { |
|
include mime.types; |
|
default_type application/octet-stream; |
|
|
|
# Define custom log format to include reponse times |
|
log_format main_timed '$remote_addr - $remote_user [$time_local] "$request" ' |
|
'$status $body_bytes_sent "$http_referer" ' |
|
'"$http_user_agent" "$http_x_forwarded_for" ' |
|
'$request_time $upstream_response_time $pipe $upstream_cache_status'; |
|
|
|
access_log /dev/stdout main_timed; |
|
error_log /dev/stderr notice; |
|
|
|
keepalive_timeout 65; |
|
|
|
server_tokens off; |
|
|
|
# Write temporary files to /tmp so they can be created as a non-privileged user |
|
client_body_temp_path /tmp/client_temp; |
|
proxy_temp_path /tmp/proxy_temp_path; |
|
fastcgi_temp_path /tmp/fastcgi_temp; |
|
uwsgi_temp_path /tmp/uwsgi_temp; |
|
scgi_temp_path /tmp/scgi_temp; |
|
|
|
server{ |
|
# Docker 内部的地址,无关紧要 |
|
listen 10120; |
|
server_name _; |
|
|
|
root /var/www/html; |
|
index index.php index.html /_h5ai/public/index.php; |
|
|
|
# _h5ai/private 文件夹下的内容是不可直接访问的,设置屏蔽 |
|
location ~ _h5ai/private { |
|
deny all; |
|
} |
|
|
|
# 根目录是私有目录,使用 basic auth 进行认证,只有我(超极致的小 C)自己可以访问 |
|
location / { |
|
auth_basic "easy h5ai. For visitors, please refer to public directory at `/Public!`"; |
|
auth_basic_user_file /etc/nginx/conf.d/htpasswd; |
|
} |
|
|
|
# Public 目录是公开的,任何人都可以访问,便于我给大家分享文件 |
|
location /Public { |
|
allow all; |
|
index /Public/_h5ai/public/index.php; |
|
} |
|
|
|
# PHP 的 fastcgi 配置,将请求转发给 php-fpm |
|
location ~ \.php$ { |
|
fastcgi_pass 127.0.0.1:9000; |
|
fastcgi_index index.php; |
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; |
|
include fastcgi_params; |
|
} |
|
|
|
location ~ /\. { |
|
log_not_found off; |
|
deny all; |
|
} |
|
} |
|
|
|
gzip on; |
|
gzip_proxied any; |
|
gzip_types text/plain application/xml text/css text/js text/xml application/x-javascript text/javascript application/json application/xml+rss; |
|
gzip_vary on; |
|
gzip_disable "msie6"; |
|
|
|
# Include other server configs |
|
include /etc/nginx/conf.d/*.conf; |
|
} |