Created
September 29, 2020 11:38
-
-
Save Lunberg88/89626301b6775b9df845e3b378ccd063 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
# FORGE CONFIG (DO NOT REMOVE!) | |
include forge-conf/api.brownbook.org/before/*; | |
fastcgi_cache_path /usr/local/etc/nginx/cache levels=1:2 keys_zone=FASTCACHE:100m inactive=60m; # use real nginx cache folder path... | |
fastcgi_cache_key "$scheme$request_method$host$request_uri"; | |
add_header X-Cache-Status $upstream_cache_status; | |
add_header X-Cache $upstream_cache_status; | |
server { | |
listen 443 ssl http2; | |
listen [::]:443 ssl http2; | |
server_name api.brownbook.org; | |
server_tokens off; | |
root /home/forge/default/public; | |
# FORGE SSL (DO NOT REMOVE!) | |
ssl_certificate /etc/nginx/ssl/api.brownbook.org/839845/server.crt; | |
ssl_certificate_key /etc/nginx/ssl/api.brownbook.org/839845/server.key; | |
ssl_protocols TLSv1.2; | |
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES2> | |
ssl_prefer_server_ciphers on; | |
ssl_dhparam /etc/nginx/dhparams.pem; | |
add_header X-Frame-Options "SAMEORIGIN"; | |
add_header X-XSS-Protection "1; mode=block"; | |
add_header X-Content-Type-Options "nosniff"; | |
add_header Access-Control-Allow-Headers "Authorization"; | |
index index.html index.htm index.php; | |
charset utf-8; | |
# FORGE CONFIG (DO NOT REMOVE!) | |
include forge-conf/api.brownbook.org/server/*; | |
location / { | |
try_files $uri $uri/ /index.php?$query_string; | |
} | |
location = /favicon.ico { access_log off; log_not_found off; } | |
location = /robots.txt { access_log off; log_not_found off; } | |
access_log off; | |
error_log /var/log/nginx/api.brownbook.org-error.log error; | |
error_page 404 /index.php; | |
location ~ \.php$ { | |
include fastcgi.conf; | |
fastcgi_split_path_info ^(.+\.php)(/.+)$; | |
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock; | |
fastcgi_index index.php; | |
include fastcgi_params; | |
set $no_cache 0; | |
if ($request_uri ~* "api/v1/") | |
{ | |
set $no_cache 1; | |
} | |
if ($http_authorization ~* 'Bearer ') | |
{ | |
set $no_cache 0; | |
} | |
## | |
fastcgi_cache FASTCACHE; | |
fastcgi_cache_valid 200 201 301 302 60m; | |
## | |
fastcgi_cache_bypass $no_cache; | |
fastcgi_no_cache $no_cache; | |
fastcgi_cache_revalidate on; | |
fastcgi_cache_lock on; | |
fastcgi_cache_min_uses 1; | |
} | |
location ~ /\.(?!well-known).* { | |
deny all; | |
} | |
} | |
# FORGE CONFIG (DO NOT REMOVE!) | |
include forge-conf/api.brownbook.org/after/*; | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment