Created
May 11, 2013 04:00
-
-
Save facelordgists/5558841 to your computer and use it in GitHub Desktop.
SERVER: Plesk nginx expires headers config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
<?php | |
/** | |
* @var Template_VariableAccessor $VAR | |
* @var array $OPT | |
* Stored in /usr/local/psa/admin/conf/templates/custom/domain/ | |
*/ | |
?> | |
server { | |
listen <?php echo $OPT['ipAddress']->escapedAddress . ':' . $OPT['frontendPort'] . ($OPT['defaultIp'] ? ' default_server' : '') . ($OPT['ssl'] ? ' ssl' : '') ?>; | |
server_name <?php echo $VAR->domain->asciiName ?>; | |
<?php if ($VAR->domain->isWildcard): ?> | |
server_name <?php echo $VAR->domain->wildcardName ?>; | |
<?php else: ?> | |
server_name www.<?php echo $VAR->domain->asciiName ?>; | |
<?php if ($OPT['ipAddress']->isIpV6()): ?> | |
server_name ipv6.<?php echo $VAR->domain->asciiName ?>; | |
<?php else: ?> | |
server_name ipv4.<?php echo $VAR->domain->asciiName ?>; | |
<?php endif ?> | |
<?php endif ?> | |
<?php if ($VAR->domain->webAliases): ?> | |
# aliases | |
<?php foreach ($VAR->domain->webAliases as $alias): ?> | |
server_name <?php echo $alias->asciiName ?>; | |
server_name www.<?php echo $alias->asciiName ?>; | |
<?php endforeach ?> | |
<?php endif ?> | |
<?php if ($VAR->domain->previewDomainName): ?> | |
# preview domain name | |
server_name "<?php echo $VAR->domain->previewDomainName ?>"; | |
<?php endif ?> | |
<?php if ($OPT['ssl']): ?> | |
<?php $sslCertificate = $VAR->server->sni && $VAR->domain->physicalHosting->sslCertificate ? | |
$VAR->domain->physicalHosting->sslCertificate : | |
$OPT['ipAddress']->sslCertificate; ?> | |
<?php if ($sslCertificate->ce): ?> | |
ssl_certificate <?php echo $sslCertificate->ceFilePath ?>; | |
ssl_certificate_key <?php echo $sslCertificate->ceFilePath ?>; | |
<?php if ($sslCertificate->ca): ?> | |
ssl_client_certificate <?php echo $sslCertificate->caFilePath ?>; | |
<?php endif ?> | |
ssl_session_timeout 5m; | |
ssl_protocols SSLv2 SSLv3 TLSv1; | |
ssl_ciphers HIGH:!aNULL:!MD5; | |
ssl_prefer_server_ciphers on; | |
<?php endif ?> | |
<?php endif ?> | |
client_max_body_size 128m; | |
location / { # IPv6 isn't supported in proxy_pass yet. | |
<?php if ($OPT['ssl']): ?> | |
proxy_pass https://<?php echo ($OPT['ipAddress']->isIpV6() ? '127.0.0.1': $OPT['ipAddress']->escapedAddress) ?>:<?php echo $OPT['backendPort'] ?>; | |
<?php else: ?> | |
proxy_pass http://<?php echo ($OPT['ipAddress']->isIpV6() ? '127.0.0.1': $OPT['ipAddress']->escapedAddress) ?>:<?php echo $OPT['backendPort'] ?>; | |
<?php endif ?> | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
proxy_set_header X-Accel-Internal /internal-nginx-static-location; | |
access_log off; | |
if ($request_uri ~* ".(png|ico)\?[0-9]+$") { | |
expires 30d; | |
access_log off; | |
add_header Cache-Control "public"; | |
break; | |
} | |
} | |
location /internal-nginx-static-location/ { | |
alias <?php echo $OPT['documentRoot'] ?>/; | |
access_log <?php echo $VAR->domain->physicalHosting->logsDir . '/' . ($OPT['ssl'] ? 'proxy_access_ssl_log' : 'proxy_access_log') ?>; | |
add_header X-Powered-By PleskLin; | |
expires 1M; | |
access_log off; | |
add_header Cache-Control "public"; | |
internal; | |
} | |
} | |
server { | |
listen <?php echo $OPT['ipAddress']->escapedAddress . ':' . $OPT['frontendPort'] . ($OPT['ssl'] ? ' ssl' : '') ?>; | |
server_name webmail.<?php echo $VAR->domain->asciiName ?>; | |
<?php if ($VAR->domain->webAliases): ?> | |
# aliases | |
<?php foreach ($VAR->domain->webAliases as $alias): ?> | |
server_name webmail.<?php echo $alias->asciiName ?>; | |
<?php endforeach ?> | |
<?php endif ?> | |
<?php if ($OPT['ssl']): ?> | |
<?php $sslCertificate = $VAR->server->sni && $VAR->domain->physicalHosting->sslCertificate ? | |
$VAR->domain->physicalHosting->sslCertificate : | |
$OPT['ipAddress']->sslCertificate; ?> | |
<?php if ($sslCertificate->ce): ?> | |
ssl_certificate <?php echo $sslCertificate->ceFilePath ?>; | |
ssl_certificate_key <?php echo $sslCertificate->ceFilePath ?>; | |
<?php if ($sslCertificate->ca): ?> | |
ssl_client_certificate <?php echo $sslCertificate->caFilePath ?>; | |
<?php endif ?> | |
ssl_session_timeout 5m; | |
ssl_protocols SSLv2 SSLv3 TLSv1; | |
ssl_ciphers HIGH:!aNULL:!MD5; | |
ssl_prefer_server_ciphers on; | |
<?php endif ?> | |
<?php endif ?> | |
client_max_body_size 128m; | |
location / { # IPv6 isn't supported in proxy_pass yet. | |
<?php if ($OPT['ssl']): ?> | |
proxy_pass https://<?php echo ($OPT['ipAddress']->isIpV6() ? '127.0.0.1': $OPT['ipAddress']->escapedAddress) ?>:<?php echo $OPT['backendPort'] ?>; | |
<?php else: ?> | |
proxy_pass http://<?php echo ($OPT['ipAddress']->isIpV6() ? '127.0.0.1': $OPT['ipAddress']->escapedAddress) ?>:<?php echo $OPT['backendPort'] ?>; | |
<?php endif ?> | |
proxy_set_header Host $host; | |
proxy_set_header X-Real-IP $remote_addr; | |
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; | |
access_log <?php echo $VAR->domain->physicalHosting->logsDir . '/' . ($OPT['ssl'] ? 'webmail_access_ssl_log' : 'webmail_access_log') ?>; | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment