fiko/Magento2 VHOST

## Magento2 VHOST
server {
    listen 80;
    {{ssl_listener}}
    server_name local.replace.me;
    {{ssl_certificate}}
    {{ssl_certificate_key}}
    ssl_session_cache builtin:1000 shared:SSL:10m;
    ssl_session_timeout  10m;
    ssl_protocols TLSv1.1 TLSv1.2;
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128:AES256:AES:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK';
    ssl_prefer_server_ciphers on;
    ssl_stapling on;
    ssl_stapling_verify on;
    client_max_body_size 50m;
    root {{root}};

    {{nginx_access_log}}
    {{nginx_error_log}}

    location ~ (^/(app/)|/\.+) {
      deny all;
    }

    location ~ (/(/|pkginfo/|var/|report/config.xml)|/\.+) {
      deny all;
    }

    location /setup/ {
      try_files $uri $uri/ /setup/index.php?$args;
    }

    location /pub/static/ {
      location ~ ^/pub/static/version {
        rewrite ^/pub/static/(version\d*/)?(.*)$ /pub/static/$2 last;
      }
      location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2|html|xml)$ {
        add_header Access-Control-Allow-Origin "*";
        expires max;
        access_log off;
        if (!-f $request_filename) {
            rewrite ^/pub/static/(version\d*/)?(.*)$ /pub/static.php?resource=$2 last;
            rewrite ^/pub/static/(.*)$ /pub/static.php?resource=$1 last;
        }
      }
    }

    try_files $uri $uri/ /index.php?$args;
    index index.php index.html index.htm;

    location ~ \.php$ {
       include fastcgi_params;
       fastcgi_intercept_errors on;
       fastcgi_index index.php;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       try_files $uri =404;
       fastcgi_pass 127.0.0.1:9000;
       fastcgi_read_timeout 3600;
       fastcgi_send_timeout 3600;
       fastcgi_param HTTPS $fastcgi_https;
       fastcgi_param SERVER_PORT 80;
       fastcgi_param PHP_VALUE "
         error_log={{php_error_log}};
         memory_limit=768M;
         max_execution_time=360;";
       #fastcgi_param MAGE_MODE "production";
    }

    gzip                on;
    gzip_disable        "msie6";
    gzip_vary           on;
    gzip_proxied        any;
    gzip_comp_level     8;
    gzip_buffers        16 8k;
    gzip_http_version   1.1;
    gzip_types          text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/png image/gif image/jpeg;

    location ~* ^.+\.(css|js|jpg|jpeg|gif|png|ico|gz|svg|svgz|ttf|otf|woff|eot|mp4|ogg|ogv|webm|zip|swf)$ {
      add_header Access-Control-Allow-Origin "*";
      expires max;
      access_log off;
    }

    if (-f $request_filename) {
      break;
    }
}
	server {
	listen 80;
	{{ssl_listener}}
	server_name local.replace.me;
	{{ssl_certificate}}
	{{ssl_certificate_key}}
	ssl_session_cache builtin:1000 shared:SSL:10m;
	ssl_session_timeout 10m;
	ssl_protocols TLSv1.1 TLSv1.2;
	ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128:AES256:AES:DES-CBC3-SHA:HIGH:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK';
	ssl_prefer_server_ciphers on;
	ssl_stapling on;
	ssl_stapling_verify on;
	client_max_body_size 50m;
	root {{root}};

	{{nginx_access_log}}
	{{nginx_error_log}}

	location ~ (^/(app/)\|/\.+) {
	deny all;
	}

	location ~ (/(/\|pkginfo/\|var/\|report/config.xml)\|/\.+) {
	deny all;
	}

	location /setup/ {
	try_files $uri $uri/ /setup/index.php?$args;
	}

	location /pub/static/ {
	location ~ ^/pub/static/version {
	rewrite ^/pub/static/(version\d/)?(.)$ /pub/static/$2 last;
	}
	location ~* \.(ico\|jpg\|jpeg\|png\|gif\|svg\|js\|css\|swf\|eot\|ttf\|otf\|woff\|woff2\|html\|xml)$ {
	add_header Access-Control-Allow-Origin "*";
	expires max;
	access_log off;
	if (!-f $request_filename) {
	rewrite ^/pub/static/(version\d/)?(.)$ /pub/static.php?resource=$2 last;
	rewrite ^/pub/static/(.*)$ /pub/static.php?resource=$1 last;
	}
	}
	}

	try_files $uri $uri/ /index.php?$args;
	index index.php index.html index.htm;

	location ~ \.php$ {
	include fastcgi_params;
	fastcgi_intercept_errors on;
	fastcgi_index index.php;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	try_files $uri =404;
	fastcgi_pass 127.0.0.1:9000;
	fastcgi_read_timeout 3600;
	fastcgi_send_timeout 3600;
	fastcgi_param HTTPS $fastcgi_https;
	fastcgi_param SERVER_PORT 80;
	fastcgi_param PHP_VALUE "
	error_log={{php_error_log}};
	memory_limit=768M;
	max_execution_time=360;";
	#fastcgi_param MAGE_MODE "production";
	}

	gzip on;
	gzip_disable "msie6";
	gzip_vary on;
	gzip_proxied any;
	gzip_comp_level 8;
	gzip_buffers 16 8k;
	gzip_http_version 1.1;
	gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript image/png image/gif image/jpeg;

	location ~* ^.+\.(css\|js\|jpg\|jpeg\|gif\|png\|ico\|gz\|svg\|svgz\|ttf\|otf\|woff\|eot\|mp4\|ogg\|ogv\|webm\|zip\|swf)$ {
	add_header Access-Control-Allow-Origin "*";
	expires max;
	access_log off;
	}

	if (-f $request_filename) {
	break;
	}
	}