Skip to content

Instantly share code, notes, and snippets.

@goeroeku

goeroeku/chamilo.conf.md

Forked from fer-ri/block.conf
Last active March 19, 2021 03:32
Show Gist options
  • Save goeroeku/50022869d415152f9fe6d56414043e43 to your computer and use it in GitHub Desktop.
Save goeroeku/50022869d415152f9fe6d56414043e43 to your computer and use it in GitHub Desktop.
Download ZIP
Nginx Config Sites Available With Redirect Non Www To Www
Raw
chamilo.conf.md

untuk domain web chamilo

edit settingan domain.conf seperti script berikut dan jadikan komentar baris include snippets/php.conf:

location @rewrite{
    rewrite ^/courses/([^/]+)/scorm/(.*)$ /main/document/download_scorm.php?doc_url=/$2&cDir=$1 last;
    rewrite ^/courses/([^/]+)/document/(.*)$ /main/document/download.php?doc_url=/$2&cDir=$1 last;
    rewrite ^/courses/([^/]+)/work/(.*)$ /main/work/download.php?file=work/$2&cDir=$1 last;
    rewrite ^/courses/([^/]+)/upload/(.*)$ /app/courses/$1/upload/$2 last;
    try_files $uri /index.php;
    break;
  }

  location / {
    rewrite ^/courses/([^/]+)/$ /main/course_home/course_home.php?cDir=$1 last;
    rewrite ^/courses/([^/]+)/index.php$ main/course_home/course_home.php?cDir=$1 last;
    rewrite ^/main/admin/$ /main/admin/index.php last;
    try_files $uri @rewrite;
  }

  location ~ \.php$ {
    client_max_body_size 20M;
    try_files $uri /index.php$is_args$args;

    rewrite ^/certificates/$ /certificates/index.php?id=%1  last;
    rewrite ^/courses/([^/]+)/$ /main/course_home/course_home.php?cDir=$1 last;
    rewrite ^/courses/([^/]+)/index.php$ /main/course_home/course_home.php?cDir=$1 last;
    rewrite ^/session/([^/]+)/about/?$ /main/session/about.php?session_id=$1 last;
    rewrite "^/badge/(\d{1,})/user/(\d{1,})$" main/badge/issued.php?skill=$1&user=$2 last;

    fastcgi_pass unix:/var/run/php5-fpm.sock; ## sesuaikan dengan versi php-fpm yang digunakan
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param HTTPS off;
  }

  # Serve static files directly
  location ~* \.(png|jpe?g|gif|ico)$ {
    expires 1y;
    access_log off;
    rewrite ^/courses/([^/]+)/course-pic85x85.png$ /app/courses/$1/course-pic85x85.png last;
    rewrite ^/courses/([^/]+)/course-pic.png$ /app/courses/$1/course-pic.png last;
    rewrite ^/courses/([^/]+)/scorm/(.*)$ /main/document/download_scorm.php?doc_url=/$2&cDir=$1 last;
    rewrite ^/courses/([^/]+)/document/(.*)$ /main/document/download.php?doc_url=/$2&cDir=$1 last;
    rewrite ^/courses/([^/]+)/work/(.*)$ /main/work/download.php?file=work/$2&cDir=$1 last;
    rewrite ^/courses/([^/]+)/upload/(.*)$ /app/courses/$1/upload/$2 last;
    try_files $uri @rewrite;
  }
  location ~ ~\.(ht|git){
    deny all;
  }
  location ^~ /tests/ {
    deny all;
  }
Raw
domain.conf.md

sample config for domain: /etc/nginx/sites-available/default

server {
    server_name domain.com;

    return 301 $scheme://www.domain.com$request_uri;
}

server {
    listen 80;

    root /home/nginx/domains/domain.com/public_html;

    access_log off;
    error_log /home/nginx/domains/domain.com/logs/error.log;

    # Add index.php to the list if you are using PHP
    index index.php index.html;

    server_name www.domain.com;

    include snippets/php.conf;
    include snippets/locations.conf;
}
Raw
fastcgi-php.conf.md

/etc/nginx/snippets/fastcgi-php.conf

# regex to split $uri to $fastcgi_script_name and $fastcgi_path
fastcgi_split_path_info ^(.+\.php)(/.+)$;

# Check that the PHP script exists before passing it
try_files $fastcgi_script_name =404;

# Bypass the fact that try_files resets $fastcgi_path_info
# see: http://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;

fastcgi_index index.php;
include fastcgi.conf;
Raw
locations.conf.md

/etc/nginx/snippets/locations.conf

location = /favicon.ico {
    access_log off;
    log_not_found off;
    expires max;
}

location = /robots.txt {
    # Some WordPress plugin gererate robots.txt file
    # Refer #340 issue
    try_files $uri $uri/ /index.php?$args;
    access_log off;
    log_not_found off;
}

# Cache static files
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|mp4|ttf|ttc|font.css|css|rss|atom|js|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf)$ {
    add_header "Access-Control-Allow-Origin" "*";
    access_log off;
    log_not_found off;
    expires max;
}

# Security settings for better privacy
# Deny hidden files
location ~ /\.well-known {
    allow all;
}

location ~ /\. {
    deny all;
    access_log off;
    log_not_found off;
}

# Deny backup extensions & log files
location ~* ^.+\.(bak|log|old|orig|original|php#|php~|php_bak|save|swo|swp|sql)$ {
    deny all;
    access_log off;
    log_not_found off;
}

# Return 403 forbidden for readme.(txt|html) or license.(txt|html) or example.(txt|html)
if ($uri ~* "^.+(readme|license|example)\.(txt|html)$") {
    return 403;
}
Raw
mime.typse.md

set mime type

/etc/nginx/mime.types

types {
    text/html                             html htm shtml;
    text/css                              css;
    text/xml                              xml;
    image/gif                             gif;
    image/jpeg                            jpeg jpg;
    application/javascript                js;
    application/atom+xml                  atom;
    application/rss+xml                   rss;

    text/mathml                           mml;
    text/plain                            txt;
    text/vnd.sun.j2me.app-descriptor      jad;
    text/vnd.wap.wml                      wml;
    text/x-component                      htc;

    image/png                             png;
    image/tiff                            tif tiff;
    image/vnd.wap.wbmp                    wbmp;
    image/x-icon                          ico;
    image/x-jng                           jng;
    image/x-ms-bmp                        bmp;
    image/svg+xml                         svg svgz;
    image/webp                            webp;

    application/font-woff                 woff;
    application/font-woff2           	    woff2;
    application/x-font-ttf          	    ttc ttf;
    application/x-font-otf           	    otf;
    
    application/java-archive              jar war ear;
    application/json                      json;
    application/mac-binhex40              hqx;
    application/msword                    doc;
    application/pdf                       pdf;
    application/postscript                ps eps ai;
    application/rtf                       rtf;
    application/vnd.apple.mpegurl         m3u8;
    application/vnd.ms-excel              xls;
    application/vnd.ms-fontobject         eot;
    application/vnd.ms-powerpoint         ppt;
    application/vnd.wap.wmlc              wmlc;
    application/vnd.google-earth.kml+xml  kml;
    application/vnd.google-earth.kmz      kmz;
    application/x-7z-compressed           7z;
    application/x-cocoa                   cco;
    application/x-java-archive-diff       jardiff;
    application/x-java-jnlp-file          jnlp;
    application/x-makeself                run;
    application/x-perl                    pl pm;
    application/x-pilot                   prc pdb;
    application/x-rar-compressed          rar;
    application/x-redhat-package-manager  rpm;
    application/x-sea                     sea;
    application/x-shockwave-flash         swf;
    application/x-stuffit                 sit;
    application/x-tcl                     tcl tk;
    application/x-x509-ca-cert            der pem crt;
    application/x-xpinstall               xpi;
    application/xhtml+xml                 xhtml;
    application/xspf+xml                  xspf;
    application/zip                       zip;

    application/octet-stream              bin exe dll;
    application/octet-stream              deb;
    application/octet-stream              dmg;
    application/octet-stream              iso img;
    application/octet-stream              msi msp msm;

    application/vnd.openxmlformats-officedocument.wordprocessingml.document    docx;
    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet          xlsx;
    application/vnd.openxmlformats-officedocument.presentationml.presentation  pptx;

    audio/midi                            mid midi kar;
    audio/mpeg                            mp3;
    audio/ogg                             ogg;
    audio/x-m4a                           m4a;
    audio/x-realaudio                     ra;

    video/3gpp                            3gpp 3gp;
    video/mp2t                            ts;
    video/mp4                             mp4;
    video/mpeg                            mpeg mpg;
    video/quicktime                       mov;
    video/webm                            webm;
    video/x-flv                           flv;
    video/x-m4v                           m4v;
    video/x-mng                           mng;
    video/x-ms-asf                        asx asf;
    video/x-ms-wmv                        wmv;
    video/x-msvideo                       avi;
}
Raw
nginx.conf.md

/etc/nginx/nginx.conf

user nginx;
worker_processes auto;

events {
    #worker_connections 768;
    # multi_accept on;
    worker_connections 1024;
    use epoll;
    multi_accept on;
}

http {

    ##
    # Basic Settings
    ##

    sendfile on;
    tcp_nopush on;
    tcp_nodelay on;
    keepalive_timeout 65;
    keepalive_requests 100000;
    types_hash_max_size 2048;
    types_hash_bucket_size 128;
    # server_tokens off;
    client_body_buffer_size      128k;
    client_max_body_size         10m;
    client_header_buffer_size    1k;
    large_client_header_buffers  4 4k;
    output_buffers               1 32k;
    postpone_output              1460;
    client_header_timeout  3m;
    client_body_timeout    3m;
    send_timeout           3m;  
    open_file_cache max=1000 inactive=20s;
    open_file_cache_valid 30s;
    open_file_cache_min_uses 5;
    open_file_cache_errors off; 

    server_names_hash_bucket_size 64;
    #server_name_in_redirect off;

    include /etc/nginx/mime.types;
    default_type application/octet-stream;

    ##
    # Logging Settings
    ##

    #access_log logs/access.log;
    #error_log logs/error.log;

    ##
    # Gzip Settings
    ##

    gzip on;
    gzip_disable "MSIE [1-6]\.";
    gzip_vary on;
    gzip_min_length 10240;
    gzip_proxied expired no-cache no-store private auth;
    gzip_types application/x-javascript text/css application/javascript text/javascript text/plain text/xml application/json application/vnd.ms-fontobject application/x-font-opentype application/x-font-truetype application/x-font-ttf application/xml font/eot font/opentype font/otf image/svg+xml image/vnd.microsoft.icon;

    ##
    # Virtual Host Configs
    ##

    #include /etc/nginx/conf.d/*.conf;
    include /etc/nginx/sites-enabled/*;

}
Raw
php-wp.conf.md

/etc/nginx/snippets/php-wp.conf

location / {
    try_files $uri $uri/ /index.php?$args;
}

location ~ \.php$ {
    include snippets/fastcgi-php.conf; ## atau masukan alamat dari fastcgi_params

    # With php5-fpm:
    fastcgi_pass unix:/var/run/php5-fpm.sock; ## see config on file www.conf (on php*-fpm directory)
    # Prevent 504 Gateway Timeout
    fastcgi_read_timeout 360; ## 10 menit, other ex : 3600 (1 jam)
}
Raw
php.conf.md

/etc/nginx/snippets/php.conf

location / {
    #try_files $uri $uri/ /index.php?$args;
    try_files $uri $uri/ /index.php$is_args$args;
}

location ~ \.php$ {
    include snippets/fastcgi-php.conf; ## atau masukan alamat dari fastcgi_params

    # With php5-fpm:
    fastcgi_pass unix:/var/run/php5-fpm.sock; ## see config on file www.conf (on php*-fpm directory)
    # Prevent 504 Gateway Timeout
    fastcgi_read_timeout 360; ## 10 menit, other ex : 3600 (1 jam)
}
Raw
proxy-params.conf.md 
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
Raw
server-config.md

Nginx as proxy to other service

server {
    listen 80;
    server_name example.id;

    location / {
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_pass       http://<ip-address>:<port>;
    }
}
@goeroeku
Copy link
Author

prevent 504 Gateway Timeout:
https://easycloudsupport.zendesk.com/hc/en-us/articles/360002057472-How-to-Fix-504-Gateway-Timeout-using-Nginx

@goeroeku
Copy link
Author

gzip:
https://www.digitalocean.com/community/tutorials/how-to-add-the-gzip-module-to-nginx-on-ubuntu-14-04

@goeroeku
Copy link
Author

page speed:
https://www.cloudbooklet.com/install-nginx-with-google-pagespeed-on-ubuntu-18-04-google-cloud/

@goeroeku
Copy link
Author

config cache:

## nginx.conf
fastcgi_cache_path /usr/share/nginx/cache levels=1:2 keys_zone=phpcache:100m max_size=1g inactive=60m use_temp_path=off;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
add_header X-Cache $upstream_cache_status;

## site-available on ~* \.php$
fastcgi_cache phpcache;
fastcgi_cache_valid 200 301 302 60m;
fastcgi_cache_use_stale error timeout updating invalid_header http_500 http_503;
fastcgi_cache_min_uses 1;
fastcgi_cache_lock on;
add_header X-FastCGI-Cache $upstream_cache_status;

fastcgi_cache_bypass $skip_cache;
fastcgi_no_cache $skip_cache;

## site-available on server{}
set $skip_cache 0;

# POST requests and urls with a query string should always go to PHP
if ($request_method = POST) {
    set $skip_cache 1;
}
if ($query_string != "") {
    set $skip_cache 1;
}

# Don't cache uris containing the following segments
if ($request_uri ~* "/admin/|/login/|index.php|/quiz/|/assign/") {
    set $skip_cache 1;
}

# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "MoodleSession") {
    set $skip_cache 1;
}
# Don't cache access database
if ($remote_addr ~* "10.0.2.51") {
     set $skip_cache 1;
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment