Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
Configuration file for Nginx Directus Site.
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/cms.jacurtis.com/before/*;
server {
root /home/forge/cms.jacurtis.com/public;
index index.php index.html index.htm;
server_name cms.jacurtis.com;
# FORGE SSL (DO NOT REMOVE!)
# ssl_certificate;
# ssl_certificate_key;
client_max_body_size 100M;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# disable_symlinks if_not_owner;
location ^~ /.well-known/ {
allow all;
default_type "text/plain";
}
location / {
try_files $uri $uri/ /index.php$args;
}
# location /admin {
# rewrite ^/admin/(.*) /admin/index.html last;
# }
location /thumbnail {
rewrite /thumbnail/(.*) /thumbnail/index.php last;
}
# Deny direct access to php files in extensions
location /extensions/.+\.php$ {
deny all;
}
# All uploads files (originals) cached for a year
location ~* /uploads/([^/]+)/originals/(.*) {
add_header Cache-Control "max-age=31536000";
}
# Serve php, html and cgi files as text file
location ~* /uploads/.*\.(php|phps|php5|htm|shtml|xhtml|cgi.+)?$ {
add_header Content-Type text/plain;
}
# Deny access to any file starting with .ht,
# including .htaccess and .htpasswd
location ~ /\.ht {
deny all;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/cms.jacurtis.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/cms.jacurtis.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/cms.jacurtis.com/after/*;
server {
if ($host = cms.jacurtis.com) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
listen [::]:80;
server_name cms.jacurtis.com;
return 404; # managed by Certbot
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment