jamesmorrison/000-default.conf

## 000-default.conf
server {

	server_name apollo;
	listen 80 default_server;
	listen 443 ssl default_server;

	ssl_certificate      ssl/selfsigned.crt;
	ssl_certificate_key  ssl/selfsigned.key;

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_prefer_server_ciphers   on;
	ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;

	ssl_session_cache shared:SSL:20m;
	ssl_session_timeout 180m;

	set $root $host;

	# For subdomains we want the document root to be the root domain only (e.g. 'sub.site.dev' rewrites to 'site.dev')
	# This is for subdomain multisite
	if ( $host ~* "(.+)\.((.+)\.([a-z]+|co\.uk))$" ) {
		set $root $2;
	}

	# If the requested domain doesn't exist (the corresponding folder isn't present), rewrite $root to the default folder
	if ( !-d /projects/sites/$root ) {
		set $root '000-default';
	}

	root /projects/sites/$root;

	index index.php index.html;

	client_max_body_size 64M;

	# Rewrite for WordPress in a sub-folder
	if ( -d /projects/sites/$root/wordpress ) {
		rewrite ^(/wp-(admin|includes)/(.*))$ /wordpress$1 last;
		rewrite ^(/wp-[^/]*\.php)$ /wordpress$1 last;
	}

	# Rewrite for multisite / sub-directory e.g. site.dev/sub-site/
	# If the file does not exist for wp-admin/* or wp-*.php, try looking in the parent directory
	if ( !-e $request_filename ) {
		rewrite /wp-admin$ $scheme://$host$uri/ permanent;
		rewrite ^(/[^/]+)?(/wp-.*) $2 last;
		rewrite ^(/[^/]+)?(/.*\.php) $2 last;
	}

	# WordPress multisite files handler (legacy)
	location ~ ^(/[^/]+/)?files/(.+) {
		try_files $uri /wp-includes/ms-files.php?file=$2 ;
		access_log off; log_not_found off; expires max;
	}

	# Block all web requests to hidden directories
	location ~ /\. {
		deny all;
	}

	# Block access to build scripts.
	location ~* /(Gruntfile\.js|package\.json|node_modules) {
		deny all;
	}

	# Default location block
	location / {

		# Disable caching on all pages / assets
		add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
		expires off;

		# Try file, file/ then fall back to index
		try_files $uri $uri/ /index.php$is_args$args;
	}

	# Pass PHP scripts to PHP FPM
	location ~ \.php$ {

                # Disable caching on all pages / assets
                add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
                expires off;

		fastcgi_split_path_info ^(.+\.php)(/.+)$;
		include snippets/fastcgi-php.conf;
		fastcgi_pass unix:/run/php/php7.0-fpm.sock;
	}

}
	server {

	server_name apollo;
	listen 80 default_server;
	listen 443 ssl default_server;

	ssl_certificate ssl/selfsigned.crt;
	ssl_certificate_key ssl/selfsigned.key;

	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
	ssl_prefer_server_ciphers on;
	ssl_ciphers ECDH+AESGCM:ECDH+AES256:ECDH+AES128:DH+3DES:!ADH:!AECDH:!MD5;

	ssl_session_cache shared:SSL:20m;
	ssl_session_timeout 180m;

	set $root $host;

	# For subdomains we want the document root to be the root domain only (e.g. 'sub.site.dev' rewrites to 'site.dev')
	# This is for subdomain multisite
	if ( $host ~* "(.+)\.((.+)\.([a-z]+\|co\.uk))$" ) {
	set $root $2;
	}

	# If the requested domain doesn't exist (the corresponding folder isn't present), rewrite $root to the default folder
	if ( !-d /projects/sites/$root ) {
	set $root '000-default';
	}

	root /projects/sites/$root;

	index index.php index.html;

	client_max_body_size 64M;

	# Rewrite for WordPress in a sub-folder
	if ( -d /projects/sites/$root/wordpress ) {
	rewrite ^(/wp-(admin\|includes)/(.*))$ /wordpress$1 last;
	rewrite ^(/wp-[^/]*\.php)$ /wordpress$1 last;
	}

	# Rewrite for multisite / sub-directory e.g. site.dev/sub-site/
	# If the file does not exist for wp-admin/* or wp-*.php, try looking in the parent directory
	if ( !-e $request_filename ) {
	rewrite /wp-admin$ $scheme://$host$uri/ permanent;
	rewrite ^(/[^/]+)?(/wp-.*) $2 last;
	rewrite ^(/[^/]+)?(/.*\.php) $2 last;
	}

	# WordPress multisite files handler (legacy)
	location ~ ^(/[^/]+/)?files/(.+) {
	try_files $uri /wp-includes/ms-files.php?file=$2 ;
	access_log off; log_not_found off; expires max;
	}

	# Block all web requests to hidden directories
	location ~ /\. {
	deny all;
	}

	# Block access to build scripts.
	location ~* /(Gruntfile\.js\|package\.json\|node_modules) {
	deny all;
	}

	# Default location block
	location / {

	# Disable caching on all pages / assets
	add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
	expires off;

	# Try file, file/ then fall back to index
	try_files $uri $uri/ /index.php$is_args$args;
	}

	# Pass PHP scripts to PHP FPM
	location ~ \.php$ {

	# Disable caching on all pages / assets
	add_header Cache-Control 'no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0';
	expires off;

	fastcgi_split_path_info ^(.+\.php)(/.+)$;
	include snippets/fastcgi-php.conf;
	fastcgi_pass unix:/run/php/php7.0-fpm.sock;
	}

	}