necrogami/cors.conf

## cors.conf
if ($request_method = 'OPTIONS') {
    add_header 'Access-Control-Allow-Origin' '*';
    add_header 'Access-Control-Allow-Credentials' 'true';
    add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, HEAD';
    add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
    add_header 'Access-Control-Max-Age' 1728000;
    add_header 'Content-Type' 'text/plain charset=UTF-8';
    add_header 'Content-Length' 0;
    return 204;
}

if ($request_method ~ ^(GET|POST|PUT|DELETE|HEAD)$) {
    add_header 'Access-Control-Allow-Origin' '*';
    add_header 'Access-Control-Allow-Credentials' 'true';
    add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, HEAD';
    add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
}

## dev.c4.ssl.conf
ssl_certificate star_dev_c4_io.pem;
ssl_certificate_key star_dev_c4_io.pem;
ssl_dhparam dhparam.pem;

# Qualys SSL Test A+
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA512:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:ECDH+AESGCM:ECDH+AES256:DH+AESGCM:DH+AES256:RSA+AESGCM:!aNULL:!eNULL:!LOW:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;

ssl_session_cache shared:TLS:2m;

# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8;

# Set HSTS to 365 days
add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains';
add_header X-Frame-Options "DENY";

## local.dev.ssl.conf
ssl_certificate wildcard.local.dev.pem;
ssl_certificate_key wildcard.local.dev.pem;
ssl_password_file file.pass;
ssl_dhparam dhparam.pem;

# Qualys SSL Test A+
ssl_protocols TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA512:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:ECDH+AESGCM:ECDH+AES256:DH+AESGCM:DH+AES256:RSA+AESGCM:!aNULL:!eNULL:!LOW:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;

ssl_session_cache shared:TLS:2m;

# OCSP stapling
ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.8.8;

# Set HSTS to 365 days
# add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains';
add_header X-Frame-Options "DENY";

## nginx.conf
#user  nobody;
worker_processes 1;
#error_log  logs/error.log;
#error_log  logs/error.log  notice;
#error_log  logs/error.log  info;
#pid        logs/nginx.pid;
events {
    worker_connections 1024;
}
http {
    include mime.types;
    default_type application/octet-stream;
    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
    #                  '$status $body_bytes_sent "$http_referer" '
    #                  '"$http_user_agent" "$http_x_forwarded_for"';
    #access_log  logs/access.log  main;
    sendfile on;
    #tcp_nopush     on;
    #keepalive_timeout  0;
    keepalive_timeout 65;
    gzip on;
    # From: http://blog.evan.pro/how-to-set-up-dynamic-virtual-hosts-for-web-development

    server {
        listen 80 default_server;
        server_name _;
        return 301 https://$host$request_uri;
    }
    server {
        listen 443 ssl http2;
        server_name .local.dev;

        include local.dev.ssl.conf;

        client_max_body_size 300M;
        autoindex on;
        autoindex_format html;
        # dynamic vhosts for development
        include rootpath.conf;
        # enable PHP
        index index.html index.php app.php;

        location / {
            index index.php index.html app.php;
            error_page 404 = @indexphp;
            error_page 405 =200 @indexphp;
        }

        location /pub/static {
            try_files $uri $uri/ @static;
        }

        location @static {
            rewrite ^/pub/static/(.*)$ /pub/static.php?resource=$1? last;
        }

        location @indexphp {
            rewrite ^(.*)$ /index.php$1;
        }

        location ~ ^(.+\.php)(?:/.+)?$ {

            include cors.conf;
            expires off;
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_split_path_info ^(.+\.php)(/.*)$;
            include fastcgi_params;
        }
        # rewrite to index.php for pretty URL's
        try_files $uri $uri/ /index.php?$args @indexphp;
        # block .ht* access

        location ~ /\.ht {
            deny all;
        }
    }

    server {
        listen 443 ssl http2;
        server_name .dev.c4.io;

        include dev.c4.ssl.conf;

        client_max_body_size 300M;
        autoindex on;
        autoindex_format html;
        # dynamic vhosts for development
        include rootpath.conf;
        # enable PHP
        index index.html index.php app.php;

        location / {
            index index.php index.html app.php;
            error_page 404 = @indexphp;
            error_page 405 =200 @indexphp;
        }

        location /pub/static {
            try_files $uri $uri/ @static;
        }

        location @static {
            rewrite ^/pub/static/(.*)$ /pub/static.php?resource=$1? last;
        }

        location @indexphp {
            rewrite ^(.*)$ /index.php$1;
        }

        location ~ ^(.+\.php)(?:/.+)?$ {

            include cors.conf;
            expires off;
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_split_path_info ^(.+\.php)(/.*)$;
            include fastcgi_params;
        }
        # rewrite to index.php for pretty URL's
        try_files $uri $uri/ /index.php?$args @indexphp;
        # block .ht* access

        location ~ /\.ht {
            deny all;
        }
    }
}

## rootpath.conf
set $basepath "/Users/necrogami/code";
set $domain $host;

if ($domain ~ "^(.*)\.local\.dev$") {
    set $domain $1;
}

if ($domain ~ "^(.*)\.dev\.c4\.io$") {
    set $domain $1;
}

if ($domain ~ "^(.*)\.(.*)\.(.*)\.(.*)\.(.*)\.xip\.io$") {
    set $domain $1;
}

set $rootpath "${domain}";

if (-d $basepath/$domain/public) {
    set $rootpath "${domain}/public";
}

if (-d $basepath/$domain/public_html) {
    set $rootpath "${domain}/public_html";
}

if (-d $basepath/$domain/httpdocs) {
    set $rootpath "${domain}/httpdocs";
}

if (-d $basepath/$domain/web) {
    set $rootpath "${domain}/web";
}

if (-d $basepath/$domain/output_dev) {
    set $rootpath "${domain}/output_dev";
}

if (-f $basepath/$domain/index.php) {
    set $rootpath $domain;
}

if (-f $basepath/$domain/index.html) {
    set $rootpath $domain;
}
root $basepath/$rootpath;
	if ($request_method = 'OPTIONS') {
	add_header 'Access-Control-Allow-Origin' '*';
	add_header 'Access-Control-Allow-Credentials' 'true';
	add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, HEAD';
	add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
	add_header 'Access-Control-Max-Age' 1728000;
	add_header 'Content-Type' 'text/plain charset=UTF-8';
	add_header 'Content-Length' 0;
	return 204;
	}

	if ($request_method ~ ^(GET\|POST\|PUT\|DELETE\|HEAD)$) {
	add_header 'Access-Control-Allow-Origin' '*';
	add_header 'Access-Control-Allow-Credentials' 'true';
	add_header 'Access-Control-Allow-Methods' 'GET, POST, PUT, DELETE, OPTIONS, HEAD';
	add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Authorization';
	}
	ssl_certificate star_dev_c4_io.pem;
	ssl_certificate_key star_dev_c4_io.pem;
	ssl_dhparam dhparam.pem;

	# Qualys SSL Test A+
	ssl_protocols TLSv1.2;
	ssl_prefer_server_ciphers on;
	ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA512:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:ECDH+AESGCM:ECDH+AES256:DH+AESGCM:DH+AES256:RSA+AESGCM:!aNULL:!eNULL:!LOW:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;

	ssl_session_cache shared:TLS:2m;

	# OCSP stapling
	ssl_stapling on;
	ssl_stapling_verify on;
	resolver 8.8.8.8;

	# Set HSTS to 365 days
	add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains';
	add_header X-Frame-Options "DENY";
	ssl_certificate wildcard.local.dev.pem;
	ssl_certificate_key wildcard.local.dev.pem;
	ssl_password_file file.pass;
	ssl_dhparam dhparam.pem;

	# Qualys SSL Test A+
	ssl_protocols TLSv1.2;
	ssl_prefer_server_ciphers on;
	ssl_ciphers EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA512:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:ECDH+AESGCM:ECDH+AES256:DH+AESGCM:DH+AES256:RSA+AESGCM:!aNULL:!eNULL:!LOW:!RC4:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS;

	ssl_session_cache shared:TLS:2m;

	# OCSP stapling
	ssl_stapling on;
	ssl_stapling_verify on;
	resolver 8.8.8.8;

	# Set HSTS to 365 days
	# add_header Strict-Transport-Security 'max-age=31536000; includeSubDomains';
	add_header X-Frame-Options "DENY";
	#user nobody;
	worker_processes 1;
	#error_log logs/error.log;
	#error_log logs/error.log notice;
	#error_log logs/error.log info;
	#pid logs/nginx.pid;
	events {
	worker_connections 1024;
	}
	http {
	include mime.types;
	default_type application/octet-stream;
	#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
	# '$status $body_bytes_sent "$http_referer" '
	# '"$http_user_agent" "$http_x_forwarded_for"';
	#access_log logs/access.log main;
	sendfile on;
	#tcp_nopush on;
	#keepalive_timeout 0;
	keepalive_timeout 65;
	gzip on;
	# From: http://blog.evan.pro/how-to-set-up-dynamic-virtual-hosts-for-web-development

	server {
	listen 80 default_server;
	server_name _;
	return 301 https://$host$request_uri;
	}
	server {
	listen 443 ssl http2;
	server_name .local.dev;

	include local.dev.ssl.conf;

	client_max_body_size 300M;
	autoindex on;
	autoindex_format html;
	# dynamic vhosts for development
	include rootpath.conf;
	# enable PHP
	index index.html index.php app.php;

	location / {
	index index.php index.html app.php;
	error_page 404 = @indexphp;
	error_page 405 =200 @indexphp;
	}

	location /pub/static {
	try_files $uri $uri/ @static;
	}

	location @static {
	rewrite ^/pub/static/(.*)$ /pub/static.php?resource=$1? last;
	}

	location @indexphp {
	rewrite ^(.*)$ /index.php$1;
	}

	location ~ ^(.+\.php)(?:/.+)?$ {

	include cors.conf;
	expires off;
	fastcgi_pass 127.0.0.1:9000;
	fastcgi_index index.php;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	fastcgi_split_path_info ^(.+\.php)(/.*)$;
	include fastcgi_params;
	}
	# rewrite to index.php for pretty URL's
	try_files $uri $uri/ /index.php?$args @indexphp;
	# block .ht* access

	location ~ /\.ht {
	deny all;
	}
	}

	server {
	listen 443 ssl http2;
	server_name .dev.c4.io;

	include dev.c4.ssl.conf;

	client_max_body_size 300M;
	autoindex on;
	autoindex_format html;
	# dynamic vhosts for development
	include rootpath.conf;
	# enable PHP
	index index.html index.php app.php;

	location / {
	index index.php index.html app.php;
	error_page 404 = @indexphp;
	error_page 405 =200 @indexphp;
	}

	location /pub/static {
	try_files $uri $uri/ @static;
	}

	location @static {
	rewrite ^/pub/static/(.*)$ /pub/static.php?resource=$1? last;
	}

	location @indexphp {
	rewrite ^(.*)$ /index.php$1;
	}

	location ~ ^(.+\.php)(?:/.+)?$ {

	include cors.conf;
	expires off;
	fastcgi_pass 127.0.0.1:9000;
	fastcgi_index index.php;
	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	fastcgi_split_path_info ^(.+\.php)(/.*)$;
	include fastcgi_params;
	}
	# rewrite to index.php for pretty URL's
	try_files $uri $uri/ /index.php?$args @indexphp;
	# block .ht* access

	location ~ /\.ht {
	deny all;
	}
	}
	}
	set $basepath "/Users/necrogami/code";
	set $domain $host;

	if ($domain ~ "^(.*)\.local\.dev$") {
	set $domain $1;
	}

	if ($domain ~ "^(.*)\.dev\.c4\.io$") {
	set $domain $1;
	}

	if ($domain ~ "^(.)\.(.)\.(.)\.(.)\.(.*)\.xip\.io$") {
	set $domain $1;
	}

	set $rootpath "${domain}";

	if (-d $basepath/$domain/public) {
	set $rootpath "${domain}/public";
	}

	if (-d $basepath/$domain/public_html) {
	set $rootpath "${domain}/public_html";
	}

	if (-d $basepath/$domain/httpdocs) {
	set $rootpath "${domain}/httpdocs";
	}

	if (-d $basepath/$domain/web) {
	set $rootpath "${domain}/web";
	}

	if (-d $basepath/$domain/output_dev) {
	set $rootpath "${domain}/output_dev";
	}

	if (-f $basepath/$domain/index.php) {
	set $rootpath $domain;
	}

	if (-f $basepath/$domain/index.html) {
	set $rootpath $domain;
	}
	root $basepath/$rootpath;