wcypierre/default

## default
# /etc/nginx/sites-available/default
# You may add here your
# server {
#	...
# }
# statements for each of your virtual hosts to this file

##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##

server {
    listen         80;
    return 301 https://$host$request_uri;
}

server {
	listen   8000 ssl default_server; ## listen for ipv4; this line is default and implied
	listen   [::]:8000 ipv6only=on; ## listen for ipv6

	root /usr/share/nginx/www/ajaxplorer;
	index index.php index.html index.htm;

	ssl_session_cache   shared:SSL:10m;
	ssl_session_timeout 120m;

	ssl on;
	ssl_certificate /etc/nginx/ssl/server.crt;
    ssl_certificate_key /etc/nginx/ssl/server.key;
    ssl_protocols       SSLv3 TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers         ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!CAMELLIA:!PSK:!SRP;
    ssl_prefer_server_ciphers   on;

    keepalive_timeout   70;

	# Make site accessible from all
	server_name fm.shellme.net;

	location /
	{
        try_files $uri $uri/ /index.php;

		if (!-f $request_filename){
			set $rule_0 1$rule_0;
		}

		if (!-d $request_filename){
			set $rule_0 2$rule_0;
		}

		if ($rule_0 = "21"){
			rewrite ^/shares /./dav.php last;
		}
		rewrite ^/api /./rest.php last;
	}

	location /data
	{
		deny all;
	}

	# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
	#location /RequestDenied {
	#	proxy_pass http://127.0.0.1:8080;
	#}

	error_page 404 /404.html;

	# redirect server error pages to the static page /50x.html

	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
		root /usr/share/nginx/www;
	}

	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000

	location ~ \.php$ {
		try_files $uri = 404;
		fastcgi_split_path_info ^(.+\.php)(/.+)$;
		# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
	#
	#	# With php5-cgi alone:
	#	fastcgi_pass 127.0.0.1:9000;
		# With php5-fpm:
		fastcgi_pass unix:/var/run/php5-fpm.sock;
		fastcgi_index index.php;
		include fastcgi_params;
	}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one

	location ~ /\.ht {
		deny all;
	}

        include drop.conf;
        include php.conf;
}


# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
#	listen 8000;
#	listen somename:8080;
#	server_name somename alias another.alias;
#	root html;
#	index index.html index.htm;
#
#	location / {
#		try_files $uri $uri/ =404;
#	}
#}


# HTTPS server
#
#server {
#	listen 443;
#	server_name localhost;
#
#	root html;
#	index index.html index.htm;
#
#	ssl on;
#	ssl_certificate cert.pem;
#	ssl_certificate_key cert.key;
#
#	ssl_session_timeout 5m;
#
#	ssl_protocols SSLv3 TLSv1;
#	ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
#	ssl_prefer_server_ciphers on;
#
#	location / {
#		try_files $uri $uri/ =404;
#	}
#}
	# /etc/nginx/sites-available/default
	# You may add here your
	# server {
	# ...
	# }
	# statements for each of your virtual hosts to this file

	##
	# You should look at the following URL's in order to grasp a solid understanding
	# of Nginx configuration files in order to fully unleash the power of Nginx.
	# http://wiki.nginx.org/Pitfalls
	# http://wiki.nginx.org/QuickStart
	# http://wiki.nginx.org/Configuration
	#
	# Generally, you will want to move this file somewhere, and start with a clean
	# file but keep this around for reference. Or just disable in sites-enabled.
	#
	# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
	##

	server {
	listen 80;
	return 301 https://$host$request_uri;
	}

	server {
	listen 8000 ssl default_server; ## listen for ipv4; this line is default and implied
	listen [::]:8000 ipv6only=on; ## listen for ipv6

	root /usr/share/nginx/www/ajaxplorer;
	index index.php index.html index.htm;

	ssl_session_cache shared:SSL:10m;
	ssl_session_timeout 120m;

	ssl on;
	ssl_certificate /etc/nginx/ssl/server.crt;
	ssl_certificate_key /etc/nginx/ssl/server.key;
	ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
	ssl_ciphers ECDHE-RSA-AES128-GCM-SHA256:ECDHE-RSA-RC4-SHA:ECDHE-RSA-AES128-SHA:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH:!CAMELLIA:!PSK:!SRP;
	ssl_prefer_server_ciphers on;

	keepalive_timeout 70;

	# Make site accessible from all
	server_name fm.shellme.net;

	location /
	{
	try_files $uri $uri/ /index.php;

	if (!-f $request_filename){
	set $rule_0 1$rule_0;
	}

	if (!-d $request_filename){
	set $rule_0 2$rule_0;
	}

	if ($rule_0 = "21"){
	rewrite ^/shares /./dav.php last;
	}
	rewrite ^/api /./rest.php last;
	}

	location /data
	{
	deny all;
	}

	# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
	#location /RequestDenied {
	# proxy_pass http://127.0.0.1:8080;
	#}

	error_page 404 /404.html;

	# redirect server error pages to the static page /50x.html

	error_page 500 502 503 504 /50x.html;
	location = /50x.html {
	root /usr/share/nginx/www;
	}

	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000

	location ~ \.php$ {
	try_files $uri = 404;
	fastcgi_split_path_info ^(.+\.php)(/.+)$;
	# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
	#
	# # With php5-cgi alone:
	# fastcgi_pass 127.0.0.1:9000;
	# With php5-fpm:
	fastcgi_pass unix:/var/run/php5-fpm.sock;
	fastcgi_index index.php;
	include fastcgi_params;
	}

	# deny access to .htaccess files, if Apache's document root
	# concurs with nginx's one

	location ~ /\.ht {
	deny all;
	}

	include drop.conf;
	include php.conf;
	}


	# another virtual host using mix of IP-, name-, and port-based configuration
	#
	#server {
	# listen 8000;
	# listen somename:8080;
	# server_name somename alias another.alias;
	# root html;
	# index index.html index.htm;
	#
	# location / {
	# try_files $uri $uri/ =404;
	# }
	#}


	# HTTPS server
	#
	#server {
	# listen 443;
	# server_name localhost;
	#
	# root html;
	# index index.html index.htm;
	#
	# ssl on;
	# ssl_certificate cert.pem;
	# ssl_certificate_key cert.key;
	#
	# ssl_session_timeout 5m;
	#
	# ssl_protocols SSLv3 TLSv1;
	# ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
	# ssl_prefer_server_ciphers on;
	#
	# location / {
	# try_files $uri $uri/ =404;
	# }
	#}