mirror of
https://github.com/cytopia/devilbox.git
synced 2024-12-23 06:32:22 +00:00
158 lines
3.8 KiB
Plaintext
158 lines
3.8 KiB
Plaintext
---
|
|
|
|
# Nginx vHost Template defintion for vhost-gen.py
|
|
#
|
|
# The 'feature' section contains optional features that can be enabled via
|
|
# conf.yml and will then be replaced into the main vhost ('structure' section)
|
|
# into their corresponding position:
|
|
#
|
|
# __XDOMAIN_REQ__
|
|
# __PHP_FPM__
|
|
# __ALIASES__
|
|
# __DENIES__
|
|
# __STATUS__
|
|
#
|
|
# The features itself also contain variables to be adjusted in conf.yml
|
|
# and will then be replaced in their corresponding feature section
|
|
# before being replaced into the vhost section (if enabled):
|
|
#
|
|
# PHP-FPM:
|
|
# __PHP_ADDR__
|
|
# __PHP_PORT__
|
|
# XDomain:
|
|
# __REGEX__
|
|
# Alias:
|
|
# __REGEX__
|
|
# __PATH__
|
|
# Deny:
|
|
# __REGEX__
|
|
# Status:
|
|
# __REGEX__
|
|
#
|
|
# Variables to be replaced directly in the vhost configuration can also be set
|
|
# in conf.yml and include:
|
|
# __VHOST_NAME__
|
|
# __DOCUMENT_ROOT__
|
|
# __INDEX__
|
|
# __ACCESS_LOG__
|
|
# __ERROR_LOG__
|
|
# __PHP_ADDR__
|
|
# __PHP_PORT__
|
|
#
|
|
|
|
|
|
###
|
|
### Basic vHost skeleton
|
|
###
|
|
vhost: |
|
|
server {
|
|
listen __PORT____DEFAULT_VHOST__;
|
|
server_name __VHOST_NAME__;
|
|
|
|
access_log "__ACCESS_LOG__" combined;
|
|
error_log "__ERROR_LOG__" warn;
|
|
|
|
__REDIRECT__
|
|
__SSL__
|
|
__VHOST_DOCROOT__
|
|
__VHOST_RPROXY__
|
|
__PHP_FPM__
|
|
__ALIASES__
|
|
__DENIES__
|
|
__SERVER_STATUS__
|
|
# Custom directives
|
|
__CUSTOM__
|
|
}
|
|
|
|
|
|
###
|
|
### vHost Type (normal or reverse proxy)
|
|
###
|
|
vhost_type:
|
|
# Normal vHost (-p)
|
|
docroot: |
|
|
# Define the vhost to serve files
|
|
root "__DOCUMENT_ROOT__";
|
|
index __INDEX__;
|
|
|
|
# Reverse Proxy (-r)
|
|
rproxy: |
|
|
# Define the vhost to reverse proxy
|
|
location __LOCATION__ {
|
|
proxy_set_header Host $host;
|
|
proxy_set_header X-Real-IP $remote_addr;
|
|
proxy_pass __PROXY_PROTO__://__PROXY_ADDR__:__PROXY_PORT__;
|
|
}
|
|
|
|
|
|
###
|
|
### Optional features to be enabled in vHost
|
|
###
|
|
features:
|
|
|
|
# SSL Configuration
|
|
ssl: |
|
|
ssl_certificate __SSL_PATH_CRT__;
|
|
ssl_certificate_key __SSL_PATH_KEY__;
|
|
ssl_protocols __SSL_PROTOCOLS__;
|
|
ssl_prefer_server_ciphers __SSL_HONOR_CIPHER_ORDER__;
|
|
ssl_ciphers __SSL_CIPHERS__;
|
|
|
|
# Redirect to SSL directive
|
|
redirect: |
|
|
return 301 https://__VHOST_NAME__:__SSL_PORT__$request_uri;
|
|
|
|
# PHP-FPM will not be applied to a reverse proxy!
|
|
php_fpm: |
|
|
# PHP-FPM Definition
|
|
location / {
|
|
try_files $uri $uri/ /index.php$is_args$args;
|
|
}
|
|
location ~ \.php?$ {
|
|
try_files $uri = 404;
|
|
include fastcgi_params;
|
|
|
|
# https://stackoverflow.com/questions/1733306/nginx-errors-readv-and-recv-failed/51457613#51457613
|
|
fastcgi_keep_conn off;
|
|
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
fastcgi_split_path_info ^(.+\.php)(.*)$;
|
|
|
|
fastcgi_pass __PHP_ADDR__:__PHP_PORT__;
|
|
fastcgi_read_timeout __PHP_TIMEOUT__;
|
|
|
|
fastcgi_index index.php;
|
|
fastcgi_intercept_errors on;
|
|
}
|
|
|
|
alias: |
|
|
# Alias Definition
|
|
location ~ __ALIAS__ {
|
|
root __PATH__;
|
|
__XDOMAIN_REQ__
|
|
}
|
|
|
|
deny: |
|
|
# Deny Definition
|
|
location ~ __REGEX__ {
|
|
deny all;
|
|
}
|
|
|
|
server_status: |
|
|
# Status Page
|
|
location ~ __REGEX__ {
|
|
stub_status on;
|
|
access_log off;
|
|
}
|
|
|
|
xdomain_request: |
|
|
# Allow cross domain request from these hosts
|
|
if ( $http_origin ~* (__REGEX__) ) {
|
|
add_header "Access-Control-Allow-Origin" "$http_origin";
|
|
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
|
|
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
|
|
add_header 'Access-Control-Expose-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Content-Range,Range';
|
|
add_header 'Access-Control-Max-Age' 0;
|
|
return 200;
|
|
}
|