83 lines
2.6 KiB
Nginx Configuration File
83 lines
2.6 KiB
Nginx Configuration File
# edited copy of upstream default config
|
|
server {
|
|
listen 80;
|
|
listen [::]:80;
|
|
server_name localhost;
|
|
|
|
root {{ env "ROOT_PATH" }};
|
|
|
|
#charset koi8-r;
|
|
#access_log /var/log/nginx/host.access.log main;
|
|
|
|
location / {
|
|
index index.html index.htm index.php;
|
|
gzip_static on;
|
|
try_files $uri $uri/ /r.php$is_args$args;
|
|
}
|
|
|
|
#error_page 404 /404.html;
|
|
|
|
# redirect server error pages to the static page /50x.html
|
|
#
|
|
# error_page 500 502 503 504 /50x.html;
|
|
# location = /50x.html {
|
|
# root /var/www/html;
|
|
# }
|
|
|
|
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
|
|
#
|
|
#location ~ \.php$ {
|
|
# proxy_pass http://127.0.0.1;
|
|
#}
|
|
|
|
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
|
|
#
|
|
location ~ \.php(/|$) {
|
|
# Split the path info based on URI.
|
|
fastcgi_split_path_info ^(.+\.php)(/.*)$;
|
|
|
|
# Note: Store the original path_info. It will be wiped out in a moment by try_files.
|
|
set $path_info $fastcgi_path_info;
|
|
|
|
# Look for the php file, trying a trailing slash for directories if required.
|
|
# Finally, send the request to the router - r.php - as a fallback.
|
|
try_files $fastcgi_script_name $fastcgi_script_name/ /r.php$is_args$args;
|
|
|
|
# File was found - pass to fastcgi.
|
|
fastcgi_pass {{ env "STACK_NAME" }}_app:9000;
|
|
# Alternately, pass to unix socket (depends on pool listen configuration)
|
|
# fastcgi_pass unix:/var/run/php/php8.2-fpm.sock;
|
|
|
|
include fastcgi_params;
|
|
|
|
# Re-apply the path_info after including fastcgi_params.
|
|
fastcgi_param PATH_INFO $path_info;
|
|
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
|
|
fastcgi_param DOCUMENT_ROOT $realpath_root;
|
|
}
|
|
|
|
location /dataroot/ {
|
|
internal;
|
|
alias /var/www/moodledata/; # ensure the path ends with /
|
|
}
|
|
|
|
# Hide all dot files but allow "Well-Known URIs" as per RFC 5785
|
|
location ~ /\.(?!well-known).* {
|
|
return 404;
|
|
}
|
|
|
|
# This should be after the php fpm rule and very close to the last nginx ruleset.
|
|
# Don't allow direct access to various internal files. See MDL-69333
|
|
location ~ (/vendor/|/node_modules/|composer\.json|/readme|/README|readme\.txt|/upgrade\.txt|/UPGRADING\.md|db/install\.xml|/fixtures/|/behat/|phpunit\.xml|\.lock|environment\.xml) {
|
|
deny all;
|
|
return 404;
|
|
}
|
|
|
|
# deny access to .htaccess files, if Apache's document root
|
|
# concurs with nginx's one
|
|
#
|
|
location ~ /\.ht {
|
|
deny all;
|
|
}
|
|
}
|