2022-08-29 00:26:46 +03:00
|
|
|
# ----------------------------------------------------------------------
|
|
|
|
|
# | Config file for <?=$this->e($domain)?> host |
|
|
|
|
|
# ----------------------------------------------------------------------
|
|
|
|
|
|
|
|
|
|
server {
|
|
|
|
|
listen [::]:80;
|
|
|
|
|
listen 80;
|
2022-09-06 13:38:00 +03:00
|
|
|
server_name <?php if (!$subDomain) : ?>www.<?=$this->e($domain)?> <?php endif ?><?=$this->e($domain)?>;
|
2022-11-29 11:35:10 +03:00
|
|
|
|
|
|
|
|
location ^~ /.well-known/acme-challenge/ {
|
|
|
|
|
root /home/<?=$this->e($user)?>/<?=$this->e($domain)?>;
|
|
|
|
|
try_files $uri =404;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
location / {
|
|
|
|
|
return 301 https://<?=$this->e($domain)?>$request_uri;
|
|
|
|
|
}
|
2022-08-29 00:26:46 +03:00
|
|
|
}
|
|
|
|
|
|
2022-09-06 13:38:00 +03:00
|
|
|
<?php if (!$subDomain) : ?>
|
2022-08-29 00:26:46 +03:00
|
|
|
server {
|
|
|
|
|
listen [::]:443 ssl http2;
|
|
|
|
|
listen 443 ssl http2;
|
|
|
|
|
|
|
|
|
|
server_name www.<?=$this->e($domain)?>;
|
|
|
|
|
|
|
|
|
|
include h5bp/tls/ssl_engine.conf;
|
2022-09-06 17:10:16 +03:00
|
|
|
ssl_certificate /etc/letsencrypt/live/<?=$this->e($domain)?>/fullchain.pem;
|
|
|
|
|
ssl_certificate_key /etc/letsencrypt/live/<?=$this->e($domain)?>/key.pem;
|
|
|
|
|
ssl_trusted_certificate /etc/letsencrypt/live/<?=$this->e($domain)?>/ca.pem;
|
2022-08-29 00:26:46 +03:00
|
|
|
include h5bp/tls/policy_strict.conf;
|
|
|
|
|
|
|
|
|
|
return 301 $scheme://<?=$this->e($domain)?>$request_uri;
|
|
|
|
|
}
|
2022-09-06 13:38:00 +03:00
|
|
|
<?php endif ?>
|
2022-08-29 00:26:46 +03:00
|
|
|
|
|
|
|
|
server {
|
|
|
|
|
listen [::]:443 ssl http2;
|
|
|
|
|
listen 443 ssl http2;
|
|
|
|
|
|
|
|
|
|
# The host name to respond to
|
|
|
|
|
server_name <?=$this->e($domain)?>;
|
|
|
|
|
|
|
|
|
|
include h5bp/tls/ssl_engine.conf;
|
2022-09-06 17:10:16 +03:00
|
|
|
<?php if ($subDomain) : ?>
|
2022-08-29 00:26:46 +03:00
|
|
|
include h5bp/tls/certificate_files.conf;
|
2022-09-06 17:10:16 +03:00
|
|
|
<?php else : ?>
|
|
|
|
|
ssl_certificate /etc/letsencrypt/live/<?=$this->e($domain)?>/fullchain.pem;
|
|
|
|
|
ssl_certificate_key /etc/letsencrypt/live/<?=$this->e($domain)?>/key.pem;
|
|
|
|
|
ssl_trusted_certificate /etc/letsencrypt/live/<?=$this->e($domain)?>/ca.pem;
|
|
|
|
|
<?php endif ?>
|
2022-08-29 00:26:46 +03:00
|
|
|
include h5bp/tls/policy_strict.conf;
|
|
|
|
|
|
|
|
|
|
# Path for static files
|
|
|
|
|
root /home/<?=$this->e($user)?>/<?=$this->e($domain)?>;
|
|
|
|
|
|
|
|
|
|
# Custom error pages
|
|
|
|
|
include h5bp/errors/custom_errors.conf;
|
|
|
|
|
|
|
|
|
|
# Include the basic h5bp config set
|
|
|
|
|
include h5bp/basic.conf;
|
|
|
|
|
|
|
|
|
|
access_log /var/log/nginx/<?=$this->e($domain)?>-access.log;
|
|
|
|
|
error_log /var/log/nginx/<?=$this->e($domain)?>-error.log error;
|
|
|
|
|
index index.php index.html index.htm;
|
|
|
|
|
|
|
|
|
|
location / {
|
2022-09-06 13:38:00 +03:00
|
|
|
<?php if (!empty($herseUser) && !empty($hersePass)) : ?>
|
|
|
|
|
auth_basic "Accès restreint";
|
|
|
|
|
auth_basic_user_file /home/<?=$this->e($user)?>/<?=$this->e($domain)?>/.htpasswd;
|
|
|
|
|
<?php endif ?>
|
|
|
|
|
try_files $uri $uri/ /index.php$is_args$args;
|
2022-08-29 00:26:46 +03:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
location ~ \.php$ {
|
2022-09-06 13:38:00 +03:00
|
|
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
|
|
|
|
fastcgi_pass unix:/var/run/php-fpm-<?=$this->e($user)?>.sock;
|
|
|
|
|
fastcgi_index index.php;
|
|
|
|
|
include fastcgi.conf;
|
2022-08-29 00:26:46 +03:00
|
|
|
}
|
|
|
|
|
}
|
