7x31/nginxconfig.io
1
0
Fork 0
mirror of https://github.com/digitalocean/nginxconfig.io.git synced 2025-09-23 20:54:31 +08:00
Code Issues Packages Projects Releases Wiki Activity

multiple site support, site tabs, common tabs, django

Browse Source
This commit is contained in:
Szekeres Bálint
2019-01-06 15:48:28 +01:00
parent accd4d7753
commit a3116b5102
12 changed files with 1974 additions and 1260 deletions
Download Patch File Download Diff File Expand all files Collapse all files

49
public/templates/commands.html
View File

@@ -1,52 +1,65 @@
<!-- ✔ symlink --><span ng-if="isSymlink()"><!--
--><span class="hljs-comment"># <strong>Virtual host</strong>: create symbolic link</span>
<span class="hljs-section">ln</span> <span class="hljs-attribute">-s</span> /etc/nginx/sites-available/{{ domain() }}.conf /etc/nginx/sites-enabled/{{ domain() }}.conf</span><!--
--><span class="hljs-comment"># <strong>Virtual host</strong>: create symbolic link{{ getDomains().length > 1 ? 's' : '' }}</span>
<span class="hljs-section">ln</span> <span class="hljs-attribute">-s</span> <span ng-repeat="(_site, _domain) in getDomains() track by $index">/etc/nginx/sites-available/{{ _domain }}.conf </span>/etc/nginx/sites-enabled</span><!--
✔ symlink || ✔ HTTPS --><span ng-if="isSymlink() && ((isHTTPS() && !isSSLProfileModern()) || isCertLetsEncrypt())">
✔ symlink || ✔ HTTPS --><span ng-if="isSymlink() && (isSSLProfileIntermediate() || isSSLProfileOld() || hasCertLetsEncrypt())">
</span><!--
HTTPS --><span ng-if="isHTTPS() && !isSSLProfileModern()"><!--
SSL profile: intermediate || old --><span ng-if="isSSLProfileIntermediate() || isSSLProfileOld()"><!--
--><span class="hljs-comment"># <strong>HTTPS</strong>: create Diffie-Hellman keys</span>
<span class="hljs-section">openssl dhparam</span> <span class="hljs-attribute">-dsaparam</span> <span class="hljs-attribute">-out</span> /etc/nginx/dhparam.pem <span class="hljs-number">{{ isSSLProfileOld() ? 1024 : 2048 }}</span><!--
--><span ng-if="isCertLetsEncrypt()">
--><span ng-if="hasCertLetsEncrypt()">
</span></span><!--
✔ Let's Encrypt --><span ng-if="isCertLetsEncrypt()"><!--
✔ Let's Encrypt --><span ng-if="hasCertLetsEncrypt()"><!--
--><span class="hljs-comment"># <strong>HTTPS - certbot</strong> (before first run): create ACME-challenge common directory</span>
<span class="hljs-section">mkdir</span> <span class="hljs-attribute">-p</span> /var/www/_letsencrypt && <span class="hljs-section">chown</span> <span class="hljs-attribute">{{ data.user }}</span> /var/www/_letsencrypt
<!--
-->
<span class="hljs-comment"># <strong>HTTPS - certbot</strong> (before first run): disable SSL directives</span>
<span class="hljs-section">sed</span> <!--
--><span class="hljs-attribute">-i</span> <!--
--><span class="hljs-attribute">-r</span> <!--
-->'s/(listen .*443)/\1;#/g; s/(ssl_(certificate|certificate_key|trusted_certificate) )/#;#\1/g' <!--
-->{{ isModularized() ? ('/etc/nginx/sites-' + (isSymlink() ? 'available' : 'enabled') + '/' + domain() + '.conf') : '/etc/nginx/nginx.conf' }}
-->'s/(listen .*443)/\1;#/g; s/(ssl_(certificate|certificate_key|trusted_certificate) )/#;#\1/g'<span ng-if="isUnified()"><!--
--> /etc/nginx/nginx.conf</span><span ng-if="isModularized()"><span ng-repeat="(_site, _domain) in getDomains() track by $index" ng-if="isCertLetsEncrypt(_site)"><!--
--> /etc/nginx/sites-{{ isSymlink() ? 'available' : 'enabled' }}/{{ _domain }}.conf</span></span>
<!--
<span class="hljs-comment"># <strong>HTTPS - certbot</strong>: obtain certificates</span>
-->
<span class="hljs-comment"># <strong>HTTPS - certbot</strong>: obtain certificates</span><!--
--><span ng-repeat="(_site, _domain) in getDomains() track by $index" ng-if="isCertLetsEncrypt(_site)">
<span class="hljs-section">certbot certonly</span> <!--
--><span class="hljs-attribute">--webroot</span> <!--
--><span ng-if="isNonWWW() || isRedirect()"><span class="hljs-attribute" tooltips tooltip-template="--domain">-d</span> {{ domain() }} </span><!--
--><span ng-if="isWWW() || isRedirect()"><span class="hljs-attribute" tooltips tooltip-template="--domain">-d</span> www.{{ domain() }} </span><!--
--><span ng-if="isCDN()"><span class="hljs-attribute" tooltips tooltip-template="--domain">-d</span> cdn.{{ domain() }} </span><!--
--><span class="hljs-attribute">--email</span> {{ data.email ? data.email : 'info@' + domain() }} <!--
--><span ng-if="isNonWWW(_site) || isRedirect(_site)"><span class="hljs-attribute" tooltips tooltip-template="--domain">-d</span> {{ _domain }} </span><!--
--><span ng-if="isWWW(_site) || isRedirect(_site)"><span class="hljs-attribute" tooltips tooltip-template="--domain">-d</span> www.{{ _domain }} </span><!--
--><span ng-if="isCDN(_site)"><span class="hljs-attribute" tooltips tooltip-template="--domain">-d</span> cdn.{{ _domain }} </span><!--
--><span class="hljs-attribute">--email</span> {{ data.email ? data.email : 'info@' + _domain }} <!--
--><span class="hljs-attribute" tooltips tooltip-template="--webroot-path">-w</span> /var/www/_letsencrypt <!--
--><span class="hljs-attribute" tooltips tooltip-template="--non-interactive">-n</span> <!--
--><span class="hljs-attribute">--agree-tos</span> <!--
--><span class="hljs-attribute">--force-renewal</span>
--><span class="hljs-attribute">--force-renewal</span></span>
<!--
-->
<span class="hljs-comment"># <strong>HTTPS - certbot</strong> (after first run): enable SSL directives</span>
<span class="hljs-section">sed</span> <!--
--><span class="hljs-attribute">-i</span> <!--
--><span class="hljs-attribute">-r</span> <!--
-->'s/#?;#//g' <!--
-->{{ isModularized() ? ('/etc/nginx/sites-' + (isSymlink() ? 'available' : 'enabled') + '/' + domain() + '.conf') : '/etc/nginx/nginx.conf' }}<!--
--></span>
-->'s/#?;#//g'<span ng-if="isUnified()"><!--
--> /etc/nginx/nginx.conf</span><span ng-if="isModularized()"><span ng-repeat="(_site, _domain) in getDomains() track by $index" ng-if="isCertLetsEncrypt(_site)"><!--
--> /etc/nginx/sites-{{ isSymlink() ? 'available' : 'enabled' }}/{{ _domain }}.conf</span></span></span>

17
public/templates/conf/nginx.conf.html
View File

@@ -20,13 +20,6 @@ http {<!--
server {{ data.php_server[0] === '/' ? 'unix:' : '' }}{{ data.php_server }};
server {{ data.php_server_backup[0] === '/' ? 'unix:' : '' }}{{ data.php_server_backup }} backup;
}
</span><!--
✔ Python backup --><span ng-if="isPythonBackup()">
upstream python {
server {{ data.python_server[0] === '/' ? 'unix:' : '' }}{{ data.python_server }};
server {{ data.python_server_backup[0] === '/' ? 'unix:' : '' }}{{ data.python_server_backup }} backup;
}
</span>
charset utf-8;
sendfile on;
@@ -55,14 +48,14 @@ http {<!--
limit_req_log_level warn;
limit_req_zone $binary_remote_addr zone=login:10m rate=10r/m;</span><!--
✔ HTTPS --><span ng-if="isHTTPS()">
✔ HTTPS --><span ng-if="hasHTTPS()">
# SSL
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;<!--
✘ SSLProfileModern --><span ng-if="!isSSLProfileModern()">
✘ SSLProfileModern --><span ng-if="isSSLProfileIntermediate() || isSSLProfileOld()">
# Diffie-Hellman parameter for DHE ciphersuites
ssl_dhparam /etc/nginx/dhparam.pem;</span>
@@ -85,9 +78,9 @@ http {<!--
resolver_timeout 2s;</span></span>
# load configs
include /etc/nginx/conf.d/*.conf;<span ng-if="data.file_structure === 'modularized'">
include /etc/nginx/sites-enabled/*;</span><span ng-if="data.file_structure === 'unified'">
include /etc/nginx/conf.d/*.conf;<span ng-if="isModularized()">
include /etc/nginx/sites-enabled/*;</span><span ng-if="isUnified()">
# {{ !data.non_www ? 'www.' : '' }}{{ domain() }}
# {{ !data.non_www ? 'www.' : '' }}{{ getDomain() }}
<ng-include ng-include-tabs="1" src="'templates/conf/sites-available/example.com.conf.html?v=COMMIT_HASH'" sonload="refreshHighlighting()"></ng-include></span>
}

63
public/templates/conf/nginxconfig.io/general.conf.html
View File

@@ -7,51 +7,80 @@ add_header Referrer-Policy "{{ data.referrer_policy }}" always;<!--
✔ CSP --><span ng-if="isCSP()">
add_header Content-Security-Policy "{{ data.content_security_policy }}" always;</span><!--
✔ HSTS--><span ng-if="isHSTS()">
✔ HSTS--><span ng-if="hasCommonHSTS()">
add_header Strict-Transport-Security "max-age=31536000{{ isHSTSSubdomains() ? '; includeSubDomains' : '' }}{{ isHSTSPreload() ? '; preload' : '' }}" always;</span>
# . files
location ~ /\.(?!well-known) {
deny all;
}<span ng-if="data.expires_assets && data.expires_assets !== data.expires_media">
}<!--
# assets
✘ root --><span ng-if="allRoot()">
<!--
✔ expires assets
--><span ng-if="data.expires_assets && data.expires_assets !== data.expires_media"># assets
location ~* \.(?:{{ extensions.assets }})$ {
expires {{ data.expires_assets }};<!--
✘ accessLog --><span ng-if="isAccessLog()">
access_log off;</span>
}</span><span ng-if="data.expires_media">
}</span><!--
# {{ data.expires_assets && data.expires_assets === data.expires_media ? 'assets, ' : '' }}media
expires assets && ✔ expires media --><span ng-if="data.expires_assets && data.expires_media && data.expires_assets !== data.expires_media">
</span><!--
✔ expires media
--><span ng-if="data.expires_media"># {{ data.expires_assets && data.expires_assets === data.expires_media ? 'assets, ' : '' }}media
location ~* \.(?:{{ data.expires_assets && data.expires_assets === data.expires_media ? extensions.assets + '|' : '' }}{{ extensions.images }}|{{ extensions.audio }}|{{ extensions.video }})$ {
expires {{ data.expires_media }};<!--
✘ accessLog --><span ng-if="isAccessLog()">
access_log off;</span>
}</span><span ng-if="data.expires_svg && data.expires_svg !== data.expires_fonts">
}</span><!--
# svg
(✔ expires assets || ✔ expires media) && ✔ expires svg--><span ng-if="(data.expires_assets || data.expires_media) && (data.expires_svg || data.expires_fonts)">
</span><!--
✔ expires svg
--><span ng-if="data.expires_svg && data.expires_svg !== data.expires_fonts"># svg
location ~* \.{{ extensions.svg }}$ {
add_header Access-Control-Allow-Origin "*";
expires {{ data.expires_svg }};<!--
✘ accessLog --><span ng-if="isAccessLog()">
access_log off;</span>
}</span><span ng-if="data.expires_fonts">
}</span><!--
# {{ data.expires_svg && data.expires_svg === data.expires_fonts ? 'svg, ' : '' }}fonts
expires svg && ✔ expires fonts --><span ng-if="data.expires_svg && data.expires_fonts && data.expires_svg !== data.expires_fonts">
</span><!--
✔ expires fonts
--><span ng-if="data.expires_fonts"># {{ data.expires_svg && data.expires_svg === data.expires_fonts ? 'svg, ' : '' }}fonts
location ~* \.(?:{{ data.expires_svg && data.expires_svg === data.expires_fonts ? extensions.svg + '|' : '' }}{{ extensions.fonts }})$ {
add_header Access-Control-Allow-Origin "*";
expires {{ data.expires_fonts }};<!--
✘ accessLog --><span ng-if="isAccessLog()">
access_log off;</span>
}</span>
<span ng-if="isGzip()">
# gzip
}</span><!--
✔ expires && ✔ gzip --><span ng-if="(data.expires_assets || data.expires_media || data.expires_svg || data.expires_fonts) && isGzip()">
</span></span><!--
✔ gzip --><span ng-if="isGzip()"># gzip
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types {{ gzipTypes }};</span>
gzip_types {{ gzipTypes }};</span><!--
✔ gzip && ✔ brotli --><span ng-if="isGzip() && isBrotli()">
</span><!--
✔ brotli --><span ng-if="isBrotli()"># brotli
brotli on;
brotli_comp_level 6;
brotli_types {{ gzipTypes }};</span>

4
public/templates/conf/nginxconfig.io/php_fastcgi.conf.html
View File

@@ -1,5 +1,5 @@
<!--
✔ Legacy PHP routing --><span ng-if="isLegacyPHPRouting()"><!--
✔ Legacy PHP routing --><span ng-if="hasLegacyPHPRouting()"><!--
--># split path
fastcgi_split_path_info ^(.+\.php)(/.+)$;
set $_fastcgi_path_info $fastcgi_path_info;
@@ -21,6 +21,6 @@ fastcgi_buffer_size 32k;
# fastcgi params
fastcgi_param DOCUMENT_ROOT $realpath_root;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;<!--
✔ Legacy PHP routing --><span ng-if="isLegacyPHPRouting()">
✔ Legacy PHP routing --><span ng-if="hasLegacyPHPRouting()">
fastcgi_param PATH_INFO $_fastcgi_path_info;</span>
fastcgi_param PHP_ADMIN_VALUE "open_basedir=$base/:/usr/lib/php/:/tmp/";

175
public/templates/conf/sites-available/example.com.conf.html
View File

@@ -1,63 +1,70 @@
server {<!--
✘ HTTPS || ✘ forceHTTPS --><span ng-if="!isHTTPS() || !isForceHTTPS()">
listen {{ data.ipv4 !== '*' ? data.ipv4 + ':' : '' }}80;<!--
✘ HTTPS || ✘ forceHTTPS --><span ng-if="!isHTTPS(_site) || !isForceHTTPS(_site)">
listen {{ data.sites[_site].ipv4 !== '*' ? data.sites[_site].ipv4 + ':' : '' }}80;<!--
✔ IPv6 --><span ng-if="isIPv6()">
listen [{{ data.ipv6 }}]:80;</span></span><!--
✔ IPv6 --><span ng-if="isIPv6(_site)">
listen [{{ data.sites[_site].ipv6 }}]:80;</span></span><!--
✔ HTTPS --><span ng-if="isHTTPS()">
listen {{ data.ipv4 !== '*' ? data.ipv4 + ':' : '' }}443 ssl{{ isHTTP2() ? ' http2' : '' }};<!--
✔ HTTPS --><span ng-if="isHTTPS(_site)">
listen {{ data.sites[_site].ipv4 !== '*' ? data.sites[_site].ipv4 + ':' : '' }}443 ssl{{ isHTTP2() ? ' http2' : '' }};<!--
✔ IPv6 --><span ng-if="isIPv6()">
listen [{{ data.ipv6 }}]:443 ssl{{ isHTTP2() ? ' http2' : '' }};</span></span>
✔ IPv6 --><span ng-if="isIPv6(_site)">
listen [{{ data.sites[_site].ipv6 }}]:443 ssl{{ isHTTP2() ? ' http2' : '' }};</span></span>
server_name {{ isWWW() ? 'www.' : '' }}{{ domain() }};<!--
server_name {{ isWWW() ? 'www.' : '' }}{{ _domain }};<!--
✔ PHP --><span ng-if="isPHP()">
set $base {{ data.path ? data.path : '/var/www/' + domain() }};
root $base{{ data.document_root }};</span><!--
✔ PHP || ✔ Django --><span ng-if="isPHP(_site) || isDjango(_site)">
set $base {{ getPath(_site) }};<!--
✘ PHP --><span ng-if="!isPHP()">
root /var/www/{{ domain() }}{{ data.document_root }};</span><!--
✔ root --><span ng-if="isRoot(_site)">
root $base{{ data.sites[_site].document_root }};</span></span><!--
✔ HTTPS --><span ng-if="isHTTPS()">
✘ PHP && ✘ Django--><span ng-if="!isPHP(_site) && !isDjango(_site) && isRoot(_site)">
root {{ getPath(_site) }}{{ data.sites[_site].document_root }};</span><!--
✔ HTTPS --><span ng-if="isHTTPS(_site)">
# SSL
ssl_certificate {{ sslCertificate() }};
ssl_certificate_key {{ sslCertificateKey() }};<!--
ssl_certificate {{ getSslCertificate(_site) }};
ssl_certificate_key {{ getSslCertificateKey(_site) }};<!--
✔ Let's Encrypt --><span ng-if="isCertLetsEncrypt()">
ssl_trusted_certificate /etc/letsencrypt/live/{{ domain() }}/fullchain.pem;</span></span><!--
✔ Let's Encrypt --><span ng-if="isCertLetsEncrypt(_site)">
ssl_trusted_certificate /etc/letsencrypt/live/{{ _domain }}/fullchain.pem;</span></span><!--
access log domain || error log domain --><span ng-if="isAccessLogDomain() || isErrorLogDomain()">
HSTS --><span ng-if="!hasCommonHSTS() && isHSTS(_site)">
# HSTS
add_header Strict-Transport-Security "max-age=31536000{{ isHSTSSubdomains(_site) ? '; includeSubDomains' : '' }}{{ isHSTSPreload(_site) ? '; preload' : '' }}" always;</span><!--
✔ access log domain || error log domain --><span ng-if="isAccessLogDomain(_site) || isErrorLogDomain(_site)">
# logging<!--
✔ access log domain --><span ng-if="isAccessLogDomain()">
access_log {{ accessLogDomainPath() }};</span><!--
✔ error log domain --><span ng-if="isErrorLogDomain()">
error_log {{ errorLogDomainPath() }};</span></span><!--
✔ access log domain --><span ng-if="isAccessLogDomain(_site)">
access_log {{ getAccessLogDomainPath(_site) }};</span><!--
✔ error log domain --><span ng-if="isErrorLogDomain(_site)">
error_log {{ getErrorLogDomainPath(_site) }};</span></span><!--
✔ index.php --><span ng-if="isIndexPHP()">
✔ index.php --><span ng-if="isIndexPHP(_site)">
# index.php
index index.php;</span><!--
✔ Fallback HTML || ✔ Fallback PHP --><span ng-if="(isFallbackHTML() || isFallbackPHP()) && (!isProxy() || data.proxy_path !== '/')">
✔ Fallback HTML || ✔ Fallback PHP --><span ng-if="(isFallbackHTML(_site) || isFallbackPHP(_site)) && (!isProxy(_site) || data.proxy_path !== '/')">
# {{ isFallbackHTML() ? 'index.html' : ( isFallbackPHP() ? 'index.php' : '' ) }} fallback
# {{ isFallbackHTML(_site) ? 'index.html' : ( isFallbackPHP(_site) ? 'index.php' : '' ) }} fallback
location / {
try_files $uri $uri/ {{ isFallbackHTML() ? '/index.html' : ( isFallbackPHP() ? '/index.php?$query_string' : '' ) }};
try_files $uri $uri/ {{ isFallbackHTML(_site) ? '/index.html' : ( isFallbackPHP(_site) ? '/index.php?$query_string' : '' ) }};
}</span><!--
✔ Fallback HTML && ✔ Fallback PHP --><span ng-if="isFallbackHTML() && isFallbackPHP()">
✔ Fallback HTML && ✔ Fallback PHP --><span ng-if="isFallbackHTML(_site) && isFallbackPHP(_site)">
# index.php fallback
location ~ ^{{ data.fallback_php_path }} {
location ~ ^{{ data.sites[_site].fallback_php_path }} {
try_files $uri $uri/ /index.php?$query_string;
}</span><!--
✔ Python --><span ng-if="isPython()">
✔ Python --><span ng-if="isPython(_site)">
# Python
location / {<!--
@@ -67,13 +74,25 @@ server {<!--
✔ unified --><span ng-if="isUnified()">
<!-- --> <ng-include ng-include-tabs="3" src="'templates/conf/nginxconfig.io/python_uwsgi.conf.html?v=COMMIT_HASH'" onload="refreshHighlighting()"></ng-include></span>
}</span><!--
}<!--
Reverse proxy --><span ng-if="isProxy()">
Django --><span ng-if="isDjango(_site)">
# Django media
location /media/ {
alias $base/media/;
}
# Django static
location /static/ {
alias $base/static/;
}</span></span><!--
✔ Reverse proxy --><span ng-if="isProxy(_site)">
# reverse proxy
location {{ data.proxy_path }} {
proxy_pass {{ data.proxy_pass }};<!--
location {{ data.sites[_site].proxy_path }} {
proxy_pass {{ data.sites[_site].proxy_pass }};<!--
✔ modularized --><span ng-if="isModularized()">
include nginxconfig.io/proxy.conf;</span><!--
@@ -82,15 +101,15 @@ server {<!--
<!-- --> <ng-include ng-include-tabs="3" src="'templates/conf/nginxconfig.io/proxy.conf.html?v=COMMIT_HASH'" onload="refreshHighlighting()"></ng-include></span>
}</span><!--
✔ PHP --><span ng-if="isPHP()">
✔ PHP --><span ng-if="isPHP(_site)">
# handle .php
location ~ {{ isLegacyPHPRouting() ? '[^/]\\.php(/|$)' : '\\.php$' }} {<!--
location ~ {{ isLegacyPHPRouting(_site) ? '[^/]\\.php(/|$)' : '\\.php$' }} {<!--
✔ modularized || ✔ WordPress --><span ng-if="isModularized() || isWordPress()">
✔ modularized || ✔ WordPress --><span ng-if="isModularized() || isWordPress(_site)">
include nginxconfig.io/php_fastcgi.conf;</span><!--
✔ unified && ✘ WordPress --><span ng-if="isUnified() && !isWordPress()">
✔ unified && ✘ WordPress --><span ng-if="isUnified() && !isWordPress(_site)">
<ng-include ng-include-tabs="{{ isUnified() ? 3 : 1 }}" src="'templates/conf/nginxconfig.io/php_fastcgi.conf.html?v=COMMIT_HASH'" onload="refreshHighlighting()"></ng-include></span>
}</span><!--
@@ -102,13 +121,13 @@ server {<!--
✔ modularized --><span ng-if="isModularized()">
include nginxconfig.io/general.conf;</span><!--
✔ modularized && ✔ WordPress --><span ng-if="isModularized() && isWordPress()">
✔ modularized && ✔ WordPress --><span ng-if="isModularized() && isWordPress(_site)">
include nginxconfig.io/wordpress.conf;</span><!--
✔ modularized && ✔ Drupal --><span ng-if="isModularized() && isDrupal()">
✔ modularized && ✔ Drupal --><span ng-if="isModularized() && isDrupal(_site)">
include nginxconfig.io/drupal.conf;</span><!--
✔ modularized && ✔ Magento --><span ng-if="isModularized() && isMagento()">
✔ modularized && ✔ Magento --><span ng-if="isModularized() && isMagento(_site)">
include nginxconfig.io/magento.conf;</span><!--
@@ -117,43 +136,43 @@ server {<!--
<!-- --><ng-include ng-include-tabs="2" src="'templates/conf/nginxconfig.io/general.conf.html?v=COMMIT_HASH'" onload="refreshHighlighting()"></ng-include></span><!--
✔ unified && ✔ WordPress --><span ng-if="isUnified() && isWordPress()">
✔ unified && ✔ WordPress --><span ng-if="isUnified() && isWordPress(_site)">
<!-- --><ng-include ng-include-tabs="2" src="'templates/conf/nginxconfig.io/wordpress.conf.html?v=COMMIT_HASH'" onload="refreshHighlighting()"></ng-include></span><!--
✔ unified && ✔ Drupal --><span ng-if="isUnified() && isDrupal()">
✔ unified && ✔ Drupal --><span ng-if="isUnified() && isDrupal(_site)">
<!-- --><ng-include ng-include-tabs="2" src="'templates/conf/nginxconfig.io/drupal.conf.html?v=COMMIT_HASH'" onload="refreshHighlighting()"></ng-include></span><!--
✔ unified && ✔ Magento --><span ng-if="isUnified() && isMagento()">
✔ unified && ✔ Magento --><span ng-if="isUnified() && isMagento(_site)">
<!-- --><ng-include ng-include-tabs="2" src="'templates/conf/nginxconfig.io/magento.conf.html?v=COMMIT_HASH'" onload="refreshHighlighting()"></ng-include></span>
}<!--
✔ CDN --><span ng-if="isCDN()">
✔ CDN --><span ng-if="isCDN(_site)">
# CDN
server {
listen {{ data.ipv4 !== '*' ? data.ipv4 + ':' : '' }}{{ isHTTPS() ? '443 ssl' : '80' }}{{ isHTTP2() ? ' http2' : '' }};<!--
listen {{ data.sites[_site].ipv4 !== '*' ? data.sites[_site].ipv4 + ':' : '' }}{{ isHTTPS(_site) ? '443 ssl' : '80' }}{{ isHTTP2(_site) ? ' http2' : '' }};<!--
✔ IPv6 --><span ng-if="isIPv6()">
listen [{{ data.ipv6 }}]:{{ isHTTPS() ? '443 ssl' : '80' }}{{ isHTTP2() ? ' http2' : '' }};</span>
✔ IPv6 --><span ng-if="isIPv6(_site)">
listen [{{ data.sites[_site].ipv6 }}]:{{ isHTTPS(_site) ? '443 ssl' : '80' }}{{ isHTTP2(_site) ? ' http2' : '' }};</span>
server_name cdn.{{ domain() }};
root /var/www/{{ domain() }}{{ data.document_root }};<span ng-if="!isAccessLog()">
server_name cdn.{{ _domain }};
root /var/www/{{ _domain }}{{ data.sites[_site].document_root }};<span ng-if="!isAccessLog()">
access_log off;</span><!--
✔ HTTPS --><span ng-if="isHTTPS()">
✔ HTTPS --><span ng-if="isHTTPS(_site)">
# SSL
ssl_certificate {{ sslCertificate() }};
ssl_certificate_key {{ sslCertificateKey() }};<!--
ssl_certificate {{ getSslCertificate(_site) }};
ssl_certificate_key {{ getSslCertificateKey(_site) }};<!--
✔ Let's Encrypt --><span ng-if="isCertLetsEncrypt()">
ssl_trusted_certificate /etc/letsencrypt/live/{{ domain() }}/fullchain.pem;</span></span>
✔ Let's Encrypt --><span ng-if="isCertLetsEncrypt(_site)">
ssl_trusted_certificate /etc/letsencrypt/live/{{ _domain }}/fullchain.pem;</span></span>
# disable access_log
access_log off;<!--
@@ -182,57 +201,57 @@ server {
✔ redirect --><span ng-if="isRedirect()">
✔ redirect --><span ng-if="isRedirect(_site)">
# {{ isWWW() ? 'non-www, ' : '' }}subdomains redirect
server {
listen {{ data.ipv4 !== '*' ? data.ipv4 + ':' : '' }}{{ isHTTPS() ? '443 ssl' : '80' }}{{ isHTTP2() ? ' http2' : '' }};<!--
listen {{ data.sites[_site].ipv4 !== '*' ? data.sites[_site].ipv4 + ':' : '' }}{{ isHTTPS() ? '443 ssl' : '80' }}{{ isHTTP2() ? ' http2' : '' }};<!--
✔ IPv6 --><span ng-if="isIPv6()">
listen [{{ data.ipv6 }}]:{{ isHTTPS() ? '443 ssl' : '80' }}{{ isHTTP2() ? ' http2' : '' }};</span>
✔ IPv6 --><span ng-if="isIPv6(_site)">
listen [{{ data.sites[_site].ipv6 }}]:{{ isHTTPS() ? '443 ssl' : '80' }}{{ isHTTP2() ? ' http2' : '' }};</span>
server_name {{ isWWW() ? ('.' + domain()) : ('*.' + domain()) }};<!--
server_name {{ isWWW() ? ('.' + _domain) : ('*.' + _domain) }};<!--
✔ HTTPS --><span ng-if="isHTTPS()">
✔ HTTPS --><span ng-if="isHTTPS(_site)">
# SSL
ssl_certificate {{ sslCertificate() }};
ssl_certificate_key {{ sslCertificateKey() }};<!--
ssl_certificate {{ getSslCertificate(_site) }};
ssl_certificate_key {{ getSslCertificateKey(_site) }};<!--
✔ Let's Encrypt --><span ng-if="isCertLetsEncrypt()">
ssl_trusted_certificate /etc/letsencrypt/live/{{ domain() }}/fullchain.pem;</span></span>
✔ Let's Encrypt --><span ng-if="isCertLetsEncrypt(_site)">
ssl_trusted_certificate /etc/letsencrypt/live/{{ _domain }}/fullchain.pem;</span></span>
return 301 http{{ isHTTPS() ? 's' : '' }}://{{ isWWW() ? 'www.' : '' }}{{ domain() }}$request_uri;
return 301 http{{ isHTTPS() ? 's' : '' }}://{{ isWWW() ? 'www.' : '' }}{{ _domain }}$request_uri;
}</span><!--
✔ forceHTTPS --><span ng-if="isForceHTTPS()">
✔ forceHTTPS --><span ng-if="isForceHTTPS(_site)">
# HTTP redirect
server {
listen {{ data.ipv4 !== '*' ? data.ipv4 + ':' : '' }}80;<!--
listen {{ data.sites[_site].ipv4 !== '*' ? data.sites[_site].ipv4 + ':' : '' }}80;<!--
✔ IPv6 --><span ng-if="isIPv6()">
listen [{{ data.ipv6 }}]:80;</span>
✔ IPv6 --><span ng-if="isIPv6(_site)">
listen [{{ data.sites[_site].ipv6 }}]:80;</span>
server_name .{{ domain() }};<!--
server_name .{{ _domain }};<!--
✔ modularized && ✔ Let's Encrypt --><span ng-if="isModularized() && isCertLetsEncrypt()">
✔ modularized && ✔ Let's Encrypt --><span ng-if="isModularized() && isCertLetsEncrypt(_site)">
include nginxconfig.io/letsencrypt.conf;</span><!--
✔ unified && ✔ Let's Encrypt --><span ng-if="isUnified() && isCertLetsEncrypt()">
✔ unified && ✔ Let's Encrypt --><span ng-if="isUnified() && isCertLetsEncrypt(_site)">
<ng-include ng-include-tabs="2" src="'templates/conf/nginxconfig.io/letsencrypt.conf.html?v=COMMIT_HASH'" onload="refreshHighlighting()"></ng-include></span><!--
✔ Let's Encrypt --><span ng-if="isCertLetsEncrypt()">
✔ Let's Encrypt --><span ng-if="isCertLetsEncrypt(_site)">
location / {
return 301 https://{{ isWWW() ? 'www.' : '' }}{{ domain() }}$request_uri;
return 301 https://{{ isWWW(_site) ? 'www.' : '' }}{{ _domain }}$request_uri;
}</span><!--
✘ Let's Encrypt --><span ng-if="!isCertLetsEncrypt()">
✘ Let's Encrypt --><span ng-if="!isCertLetsEncrypt(_site)">
return 301 https://{{ isWWW() ? 'www.' : '' }}{{ domain() }}$request_uri;</span>
return 301 https://{{ isWWW(_site) ? 'www.' : '' }}{{ _domain }}$request_uri;</span>
}</span>