7x31/nginxconfig.io
1
0
Fork 0
mirror of https://github.com/digitalocean/nginxconfig.io.git synced 2025-08-09 10:22:33 +08:00
Code Issues Packages Projects Releases Wiki Activity

major refactor

Browse Source
This commit is contained in:
Szekeres Bálint
2018-02-18 14:02:11 +01:00
parent c3bd38b58f
commit fc21e3f87c
18 changed files with 592 additions and 353 deletions
Download Patch File Download Diff File Expand all files Collapse all files

44
public/templates/_general.conf.html
View File

@@ -1,44 +0,0 @@
# headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-UA-Compatible "IE=Edge" always;
add_header Cache-Control "no-transform" always;
# . files
location ~ /\. {
deny all;
}<span ng-if="data.expires_assets !== '' && data.expires_assets !== data.expires_media">
# assets
location ~* \.(?:{{ extensions.assets }})$ {
expires {{ data.expires_assets }};<span ng-if="data.access_log !== ''">
access_log off;</span>
}</span><span ng-if="data.expires_media !== ''">
# {{ data.expires_assets !== '' && data.expires_assets === data.expires_media ? 'assets, ' : '' }}media
location ~* \.(?:{{ data.expires_assets !== '' && data.expires_assets === data.expires_media ? extensions.assets + '|' : '' }}{{ extensions.images }}|{{ extensions.audio }}|{{ extensions.video }})$ {
expires {{ data.expires_media }};<span ng-if="data.access_log !== ''">
access_log off;</span>
}</span><span ng-if="data.expires_svg !== '' && data.expires_svg !== data.expires_fonts">
# svg
location ~* \.{{ extensions.svg }}$ {
add_header Access-Control-Allow-Origin "*";
expires {{ data.expires_svg }};<span ng-if="data.access_log !== ''">
access_log off;</span>
}</span><span ng-if="data.expires_fonts !== ''">
# {{ data.expires_svg !== '' && data.expires_svg === data.expires_fonts ? 'svg, ' : '' }}fonts
location ~* \.(?:{{ data.expires_svg !== '' && data.expires_svg === data.expires_fonts ? extensions.svg + '|' : '' }}{{ extensions.fonts }})$ {
add_header Access-Control-Allow-Origin "*";
expires {{ data.expires_fonts }};<span ng-if="data.access_log !== ''">
access_log off;</span>
}</span>
<span ng-if="data.gzip">
# gzip
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types {{ gzipTypes }};</span>

9
public/templates/_php.conf.html
View File

@@ -1,9 +0,0 @@
<span ng-if="data.file_structure === 'separated'"># index
index {{ data.index_html ? 'index.html ' : '' }}index.php;
</span># handle .php
location ~ \.php$ {<span ng-if="data.file_structure === 'separated'">
include _php_fastcgi.conf;
</span><span ng-if="data.file_structure === 'unified'">
<ng-include ng-include-tabs="{{ data.file_structure === 'unified' ? 3 : 1 }}" src="'templates/_php_fastcgi.conf.html'" onload="refreshHighlighting()"></ng-include></span>
}

10
public/templates/commands.html Normal file
View File

@@ -0,0 +1,10 @@
<span class="hljs-comment"># HTTPS: create Diffie-Hellman keys</span>
<span class="hljs-section">openssl dhparam</span> <span class="hljs-attribute">-dsaparam</span> <span class="hljs-attribute">-out</span> /etc/nginx/dhparam.pem <span class="hljs-number">2048</span><!--
✔ Let's Encrypt --><span ng-if="isLetsEncrypt()">
<span class="hljs-comment"># HTTPS: create ACME-challenge common directory</span>
<span class="hljs-section">sudo</span> <span class="hljs-attribute">-u</span> {{ data.user }} <span class="hljs-section">sh</span> <span class="hljs-attribute">-c</span> "<span class="hljs-section">mkdir</span> <span class="hljs-attribute">-p</span> /var/www/_letsencrypt"
<span class="hljs-comment"># HTTPS: certbot (obtain certificates)<br># disable before first run: <strong>ssl_certificate</strong>, <strong>ssl_certificate_key</strong>, <strong>ssl_trusted_certificate</strong></span>
<span class="hljs-section">certbot certonly</span> <span class="hljs-attribute">--webroot</span> <span class="hljs-attribute" tooltips tooltip-template="--domain">-d</span> {{ domain() }} <span class="hljs-attribute" tooltips tooltip-template="--domain">-d</span> www.{{ domain() }}<span ng-if="isCDN()"> <span class="hljs-attribute" tooltips tooltip-template="--domain">-d</span> cdn.{{ domain() }}</span> <span class="hljs-attribute">--email</span> {{ data.email ? data.email : 'hello@' + domain() }} <span class="hljs-attribute" tooltips tooltip-template="--webroot-path">-w</span> /var/www/_letsencrypt <span class="hljs-attribute" tooltips tooltip-template="--non-interactive">-n</span> <span class="hljs-attribute">--agree-tos</span> <span class="hljs-attribute">--force-renewal</span></span>

52
public/templates/conf/_general.conf.html Normal file
View File

@@ -0,0 +1,52 @@
# headers
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-XSS-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-UA-Compatible "IE=Edge" always;
add_header Cache-Control "no-transform" always;
# . files
location ~ /\. {
deny all;
}<span ng-if="data.expires_assets && data.expires_assets !== data.expires_media">
# assets
location ~* \.(?:{{ extensions.assets }})$ {
expires {{ data.expires_assets }};<!--
✘ accessLog --><span ng-if="isAccessLog()">
access_log off;</span>
}</span><span ng-if="data.expires_media">
# {{ data.expires_assets && data.expires_assets === data.expires_media ? 'assets, ' : '' }}media
location ~* \.(?:{{ data.expires_assets && data.expires_assets === data.expires_media ? extensions.assets + '|' : '' }}{{ extensions.images }}|{{ extensions.audio }}|{{ extensions.video }})$ {
expires {{ data.expires_media }};<!--
✘ accessLog --><span ng-if="isAccessLog()">
access_log off;</span>
}</span><span ng-if="data.expires_svg && data.expires_svg !== data.expires_fonts">
# svg
location ~* \.{{ extensions.svg }}$ {
add_header Access-Control-Allow-Origin "*";
expires {{ data.expires_svg }};<!--
✘ accessLog --><span ng-if="isAccessLog()">
access_log off;</span>
}</span><span ng-if="data.expires_fonts">
# {{ data.expires_svg && data.expires_svg === data.expires_fonts ? 'svg, ' : '' }}fonts
location ~* \.(?:{{ data.expires_svg && data.expires_svg === data.expires_fonts ? extensions.svg + '|' : '' }}{{ extensions.fonts }})$ {
add_header Access-Control-Allow-Origin "*";
expires {{ data.expires_fonts }};<!--
✘ accessLog --><span ng-if="isAccessLog()">
access_log off;</span>
}</span>
<span ng-if="isGzip()">
# gzip
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types {{ gzipTypes }};</span>

0
public/templates/_letsencrypt.conf.html → public/templates/conf/_letsencrypt.conf.html
View File

14
public/templates/conf/_php.conf.html Normal file
View File

@@ -0,0 +1,14 @@
<!--
✔ modularized --><span ng-if="isModularized()"># index
index {{ isIndexHtml() ? 'index.html ' : '' }}index.php;
</span><!--
--># handle .php
location ~ \.php$ {<!--
✔ modularized || ✔ WordPress --><span ng-if="isModularized() || isWordPress()">
include _php_fastcgi.conf;</span><!--
✔ unified && ✘ WordPress --><span ng-if="isUnified() && !isWordPress()">
<ng-include ng-include-tabs="{{ isUnified() ? 3 : 1 }}" src="'templates/conf/_php_fastcgi.conf.html'" onload="refreshHighlighting()"></ng-include></span>
}

0
public/templates/_php_fastcgi.conf.html → public/templates/conf/_php_fastcgi.conf.html
View File

0
public/templates/_ssl.conf.html → public/templates/conf/_ssl.conf.html
View File

2
public/templates/_wordpress.conf.html → public/templates/conf/_wordpress.conf.html
View File

@@ -21,7 +21,7 @@ location ~* ^/wp-content/plugins/.*\.(?!{{ extensions.assets }}|{{ extensions.fo
# WordPress stuff
location ~* ^/(?:xmlrpc\.php|wp-links-opml\.php|wp-config\.php|wp-config-sample\.php|wp-comments-post\.php|readme\.html|license\.txt)$ {
deny all;
}<span ng-if="data.limit_req">
}<span ng-if="isLimitReq()">
# wp-login.php throttle
location = /wp-login.php {

168
public/templates/conf/example.com.conf.html Normal file
View File

@@ -0,0 +1,168 @@
server {
listen {{ isHTTPS() ? '443 ssl' : '80' }}{{ isHTTP2() ? ' http2' : '' }};
listen [::]:{{ isHTTPS() ? '443 ssl' : '80' }}{{ isHTTP2() ? ' http2' : '' }};
server_name {{ isWWW() ? 'www.' : '' }}{{ domain() }};<!--
✔ PHP --><span ng-if="isPHP()">
set $base /var/www/{{ domain() }};
root $base{{ data.document_root }};</span><!--
✘ PHP --><span ng-if="!isPHP()">
root /var/www/{{ domain() }}{{ data.document_root }};</span><!--
✔ HTTPS --><span ng-if="isHTTPS()">
# SSL certificate
ssl_certificate {{ sslCertificate() }};
ssl_certificate_key {{ sslCertificateKey() }};<!--
✔ Let's Encrypt --><span ng-if="isLetsEncrypt()">
ssl_trusted_certificate /etc/letsencrypt/live/{{ domain() }}/fullchain.pem;</span>
# SSL config
include _ssl.conf;</span><!--
✔ unified && ✔ PHP --><span ng-if="isUnified() && isPHP()">
# index
index {{ isIndexHtml() ? 'index.html ' : '' }}index.php;</span><!--
(✔ PHP && ✔ index.php) || ✔ index.html --><span ng-if="isIndexPhp() || isIndexHtml()">
# $uri{{ isIndexHtml() ? ', index.html' : '' }}{{ isIndexPhp() ? ', index.php' : '' }}
location / {
try_files $uri $uri/ {{ isIndexHtml() ? '/index.html' : '' }}{{ isIndexHtml() && isIndexPhp() ? ' ' : '' }}{{ isIndexPhp() ? '/index.php?$query_string' : '' }};
}</span><!--
✔ unified --><span ng-if="isModularized()">
</span><!--
✔ modularized && ✔ Let's Encrypt --><span ng-if="isModularized() && isLetsEncrypt()">
include _letsencrypt.conf;</span><!--
✔ modularized --><span ng-if="isModularized()">
include _general.conf;</span><!--
✔ modularized && ✔ WordPress --><span ng-if="isModularized() && isWordPress()">
include _wordpress.conf;</span><!--
✔ modularized && ✔ PHP --><span ng-if="isModularized() && isPHP()">
include _php.conf;</span><!--
✔ unified && ✔ Let's Encrypt --><span ng-if="isUnified() && isLetsEncrypt()">
<!-- --><ng-include ng-include-tabs="2" src="'templates/conf/_letsencrypt.conf.html'" onload="refreshHighlighting()"></ng-include></span><!--
✔ unified --><span ng-if="isUnified()">
<!-- --><ng-include ng-include-tabs="2" src="'templates/conf/_general.conf.html'" onload="refreshHighlighting()"></ng-include></span><!--
✔ unified && ✔ WordPress --><span ng-if="isUnified() && isWordPress()">
<!-- --><ng-include ng-include-tabs="2" src="'templates/conf/_wordpress.conf.html'" onload="refreshHighlighting()"></ng-include></span><!--
✔ modularized && ✔ PHP --><span ng-if="isUnified() && isPHP()">
<!-- --><ng-include ng-include-tabs="2" src="'templates/conf/_php.conf.html'" onload="refreshHighlighting()"></ng-include></span>
}<!--
✔ CDN --><span ng-if="isCDN()">
# CDN
server {
listen {{ isHTTPS() ? '443 ssl' : '80' }}{{ isHTTP2() ? ' http2' : '' }};
listen [::]:{{ isHTTPS() ? '443 ssl' : '80' }}{{ isHTTP2() ? ' http2' : '' }};
server_name cdn.{{ domain() }};
root /var/www/{{ domain() }}{{ data.document_root }};<span ng-if="!isAccessLog()">
access_log off;</span><!--
✔ HTTPS --><span ng-if="isHTTPS()">
# SSL certificate
ssl_certificate {{ sslCertificate() }};
ssl_certificate_key {{ sslCertificateKey() }};<!--
✔ Let's Encrypt --><span ng-if="isLetsEncrypt()">
ssl_trusted_certificate /etc/letsencrypt/live/{{ domain() }}/fullchain.pem;</span>
# SSL config
include _ssl.conf;</span><!--
✔ modularized && ✔ Let's Encrypt --><span ng-if="isModularized() && isLetsEncrypt()">
include _letsencrypt.conf;</span><!--
✔ unified && ✔ Let's Encrypt --><span ng-if="isUnified() && isLetsEncrypt()">
<ng-include ng-include-tabs="2" src="'templates/conf/_letsencrypt.conf.html'" onload="refreshHighlighting()"></ng-include></span>
# disable access_log
access_log off;<!--
✔ Gzip --><span ng-if="isGzip()">
# gzip
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types {{ gzipTypes }};</span>
# allow safe files
location ~* \.(?:{{ extensions.assets }}|{{ extensions.fonts }}|{{ extensions.svg }}|{{ extensions.images }}|{{ extensions.audio }}|{{ extensions.video }}|{{ extensions.docs }})$ {
add_header Access-Control-Allow-Origin "*";
add_header Cache-Control "public";
expires 30d;
}
# deny everything else
location / {
deny all;
}
}</span>
<!--
-->
# {{ isWWW() ? 'non-www, ' : '' }}subdomains redirect
server {
listen {{ isHTTPS() ? '443 ssl' : '80' }}{{ isHTTP2() ? ' http2' : '' }};
listen [::]:{{ isHTTPS() ? '443 ssl' : '80' }}{{ isHTTP2() ? ' http2' : '' }};
server_name {{ isWWW() ? domain() + ' ' : '' }}*.{{ domain() }};<!--
✔ HTTPS --><span ng-if="isHTTPS()">
# SSL certificate
ssl_certificate /etc/letsencrypt/live/{{ domain() }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ domain() }}/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/{{ domain() }}/fullchain.pem;
# SSL config
include _ssl.conf;</span>
return 301 https://{{ isWWW() ? 'www.' : '' }}{{ domain() }}$request_uri;
}</span><!--
✔ HTTPS --><span ng-if="isHTTPS()">
# HTTP redirect
server {
listen 80;
listen [::]:80;
server_name {{ domain() }} *.{{ domain() }};
return 301 https://{{ isWWW() ? 'www.' : '' }}{{ domain() }}$request_uri;
}</span>

24
public/templates/nginx.conf.html → public/templates/conf/nginx.conf.html
View File

@@ -12,30 +12,32 @@ http {
charset utf-8;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
types_hash_max_size 2048;<span ng-if="!data.server_tokens">
server_tokens off;</span><span ng-if="!data.log_not_found">
log_not_found off;</span>
tcp_nodelay on;<!--
✘ serverTokens --><span ng-if="!isServerTokens()">
server_tokens off;</span><!--
✘ logNotFound --><span ng-if="!isLogNotFound()">
log_not_found off;</span>
types_hash_max_size 2048;
client_max_body_size {{ data.client_max_body_size }}M;
client_body_buffer_size 128k;
# mime
include mime.types;
default_type application/octet-stream;
# logging<span ng-if="data.access_log !== ''">
access_log {{ data.access_log }};</span>
# logging
access_log {{ isAccessLog() ? data.access_log : 'off' }};
error_log {{ data.error_log }} warn;<span ng-if="data.limit_req">
# limits
limit_req_log_level warn;
limit_req_zone $binary_remote_addr zone=login:10m rate=10r/m;</span>
# include configs
include /etc/nginx/conf.d/*.conf;<span ng-if="data.file_structure === 'separated'">
# load configs
include /etc/nginx/conf.d/*.conf;<span ng-if="data.file_structure === 'modularized'">
include /etc/nginx/sites-enabled/*;</span><span ng-if="data.file_structure === 'unified'">
# {{ !data.non_www ? 'www.' : '' }}{{ data.domain }}
<ng-include ng-include-tabs="1" src="'templates/example.com.conf.html'" sonload="refreshHighlighting()"></ng-include></span>
# {{ !data.non_www ? 'www.' : '' }}{{ domain() }}
<ng-include ng-include-tabs="1" src="'templates/conf/example.com.conf.html'" sonload="refreshHighlighting()"></ng-include></span>
}

167
public/templates/example.com.conf.html
View File

@@ -1,167 +0,0 @@
<span ng-if="data.https">server {
listen 443 ssl{{ data.http2 ? ' http2' : '' }};
listen [::]:443 ssl{{ data.http2 ? ' http2' : '' }};
server_name {{ !data.non_www ? 'www.' : '' }}{{ data.domain }};<span ng-if="data.php !== 'off'">
set $base /var/www/{{ data.domain }};
root $base{{ data.document_root }};</span><span ng-if="data.php === 'off'">
root /var/www/{{ data.domain }}{{ data.document_root }};</span>
ssl_certificate /etc/letsencrypt/live/{{ data.domain }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ data.domain }}/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/{{ data.domain }}/fullchain.pem;<span ng-if="data.file_structure === 'unified' && data.php !== 'off'">
# index
index {{ data.index_html ? 'index.html ' : '' }}index.php;</span><span ng-if="(data.php !== 'off' && data.index_php) || data.index_html">
# $url{{ data.index_html ? ', index.html' : '' }}{{ data.php !== 'off' && data.index_php ? ', index.php' : '' }}
location / {
try_files $uri $uri/ {{ data.index_html ? '/index.html' : '' }}{{ data.index_html && data.php !== 'off' && data.index_php ? ' ' : '' }}{{ data.php !== 'off' && data.index_php ? '/index.php?$query_string' : '' }};
}</span>
include _ssl.conf;<span ng-if="data.file_structure === 'separated'">
include _letsencrypt.conf;
include _general.conf;<span ng-if="data.php !== 'off' && data.wordpress">
include _wordpress.conf;</span><span ng-if="data.php !== 'off'">
include _php.conf;</span></span><span ng-if="data.file_structure === 'unified'">
<ng-include ng-include-tabs="2" src="'templates/_letsencrypt.conf.html'" onload="refreshHighlighting()"></ng-include>
<ng-include ng-include-tabs="2" src="'templates/_general.conf.html'" onload="refreshHighlighting()"></ng-include><span ng-if="data.php !== 'off' && data.wordpress">
<ng-include ng-include-tabs="2" src="'templates/_wordpress.conf.html'" onload="refreshHighlighting()"></ng-include></span><span ng-if="data.php !== 'off'">
<ng-include ng-include-tabs="2" src="'templates/_php.conf.html'" onload="refreshHighlighting()"></ng-include></span></span>
}<span ng-if="data.cdn">
# CDN
server {
listen 443 ssl{{ data.http2 ? ' http2' : '' }};
listen [::]:443 ssl{{ data.http2 ? ' http2' : '' }};
server_name cdn.{{ data.domain }};
root /var/www/{{ data.domain }}{{ data.document_root }};<span ng-if="data.access_log !== ''">
access_log off;</span>
ssl_certificate /etc/letsencrypt/live/{{ data.domain }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ data.domain }}/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/{{ data.domain }}/fullchain.pem;<span ng-if="data.gzip">
# gzip
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types {{ gzipTypes }};</span>
include _ssl.conf;<span ng-if="data.file_structure === 'separated'">
include _letsencrypt.conf;</span><span ng-if="data.file_structure === 'unified'">
<ng-include ng-include-tabs="2" src="'templates/_letsencrypt.conf.html'" onload="refreshHighlighting()"></ng-include></span>
location ~* \.(?:{{ extensions.assets }}|{{ extensions.fonts }}|{{ extensions.svg }}|{{ extensions.images }}|{{ extensions.audio }}|{{ extensions.video }}|{{ extensions.docs }})$ {
add_header Access-Control-Allow-Origin "*";
add_header Cache-Control "public";
expires 30d;
}
location / {
deny all;
}
}</span>
# HTTPS {{ !data.non_www ? 'domain, ' : '' }}subdomains redirect
server {
listen 443 ssl{{ data.http2 ? ' http2' : '' }};
listen [::]:443 ssl{{ data.http2 ? ' http2' : '' }};
server_name {{ !data.non_www ? data.domain + ' ' : '' }}*.{{ data.domain }};
ssl_certificate /etc/letsencrypt/live/{{ data.domain }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ data.domain }}/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/{{ data.domain }}/fullchain.pem;
include _ssl.conf;<span ng-if="data.file_structure === 'separated'">
include _letsencrypt.conf;</span><span ng-if="data.file_structure === 'unified'">
<ng-include ng-include-tabs="2" src="'templates/_letsencrypt.conf.html'" onload="refreshHighlighting()"></ng-include></span>
return 301 https://{{ !data.non_www ? 'www.' : '' }}{{ data.domain }}$request_uri;
}
# HTTP redirect
server {
listen 80;
listen [::]:80;
server_name {{ data.domain }} *.{{ data.domain }};
<span ng-if="data.file_structure === 'separated'">
include _letsencrypt.conf;</span><span ng-if="data.file_structure === 'unified'">
<ng-include ng-include-tabs="2" src="'templates/_letsencrypt.conf.html'" onload="refreshHighlighting()"></ng-include></span>
return 301 https://{{ !data.non_www ? 'www.' : '' }}{{ data.domain }}$request_uri;
}</span><span ng-if="!data.https">server {
listen 80;
listen [::]:80;
server_name {{ !data.non_www ? 'www.' : '' }}{{ data.domain }};<span ng-if="data.php !== 'off'">
set $base /var/www/{{ data.domain }};
root $base{{ data.document_root }};</span><span ng-if="data.php === 'off'">
root /var/www/{{ data.domain }}{{ data.document_root }};</span><span ng-if="data.file_structure === 'unified' && data.php !== 'off'">
# index
index {{ data.index_html ? 'index.html ' : '' }}index.php;</span><span ng-if="(data.php !== 'off' && data.index_php) || data.index_html">
# $url{{ data.index_html ? ', index.html' : '' }}{{ data.php !== 'off' && data.index_php ? ', index.php' : '' }}
location / {
try_files $uri $uri/ {{ data.index_html ? '/index.html' : '' }}{{ data.index_html && data.php !== 'off' && data.index_php ? ' ' : '' }}{{ data.php !== 'off' && data.index_php ? '/index.php?$query_string' : '' }};
}</span>
<span ng-if="data.file_structure === 'separated'">
include _general.conf;<span ng-if="data.php !== 'off' && data.wordpress">
include _wordpress.conf;</span><span ng-if="data.php !== 'off'">
include _php.conf;</span></span><span ng-if="data.file_structure === 'unified'">
<ng-include ng-include-tabs="2" src="'templates/_general.conf.html'" onload="refreshHighlighting()"></ng-include><span ng-if="data.php !== 'off' && data.wordpress">
<ng-include ng-include-tabs="2" src="'templates/_wordpress.conf.html'" onload="refreshHighlighting()"></ng-include></span><span ng-if="data.php !== 'off'">
<ng-include ng-include-tabs="2" src="'templates/_php.conf.html'" onload="refreshHighlighting()"></ng-include></span></span>
}<span ng-if="data.cdn">
# CDN
server {
listen 80;
listen [::]:80;
server_name cdn.{{ data.domain }};
root /var/www/{{ data.domain }}{{ data.document_root }};<span ng-if="data.access_log !== ''">
access_log off;</span><span ng-if="data.gzip">
# gzip
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_types {{ gzipTypes }};</span>
location ~* \.(?:{{ extensions.assets }}|{{ extensions.fonts }}|{{ extensions.svg }}|{{ extensions.images }}|{{ extensions.audio }}|{{ extensions.video }}|{{ extensions.docs }})$ {
add_header Access-Control-Allow-Origin "*";
add_header Cache-Control "public";
expires 30d;
}
location / {
deny all;
}
}</span>
# {{ !data.non_www ? 'domain, ' : '' }}subdomains redirect
server {
listen 80;
listen [::]:80;
server_name {{ !data.non_www ? data.domain + ' ' : '' }}*.{{ data.domain }};
return 301 http://{{ !data.non_www ? 'www.' : '' }}{{ data.domain }}$request_uri;
}</span>