mirror of
				https://github.com/casjaysdevdocker/tools
				synced 2025-10-25 08:02:13 -04:00 
			
		
		
		
	applications/php/scripts/packages.sh applications/postgres/scripts/install.sh applications/redis/config/ applications/redis/scripts/commands.sh configs/nginx/nginx.conf configs/nginx/nginx.ssl.conf configs/nginx/vhosts.d/default.conf configs/nginx/vhosts.d/default.conf.sample configs/nginx/vhosts.d/default.ssl.conf configs/nginx/vhosts.d/default.ssl.sample configs/phppgadmin/ configs/postgres/ init/ wwwroot/404.html wwwroot/cgi-bin/ wwwroot/css/ wwwroot/favicon.ico wwwroot/health/ wwwroot/images/ wwwroot/index.php wwwroot/info.php wwwroot/js/ wwwroot/robots.txt wwwroot/site.webmanifest wwwroot/www/404.html wwwroot/www/cgi-bin/env.cgi wwwroot/www/cgi-bin/env.php wwwroot/www/cgi-bin/env.pl wwwroot/www/cgi-bin/env.py wwwroot/www/cgi-bin/env.rb wwwroot/www/cgi-bin/printenv wwwroot/www/cgi-bin/printenv.vbs wwwroot/www/cgi-bin/printenv.wsf wwwroot/www/cgi-bin/test-cgi wwwroot/www/css/bootstrap.css wwwroot/www/css/bootstrap.min.css wwwroot/www/css/bs.plain.css wwwroot/www/css/cookieconsent.css wwwroot/www/css/errorpages.css wwwroot/www/css/index.css wwwroot/www/favicon.ico wwwroot/www/health/health/index.json wwwroot/www/health/health/index.txt wwwroot/www/health/index.json wwwroot/www/health/index.txt wwwroot/www/images/403.png wwwroot/www/images/404.gif wwwroot/www/images/bg.png wwwroot/www/images/favicon.ico wwwroot/www/images/icon.png wwwroot/www/images/icon.svg wwwroot/www/index.php wwwroot/www/info.php wwwroot/www/js/app.js wwwroot/www/js/bootstrap.min.js wwwroot/www/js/errorpages/homepage.js wwwroot/www/js/errorpages/isup.js wwwroot/www/js/errorpages/loaddomain.js wwwroot/www/js/errorpages/scale.fix.js wwwroot/www/js/jquery/default.js wwwroot/www/js/passprotect.min.js wwwroot/www/robots.txt wwwroot/www/site.webmanifest
		
			
				
	
	
		
			132 lines
		
	
	
		
			6.4 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
			
		
		
	
	
			132 lines
		
	
	
		
			6.4 KiB
		
	
	
	
		
			Plaintext
		
	
	
	
	
	
| # Default nginx configuration
 | |
| user                                         root;
 | |
| worker_processes                             auto;
 | |
| daemon                                       off;
 | |
| error_log                                    /data/logs/nginx/nginx.log warn;
 | |
| pid                                          /run/nginx.pid;
 | |
| 
 | |
| events {
 | |
|     worker_connections 1024;
 | |
| }
 | |
| 
 | |
| http {
 | |
|     include                                  /etc/nginx/mime.types;
 | |
|     default_type                             "text/html";
 | |
|     access_log                               /data/logs/nginx/access.default.log;
 | |
|     sendfile                                 on;
 | |
|     keepalive_timeout                        65;
 | |
|     gzip                                     on;
 | |
|     map                                      $http_upgrade $connection_upgrade { default upgrade; '' close; }
 | |
|     disable_symlinks                         off;
 | |
|     root                                     REPLACE_SERVER_WWW_DIR;
 | |
| 
 | |
|     server {
 | |
|         listen                               REPLACE_SERVER_PORT;
 | |
|         server_name                          REPLACE_SERVER_NAME;
 | |
|         root                                 REPLACE_SERVER_WWW_DIR;
 | |
|         index                                index.php index.cgi index.pl index.aspx index.txt index.json index.html index.unknown.php index.default.php;
 | |
|         add_header X-Frame-Options           "SAMEORIGIN" always;
 | |
|         add_header X-XSS-Protection          "1; mode=block" always;
 | |
|         add_header X-Content-Type-Options    "nosniff" always;
 | |
|         add_header Referrer-Policy           "no-referrer-when-downgrade" always;
 | |
|         add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
 | |
|         add_header Content-Security-Policy   "script-src 'self' 'unsafe-inline' 'unsafe-eval' *; frame-src 'self' *; object-src 'self'" always;
 | |
|         ssl_protocols                        TLSv1.2 TLSv1.3;
 | |
|         ssl_ciphers                          ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
 | |
|         ssl_prefer_server_ciphers            off;
 | |
|         ssl_certificate                      /etc/ssl/localhost.crt;
 | |
|         ssl_certificate_key                  /etc/ssl/localhost.key;
 | |
|         proxy_intercept_errors               off;
 | |
| 
 | |
|         location ^~ /.well-known {
 | |
|             default_type "text/plain";
 | |
|             root                              REPLACE_SERVER_WWW_DIR/.well-known;
 | |
|         }
 | |
| 
 | |
|         location ^~ = /favicon.ico {
 | |
|             log_not_found                    off;
 | |
|             access_log                       off;
 | |
|         }
 | |
| 
 | |
|         location ^~ = /robots.txt {
 | |
|             allow                            all;
 | |
|             log_not_found                    off;
 | |
|             access_log                       off;
 | |
|         }
 | |
| 
 | |
|         location ^~ /health {
 | |
|             default_type text/html;
 | |
|             allow                            all;
 | |
|             access_log                       off;
 | |
|             return                           200 'OK';
 | |
|         }
 | |
| 
 | |
|         location ^~ /health/json {
 | |
|             default_type application/json;
 | |
|             allow                            all;
 | |
|             access_log                       off;
 | |
|             return                           200 '{"status":"OK"}';
 | |
|         }
 | |
|         
 | |
|         location ^~ /health/status {
 | |
|             stub_status;
 | |
|         }
 | |
| 
 | |
|         location ~ [^/]\.php(/|$) {
 | |
|             fastcgi_split_path_info ^(.+?\.php)(/.*)$;
 | |
|             if (!-f $document_root$fastcgi_script_name) {
 | |
|                 return 404;
 | |
|             }
 | |
|             fastcgi_param                     HTTP_PROXY "";
 | |
|             fastcgi_pass                      127.0.0.1:9000;
 | |
|             fastcgi_index                     index.php;
 | |
|             fastcgi_param  QUERY_STRING       $query_string;
 | |
|             fastcgi_param  REQUEST_METHOD     $request_method;
 | |
|             fastcgi_param  CONTENT_TYPE       $content_type;
 | |
|             fastcgi_param  CONTENT_LENGTH     $content_length;
 | |
|             fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
 | |
|             fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
 | |
|             fastcgi_param  REQUEST_URI        $request_uri;
 | |
|             fastcgi_param  DOCUMENT_URI       $document_uri;
 | |
|             fastcgi_param  DOCUMENT_ROOT      $document_root;
 | |
|             fastcgi_param  SERVER_PROTOCOL    $server_protocol;
 | |
|             fastcgi_param  REQUEST_SCHEME     $scheme;
 | |
|             fastcgi_param  HTTPS              $https if_not_empty;
 | |
|             fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
 | |
|             fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
 | |
|             fastcgi_param  REMOTE_ADDR        $remote_addr;
 | |
|             fastcgi_param  REMOTE_PORT        $remote_port;
 | |
|             fastcgi_param  SERVER_ADDR        $server_addr;
 | |
|             fastcgi_param  SERVER_PORT        $server_port;
 | |
|             fastcgi_param  SERVER_NAME        $server_name;
 | |
|             # PHP only, required if PHP was built with --enable-force-cgi-redirect
 | |
|             fastcgi_param  REDIRECT_STATUS    200;
 | |
| 
 | |
|         }
 | |
|         # location /cgi-bin {
 | |
|             # root                             /usr/local/share/wwwroot/cgi-bin;
 | |
|             # gzip off;
 | |
|             # fastcgi_pass   unix:/var/run/fcgiwrap.socket;
 | |
|             # fastcgi_param                     HTTP_PROXY "";
 | |
|             # fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
 | |
|             # fastcgi_param  SERVER_SOFTWARE    nginx;
 | |
|             # fastcgi_param  QUERY_STRING       $query_string;
 | |
|             # fastcgi_param  REQUEST_METHOD     $request_method;
 | |
|             # fastcgi_param  CONTENT_TYPE       $content_type;
 | |
|             # fastcgi_param  CONTENT_LENGTH     $content_length;
 | |
|             # fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
 | |
|             # fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
 | |
|             # fastcgi_param  REQUEST_URI        $request_uri;
 | |
|             # fastcgi_param  DOCUMENT_URI       $document_uri;
 | |
|             # fastcgi_param  DOCUMENT_ROOT      $document_root;
 | |
|             # fastcgi_param  SERVER_PROTOCOL    $server_protocol;
 | |
|             # fastcgi_param  REMOTE_ADDR        $remote_addr;
 | |
|             # fastcgi_param  REMOTE_PORT        $remote_port;
 | |
|             # fastcgi_param  SERVER_ADDR        $server_addr;
 | |
|             # fastcgi_param  SERVER_PORT        $server_port;
 | |
|             # fastcgi_param  SERVER_NAME        $server_name;
 | |
| # }
 | |
|     }
 | |
|         include /etc/nginx/vhosts.d/*.conf;
 | |
| }
 |