2026-04-07 02:04:22 +05:30
|
|
|
server {
|
|
|
|
|
listen 80;
|
|
|
|
|
server_name {SERVER_NAMES};
|
|
|
|
|
index index.php index.html index.htm default.php default.htm default.html;
|
|
|
|
|
root {ROOT_PATH};
|
|
|
|
|
|
|
|
|
|
# Error pages
|
|
|
|
|
error_page 404 /404.html;
|
|
|
|
|
error_page 502 /502.html;
|
|
|
|
|
|
2026-04-07 10:35:44 +05:30
|
|
|
# ACME HTTP-01 (Let's Encrypt). Prefix match beats regex; explicit root; no try_files so server error_page cannot mask failures.
|
2026-04-07 10:23:05 +05:30
|
|
|
location ^~ /.well-known/acme-challenge/ {
|
2026-04-07 10:35:44 +05:30
|
|
|
root {ROOT_PATH};
|
2026-04-07 10:23:05 +05:30
|
|
|
default_type "text/plain";
|
2026-04-07 02:04:22 +05:30
|
|
|
allow all;
|
2026-04-07 10:35:44 +05:30
|
|
|
access_log off;
|
2026-04-07 02:04:22 +05:30
|
|
|
}
|
|
|
|
|
|
2026-04-07 10:23:05 +05:30
|
|
|
# Force HTTPS (skipped for ACME — see if block)
|
2026-04-07 02:04:22 +05:30
|
|
|
{FORCE_HTTPS_BLOCK}
|
|
|
|
|
|
|
|
|
|
# Custom redirects
|
|
|
|
|
{REDIRECTS_BLOCK}
|
|
|
|
|
|
|
|
|
|
# Static assets
|
|
|
|
|
location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$ {
|
|
|
|
|
expires 30d;
|
|
|
|
|
access_log off;
|
|
|
|
|
}
|
|
|
|
|
location ~ .*\.(js|css)?$ {
|
|
|
|
|
expires 12h;
|
|
|
|
|
access_log off;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
# PHP
|
|
|
|
|
location ~ \.php$ {
|
|
|
|
|
fastcgi_pass unix:/tmp/php-cgi-{PHP_VERSION}.sock;
|
|
|
|
|
fastcgi_index index.php;
|
|
|
|
|
include fastcgi.conf;
|
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
access_log {LOGS_PATH}/{SITE_NAME}.log;
|
|
|
|
|
error_log {LOGS_PATH}/{SITE_NAME}.error.log;
|
|
|
|
|
}
|
2026-04-07 10:23:05 +05:30
|
|
|
{SSL_SERVER_BLOCK}
|
