52 lines
1.9 KiB
Plaintext
52 lines
1.9 KiB
Plaintext
server {
|
|
listen *:443 ssl;
|
|
listen [::]:443 ssl;
|
|
server_name taoghq.com www.taoghq.com;
|
|
error_log /var/log/nginx/error.log error;
|
|
|
|
root /home/zino/projects/dockers/docker-wordpress-taoghq/volumes/wordpress;
|
|
index index.php;
|
|
|
|
ssl_certificate /etc/letsencrypt/live/taoghq.com/fullchain.pem; # managed by Certbot
|
|
ssl_certificate_key /etc/letsencrypt/live/taoghq.com/privkey.pem; # managed by Certbot
|
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
|
|
|
location ~ /(\.user\.ini|debug\.log) {
|
|
deny all;
|
|
}
|
|
|
|
location / {
|
|
try_files $uri $uri/ /index.php?$args;
|
|
add_header Content-Security-Policy "font-src * data: blob: 'unsafe-inline'; script-src * 'unsafe-inline' 'unsafe-eval'; connect-src * 'unsafe-inline'; img-src * data: blob: 'unsafe-inline'; frame-src *; style-src * 'unsafe-inline';" always;
|
|
|
|
proxy_set_header Host $http_host;
|
|
proxy_set_header X-Forwarded-Host $host:$server_port;
|
|
proxy_set_header X-Forwarded-Server $host;
|
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
|
proxy_pass http://127.0.0.1:8081;
|
|
proxy_set_header X-Forwarded-Proto $scheme;
|
|
}
|
|
|
|
location = /favicon.ico {
|
|
log_not_found off;
|
|
access_log off;
|
|
}
|
|
|
|
location = /robots.txt {
|
|
allow all;
|
|
log_not_found off;
|
|
access_log off;
|
|
}
|
|
|
|
location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
|
|
expires max;
|
|
log_not_found off;
|
|
}
|
|
|
|
if (!-e $request_filename) {
|
|
rewrite /wp-admin$ $scheme://$host$uri/ permanent;
|
|
rewrite ^(/[^/]+)?(/wp-.*) $2 last;
|
|
rewrite ^(/[^/]+)?(/.*\.php) $2 last;
|
|
}
|
|
} |