nginx_vhost.conf.master 8.43 KB
Newer Older
1
server {
Falko Timme's avatar
Falko Timme committed
2
        listen <tmpl_var name='ip_address'>:80;
Falko Timme's avatar
Falko Timme committed
3
<tmpl_if name='ipv6_enabled'>
4
        listen [<tmpl_var name='ipv6_address'>]:80;
Falko Timme's avatar
Falko Timme committed
5
</tmpl_if>
Falko Timme's avatar
Falko Timme committed
6
		
Falko Timme's avatar
Falko Timme committed
7
<tmpl_if name='ssl_enabled'>
Patrick Anders's avatar
Patrick Anders committed
8
        listen <tmpl_var name='ip_address'>:443 ssl{tmpl_if name='enable_spdy' op='==' value='y'} spdy{/tmpl_if};
9
		ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
Falko Timme's avatar
Falko Timme committed
10
<tmpl_if name='ipv6_enabled'>
11
        listen [<tmpl_var name='ipv6_address'>]:443 ssl{tmpl_if name='enable_spdy' op='==' value='y'} spdy{/tmpl_if};;
Falko Timme's avatar
Falko Timme committed
12
</tmpl_if>
Falko Timme's avatar
Falko Timme committed
13 14
        ssl_certificate <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.crt;
        ssl_certificate_key <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.key;
Falko Timme's avatar
Falko Timme committed
15
</tmpl_if>
Falko Timme's avatar
Falko Timme committed
16 17
        
        server_name <tmpl_var name='domain'> <tmpl_var name='alias'>;
18

Falko Timme's avatar
Falko Timme committed
19
        root   <tmpl_var name='web_document_root_www'>;
20
		
Falko Timme's avatar
Falko Timme committed
21
<tmpl_if name='seo_redirect_enabled'>
22
        if ($http_host <tmpl_var name='seo_redirect_operator'> "<tmpl_var name='seo_redirect_origin_domain'>") {
23
            rewrite ^ $scheme://<tmpl_var name='seo_redirect_target_domain'>$request_uri? permanent;
Falko Timme's avatar
Falko Timme committed
24
        }
Falko Timme's avatar
Falko Timme committed
25
</tmpl_if>
26 27 28
<tmpl_loop name="alias_seo_redirects">
        if ($http_host <tmpl_var name='alias_seo_redirect_operator'> "<tmpl_var name='alias_seo_redirect_origin_domain'>") {
            rewrite ^ $scheme://<tmpl_var name='alias_seo_redirect_target_domain'>$request_uri? permanent;
29
        }
Falko Timme's avatar
Falko Timme committed
30
</tmpl_loop>
31 32 33 34 35
<tmpl_loop name="local_redirects">
        if ($http_host <tmpl_var name='local_redirect_operator'> "<tmpl_var name='local_redirect_origin_domain'>") {
            rewrite ^<tmpl_var name='local_redirect_exclude'>(.*)$ <tmpl_var name='local_redirect_target'>$2 <tmpl_var name='local_redirect_type'>;
        }
</tmpl_loop>
36 37 38

<tmpl_loop name="own_redirects">
<tmpl_if name='use_rewrite'>
39
        <tmpl_if name='exclude_own_hostname'>if ($http_host != "<tmpl_var name='exclude_own_hostname'>") { </tmpl_if>rewrite ^<tmpl_var name='rewrite_exclude'>(.*)$ <tmpl_var name='rewrite_target'>$2 <tmpl_var name='rewrite_type'>;<tmpl_if name='exclude_own_hostname'> }</tmpl_if>
40 41 42 43
</tmpl_if>
<tmpl_if name='use_proxy'>
        location / {
            proxy_pass <tmpl_var name='rewrite_target'>;
44
            <tmpl_if name='rewrite_subdir'>rewrite ^/<tmpl_var name='rewrite_subdir'>(.*) /$1;</tmpl_if>
45 46 47 48 49 50 51
<tmpl_loop name="proxy_directives">
        <tmpl_var name='proxy_directive'>
</tmpl_loop>
        }
</tmpl_if>
</tmpl_loop>
<tmpl_if name='use_proxy' op='!=' value='y'>		
52
        index index.html index.htm index.php index.cgi index.pl index.xhtml;
Falko Timme's avatar
Falko Timme committed
53
		
Falko Timme's avatar
Falko Timme committed
54
<tmpl_if name='ssi' op='==' value='y'>		
Falko Timme's avatar
Falko Timme committed
55 56
        location ~ \.shtml$ {
            ssi on;
57
        }
Falko Timme's avatar
Falko Timme committed
58
</tmpl_if>
59

Falko Timme's avatar
Falko Timme committed
60
<tmpl_if name='errordocs'>		
Falko Timme's avatar
Falko Timme committed
61 62 63 64 65 66
        error_page 400 /error/400.html;
        error_page 401 /error/401.html;
        error_page 403 /error/403.html;
        error_page 404 /error/404.html;
        error_page 405 /error/405.html;
        error_page 500 /error/500.html;
67
        error_page 502 /error/502.html;
Falko Timme's avatar
Falko Timme committed
68
        error_page 503 /error/503.html;
69 70
        recursive_error_pages on;
        location = /error/400.html {
71
            <tmpl_var name='web_document_root_www_proxy'>
72 73 74
            internal;
        }
        location = /error/401.html {
75
            <tmpl_var name='web_document_root_www_proxy'>
76 77 78
            internal;
        }
        location = /error/403.html {
79
            <tmpl_var name='web_document_root_www_proxy'>
80 81 82
            internal;
        }
        location = /error/404.html {
83
            <tmpl_var name='web_document_root_www_proxy'>
84 85 86
            internal;
        }
        location = /error/405.html {
87
            <tmpl_var name='web_document_root_www_proxy'>
88 89 90
            internal;
        }
        location = /error/500.html {
91
            <tmpl_var name='web_document_root_www_proxy'>
92 93 94
            internal;
        }
        location = /error/502.html {
95
            <tmpl_var name='web_document_root_www_proxy'>
96 97 98
            internal;
        }
        location = /error/503.html {
99
            <tmpl_var name='web_document_root_www_proxy'>
100 101
            internal;
        }
Falko Timme's avatar
Falko Timme committed
102
</tmpl_if>
Falko Timme's avatar
Falko Timme committed
103 104
		
        error_log /var/log/ispconfig/httpd/<tmpl_var name='domain'>/error.log;
105
        access_log /var/log/ispconfig/httpd/<tmpl_var name='domain'>/access.log combined;
106

Falko Timme's avatar
Falko Timme committed
107 108 109 110 111 112 113
        ## Disable .htaccess and other hidden files
        location ~ /\. {
            deny all;
            access_log off;
            log_not_found off;
        }
		
114
        location = /favicon.ico {
Falko Timme's avatar
Falko Timme committed
115 116 117
            log_not_found off;
            access_log off;
        }
118

Falko Timme's avatar
Falko Timme committed
119 120 121 122 123 124
        location = /robots.txt {
            allow all;
            log_not_found off;
            access_log off;
        }
		
125
        location /stats/ {
126
            <tmpl_var name='web_document_root_www_proxy'>
Falko Timme's avatar
Falko Timme committed
127 128 129 130
            index index.html index.php;
            auth_basic "Members Only";
            auth_basic_user_file <tmpl_var name='stats_auth_passwd_file'>;
        }
131

132
        location ^~ /awstats-icon {
133 134 135
            alias /usr/share/awstats/icon;
        }

Falko Timme's avatar
Falko Timme committed
136
        location ~ \.php$ {
137
            try_files <tmpl_var name='rnd_php_dummy_file'> @php;
Falko Timme's avatar
Falko Timme committed
138 139 140 141
        }

<tmpl_if name='php' op='==' value='php-fpm'>
        location @php {
142
            try_files $uri =404;
143
            include /etc/nginx/fastcgi_params;
Falko Timme's avatar
Falko Timme committed
144 145 146 147 148 149
<tmpl_if name='use_tcp'>
            fastcgi_pass 127.0.0.1:<tmpl_var name='fpm_port'>;
</tmpl_if>
<tmpl_if name='use_socket'>
            fastcgi_pass unix:<tmpl_var name='fpm_socket'>;
</tmpl_if>
Falko Timme's avatar
Falko Timme committed
150 151
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
152
            #fastcgi_param PATH_INFO $fastcgi_script_name;
153
            fastcgi_intercept_errors on;
Falko Timme's avatar
Falko Timme committed
154
        }
Falko Timme's avatar
Falko Timme committed
155
</tmpl_else>
156 157 158 159 160 161 162 163 164 165 166 167
	<tmpl_if name='php' op='==' value='hhvm'>
			location @php {
				try_files $uri =404;
				include /etc/nginx/fastcgi_params;
				fastcgi_pass unix:/var/run/hhvm/hhvm.<tmpl_var name='system_user'>.sock;
				fastcgi_index index.php;
				fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
				#fastcgi_param PATH_INFO $fastcgi_script_name;
				fastcgi_intercept_errors on;
			}
	</tmpl_else>

Falko Timme's avatar
Falko Timme committed
168
        location @php {
Falko Timme's avatar
Falko Timme committed
169 170
            deny all;
        }
171
	</tmpl_if>
Falko Timme's avatar
Falko Timme committed
172
</tmpl_if>
Falko Timme's avatar
Falko Timme committed
173
		
Falko Timme's avatar
Falko Timme committed
174
<tmpl_if name='cgi' op='==' value='y'>
Falko Timme's avatar
Falko Timme committed
175
        location /cgi-bin/ {
176
            try_files $uri =404;
177
            include /etc/nginx/fastcgi_params;
Falko Timme's avatar
Falko Timme committed
178 179 180 181 182
            root <tmpl_var name='document_root'>;
            gzip off;
            fastcgi_pass  unix:/var/run/fcgiwrap.socket;
            fastcgi_index index.cgi;
            fastcgi_param SCRIPT_FILENAME  $document_root$fastcgi_script_name;
183
            fastcgi_intercept_errors on;
184
        }
Falko Timme's avatar
Falko Timme committed
185
</tmpl_if>
Falko Timme's avatar
Falko Timme committed
186

187 188 189 190
<tmpl_loop name="rewrite_rules">
        <tmpl_var name='rewrite_rule'>
</tmpl_loop>

Falko Timme's avatar
Falko Timme committed
191
<tmpl_loop name="nginx_directives">
192
        <tmpl_var name='nginx_directive'>
193 194 195
</tmpl_loop>

<tmpl_loop name="basic_auth_locations">
196
        location <tmpl_var name='htpasswd_location'> { ##merge##
197 198
                auth_basic "Members Only";
                auth_basic_user_file <tmpl_var name='htpasswd_path'>.htpasswd;
Falko Timme's avatar
Falko Timme committed
199 200
				
                location ~ \.php$ {
201
                    try_files <tmpl_var name='rnd_php_dummy_file'> @php;
Falko Timme's avatar
Falko Timme committed
202
                }
203 204
        }
</tmpl_loop>
205 206 207 208 209 210 211 212 213 214 215 216 217 218 219 220 221 222 223 224 225 226 227 228 229 230 231 232 233 234 235 236 237
</tmpl_if>	
}

<tmpl_loop name="redirects">
server {
        listen <tmpl_var name='ip_address'>:80;
<tmpl_if name='ipv6_enabled'>
        listen [<tmpl_var name='ipv6_address'>]:80;
</tmpl_if>
		
<tmpl_if name='ssl_enabled'>
        listen <tmpl_var name='ip_address'>:443 ssl;
<tmpl_if name='ipv6_enabled'>
        listen [<tmpl_var name='ipv6_address'>]:443 ssl;
</tmpl_if>
        ssl_certificate <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.crt;
        ssl_certificate_key <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.key;
</tmpl_if>
        
        server_name <tmpl_var name='rewrite_domain'>;
<tmpl_if name='alias_seo_redirects2'>
<tmpl_loop name="alias_seo_redirects2">
        if ($http_host <tmpl_var name='alias_seo_redirect_operator'> "<tmpl_var name='alias_seo_redirect_origin_domain'>") {
            rewrite ^ $scheme://<tmpl_var name='alias_seo_redirect_target_domain'>$request_uri? permanent;
        }
</tmpl_loop>
</tmpl_if>
<tmpl_if name='use_rewrite'>
        rewrite ^ <tmpl_var name='rewrite_target'>$request_uri? <tmpl_var name='rewrite_type'>;
</tmpl_if>
<tmpl_if name='use_proxy'>
        location / {
            proxy_pass <tmpl_var name='rewrite_target'>;
238
            <tmpl_if name='rewrite_subdir'>rewrite ^/<tmpl_var name='rewrite_subdir'>(.*) /$1;</tmpl_if>
239 240 241 242 243 244
<tmpl_loop name="proxy_directives">
        <tmpl_var name='proxy_directive'>
</tmpl_loop>
        }
</tmpl_if>
}
Patrick Anders's avatar
Patrick Anders committed
245
</tmpl_loop>