65 lines
1.6 KiB
Cheetah
65 lines
1.6 KiB
Cheetah
server {
|
|
listen 80 default_server;
|
|
listen [::]:80 default_server;
|
|
|
|
# ACME
|
|
location ^~ /.well-known/acme-challenge/ {
|
|
root /var/www/letsencrypt;
|
|
allow all;
|
|
}
|
|
|
|
# Wenn SSL da: redirect auf 443, sonst direkt App
|
|
{% if ssl %}
|
|
return 301 https://$host$request_uri;
|
|
{% endif %}
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl${NGINX_HTTP2_SUFFIX};
|
|
listen [::]:443 ssl${NGINX_HTTP2_SUFFIX};
|
|
|
|
ssl_certificate ${UI_CERT};
|
|
ssl_certificate_key ${UI_KEY};
|
|
ssl_protocols TLSv1.2 TLSv1.3;
|
|
|
|
server_name _;
|
|
|
|
root ${APP_DIR}/public;
|
|
index index.php index.html;
|
|
|
|
access_log /var/log/nginx/app_ssl_access.log;
|
|
error_log /var/log/nginx/app_ssl_error.log;
|
|
|
|
client_max_body_size 25m;
|
|
|
|
location / { try_files $uri $uri/ /index.php?$query_string; }
|
|
location ~ \.php$ {
|
|
include snippets/fastcgi-php.conf;
|
|
# Der pass (unix vs tcp) wird vom System gesetzt; Debian snippet kümmert sich
|
|
fastcgi_pass unix:/run/php/php-fpm.sock;
|
|
try_files $uri =404;
|
|
}
|
|
location ^~ /livewire/ { try_files $uri /index.php?$query_string; }
|
|
location ~* \.(jpg|jpeg|png|gif|css|js|ico|svg)$ { expires 30d; access_log off; }
|
|
|
|
# WebSocket: Laravel Reverb
|
|
location /ws/ {
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Upgrade $http_upgrade;
|
|
proxy_set_header Connection "Upgrade";
|
|
proxy_set_header Host $host;
|
|
proxy_read_timeout 60s;
|
|
proxy_send_timeout 60s;
|
|
proxy_pass http://127.0.0.1:8080/;
|
|
}
|
|
|
|
# Reverb HTTP API
|
|
location /apps/ {
|
|
proxy_http_version 1.1;
|
|
proxy_set_header Host $host;
|
|
proxy_read_timeout 60s;
|
|
proxy_send_timeout 60s;
|
|
proxy_pass http://127.0.0.1:8080/apps/;
|
|
}
|
|
}
|