#daemon off; worker_processes 2; user www-data; events { use epoll; worker_connections 128; } error_log logs/error.log info; http { server_tokens off; #include mime.types; include /etc/nginx/mime.types; include /etc/nginx/proxy.conf; include /etc/nginx/fastcgi.conf; charset utf-8; access_log logs/access.log combined; server { server_name wrenchboard-www-api; listen 80; error_page 500 502 503 504 /50x.html; root /opt/mainsite/wrenchboard/www-api/public; index index.php index.html; autoindex on; # set expiration of assets to MAX for caching location ~* \.(ico|css|js|gif|jpe?g|png)(\?[0-9]+)?$ { expires max; log_not_found off; } location / { try_files $uri $uri/ /index.php$is_args$args; } location ~ \.php$ { fastcgi_pass host.docker.internal:9999; fastcgi_param SCRIPT_FILENAME /opt/mainsite/wrenchboard/www-api/public$fastcgi_script_name; include fastcgi_params; # cors configuration # whitelist of allowed domains, via a regular expression # if ($http_origin ~* (http://localhost(:[0-9]+)?)) { ##if ($http_origin ~* .*) { # yeah, for local development. tailor your regex as needed set $cors "true"; ##} # apparently, the following three if statements create a flag for "compound conditions" if ($request_method = OPTIONS) { set $cors "${cors}options"; } if ($request_method = GET) { set $cors "${cors}get"; } if ($request_method = POST) { set $cors "${cors}post"; } # now process the flag if ($cors = 'trueget') { #add_header 'Access-Control-Allow-Origin' "$http_origin"; add_header 'Access-Control-Allow-Origin' "*"; add_header 'Access-Control-Allow-Credentials' 'true'; } if ($cors = 'truepost') { #add_header 'Access-Control-Allow-Origin' "$http_origin"; add_header 'Access-Control-Allow-Origin' "*"; add_header 'Access-Control-Allow-Credentials' 'true'; } if ($cors = 'trueoptions') { #add_header 'Access-Control-Allow-Origin' "$http_origin"; add_header 'Access-Control-Allow-Origin' "*"; add_header 'Access-Control-Allow-Credentials' 'true'; add_header 'Access-Control-Max-Age' 1728000; # cache preflight value for 20 days add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Headers' 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With,If-Modified-Since'; add_header 'Content-Length' 0; add_header 'Content-Type' 'text/plain charset=UTF-8'; return 204; } } error_page 404 /index.php; # deny access to hidden files such as .htaccess location ~ /\. { deny all; } location /svs/bko/ { try_files $uri $uri/ /svs/bko/bkove.php?$args; proxy_intercept_errors off; error_page 404 /svs/bko/bkove.php; location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; #if (!-f $document_root$fastcgi_script_name) { # return 404; #} fastcgi_pass host.docker.internal:9999; fastcgi_param SCRIPT_FILENAME /opt/mainsite/wrenchboard/www-api/public$fastcgi_script_name; include fastcgi_params; error_page 404 /svs/bko/bkove.php; } location = /svs/bko/bkove.php { fastcgi_pass host.docker.internal:9999; fastcgi_param SCRIPT_FILENAME /opt/mainsite/wrenchboard/www-api/public$fastcgi_script_name; include fastcgi_params; } } location /svs/user/ { try_files $uri $uri/ /svs/user/userve.php?$args; proxy_intercept_errors off; error_page 404 /svs/user/userve.php; location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; #if (!-f $document_root$fastcgi_script_name) { # return 404; #} fastcgi_pass host.docker.internal:9999; fastcgi_param SCRIPT_FILENAME /opt/mainsite/wrenchboard/www-api/public$fastcgi_script_name; include fastcgi_params; error_page 404 /svs/user/userve.php; } location = /svs/user/userve.php { fastcgi_pass host.docker.internal:9999; fastcgi_param SCRIPT_FILENAME /opt/mainsite/wrenchboard/www-api/public$fastcgi_script_name; include fastcgi_params; } } location ~ \.php$ { return 444; } } }