From a2b99e98bf2b00564b85ab49d9199ce86df152d1 Mon Sep 17 00:00:00 2001 From: meaz Date: Wed, 1 Jun 2022 12:54:42 +0000 Subject: [PATCH] akaunting template (#2) Co-authored-by: meaz Reviewed-on: https://git.disroot.org/Disroot-Ansible/nginx/pulls/2 Reviewed-by: antilopa Co-authored-by: meaz Co-committed-by: meaz --- .../etc/nginx/sites-available/akaunting.j2 | 44 +++++++++++++++++++ 1 file changed, 44 insertions(+) create mode 100644 templates/etc/nginx/sites-available/akaunting.j2 diff --git a/templates/etc/nginx/sites-available/akaunting.j2 b/templates/etc/nginx/sites-available/akaunting.j2 new file mode 100644 index 0000000..171da12 --- /dev/null +++ b/templates/etc/nginx/sites-available/akaunting.j2 @@ -0,0 +1,44 @@ +{% extends "core.j2" %} + +{% block location %} + + root {{ item.root }}; + + index index.html index.htm index.php; + + charset utf-8; + + location / { + try_files $uri $uri/ /index.php?$query_string; + } + + # Prevent Direct Access To Protected Files + location ~ \.(env|log) { + deny all; + } + + # Prevent Direct Access To Protected Folders + location ~ ^/(^app$|bootstrap|config|database|overrides|resources|routes|storage|tests|artisan) { + deny all; + } + + # Prevent Direct Access To modules/vendor Folders Except Assets + location ~ ^/(modules|vendor)\/(.*)\.((?!ico|gif|jpg|jpeg|png|js\b|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ { + deny all; + } + + error_page 404 /index.php; + + # Pass PHP Scripts To FastCGI Server + location ~ \.php$ { + fastcgi_split_path_info ^(.+\.php)(/.+)$; + fastcgi_pass unix:/var/run/php/php{{ php_version }}-fpm.sock; # Depends On The PHP Version + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + include fastcgi_params; + } + + location ~ /\.(?!well-known).* { + deny all; + } +{% endblock %}