{% extends "core.j2" %}

{% block root %}
  root {{ nginx_www_dir }}{{ item.root }};
  index index.php;
  charset utf-8;
  include mime.types;
  autoindex off;
{% endblock %}

{% block location %}

## LOCATIONS
  location / {
    rewrite ^/\.well\-known/.* /index.php?q=$1;
    if (!-e $request_filename) {
      rewrite ^(.*)$ /index.php?q=$1;
    }
  }
  
  location ^~ /.well-known/ {
    allow all;
    if (!-e $request_filename) {
      rewrite ^(.*)$ /index.php?q=$1;
    }
  }
 
  location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|map|ttf|woff|woff2|svg)$ {
    expires 30d;
    try_files $uri /index.php?q=$uri&$args;
  }

  # block these file types
  location ~* \.(tpl|md|tgz|log|out)$ {
    deny all;
  }

  location ~* \.php$ {
    try_files $uri =404;
    fastcgi_split_path_info ^(.+\.php)(/.+)$;
{% if item.upstream_params is defined and item.upstream_params is iterable %}
{% for param in item.upstream_params %}
    {{ param }}
{% endfor %}
{% endif %}

  }

  location ~ /\. {
    deny all;
  }

  location ~  "(^|/)store" {
    deny  all;
	}

  location ~ "(^|/)\.git" {
    return 403;
  }

  location ~ /util {
    deny all;
  }

{% endblock %}