ofco/medicalalert-web-reloaded
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Merged in feature/helm (pull request #16)

Browse Source 
Feature/helm

* Add helm details

* Modify ecr as medicalalert-web-reloaded

* Modify pipeline file

* Remove old deployment artifacts except common and pvc

* Modify for weca namesapce

* Modify for weca namesapce

* Revert the APP Change

* Revert APP to weareconnectamerica-web Again

* merge conflicts


Approved-by: Rachit Bhargava
This commit is contained in:
Jay Sharma
2024-09-04 16:56:19 +00:00
committed by Rachit Bhargava
parent 4e06f267ec
commit ed6b060261
6 changed files with 608 additions and 243 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
build/dev/pvc.yml
View File

@@ -32,7 +32,7 @@ spec:
storageClassName: efs-sc-dev-ecommerce
resources:
requests:
storage: 3Gi
storage: 5Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
@@ -50,7 +50,7 @@ spec:
storageClassName: efs-sc-dev-ecommerce
resources:
requests:
storage: 3Gi
storage: 5Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
@@ -68,7 +68,7 @@ spec:
storageClassName: efs-sc-dev-ecommerce
resources:
requests:
storage: 3Gi
storage: 5Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
@@ -86,7 +86,7 @@ spec:
storageClassName: efs-sc-dev-ecommerce
resources:
requests:
storage: 3Gi
storage: 5Gi
---
apiVersion: v1
kind: PersistentVolumeClaim
@@ -104,4 +104,4 @@ spec:
storageClassName: efs-sc-dev-ecommerce
resources:
requests:
storage: 3Gi
storage: 5Gi

616
build/dev/web-default-conf-cm.yaml
View File

@@ -1,616 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: weareconnectamerica-web-default-conf-cm
namespace: weareconnectamerica-web
annotations:
meta.helm.sh/release-name: weareconnectamerica-web
meta.helm.sh/release-namespace: weareconnectamerica-web
labels:
app.kubernetes.io/managed-by: Helm
app: weareconnectamerica-web
data:
default.conf: |
# ---------------------
fastcgi_cache_path /usr/share/nginx/subdomain/www/wp-content/uploads/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m;
fastcgi_cache_key "https$request_method$host$request_uri$cookie_SESScampaignphone$cookie_SESScampaignid";
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
# -----------------------------------------
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort on;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_read_timeout 120;
fastcgi_cache_min_uses 1;
fastcgi_cache_lock on;
#fastcgi_index index.php;
# --------------------------------
# Only cache positive responses
proxy_cache_valid 200 1h;
proxy_cache_valid 301 302 0m;
server {
# --------------------------
client_max_body_size 512m;
# -------------------------------
listen 80 default; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
server_name dev-weareconnectamerica.com "";
return 301 https://www.dev-weareconnectamerica.com$request_uri;
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
}
subdomain.conf: |
server {
#-----------------------------
client_max_body_size 512m;
# ------------------------
client_body_timeout 1200;
client_header_timeout 600;
# ---------------------------
listen 80;
listen [::]:80;
server_name ~^(?<subdomain>.+)\.dev-weareconnectamerica\.com$;
if ($http_x_forwarded_proto != 'https') {
return 301 https://$host$request_uri;
}
root /usr/share/nginx/subdomain/$subdomain-web;
index index.php index.html index.htm;
sendfile off;
# Security - Hide nginx version number in error pages and Server header
server_tokens off;
# Add stdout logging
error_log /dev/stdout error;
access_log /dev/stdout;
# reduce the data that needs to be sent over network
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public";
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST)
{
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "")
{
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
set $no_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID")
{
set $no_cache 1;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /500.html;
location = /500.html {
root /usr/share/nginx/subdomain/$subdomain-web;
add_header Cache-Control "no-cache" always;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"]
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
expires 7d;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# deny access to . files, for security
#
location ~ /\. {
log_not_found off;
deny all;
}
}
www.conf: |
server {
#-----------------------------
client_max_body_size 512m;
# ------------------------
client_body_timeout 1200;
client_header_timeout 600;
# ---------------------------
listen 80;
listen [::]:80;
server_name www.dev-weareconnectamerica.com;
if ($http_x_forwarded_proto != 'https') {
return 301 https://$host$request_uri;
}
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
sendfile off;
# Security - Hide nginx version number in error pages and Server header
server_tokens off;
# Add stdout logging
error_log /dev/stdout error;
access_log /dev/stdout;
# reduce the data that needs to be sent over network
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public";
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST)
{
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "")
{
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
set $no_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID")
{
set $no_cache 1;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /500.html;
location = /500.html {
root /usr/share/nginx/subdomain/www;
add_header Cache-Control "no-cache" always;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
expires 7d;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# deny access to . files, for security
#
location ~ /\. {
log_not_found off;
deny all;
}
}
dev01.conf: |
server {
#-----------------------------
client_max_body_size 512m;
# ------------------------
client_body_timeout 1200;
client_header_timeout 600;
# ---------------------------
listen 80;
listen [::]:80;
server_name dev01.dev-weareconnectamerica.com;
if ($http_x_forwarded_proto != 'https') {
return 301 https://$host$request_uri;
}
root /usr/share/nginx/subdomain/dev01;
index index.php index.html index.htm;
sendfile off;
# Security - Hide nginx version number in error pages and Server header
server_tokens off;
# Add stdout logging
error_log /dev/stdout error;
access_log /dev/stdout;
# reduce the data that needs to be sent over network
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public";
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST)
{
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "")
{
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
set $no_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID")
{
set $no_cache 1;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_param SUBDOMAIN dev01; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /500.html;
location = /500.html {
root /usr/share/nginx/subdomain/dev01;
add_header Cache-Control "no-cache" always;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SUBDOMAIN dev01; # $_SERVER["SUBDOMAIN"]
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
expires 7d;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# deny access to . files, for security
#
location ~ /\. {
log_not_found off;
deny all;
}
}
localhost.conf: |
server {
client_max_body_size 512m;
listen 80;
listen [::]:80;
server_name localhost 127.0.0.1;
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
sendfile off;
server_tokens off;
error_log /dev/stdout error;
access_log /dev/stdout;
# reduce the data that needs to be sent over network
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public";
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST)
{
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "")
{
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID")
{
set $no_cache 1;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/subdomain/www;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
}
# deny access to . files, for security
#
location ~ /\. {
log_not_found off;
deny all;
}
location ~ ^/(status|ping)$ {
access_log off;
allow 127.0.0.1;
deny all;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $fastcgi_script_name;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
}

331
build/prod/web-default-conf-cm.yaml
View File

@@ -1,331 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: weareconnectamerica-web-default-conf-cm
namespace: weareconnectamerica-web
annotations:
meta.helm.sh/release-name: weareconnectamerica-web
meta.helm.sh/release-namespace: weareconnectamerica-web
labels:
app.kubernetes.io/managed-by: Helm
app: weareconnectamerica-web
data:
default.conf: |
# ---------------------
fastcgi_cache_path /usr/share/nginx/subdomain/www/wp-content/uploads/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m;
fastcgi_cache_key "https$request_method$host$request_uri$cookie_SESScampaignphone$cookie_SESScampaignid";
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
# -----------------------------------------
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort on;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_read_timeout 120;
fastcgi_cache_min_uses 1;
fastcgi_cache_lock on;
#fastcgi_index index.php;
# --------------------------------
# Only cache positive responses
proxy_cache_valid 200 1h;
proxy_cache_valid 301 302 0m;
server {
# --------------------------
client_max_body_size 512m;
# -------------------------------
listen 80 default; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
server_name weareconnectamerica.com "";
return 301 https://www.weareconnectamerica.com$request_uri;
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
}
medicalhomealert.conf: |
server {
listen 80; ## listen for ipv4; this line is default and implied
listen [::]:80; ## listen for ipv6
server_name medicalhomealert.com www.medicalhomealert.com;
return 301 https://www.weareconnectamerica.com;
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
}
subdomain.conf: |
server {
#-----------------------------
client_max_body_size 512m;
# ------------------------
listen 80;
listen [::]:80;
server_name ~^(?<subdomain>.+)\.weareconnectamerica\.com$;
if ($http_x_forwarded_proto != 'https') {
return 301 https://$host$request_uri;
}
root /usr/share/nginx/subdomain/$subdomain;
index index.php index.html index.htm;
sendfile off;
# Security - Hide nginx version number in error pages and Server header
server_tokens off;
# Add stdout logging
error_log /dev/stdout error;
access_log /dev/stdout;
# reduce the data that needs to be sent over network
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public";
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST)
{
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "")
{
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
set $no_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID")
{
set $no_cache 1;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /500.html;
location = /500.html {
root /usr/share/nginx/subdomain/$subdomain;
add_header Cache-Control "no-cache" always;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"]
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
expires 7d;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# deny access to . files, for security
#
location ~ /\. {
log_not_found off;
deny all;
}
}
localhost.conf: |
server {
client_max_body_size 512m;
listen 80;
listen [::]:80;
server_name localhost 127.0.0.1;
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
sendfile off;
server_tokens off;
error_log /dev/stdout error;
access_log /dev/stdout;
# reduce the data that needs to be sent over network
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public";
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST)
{
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "")
{
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID")
{
set $no_cache 1;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 5m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /500.html;
location = /500.html {
root /usr/share/nginx/subdomain/www;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
}
# deny access to . files, for security
#
location ~ /\. {
log_not_found off;
deny all;
}
location ~ ^/(status|ping)$ {
access_log off;
allow 127.0.0.1;
deny all;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $fastcgi_script_name;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
}

321
build/qa/web-default-conf-cm.yaml
View File

@@ -1,321 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: weareconnectamerica-web-default-conf-cm
namespace: weareconnectamerica-web
annotations:
meta.helm.sh/release-name: weareconnectamerica-web
meta.helm.sh/release-namespace: weareconnectamerica-web
labels:
app.kubernetes.io/managed-by: Helm
app: weareconnectamerica-web
data:
default.conf: |
# ---------------------
fastcgi_cache_path /usr/share/nginx/subdomain/www/wp-content/uploads/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m;
fastcgi_cache_key "https$request_method$host$request_uri$cookie_SESScampaignphone$cookie_SESScampaignid";
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
# -----------------------------------------
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort on;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_read_timeout 120;
fastcgi_cache_min_uses 1;
fastcgi_cache_lock on;
#fastcgi_index index.php;
# --------------------------------
# Only cache positive responses
proxy_cache_valid 200 1h;
proxy_cache_valid 301 302 0m;
server {
# --------------------------
client_max_body_size 512m;
# -------------------------------
listen 80 default; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
server_name qa-weareconnectamerica.com "";
return 301 https://www.qa-weareconnectamerica.com$request_uri;
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
}
subdomain.conf: |
server {
#-----------------------------
client_max_body_size 512m;
# ------------------------
listen 80;
listen [::]:80;
server_name ~^(?<subdomain>.+)\.qa-weareconnectamerica\.com$;
if ($http_x_forwarded_proto != 'https') {
return 301 https://$host$request_uri;
}
root /usr/share/nginx/subdomain/$subdomain;
index index.php index.html index.htm;
sendfile off;
# Security - Hide nginx version number in error pages and Server header
server_tokens off;
# Add stdout logging
error_log /dev/stdout error;
access_log /dev/stdout;
# reduce the data that needs to be sent over network
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public";
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST)
{
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "")
{
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
set $no_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID")
{
set $no_cache 1;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /500.html;
location = /500.html {
root /usr/share/nginx/subdomain/$subdomain;
add_header Cache-Control "no-cache" always;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"]
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
expires 7d;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# deny access to . files, for security
#
location ~ /\. {
log_not_found off;
deny all;
}
}
localhost.conf: |
server {
client_max_body_size 512m;
listen 80;
listen [::]:80;
server_name localhost 127.0.0.1;
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
sendfile off;
server_tokens off;
error_log /dev/stdout error;
access_log /dev/stdout;
# reduce the data that needs to be sent over network
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public";
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST)
{
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "")
{
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID")
{
set $no_cache 1;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /500.html;
location = /500.html {
root /usr/share/nginx/subdomain/www;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
}
# deny access to . files, for security
#
location ~ /\. {
log_not_found off;
deny all;
}
location ~ ^/(status|ping)$ {
access_log off;
allow 127.0.0.1;
deny all;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $fastcgi_script_name;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
}

317
build/stage/web-default-conf-cm.yaml
View File

@@ -1,317 +0,0 @@
apiVersion: v1
kind: ConfigMap
metadata:
name: weareconnectamerica-web-default-conf-cm
namespace: weareconnectamerica-web
annotations:
meta.helm.sh/release-name: weareconnectamerica-web
meta.helm.sh/release-namespace: weareconnectamerica-web
labels:
app.kubernetes.io/managed-by: Helm
app: weareconnectamerica-web
data:
default.conf: |
# ---------------------
fastcgi_cache_path /usr/share/nginx/subdomain/www/wp-content/uploads/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m;
fastcgi_cache_key "https$request_method$host$request_uri$cookie_SESScampaignphone$cookie_SESScampaignid";
fastcgi_cache_use_stale error timeout invalid_header http_500;
fastcgi_ignore_headers Cache-Control Expires Set-Cookie;
# -----------------------------------------
fastcgi_intercept_errors on;
fastcgi_ignore_client_abort on;
fastcgi_buffers 8 16k;
fastcgi_buffer_size 32k;
fastcgi_read_timeout 120;
fastcgi_cache_min_uses 1;
fastcgi_cache_lock on;
#fastcgi_index index.php;
# --------------------------------
# Only cache positive responses
proxy_cache_valid 200 1h;
proxy_cache_valid 301 302 0m;
server {
# --------------------------
client_max_body_size 512m;
# -------------------------------
listen 80 default; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
server_name stage-weareconnectamerica.com "";
return 301 https://www.stage-weareconnectamerica.com$request_uri;
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
}
subdomain.conf: |
server {
#-----------------------------
client_max_body_size 512m;
# ------------------------
listen 80;
listen [::]:80;
server_name ~^(?<subdomain>.+)\.stage-weareconnectamerica\.com$;
if ($http_x_forwarded_proto != 'https') {
return 301 https://$host$request_uri;
}
root /usr/share/nginx/subdomain/$subdomain;
index index.php index.html index.htm;
sendfile off;
# Security - Hide nginx version number in error pages and Server header
server_tokens off;
# Add stdout logging
error_log /dev/stdout error;
access_log /dev/stdout;
# reduce the data that needs to be sent over network
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public";
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST)
{
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "")
{
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
set $no_cache 1;
}
# Don't use the cache for logged in users or recent commenters
if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") {
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID")
{
set $no_cache 1;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /500.html;
location = /500.html {
root /usr/share/nginx/subdomain/$subdomain;
add_header Cache-Control "no-cache" always;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"]
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ {
expires 7d;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid 301 302 0m;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# deny access to . files, for security
#
location ~ /\. {
log_not_found off;
deny all;
}
}
localhost.conf: |
server {
client_max_body_size 512m;
listen 80;
listen [::]:80;
server_name localhost 127.0.0.1;
root /usr/share/nginx/subdomain/www;
index index.php index.html index.htm;
sendfile off;
server_tokens off;
error_log /dev/stdout error;
access_log /dev/stdout;
# reduce the data that needs to be sent over network
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public";
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST)
{
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "")
{
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") {
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID")
{
set $no_cache 1;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
include fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 5m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /500.html;
location = /500.html {
root /usr/share/nginx/subdomain/www;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
proxy_set_header X-Forwarded-Proto $scheme;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"]
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 60m;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
}
# deny access to . files, for security
#
location ~ /\. {
log_not_found off;
deny all;
}
location ~ ^/(status|ping)$ {
access_log off;
allow 127.0.0.1;
deny all;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $fastcgi_script_name;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
}
}