apiVersion: v1 kind: ConfigMap metadata: name: medicalalert-web-default-conf-cm namespace: medicalalert-web labels: app: medicalalert-web data: default.conf: | # --------------------- fastcgi_cache_path /usr/share/nginx/subdomain/www/wp-content/uploads/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m; fastcgi_cache_key "https$request_method$host$request_uri$cookie_SESScampaignphone$cookie_SESScampaignid"; fastcgi_cache_use_stale error timeout invalid_header http_500; fastcgi_ignore_headers Cache-Control Expires Set-Cookie; # ----------------------------------------- fastcgi_intercept_errors on; fastcgi_ignore_client_abort on; fastcgi_buffers 8 16k; fastcgi_buffer_size 32k; fastcgi_read_timeout 120; fastcgi_cache_min_uses 1; fastcgi_cache_lock on; #fastcgi_index index.php; # -------------------------------- # Only cache positive responses proxy_cache_valid 200 1h; proxy_cache_valid 301 302 0m; server { # -------------------------- client_max_body_size 512m; # ------------------------------- listen 80 default; ## listen for ipv4; this line is default and implied listen [::]:80 default ipv6only=on; ## listen for ipv6 server_name dev-medicalalert.com ""; return 301 https://www.dev-medicalalert.com$request_uri; root /usr/share/nginx/subdomain/www; index index.php index.html index.htm; } subdomain.conf: | server { #----------------------------- client_max_body_size 512m; # ------------------------ client_body_timeout 1200; client_header_timeout 600; # --------------------------- listen 80; listen [::]:80; server_name ~^(?.+)\.dev-medicalalert\.com$; if ($http_x_forwarded_proto != 'https') { return 301 https://$host$request_uri; } root /usr/share/nginx/subdomain/$subdomain; index index.php index.html index.htm; sendfile off; # Security - Hide nginx version number in error pages and Server header server_tokens off; # Add stdout logging error_log /dev/stdout error; access_log /dev/stdout; # reduce the data that needs to be sent over network gzip on; gzip_min_length 10240; gzip_proxied expired no-cache no-store private auth; gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml; gzip_disable "MSIE [1-6]\."; add_header 'Content-Security-Policy' 'upgrade-insecure-requests'; add_header X-Cache-Status $upstream_cache_status; add_header Cache-Control "public"; #Cache everything by default set $no_cache 0; error_page 404 /404.html; location = /404.html { root /usr/share/nginx/subdomain/$subdomain; add_header Cache-Control "no-cache" always; } #Don't cache POST requests if ($request_method = POST) { set $no_cache 1; } #Don't cache if the URL contains a query string if ($query_string != "") { set $no_cache 1; } #Don't cache the following URLs if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") { set $no_cache 1; } # Don't use the cache for logged in users or recent commenters if ($http_cookie ~* "comment_author|wordpress_[a-f0-9]+|wp-postpass|wordpress_no_cache|wordpress_logged_in") { set $no_cache 1; } #Don't cache if there is a cookie called PHPSESSID if ($http_cookie = "PHPSESSID") { set $no_cache 1; } location / { # First attempt to serve request as file, then # as directory, then fall back to index.php try_files $uri $uri/ /index.php?$args; proxy_set_header X-Forwarded-Proto $scheme; fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"] include fastcgi_params; fastcgi_cache MYAPP; fastcgi_cache_valid 200 60m; fastcgi_cache_valid 301 302 0m; fastcgi_cache_valid any 1m; fastcgi_cache_bypass $no_cache; fastcgi_no_cache $no_cache; } # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/subdomain/$subdomain; add_header Cache-Control "no-cache" always; } # pass the PHP scripts to FastCGI server listening on socket # #~ \.php$ location ~ [^/]\.php(/|$) { proxy_set_header X-Forwarded-Proto $scheme; try_files $uri $uri/ /index.php?$args; if (!-f $document_root$fastcgi_script_name) { return 404; } fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/run/php/php7.4-fpm-$subdomain.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param SUBDOMAIN $subdomain; # $_SERVER["SUBDOMAIN"] fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_cache MYAPP; fastcgi_cache_valid 200 60m; fastcgi_cache_valid 301 302 0m; fastcgi_cache_valid any 1m; fastcgi_cache_bypass $no_cache; fastcgi_no_cache $no_cache; } location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|mp4|ttf|rss|atom|jpg|jpeg|gif|png|ico|zip|tgz|gz|rar|bz2|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf)$ { expires 7d; proxy_set_header X-Forwarded-Proto $scheme; fastcgi_cache MYAPP; fastcgi_cache_valid 200 60m; fastcgi_cache_valid 301 302 0m; fastcgi_cache_valid any 1m; proxy_cache_background_update on; proxy_cache_lock on; fastcgi_cache_bypass $no_cache; fastcgi_no_cache $no_cache; } # deny access to . files, for security # location ~ /\. { log_not_found off; deny all; } } localhost.conf: | server { client_max_body_size 512m; listen 80; listen [::]:80; server_name localhost 127.0.0.1; root /usr/share/nginx/subdomain/www; index index.php index.html index.htm; sendfile off; server_tokens off; error_log /dev/stdout error; access_log /dev/stdout; # reduce the data that needs to be sent over network gzip on; gzip_min_length 10240; gzip_proxied expired no-cache no-store private auth; gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml; gzip_disable "MSIE [1-6]\."; add_header 'Content-Security-Policy' 'upgrade-insecure-requests'; add_header X-Cache-Status $upstream_cache_status; add_header Cache-Control "public"; #Cache everything by default set $no_cache 0; #Don't cache POST requests if ($request_method = POST) { set $no_cache 1; } #Don't cache if the URL contains a query string if ($query_string != "") { set $no_cache 1; } #Don't cache the following URLs if ($request_uri ~* "/wp-admin/|/xmlrpc.php|wp-.*.php|sitemap(_index)?.xml|wp-login.php|/medical-shipping.*|/medical-order.*|/medical-profile.*|/medical-thank.*") { set $no_cache 1; } #Don't cache if there is a cookie called PHPSESSID if ($http_cookie = "PHPSESSID") { set $no_cache 1; } location / { # First attempt to serve request as file, then # as directory, then fall back to index.php try_files $uri $uri/ /index.php?$args; proxy_set_header X-Forwarded-Proto $scheme; fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"] include fastcgi_params; fastcgi_cache MYAPP; fastcgi_cache_valid 200 302 60m; fastcgi_cache_valid 301 1h; fastcgi_cache_valid any 1m; fastcgi_cache_bypass $no_cache; fastcgi_no_cache $no_cache; } # redirect server error pages to the static page /50x.html # error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/share/nginx/subdomain/www; } # pass the PHP scripts to FastCGI server listening on socket # #~ \.php$ location ~ [^/]\.php(/|$) { proxy_set_header X-Forwarded-Proto $scheme; try_files $uri $uri/ /index.php?$args; if (!-f $document_root$fastcgi_script_name) { return 404; } fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass unix:/run/php/php7.4-fpm-www.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param SUBDOMAIN www; # $_SERVER["SUBDOMAIN"] fastcgi_cache MYAPP; fastcgi_cache_valid 200 302 60m; fastcgi_cache_valid 301 1h; fastcgi_cache_valid any 1m; fastcgi_cache_bypass $no_cache; fastcgi_no_cache $no_cache; } location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ { proxy_set_header X-Forwarded-Proto $scheme; fastcgi_cache MYAPP; fastcgi_cache_valid 200 302 60m; fastcgi_cache_valid 301 1h; fastcgi_cache_valid any 1m; proxy_cache_background_update on; proxy_cache_lock on; } # deny access to . files, for security # location ~ /\. { log_not_found off; deny all; } location ~ ^/(status|ping)$ { access_log off; allow 127.0.0.1; deny all; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $fastcgi_script_name; fastcgi_pass unix:/run/php/php7.4-fpm-www.sock; } }