ofco/medicalalert-web-reloaded
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
Files
5d0f0734d85272debb02b86ed217ae051efaed73
medicalalert-web-reloaded/build/dev/medicalalert-web-default-conf-cm.yaml
Rachit Bhargava 5d0f0734d8 first commit
2023-07-21 17:12:10 -04:00

166 lines
5.1 KiB
YAML
Executable File
Raw Blame History

apiVersion: v1
kind: ConfigMap
metadata:
name: medicalalert-web-default-conf-cm
namespace: caresage-web
labels:
app: medicalalert-web
data:
default.conf: |
# ---------------------
fastcgi_cache_path /var/lib/nginx/cache levels=1:2 keys_zone=MYAPP:100m inactive=60m;
fastcgi_cache_key "$scheme$request_method$host$request_uri";
# Only cache positive responses
proxy_cache_valid 200 1h;
proxy_cache_valid 301 302 15m;
server {
listen 80; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
# if ($http_x_forwarded_proto != 'https') {
#set $cond A;
#}
#if ($http_host ~ ^localhost) {
#set $cond "${cond}B";
#if ($cond = AB) {
# return 301 http://$host$request_uri;
#}
if ($http_x_forwarded_proto != 'https') {
return 301 https://$host$request_uri;
}
root /usr/share/nginx/html;
index index.php index.html index.htm;
# Make site accessible from http://localhost/
server_name localhost;
#server_name local.lifeline-prod.com;
# Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html
sendfile off;
# Security - Hide nginx version number in error pages and Server header
server_tokens off;
# Add stdout logging
error_log /dev/stdout error;
access_log /dev/stdout;
# reduce the data that needs to be sent over network
gzip on;
gzip_min_length 10240;
gzip_proxied expired no-cache no-store private auth;
gzip_types text/plain text/css text/xml application/json text/javascript application/x-javascript application/xml;
gzip_disable "MSIE [1-6]\.";
add_header 'Content-Security-Policy' 'upgrade-insecure-requests';
add_header X-Cache-Status $upstream_cache_status;
add_header Cache-Control "public";
#Cache everything by default
set $no_cache 0;
#Don't cache POST requests
if ($request_method = POST)
{
set $no_cache 1;
}
#Don't cache if the URL contains a query string
if ($query_string != "")
{
set $no_cache 1;
}
#Don't cache the following URLs
if ($request_uri ~* "/(administrator/|wp-login.php)")
{
set $no_cache 1;
}
#Don't cache if there is a cookie called PHPSESSID
if ($http_cookie = "PHPSESSID")
{
set $no_cache 1;
}
location / {
# First attempt to serve request as file, then
# as directory, then fall back to index.php
try_files $uri $uri/ /index.php?$args;
proxy_set_header X-Forwarded-Proto $scheme;
#proxy_cache cache;
#proxy_cache_background_update on;
#proxy_cache_lock on;
#proxy_cache_revalidate on;
include /etc/nginx/fastcgi_params;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
# redirect server error pages to the static page /50x.html
#
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# pass the PHP scripts to FastCGI server listening on socket
#
#~ \.php$
location ~ [^/]\.php(/|$) {
#try_files $uri $uri/ /index.php?$query_string;
proxy_set_header X-Forwarded-Proto $scheme;
#proxy_cache cache;
#proxy_cache_background_update on;
#proxy_cache_lock on;
#proxy_cache_revalidate on;
try_files $uri $uri/ /index.php?$args;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
fastcgi_cache_bypass $no_cache;
fastcgi_no_cache $no_cache;
}
location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
proxy_set_header X-Forwarded-Proto $scheme;
fastcgi_cache MYAPP;
fastcgi_cache_valid 200 302 60m;
fastcgi_cache_valid 301 1h;
fastcgi_cache_valid any 1m;
proxy_cache_background_update on;
proxy_cache_lock on;
}
# deny access to . files, for security
#
location ~ /\. {
log_not_found off;
deny all;
}
}
Reference in New Issue View Git Blame Copy Permalink