Last active
October 19, 2021 07:43
-
-
Save tranghaviet/2cde30aa5eacda141d7de5029fce983e to your computer and use it in GitHub Desktop.
Nginx block config for laravel
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Permission for laravel project | |
| # sudo chgrp -R www-data storage bootstrap/cache | |
| # sudo chmod -R ug+rwx storage bootstrap/cache | |
| # OR: sudo chown -R <user>:www-data storage bootstrap/cache | |
| # Allow current user edit file | |
| # sudo usermod -a -G www-data <username> | |
| # sudo chmod 775 -R storage | |
| # After created, enable this configuration | |
| # sudo ln -s /etc/nginx/sites-available/project.conf /etc/nginx/sites-enabled | |
| # And add to /etc/hosts | |
| # 127.0.0.1 project.local | |
| # 127.0.0.1 www.project.local | |
| # Restart nginx: sudo service nginx restart | |
| # force HTTPS | |
| server { | |
| listen 80 default_server; | |
| listen [::]:80 default_server; | |
| server_name laravel.local; | |
| return 301 https://$server_name$request_uri; | |
| } | |
| server { | |
| # listen 80 default_server; | |
| # listen [::]:80 default_server; | |
| listen 443 ssl http2 default_server; | |
| listen [::]:443 ssl http2 default_server; | |
| server_name laravel.local; | |
| root /var/www/laravel/public; | |
| error_log /var/log/nginx/laravel.local.error.log; | |
| # access_log /var/log/nginx/laravel.local.access.log; | |
| # ssl_certificate /etc/ssl/certs/localhost.crt; | |
| # ssl_certificate_key /etc/ssl/private/localhost.key; | |
| ssl_certificate /path/_wildcard.laravel.local.pem; | |
| ssl_certificate_key /path/_wildcard.laravel.local-key.pem; | |
| ssl_protocols TLSv1.2 TLSv1.1 TLSv1; | |
| add_header X-Frame-Options "SAMEORIGIN"; | |
| add_header X-XSS-Protection "1; mode=block"; | |
| add_header X-Content-Type-Options "nosniff"; | |
| index index.php index.htm index.html; | |
| charset utf-8; | |
| location / { | |
| try_files $uri $uri/ /index.php?$query_string; | |
| } | |
| location ~* \.(?:jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc|svg|woff|woff2|ttf)\$ { | |
| expires 1M; # 1 month | |
| access_log off; | |
| log_not_found off; | |
| add_header Cache-Control "public"; | |
| } | |
| location ~* \.(?:css|js)\$ { | |
| expires 7d; # 7 days | |
| access_log off; | |
| log_not_found off; | |
| add_header Cache-Control "public"; | |
| } | |
| # removes trailing slashes (prevents SEO duplicate content issues) | |
| #if (!-d $request_filename) | |
| #{ | |
| # rewrite ^/(.+)/$ /$1 permanent; | |
| #} | |
| # enforce NO www: a.local => www.a.local | |
| if ($host ~* ^www\.(.*)) | |
| { | |
| set $host_without_www $1; | |
| rewrite ^/(.*)$ $scheme://$host_without_www/$1 permanent; | |
| } | |
| location = /favicon.ico { access_log off; log_not_found off; } | |
| location = /robots.txt { access_log off; log_not_found off; } | |
| error_page 404 /index.php; | |
| location ~ \.php$ { | |
| fastcgi_split_path_info ^(.+\.php)(/.+)$; | |
| fastcgi_pass unix:/var/run/php/php7.3-fpm.sock; | |
| fastcgi_index index.php; | |
| fastcgi_read_timeout 600; | |
| fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; #important | |
| include fastcgi_params; | |
| } | |
| location ~ /\.(?!well-known).* { deny all; } | |
| location ~ /\.ht { deny all; } | |
| } | |
| # Ref: https://gist.github.com/ashleydw/afd389b1e763d3c1cf1f |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment