Akaunting/nginx/nginx.conf

# Generic startup file.
user www-data;

#usually equal to number of CPUs you have. run command "grep processor /proc/cpuinfo | wc -l" to find it
worker_processes  auto;
worker_cpu_affinity auto;

error_log  /var/log/nginx/error.log;
pid        /var/run/nginx.pid;

# Keeps the logs free of messages about not being able to bind().
#daemon     off;

events {
    worker_connections  1024;
}

http {
#   rewrite_log on;

    include mime.types;
    default_type       application/octet-stream;
    access_log         /var/log/nginx/access.log;
    sendfile           on;
#   tcp_nopush         on;
    keepalive_timeout  64;
#   tcp_nodelay        on;
#   gzip               on;
        #php max upload limit cannot be larger than this       
    client_max_body_size 13m;
    index              index.php index.html index.htm;

    # Upstream to abstract backend connection(s) for PHP.
    upstream php {
                #this should match value of "listen" directive in php-fpm pool
        server unix:/tmp/php-fpm.sock;
        server localhost:9000;
    }

    server {
            listen 80 default_server;

            server_name _;

            root /var/www/html;

            add_header X-Frame-Options "SAMEORIGIN";
            add_header X-XSS-Protection "1; mode=block";
            add_header X-Content-Type-Options "nosniff";

            index index.html index.htm index.php;

            charset utf-8;

            location / {
                    try_files $uri $uri/ /index.php?$query_string;
            }

            # Prevent Direct Access To Protected Files
            location ~ \.(env|log) {
                    deny all;
            }

            # Prevent Direct Access To Protected Folders
            location ~ ^/(^app$|bootstrap|config|database|overrides|resources|routes|storage|tests|artisan) {
                    deny all;
            }

            # Prevent Direct Access To modules/vendor Folders Except Assets
            location ~ ^/(modules|vendor)\/(.*)\.((?!ico|gif|jpg|jpeg|png|js\b|css|less|sass|font|woff|woff2|eot|ttf|svg).)*$ {
                    deny all;
            }

            error_page 404 /index.php;

            # Pass PHP Scripts To FastCGI Server
            location ~ \.php$ {
                    fastcgi_split_path_info ^(.+\.php)(/.+)$;
                    fastcgi_pass php;
                    fastcgi_index index.php;
                    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                    include fastcgi_params;
            }

            location ~ /\.(?!well-known).* {
                    deny all;
            }
    }
}
Add new ways to explore containerized Akaunting! 2021-03-22 07:11:25 +00:00			`# Generic startup file.`
			`user www-data;`

			`#usually equal to number of CPUs you have. run command "grep processor /proc/cpuinfo \| wc -l" to find it`
			`worker_processes auto;`
			`worker_cpu_affinity auto;`

			`error_log /var/log/nginx/error.log;`
			`pid /var/run/nginx.pid;`

			`# Keeps the logs free of messages about not being able to bind().`
			`#daemon off;`

			`events {`
			`worker_connections 1024;`
			`}`

			`http {`
			`# rewrite_log on;`

			`include mime.types;`
			`default_type application/octet-stream;`
			`access_log /var/log/nginx/access.log;`
			`sendfile on;`
			`# tcp_nopush on;`
			`keepalive_timeout 64;`
			`# tcp_nodelay on;`
			`# gzip on;`
			`#php max upload limit cannot be larger than this`
			`client_max_body_size 13m;`
			`index index.php index.html index.htm;`

			`# Upstream to abstract backend connection(s) for PHP.`
			`upstream php {`
			`#this should match value of "listen" directive in php-fpm pool`
			`server unix:/tmp/php-fpm.sock;`
			`server localhost:9000;`
			`}`

			`server {`
			`listen 80 default_server;`

			`server_name _;`

			`root /var/www/html;`

			`add_header X-Frame-Options "SAMEORIGIN";`
			`add_header X-XSS-Protection "1; mode=block";`
			`add_header X-Content-Type-Options "nosniff";`

			`index index.html index.htm index.php;`

			`charset utf-8;`

			`location / {`
			`try_files $uri $uri/ /index.php?$query_string;`
			`}`

			`# Prevent Direct Access To Protected Files`
			`location ~ \.(env\|log) {`
			`deny all;`
			`}`

			`# Prevent Direct Access To Protected Folders`
			`location ~ ^/(^app$\|bootstrap\|config\|database\|overrides\|resources\|routes\|storage\|tests\|artisan) {`
			`deny all;`
			`}`

			`# Prevent Direct Access To modules/vendor Folders Except Assets`
			`location ~ ^/(modules\|vendor)\/(.)\.((?!ico\|gif\|jpg\|jpeg\|png\|js\b\|css\|less\|sass\|font\|woff\|woff2\|eot\|ttf\|svg).)$ {`
			`deny all;`
			`}`

			`error_page 404 /index.php;`

			`# Pass PHP Scripts To FastCGI Server`
			`location ~ \.php$ {`
			`fastcgi_split_path_info ^(.+\.php)(/.+)$;`
			`fastcgi_pass php;`
			`fastcgi_index index.php;`
			`fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;`
			`include fastcgi_params;`
			`}`

			`location ~ /\.(?!well-known).* {`
			`deny all;`
			`}`
			`}`
			`}`