digbox/AdsPreview
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
99bcbc9e9a1e56d567cb6aa96946fb94d12190a8
AdsPreview/deployment/nginx/adspreview-react.example.conf
Johannes b4758b4f26 security: clean repository without media files and sensitive data 
- Removed area/ directory with 816MB of media files
- Removed sensitive FTP credentials from Git history
- Implemented .env.upload system for secure deployments
- Added comprehensive .gitignore for future protection

This commit represents a clean slate with all sensitive data removed.
2025-09-07 11:05:29 +02:00

121 lines
3.2 KiB
Plaintext
Raw Blame History

# nginx configuration for AdsPreview React Application
# Copy this file to your nginx sites-available directory and adjust paths as needed
# Example: sudo cp adspreview-react.example.conf /etc/nginx/sites-available/adspreview-react
# Then: sudo ln -s /etc/nginx/sites-available/adspreview-react /etc/nginx/sites-enabled/
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
{{ssl_certificate_key}}
{{ssl_certificate}}
server_name adspreview.example.com;
root /home/adspreview/htdocs/adspreview.example.com/public;
{{nginx_access_log}}
{{nginx_error_log}}
if ($scheme != "https") {
rewrite ^ https://$host$uri permanent;
}
location ~ /.well-known {
auth_basic off;
allow all;
}
{{settings}}
location / {
{{varnish_proxy_pass}}
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header X-Varnish;
proxy_redirect off;
proxy_max_temp_file_size 0;
proxy_connect_timeout 720;
proxy_send_timeout 720;
proxy_read_timeout 720;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
}
# Statische Assets über Proxy weiterleiten
location /static/ {
{{varnish_proxy_pass}}
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header X-Varnish;
expires 1y;
add_header Cache-Control "public, immutable";
add_header Access-Control-Allow-Origin "*";
}
location ~* ^.+\.(css|js|jpg|jpeg|gif|png|ico|gz|svg|svgz|ttf|otf|woff|woff2|eot|mp4|ogg|ogv|webm|webp|zip|swf|map|mjs)$ {
add_header Access-Control-Allow-Origin "*";
expires max;
access_log off;
}
location ~ /\.(ht|svn|git) {
deny all;
}
if (-f $request_filename) {
break;
}
}
server {
listen 8080;
listen [::]:8080;
server_name adspreview.example.com;
root /home/adspreview/htdocs/adspreview.example.com/public;
index index.html index.php;
# Area-Ordner direkt ausliefern (Alias!)
location /area/ {
alias /home/adspreview/htdocs/adspreview.example.com/area/;
autoindex off;
}
# API-Requests immer an index.php
location ~ ^/api/ {
try_files $uri $uri/ /index.php?$args;
}
# Statische Assets (CSS, JS, Bilder, etc.)
location /static/ {
expires 1y;
add_header Cache-Control "public, immutable";
try_files $uri =404;
}
# PHP-Dateien verarbeiten
location ~ \.php$ {
include fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
try_files $uri =404;
fastcgi_read_timeout 3600;
fastcgi_send_timeout 3600;
fastcgi_param HTTPS "on";
fastcgi_param SERVER_PORT 443;
fastcgi_pass 127.0.0.1:{{php_fpm_port}};
fastcgi_param PHP_VALUE "{{php_settings}}";
}
# React SPA Fallback - alle anderen Routen auf index.html weiterleiten
location / {
try_files $uri $uri/ /index.html;
}
}
Reference in New Issue View Git Blame Copy Permalink