Commit 89f82b3

committed

fix: Simple config update

- single nginx server - ssl offload - adjust for docker

1 parent 27000d0 commit 89f82b3Copy full SHA for 89f82b3

File tree

10 files changed

+65

-67

lines changed

magento2
- conf_m2
- services
  - phpmyadmin.conf
  - rabbitmq.conf
- sites-available
  - magento2.conf

10 files changed

+65

-67

lines changed

`‎magento2/conf_m2/admin_protect.conf‎ renamed to ‎magento2/conf_m2/admin.conf‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,8 +1,8 @@`
`1`		`-`
	`1`	`+## Admin location config`
`2`	`2`	`location ~ ^/(index.php/)?${ADMIN_PATH} {`
`3`	`3`
`4`	`4`	`include ipset/allow.conf;`
`5`	`5`	`deny all;`
`6`	`6`
`7`		`- proxy_pass http://varnish;`
	`7`	`+ try_files $uri $uri/ /index.php$is_args$args;`
`8`	`8`	`}`

`‎magento2/conf_m2/cors.conf‎`

Lines changed: 14 additions & 14 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,21 +1,21 @@`
`1`	`1`	`if ($request_method = 'OPTIONS') {`
`2`		`- add_header 'Access-Control-Allow-Origin' '$cors_origin';`
`3`		`- add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';`
`4`		`- add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';`
`5`		`- add_header 'Access-Control-Max-Age' 1728000;`
`6`		`- add_header 'Content-Type' 'text/plain; charset=utf-8';`
`7`		`- add_header 'Content-Length' 0;`
	`2`	`+ add_header 'Access-Control-Allow-Origin' $cors_origin always;`
	`3`	`+ add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;`
	`4`	`+ add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;`
	`5`	`+ add_header 'Access-Control-Max-Age' 1728000 always;`
	`6`	`+ add_header 'Content-Type' 'text/plain; charset=utf-8' always;`
	`7`	`+ add_header 'Content-Length' 0 always;`
`8`	`8`	`return 204;`
`9`	`9`	`}`
`10`	`10`	`if ($request_method = 'POST') {`
`11`		`- add_header 'Access-Control-Allow-Origin' '$cors_origin';`
`12`		`- add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';`
`13`		`- add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';`
`14`		`- add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';`
	`11`	`+ add_header 'Access-Control-Allow-Origin' $cors_origin always;`
	`12`	`+ add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;`
	`13`	`+ add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;`
	`14`	`+ add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;`
`15`	`15`	`}`
`16`	`16`	`if ($request_method = 'GET') {`
`17`		`- add_header 'Access-Control-Allow-Origin' '$cors_origin';`
`18`		`- add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';`
`19`		`- add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range';`
`20`		`- add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range';`
	`17`	`+ add_header 'Access-Control-Allow-Origin' $cors_origin always;`
	`18`	`+ add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS' always;`
	`19`	`+ add_header 'Access-Control-Allow-Headers' 'DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range' always;`
	`20`	`+ add_header 'Access-Control-Expose-Headers' 'Content-Length,Content-Range' always;`
`21`	`21`	`}`

`‎magento2/conf_m2/maps.conf‎`

Lines changed: 1 addition & 1 deletion

Original file line number	Diff line number	Diff line change
`@@ -33,7 +33,7 @@ map $request $writelog {`
`33`	`33`	`## CORS headers`
`34`	`34`	`map $http_origin $cors_origin {`
`35`	`35`	`default "";`
`36`		`- ~*.${DOMAIN}$ "$http_origin";`
	`36`	`+ ~*.${DOMAIN}$ $http_origin;`
`37`	`37`	`}`
`38`	`38`
`39`	`39`	`## Location http auth`

`‎magento2/conf_m2/media.conf‎`

Lines changed: 3 additions & 3 deletions

Original file line number	Diff line number	Diff line change
`@@ -44,10 +44,10 @@ location /media/ {`
`44`	`44`	`location ~* \.(jpg\|jpeg\|png\|webp\|gif\|svg\|swf\|eot\|ttf\|otf\|woff\|woff2\|js\|css\|ico\|txt)$ {`
`45`	`45`	`expires max;`
`46`	`46`	`add_header Cache-Control "public";`
`47`		`- proxy_pass http://nginx;`
	`47`	`+ try_files $uri $uri/ @media;`
`48`	`48`	`}`
`49`	`49`	`## Default media handler for other files`
`50`		`- proxy_pass http://nginx;`
	`50`	`+ try_files $uri $uri/ @media;`
`51`	`51`	`}`
`52`	`52`
`53`		`-`
	`53`	`+ location @media { try_files $uri $uri/ /get.php$is_args$args; }`

`‎magento2/conf_m2/php_backend.conf‎`

Lines changed: 2 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -2,16 +2,16 @@`
`2`	`2`	`## specific security and compatibility headers`
`3`	`3`	`add_header X-Magenx-Config 'MagenX -= www.magenx.com =-' always;`
`4`	`4`	`add_header X-Request-Time $request_time always;`
`5`		`-add_header X-Request-ID $http_x_request_id always;`
	`5`	`+add_header X-Request-ID $request_id always;`
`6`	`6`	`add_header Strict-Transport-Security "max-age=31556926; includeSubDomains; preload" always;`
`7`	`7`	`add_header Referrer-Policy "strict-origin-when-cross-origin" always;`
`8`		`-add_header X-UA-Compatible 'IE=Edge,chrome=1';`
`9`	`8`
`10`	`9`	`## php backend settings`
`11`	`10`	`fastcgi_pass $mage_php_route;`
`12`	`11`	`fastcgi_index index.php;`
`13`	`12`
`14`	`13`	`fastcgi_keep_conn on;`
	`14`	`+# fastcgi_intercept_errors on;`
`15`	`15`	`include fastcgi_params;`
`16`	`16`
`17`	`17`	`## Enable Magento profiler`

`‎magento2/conf_m2/extra_protect.conf‎ renamed to ‎magento2/conf_m2/protect.conf‎`

Lines changed: 6 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -21,44 +21,44 @@ location ~ ^/((fire\|one.+)?checkout\|magewire)/ {`
`21`	`21`	`if ($cookie_form_key = "") { return 403; }`
`22`	`22`	`limit_req zone=checkout burst=8;`
`23`	`23`	`limit_req_status 429;`
`24`		`- proxy_pass http://nginx;`
	`24`	`+ try_files $uri $uri/ /index.php$is_args$args;`
`25`	`25`	`}`
`26`	`26`
`27`	`27`	`location ~ ^/(wishlist\|customer)/ {`
`28`	`28`	`if ($search_bot) { return 410; }`
`29`	`29`	`limit_req zone=customer burst=4;`
`30`	`30`	`limit_req_status 429;`
`31`		`- proxy_pass http://nginx;`
	`31`	`+ try_files $uri $uri/ /index.php$is_args$args;`
`32`	`32`	`}`
`33`	`33`
`34`	`34`	`location ~ ^/(productalert\|outofstocknotification\|newsletter\|sendfriend\|catalog/product_compare\|sales/guest/view\|contact/index/post\|review/product/post)/ {`
`35`	`35`	`if ($search_bot) { return 410; }`
`36`	`36`	`if ($cookie_form_key = "") { return 403; }`
`37`	`37`	`limit_req zone=catalog burst=4;`
`38`	`38`	`limit_req_status 429;`
`39`		`- proxy_pass http://nginx;`
	`39`	`+ try_files $uri $uri/ /index.php$is_args$args;`
`40`	`40`	`}`
`41`	`41`
`42`	`42`	`location ~ ^/(catalog)?search/(searchTermsLog\|result\|ajax.+ges?t)/ {`
`43`	`43`	`if ($search_bot) { return 410; }`
`44`	`44`	`if ($cookie_form_key = "") { return 403; }`
`45`	`45`	`limit_req zone=search burst=4;`
`46`	`46`	`limit_req_status 429;`
`47`		`- proxy_pass http://nginx;`
	`47`	`+ try_files $uri $uri/ /index.php$is_args$args;`
`48`	`48`	`}`
`49`	`49`
`50`	`50`	`location ~ /V1/guest-carts/(?<cartId>.+)/payment-information {`
`51`	`51`	`if ($search_bot) { return 410; }`
`52`	`52`	`if ($cookie_form_key = "") { return 403; }`
`53`	`53`	`limit_req zone=payment;`
`54`	`54`	`limit_req_status 429;`
`55`		`- proxy_pass http://nginx;`
	`55`	`+ try_files $uri $uri/ /index.php$is_args$args;`
`56`	`56`	`}`
`57`	`57`
`58`	`58`	`location ~ ^/(soap\|rest\|V1)/ {`
`59`	`59`	`if ($search_bot) { return 410; }`
`60`	`60`	`if ($cookie_form_key = "") { return 403; }`
`61`	`61`	`limit_req zone=api;`
`62`	`62`	`limit_req_status 429;`
`63`		`- proxy_pass http://nginx;`
	`63`	`+ try_files $uri $uri/ /index.php$is_args$args;`
`64`	`64`	`}`

`‎magento2/conf_m2/sitemap.conf‎`

Lines changed: 8 additions & 2 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,5 +1,11 @@`
`1`		`-location ^/(robots\.txt\|google.*\.html) { root $root_path/pub/media/seo; }`
`2`		`-location ~ ^/feeds/.*\.(xml\|csv\|txt) { root $root_path/pub/media; }`
	`1`	`+`
	`2`	`+location ^/(robots\.txt\|google.*\.html) {`
	`3`	`+ root $root_path/pub/media/seo;`
	`4`	`+}`
	`5`	`+`
	`6`	`+location ~ ^/feeds/.*\.(xml\|csv\|txt) {`
	`7`	`+ root $root_path/pub/media;`
	`8`	`+}`
`3`	`9`
`4`	`10`	`location = /sitemap.xml {`
`5`	`11`	`root $root_path/pub/media/sitemap;`

`‎magento2/services/phpmyadmin.conf‎`

Lines changed: 4 additions & 0 deletions

Original file line number	Diff line number	Diff line change
`@@ -5,4 +5,8 @@ location ~ ^/${PHPMYADMIN_PATH}/(.*)$ {`
`5`	`5`	`deny all;`
`6`	`6`
`7`	`7`	`proxy_pass http://phpmyadmin/1ドル$is_args$args;`
	`8`	`+`
	`9`	`+ add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0" always;`
	`10`	`+ add_header Pragma "no-cache" always;`
	`11`	`+ add_header Expires 0 always;`
`8`	`12`	`}`

`‎magento2/services/rabbitmq.conf‎`

Lines changed: 9 additions & 6 deletions

Original file line number	Diff line number	Diff line change
`@@ -1,8 +1,11 @@`
`1`	`1`	`## RabbitMQ configuration`
`2`	`2`	`location ~ ^/${RABBITMQ_PATH}/(.*)$ {`
`3`		`-`
`4`		`- include ipset/allow.conf;`
`5`		`- deny all;`
`6`		`-`
`7`		`- proxy_pass http://rabbitmq/1ドル$is_args$args;`
`8`		`-}`
	`3`	`+ include ipset/allow.conf;`
	`4`	`+ deny all;`
	`5`	`+`
	`6`	`+ proxy_pass http://rabbitmq/1ドル$is_args$args;`
	`7`	`+`
	`8`	`+ add_header Cache-Control "no-store, no-cache, must-revalidate, proxy-revalidate, max-age=0" always;`
	`9`	`+ add_header Pragma "no-cache" always;`
	`10`	`+ add_header Expires 0 always;`
	`11`	`+}`

`‎magento2/sites-available/magento2.conf‎`

Lines changed: 16 additions & 31 deletions

Original file line number	Diff line number	Diff line change
`@@ -4,7 +4,6 @@ include conf_m2/maps.conf;`
`4`	`4`	`## Certbot renew`
`5`	`5`	`# include conf_m2/certbot_renew.conf;`
`6`	`6`
`7`		`-## Proxy server to apply filters and rules`
`8`	`7`	`server {`
`9`	`8`	`listen nginx:80;`
`10`	`9`	`server_name ${DOMAIN};`
`@@ -26,46 +25,33 @@ server {`
`26`	`25`	`if ($deny_ip) { return 403; }`
`27`	`26`	`if ($bad_user_agent) { return 403; }`
`28`	`27`
`29`		`- ## Server maintenance block.`
`30`		`- include conf_m2/maintenance.conf;`
`31`		`-`
`32`		`- ## phpMyAdmin configuration`
`33`		`- include services/phpmyadmin.conf;`
`34`		`-`
`35`		`- ## Rabbitmq configuration`
`36`		`- include services/rabbitmq.conf;`
`37`		`-`
`38`	`28`	`## Extra protection rules`
`39`		`- include conf_m2/extra_protect.conf;`
`40`		`-`
	`29`	`+ include conf_m2/protect.conf;`
	`30`	`+`
`41`	`31`	`## Protect admin path`
`42`		`- include conf_m2/admin_protect.conf;`
`43`		`-`
	`32`	`+ include conf_m2/admin.conf;`
	`33`	`+`
`44`	`34`	`## Error log/page`
`45`		`-# include conf_m2/error_page.conf;`
	`35`	`+# include conf_m2/error_page.conf;`
`46`	`36`
	`37`	`+ ## Server maintenance block.`
	`38`	`+ include conf_m2/maintenance.conf;`
	`39`	`+`
`47`	`40`	`## sitemap and feeds?`
`48`	`41`	`include conf_m2/sitemap.conf;`
`49`	`42`
`50`	`43`	`## Static files push only`
`51`	`44`	`include conf_m2/static.conf;`
`52`	`45`
`53`	`46`	`## Product images and all media/ files`
`54`		`- include conf_m2/media.conf;`
`55`		`-`
`56`		`- ## Proxy-pass to backend`
`57`		`- location / {`
`58`		`- proxy_pass http://nginx;`
`59`		`- }`
`60`		`-}`
`61`		`-`
`62`		`-## Backend server`
`63`		`-server {`
`64`		`- listen nginx:8080;`
`65`		`- server_name ${DOMAIN};`
`66`		`-`
`67`		`- root $root_path/pub;`
`68`		`-`
	`47`	`+ include conf_m2/media.conf;`
	`48`	`+`
	`49`	`+ ## phpMyAdmin configuration`
	`50`	`+ include services/phpmyadmin.conf;`
	`51`	`+`
	`52`	`+ ## Rabbitmq configuration`
	`53`	`+ include services/rabbitmq.conf;`
	`54`	`+`
`69`	`55`	`## Nginx and php-fpm status`
`70`	`56`	`include conf_m2/status.conf;`
`71`	`57`
`@@ -82,7 +68,6 @@ server {`
`82`	`68`	`location ~ ^/(index\|health_check\|get\|static\|errors/(report\|404\|503))\.php$ {`
`83`	`69`	`try_files $uri =404;`
`84`	`70`	`include conf_m2/php_backend.conf;`
`85`		`-# fastcgi_intercept_errors on;`
`86`	`71`
`87`	`72`	`## Enable POST logging`
`88`	`73`	`# if ($request_method = POST) {set $ispostlog A;}`

0 commit comments

Comments

(0)

Navigation Menu

Search code, repositories, users, issues, pull requests...

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Uh oh!

Commit 89f82b3

File tree

10 files changed

10 files changed

`‎magento2/conf_m2/admin_protect.conf‎ renamed to ‎magento2/conf_m2/admin.conf‎`

`‎magento2/conf_m2/cors.conf‎`

`‎magento2/conf_m2/maps.conf‎`

`‎magento2/conf_m2/media.conf‎`

`‎magento2/conf_m2/php_backend.conf‎`

`‎magento2/conf_m2/extra_protect.conf‎ renamed to ‎magento2/conf_m2/protect.conf‎`

`‎magento2/conf_m2/sitemap.conf‎`

`‎magento2/services/phpmyadmin.conf‎`

`‎magento2/services/rabbitmq.conf‎`

`‎magento2/sites-available/magento2.conf‎`

0 commit comments