Skip to content

Instantly share code, notes, and snippets.

@AkostDev

AkostDev/bitrix-fpm.tpl

Forked from wiedev-akro/bitrix-fpm.tpl
Created July 12, 2024 10:16
Show Gist options
  • Save AkostDev/8d5b3cd914d39e63eefabfcd43f48340 to your computer and use it in GitHub Desktop.
Save AkostDev/8d5b3cd914d39e63eefabfcd43f48340 to your computer and use it in GitHub Desktop.
Download ZIP
CloudPanel template (1C-Bitrix + php-fpm)
Raw
bitrix-fpm.tpl
#{"rootDirectory":"","phpVersion":"8.3","varnishCacheSettings":{"cacheLifetime":"604800","controller":"generic","excludes":["^\/bitrix\/admin\/"],"excludedParams":["__SID","noCache"]}}
server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
{{ssl_certificate_key}}
{{ssl_certificate}}
{{server_name}}
{{root}}
{{nginx_access_log}}
{{nginx_error_log}}
if ($scheme != "https") {
rewrite ^ https://$host$uri permanent;
}
location ~ /.well-known {
auth_basic off;
allow all;
}
{{settings}}
location / {
{{varnish_proxy_pass}}
proxy_set_header Host $http_host;
proxy_set_header X-Forwarded-Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_hide_header X-Varnish;
proxy_redirect off;
proxy_max_temp_file_size 0;
proxy_connect_timeout 720;
proxy_send_timeout 720;
proxy_read_timeout 720;
proxy_buffer_size 128k;
proxy_buffers 4 256k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
client_max_body_size 1024M;
client_body_buffer_size 4M;
try_files $uri $uri/ @bitrix;
}
location ~* /upload/.*\.(php|php3|php4|php5|php6|phtml|pl|asp|aspx|cgi|dll|exe|shtm|shtml|fcg|fcgi|fpl|asmx|pht|py|psp|rb|var)$ {
types {
text/plain text/plain php php3 php4 php5 php6 phtml pl asp aspx cgi dll exe ico shtm shtml fcg fcgi fpl asmx pht py psp rb var;
}
}
location ~ \.php$ {
try_files $uri @bitrix;
fastcgi_pass 127.0.0.1:{{php_fpm_port}};
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "{{php_settings}}";
include fastcgi_params;
}
location @bitrix {
fastcgi_pass 127.0.0.1:{{php_fpm_port}};
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root/bitrix/urlrewrite.php;
fastcgi_param PHP_ADMIN_VALUE "{{php_settings}}";
}
location ~* /bitrix/admin.+\.php$ {
try_files $uri @bitrixadm;
fastcgi_pass 127.0.0.1:{{php_fpm_port}};
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PHP_ADMIN_VALUE "{{php_settings}}";
include fastcgi_params;
}
location @bitrixadm {
fastcgi_pass 127.0.0.1:{{php_fpm_port}};
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root/bitrix/admin/404.php;
fastcgi_param PHP_ADMIN_VALUE "{{php_settings}}";
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
#
# block this locations for any installation
#
# ht(passwd|access)
location ~* /\.ht { deny all; }
# repositories
location ~* /\.(svn|hg|git) { deny all; }
# bitrix internal locations
location ~* ^/bitrix/(modules|local_cache|stack_cache|managed_cache|php_interface) {
deny all;
}
# upload files
location ~* ^/upload/1c_[^/]+/ { deny all; }
# use the file system to access files outside the site (cache)
location ~* /\.\./ { deny all; }
location ~* ^/bitrix/html_pages/\.config\.php { deny all; }
location ~* ^/bitrix/html_pages/\.enabled { deny all; }
# Intenal locations
location ^~ /upload/support/not_image { internal; }
# Cache location: composite and general site
location ~* @.*\.html$ {
internal;
# disable browser cache, php manage file
expires -1y;
add_header X-Bitrix-Composite "Nginx (file)";
}
# Player options, disable no-sniff
location ~* ^/bitrix/components/bitrix/player/mediaplayer/player$ {
add_header Access-Control-Allow-Origin *;
}
# Accept access for merged css and js
location ~* ^/bitrix/cache/(css/.+\.css|js/.+\.js)$ {
expires 30d;
error_page 404 /404.html;
}
# Disable access for other assets in cache location
location ~* ^/bitrix/cache { deny all; }
# Use nginx to return static content from s3 cloud storage
# /upload/bx_cloud_upload/<schema>.<backet_name>.<s3_point>.amazonaws.com/<path/to/file>
location ^~ /upload/bx_cloud_upload/ {
location ~ ^/upload/bx_cloud_upload/(http[s]?)\.([^/:]+)\.(s3|s3-us-west-1|s3-eu-west-1|s3-ap-southeast-1|s3-ap-northeast-1)\.amazonaws\.com/(.+)$ {
internal;
resolver 8.8.8.8;
proxy_method GET;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Server $host;
#proxy_max_temp_file_size 0;
proxy_pass $1://$2.$3.amazonaws.com/$4;
}
location ~* .*$ { deny all; }
}
# Static content
location ~* ^/(upload|bitrix/images|bitrix/tmp) {
expires 30d;
}
location ~* \.\.(css|js|jpg|jpeg|gif|png|ico|gz|svg|svgz|ttf|otf|woff|woff2|eot|mp4|ogg|ogv|webm|webp|zip|swf|map)$ {
error_page 404 /404.html;
expires 30d;
}
location = /404.html {
access_log off ;
}
}
server {
listen 8080;
listen [::]:8080;
{{server_name}}
{{root}}
try_files $uri $uri/ /index.php?$args;
index index.php index.html;
location ~ \.php$ {
include fastcgi_params;
fastcgi_intercept_errors on;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
try_files $uri =404;
fastcgi_read_timeout 3600;
fastcgi_send_timeout 3600;
fastcgi_param HTTPS "on";
fastcgi_param SERVER_PORT 443;
fastcgi_pass 127.0.0.1:{{php_fpm_port}};
fastcgi_param PHP_ADMIN_VALUE "{{php_settings}}";
}
if (-f $request_filename) {
break;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment