configurations/Nginx/Server Blocks/pbx.ins.conf

49 lines
1.6 KiB
Plaintext

server {
listen 10.8.0.1:443 ssl http2;
listen [::]:443 ssl http2;
server_name pbx.ins;
ssl_certificate /etc/nginx/ssl/pbx-ins.chain.crt;
ssl_certificate_key /etc/nginx/ssl/pbx-ins.key.pem;
ssl_session_cache builtin:1000 shared:SSL:10m;
#include /etc/nginx/error/502;
#include /etc/nginx/error/504;
#include /etc/nginx/error/500;
#include /etc/nginx/error/404;
#include /etc/nginx/error/429;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_stapling_verify on;
client_max_body_size 230M;
client_body_timeout 1h;
#limit_req zone=one burst=15;
root /var/www/html;
index index.html index.htm index.php;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf; # server defaults are good
fastcgi_pass unix:/run/php/php7.3-fpm-asterisk.sock;
fastcgi_param HTACCESS on; # disables FreePBX htaccess warning
proxy_read_timeout 800;
}
# disallows the things that the FreePBX .htaccess files disallow
location ~ (/\.ht|/\.git|\.ini$|/libraries|/helpers|/i18n|/node|/views/.+php$) {
deny all;
}
# from the api module .htaccess file
rewrite ^/admin/api/([^/]*)/([^/]*)/?(.*)?$ /admin/api/api.php?module=$1&command=$2&route=$3 last;
}