Файл конфигурации Nginx для Mautic 4

Приводим пример нашего типового файла конфигурации Mautic4 для Nginx

Файл /etc/nginx/sites-available/

При установке конфига заменить на название сервера

server {
   listen 80;
   listen [::]:80;
   server_name <server_name>;
   access_log off;
   return 301 https://<server_name>$request_uri;
}

server {
  listen 443 ssl http2;
  listen [::]:443 ssl http2;
  server_name <server_name>;
  ssl_certificate /etc/letsencrypt/live/<server_name>/fullchain.pem;
  ssl_certificate_key /etc/letsencrypt/live/<server_name>/privkey.pem;

   root /home/mautic/<server_name>/docroot;
   error_log /var/log/nginx/mautic.error.log;
   access_log /var/log/nginx/mautic.access.log;
   client_max_body_size 20M;

   index index.php index.html index.htm;

   location / {
     try_files $uri $uri/ /index.php$is_args$args;
   }

   location ~ /(mtc.js|.*\.js|mtracking.gif|.*\.gif|mtc|generate.js) {
       # default_type "application/javascript";
       try_files $uri /index.php$is_args$args;
   }

   #redirect some entire folders
   rewrite ^/(vendor|translations|build)/.* /index.php break;

   location ~ \.php$ {
     try_files $uri =404;
     fastcgi_split_path_info ^(.+\.php)(/.+)$;
     fastcgi_pass unix:/var/run/php/mautic.sock;
     fastcgi_index index.php;
     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
     include fastcgi_params;

     fastcgi_buffer_size 128k;
     fastcgi_buffers 256 16k;
     fastcgi_busy_buffers_size 256k;
     fastcgi_temp_file_write_size 256k;
   }

    # Deny everything else in /app folder except Assets folder in bundles
    location ~ /app/bundles/.*/Assets/ {
        allow all;
        access_log off;
    }
    #location ~ /app/ { deny all; }

    # Deny everything else in /addons or /plugins folder except Assets folder in bundles
    location ~ /(addons|plugins)/.*/Assets/ {
        allow all;
        access_log off;
    }
    location ~ /(addons|plugins)/ { deny all; }

    # Deny all php files in themes folder
      location ~* ^/themes/(.*)\.php {
        deny all;
    }

    # Don't log favicon
    location = /favicon.ico {
        log_not_found off;
        access_log off;
    }

    # Don't log robots
    location = /robots.txt  {
        access_log off;
        log_not_found off;
    }

    location ~* /(.*)\.(?:markdown|md|twig|yaml|yml|ht|htaccess|ini)$ {
        deny all;
        access_log off;
        log_not_found off;
    }

    location ~ /.well-known/acme-challenge {
      allow all;
    }

    location ~ /\. {
        deny all;
        access_log off;
        log_not_found off;
    }

    location ~* (Gruntfile|package|composer)\.(js|json)$ {
        deny all;
        access_log off;
        log_not_found off;
    }

    location ~* /(?:uploads|files)/.*\.php$ {
      deny all;
    }

    location ~* \.(jpg|jpeg|gif|png|webp|svg|woff|woff2|ttf|css|js|ico|xml)$ {
       access_log        off;
       log_not_found     off;
       expires           360d;
  }
}

Так же при использовании composer нужно выполнять touch LICENSE.txt в webroot - это необзодимо для работы некоторых надстроек

Previous Post