JustPaste.it

server {
# Ports to listen on
listen 80;
listen 443 ssl http2;
listen [::]:443 ssl http2;

# Server name to listen for
server_name brmms.de www.brmms.de;

# Path to document root
root /var/www/brmmssrv/staging;

# File to be used as index
index index.php;

# Overrides logs defined in nginx.conf, allows per site logs.
access_log /var/www/brmmssrv/logs/staging-access.log;
error_log /var/www/brmmssrv/logs/staging-error.log;

# Default server block rules
include global/server/defaults.conf;

location / {
try_files $uri $uri/ /index.php?$args;
auth_basic "Private Property";
auth_basic_user_file /var/www/brmmssrv/staging/.htpasswd;
}

location ~ \.php$ {
try_files $uri =404;
include global/fastcgi-params.conf;
fastcgi_read_timeout 180;
# Change socket if using PHP pools or different PHP version
#fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_pass 127.0.0.1:9000;
}

# Rewrite robots.txt
rewrite ^/robots.txt$ /index.php last;

ssl_certificate /etc/letsencrypt/live/brmms.de/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/brmms.de/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot


# Redirect non-https traffic to https
if ($scheme != "https") {
return 301 https://$host$request_uri;
} # managed by Certbot


location ~* \.(?:css|js|woff|woff2|eot|svg|ttf|otf|png|gif|jpe?g) {
access_log off;
add_header Cache-Control public;
expires 30d;
}


}

# Redirect www to non-www
server {
listen 80;
listen [::]:80;
listen 443 ssl;

return 301 https://brmms.de$request_uri;

}