diff --git a/README.md b/README.md index 4421491..0524ba6 100644 --- a/README.md +++ b/README.md @@ -327,8 +327,8 @@ Default value of NGINX_WP_NOT_FOUND_REGEX (backspaces must be escaped) is: `.+\\ #### Drupal -- Preset templates: [Drupal 10], [Drupal 9], [Drupal 8], [Drupal 7] -- Usage: add `NGINX_VHOST_PRESET=` with the value of `drupal10`, `drupal9`, `drupal8` or `drupal7`. Optionally +- Preset templates: [Drupal 11], [Drupal 10], [Drupal 9], [Drupal 8], [Drupal 7] +- Usage: add `NGINX_VHOST_PRESET=` with the value of `drupal11`, `drupal10`, `drupal9`, `drupal8` or `drupal7`. Optionally modify `NGINX_BACKEND_HOST` - If you want to use [stage_file_proxy](https://www.drupal.org/project/stage_file_proxy) module, set `$NGINX_STATIC_404_TRY_INDEX=1` to redirect 404 static files requests to Drupal @@ -339,7 +339,7 @@ Default value of NGINX_WP_NOT_FOUND_REGEX (backspaces must be escaped) is: `.+\\ Default value of `NGINX_DRUPAL_NOT_FOUND_REGEX` (backspaces must be escaped) is taken from Drupal's `.htaccess` and depends on the Drupal version: -Drupal 10/9/8: +Drupal 11/10/9/8: ``` \\.(engine|md|txt|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\\.php)?|xtmpl|yml|yaml)(~|\\.sw[op]|\\.bak|\\.orig|\\.save)?$|^(\\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template)$|(web\\.config|composer\\.(json|lock)|(package|package-lock)\\.json|yarn\\.lock)$|^#.*#$|\\.php(~|\\.sw[op]|\\.bak|\\.orig|\\.save)$ @@ -351,6 +351,8 @@ Drupal 7: \\.(engine|txt|inc|info|install|make|module|profile|test|po|sh|.*sql|theme|tpl(\\.php)?|xtmpl|yml|yaml)(~|\\.sw[op]|\\.bak|\\.orig|\\.save)?$|^(\\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template|composer\\.(json|lock)|(package|package-lock)\\.json|yarn\\.lock)$|^#.*#$|\\.php(~|\\.sw[op]|\\.bak|\\.orig\\.save)$ ``` +[Drupal 11]: https://github.com/wodby/nginx/blob/master/templates/presets/drupal11.conf.tmpl + [Drupal 10]: https://github.com/wodby/nginx/blob/master/templates/presets/drupal10.conf.tmpl [Drupal 9]: https://github.com/wodby/nginx/blob/master/templates/presets/drupal9.conf.tmpl diff --git a/templates/presets/drupal11.conf.tmpl b/templates/presets/drupal11.conf.tmpl new file mode 100755 index 0000000..dc39a05 --- /dev/null +++ b/templates/presets/drupal11.conf.tmpl @@ -0,0 +1,214 @@ +{{ $static := (getenv "NGINX_STATIC_EXT_REGEX" "css|cur|js|jpe?g|gif|htc|ico|png|xml|otf|ttf|eot|woff|woff2|svg|mp4|svgz|ogg|ogv|pdf|pptx?|zip|tgz|gz|rar|bz2|doc|xls|exe|tar|mid|midi|wav|bmp|rtf|txt|map|webp") }} +{{ $not_found_regex := (getenv "NGINX_DRUPAL_NOT_FOUND_REGEX" "\\.(engine|md|txt|inc|install|make|module|profile|po|sh|.*sql|theme|twig|tpl(\\.php)?|xtmpl|yml|yaml)(~|\\.sw[op]|\\.bak|\\.orig|\\.save)?$|^(\\.(?!well-known).*|Entries.*|Repository|Root|Tag|Template)$|(web\\.config|composer\\.(json|lock)|(package|package-lock)\\.json|yarn\\.lock)$|^#.*#$|\\.php(~|\\.sw[op]|\\.bak|\\.orig|\\.save)$") }} +{{ $files_dir_static := (getenv "NGINX_DRUPAL_FILES_STATIC_EXT_REGEX" "txt") }} + +index index.php index.html; + +include fastcgi.conf; + +{{- if getenv "NGINX_DRUPAL_HIDE_HEADERS" }} +fastcgi_hide_header 'X-Drupal-Cache'; +fastcgi_hide_header 'X-Generator'; +fastcgi_hide_header 'X-Drupal-Dynamic-Cache'; +{{- end }} + +location = /robots.txt { + try_files $uri @drupal-no-args; + access_log off; + log_not_found off; +} + +location = /humans.txt { + try_files $uri @drupal-no-args; + access_log off; + log_not_found off; +} + +location = /ads.txt { + try_files $uri @drupal-no-args; + access_log off; + log_not_found off; +} + +location / { + {{- if getenv "NGINX_DRUPAL_FILE_PROXY_URL" }} + location ~* /sites/.+/files { + try_files $uri @file_proxy; + } + {{- end }} + location ~* /system/files/ { + include fastcgi.conf; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param SCRIPT_NAME /index.php; + fastcgi_param SCRIPT_FILENAME $document_root/index.php; + fastcgi_pass php; + log_not_found off; + } + + location ~* /sites/.+/files/private/ { + internal; + } + + location ~* /files/(css|js|styles)/ { + access_log {{ getenv "NGINX_STATIC_ACCESS_LOG" "off" }}; + expires {{ getenv "NGINX_STATIC_EXPIRES" "1y" }}; + try_files $uri @drupal; + } + + location ~* /sites/.+/files/.+\.(?:{{ $files_dir_static }}) { + access_log {{ getenv "NGINX_STATIC_ACCESS_LOG" "off" }}; + expires {{ getenv "NGINX_STATIC_EXPIRES" "1y" }}; + tcp_nodelay {{ getenv "NGINX_STATIC_TCP_NODELAY" "off" }}; + open_file_cache {{ getenv "NGINX_STATIC_OPEN_FILE_CACHE" "max=1000 inactive=30s" }}; + open_file_cache_valid {{ getenv "NGINX_STATIC_OPEN_FILE_CACHE_VALID" "30s" }}; + open_file_cache_min_uses {{ getenv "NGINX_STATIC_OPEN_FILE_CACHE_MIN_USES" "2" }}; + open_file_cache_errors {{ getenv "NGINX_STATIC_OPEN_FILE_CACHE_ERRORS" "off" }}; + } + + location ~* /sites/.+/files/optimized/(css|js)/ { + expires max; + add_header ETag ''; + add_header Last-Modified 'Wed, 20 Jan 1988 04:20:42 GMT'; + add_header Accept-Ranges ''; + location ~* /sites/.*/files/optimized/css/.+\.css$ { + access_log {{ getenv "NGINX_STATIC_ACCESS_LOG" "off" }}; + add_header Cache-Control "public, max-age=31536000, no-transform, immutable"; + try_files $uri @drupal; + } + location ~* /sites/.*/files/optimized/js/.+\.js$ { + access_log {{ getenv "NGINX_STATIC_ACCESS_LOG" "off" }}; + add_header Cache-Control "public, max-age=31536000, no-transform, immutable"; + try_files $uri @drupal; + } + } + + location ~* /admin/reports/hacked/.+/diff/ { + try_files $uri @drupal; + } + {{- if getenv "NGINX_DRUPAL_ALLOW_XML_ENDPOINTS" }} + location ~* ^.+\.xml { + try_files $uri @drupal; + } + {{ else }} + location ~* /rss.xml { + try_files $uri @drupal-no-args; + } + + location ~* /sitemap.xml { + try_files $uri @drupal; + } + {{- end }} + + # Replica of regex from Drupals core .htaccess. + location ~* {{ $not_found_regex }} { + return 404; + } + + location ~* ^.+\.(?:{{ $static }})$ { + access_log {{ getenv "NGINX_STATIC_ACCESS_LOG" "off" }}; + tcp_nodelay {{ getenv "NGINX_STATIC_TCP_NODELAY" "off" }}; + expires {{ getenv "NGINX_STATIC_EXPIRES" "1y" }}; + + add_header Pragma "cache"; + add_header Cache-Control "public"; + + open_file_cache {{ getenv "NGINX_STATIC_OPEN_FILE_CACHE" "max=1000 inactive=30s" }}; + open_file_cache_valid {{ getenv "NGINX_STATIC_OPEN_FILE_CACHE_VALID" "30s" }}; + open_file_cache_min_uses {{ getenv "NGINX_STATIC_OPEN_FILE_CACHE_MIN_USES" "2" }}; + open_file_cache_errors {{ getenv "NGINX_STATIC_OPEN_FILE_CACHE_ERRORS" "off" }}; + + {{- if getenv "NGINX_STATIC_404_TRY_INDEX" }} + try_files $uri @drupal; + {{- end }} + } + + try_files $uri @drupal; +} + +{{- if getenv "NGINX_DRUPAL_FILE_PROXY_URL" }} +location @file_proxy { + rewrite ^ {{ getenv "NGINX_DRUPAL_FILE_PROXY_URL" }}$request_uri? permanent; +} +{{- end }} + +location @drupal { + include fastcgi.conf; + fastcgi_param QUERY_STRING $query_string; + fastcgi_param SCRIPT_NAME /index.php; + fastcgi_param SCRIPT_FILENAME $document_root/index.php; + fastcgi_pass php; + track_uploads {{ getenv "NGINX_TRACK_UPLOADS" "uploads 60s" }}; +} + +location @drupal-no-args { + include fastcgi.conf; + fastcgi_param QUERY_STRING q=$uri; + fastcgi_param SCRIPT_NAME /index.php; + fastcgi_param SCRIPT_FILENAME $document_root/index.php; + fastcgi_pass php; +} + +location = /index.php { + fastcgi_pass php; +} + +location = /core/install.php { + fastcgi_pass php; +} + +location = /core/rebuild.php { + fastcgi_pass php; +} + +location ~* ^/core/authorize.php { + include fastcgi.conf; + fastcgi_param QUERY_STRING $args; + fastcgi_param SCRIPT_NAME /core/authorize.php; + fastcgi_param SCRIPT_FILENAME $document_root/core/authorize.php; + fastcgi_pass php; +} + +location = /core/modules/statistics/statistics.php { + fastcgi_pass php; +} + +location = /cron { + include fastcgi.conf; + fastcgi_param QUERY_STRING $args; + fastcgi_param SCRIPT_NAME /index.php; + fastcgi_param SCRIPT_FILENAME $document_root/index.php; + fastcgi_pass php; +} + +location ~* ^/update.php { + include fastcgi.conf; + fastcgi_param QUERY_STRING $args; + fastcgi_param SCRIPT_NAME /update.php; + fastcgi_param SCRIPT_FILENAME $document_root/update.php; + fastcgi_pass php; +} + +location ^~ /patches { + return 404; +} + +location ^~ /backup { + return 404; +} + +location ~* ^.+\.php$ { + return 404; +} + +location ~ /web.config { + return 404; +} + +location ~ (?.*)/x-progress-id:(?\d*) { + rewrite ^ $upload_form_uri?X-Progress-ID=$upload_id; +} + +location ~ ^/progress$ { + upload_progress_json_output; + report_uploads uploads; +}