worker_processes auto; error_log /var/log/nginx/error.log warn; pid /var/run/nginx.pid; events { worker_connections 1024; } http { include /etc/nginx/mime.types; default_type application/octet-stream; log_format main '$remote_addr - $remote_user [$time_local] "$request" ' '$status $body_bytes_sent "$http_referer" ' '"$http_user_agent" "$http_x_forwarded_for"'; access_log /var/log/nginx/access.log main; sendfile on; keepalive_timeout 65; set_real_ip_from 10.0.0.0/8; set_real_ip_from 172.16.0.0/12; set_real_ip_from 192.168.0.0/16; real_ip_header X-Real-IP; upstream php-handler { server $CP_APP_HOSTNAME:9000; } server { listen 80; root /var/www/html; server_tokens off; add_header X-Frame-Options sameorigin always; add_header Permissions-Policy interest-cohort=(); add_header X-Content-Type-Options nosniff; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload;"; client_max_body_size $CP_MAX_BODY_SIZE; client_body_timeout ${CP_TIMEOUT}s; fastcgi_buffers 64 4K; gzip on; gzip_vary on; gzip_comp_level 4; gzip_min_length 256; gzip_types application/atom+xml application/javascript application/rss+xml image/bmp image/svg+xml image/x-icon text/css text/plain text/html; try_files $uri $uri/ /index.php?$args; index index.php index.html; location ~ \.php$ { include fastcgi_params; fastcgi_intercept_errors on; fastcgi_index index.php; fastcgi_param SERVER_NAME $host; fastcgi_pass php-handler; fastcgi_param SCRIPT_FILENAME /opt/castopod/public/$fastcgi_script_name; try_files $uri =404; fastcgi_read_timeout 3600; fastcgi_send_timeout 3600; } location ~* ^.+\.(css|js|jpg|jpeg|gif|png|ico|gz|svg|svgz|ttf|otf|woff|woff2|eot|mp4|ogg|ogv|webm|webp|zip|swf|map)$ { add_header Access-Control-Allow-Origin "*"; expires max; access_log off; } } }