infrastructure/roles/davina_core-and-nginx/templates/conf.j2

{% macro davina_core_common() %}
	root {{var_davina_core_and_nginx_directory}};
	index index.php;
	
	location / {
		try_files $uri $uri/ /index.php;

		dav_methods PUT DELETE MKCOL COPY MOVE;
		# dav_ext_methods PROPFIND PROPPATCH LOCK UNLOCK;
		# dav_access user:rw group:rw all:r;
		# create_full_put_path on;
	}
	
	location ~ \.php$ {
		include fastcgi_params;
		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
		fastcgi_param REDIRECT_STATUS 200;
		fastcgi_pass unix:/var/run/php/php8.4-fpm.sock;
	}
{% endmacro %}

server {
	listen 80;
	listen [::]:80;
	
	server_name {{var_davina_core_and_nginx_domain}};
	
{% if var_davina_core_and_nginx_tls_mode == 'force' %}
	return 301 https://$http_host$request_uri;
{% else %}
{{ davina_core_common() }}
{% endif %}
}

{% if var_davina_core_and_nginx_tls_mode != 'disable' %}
server {
	listen 443 ssl;
	listen [::]:443 ssl;
	
	server_name {{var_davina_core_and_nginx_domain}};
	
	ssl_certificate_key /etc/ssl/private/{{var_davina_core_and_nginx_domain}}.pem;
	ssl_certificate /etc/ssl/fullchains/{{var_davina_core_and_nginx_domain}}.pem;
	include /etc/nginx/ssl-hardening.conf;
	
{{ davina_core_common() }}
}
{% endif %}
[mod] "backend" -> "core" 2025-09-25 23:55:37 +02:00			`{% macro davina_core_common() %}`
			`root {{var_davina_core_and_nginx_directory}};`
[fix] 2025-09-18 13:44:07 +02:00			`index index.php;`

[mod] 2025-09-16 20:35:46 +02:00			`location / {`
[fix] 2025-09-18 13:44:07 +02:00			`try_files $uri $uri/ /index.php;`

[int] 2025-09-16 21:42:25 +02:00			`dav_methods PUT DELETE MKCOL COPY MOVE;`
			`# dav_ext_methods PROPFIND PROPPATCH LOCK UNLOCK;`
[fix] 2025-09-18 13:44:07 +02:00			`# dav_access user:rw group:rw all:r;`
			`# create_full_put_path on;`
			`}`

			`location ~ \.php$ {`
[mod] 2025-09-16 20:35:46 +02:00			`include fastcgi_params;`
			`fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;`
			`fastcgi_param REDIRECT_STATUS 200;`
[fix] 2025-09-18 13:44:07 +02:00			`fastcgi_pass unix:/var/run/php/php8.4-fpm.sock;`
[mod] 2025-09-16 20:35:46 +02:00			`}`
			`{% endmacro %}`

			`server {`
			`listen 80;`
			`listen [::]:80;`

[mod] "backend" -> "core" 2025-09-25 23:55:37 +02:00			`server_name {{var_davina_core_and_nginx_domain}};`
[mod] 2025-09-16 20:35:46 +02:00
[mod] "backend" -> "core" 2025-09-25 23:55:37 +02:00			`{% if var_davina_core_and_nginx_tls_mode == 'force' %}`
[mod] 2025-09-16 20:35:46 +02:00			`return 301 https://$http_host$request_uri;`
			`{% else %}`
[mod] "backend" -> "core" 2025-09-25 23:55:37 +02:00			`{{ davina_core_common() }}`
[mod] 2025-09-16 20:35:46 +02:00			`{% endif %}`
			`}`

[mod] "backend" -> "core" 2025-09-25 23:55:37 +02:00			`{% if var_davina_core_and_nginx_tls_mode != 'disable' %}`
[mod] 2025-09-16 20:35:46 +02:00			`server {`
			`listen 443 ssl;`
			`listen [::]:443 ssl;`

[mod] "backend" -> "core" 2025-09-25 23:55:37 +02:00			`server_name {{var_davina_core_and_nginx_domain}};`
[mod] 2025-09-16 20:35:46 +02:00
[mod] "backend" -> "core" 2025-09-25 23:55:37 +02:00			`ssl_certificate_key /etc/ssl/private/{{var_davina_core_and_nginx_domain}}.pem;`
			`ssl_certificate /etc/ssl/fullchains/{{var_davina_core_and_nginx_domain}}.pem;`
[mod] 2025-09-16 20:35:46 +02:00			`include /etc/nginx/ssl-hardening.conf;`

[mod] "backend" -> "core" 2025-09-25 23:55:37 +02:00			`{{ davina_core_common() }}`
[mod] 2025-09-16 20:35:46 +02:00			`}`
			`{% endif %}`