88 lines
		
	
	
		
			2.4 KiB
		
	
	
	
		
			Nginx Configuration File
		
	
	
	
	
	
			
		
		
	
	
			88 lines
		
	
	
		
			2.4 KiB
		
	
	
	
		
			Nginx Configuration File
		
	
	
	
	
	
| # ========================================
 | |
| # Abbauf Kasir - Nginx Configuration
 | |
| # ========================================
 | |
| 
 | |
| server {
 | |
|     listen 80;
 | |
|     listen [::]:80;
 | |
|     server_name localhost;
 | |
|     
 | |
|     root /var/www/html/public;
 | |
|     index index.php index.html index.htm;
 | |
| 
 | |
|     # Logging
 | |
|     access_log /var/log/nginx/access.log;
 | |
|     error_log /var/log/nginx/error.log warn;
 | |
| 
 | |
|     # Security Headers
 | |
|     add_header X-Frame-Options "SAMEORIGIN" always;
 | |
|     add_header X-Content-Type-Options "nosniff" always;
 | |
|     add_header X-XSS-Protection "1; mode=block" always;
 | |
| 
 | |
|     # Client body size limit (untuk upload file)
 | |
|     client_max_body_size 20M;
 | |
| 
 | |
|     # Gzip compression
 | |
|     gzip on;
 | |
|     gzip_vary on;
 | |
|     gzip_proxied any;
 | |
|     gzip_comp_level 6;
 | |
|     gzip_types text/plain text/css text/xml text/javascript 
 | |
|                application/json application/javascript application/xml+rss 
 | |
|                application/rss+xml font/truetype font/opentype 
 | |
|                application/vnd.ms-fontobject image/svg+xml;
 | |
| 
 | |
|     # Main location block
 | |
|     location / {
 | |
|         try_files $uri $uri/ /index.php?$query_string;
 | |
|     }
 | |
| 
 | |
|     # PHP-FPM configuration
 | |
|     location ~ \.php$ {
 | |
|         try_files $uri =404;
 | |
|         fastcgi_split_path_info ^(.+\.php)(/.+)$;
 | |
|         fastcgi_pass laravel:9000;
 | |
|         fastcgi_index index.php;
 | |
|         include fastcgi_params;
 | |
|         fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
 | |
|         fastcgi_param PATH_INFO $fastcgi_path_info;
 | |
|         
 | |
|         # Buffer settings untuk performa
 | |
|         fastcgi_buffer_size 128k;
 | |
|         fastcgi_buffers 256 16k;
 | |
|         fastcgi_busy_buffers_size 256k;
 | |
|         fastcgi_temp_file_write_size 256k;
 | |
|         
 | |
|         # Timeout settings
 | |
|         fastcgi_read_timeout 300;
 | |
|         fastcgi_connect_timeout 300;
 | |
|     }
 | |
| 
 | |
|     # Cache static assets
 | |
|     location ~* \.(jpg|jpeg|png|gif|ico|css|js|svg|woff|woff2|ttf|eot)$ {
 | |
|         expires 1y;
 | |
|         add_header Cache-Control "public, immutable";
 | |
|         access_log off;
 | |
|     }
 | |
| 
 | |
|     # Deny access to hidden files
 | |
|     location ~ /\. {
 | |
|         deny all;
 | |
|         access_log off;
 | |
|         log_not_found off;
 | |
|     }
 | |
| 
 | |
|     # Deny access to sensitive files
 | |
|     location ~ /(?:\.env|\.git|composer\.json|composer\.lock|package\.json|package-lock\.json|README\.md|\.gitignore) {
 | |
|         deny all;
 | |
|         access_log off;
 | |
|         log_not_found off;
 | |
|     }
 | |
| 
 | |
|     # Health check endpoint
 | |
|     location /health {
 | |
|         access_log off;
 | |
|         return 200 "healthy\n";
 | |
|         add_header Content-Type text/plain;
 | |
|     }
 | |
| } |