server { listen 80; listen [::]:80; server_name domain.example.com; return 301 https://domain.example.com$request_uri; } server { listen 443 ssl http2; listen [::]:443 ssl http2; server_name domain.example.com; ssl_certificate /etc/ssl/domain.example.com/ssl-bundle.crt; ssl_certificate_key /etc/ssl/domain.example.com/domain.example.com.key; # logging access_log /var/log/nginx/leantime.access.log; error_log /var/log/nginx/leantime.error.log warn; location /leantime/ { include include.d/auth; root /var/www/leantime/public/; access_log /var/log/nginx/scripts.log scripts; try_files $uri $uri/ /leantime/index.php?$query_string; rewrite ^/leantime/leantime(/.*)$ /leantime$1 permanent; location ~.php$ { root /var/www/leantime/public/; rewrite ^/leantime(/.*)$ $1 break; fastcgi_intercept_errors on; fastcgi_index index.php; fastcgi_buffers 8 16k; fastcgi_buffer_size 32k; include fastcgi_params; fastcgi_param SCRIPT_FILENAME /var/www/leantime/public/$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param DN $ssl_client_s_dn; fastcgi_pass php-fpm; } # assets, media location ~* \.(?:css(\.map)?|js(\.map)?|jpe?g|png|gif|ico|cur|heic|webp|tiff?|mp3|m4a|aac|ogg|midi?|wav|mp4|mov|webm|mpe?g|avi|ogv|flv|wmv)$ { rewrite ^/leantime/leantime(/.*)$ /leantime$1 permanent; rewrite ^/leantime(/.*)$ $1 break; expires 7d; access_log off; } # svg, fonts location ~* \.(?:svgz?|ttf|ttc|otf|eot|woff2?)$ { rewrite ^/leantime/leantime(/.*)$ /leantime$1 permanent; rewrite ^/leantime(/.*)$ $1 break; add_header Access-Control-Allow-Origin "*"; expires 7d; access_log off; } # gzip gzip on; gzip_vary on; gzip_proxied any; gzip_comp_level 6; gzip_types text/plain text/css text/xml application/json application/javascript application/rss+xml application/atom+xml image/svg+xml; } }