File: //proc/thread-self/root/etc/nginx/sites-enabled/nowruzgan.com
map $http_origin $nowruzgan_origins {
default "";
~^https?://(vazhgar\.com|vazhgar\.local|nowruzgan\.local|ketabkhaneh\.org|ketabkhaneh\.local)$ $http_origin;
}
server {
server_name nowruzgan.com;
root /var/www/nowruzgan.com;
location /travelogue {
alias /var/dev/nowruzgan/travelogue/dist/travelogue/browser;
try_files $uri$args $uri$args/ $uri $uri/ /travelogue/index.html;
#rewrite ^/vazhgar/(.*) /$1 break;
#proxy_pass http://localhost:4002/vazhgar/;
#proxy_set_header Host $http_host;
#proxy_set_header X-Real-IP $remote_addr;
}
location /backup {
alias /var/dev/nowruzgan/db_backup;
autoindex on;
autoindex_exact_size off;
autoindex_format html;
autoindex_localtime on;
auth_basic "Backup Files";
auth_basic_user_file /var/dev/nowruzgan/.htpasswd;
}
location /admin {
alias /var/dev/nowruzgan/admin/dist/admin/browser;
try_files $uri$args $uri$args/ $uri $uri/ /admin/index.html;
}
location /robots.txt {
alias /var/dev/nowruzgan/robots.txt;
}
location /dhconf2025/reg.php {
include /etc/nginx/sites-available/php.cnf;
}
location /contact.php {
include /etc/nginx/sites-available/php.cnf;
}
location ^~ /school {
alias /var/www/school;
index index.php index.html index.htm;
try_files $uri $uri/ /school/index.php;
client_max_body_size 32M;
location ~ \.php$ {
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_pass unix:/var/run/php/php8.3-fpm.sock;
fastcgi_param PHP_VALUE "upload_max_filesize=512M;\n post_max_size=512M;\n memory_limit=256M;\n max_execution_time=600;";
fastcgi_read_timeout 300;
}
location ~* \.(js|css|png|jpg|jpeg|gif|ico|eot|otf|ttf|woff|mp4|mp3)$ {
expires max;
log_not_found off;
}
}
location /api {
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_http_version 1.1;
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
proxy_pass http://127.0.0.1:1351;
client_max_body_size 50M;
}
location ~^/static/(?<pre>..)/(?<uuid>.*)/(?<fname>.*)$ {
alias /var/dev/nowruzgan/private/;
try_files /uploads/$pre/$uuid =404;
}
location ~^/static/assets/(?<part>.*)$ {
alias /var/dev/nowruzgan/private/;
try_files /assets/$part =404;
}
location ~^/shared/.* {
# Handle preflight requests (OPTIONS)
if ($request_method = OPTIONS) {
add_header Access-Control-Allow-Origin $nowruzgan_origins always;
add_header Access-Control-Allow-Methods 'GET, POST, OPTIONS, DELETE';
add_header Access-Control-Allow-Headers 'Authorization,Content-Type,Accept,Origin,User-Agent,DNT,Cache-Control,X-Mx-ReqToken,Keep-Alive,X-Requested-With';
add_header Access-Control-Allow-Credentials 'true' always;
add_header Access-Control-Max-Age 1728000;
add_header Content-Length 0;
add_header Content-Type text/plain;
return 204;
}
# Handle simple requests (GET, POST)
add_header Access-Control-Allow-Origin $nowruzgan_origins always;
add_header Access-Control-Allow-Credentials 'true' always;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/nowruzgan.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/nowruzgan.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
listen 80;
server_name nowruzgan.com www.nowruzgan.com;
return 301 https://nowruzgan.com$request_uri;
}
server {
server_name www.nowruzgan.com;
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/nowruzgan.com/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/nowruzgan.com/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
return 301 https://nowruzgan.com$request_uri;
}