diff --git a/web/default.conf.template b/web/default.conf.template index 23d849e357c493563620d193cbf3c706fcd1856c..e013c87e1290c108d0ffe6cd4c89956b9e1f7b30 100644 --- a/web/default.conf.template +++ b/web/default.conf.template @@ -2,6 +2,9 @@ upstream php-handler { server ${BACKEND_HOST}:9000; } +fastcgi_cache_path /cache levels=1:2 keys_zone=assets:100m inactive=1440m use_temp_path=off; +fastcgi_cache_key $request_uri; + server { set_real_ip_from 10.0.0.0/8; set_real_ip_from 172.16.0.0/12; @@ -73,20 +76,37 @@ server { # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php` # to the URI, resulting in a HTTP 500 error response. location ~ \.php(?:$|/) { + location ~ \.(?:css|js|svg|gif|png)$ { + fastcgi_ignore_headers Cache-Control; + fastcgi_cache assets; + add_header X-Proxy-Cache $upstream_cache_status; + expires 6M; # Cache-Control policy borrowed from `.htaccess` + access_log off; # Optional: Don't log access to assets + + fastcgi_split_path_info ^(.+?\.php)(/.*)$; + set $path_info $fastcgi_path_info; + try_files $fastcgi_script_name =404; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param PATH_INFO $path_info; + fastcgi_param HTTPS on; + fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice + fastcgi_param front_controller_active true; # Enable pretty urls + fastcgi_pass php-handler; + fastcgi_intercept_errors on; + fastcgi_request_buffering off; + } + fastcgi_split_path_info ^(.+?\.php)(/.*)$; set $path_info $fastcgi_path_info; - try_files $fastcgi_script_name =404; - include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $path_info; fastcgi_param HTTPS on; - fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice fastcgi_param front_controller_active true; # Enable pretty urls fastcgi_pass php-handler; - fastcgi_intercept_errors on; fastcgi_request_buffering off; }