Add prestashop tpl

Arturo Blanco · web-flow · commit 2ac96e4eab7e · 2020-09-16T10:56:18.000+02:00
Add prestashop template for nginx. Ref https://devdocs.prestashop.com/1.7/basics/installation/nginx/
diff --git a/install/deb/templates/web/nginx/php-fpm/prestashop.stpl b/install/deb/templates/web/nginx/php-fpm/prestashop.stpl
@@ -0,0 +1,188 @@
+#=======================================================================#
+# Default Web Domain Template                                           #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+
+server {
+    listen      %ip%:%web_ssl_port% ssl http2;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+
+    ssl_certificate      %ssl_pem%;
+    ssl_certificate_key  %ssl_key%;
+    ssl_stapling on;
+    ssl_stapling_verify on;
+
+    include %home%/%user%/conf/web/%domain%/nginx.hsts.conf*;
+
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Gzip Settings, convert all types.
+    gzip on;
+    gzip_vary on;
+    gzip_proxied any;
+
+    # Can be enhance to 5, but it can slow you server
+    # gzip_comp_level    5;
+    # gzip_min_length    256;
+
+    gzip_types
+        application/atom+xml
+        application/javascript
+        application/json
+        application/ld+json
+        application/manifest+json
+        application/rss+xml
+        application/vnd.geo+json
+        application/vnd.ms-fontobject
+        application/x-font-ttf
+        application/x-web-app-manifest+json
+        application/xhtml+xml
+        application/xml
+        font/opentype
+        image/bmp
+        image/svg+xml
+        image/x-icon
+        text/cache-manifest
+        text/css
+        text/plain
+        text/vcard
+        text/vnd.rim.location.xloc
+        text/vtt
+        text/x-component
+        text/x-cross-domain-policy;
+
+    gzip_disable "MSIE [1-6]\.(?!.*SV1)";
+
+    # Cloudflare / Max CDN fix
+    location ~* \.(eot|otf|ttf|woff(?:2)?)$ {
+        add_header Access-Control-Allow-Origin *;
+    }
+
+    # Force pdf files to be downloaded
+    location ~* \.pdf$ {
+        add_header Content-Disposition Attachment;
+        add_header X-Content-Type-Options nosniff;
+    }
+
+    # Force files inupload directory to be downloaded
+    location ~ ^/upload/ {
+        add_header Content-Disposition Attachment;
+        add_header X-Content-Type-Options nosniff;
+    }
+
+    # [REQUIRED EDIT IF MULTILANG]
+    # rewrite ^/fr$ /fr/ redirect;
+    # rewrite ^/fr/(.*) /$1;
+
+    # Images
+    rewrite ^/([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$1$2$3.jpg last;
+    rewrite ^/([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$1$2$3$4.jpg last;
+    rewrite ^/([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$1$2$3$4$5.jpg last;
+    rewrite ^/([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg last;
+    rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg last;
+    rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg last;
+    rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg last;
+    rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg last;
+    rewrite ^/c/([0-9]+)(-[.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+.jpg$ /img/c/$1$2$3.jpg last;
+    rewrite ^/c/([a-zA-Z_-]+)(-[0-9]+)?/.+.jpg$ /img/c/$1$2.jpg last;
+
+    # AlphaImageLoader for IE and fancybox
+    rewrite ^images_ie/?([^/]+)\.(jpe?g|png|gif)$ js/jquery/plugins/fancybox/images/$1.$2 last;
+
+    # Web service API
+    rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last;
+
+    # Installation sandbox
+    rewrite ^(/install(?:-dev)?/sandbox)/(.*) /$1/test.php last;
+
+    # Source code directories
+    location ~ ^/(app|bin|cache|classes|config|controllers|docs|localization|override|src|tests|tools|translations|travis-scripts|vendor|var)/ {
+        deny all;
+    }
+    # vendor in modules directory
+    location ~ ^/modules/.*/vendor/ {
+        deny all;
+    }
+    # Prevent exposing other sensitive files
+    location ~ \.(yml|log|tpl|twig|sass)$ {
+        deny all;
+    }
+
+    # Prevent injection of php files
+    location /upload {
+        location ~ \.php$ {
+            deny all;
+        }
+    }
+    location /img {
+        location ~ \.php$ {
+            deny all;
+        }
+    }
+
+    location / {
+		try_files $uri $uri/ /index.php?$args;
+
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+			fastcgi_hide_header "Set-Cookie";
+        }
+
+        location ~ [^/]\.php(/|$) {
+			fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+
+			try_files $fastcgi_script_name /index.php$uri&$args =404;
+
+			# Environment variables for PHP
+			fastcgi_split_path_info ^(.+\.php)(/.+)$;
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /index.php?controller=404;
+    error_page  500 502 503 504 /error/50x.html;
+
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/%domain%/nginx.ssl.conf_*;
+}
diff --git a/install/deb/templates/web/nginx/php-fpm/prestashop.tpl b/install/deb/templates/web/nginx/php-fpm/prestashop.tpl
@@ -0,0 +1,183 @@
+#=======================================================================#
+# Default Web Domain Template                                           #
+# DO NOT MODIFY THIS FILE! CHANGES WILL BE LOST WHEN REBUILDING DOMAINS #
+#=======================================================================#
+
+server {
+    listen      %ip%:%web_port%;
+    server_name %domain_idn% %alias_idn%;
+    root        %docroot%;
+    index       index.php index.html index.htm;
+    access_log  /var/log/nginx/domains/%domain%.log combined;
+    access_log  /var/log/nginx/domains/%domain%.bytes bytes;
+    error_log   /var/log/nginx/domains/%domain%.error.log error;
+        
+    include %home%/%user%/conf/web/%domain%/nginx.forcessl.conf*;
+    
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+     # Gzip Settings, convert all types.
+    gzip on;
+    gzip_vary on;
+    gzip_proxied any;
+
+    # Can be enhance to 5, but it can slow you server
+    # gzip_comp_level    5;
+    # gzip_min_length    256;
+
+    gzip_types
+        application/atom+xml
+        application/javascript
+        application/json
+        application/ld+json
+        application/manifest+json
+        application/rss+xml
+        application/vnd.geo+json
+        application/vnd.ms-fontobject
+        application/x-font-ttf
+        application/x-web-app-manifest+json
+        application/xhtml+xml
+        application/xml
+        font/opentype
+        image/bmp
+        image/svg+xml
+        image/x-icon
+        text/cache-manifest
+        text/css
+        text/plain
+        text/vcard
+        text/vnd.rim.location.xloc
+        text/vtt
+        text/x-component
+        text/x-cross-domain-policy;
+
+    gzip_disable "MSIE [1-6]\.(?!.*SV1)";
+
+    # Cloudflare / Max CDN fix
+    location ~* \.(eot|otf|ttf|woff(?:2)?)$ {
+        add_header Access-Control-Allow-Origin *;
+    }
+
+    # Force pdf files to be downloaded
+    location ~* \.pdf$ {
+        add_header Content-Disposition Attachment;
+        add_header X-Content-Type-Options nosniff;
+    }
+
+    # Force files inupload directory to be downloaded
+    location ~ ^/upload/ {
+        add_header Content-Disposition Attachment;
+        add_header X-Content-Type-Options nosniff;
+    }
+
+    # [REQUIRED EDIT IF MULTILANG]
+    # rewrite ^/fr$ /fr/ redirect;
+    # rewrite ^/fr/(.*) /$1;
+
+    # Images
+    rewrite ^/([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$1$2$3.jpg last;
+    rewrite ^/([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$1$2$3$4.jpg last;
+    rewrite ^/([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$1$2$3$4$5.jpg last;
+    rewrite ^/([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$1$2$3$4$5$6.jpg last;
+    rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$1$2$3$4$5$6$7.jpg last;
+    rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$1$2$3$4$5$6$7$8.jpg last;
+    rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$1$2$3$4$5$6$7$8$9.jpg last;
+    rewrite ^/([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])([0-9])(-[_a-zA-Z0-9-]*)?(-[0-9]+)?/.+.jpg$ /img/p/$1/$2/$3/$4/$5/$6/$7/$8/$1$2$3$4$5$6$7$8$9$10.jpg last;
+    rewrite ^/c/([0-9]+)(-[.*_a-zA-Z0-9-]*)(-[0-9]+)?/.+.jpg$ /img/c/$1$2$3.jpg last;
+    rewrite ^/c/([a-zA-Z_-]+)(-[0-9]+)?/.+.jpg$ /img/c/$1$2.jpg last;
+
+    # AlphaImageLoader for IE and fancybox
+    rewrite ^images_ie/?([^/]+)\.(jpe?g|png|gif)$ js/jquery/plugins/fancybox/images/$1.$2 last;
+
+    # Web service API
+    rewrite ^/api/?(.*)$ /webservice/dispatcher.php?url=$1 last;
+
+    # Installation sandbox
+    rewrite ^(/install(?:-dev)?/sandbox)/(.*) /$1/test.php last;
+
+    # Source code directories
+    location ~ ^/(app|bin|cache|classes|config|controllers|docs|localization|override|src|tests|tools|translations|travis-scripts|vendor|var)/ {
+        deny all;
+    }
+    # vendor in modules directory
+    location ~ ^/modules/.*/vendor/ {
+        deny all;
+    }
+    # Prevent exposing other sensitive files
+    location ~ \.(yml|log|tpl|twig|sass)$ {
+        deny all;
+    }
+
+    # Prevent injection of php files
+    location /upload {
+        location ~ \.php$ {
+            deny all;
+        }
+    }
+    location /img {
+        location ~ \.php$ {
+            deny all;
+        }
+    }
+
+    location / {
+        try_files $uri $uri/ /index.php?$args;
+
+        if (!-e $request_filename)
+        {
+            rewrite ^(.+)$ /index.php?q=$1 last;
+        }
+
+        location ~* ^.+\.(jpeg|jpg|png|gif|bmp|ico|svg|css|js)$ {
+            expires     max;
+			fastcgi_hide_header "Set-Cookie";
+        }
+
+		location ~ [^/]\.php(/|$) {
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+
+            try_files $fastcgi_script_name /index.php$uri&$args =404;
+
+            # Environment variables for PHP
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+
+            fastcgi_pass    %backend_lsnr%;
+            fastcgi_index   index.php;
+            include         /etc/nginx/fastcgi_params;
+        }
+    }
+
+    error_page  403 /error/404.html;
+    error_page  404 /index.php?controller=404;
+    error_page  500 502 503 504 /error/50x.html;
+
+
+    location /error/ {
+        alias   %home%/%user%/web/%domain%/document_errors/;
+    }
+
+    location ~* "/\.(htaccess|htpasswd)$" {
+        deny    all;
+        return  404;
+    }
+
+    location /vstats/ {
+        alias   %home%/%user%/web/%domain%/stats/;
+        include %home%/%user%/web/%domain%/stats/auth.conf*;
+    }
+
+    include     /etc/nginx/conf.d/phpmyadmin.inc*;
+    include     /etc/nginx/conf.d/phppgadmin.inc*;
+    include     /etc/nginx/conf.d/webmail.inc*;
+
+    include     %home%/%user%/conf/web/%domain%/nginx.conf_*;
+}
