Наработал свой вариант конфига, выкладываю на обсуждение. Адаптировал переменные под Виртуалу битрикса и слил конфиг с битриксовыми директивами: из /etc/nginx/bx/conf/bitrix.conf
Для работы надо заменить в директиве server строку:
include bx/conf/bitrix.conf;
на
include bx/conf/bitrix-composite.conf;
Сам /etc/nginx/bx/conf/bitrix-composite.conf
Код |
---|
# Assign error handler
include bx/conf/errors.conf;
# Include im subscrider handlers
include bx/conf/im_subscrider.conf;
# Deny external access to critical areas
location ~ /\.ht { deny all; }
#location ~ (.*)/\.htaccess/(.*)$ { deny all; }
location ~ /\.hg { deny all; }
location ~ /.svn/ { deny all; }
location ~ /.git/ { deny all; }
location ^~ /bitrix/modules { deny all; }
location ^~ /bitrix/local_cache { deny all; }
location ^~ /bitrix/stack_cache { deny all; }
location ^~ /bitrix/managed_cache { deny all; }
location ^~ /bitrix/php_interface { deny all; }
location ^~ /upload/support/not_image { internal; }
location ~* /upload/1c_(.*)/(.*) { deny all; }
# player options, disable no-sniff
location ~* ^/bitrix/components/bitrix/player/mediaplayer/player$ {
add_header Access-Control-Allow-Origin *;
}
# process dav request on
# main company
# extranet
# additional departments
# locations that ends with / => directly to apache
location ~ ^(/[^/]+)?(/docs|/workgroups|/company/profile|/bitrix/tools|/company/personal/user|/mobile/webdav|/contacts/personal).*/$ {
proxy_pass $proxyserver;
}
# add / to request
location ~ ^(/[^/]+)?(/docs|/workgroups|/company/profile|/bitrix/tools|/company/personal/user|/mobile/webdav|/contacts/personal) {
set $addslash "";
if (-d $request_filename) { set $addslash "${addslash}Y"; }
if ($is_args != '?') { set $addslash "${addslash}Y"; }
if ($addslash = "YY" ) { proxy_pass $proxyserver$request_uri/; }
proxy_pass $proxyserver;
}
# Deny cache access to anyone except for merged CSS files and JS files
location ^~ /bitrix/cache { deny all; }
location ^~ /bitrix/cache/css/ {
location ~* ^.+.(css)$ { expires 30d; error_page 404 /404.html; }
location ~* .*$ { deny all; }
}
location ^~ /bitrix/cache/js/ {
location ~* ^.+.(js)$ { expires 30d; error_page 404 /404.html; }
location ~* .*$ { deny all; }
}
# Excange and Outlook
location ~ ^/bitrix/tools/ws_.*/_vti_bin/.*\.asmx$ { proxy_pass $proxyserver; }
# Groupdav
location ^~ /bitrix/groupdav.php { proxy_pass $proxyserver; }
# Static content
location ^~ /upload { expires 30d; error_page 404 /404.html; }
location ^~ /bitrix/images { expires 30d; error_page 404 /404.html; }
location ^~ /bitrix/tmp { expires 30d; error_page 404 /404.html; }
# Use nginx to return static content from s3 cloud storage
location ^~ /upload/bx_cloud_upload/ {
location ~ ^/upload/bx_cloud_upload/(http[s]?)\.([^/:]+)\.(s3|s3-us-west-1|s3-eu-west-1|s3-ap-southeast-1|s3-ap-northeast-1)\.amazonaws\.com/(.+)$ {
internal;
resolver 8.8.8.8;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Server $host;
#proxy_max_temp_file_size 0;
proxy_pass $1://$2.$3.amazonaws.com/$4;
}
location ~* .*$ { deny all; }
}
# Apache server status page
location ^~ /server-status { proxy_pass $proxyserver; }
# Nginx server status page
location ^~ /nginx-status {
stub_status on;
allow 127.0.0.0/24;
deny all;
}
# Bitrix setup script
location ^~ ^(/bitrixsetup\.php)$ { proxy_pass $proxyserver; proxy_buffering off; }
# composite
set $storedAuth "";
set $usecache "";
# check all conditions for enable composite
if ( $http_bx_action_type = "" ) { set $usecache "A"; }
if ( $request_method = "GET" ) { set $usecache "${usecache}B"; }
if ( $cookie_BITRIX_SM_NCC = "" ) { set $usecache "${usecache}C"; }
if ( $http_x_forwarded_scheme !~ "https" ){ set $usecache "${usecache}D"; }
# IE9 and above exclude
modern_browser_value "modern";
modern_browser msie 10.0;
modern_browser unlisted;
if ($modern_browser) {
set $usecache "${usecache}E";
}
# check user auth
if ( $cookie_BITRIX_SM_LOGIN != "" ) { set $storedAuth "A"; }
if ( $cookie_BITRIX_SM_UIDH != "" ) { set $storedAuth "${storedAuth}B"; }
if ( $cookie_BITRIX_SM_CC != "Y" ) { set $storedAuth "${storedAuth}C"; }
if ( $storedAuth !~ "ABC" ) { set $usecache "${usecache}F"; }
## cache location
location ~* @.*\.html$ {
internal;
}
# use default cache file
location / {
# dav processing
if ($request_method ~ ^(PROPFIND|OPTIONS|COPY|MOVE|PROPPATCH|MKCOL|LOCK|UNLOCK|PUT|REPORT|SEARCH|MKCALENDAR)$) { proxy_pass $proxyserver; }
# Error page for static content
if ($request_filename ~* \.(css|js|gif|png|jpg|jpeg|ico|woff)$) {
expires 15d;
error_page 404 /404.html;
break;
}
if ($usecache != "ABCDEF" ) { proxy_pass $proxyserver; }
set $test_file "/bitrix/html_pages/$host$uri/index@$args.html";
try_files $test_file @apache;
}
# use own path to cache file: test_file
location ~* ^(.*)\.php$ {
if ($usecache != "ABCDEF" ) { proxy_pass $proxyserver; }
set $test_file "/bitrix/html_pages/$host$1@$args.html";
try_files $test_file @apache;
}
# apache location
location @apache {
proxy_pass $proxyserver;
} |