server { listen 127.0.0.1:80; server_name 127.0.0.1; #set the log files error_log /var/log/nginx/error.log info; access_log /var/log/nginx/access.log; #set the default index files location / { root /usr/local/www/fusionpbx; index index.php index.html index.htm; } #nginx settings client_max_body_size 128M; client_body_buffer_size 128k; #http error handling error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/local/www/nginx-dist; } #pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/local/www/fusionpbx$fastcgi_script_name; include fastcgi_params; } #disable viewing of .htaccess, htpassword, and .db location ~ /\.htaccess { deny all; } location ~ .htpassword { deny all; } location ~^.+.(db)$ { deny all; } } server { listen 80; server_name fusionpbx; #set the log files error_log /var/log/nginx/error.log info; access_log /var/log/nginx/access.log; #set the default index files location / { root /usr/local/www/fusionpbx; index index.php index.html index.htm; } #rewrite rule - send to https with an exception for provisioning #if ($uri !~* ^.*provision.*$) { # rewrite ^(.*) https://$host$1 permanent; # break; #} #rewrite rule - REST api if ($uri ~* ^.*/api/.*$) { rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last; break; } #algo rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last; #mitel rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last; rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last; #grandstream rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1; #aastra rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg; #rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last; #yealink common rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg; #yealink mac rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last; #polycom rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg"; #rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2; rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg; rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg; rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1; rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg"; rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml"; #cisco rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last; #Escene rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last; rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last; #nginx settings client_max_body_size 128M; client_body_buffer_size 128k; #http error handling error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/local/www/nginx-dist; } #pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/local/www/fusionpbx$fastcgi_script_name; include fastcgi_params; } #disable viewing of .htaccess, htpassword, and .db location ~ /\.htaccess { deny all; } location ~ .htpassword { deny all; } location ~^.+.(db)$ { deny all; } } server { listen 443; server_name fusionpbx; #set tls configuration ssl on; ssl_certificate /usr/local/etc/nginx/server.crt; ssl_certificate_key /usr/local/etc/nginx/server.key; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers HIGH:!ADH:!MD5:!aNULL; #letsencrypt location /.well-known/acme-challenge { root /var/www/letsencrypt; } #set the log files error_log /var/log/nginx/error.log info; access_log /var/log/nginx/access.log; #set the default index files location / { root /usr/local/www/fusionpbx; index index.php index.html index.htm; } #rewrite rule - send to https with an exception for provisioning #if ($uri !~* ^.*provision.*$) { # rewrite ^(.*) https://$host$1 permanent; # break; #} #rewrite rule - REST api if ($uri ~* ^.*/api/.*$) { rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last; break; } #algo rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last; #mitel rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last; rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last; #grandstream rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1; #aastra rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg; #rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last; #yealink common rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg; #yealink mac rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last; #polycom rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg"; #rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2; rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg; rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg; rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1; rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg"; rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml"; #cisco rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last; #Escene rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last; rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last; #nginx settings client_max_body_size 128M; client_body_buffer_size 128k; #http error handling error_page 500 502 503 504 /50x.html; location = /50x.html { root /usr/local/www/nginx-dist; } #pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 location ~ \.php$ { fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; fastcgi_param SCRIPT_FILENAME /usr/local/www/fusionpbx$fastcgi_script_name; include fastcgi_params; } #disable viewing of .htaccess, htpassword, and .db location ~ /\.htaccess { deny all; } location ~ .htpassword { deny all; } location ~^.+.(db)$ { deny all; } }