From de00a706be5ae190c900192e32d534119911f91d Mon Sep 17 00:00:00 2001
From: bprieshof <bprieshof@noreply.example.org>
Date: Thu, 10 Jan 2019 14:03:26 +0100
Subject: [PATCH] Update 'Extra_Domains/NGINX_Domain.sh'

---
 Extra_Domains/NGINX_Domain.sh | 106 ++++++++++++++++++++++++++++------
 1 file changed, 87 insertions(+), 19 deletions(-)

diff --git a/Extra_Domains/NGINX_Domain.sh b/Extra_Domains/NGINX_Domain.sh
index d06318d..7f0f9b8 100644
--- a/Extra_Domains/NGINX_Domain.sh
+++ b/Extra_Domains/NGINX_Domain.sh
@@ -12,22 +12,35 @@
 ##-----------##
 
 cat <<EOF > /etc/nginx/sites-available/"$domain"
-fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=MYAPP:100m max_size=10g inactive=1440m;
+#fastcgi_cache_path /etc/nginx/cache levels=1:2 keys_zone=MYAPP:100m max_size=10g inactive=1440m;
+
+upstream netdata {
+    server 127.0.0.1:19999;
+    keepalive 64;
+}
+
+server {
+    listen       80;
+    server_name   www.$domain;
+    return       301 http://$domain/\$request_uri\;
+}
 
 server {
     listen 80;
     listen [::]:80;
     root /var/www/$domain/html;
     index index.php index.html index.htm index.nginx-debian.html;
-    server_name $domain www.$domain;
+    server_name $domain;
     #return 301 \$scheme:/\$domain\$request_uri; Redirect to non-www
     #return 301 https://domein.nl$request_uri; Redirect to other domain
 
-    #netdata here
+    #add_header X-Cache "\$upstream_cache_status";
 
+    #netdata here
+    
     gzip on;
     gzip_proxied any;
-    gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
+    gzip_types text/plain text/css text/xml text/javascript application/javascript application/x-javascript image/svg image/svg+xml application/xml image/x-icon;
     gzip_min_length 1000;
     gzip_comp_level 2;
     gzip_disable "msie6";
@@ -36,32 +49,34 @@ server {
 
     location / {
         #try_files \$uri \$uri/ =404;
-        try_files \$uri \$uri/ /index.php\$is_args\$args;
+        #try_files \$uri \$uri/ /index.php\$is_args\$args;
+        try_files \$uri \$uri/ \$uri.html \$uri.php\$is_args\$query_string;
     }
 
     location = /favicon.ico { log_not_found off; access_log off; }
     location = /robots.txt { log_not_found off; access_log off; allow all; }
-    location ~* \.(css|gif|ico|jpeg|jpg|js|png|svg|eot|otf|woff|woff2|ttf|ogg)\$ {
+    location ~* \.(css|gif|ico|jpeg|jpg|js|png|svg|webp|eot|otf|woff|woff2|ttf|ogg)\$ {
         expires max;
         log_not_found off;
+        add_header Cache-Control "public, no-transform";
     }
 
     location ~ \.php\$ {
         include snippets/fastcgi-php.conf;
         fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
-        fastcgi_cache MYAPP;
-        fastcgi_cache_valid 200 302 301 1m;
-        fastcgi_cache_valid 404 1m;
-        fastcgi_cache_bypass \$no_cache;
-        fastcgi_no_cache \$no_cache;
-        fastcgi_cache_revalidate on;
-        fastcgi_cache_background_update on;
-        fastcgi_cache_lock on;
-        fastcgi_cache_use_stale updating;
-        fastcgi_buffer_size 128k;
-        fastcgi_buffers 256 16k;
-        fastcgi_busy_buffers_size 256k;
-        fastcgi_temp_file_write_size 256k;
+        #fastcgi_cache MYAPP;
+        #fastcgi_cache_valid 200 302 301 1m;
+        #fastcgi_cache_valid 404 1m;
+        #fastcgi_cache_bypass \$no_cache;
+        #fastcgi_no_cache \$no_cache;
+        #fastcgi_cache_revalidate on;
+        #fastcgi_cache_background_update on;
+        #fastcgi_cache_lock on;
+        #fastcgi_cache_use_stale updating;
+        #fastcgi_buffer_size 128k;
+        #fastcgi_buffers 256 16k;
+        #fastcgi_busy_buffers_size 256k;
+        #fastcgi_temp_file_write_size 256k;
     }
 
     location ~ /\.ht {
@@ -96,6 +111,59 @@ server {
     }
 }
 EOF
+cat <<EOF > /etc/nginx/nginx.conf
+user www-data;
+worker_processes auto;
+pid /run/nginx.pid;
+include /etc/nginx/modules-enabled/*.conf;
+
+events {
+	worker_connections 1024;
+}
+
+http {
+
+    #fastcgi_cache_key \$scheme\$request_method\$host\$request_uri;
+
+	sendfile on;
+	tcp_nopush on;
+	tcp_nodelay on;
+	keepalive_timeout 65;
+	types_hash_max_size 2048;
+	# server_tokens off;
+
+    client_body_buffer_size 10K;
+    client_header_buffer_size 1k;
+    client_max_body_size 8m;
+    large_client_header_buffers 4 4k;
+
+	server_names_hash_bucket_size 64;
+
+	include /etc/nginx/mime.types;
+	default_type text/html;
+
+	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
+	ssl_prefer_server_ciphers on;
+    add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
+    ssl_session_cache shared:SSL:20m;
+    ssl_session_timeout 180m;
+
+    #access_log /var/log/nginx/access.log;
+    access_log off;
+    error_log /var/log/nginx/error.log;
+
+    gzip on;
+    gzip_proxied any;
+    gzip_types text/plain text/css text/xml text/javascript application/x-javascript application/xml;
+    gzip_min_length 1000;
+    gzip_comp_level 2;
+    gzip_disable "msie6";
+    gzip_buffers 16 8k;
+
+	include /etc/nginx/conf.d/*.conf;
+	include /etc/nginx/sites-enabled/*;
+}
+EOF
 ln -s /etc/nginx/sites-available/"$domain" /etc/nginx/sites-enabled/
 
 ##----------------##