server { listen 80 default_server; listen [::]:80 default_server; root /var/www/{{ WEBMAIL }}; include /etc/nginx/mime.types; # /dev/stdout (Default), , off access_log off; # /dev/stderr (Default), , debug, info, notice, warn, error, crit, alert, emerg error_log /dev/stderr notice; index index.php; # set maximum body size to configured limit client_max_body_size {{ MESSAGE_SIZE_LIMIT|int + 8388608 }}; fastcgi_hide_header X-Powered-By; add_header X-Download-Options "noopen" always; add_header X-Robots-Tag "none" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header Referrer-Policy "no-referrer" always; location / { try_files $uri $uri/ /index.php$args; } location ~ \.php$ { fastcgi_split_path_info ^(.+?\.php)(/.*)$; if (!-f $document_root$fastcgi_script_name) { return 404; } include /etc/nginx/fastcgi_params; fastcgi_intercept_errors on; fastcgi_index index.php; fastcgi_keep_conn on; fastcgi_pass unix:/var/run/php8-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; {% if WEB_WEBMAIL == '/' %} fastcgi_param SCRIPT_NAME $fastcgi_script_name; {% else %} fastcgi_param SCRIPT_NAME {{WEB_WEBMAIL}}/$fastcgi_script_name; {% endif %} } location ~ (^|/)\. { deny all; } location ~* ^/(config|temp|logs) { deny all; } location ^~ /data { deny all; } location = /ping { allow 127.0.0.1; allow ::1; deny all; include /etc/nginx/fastcgi_params; fastcgi_index index.php; fastcgi_pass unix:/var/run/php8-fpm.sock; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } }