forks/hubzilla-docker/addons/nginx-server.conf

server {
        listen 80;
        server_name ###SERVERNAME###;

        index index.php;
        root /hubzilla;

        fastcgi_param HTTP on;

        charset utf-8;
        access_log /var/log/nginx/red.log;

        client_max_body_size 20m;
        client_body_buffer_size 128k;

        location / {
                if ($is_args != "") {
                        rewrite ^/(.*) /index.php?q=$uri&$args last;
                }
                rewrite ^/(.*) /index.php?q=$uri last;
        }

        location ^~ /.well-known/ {
                allow all;
                rewrite ^/(.*) /index.php?q=$uri&$args last;
        }

        # statically serve these file types when possible
        # otherwise fall back to front controller
        # allow browser to cache them
        # added .htm for advanced source code editor library
        location ~* \.(jpg|jpeg|gif|png|ico|css|js|htm|html|map|ttf|woff|woff2|svg)$ {
                expires 30d;
                try_files $uri /index.php?q=$uri&$args;
        }

        # block these file types
        location ~* \.(tpl|md|tgz|log|out)$ {
                deny all;
        }

        # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
        # or a unix socket
        location ~* \.php$ {
                try_files $uri =404;

                # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
                fastcgi_split_path_info ^(.+\.php)(/.+)$;

                # With php5-cgi alone:
                fastcgi_pass 127.0.0.1:9000;
                #fastcgi_pass unix:/var/run/php5-fpm.sock;

                include fastcgi_params;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        }

        # deny access to all dot files
        location ~ /\. {
                deny all;
        }

        #deny access to store

        location ~ /store {
                deny  all;
        }
}