ops/etc/nginx/sites-available/envs.net.conf

### ENVS.NET - local ###
server {
#	listen 80 default_server;
	include snippets/listen_local.conf;
	include snippets/listen.conf;
#	include snippets/ddos_def.conf;
	server_name envs.net www.envs.net _;

	error_log /var/log/nginx/envs.net-error.log crit;

	location / {
		return 307 https://$host$request_uri;
	}

	location /.well-known/acme-challenge/ {
		alias /var/lib/letsencrypt/.well-known/acme-challenge/;
	}
}

server {
#	listen 443 ssl http2 default_server;
	include snippets/listen_local_ssl.conf;
	include snippets/listen_ssl.conf;
#	include snippets/ddos_def.conf;
	server_name envs.net www.envs.net _;

	include snippets/ssl.conf;
	include ssl/envs_net_wild.conf;
	include snippets/local_ssl_header.conf;

	error_log /var/log/nginx/envs.net-error.log crit;

	include snippets/error_pages;

	root /var/www/envs.net/;
	index index.php index.html;

	#rewrite ^([^.\?]*[^/])$ $1/ permanent;

	location / {
		add_header Access-Control-Allow-Origin *;
		try_files $uri.html $uri $uri/ @extensionless-php;
	}
	location @extensionless-php {
		rewrite ^(.*)/$ $1.php last;
	}

	location /cgi-bin {
		gzip off;
		include fastcgi_params;
		fastcgi_pass unix:/var/run/fcgiwrap.socket;
	}

	# matrix
	location /.well-known/matrix/ {
		add_header Access-Control-Allow-Origin *;
		add_header Content-Type application/json;
		return 200 '{"m.server": "envs.net:8448", "m.homeserver": {"base_url": "https://envs.net"}}';
	}

	location /_matrix {
        include proxy_params;
        proxy_ssl_name $http_host;
        proxy_ssl_server_name on;
        proxy_pass https://matrix.envs.net;
    }

	location /_synapse {
        include proxy_params;
        proxy_ssl_name $http_host;
        proxy_ssl_server_name on;
        proxy_pass https://matrix.envs.net;
    }

	# users
	location ~ ^/(~|u/)(?<user>[\w-]+)(?<user_uri>/.*)?$ {
		alias /home/$user/public_html$user_uri;
		index index.html index.php index.cgi index.py index.sh index.pl index.lua;

		fancyindex on;
		fancyindex_exact_size off;
		add_header X-Frame-Options SAMEORIGIN;

		location ~ [^/]\.php(/|$) {
			include snippets/php_common;
		}

		location ~ (\.cgi|\.py|\.sh|\.pl|\.lua|\/cgi-bin)$ {
			gzip off;
			include fastcgi_params;
			fastcgi_pass unix:/var/run/fcgiwrap.socket;
			fastcgi_param SCRIPT_FILENAME /home/$user/public_html$request_filename;
		}

	}

	location ~* /\.(eot|ttf|woff|woff2)$ {
		add_header Access-Control-Allow-Origin *;
		expires 365d;
	}

	location ~* /\.(jpg|jpeg|png|gif|ico|css|js)$ {
		add_header Access-Control-Allow-Origin *;
		expires 365d;
	}

	location ~* /\.(pdf)$ {
		expires 30d;
	}

	location ~ /(\.ht|\.git)$ {
		deny all;
	}

	# include php and ssi
	include snippets/php.conf;
	ssi on;
}