openpanel/configuration/nginx/vhosts/docker_nginx_domain.conf

# content
server {
    listen 80;
    server_name <DOMAIN_NAME> www.<DOMAIN_NAME>;
    access_log /var/log/nginx/domlogs/<DOMAIN_NAME>.log;

    # <!-- BEGIN EXPOSED RESOURCES PROTECTION -->
     location ~* ^/(\.git|composer\.(json|lock)|auth\.json|config\.php|wp-config\.php|vendor) {
       deny all;
       return 403;
     }
    # <!-- END EXPOSED RESOURCES PROTECTION -->
    
    ##### /phmyadmin on #####
    location /phpmyadmin {
        proxy_pass http://localhost:8080/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Ssl on;
        proxy_set_header X-Forwarded-Port $server_port;
        proxy_set_header X-Forwarded-Host $host;
    }
    ##### /phmyadmin off #####
    
    root /home/<USER>/<DOMAIN_NAME>;

    location / {
        real_ip_header    X-Forwarded-For;
        set_real_ip_from   172.17.0.1;
        try_files $uri $uri/ /index.php$is_args$args;
        index index.php index.html;
        autoindex on;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/<PHP>-fpm.sock;
    }

    location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
        expires max;
        log_not_found off;
    }

    location = /favicon.ico {
        log_not_found off;
        access_log off;
    }

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

}


server {
    listen 443 ssl http2;
    server_name <DOMAIN_NAME> www.<DOMAIN_NAME>;
    access_log /var/log/nginx/domlogs/<DOMAIN_NAME>.log;

    ##### /phmyadmin on #####
    location /phpmyadmin {
        proxy_pass http://localhost:8080/;
        proxy_set_header Host $host;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Forwarded-Ssl on;
        proxy_set_header X-Forwarded-Port $server_port;
        proxy_set_header X-Forwarded-Host $host;
    }
    ##### /phmyadmin off #####
    
    root /home/<USER>/<DOMAIN_NAME>;

    # SSL Configuration
    ssl_certificate /etc/nginx/ssl/cert.crt;
    ssl_certificate_key /etc/nginx/ssl/cert.key;
    ssl_protocols TLSv1.2 TLSv1.3;
    ssl_prefer_server_ciphers on;
    ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";

    location / {
        real_ip_header    X-Forwarded-For;
        set_real_ip_from   172.17.0.1;
        try_files $uri $uri/ /index.php$is_args$args;
        index index.php index.html;
        autoindex on;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass unix:/run/php/<PHP>-fpm.sock;
    }

    location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
        expires max;
        log_not_found off;
    }

    location = /favicon.ico {
        log_not_found off;
        access_log off;
    }

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    # Allow access to .well-known for Certbot
    location ^~ /.well-known {
        default_type "text/plain";
        root /home/<USER>/<DOMAIN_NAME>/;
    }
    
}