server {
    listen 80;
    server_name _;
    access_log /data/wwwlogs/access_nginx.log combined;
    root /data/wwwroot/default;
    index index.html index.htm index.php;
    #　error_page 404 /404.html;
    #　error_page 502 /502.html;

    charset utf-8;

    # add_header Strict-Transport-Security "max-age=0";
    add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
    add_header cache-control "no-cache";
    add_header access-control-allow-origin "*";
    add_header referrer-policy "no-referrer";
    add_header x-content-type-options nosniff;
    add_header x-xss-protection "1; mode=block";
    add_header x-frame-options sameorigin;

    location / {
	default_type text/plain;
        # auth_basic "Some description";
        # auth_basic_user_file /usr/local/nginx/conf/passwd;

	autoindex       on;
	autoindex_localtime on;
	autoindex_exact_size off;
	#add_after_body /.autoindex.html;
	add_before_body /.theme/header.html;
	add_after_body /.theme/footer.html;

    }

    location /nginx_status {
        stub_status on;
        access_log off;
        allow 127.0.0.1;
        deny all;
    }

    location ~ [^/]\.php(/|$) {
        #fastcgi_pass remote_php_ip:9000;
        fastcgi_pass unix:/dev/shm/php-cgi.sock;
        fastcgi_index index.php;
        include fastcgi.conf;
    }

    location ~ .*\.(gif|jpg|jpeg|png|bmp|swf|flv|mp4|ico)$ {
        expires 30d;
        access_log off;
    }

    location ~ .*\.(mkv)$ {
        types{
            video/webm  mkv;
        }
    }

    location ~ .*\.(js|css)?$ {
        expires 7d;
        access_log off;
    }

    location ~ ^/(\.user.ini|\.ht|\.git|\.svn|\.project|LICENSE|README.md) {
        deny all;
    }

    location /.well-known {
        allow all;
    }

    location ~ \.(md|ini|txt|log|pac|keys|lua|json|yaml|toml|conf|cmd|sh|bash|h|c|cpp|hpp|py|go|service)$ {
        default_type text/plain;
    }

    #location ~ ^/(bashrc|vimrc|PKGBUILD)$ {
    #    default_type text/plain;
    #}

}