add_header X-Frame-Options "SAMEORIGIN";
add_header X-Content-Type-Options "nosniff";

access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log;

index index.php;

charset utf-8;

error_page 404 /index.php;

ssl_certificate /etc/nginx/ssl/tabletopelite.com.pem;
ssl_certificate_key /etc/nginx/ssl/tabletopelite.com.key;

location = /favicon.ico {
    log_not_found off;
    access_log off;
}
 
location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
}

location ~ /\.(?!well-known).* {
    deny all;
}

location ~ /\.ht {
    deny all;
}

location ~ ^/(doc|sql|setup)/ {
    deny all;
}

location ~ /\. {
    deny all;
}

location ~* \.(?:js|css|png|jpg|gif|ico|woff|ttf|woff2)$ {
    access_log off;
    log_not_found off;
}

location /js/ {
    access_log off;
    log_not_found off;
    try_files $uri /index.php?error=js404&file=$uri;
}

location /css/ {
    access_log off;
    log_not_found off;
    try_files $uri /index.php?error=css404&file=$uri;
}

location /images/ {
    try_files $uri /index.php?error=image404&url=$uri;
}

location /uploads/ {
    try_files $uri /index.php?error=upload404&url=$uri;
}

location /errors/ {
    try_files $uri /index.php?error=$uri;
}

location / {
    rewrite ^/(.+)$ /index.php?url=$1&$args;
}