apiVersion: v1 kind: ConfigMap metadata: name: {{ include "wordpress-nginx.fullname" . }}-nginx-config labels: {{- include "wordpress-nginx.labels" . | nindent 4 }} data: default.conf: | upstream php { server 127.0.0.1:9000; } map $http_x_forwarded_for $real_ip { ~^(\d+\.\d+\.\d+\.\d+) $1; default $remote_addr; } map $http_x_forwarded_proto $fastcgi_https { default ''; https on; } server { listen 80; server_name _; root /var/www/html; index index.php index.html; access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log; client_max_body_size 64M; real_ip_header X-Forwarded-For; set_real_ip_from 10.0.0.0/8; set_real_ip_from 172.16.0.0/12; set_real_ip_from 192.168.0.0/16; real_ip_recursive on; location = /favicon.ico { log_not_found off; access_log off; } location = /robots.txt { allow all; log_not_found off; access_log off; } # WordPressのパーマリンク対応 location / { try_files $uri $uri/ /index.php?$args; } # PHPファイルの処理 location ~ \.php$ { # ファイルが存在しない場合は404 try_files $uri =404; # FastCGI設定 fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; # FastCGIパラメータの読み込み include fastcgi_params; # 重要: これらのパラメータを正しく設定 fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info; # HTTPS対応 fastcgi_param HTTPS $fastcgi_https if_not_empty; # タイムアウト設定 fastcgi_read_timeout 300; fastcgi_send_timeout 300; fastcgi_connect_timeout 300; # バッファ設定 fastcgi_buffers 16 16k; fastcgi_buffer_size 32k; } # 静的ファイルのキャッシュ location ~* \.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot|otf)$ { expires 1y; add_header Cache-Control "public, immutable"; log_not_found off; access_log off; } # wp-config.phpへの直接アクセス拒否 location ~* /wp-config\.php { deny all; } # 隠しファイルへのアクセス拒否 location ~ /\. { deny all; access_log off; log_not_found off; } }