server {
   listen 80;
   listen 443;
   listen [::]:443 ssl;
   server_name _DOMAIN;

   add_header Content-Security-Policy upgrade-insecure-requests;
#   add_header 'Access-Control-Allow-Origin' '*';

   #if ($http_x_forwarded_proto = "http") { return 301 https://$server_name$request_uri; }

   location / {
     try_files $uri/ $uri /index.php?/$request_uri; # =404;
      include /etc/nginx/def_conf/proxypass.conf;
   }


   index  index.php index.html;
   root	/var/www/kalkun;

    # set expiration of assets to MAX for caching
    location ~* \.(ico|css|js|gif|jpe?g|png)(\?[0-9]+)?$ {
            expires max;
            log_not_found off;
    }

   # php parsing
   location ~ \.php$ {
        include fastcgi_params;
        fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $request_filename;
   }

   error_log  /var/log/nginx/kalkun_error.log;
   access_log  /var/log/nginx/kalkun_access.log;


}