OpenCart 3 + Nginx (ISPManager) how to finish CNC?

E
Evgeny Samoldin2020-07-29 00:42:50
Nginx
Evgeny Samoldin, 2020-07-29 00:42:50
What did I do wrong here?
I have my own server, CentOS 7 + ISPManager
Nginx + Apache2 bundle works on it. I

transferred the Opencart store from Apache2 to Nginx and I can’t fully configure the CNC.
The links started working, but now I can’t get into /admin, a window for downloading files appears and nothing more.

Current config:
server {
  server_name example.com www.example.com;
  charset UTF-8;
  index index.php index.html;
  disable_symlinks if_not_owner from=$root_path;
  include /etc/nginx/vhosts-includes/*.conf;
  include /etc/nginx/vhosts-resources/example.com/*.conf;
  access_log /var/www/httpd-logs/example.com.access.log;
  error_log /var/www/httpd-logs/example.com.error.log notice;
  ssi on;
  set $root_path /var/www/example.com/data/www/example.com/www;
  root $root_path;

    location /admin { index index.php; }

    location / {
    location ~ [^/]\.ph(p\d*|tml)$ {
      try_files /does_not_exists @php;
  }

  if (!-e $request_filename){
      rewrite ^/(.+)$ /index.php?_route_=$1 last;
    }
  }

  location @fallback {
    error_log /dev/null crit;
    access_log off ;
  }

    location ~* ^.+\.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$ {
      expires 180d;
      log_not_found off;
      add_header Pragma public;
      add_header Cache-Control "public, must-revalidate, proxy-revalidate";
      try_files $uri $uri/ @fallback;
    }

  # Fix for Firefox issue with cross site font icons
  location ~* \.(eot|otf|ttf|woff)$ {
    add_header Access-Control-Allow-Origin *;
  }

  location ~* (\.(tpl|ini))$ { deny all; }

  location ~* \.(engine|inc|info|ini|install|log|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ {
    deny all;
  }

  location ~ /\. {
    access_log off;
    log_not_found off;
    deny all;
  }

  location ~ ~$ {
    access_log off;
    log_not_found off;
    deny all;
  }

  location ~* /(?:cache|logs|image|download)/.*\.php$ {
    deny all;
  }

  location @php {
    fastcgi_index index.php;
    fastcgi_param PHP_ADMIN_VALUE "sendmail_path = /usr/sbin/sendmail -t -i -f webmaster@example.com";
    fastcgi_pass unix:/var/www/php-fpm/example.com.sock;
    fastcgi_split_path_info ^((?U).+\.ph(?:p\d*|tml))(/?.+)$;
    try_files $uri =404;
    include fastcgi_params;
  }
  gzip on;
  gzip_comp_level 5;
  gzip_disable "msie6";
  gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;
  listen 172.16.1.5:80;
}
server {
  server_name example.com www.example.com;
  ssl_certificate "/var/www/httpd-cert/example.com/example.com_le1.crtca";
  ssl_certificate_key "/var/www/httpd-cert/example.com/example.com_le1.key";
  ssl_ciphers EECDH:+AES256:-3DES:RSA+AES:!NULL:!RC4;
  ssl_prefer_server_ciphers on;
  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  add_header Strict-Transport-Security "max-age=31536000;";
  ssl_dhparam /etc/ssl/certs/dhparam4096.pem;
  charset UTF-8;
  index index.php index.html;
  disable_symlinks if_not_owner from=$root_path;
  include /etc/nginx/vhosts-includes/*.conf;
  include /etc/nginx/vhosts-resources/example.com/*.conf;
  access_log /var/www/httpd-logs/example.com.access.log;
  error_log /var/www/httpd-logs/example.com.error.log notice;
  ssi on;
  set $root_path /var/www/example.com/data/www/example.com/www;
  root $root_path;
  gzip on;
  gzip_comp_level 5;
  gzip_disable "msie6";
  gzip_types text/plain text/css application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript application/javascript;
  
  location /admin { index index.php; }
  
  location / {
    location ~ [^/]\.ph(p\d*|tml)$ {
      try_files /does_not_exists @php;
  }

  if (!-e $request_filename){
      rewrite ^/(.+)$ /index.php?_route_=$1 last;
    }
  }

  location @fallback {
    error_log /dev/null crit;
    access_log off ;
  }

    location ~* ^.+\.(jpg|jpeg|gif|png|svg|js|css|mp3|ogg|mpe?g|avi|zip|gz|bz2?|rar|swf)$ {
      expires 180d;
      log_not_found off;
      add_header Pragma public;
      add_header Cache-Control "public, must-revalidate, proxy-revalidate";
      try_files $uri $uri/ @fallback;
    }

  # Fix for Firefox issue with cross site font icons
  location ~* \.(eot|otf|ttf|woff)$ {
    add_header Access-Control-Allow-Origin *;
  }

  location ~* (\.(tpl|ini))$ { deny all; }

  location ~* \.(engine|inc|info|ini|install|log|make|module|profile|test|po|sh|.*sql|theme|tpl(\.php)?|xtmpl)$|^(\..*|Entries.*|Repository|Root|Tag|Template)$|\.php_ {
    deny all;
  }

  location ~ /\. {
    access_log off;
    log_not_found off;
    deny all;
  }

  location ~ ~$ {
    access_log off;
    log_not_found off;
    deny all;
  }

  location ~* /(?:cache|logs|image|download)/.*\.php$ {
    deny all;
  }

  
  location @php {
    fastcgi_index index.php;
    fastcgi_param PHP_ADMIN_VALUE "sendmail_path = /usr/sbin/sendmail -t -i -f webmaster@example.com";
    fastcgi_pass unix:/var/www/php-fpm/example.com.sock;
    fastcgi_split_path_info ^((?U).+\.ph(?:p\d*|tml))(/?.+)$;
    try_files $uri =404;
    include fastcgi_params;
  }
  listen 172.16.1.5:443 ssl;
}