server {

        listen 192.168.1.254:443 ssl;
        listen 10.0.0.254:443 ssl;

        server_name core.privat-network.net;

        root /srv/www/drupal; ## <-- Your only path reference.

        # Enable compression, this will help if you have for instance advagg¿? module
        # by serving Gzip versions of the files.
        gzip_static on;

        location ~ ^/stats/(.*)$ {
            alias /srv/www/stats/$1;
            autoindex on;
        }

        location /sysdoc {
            alias /srv/www/sysdoc;
            autoindex on;
        }

        location /ports {
            alias /var/ports/ports;
            autoindex on;
        }

        location /distfiles {
            alias /var/ports/distfiles;
            autoindex on;
        }


        location /packages {
            root /var/ports/packages;
            autoindex off;
        }


        location = /favicon.ico {
            log_not_found off;
            access_log off;
        }

        location = /robots.txt {
                allow all;
                log_not_found off;
        }

        # This matters if you use drush prior to 5.x
        # After 5.x backups are stored outside the Drupal install.
        #location = /backup {
        #        deny all;
        #}

        # Very rarely should these ever be accessed outside of your lan
        location ~* \.(txt|log)$ {
                allow 192.168.0.0/16;
                deny all;
        }

        location ~ \..*/.*\.php$ {
                return 403;
        }

        # No no for private
        location ~ ^/sites/.*/private/ {
                return 403;
        }

        # Block access to "hidden" files and directories whose names begin with a
        # period. This includes directories used by version control systems such
        # as Subversion or Git to store control files.
        location ~ (^|/)\. {
                return 403;
        }

        location / {
                # This is cool because no php is touched for static content
                try_files $uri @rewrite;
        }

        location ~* /update.php*/.*$ {
                # You have 2 options here
                # For D7 and above:
                # Clean URLs are handled in drupal_environment_initialize().
                rewrite ^ /update.php;
                # For Drupal 6 and bwlow:
                # Some modules enforce no slash (/) at the end of the URL
                # Else this rewrite block wouldn't be needed (GlobalRedirect)
                #rewrite ^/(.*)$ /index.php?q=$1;
        }

        location @rewrite {
                # You have 2 options here
                # For D7 and above:
                # Clean URLs are handled in drupal_environment_initialize().
                rewrite ^ /index.php;
                # For Drupal 6 and bwlow:
                # Some modules enforce no slash (/) at the end of the URL
                # Else this rewrite block wouldn't be needed (GlobalRedirect)
                #rewrite ^/(.*)$ /index.php?q=$1;
        }

        location ~ \.php$ {
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $request_filename;
                fastcgi_intercept_errors on;
                #fastcgi_pass unix:/tmp/phpfpm.sock;
                fastcgi_pass 127.0.0.1:9000;
        }

        # Fighting with Styles? This little gem is amazing.
        # This is for D6
        #location ~ ^/sites/.*/files/imagecache/ {
        # This is for D7 and D8
        location ~ ^/sites/.*/files/styles/ {
                try_files $uri @rewrite;
        }

        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
                expires max;
                #log_not_found off;
        }

}