nginx-php-composite.conf

server {
    listen	192.168.0.1:80;

    server_name  metodlab.ru;

    return 301	https://metodlab.ru$request_uri;
}

server {
    listen	192.168.0.1:443 ssl http2;

    ssl_certificate      /etc/nginx/ssl/certs/metodlab.ru.rsa.pem;
    ssl_certificate_key  /etc/nginx/ssl/private/metodlab.ru.rsa.key;
    ssl_certificate      /etc/nginx/ssl/certs/metodlab.ru.ecdsa.pem;
    ssl_certificate_key  /etc/nginx/ssl/private/metodlab.ru.ecdsa.key;
    ssl_trusted_certificate /etc/nginx/ssl/certs/metodlab.ru_chain.ecdsa.pem;

    server_name metodlab.ru;

    charset utf-8;

    set $root_path "/home/httpd/metodlab.ru/www"; # корневая директория

    root $root_path;
    index index.php;

    set $frame_options '';
    if ($http_referer !~ '^https?:\/\/([^\/]+\.)?(webvisor\.com)\/'){
        set $frame_options 'SAMEORIGIN';
    }
    add_header X-Frame-Options $frame_options;

    # Composit Bitrix
    set $storedAuth "";
    set $usecache "";
    # check all conditions for enable composite
    if ($http_bx_action_type = "")           { set $usecache "A"; }
    if ($request_method = "GET")             { set $usecache "${usecache}B"; }
    if ($cookie_BITRIX_SM_NCC = "")          { set $usecache "${usecache}C"; }
    #if ($http_x_forwarded_scheme !~ "https") { set $usecache "${usecache}D"; }
    set $usecache "${usecache}D";
    if ($http_accept_encoding ~* "deflate")  { set $usecache "${usecache}E"; }

    # IE9 and above exclude
    modern_browser_value "modern";
    modern_browser msie 10.0;
    modern_browser unlisted;
    if ($modern_browser) {
        set $usecache "${usecache}F";
    }

    # check user auth
    if ($cookie_BITRIX_SM_LOGIN != "") { set $storedAuth "A"; }
    if ($cookie_BITRIX_SM_UIDH != "")  { set $storedAuth "${storedAuth}B"; }
    if ($cookie_BITRIX_SM_CC != "Y")   { set $storedAuth "${storedAuth}C"; }
    if ($storedAuth !~ "ABC")          { set $usecache "${usecache}G"; }

    memcached_connect_timeout 1s;
    memcached_read_timeout 1s;
    memcached_send_timeout 1s;

    location / {
	try_files  $uri $uri/ @bitrix2;
    }

    location ~ \.php$ {
        error_page 404 405 412 502 504 = @bitrix;
        if ($usecache != "ABCDEFG" ) { return 412; }
        default_type text/html;
        set $memcached_key "/$host$1@$args.html";
        add_header Content-Encoding deflate;
        memcached_pass 127.0.0.1:11211;
    }

    location @bitrix {
        include fastcgi_params;
        fastcgi_pass unix:/run/php/php7.2-fpm.sock;
    }

    location @bitrix2 {
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root/bitrix/urlrewrite.php;
        fastcgi_pass unix:/run/php/php7.2-fpm.sock;
    }

    location ^~ /bitrix/admin/.*\.php$  {
       include fastcgi_params;
       fastcgi_pass unix:/run/php/php7.2-fpm.sock;
    }

    location ~ (/\.ht|/bitrix/modules|/upload/support/not_image|/bitrix/php_interface|/\.svn|/\.git) {
       deny all;
    }

    # Static files location
    location ~* \.(jpg|jpeg|gif|png)$ {
        add_header Vary $vary_header;
        add_header Cache-Control $cache_control;
        try_files $uri$webp_suffix $uri =404;
    }

    # Static files location
    location ~* \.(ttf|eot|svg|woff|woff2|css|js|json|ico|zip|tgz|gz|rar|bz2|doc|docx|xlsx|pptx|xls|exe|pdf|ppt|txt|tar|mid|midi|wav|bmp|rtf|avi|swf|flv|mp3|mp4|fla)$ {
        add_header Cache-Control "max-age=31536000, public, no-transform, immutable";
    }

}