Correct. Technically, It takes the origin it got from a client, and returns the same origin as part of the CORS headers – but functions same as “any”. (You can also add X.509 client authentications too but you have to change the config and add certificates)
You extend this to do that. I’m not sure the needed PHP runtime is installed by default. But if can build your own docker image that does include it. I’m not the PHP expert, but typically ngnix enables PHP via their “fastcgi” plugin. See https://www.nginx.com/resources/wiki/start/topics/examples/phpfcgi/ . You’d have to change the Dockerfile to add PHP to linux, add files with PHP files to the Dockerfile, and change the ngnix.conf have to config that uses the “fastcgi” plugin to call your PHP.
For example, to add package to the Dockerfile for PHP, you’d need the following code after the “ENV” in the Dockerfile:
RUN apk add --no-cache \
curl \
php81 \
php81-ctype \
php81-curl \
php81-dom \
php81-fpm \
php81-gd \
php81-intl \
php81-mbstring \
php81-mysqli \
php81-opcache \
php81-openssl \
php81-phar \
php81-session \
php81-xml \
php81-xmlreader
Plus your PHP files need to have some “COPY” lines in Dockerfile to add your code. Finally, the ngnix.conf need to have a sections to route the URL to the PHP code (and some wildcard route that actually invoke the PHP runtime) - NGINX docs likely explains this better since I don’t regularly use PHP.
Same approach work for nodeJS or Python. In larger environment, it’s pretty typically to use NGINX (or Apache) as a “frontend” web server that proxies to internal node or python to apply filters, static content, and avoid needing SSL certs inside a node/PHP/python web server itself. So, in theory, nginx could be the “frontend” to all of them at the same time if you add the right package/code.
In my use case, I just have a hosted static HTML file with JavaScript that calls the Mikrotik REST API, so all I needed was NGINX to proxy the request and add CORS headers on the response.