Great question, with the solution similar to another one I’ve answered on ServerFault recently, although it’s much simpler here, and you know exactly what you need.
What you want here is to only perform the redirect when the user explicitly requests /index.php, but never redirect any of the internal requests that end up being served by the actual index.php script, as defined through the index directive.
This should do just that, avoiding the loops:
server {
index index.php;
if ($request_uri ~* "^(.*/)index\.php$") {
return 301 $1;
}
location / {
# ...
}
}