YunoHost-Apps/concrete5_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/concrete5_ynh.git synced 2024-09-03 18:25:54 +02:00
Code Issues Activity Actions

Merge pull request #4 from ABLD/master

Browse source 
Upadte nginx try !
This commit is contained in:
frju365 2017-03-03 00:31:55 +01:00 committed by GitHub
commit 60c2a1773f
1 changed files with 47 additions and 56 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

103
conf/nginx.conf
View file

@ -1,66 +1,77 @@
root ROOT_PATH; location ^~ YNH_WWW_PATH {
server_name https://APP_URL; alias YNH_WWW_FINALPATH/;
add_header "X-Frame-Options" "SAMEORIGIN"; add_header "X-Frame-Options" "SAMEORIGIN";
add_header "X-XSS-Protection" "1; mode=block"; add_header "X-XSS-Protection" "1; mode=block";
add_header "X-Content-Type-Options" "nosniff"; add_header "X-Content-Type-Options" "nosniff";
index index.php index.html index.htm;
# Don't log robots.txt or favicon.ico files
location = YNH_WWW_FINALPATH/favicon.ico { log_not_found off; access_log off; }
# Don't log robots.txt or favicon.ico files location = YNH_WWW_FINALPATH/robots.txt { allow all; access_log off; log_not_found off; }
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { allow all; access_log off; log_not_found off; } try_files $uri $uri/ /YNH_WWW_ROOTAPP/index.php?$query_string;
# deny access to .htaccess files, if Apache's document root index YNH_WWW_ROOTPATH/index.php YNH_WWW_ROOTPATH/index.html YNH_WWW_ROOTPATH/index.htm;
# concurs with nginx's one
location ~ /\.ht { location ~ \.ht {
deny all; deny all;
} }
location ~ /\.git { location ~ \.git {
deny all; deny all;
} }
location /src {
location YNH_WWW_ROOTPATH/src {
deny all; deny all;
} }
location /gen-src { location YNH_WWW_ROOTPATH/gen-src {
deny all; deny all;
} }
location /files/fonts { location YNH_WWW_ROOTPATH/files/fonts {
deny all; deny all;
} }
location /files/private { location YNH_WWW_ROOTPATH/files/private {
deny all; deny all;
} }
location /cache { location YNH_WWW_ROOTPATH/cache {
deny all; deny all;
} }
location /bin { location YNH_WWW_ROOTPATH/bin {
deny all; deny all;
} }
location /samples { location YNH_WWW_ROOTPATH/samples {
deny all; deny all;
} }
location /tests { location YNH_WWW_ROOTPATH/tests {
deny all; deny all;
} }
location /vendor { location YNH_WWW_ROOTPATH/vendor {
deny all; deny all;
} }
location /conf { location YNH_WWW_ROOTPATH/conf {
deny all; deny all;
} }
location /logs { location YNH_WWW_ROOTPATH/logs {
deny all; deny all;
} }
# Deny every non-public files in themes # Deny every non-public files in themes
location ~ /themes/(.+)\.(php|yml|twig|xlf|rzn|rzt|rzg)$ { location ~ YNH_WWW_ROOTPATH/themes/(.+)\.(php|yml|twig|xlf|rzn|rzt|rzg)$ {
deny all; deny all;
} }
location ~ /themes/([^/.]+)/(Resources|Command|Tests|Controllers|Entities|Form|Model|Services)/ { location ~ YNH_WWW_ROOTPATH/themes/([^/.]+)/(Resources|Command|Tests|Controllers|Entities|Form|Model|Services)/ {
deny all; deny all;
} }
location ~ YNH_WWW_ROOTPATH/install.php/ {
# Enable Expire on Themes public assets try_files $uri $uri/ /install.php?$query_string;
}
location ~ YNH_WWW_ROOTPATH/dev.php/ {
try_files $uri $uri/ /dev.php?$query_string;
}
location ~ YNH_WWW_ROOTPATH/preview.php/ {
try_files $uri $uri/ /preview.php?$query_string;
}
location ~ YNH_WWW_ROOTPATH/clear_cache.php/ {
try_files $uri $uri/ /clear_cache.php?$query_string;
}
# Enable Expire on Themes public assets
location ~* ^/themes/*.*\.(?:ico|css|js|woff2?|eot|ttf|otf|svg|gif|jpe?g|png)$ { location ~* ^/themes/*.*\.(?:ico|css|js|woff2?|eot|ttf|otf|svg|gif|jpe?g|png)$ {
expires 30d; expires 30d;
access_log off; access_log off;
@ -76,8 +87,8 @@
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS'; add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
} }
} }
# Enable Expire on native documents files # Enable Expire on native documents files
location ~* ^/files/*.*\.(?:ico|gif|jpe?g|png)$ { location ~* ^/files/*.*\.(?:ico|gif|jpe?g|png)$ {
expires 15d; expires 15d;
access_log off; access_log off;
@ -94,31 +105,7 @@
add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type'; add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
} }
} }
location ~ ^/index\.php(/|$) {
location / {
# First attempt to serve request as file, then
# as directory, then fall back to front-end controller
# (do not forget to pass GET parameters).
try_files $uri $uri/ /index.php?$query_string;
}
location ~ /install.php/ {
try_files $uri $uri/ /install.php?$query_string;
}
location ~ /dev.php/ {
try_files $uri $uri/ /dev.php?$query_string;
}
location ~ /preview.php/ {
try_files $uri $uri/ /preview.php?$query_string;
}
location ~ /clear_cache.php/ {
try_files $uri $uri/ /clear_cache.php?$query_string;
}
#
# Production entry point.
#
location ~ ^/index\.php(/|$) {
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
@ -146,3 +133,7 @@
fastcgi_pass unix:/var/run/php5-fpm.sock; fastcgi_pass unix:/var/run/php5-fpm.sock;
include fastcgi_params; include fastcgi_params;
} }
# Include SSOWAT user panel.
# include conf.d/yunohost_panel.conf.inc;
}