From 766aee3a43070de0d5e119904b1836f41b326b5b Mon Sep 17 00:00:00 2001
From: Anmol <github@datamol.in>
Date: Wed, 19 Jul 2017 01:43:40 +0530
Subject: [PATCH] changed the nginx.conf so that  .htaccess has write access

---
 conf/nginx.conf | 64 ++++++++++++++++++++++++++++++++++++-------------
 scripts/install |  2 +-
 2 files changed, 48 insertions(+), 18 deletions(-)

diff --git a/conf/nginx.conf b/conf/nginx.conf
index e80307d..614c929 100644
--- a/conf/nginx.conf
+++ b/conf/nginx.conf
@@ -1,24 +1,54 @@
 location __PATH__ {
-	alias __FINALPATH__;
-	client_max_body_size 10G;
-	index index.php;
+	alias __FINALPATH__/;
+
 
 	if ($scheme = http) {
     rewrite ^ https://$server_name$request_uri? permanent;
   }
 
-	# Example PHP configuration
-  index index.php index.html;
-  try_files $uri $uri/ index.php;
-  location ~ [^/]\.php(/|$) {
-    fastcgi_split_path_info ^(.+?\.php)(/.*)$;
-    fastcgi_pass unix:/var/run/php5-fpm.sock;
-    fastcgi_index index.php;
-    include fastcgi_params;
-    fastcgi_param   REMOTE_USER   $remote_user;
-    fastcgi_param  PATH_INFO $fastcgi_path_info;
-    fastcgi_param SCRIPT_FILENAME $request_filename;
-}
-	# Include SSOWAT user panel.
-	include conf.d/yunohost_panel.conf.inc;
+	# Default indexes and catch-all
+    index index.html index.php;
+    try_files $uri $uri/ /index.php?$args;
+
+    # Prevent useless logs
+    location = /favicon.ico {
+        log_not_found off;
+        access_log off;
+    }
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    # Deny access to hidden files and directories
+    location ~ ^/(.+/|)\.(?!well-known\/) {
+        deny all;
+    }
+
+    # Execute and serve PHP files
+    location ~ [^/]\.php(/|$) {
+        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
+        fastcgi_pass unix:/var/run/php5-fpm-my_webapp.sock;
+        fastcgi_index index.php;
+        include fastcgi_params;
+        fastcgi_param REMOTE_USER $remote_user;
+        fastcgi_param PATH_INFO $fastcgi_path_info;
+        fastcgi_param SCRIPT_FILENAME $request_filename;
+    }
+
+		# .htaccess file from Hubzilla converted using http://winginx.com/en/htaccess
+    location ~ "(^|/)\.git"
+		  {
+		return 403;
+		   }
+		autoindex off;
+    location / { if (!-e $request_filename)
+      {
+		rewrite ^(.*)$ /index.php?pagename=$1;
+		    }
+                }
+
+    # Include SSOWAT user panel.
+    include conf.d/yunohost_panel.conf.inc;
 }
diff --git a/scripts/install b/scripts/install
index 5b2937b..61a73b3 100644
--- a/scripts/install
+++ b/scripts/install
@@ -131,7 +131,7 @@ sudo cp ../conf/poller-cron /etc/cron.d/$app
 #=================================================
 
 if [ $is_public -eq 0 ]
-then	# Remove the public access
+then	# Remove the public ac https://yourhostname.tld/install/testrewrite acess
 	ynh_app_setting_delete $app skipped_uris
 fi
 # Make app public if necessary