## # Friendica Nginx configuration # by Olaf Conradi # # On Debian based distributions you can add this file to # /etc/nginx/sites-available # # Then customize to your needs. To enable the configuration # symlink it to /etc/nginx/sites-enabled and reload Nginx using # # service nginx reload ## ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. # # http://wiki.nginx.org/Pitfalls # http://wiki.nginx.org/QuickStart # http://wiki.nginx.org/Configuration ## ## # This configuration assumes your domain is example.net # You have a separate subdomain friendica.example.net # You want all Friendica traffic to be https # You have an SSL certificate and key for your subdomain # You have PHP FastCGI Process Manager (php5-fpm) running on localhost # You have Friendica installed in /var/www/friendica ## location __PATH__ { alias __FINALPATH__/; if ($scheme = http) { rewrite ^ https://$server_name$request_uri? permanent; } if (!-e $request_filename) { rewrite ^(.*)$ /index.php?pagename=$1; } #allow uploads up to 20MB in size client_max_body_size 20m; client_body_buffer_size 128k; #Default indexes and catch-all index index.php; # make sure webfinger and other well known services aren't blocked # by denying dot files and rewrite request to the front controller location ^~ /.well-known/ { allow all; if (!-e $request_filename) { rewrite ^(.*)$ /index.php?pagename=$1; } } include mime.types; # block these file types location ~* \.(tpl|md|tgz|log|out)$ { deny all; } #Execute and serve PHP files location ~* \.php$ { fastcgi_split_path_info ^(.+?\.php)(/.*)$; try_files $uri =404; fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; } # deny access to all dot files location ~ /\. { deny all; } #Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; }