From 0ebb2d62a69367b33bd2f38ba9aabe4f7e15707c Mon Sep 17 00:00:00 2001 From: ewilly Date: Tue, 5 Mar 2019 21:31:03 +0100 Subject: [PATCH 1/2] Update nginx.conf Increase buffer to avoid 502 with some plugins (spxplugindownloader, ...) According to https://wiki.pluxml.org/installer/nginx/ : * increase security * setup cache control * setup redirect --- conf/nginx.conf | 51 ++++++++++++++++++++++++++++++++++++++++++------- 1 file changed, 44 insertions(+), 7 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index f2277ea..7822bdb 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,4 +1,9 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; + +location @handler { + rewrite ^/(.*)$ /index.php?^$1 last; +} + location __PATH__/ { # Path to source @@ -9,24 +14,56 @@ location __PATH__/ { rewrite ^ https://$server_name$request_uri? permanent; } -### Example PHP configuration (remove it if not used) index index.php; - - # Common parameter to increase upload size limit in conjunction with dedicated php-fpm file - #client_max_body_size 50M; - + + # Réécriture vers l'index try_files $uri $uri/ index.php; + + # Parseur PHP location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock; - fastcgi_index index.php; include fastcgi_params; fastcgi_param REMOTE_USER $remote_user; fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param SCRIPT_FILENAME $request_filename; + fastcgi_buffers 16 16k; + fastcgi_buffer_size 32k; + } + + # Redirections + ## Flux RSS + location /feed/ { + rewrite ^/feed\/(.*)$ /feed.php?^$1 last; + } + ## Sitemap + location = /sitemap.xml { + rewrite .* /sitemap.php; + } + + # Protections + location ~ /(version|update|readme|data/configuration) { + deny all; + } + + # Cache-control + location /data/ { + add_header Cache-Control public; + expires 12h; + } + location /core/ { + add_header Cache-Control public; + expires 12h; + } + location /plugins/ { + add_header Cache-Control public; + expires 12h; + } + location /themes/ { + add_header Cache-Control public; + expires 12h; } -### End of PHP configuration part # Include SSOWAT user panel. include conf.d/yunohost_panel.conf.inc; From de793fed97812859be2052eb9a4f738e5cdb2b08 Mon Sep 17 00:00:00 2001 From: ewilly Date: Fri, 8 Mar 2019 07:14:12 +0100 Subject: [PATCH 2/2] Fix Installation in a sub path --- conf/nginx.conf | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 7822bdb..1584f75 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -1,7 +1,7 @@ #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent; location @handler { - rewrite ^/(.*)$ /index.php?^$1 last; + rewrite ^/(.*)$ __PATH__/index.php?^$1 last; } location __PATH__/ { @@ -17,7 +17,7 @@ location __PATH__/ { index index.php; # Réécriture vers l'index - try_files $uri $uri/ index.php; + try_files $uri $uri/ @handler; # Parseur PHP location ~ [^/]\.php(/|$) { @@ -34,33 +34,33 @@ location __PATH__/ { # Redirections ## Flux RSS - location /feed/ { - rewrite ^/feed\/(.*)$ /feed.php?^$1 last; + location ~ ^__PATH__/feed/ { + rewrite ^__PATH__/feed\/(.*)$ __PATH__/feed.php?^$1 last; } ## Sitemap - location = /sitemap.xml { - rewrite .* /sitemap.php; + location = __PATH__/sitemap.xml { + rewrite .* __PATH__/sitemap.php; } # Protections - location ~ /(version|update|readme|data/configuration) { + location ~ ^__PATH__/(version|update|readme|data/configuration) { deny all; } # Cache-control - location /data/ { + location ~ ^__PATH__/data/ { add_header Cache-Control public; expires 12h; } - location /core/ { + location ~ ^__PATH__/core/ { add_header Cache-Control public; expires 12h; } - location /plugins/ { + location ~ ^__PATH__/plugins/ { add_header Cache-Control public; expires 12h; } - location /themes/ { + location ~ ^__PATH__/themes/ { add_header Cache-Control public; expires 12h; }