1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/spip_ynh.git synced 2024-09-03 20:25:59 +02:00

Fix nginx config

This commit is contained in:
Kayou 2019-03-10 11:34:53 +01:00
parent 50337682c5
commit 6e4f6fb054
No known key found for this signature in database
GPG key ID: 823A2CBE071D3126

View file

@ -1,53 +1,65 @@
location __PATH__ { #sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
alias __FINALPATH__/; location __PATH__/ {
index index.php;
if (!-e $request_filename) # Path to source
{ alias __FINALPATH__/ ;
rewrite ^/([^/]*)/robots\.txt$ __PATH__/spip.php?page=robots.txt last;
rewrite ^/([^/]*)/sitemap\.xml$ __PATH__/spip.php?page=sitemap.xml last;
rewrite ^(.+)$ __PATH__/index.php?q=$1 last;
}
if ($scheme = http) {
rewrite ^ https://$server_name$request_uri? permanent;
}
client_max_body_size 30m;
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
location ~^/(tmp|config|\.ht)/{ # Force usage of https
deny all; if ($scheme = http) {
} rewrite ^ https://$server_name$request_uri? permanent;
location ~* \.(jpg|jpeg|gif|css|png|js|ico|swf|mp3|pdf)$ { }
# Le contenu statique, est signalé au navigateur comme étant
# à garder en cache une semaine. Si il y a un proxy sur la
# route, celui-ci est autorisé à faire une copie et à la
# cacher.
rewrite ^/([^/]*)/favicon\.ico$ __PATH__/spip.php?page=favicon.ico last;
expires 1w;
add_header Cache-Control public;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
set $ecrire 0; index index.php;
if ($uri ~ ^/ecrire.*) {
set $ecrire 1; client_max_body_size 30M;
}
try_files $uri $uri/ index.php;
if (!-e $request_filename)
{
rewrite ^/([^/]*)/robots\.txt$ __PATH__/spip.php?page=robots.txt last;
rewrite ^/([^/]*)/sitemap\.xml$ __PATH__/spip.php?page=sitemap.xml last;
rewrite ^(.+)$ __PATH__/index.php?q=$1 last;
}
# Add headers to serve security related headers
more_set_header Strict-Transport-Security "max-age=15768000;";
more_set_header X-Content-Type-Options nosniff;
more_set_header X-Frame-Options "SAMEORIGIN";
more_set_header X-XSS-Protection "1; mode=block";
more_set_header X-Robots-Tag none;
more_set_header X-Download-Options noopen;
more_set_header X-Permitted-Cross-Domain-Policies none;
location ~^/(tmp|config|\.ht)/{
deny all;
}
location ~* \.(jpg|jpeg|gif|css|png|js|ico|swf|mp3|pdf)$ {
# Le contenu statique, est signalé au navigateur comme étant
# à garder en cache une semaine. Si il y a un proxy sur la
# route, celui-ci est autorisé à faire une copie et à la
# cacher.
rewrite ^/([^/]*)/favicon\.ico$ __PATH__/spip.php?page=favicon.ico last;
expires 1w;
more_set_header Cache-Control public;
}
location ~ [^/]\.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
fastcgi_pass unix:/var/run/php/php7.0-fpm-__NAME__.sock;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param SCRIPT_FILENAME $request_filename;
set $ecrire 0;
if ($uri ~ ^/ecrire.*) {
set $ecrire 1;
} }
}
# Include SSOWAT user panel. # Include SSOWAT user panel.
include conf.d/yunohost_panel.conf.inc; include conf.d/yunohost_panel.conf.inc;