shaarli 2.0 KB

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576
  1. ## shaarli site config
  2. server {
  3. listen 80;
  4. listen [::]:80;
  5. listen 443 ssl;
  6. listen [::]:443 ssl;
  7. server_name pic.demu.red;
  8. root /var/www/shaarli;
  9. access_log /var/log/nginx/shaarli_access.log;
  10. error_log /var/log/nginx/shaarli_error.log;
  11. ## Disable all methods besides HEAD, GET and POST.
  12. if ($request_method !~ ^(GET|HEAD|POST)$ ) {
  13. return 444;
  14. }
  15. index index.php index.html;
  16. ## Include certbot fix
  17. include /etc/nginx/snippets/nginx.well-known.conf;
  18. ## Include ssl
  19. include /etc/nginx/snippets/nginx.ssl.conf;
  20. ### Deny Stuffs ### {{{
  21. ## Protect specific TXT and config files
  22. location ~ /(\.|readme.html|readme.md|changelog.txt|changelog.md|contributing.txt|contributing.md|license.txt|license.md|legalnotice|privacy.txt|privacy.md|security.txt|security.md|sample-.*txt)
  23. {
  24. deny all;
  25. }
  26. ## Protect .git files
  27. location ~ /\.git/ {
  28. access_log off;
  29. log_not_found off;
  30. deny all;
  31. }
  32. ### End Deny Stuffs ### }}}
  33. location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
  34. expires max;
  35. add_header Pragma public;
  36. add_header Cache-Control "public, must-revalidate, proxy-revalidate";
  37. }
  38. ## Try all locations and relay to index.php as a fallback.
  39. location / {
  40. try_files $uri /index.php$is_args$args;
  41. location ~ /(tpl|plugins|cache) {
  42. access_log off;
  43. }
  44. }
  45. ## Relay all index.php requests to fastcgi.
  46. location ~ ^(.+\.php)(.*)$ {
  47. fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
  48. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  49. include fastcgi_params;
  50. ##access_log off; ## It spams a bit. ## commented to see any traffic
  51. }
  52. ## Error Redirects
  53. error_page 403 /error.html;
  54. error_page 404 /error.html;
  55. error_page 405 /error.html;
  56. error_page 500 501 502 503 504 /error.html;
  57. location = /error.html {
  58. root /var/www/error;
  59. internal;
  60. }
  61. }