1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677 |
- ## YOURLS site config
- server {
- ## Redirect http to https
- listen 80;
- listen [::]:80;
- server_name tt.demu.red;
- return 301 https://$host$request_uri;
- }
- server {
- listen 443 ssl;
- listen [::]:443 ssl;
- server_name tt.demu.red;
- root /var/www/tt-rss;
- access_log /var/log/nginx/ttrss_access.log;
- error_log /var/log/nginx/ttrss_error.log;
- ## Disable all methods besides HEAD, GET and POST.
- if ($request_method !~ ^(GET|HEAD|POST)$ ) {
- return 444;
- }
- index index.php index.html;
- ## Include certbot fix
- include /etc/nginx/snippets/nginx.well-known.conf;
- ## Include ssl
- include /etc/nginx/snippets/nginx.ssl.conf;
- ### Deny Stuffs ### {{{
- ## Protect specific TXT and config files
- location ~ /(\.|readme.html|readme.md|changelog.txt|changelog.md|contributing.txt|contributing.md|license.txt|license.md|legalnotice|privacy.txt|privacy.md|security.txt|security.md|sample-.*txt)
- {
- deny all;
- }
- ## Protect .git files
- location ~ /\.git/ {
- access_log off;
- log_not_found off;
- deny all;
- }
- ### End Deny Stuffs ### }}}
- location / {
- access_log /var/log/nginx/ttrss_access.log;
- error_log /var/log/nginx/ttrss_error.log info;
- #location ~ /(js|css|images|lib|themes) {
- #access_log off;
- #}
- location ~ ^(.+\.php)(.*)$ {
- fastcgi_split_path_info ^(.+\.php)(.*)$;
- try_files $uri =404;
- fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
- fastcgi_index index.php;
- ## https://stackoverflow.com/questions/28490391/how-to-properly-configure-alias-directive-in-nginx
- fastcgi_param SCRIPT_FILENAME $request_filename;
- include fastcgi_params;
- }
- }
- ## Error Redirects
- error_page 403 /error.html;
- error_page 404 /error.html;
- error_page 405 /error.html;
- error_page 500 501 502 503 504 /error.html;
- location = /error.html {
- root /var/www/error;
- internal;
- }
- }
|