Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ############### mydomain.tld.conf ###################
- server {
- listen 80;
- listen [::]:80;
- server_name mydomain.tld;
- access_by_lua_file /usr/share/ssowat/access.lua;
- include conf.d/mydomain.tld.d/*.conf;
- location /yunohost/admin {
- return 301 https://$http_host$request_uri;
- }
- access_log /var/log/nginx/mydomain.tld-access.log;
- error_log /var/log/nginx/mydomain.tld-error.log;
- }
- server {
- listen 443 ssl;
- listen [::]:443 ssl;
- server_name mydomain.tld;
- ssl_certificate /etc/yunohost/certs/mydomain.tld/crt.pem;
- ssl_certificate_key /etc/yunohost/certs/mydomain.tld/key.pem;
- ssl_session_timeout 5m;
- ssl_session_cache shared:SSL:50m;
- ssl_prefer_server_ciphers on;
- ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
- ssl_ciphers ALL:!aNULL:!eNULL:!LOW:!EXP:!RC4:!3DES:+HIGH:+MEDIUM;
- add_header Strict-Transport-Security "max-age=31536000;";
- # Uncomment the following directive after DH generation
- # > openssl dhparam -out /etc/ssl/private/dh2048.pem -outform PEM -2 2048
- #ssl_dhparam /etc/ssl/private/dh2048.pem;
- access_by_lua_file /usr/share/ssowat/access.lua;
- include conf.d/mydomain.tld.d/*.conf;
- include conf.d/yunohost_admin.conf.inc;
- include conf.d/yunohost_api.conf.inc;
- access_log /var/log/nginx/mydomain.tld-access.log;
- error_log /var/log/nginx/mydomain.tld-error.log;
- }
- ############### mydomain.tld.d/webapp.conf ###################
- location / {
- alias /var/www/my_webapp__2/www/;
- # Default indexes and catch-all
- index index.html index.php;
- try_files $uri $uri/ /index.php?$args;
- # Prevent useless logs
- location = /favicon.ico {
- log_not_found off;
- access_log off;
- }
- location = /robots.txt {
- allow all;
- log_not_found off;
- access_log off;
- }
- # Deny access to hidden files and directories
- location ~ ^/(.+/|)\.(?!well-known\/) {
- deny all;
- }
- # Execute and serve PHP files
- location ~ [^/]\.php(/|$) {
- fastcgi_split_path_info ^(.+?\.php)(/.*)$;
- fastcgi_pass unix:/var/run/php5-fpm-my_webapp__2.sock;
- fastcgi_index index.php;
- include fastcgi_params;
- fastcgi_param REMOTE_USER $remote_user;
- fastcgi_param PATH_INFO $fastcgi_path_info;
- fastcgi_param SCRIPT_FILENAME $request_filename;
- }
- # Include SSOWAT user panel.
- include conf.d/yunohost_panel.conf.inc;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement