librenms-fpm-nginx-conf

1. ### /etc/php/8.1/fpm/pool.d/librenms.conf ###
2.  
3. ; Start a new pool named 'librenms'.
4. ; the variable $pool can be used in any directive and will be replaced by the
5. ; pool name ('librenms' here)
6. [librenms]
7.  
8. ; Per pool prefix
9. ; It only applies on the following directives:
10. ; - 'access.log'
11. ; - 'slowlog'
12. ; - 'listen' (unixsocket)
13. ; - 'chroot'
14. ; - 'chdir'
15. ; - 'php_values'
16. ; - 'php_admin_values'
17. ; When not set, the global prefix (or /usr) applies instead.
18. ; Note: This directive can also be relative to the global prefix.
19. ; Default Value: none
20. ;prefix = /path/to/pools/$pool
21.  
22. ; Unix user/group of processes
23. ; Note: The user is mandatory. If the group is not set, the default user's group
24. ; will be used.
25. user = librenms
26. group = librenms
27.  
28. ; The address on which to accept FastCGI requests.
29. ; Valid syntaxes are:
30. ; 'ip.add.re.ss:port' - to listen on a TCP socket to a specific IPv4 address on
31. ; a specific port;
32. ; '[ip:6:addr:ess]:port' - to listen on a TCP socket to a specific IPv6 address on
33. ; a specific port;
34. ; 'port' - to listen on a TCP socket to all addresses
35. ; (IPv6 and IPv4-mapped) on a specific port;
36. ; '/path/to/unix/socket' - to listen on a unix socket.
37. ; Note: This value is mandatory.
38. listen = /run/php-fpm-librenms.sock
39.  
40. ; Set listen(2) backlog.
41. ; Default Value: 511 (-1 on FreeBSD and OpenBSD)
42. ;listen.backlog = 511
43.  
44. ; Set permissions for unix socket, if one is used. In Linux, read/write
45. ; permissions must be set in order to allow connections from a web server. Many
46. ; BSD-derived systems allow connections regardless of permissions. The owner
47. ; and group can be specified either by name or by their numeric IDs.
48. ; Default Values: user and group are set as the running user
49. ; mode is set to 0660
50. listen.owner = www-data
51. listen.group = www-data
52. ;listen.mode = 0660
53. ; When POSIX Access Control Lists are supported you can set them using
54. ; these options, value is a comma separated list of user/group names.
55. ; When set, listen.owner and listen.group are ignored
56. ;listen.acl_users =
57. ;listen.acl_groups =
58.  
59. ; List of addresses (IPv4/IPv6) of FastCGI clients which are allowed to connect.
60. ; Equivalent to the FCGI_WEB_SERVER_ADDRS environment variable in the original
61. ; PHP FCGI (5.2.2+). Makes sense only with a tcp listening socket. Each address
62. ; must be separated by a comma. If this value is left blank, connections will be
63. ; accepted from any ip address.
64. ; Default Value: any
65. ;listen.allowed_clients = 127.0.0.1
66.  
67. ; Specify the nice(2) priority to apply to the pool processes (only if set)
68. ; The value can vary from -19 (highest priority) to 20 (lower priority)
69.  
70.  
71. ### /etc/nginx/conf.d/librenms.conf ###
72.  
73. server {
74. server_name nms.richesinengineering.net;
75. root /opt/librenms/html;
76. index index.php;
77.  
78. charset utf-8;
79. gzip on;
80. gzip_types text/css application/javascript text/javascript application/x-javascript image/svg+xml text/plain text/xsd text/xsl text/xml image/x-icon;
81. location / {
82. try_files $uri $uri/ /index.php?$query_string;
83. }
84. location ~ [^/]\.php(/|$) {
85. fastcgi_pass unix:/run/php-fpm-librenms.sock;
86. fastcgi_split_path_info ^(.+\.php)(/.+)$;
87. include fastcgi.conf;
88. }
89. location ~ /\.(?!well-known).* {
90. deny all;
91. }
92.  
93. # Browsing to `http://yourlibrenms/smokeping/` should bring up the smokeping web interface
94.  
95. location = /smokeping/ {
96. fastcgi_intercept_errors on;
97.  
98. fastcgi_param SCRIPT_FILENAME /usr/lib/cgi-bin/smokeping.cgi;
99. fastcgi_param QUERY_STRING $query_string;
100. fastcgi_param REQUEST_METHOD $request_method;
101. fastcgi_param CONTENT_TYPE $content_type;
102. fastcgi_param CONTENT_LENGTH $content_length;
103. fastcgi_param REQUEST_URI $request_uri;
104. fastcgi_param DOCUMENT_URI $document_uri;
105. fastcgi_param DOCUMENT_ROOT $document_root;
106. fastcgi_param SERVER_PROTOCOL $server_protocol;
107. fastcgi_param GATEWAY_INTERFACE CGI/1.1;
108. fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
109. fastcgi_param REMOTE_ADDR $remote_addr;
110. fastcgi_param REMOTE_PORT $remote_port;
111. fastcgi_param SERVER_ADDR $server_addr;
112. fastcgi_param SERVER_PORT $server_port;
113. fastcgi_param SERVER_NAME $server_name;
114. fastcgi_param HTTPS $https if_not_empty;
115.  
116. fastcgi_pass unix:/var/run/fcgiwrap.socket;
117. }
118.  
119. location ^~ /smokeping/ {
120. alias /usr/share/smokeping/www/;
121. index smokeping.cgi;
122. gzip off;
123. }
124.  
125. listen 443 ssl http2; # managed by Certbot
126. ssl_certificate /etc/letsencrypt/live/nms.richesinengineering.net/fullchain.pem; # managed by Certbot
127. ssl_certificate_key /etc/letsencrypt/live/nms.richesinengineering.net/privkey.pem; # managed by Certbot
128. include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
129. ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
130.  
131. }
132. server {
133. if ($host = nms.richesinengineering.net) {
134. return 301 https://$host$request_uri;
135. } # managed by Certbot
136.  
137.  
138. listen 80;
139. server_name nms.richesinengineering.net;
140. return 404; # managed by Certbot
141.  
142.  
143. }
144. root@nms:/etc/nginx/conf.d#