Nginxconf: Difference between revisions
From GaryH Tech's Wiki
No edit summary |
|||
| (7 intermediate revisions by the same user not shown) | |||
| Line 1: | Line 1: | ||
Redirect for wiki.garyhtech.uk | #Redirect for wiki.garyhtech.uk | ||
server { | |||
listen 80; | |||
server_name wiki.garyhtech.uk; | |||
return 301 https://$server_name$request_uri; | |||
} | |||
server { | |||
listen 443 ssl; | |||
#listen [::]:80; | |||
http2 on; | |||
server_name wiki.garyhtech.uk; | |||
ssl_certificate /usr/local/etc/letsencrypt/live/garyhtech.uk/fullchain.pem; | |||
ssl_certificate_key /usr/local/etc/letsencrypt/live/garyhtech.uk/privkey.pem; | |||
access_log /usr/local/etc/nginx/logs/wiki.garyhtech.uk.log; | |||
error_log /usr/local/etc/nginx/logs/wiki.garyhtech.uk-error.log; | |||
root /usr/local/www/mediawiki; | |||
index index.php; | |||
add_header X-Content-Type-Options "nosniff"; | |||
# allow larger file uploads and longer script runtimes | |||
client_max_body_size 100m; | |||
client_body_timeout 60; | |||
#Images | |||
location /images { | |||
# Separate location for images/ so .php execution won't apply | |||
add_header X-Content-Type-Options "nosniff"; | |||
} | |||
location /images/deleted { | |||
# Deny access to deleted images folder | |||
deny all; | |||
} | |||
# MediaWiki assets (usually images) | |||
location ~ ^/resources/(assets|lib|src) { | |||
try_files $uri 404; | |||
add_header Cache-Control "public"; | |||
expires 7d; | |||
} | |||
# Assets, scripts and styles from skins and extensions | |||
location ~ ^/(skins|extensions)/.+\.(css|js|gif|jpg|jpeg|png|svg|wasm)$ { | |||
try_files $uri 404; | |||
add_header Cache-Control "public"; | |||
expires 7d; | |||
} | |||
# License and credits files | |||
location ~ ^/(COPYING|CREDITS) { | |||
default_type text/plain; | |||
} | |||
location ~ \.php$ { | |||
try_files $uri =404; | |||
fastcgi_split_path_info ^(.+\.php)(/.+)$; | |||
fastcgi_pass unix:/var/run/php81-fpm.sock; | |||
fastcgi_index index.php; | |||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; | |||
include fastcgi_params; | |||
} | |||
location / { | |||
try_files $uri $uri/ /index.php?$args; | |||
rewrite ^/([^\?]*) /index.php?title=$1&$args last; | |||
}<br>} | |||
} | |||
Latest revision as of 13:52, 15 December 2025
#Redirect for wiki.garyhtech.uk
server {
listen 80;
server_name wiki.garyhtech.uk;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
#listen [::]:80;
http2 on;
server_name wiki.garyhtech.uk;
ssl_certificate /usr/local/etc/letsencrypt/live/garyhtech.uk/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/garyhtech.uk/privkey.pem;
access_log /usr/local/etc/nginx/logs/wiki.garyhtech.uk.log;
error_log /usr/local/etc/nginx/logs/wiki.garyhtech.uk-error.log;
root /usr/local/www/mediawiki;
index index.php;
add_header X-Content-Type-Options "nosniff";
# allow larger file uploads and longer script runtimes
client_max_body_size 100m;
client_body_timeout 60;
#Images
location /images {
# Separate location for images/ so .php execution won't apply
add_header X-Content-Type-Options "nosniff";
}
location /images/deleted {
# Deny access to deleted images folder
deny all;
}
# MediaWiki assets (usually images)
location ~ ^/resources/(assets|lib|src) {
try_files $uri 404;
add_header Cache-Control "public";
expires 7d;
}
# Assets, scripts and styles from skins and extensions
location ~ ^/(skins|extensions)/.+\.(css|js|gif|jpg|jpeg|png|svg|wasm)$ {
try_files $uri 404;
add_header Cache-Control "public";
expires 7d;
}
# License and credits files
location ~ ^/(COPYING|CREDITS) {
default_type text/plain;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php81-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location / {
try_files $uri $uri/ /index.php?$args;
rewrite ^/([^\?]*) /index.php?title=$1&$args last;
}
}
