Nginxconf: Difference between revisions
From GaryH Tech's Wiki
No edit summary |
No edit summary Tag: Reverted |
||
| Line 1: | Line 1: | ||
<code>Redirect for wiki.garyhtech.uk | |||
server { | server { | ||
listen 80; | listen 80; | ||
server_name wiki.garyhtech.uk; | server_name wiki.garyhtech.uk; | ||
return 301 <nowiki>https://$server_name$request_uri</nowiki>; | return 301 <nowiki>https://$server_name$request_uri</nowiki>; | ||
} | }</code> | ||
server { | <code>server { | ||
listen 443 ssl; | listen 443 ssl; | ||
#listen [::]:80; | #listen [::]:80; | ||
| Line 23: | Line 22: | ||
client_body_timeout 60; | client_body_timeout 60; | ||
# Images | # Images | ||
location | location /images { | ||
# Separate location for images/ so .php execution won't apply | # Separate location for images/ so .php execution won't apply | ||
add_header X-Content-Type-Options "nosniff"; | add_header X-Content-Type-Options "nosniff"; | ||
} | } | ||
location | location /images/deleted { | ||
# Deny access to deleted images folder | # Deny access to deleted images folder | ||
deny all; | deny all; | ||
} | }</code> | ||
# MediaWiki assets (usually images) | <code> # MediaWiki assets (usually images) | ||
location ~ ^ | location ~ ^/resources/(assets|lib|src) { | ||
try_files $uri 404; | try_files $uri 404; | ||
add_header Cache-Control "public"; | add_header Cache-Control "public"; | ||
expires 7d; | expires 7d; | ||
} | }</code> | ||
# Assets, scripts and styles from skins and extensions | <code> # Assets, scripts and styles from skins and extensions | ||
location ~ ^ | location ~ ^/(skins|extensions)/.+\.(css|js|gif|jpg|jpeg|png|svg|wasm)$ { | ||
try_files $uri 404; | try_files $uri 404; | ||
add_header Cache-Control "public"; | add_header Cache-Control "public"; | ||
expires 7d; | expires 7d; | ||
} | }</code> | ||
# License and credits files | <code> # License and credits files | ||
location ~ ^ | location ~ ^/(COPYING|CREDITS) { | ||
default_type text/plain; | default_type text/plain; | ||
} | }</code> | ||
location ~ \.php$ { | <code> location ~ \.php$ { | ||
try_files $uri =404; | try_files $uri =404; | ||
fastcgi_split_path_info ^(.+\.php)(/.+)$; | fastcgi_split_path_info ^(.+\.php)(/.+)$; | ||
| Line 59: | Line 58: | ||
} | } | ||
} | } | ||
</code> | |||
Revision as of 13:35, 15 December 2025
Redirect for wiki.garyhtech.uk
server {
listen 80;
server_name wiki.garyhtech.uk;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
#listen [::]:80;
http2 on;
server_name wiki.garyhtech.uk;
ssl_certificate /usr/local/etc/letsencrypt/live/garyhtech.uk/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/garyhtech.uk/privkey.pem;
access_log /usr/local/etc/nginx/logs/wiki.garyhtech.uk.log;
error_log /usr/local/etc/nginx/logs/wiki.garyhtech.uk-error.log;
root /usr/local/www/mediawiki;
index index.php;
add_header X-Content-Type-Options "nosniff";
# allow larger file uploads and longer script runtimes
client_max_body_size 100m;
client_body_timeout 60;
# Images
location /images {
# Separate location for images/ so .php execution won't apply
add_header X-Content-Type-Options "nosniff";
}
location /images/deleted { # Deny access to deleted images folder deny all; }# MediaWiki assets (usually images) location ~ ^/resources/(assets|lib|src) { try_files $uri 404; add_header Cache-Control "public"; expires 7d;
}
# Assets, scripts and styles from skins and extensions
location ~ ^/(skins|extensions)/.+\.(css|js|gif|jpg|jpeg|png|svg|wasm)$ {
try_files $uri 404;
add_header Cache-Control "public";
expires 7d;
}
# License and credits files
location ~ ^/(COPYING|CREDITS) {
default_type text/plain;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php81-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
}
