Nginxconf: Difference between revisions
From GaryH Tech's Wiki
No edit summary |
No edit summary |
||
| Line 12: | Line 12: | ||
server { | server {<br> | ||
listen 443 ssl; | |||
#listen [::]:80; | listen 443 ssl;<br> | ||
http2 on; | |||
server_name wiki.garyhtech.uk; | #listen [::]:80;<br> | ||
ssl_certificate /usr/local/etc/letsencrypt/live/garyhtech.uk/fullchain.pem; | |||
ssl_certificate_key /usr/local/etc/letsencrypt/live/garyhtech.uk/privkey.pem; | http2 on;<br> | ||
access_log /usr/local/etc/nginx/logs/wiki.garyhtech.uk.log; | |||
error_log /usr/local/etc/nginx/logs/wiki.garyhtech.uk-error.log; | server_name wiki.garyhtech.uk;<br> | ||
root /usr/local/www/mediawiki; | |||
index index.php; | ssl_certificate /usr/local/etc/letsencrypt/live/garyhtech.uk/fullchain.pem;<br> | ||
add_header X-Content-Type-Options "nosniff"; | |||
# allow larger file uploads and longer script runtimes | ssl_certificate_key /usr/local/etc/letsencrypt/live/garyhtech.uk/privkey.pem;<br> | ||
client_max_body_size 100m; | |||
client_body_timeout 60; | access_log /usr/local/etc/nginx/logs/wiki.garyhtech.uk.log;<br> | ||
error_log /usr/local/etc/nginx/logs/wiki.garyhtech.uk-error.log;<br> | |||
root /usr/local/www/mediawiki;<br> | |||
index index.php;<br> | |||
add_header X-Content-Type-Options "nosniff";<br> | |||
# allow larger file uploads and longer script runtimes<br> | |||
client_max_body_size 100m;<br> | |||
client_body_timeout 60;<br> | |||
# Images | # Images | ||
location /w/images { | location /w/images { | ||
Revision as of 13:37, 15 December 2025
Redirect for wiki.garyhtech.uk
server {
listen 80;
server_name wiki.garyhtech.uk;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
#listen [::]:80;
http2 on;
server_name wiki.garyhtech.uk;
ssl_certificate /usr/local/etc/letsencrypt/live/garyhtech.uk/fullchain.pem;
ssl_certificate_key /usr/local/etc/letsencrypt/live/garyhtech.uk/privkey.pem;
access_log /usr/local/etc/nginx/logs/wiki.garyhtech.uk.log;
error_log /usr/local/etc/nginx/logs/wiki.garyhtech.uk-error.log;
root /usr/local/www/mediawiki;
index index.php;
add_header X-Content-Type-Options "nosniff";
# allow larger file uploads and longer script runtimes
client_max_body_size 100m;
client_body_timeout 60;
# Images
location /w/images {
# Separate location for images/ so .php execution won't apply
add_header X-Content-Type-Options "nosniff";
}
location /w/images/deleted {
# Deny access to deleted images folder
deny all;
}
# MediaWiki assets (usually images)
location ~ ^/w/resources/(assets|lib|src) {
try_files $uri 404;
add_header Cache-Control "public";
expires 7d;
}
# Assets, scripts and styles from skins and extensions
location ~ ^/w/(skins|extensions)/.+\.(css|js|gif|jpg|jpeg|png|svg|wasm)$ {
try_files $uri 404; add_header Cache-Control "public"; expires 7d;
}
# License and credits files
location ~ ^/w/(COPYING|CREDITS) {
default_type text/plain;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php81-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
}
