Nginxconf
From GaryH Tech's Wiki
Redirect for wiki.garyhtech.uk
server { listen 80; server_name wiki.garyhtech.uk; return 301 https://$server_name$request_uri; }
server { listen 443 ssl; #listen [::]:80; http2 on; server_name wiki.garyhtech.uk; ssl_certificate /usr/local/etc/letsencrypt/live/garyhtech.uk/fullchain.pem; ssl_certificate_key /usr/local/etc/letsencrypt/live/garyhtech.uk/privkey.pem; access_log /usr/local/etc/nginx/logs/wiki.garyhtech.uk.log; error_log /usr/local/etc/nginx/logs/wiki.garyhtech.uk-error.log;
root /usr/local/www/mediawiki;
index index.php;
add_header X-Content-Type-Options "nosniff";
# allow larger file uploads and longer script runtimes
client_max_body_size 100m;
client_body_timeout 60;
# Images
location /w/images {
# Separate location for images/ so .php execution won't apply
add_header X-Content-Type-Options "nosniff";
}
location /w/images/deleted {
# Deny access to deleted images folder
deny all;
}
# MediaWiki assets (usually images)
location ~ ^/w/resources/(assets|lib|src) {
try_files $uri 404;
add_header Cache-Control "public";
expires 7d;
}
# Assets, scripts and styles from skins and extensions
location ~ ^/w/(skins|extensions)/.+\.(css|js|gif|jpg|jpeg|png|svg|wasm)$ {
try_files $uri 404; add_header Cache-Control "public"; expires 7d;
}
# License and credits files
location ~ ^/w/(COPYING|CREDITS) {
default_type text/plain;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php81-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
}
