about summary refs log tree commit diff stats
path: root/tools/conf/etc/nginx
diff options
context:
space:
mode:
authorSilvino Silva <silvino@bk.ru>2016-09-27 23:12:55 +0100
committerSilvino Silva <silvino@bk.ru>2016-09-28 00:16:21 +0100
commit98ae91447d2f29640094398068cca1a884f46d9b (patch)
tree5eaa04cb0719157284de67e20d5e9a990387ace7 /tools/conf/etc/nginx
parent7514d8a93d6c494b58af629f15f688c46de4926c (diff)
downloaddoc-98ae91447d2f29640094398068cca1a884f46d9b.tar.gz
tool ningx revision, added install scripts
Diffstat (limited to 'tools/conf/etc/nginx')
-rw-r--r--tools/conf/etc/nginx/nginx.conf150
-rw-r--r--tools/conf/etc/nginx/sites/default.conf82
-rw-r--r--tools/conf/etc/nginx/sites/drupal.conf129
-rw-r--r--tools/conf/etc/nginx/sites/laravel.conf28
4 files changed, 389 insertions, 0 deletions
diff --git a/tools/conf/etc/nginx/nginx.conf b/tools/conf/etc/nginx/nginx.conf
new file mode 100644
index 0000000..088a798
--- /dev/null
+++ b/tools/conf/etc/nginx/nginx.conf
@@ -0,0 +1,150 @@
+#
+# /etc/nginx/nginx.conf - nginx server configuration
+#
+
+
+user nginx;
+worker_processes auto;
+
+error_log /var/log/nginx/error.log;
+
+pid /var/run/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    include       mime.types;
+    default_type  application/octet-stream;
+
+    ##
+    # SSL Settings
+    ##
+    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
+    ssl_prefer_server_ciphers on;
+
+    # ssl on;
+    ssl_certificate /etc/ssl/certs/nginx.crt;
+    ssl_certificate_key /etc/ssl/keys/nginx.key;
+
+    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+    #                  '$status $body_bytes_sent "$http_referer" '
+    #                  '"$http_user_agent" "$http_x_forwarded_for"';
+
+    access_log /var/log/nginx/access.log;
+    error_log  /var/log/nginx/error.log
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    keepalive_timeout  65;
+    client_body_timeout 12;
+    client_header_timeout 12;
+    send_timeout 65;
+
+
+    gzip  on;
+    gzip_vary on;
+    #gzip_proxied any;
+    gzip_comp_level 9;
+    # gzip_buffers 16 8k;
+    # gzip_http_version 1.1;
+    gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
+
+
+    ##
+    # Virtual Host Configs
+    ##
+    server {
+        listen         80 default_server;
+	server_name _;
+        return         301 https://$host$request_uri;
+    }
+
+    include /etc/nginx/conf.d/*.conf;
+    include /etc/nginx/sites-enabled/*.conf;
+
+    #server {
+    #    listen       80;
+    #    server_name  localhost;
+    #
+    #    #charset koi8-r;
+    #
+    #    location / {
+    #        root   html;
+    #        index  index.html index.htm;
+    #    }
+    #
+    #    error_page  404              /404.html;
+    #
+    #    # redirect server error pages to the static page /50x.html
+    #    #
+    #    error_page   500 502 503 504  /50x.html;
+    #    location = /50x.html {
+    #        root   html;
+    #    }
+    #
+    #    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
+    #    #
+    #    #location ~ \.php$ {
+    #    #    proxy_pass   http://127.0.0.1;
+    #    #}
+    #
+    #    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+    #    #
+    #    #location ~ \.php$ {
+    #    #    root           html;
+    #    #    fastcgi_pass   127.0.0.1:9000;
+    #    #    fastcgi_index  index.php;
+    #    #    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
+    #    #    include        fastcgi_params;
+    #    #}
+    #
+    #    # deny access to .htaccess files, if Apache's document root
+    #    # concurs with nginx's one
+    #    #
+    #    #location ~ /\.ht {
+    #    #    deny  all;
+    #    #}
+    #}
+
+
+    # another virtual host using mix of IP-, name-, and port-based configuration
+    #
+    #server {
+    #    listen       8000;
+    #    listen       somename:8080;
+    #    server_name  somename  alias  another.alias;
+
+    #    location / {
+    #        root   html;
+    #        index  index.html index.htm;
+    #    }
+    #}
+
+
+    # HTTPS server
+    #
+    #server {
+    #    listen       443 ssl;
+    #    server_name  localhost;
+
+    #    ssl_certificate      cert.pem;
+    #    ssl_certificate_key  cert.key;
+
+    #    ssl_session_cache    shared:SSL:1m;
+    #    ssl_session_timeout  5m;
+
+    #    ssl_ciphers  HIGH:!aNULL:!MD5;
+    #    ssl_prefer_server_ciphers  on;
+
+    #    location / {
+    #        root   html;
+    #        index  index.html index.htm;
+    #    }
+    #}
+
+}
diff --git a/tools/conf/etc/nginx/sites/default.conf b/tools/conf/etc/nginx/sites/default.conf
new file mode 100644
index 0000000..95be0b7
--- /dev/null
+++ b/tools/conf/etc/nginx/sites/default.conf
@@ -0,0 +1,82 @@
+
+server {
+	listen       80;
+	server_name  localhost;
+
+#charset koi8-r;
+
+	location / {
+		root   html;
+		index  index.html index.htm;
+	}
+
+	error_page  404              /404.html;
+
+	# redirect server error pages to the static page /50x.html
+	#
+	error_page   500 502 503 504  /50x.html;
+	location = /50x.html {
+		root   html;
+	}
+
+# proxy the PHP scripts to Apache listening on 127.0.0.1:80
+#
+#location ~ \.php$ {
+#    proxy_pass   http://127.0.0.1;
+#}
+
+# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
+#
+#location ~ \.php$ {
+#    root           html;
+#    fastcgi_pass   127.0.0.1:9000;
+#    fastcgi_index  index.php;
+#    fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
+#    include        fastcgi_params;
+#}
+
+# deny access to .htaccess files, if Apache's document root
+# concurs with nginx's one
+#
+#location ~ /\.ht {
+#    deny  all;
+#}
+}
+
+
+# another virtual host using mix of IP-, name-, and port-based configuration
+#
+#server {
+#    listen       8000;
+#    listen       somename:8080;
+#    server_name  somename  alias  another.alias;
+
+#    location / {
+#        root   html;
+#        index  index.html index.htm;
+#    }
+#}
+
+
+# HTTPS server
+#
+#server {
+#    listen       443 ssl;
+#    server_name  localhost;
+
+#    ssl_certificate      cert.pem;
+#    ssl_certificate_key  cert.key;
+
+#    ssl_session_cache    shared:SSL:1m;
+#    ssl_session_timeout  5m;
+
+#    ssl_ciphers  HIGH:!aNULL:!MD5;
+#    ssl_prefer_server_ciphers  on;
+
+#    location / {
+#        root   html;
+#        index  index.html index.htm;
+#    }
+#}
+
+
diff --git a/tools/conf/etc/nginx/sites/drupal.conf b/tools/conf/etc/nginx/sites/drupal.conf
new file mode 100644
index 0000000..39b096a
--- /dev/null
+++ b/tools/conf/etc/nginx/sites/drupal.conf
@@ -0,0 +1,129 @@
+server {
+
+        listen 192.168.1.254:443 ssl;
+        listen 10.0.0.254:443 ssl;
+
+        server_name core.privat-network.net;
+
+        root /srv/www/drupal; ## &lt;-- Your only path reference.
+
+        # Enable compression, this will help if you have for instance advagg¿? module
+        # by serving Gzip versions of the files.
+        gzip_static on;
+
+        location ~ ^/stats/(.*)$ {
+            alias /srv/www/stats/$1;
+            autoindex on;
+        }
+
+        location /sysdoc {
+            alias /srv/www/sysdoc;
+            autoindex on;
+        }
+
+        location /ports {
+            alias /var/ports/ports;
+            autoindex on;
+        }
+
+        location /distfiles {
+            alias /var/ports/distfiles;
+            autoindex on;
+        }
+
+
+        location /packages {
+            root /var/ports/packages;
+            autoindex off;
+        }
+
+
+        location = /favicon.ico {
+            log_not_found off;
+            access_log off;
+        }
+
+        location = /robots.txt {
+                allow all;
+                log_not_found off;
+        }
+
+        # This matters if you use drush prior to 5.x
+        # After 5.x backups are stored outside the Drupal install.
+        #location = /backup {
+        #        deny all;
+        #}
+
+        # Very rarely should these ever be accessed outside of your lan
+        location ~* \.(txt|log)$ {
+                allow 192.168.0.0/16;
+                deny all;
+        }
+
+        location ~ \..*/.*\.php$ {
+                return 403;
+        }
+
+        # No no for private
+        location ~ ^/sites/.*/private/ {
+                return 403;
+        }
+
+        # Block access to "hidden" files and directories whose names begin with a
+        # period. This includes directories used by version control systems such
+        # as Subversion or Git to store control files.
+        location ~ (^|/)\. {
+                return 403;
+        }
+
+        location / {
+                # This is cool because no php is touched for static content
+                try_files $uri @rewrite;
+        }
+
+        location ~* /update.php*/.*$ {
+                # You have 2 options here
+                # For D7 and above:
+                # Clean URLs are handled in drupal_environment_initialize().
+                rewrite ^ /update.php;
+                # For Drupal 6 and bwlow:
+                # Some modules enforce no slash (/) at the end of the URL
+                # Else this rewrite block wouldn't be needed (GlobalRedirect)
+                #rewrite ^/(.*)$ /index.php?q=$1;
+        }
+
+        location @rewrite {
+                # You have 2 options here
+                # For D7 and above:
+                # Clean URLs are handled in drupal_environment_initialize().
+                rewrite ^ /index.php;
+                # For Drupal 6 and bwlow:
+                # Some modules enforce no slash (/) at the end of the URL
+                # Else this rewrite block wouldn't be needed (GlobalRedirect)
+                #rewrite ^/(.*)$ /index.php?q=$1;
+        }
+
+        location ~ \.php$ {
+                fastcgi_split_path_info ^(.+\.php)(/.+)$;
+                #NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
+                include fastcgi_params;
+                fastcgi_param SCRIPT_FILENAME $request_filename;
+                fastcgi_intercept_errors on;
+                #fastcgi_pass unix:/tmp/phpfpm.sock;
+                fastcgi_pass 127.0.0.1:9000;
+        }
+
+        # Fighting with Styles? This little gem is amazing.
+        # This is for D6
+        #location ~ ^/sites/.*/files/imagecache/ {
+        # This is for D7 and D8
+        location ~ ^/sites/.*/files/styles/ {
+                try_files $uri @rewrite;
+        }
+
+        location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
+                expires max;
+                #log_not_found off;
+        }
+
+}
diff --git a/tools/conf/etc/nginx/sites/laravel.conf b/tools/conf/etc/nginx/sites/laravel.conf
new file mode 100644
index 0000000..f648f17
--- /dev/null
+++ b/tools/conf/etc/nginx/sites/laravel.conf
@@ -0,0 +1,28 @@
+server {
+    listen 443 ssl;
+    # listen [::]:443 ssl;
+
+    root /srv/www/atom/public;
+    server_name core.privat-network.net;
+
+    location /sysdoc {
+        alias /srv/www/sysdoc;
+        index index.html;
+        autoindex on;
+    }
+
+    index index.php;
+    location / {
+        try_files $uri $uri/ /index.php$is_args$args;
+    }
+
+    location ~ \.php$ {
+        fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        fastcgi_index index.php;
+        # try_files $uri /index.php =404;
+        include /etc/nginx/fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        # fastcgi_pass unix:/var/run/php5-fpm.sock;
+        fastcgi_pass 127.0.0.1:9000;
+    }
+}