From: Ludovic CHEVALIER Date: Fri, 8 Jul 2016 14:04:23 +0000 (+0200) Subject: Modifications : etc/nginx/org/lesjantesdunord/www/common.conf.m4 X-Git-Url: http://git.cyclocoop.org/?p=lhc%2Fadmin.git;a=commitdiff_plain;h=449a1615d9c741167e6a74ddede7dba701027e76 Modifications : etc/nginx/org/lesjantesdunord/www/common.conf.m4 --- diff --git a/srv/ateliers/etc/nginx/org/lesjantesdunord/www/common.conf.m4 b/srv/ateliers/etc/nginx/org/lesjantesdunord/www/common.conf.m4 index 5845da8..050176e 100644 --- a/srv/ateliers/etc/nginx/org/lesjantesdunord/www/common.conf.m4 +++ b/srv/ateliers/etc/nginx/org/lesjantesdunord/www/common.conf.m4 @@ -1,11 +1,57 @@ server_name www.lesjantesdunord.org lesjantesdunord.heureux-cyclage.org; -root /home/www/data/org/lesjantesdunord/www; - -index index.html; +root /home/www/data/org/lesjantesdunord/www/www; +rewrite /wp-admin$ $scheme://$host$uri/ permanent; + # Add trailing slash to */wp-admin requests. +location = /wp-admin/ { + return 301 /wp-admin/index.php?$args; + } location / { - try_files $uri $uri/ /index.html; -} + index index.html index.htm index.php; + try_files $uri $uri/ /index.php?$args; + } +location ~* ^.+\.(css|gif|html|ico|jpeg|js|jpg|png|txt|xml)$ { + access_log off; + expires 30d; + log_not_found off; + } +location ~ /\. { + access_log off; + deny all; + log_not_found off; + } +location ~ \.php(|/.+)$ { + include /etc/nginx/conf.d/fastcgi.conf; + set $no_cache "0"; + if ($request_method !~ ^(GET|HEAD)$) { + # NOTE: if non GET/HEAD, don't cache and mark user as uncacheable for 1 second via cookie. + set $no_cache "1"; + } + if ($no_cache = "1") { + # NOTE: drop no cache cookie if need be (for some reason, add_header fails if included in prior if-block). + add_header Set-Cookie "_mcnc=1; Max-Age=2; Path=/"; + add_header X-Microcachable "0"; + } + if ($http_cookie ~* "_mcnc") { + # NOTE: bypass cache if no-cache cookie is set + set $no_cache "1"; + } + fastcgi_cache_bypass $no_cache; + fastcgi_cache_use_stale updating; + fastcgi_cache_valid 200 10s; + fastcgi_cache_valid 404 10m; + fastcgi_ignore_headers Cache-Control Expires Set-Cookie; + fastcgi_index index.php; + fastcgi_no_cache $no_cache; + fastcgi_param REDIRECT_STATUS 200; + # NOTE: PHP only, required if PHP was built with --enable-force-cgi-redirect + fastcgi_pass_header Cookie; + fastcgi_pass_header Set-Cookie; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + try_files $fastcgi_script_name =404; + # Check for path info security issue + fastcgi_pass unix:CAT(sys/php5/fpm/org/lesjantesdunord/www/socket); + } # vim: ft=sh diff --git a/srv/ateliers/etc/nginx/org/lesjantesdunord/www/install b/srv/ateliers/etc/nginx/org/lesjantesdunord/www/install deleted file mode 120000 index 135b97d..0000000 --- a/srv/ateliers/etc/nginx/org/lesjantesdunord/www/install +++ /dev/null @@ -1 +0,0 @@ -.../lib/tool/admin/etc/nginx/$site/install \ No newline at end of file diff --git a/srv/ateliers/etc/nginx/org/lesjantesdunord/www/install b/srv/ateliers/etc/nginx/org/lesjantesdunord/www/install new file mode 100755 index 0000000..5510261 --- /dev/null +++ b/srv/ateliers/etc/nginx/org/lesjantesdunord/www/install @@ -0,0 +1,26 @@ +#!/bin/sh -eu +# SYNTAX: $path +# DESCRIPTION: install + +# ACTION: initialize from .../lib/tool/admin/ + tool=$(readlink -e "${0%/install}"/...)/lib/tool/admin + . "$tool"/lib/install.sh +# ACTION: initialize $sv from ./sys/$sv/ + sv=${cmd##*/etc/} + sv=${sv%%/*} +# ACTION: initialize $site from ./etc/$sv/$site/install + site=${cmd##*/"$sv"/} + site=${site%/install} +# ACTION: install from ./etc/nginx/\$site/install + "$tool"/etc/nginx/\$site/install "$site" +# TODO: invoke php install script /etc/php5/fpm/org/lesjantesdunord/www/install +# ACTION: install from ./etc/nginx/org/lesjantesdunord/www + pool=$("$tool"/cat sys/php5/fpm/org/lesjantesdunord/www/user) + user=$("$tool"/cat sys/nginx/org/lesjantesdunord/www/user) + home=$("$tool"/cat sys/nginx/org/lesjantesdunord/www/home) + "$tool"/ssh-sudo adduser "$pool" "$user" + "$tool"/etc/mysql/user/install "$pool" + "$tool"/etc/mysql/database/install "$pool" + "$tool"/install etc/nginx/org/lesjantesdunord/www + wwwuser=$("$tool"/cat sys/nginx/org/lesjantesdunord/www/user) + "$tool"/ssh-sudo adduser "$wwwuser" sftp