Initial commit

1 files changed, 67 insertions, 0 deletions

diff --git a/templates/nginx.j2 b/templates/nginx.j2
new file mode 100644
index 0000000..2046c35
--- /dev/null
+++ b/templates/nginx.j2
@@ -0,0 +1,67 @@
+server {
+	listen 80;
+	listen [::]:80;
+
+	server_name {{ nginx_server_name }};
+	access_log /var/log/nginx/{{ nginx_server_name }}.access.log;
+	error_log /var/log/nginx/{{ nginx_server_name }}.error.log;
+
+	{% if letsencrypt_activate %}
+	location .well-known {
+		root {{ letsencrypt_wellknown }};
+	}
+
+	{% if letsencrypt_https %}
+	location / {
+		rewrite ^(.*)$ https://{{ nginx_server_name }}$1 permanent;
+	}
+}
+
+server {
+	listen 443 ssl;
+	listen [::]:443 ssl;
+
+	server_name {{ nginx_server_name }};
+	access_log /var/log/nginx/{{ nginx_server_name }}.access.log;
+	error_log /var/log/nginx/{{ nginx_server_name }}.error.log;
+
+	ssl on;
+	ssl_certificate /etc/letsencrypt/live/{{ letsencrypt_domain }}/fullchain.pem;
+	ssl_certificate_key /etc/letsencrypt/live/{{ letsencrypt_domain }}/privkey.pem;
+
+	include /etc/nginx/snippets/ssl.conf;
+
+	{% endif %}
+	{% endif %}
+
+	root {{ ttrss_base }};
+
+	location / {
+		index index.php;
+	}
+
+	location /cache {
+		deny all;
+	}
+
+	location = config.php {
+		deny all;
+	}
+
+	location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
+		# cache static assets
+		expires    max;
+		add_header Pragma public;
+		add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+	}
+
+	location ~ \.php$ {
+		try_files $uri = 404;
+		fastcgi_split_path_info ^(.+\.php)(/.+)$;
+
+		# filter and proxy PHP requests to PHP-FPM
+		fastcgi_pass   unix:/var/run/php/php7.0-fpm.sock;
+		fastcgi_index  index.php;
+		include        fastcgi.conf;
+	}
+}