summaryrefslogtreecommitdiffstats
path: root/templates/nginx.j2
diff options
context:
space:
mode:
authorRomain Porte <microjoe@microjoe.org>2017-07-14 17:53:51 +0200
committerRomain Porte <microjoe@microjoe.org>2017-07-14 17:53:51 +0200
commitace3fdadab5a3a1bfb3c88f957fefb99e815020c (patch)
tree3be8af97817a44dc53c2eb3b91aed73aad63b0b4 /templates/nginx.j2
downloadMicroJoe.ttrss-ace3fdadab5a3a1bfb3c88f957fefb99e815020c.tar.gz
MicroJoe.ttrss-ace3fdadab5a3a1bfb3c88f957fefb99e815020c.zip
Initial commit
Diffstat (limited to 'templates/nginx.j2')
-rw-r--r--templates/nginx.j267
1 files changed, 67 insertions, 0 deletions
diff --git a/templates/nginx.j2 b/templates/nginx.j2
new file mode 100644
index 0000000..2046c35
--- /dev/null
+++ b/templates/nginx.j2
@@ -0,0 +1,67 @@
+server {
+ listen 80;
+ listen [::]:80;
+
+ server_name {{ nginx_server_name }};
+ access_log /var/log/nginx/{{ nginx_server_name }}.access.log;
+ error_log /var/log/nginx/{{ nginx_server_name }}.error.log;
+
+ {% if letsencrypt_activate %}
+ location .well-known {
+ root {{ letsencrypt_wellknown }};
+ }
+
+ {% if letsencrypt_https %}
+ location / {
+ rewrite ^(.*)$ https://{{ nginx_server_name }}$1 permanent;
+ }
+}
+
+server {
+ listen 443 ssl;
+ listen [::]:443 ssl;
+
+ server_name {{ nginx_server_name }};
+ access_log /var/log/nginx/{{ nginx_server_name }}.access.log;
+ error_log /var/log/nginx/{{ nginx_server_name }}.error.log;
+
+ ssl on;
+ ssl_certificate /etc/letsencrypt/live/{{ letsencrypt_domain }}/fullchain.pem;
+ ssl_certificate_key /etc/letsencrypt/live/{{ letsencrypt_domain }}/privkey.pem;
+
+ include /etc/nginx/snippets/ssl.conf;
+
+ {% endif %}
+ {% endif %}
+
+ root {{ ttrss_base }};
+
+ location / {
+ index index.php;
+ }
+
+ location /cache {
+ deny all;
+ }
+
+ location = config.php {
+ deny all;
+ }
+
+ location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
+ # cache static assets
+ expires max;
+ add_header Pragma public;
+ add_header Cache-Control "public, must-revalidate, proxy-revalidate";
+ }
+
+ location ~ \.php$ {
+ try_files $uri = 404;
+ fastcgi_split_path_info ^(.+\.php)(/.+)$;
+
+ # filter and proxy PHP requests to PHP-FPM
+ fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
+ fastcgi_index index.php;
+ include fastcgi.conf;
+ }
+}