blob: 015e475123b56d0a18afe7942b9b444e78a8acdf (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
|
server {
listen 80;
listen [::]:80;
server_name {{ nginx_server_name }};
access_log /var/log/nginx/{{ nginx_server_name }}.access.log;
error_log /var/log/nginx/{{ nginx_server_name }}.error.log;
{% if letsencrypt_activate %}
location ^~ /.well-known/acme-challenge {
root {{ letsencrypt_wellknown }};
}
{% if letsencrypt_https %}
location / {
rewrite ^(.*)$ https://{{ nginx_server_name }}$1 permanent;
}
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_name {{ nginx_server_name }};
access_log /var/log/nginx/{{ nginx_server_name }}.access.log;
error_log /var/log/nginx/{{ nginx_server_name }}.error.log;
ssl on;
ssl_certificate /etc/letsencrypt/live/{{ letsencrypt_domain }}/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/{{ letsencrypt_domain }}/privkey.pem;
include /etc/nginx/snippets/ssl.conf;
{% endif %}
{% endif %}
root {{ ttrss_base }};
location / {
index index.php;
}
location /cache {
deny all;
}
location = config.php {
deny all;
}
location ~* \.(?:ico|css|js|gif|jpe?g|png)$ {
# cache static assets
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
location ~ \.php$ {
try_files $uri = 404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# filter and proxy PHP requests to PHP-FPM
fastcgi_pass unix:/var/run/php/php7.3-fpm-ttrss.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
}
|
