From 37b29231e47a0c4458dc1c15d98588f16f07e1e2 Mon Sep 17 00:00:00 2001
From: Marius Cramer <m.cramer@pixcept.de>
Date: Thu, 06 Aug 2015 03:18:44 -0400
Subject: [PATCH] - don't set password via remoting if field is empty
---
server/conf/nginx_vhost.conf.master | 269 +++++++++++++++++++++++++++++++++++++++++++++++------
1 files changed, 235 insertions(+), 34 deletions(-)
diff --git a/server/conf/nginx_vhost.conf.master b/server/conf/nginx_vhost.conf.master
index 9da8c2b..4a775ce 100644
--- a/server/conf/nginx_vhost.conf.master
+++ b/server/conf/nginx_vhost.conf.master
@@ -1,44 +1,115 @@
server {
listen <tmpl_var name='ip_address'>:80;
- <tmpl_if name='ssl_enabled'>
+<tmpl_if name='ipv6_enabled'>
+ listen [<tmpl_var name='ipv6_address'>]:80;
+</tmpl_if>
- listen <tmpl_var name='ip_address'>:443 ssl;
+<tmpl_if name='ssl_enabled'>
+ listen <tmpl_var name='ip_address'>:443 ssl{tmpl_if name='enable_spdy' op='==' value='y'} spdy{/tmpl_if};
+ ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+<tmpl_if name='ipv6_enabled'>
+ listen [<tmpl_var name='ipv6_address'>]:443 ssl{tmpl_if name='enable_spdy' op='==' value='y'} spdy{/tmpl_if};
+</tmpl_if>
ssl_certificate <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.crt;
ssl_certificate_key <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.key;
- </tmpl_if>
+</tmpl_if>
server_name <tmpl_var name='domain'> <tmpl_var name='alias'>;
root <tmpl_var name='web_document_root_www'>;
-
- location / {
- index index.html index.php;
+
+<tmpl_if name='seo_redirect_enabled'>
+ if ($http_host <tmpl_var name='seo_redirect_operator'> "<tmpl_var name='seo_redirect_origin_domain'>") {
+ rewrite ^ $scheme://<tmpl_var name='seo_redirect_target_domain'>$request_uri? permanent;
}
+</tmpl_if>
+<tmpl_loop name="alias_seo_redirects">
+ if ($http_host <tmpl_var name='alias_seo_redirect_operator'> "<tmpl_var name='alias_seo_redirect_origin_domain'>") {
+ rewrite ^ $scheme://<tmpl_var name='alias_seo_redirect_target_domain'>$request_uri? permanent;
+ }
+</tmpl_loop>
+<tmpl_loop name="local_redirects">
+ if ($http_host <tmpl_var name='local_redirect_operator'> "<tmpl_var name='local_redirect_origin_domain'>") {
+ rewrite ^<tmpl_var name='local_redirect_exclude'>(.*)$ <tmpl_var name='local_redirect_target'>$2 <tmpl_var name='local_redirect_type'>;
+ }
+</tmpl_loop>
+<tmpl_if name='ssl_enabled'>
+<tmpl_if name='rewrite_to_https' op='==' value='y'>
+ if ($scheme != "https") {
+ rewrite ^ https://$http_host$request_uri? permanent;
+ }
+</tmpl_if>
+</tmpl_if>
+
+<tmpl_loop name="own_redirects">
+<tmpl_if name='use_rewrite'>
+ <tmpl_if name='exclude_own_hostname'>if ($http_host != "<tmpl_var name='exclude_own_hostname'>") { </tmpl_if>rewrite ^<tmpl_var name='rewrite_exclude'>(.*)$ <tmpl_var name='rewrite_target'>$2 <tmpl_var name='rewrite_type'>;<tmpl_if name='exclude_own_hostname'> }</tmpl_if>
+</tmpl_if>
+<tmpl_if name='use_proxy'>
+ location / {
+ proxy_pass <tmpl_var name='rewrite_target'>;
+ <tmpl_if name='rewrite_subdir'>rewrite ^/<tmpl_var name='rewrite_subdir'>(.*) /$1;</tmpl_if>
+<tmpl_loop name="proxy_directives">
+ <tmpl_var name='proxy_directive'>
+</tmpl_loop>
+ }
+</tmpl_if>
+</tmpl_loop>
+<tmpl_if name='use_proxy' op='!=' value='y'>
+ index index.html index.htm index.php index.cgi index.pl index.xhtml;
- <tmpl_if name='ssi' op='==' value='y'>
-
+<tmpl_if name='ssi' op='==' value='y'>
location ~ \.shtml$ {
ssi on;
}
- </tmpl_if>
+</tmpl_if>
- <tmpl_if name='errordocs'>
-
+<tmpl_if name='errordocs'>
error_page 400 /error/400.html;
error_page 401 /error/401.html;
error_page 403 /error/403.html;
error_page 404 /error/404.html;
error_page 405 /error/405.html;
error_page 500 /error/500.html;
+ error_page 502 /error/502.html;
error_page 503 /error/503.html;
- </tmpl_if>
+ recursive_error_pages on;
+ location = /error/400.html {
+ <tmpl_var name='web_document_root_www_proxy'>
+ internal;
+ }
+ location = /error/401.html {
+ <tmpl_var name='web_document_root_www_proxy'>
+ internal;
+ }
+ location = /error/403.html {
+ <tmpl_var name='web_document_root_www_proxy'>
+ internal;
+ }
+ location = /error/404.html {
+ <tmpl_var name='web_document_root_www_proxy'>
+ internal;
+ }
+ location = /error/405.html {
+ <tmpl_var name='web_document_root_www_proxy'>
+ internal;
+ }
+ location = /error/500.html {
+ <tmpl_var name='web_document_root_www_proxy'>
+ internal;
+ }
+ location = /error/502.html {
+ <tmpl_var name='web_document_root_www_proxy'>
+ internal;
+ }
+ location = /error/503.html {
+ <tmpl_var name='web_document_root_www_proxy'>
+ internal;
+ }
+</tmpl_if>
error_log /var/log/ispconfig/httpd/<tmpl_var name='domain'>/error.log;
-
- # serve static files directly
- location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt)$ {
- access_log off;
- }
+ access_log /var/log/ispconfig/httpd/<tmpl_var name='domain'>/access.log combined;
## Disable .htaccess and other hidden files
location ~ /\. {
@@ -58,42 +129,172 @@
access_log off;
}
- location /stats {
+ location /stats/ {
+ <tmpl_var name='web_document_root_www_proxy'>
index index.html index.php;
auth_basic "Members Only";
auth_basic_user_file <tmpl_var name='stats_auth_passwd_file'>;
}
- <tmpl_if name='php' op='==' value='fast-cgi'>
-
+ location ^~ /awstats-icon {
+ alias /usr/share/awstats/icon;
+ }
+
location ~ \.php$ {
+ try_files <tmpl_var name='rnd_php_dummy_file'> @php;
+ }
+
+<tmpl_if name='php' op='==' value='php-fpm'>
+ location @php {
+ try_files $uri =404;
+ include /etc/nginx/fastcgi_params;
+<tmpl_if name='use_tcp'>
fastcgi_pass 127.0.0.1:<tmpl_var name='fpm_port'>;
+</tmpl_if>
+<tmpl_if name='use_socket'>
+ fastcgi_pass unix:<tmpl_var name='fpm_socket'>;
+</tmpl_if>
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- fastcgi_param PATH_INFO $fastcgi_script_name;
- include /etc/nginx/fastcgi_params;
+ #fastcgi_param PATH_INFO $fastcgi_script_name;
+ fastcgi_intercept_errors on;
}
- </tmpl_else>
-
- location ~ \.php$ {
+</tmpl_else>
+ <tmpl_if name='php' op='==' value='hhvm'>
+ location @php {
+ try_files $uri =404;
+ include /etc/nginx/fastcgi_params;
+ fastcgi_pass unix:/var/run/hhvm/hhvm.<tmpl_var name='system_user'>.sock;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ #fastcgi_param PATH_INFO $fastcgi_script_name;
+ fastcgi_intercept_errors on;
+ }
+ </tmpl_else>
+
+ location @php {
deny all;
}
- </tmpl_if>
+ </tmpl_if>
+</tmpl_if>
- <tmpl_if name='cgi' op='==' value='y'>
-
+<tmpl_if name='cgi' op='==' value='y'>
location /cgi-bin/ {
+ try_files $uri =404;
+ include /etc/nginx/fastcgi_params;
root <tmpl_var name='document_root'>;
gzip off;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
fastcgi_index index.cgi;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- include /etc/nginx/fastcgi_params;
+ fastcgi_intercept_errors on;
}
- </tmpl_if>
+</tmpl_if>
- <tmpl_if name='nginx_directives'>
- <tmpl_var name='nginx_directives'>
- </tmpl_if>
+<tmpl_loop name="rewrite_rules">
+ <tmpl_var name='rewrite_rule'>
+</tmpl_loop>
+
+<tmpl_loop name="nginx_directives">
+ <tmpl_var name='nginx_directive'>
+</tmpl_loop>
+
+<tmpl_if name='enable_pagespeed' op='==' value='y'>
+ pagespeed on;
+ pagespeed FileCachePath /var/ngx_pagespeed_cache;
+ <tmpl_if name='ssl_enabled'>pagespeed FetchHttps enable,allow_self_signed;</tmpl_if>
+
+
+ # let's speed up PageSpeed by storing it in the super duper fast memcached
+ pagespeed MemcachedThreads 1;
+ pagespeed MemcachedServers "localhost:11211";
+
+ # Filter settings
+ pagespeed RewriteLevel CoreFilters;
+ pagespeed EnableFilters collapse_whitespace,remove_comments;
+
+ # Ensure requests for pagespeed optimized resources go to the pagespeed
+ # handler and no extraneous headers get set.
+ location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {
+ add_header "" "";
+ access_log off;
+ }
+ location ~ "^/ngx_pagespeed_static/" {
+ access_log off;
+ }
+ location ~ "^/ngx_pagespeed_beacon$" {
+ access_log off;
+ }
+ location /ngx_pagespeed_statistics {
+ allow 127.0.0.1;
+ deny all;
+ access_log off;
+ }
+ location /ngx_pagespeed_global_statistics {
+ allow 127.0.0.1;
+ deny all;
+ access_log off;
+ }
+ location /ngx_pagespeed_message {
+ allow 127.0.0.1;
+ deny all;
+ access_log off;
+ }
+ location /pagespeed_console {
+ allow 127.0.0.1;
+ deny all;
+ access_log off;
+ }
+</tmpl_if>
+
+<tmpl_loop name="basic_auth_locations">
+ location <tmpl_var name='htpasswd_location'> { ##merge##
+ auth_basic "Members Only";
+ auth_basic_user_file <tmpl_var name='htpasswd_path'>.htpasswd;
+
+ location ~ \.php$ {
+ try_files <tmpl_var name='rnd_php_dummy_file'> @php;
+ }
+ }
+</tmpl_loop>
+</tmpl_if>
+}
+
+<tmpl_loop name="redirects">
+server {
+ listen <tmpl_var name='ip_address'>:80;
+<tmpl_if name='ipv6_enabled'>
+ listen [<tmpl_var name='ipv6_address'>]:80;
+</tmpl_if>
-}
\ No newline at end of file
+<tmpl_if name='ssl_enabled'>
+ listen <tmpl_var name='ip_address'>:443 ssl;
+<tmpl_if name='ipv6_enabled'>
+ listen [<tmpl_var name='ipv6_address'>]:443 ssl;
+</tmpl_if>
+ ssl_certificate <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.crt;
+ ssl_certificate_key <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.key;
+</tmpl_if>
+
+ server_name <tmpl_var name='rewrite_domain'>;
+<tmpl_if name='alias_seo_redirects2'>
+<tmpl_loop name="alias_seo_redirects2">
+ if ($http_host <tmpl_var name='alias_seo_redirect_operator'> "<tmpl_var name='alias_seo_redirect_origin_domain'>") {
+ rewrite ^ $scheme://<tmpl_var name='alias_seo_redirect_target_domain'>$request_uri? permanent;
+ }
+</tmpl_loop>
+</tmpl_if>
+<tmpl_if name='use_rewrite'>
+ rewrite ^ <tmpl_var name='rewrite_target'>$request_uri? <tmpl_var name='rewrite_type'>;
+</tmpl_if>
+<tmpl_if name='use_proxy'>
+ location / {
+ proxy_pass <tmpl_var name='rewrite_target'>;
+ <tmpl_if name='rewrite_subdir'>rewrite ^/<tmpl_var name='rewrite_subdir'>(.*) /$1;</tmpl_if>
+<tmpl_loop name="proxy_directives">
+ <tmpl_var name='proxy_directive'>
+</tmpl_loop>
+ }
+</tmpl_if>
+}
+</tmpl_loop>
--
Gitblit v1.9.1