From 4569cae57f127afd093794310ccd290d2d9fdf36 Mon Sep 17 00:00:00 2001
From: Marius Burkard <m.burkard@pixcept.de>
Date: Wed, 20 Apr 2016 10:58:46 -0400
Subject: [PATCH] Merge branch 'stable-3.1'
---
install/tpl/nginx_apps.vhost.master | 194 +++++++++++++++++++++++++++++++++++++++++++++++-
1 files changed, 188 insertions(+), 6 deletions(-)
diff --git a/install/tpl/nginx_apps.vhost.master b/install/tpl/nginx_apps.vhost.master
index 30416e3..d2dc07b 100644
--- a/install/tpl/nginx_apps.vhost.master
+++ b/install/tpl/nginx_apps.vhost.master
@@ -1,28 +1,210 @@
server {
- listen {apps_vhost_ip}{apps_vhost_port};
+ listen {apps_vhost_port};
+ listen [::]:{apps_vhost_port} ipv6only=on;
+ ssl {ssl_on};
+ {ssl_comment}ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
+ {ssl_comment}ssl_certificate /usr/local/ispconfig/interface/ssl/ispserver.crt;
+ {ssl_comment}ssl_certificate_key /usr/local/ispconfig/interface/ssl/ispserver.key;
+
+ # redirect to https if accessed with http
+ {ssl_comment}error_page 497 https://$host:{vhost_port}$request_uri;
server_name {apps_vhost_servername};
root {apps_vhost_dir};
+
+ client_max_body_size 100M;
location / {
index index.php index.html;
}
# serve static files directly
- location ~* ^.+.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt)$ {
+ location ~* ^.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt)$ {
access_log off;
}
location ~ \.php$ {
- fastcgi_pass 127.0.0.1:{fpm_port};
+ try_files $uri =404;
+ fastcgi_param QUERY_STRING $query_string;
+ fastcgi_param REQUEST_METHOD $request_method;
+ fastcgi_param CONTENT_TYPE $content_type;
+ fastcgi_param CONTENT_LENGTH $content_length;
+
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_param SCRIPT_NAME $fastcgi_script_name;
+ fastcgi_param REQUEST_URI $request_uri;
+ fastcgi_param DOCUMENT_URI $document_uri;
+ fastcgi_param DOCUMENT_ROOT $document_root;
+ fastcgi_param SERVER_PROTOCOL $server_protocol;
+
+ fastcgi_param GATEWAY_INTERFACE CGI/1.1;
+ fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
+
+ fastcgi_param REMOTE_ADDR $remote_addr;
+ fastcgi_param REMOTE_PORT $remote_port;
+ fastcgi_param SERVER_ADDR $server_addr;
+ fastcgi_param SERVER_PORT $server_port;
+ fastcgi_param SERVER_NAME $server_name;
+
+ fastcgi_param HTTPS $https;
+
+ # PHP only, required if PHP was built with --enable-force-cgi-redirect
+ fastcgi_param REDIRECT_STATUS 200;
+ fastcgi_pass unix:{fpm_socket};
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
- fastcgi_param PATH_INFO $fastcgi_script_name;
- include /etc/nginx/fastcgi_params;
+ #fastcgi_param PATH_INFO $fastcgi_script_name;
+ fastcgi_buffer_size 128k;
+ fastcgi_buffers 256 4k;
+ fastcgi_busy_buffers_size 256k;
+ fastcgi_temp_file_write_size 256k;
}
location ~ /\. {
deny all;
}
-}
\ No newline at end of file
+
+ location /phpmyadmin {
+ root /usr/share/;
+ index index.php index.html index.htm;
+ location ~ ^/phpmyadmin/(.+\.php)$ {
+ try_files $uri =404;
+ root /usr/share/;
+ fastcgi_param QUERY_STRING $query_string;
+ fastcgi_param REQUEST_METHOD $request_method;
+ fastcgi_param CONTENT_TYPE $content_type;
+ fastcgi_param CONTENT_LENGTH $content_length;
+
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_param SCRIPT_NAME $fastcgi_script_name;
+ fastcgi_param REQUEST_URI $request_uri;
+ fastcgi_param DOCUMENT_URI $document_uri;
+ fastcgi_param DOCUMENT_ROOT $document_root;
+ fastcgi_param SERVER_PROTOCOL $server_protocol;
+
+ fastcgi_param GATEWAY_INTERFACE CGI/1.1;
+ fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
+
+ fastcgi_param REMOTE_ADDR $remote_addr;
+ fastcgi_param REMOTE_PORT $remote_port;
+ fastcgi_param SERVER_ADDR $server_addr;
+ fastcgi_param SERVER_PORT $server_port;
+ fastcgi_param SERVER_NAME $server_name;
+
+ fastcgi_param HTTPS $https;
+
+ # PHP only, required if PHP was built with --enable-force-cgi-redirect
+ fastcgi_param REDIRECT_STATUS 200;
+ # To access phpMyAdmin, the default user (like www-data on Debian/Ubuntu) must be used
+ {use_tcp}fastcgi_pass 127.0.0.1:9000;
+ {use_socket}fastcgi_pass unix:/var/run/php5-fpm.sock;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_buffer_size 128k;
+ fastcgi_buffers 256 4k;
+ fastcgi_busy_buffers_size 256k;
+ fastcgi_temp_file_write_size 256k;
+ fastcgi_read_timeout 1200;
+ }
+ location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
+ root /usr/share/;
+ }
+ }
+ location /phpMyAdmin {
+ rewrite ^/* /phpmyadmin last;
+ }
+
+ location /squirrelmail {
+ root /usr/share/;
+ index index.php index.html index.htm;
+ location ~ ^/squirrelmail/(.+\.php)$ {
+ try_files $uri =404;
+ root /usr/share/;
+ fastcgi_param QUERY_STRING $query_string;
+ fastcgi_param REQUEST_METHOD $request_method;
+ fastcgi_param CONTENT_TYPE $content_type;
+ fastcgi_param CONTENT_LENGTH $content_length;
+
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_param SCRIPT_NAME $fastcgi_script_name;
+ fastcgi_param REQUEST_URI $request_uri;
+ fastcgi_param DOCUMENT_URI $document_uri;
+ fastcgi_param DOCUMENT_ROOT $document_root;
+ fastcgi_param SERVER_PROTOCOL $server_protocol;
+
+ fastcgi_param GATEWAY_INTERFACE CGI/1.1;
+ fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
+
+ fastcgi_param REMOTE_ADDR $remote_addr;
+ fastcgi_param REMOTE_PORT $remote_port;
+ fastcgi_param SERVER_ADDR $server_addr;
+ fastcgi_param SERVER_PORT $server_port;
+ fastcgi_param SERVER_NAME $server_name;
+
+ fastcgi_param HTTPS $https;
+
+ # PHP only, required if PHP was built with --enable-force-cgi-redirect
+ fastcgi_param REDIRECT_STATUS 200;
+ # To access SquirrelMail, the default user (like www-data on Debian/Ubuntu) must be used
+ {use_tcp}fastcgi_pass 127.0.0.1:9000;
+ {use_socket}fastcgi_pass unix:/var/run/php5-fpm.sock;
+ fastcgi_index index.php;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_buffer_size 128k;
+ fastcgi_buffers 256 4k;
+ fastcgi_busy_buffers_size 256k;
+ fastcgi_temp_file_write_size 256k;
+ }
+ location ~* ^/squirrelmail/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
+ root /usr/share/;
+ }
+ }
+ location /webmail {
+ rewrite ^/* /squirrelmail last;
+ }
+
+ location /cgi-bin/mailman {
+ root /usr/lib/;
+ fastcgi_split_path_info (^/cgi-bin/mailman/[^/]*)(.*)$;
+ fastcgi_param QUERY_STRING $query_string;
+ fastcgi_param REQUEST_METHOD $request_method;
+ fastcgi_param CONTENT_TYPE $content_type;
+ fastcgi_param CONTENT_LENGTH $content_length;
+
+ fastcgi_param SCRIPT_FILENAME $request_filename;
+ fastcgi_param SCRIPT_NAME $fastcgi_script_name;
+ fastcgi_param REQUEST_URI $request_uri;
+ fastcgi_param DOCUMENT_URI $document_uri;
+ fastcgi_param DOCUMENT_ROOT $document_root;
+ fastcgi_param SERVER_PROTOCOL $server_protocol;
+
+ fastcgi_param GATEWAY_INTERFACE CGI/1.1;
+ fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
+
+ fastcgi_param REMOTE_ADDR $remote_addr;
+ fastcgi_param REMOTE_PORT $remote_port;
+ fastcgi_param SERVER_ADDR $server_addr;
+ fastcgi_param SERVER_PORT $server_port;
+ fastcgi_param SERVER_NAME $server_name;
+
+ fastcgi_param HTTPS $https;
+
+ # PHP only, required if PHP was built with --enable-force-cgi-redirect
+ fastcgi_param REDIRECT_STATUS 200;
+ fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+ fastcgi_param PATH_INFO $fastcgi_path_info;
+ fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
+ fastcgi_intercept_errors on;
+ fastcgi_pass unix:{cgi_socket};
+ }
+
+ location /images/mailman {
+ alias /usr/share/images/mailman;
+ }
+
+ location /pipermail {
+ alias /var/lib/mailman/archives/public;
+ autoindex on;
+ }
+}
--
Gitblit v1.9.1