external/iiab
1
0
Fork 0
mirror of https://github.com/iiab/iiab.git synced 2025-02-13 11:42:08 +00:00
Code Issues Releases Wiki Activity
iiab/roles/nginx/templates/server.conf.j2

49 lines
2 KiB
Django/Jinja
Raw Blame History

server {
root {{ doc_root }};
server_name $hostname; # e.g. box.lan, set dynamically when NGINX starts
#server_name {{ iiab_hostname }}.{{ iiab_domain }};
#server_name {{ iiab_hostname }};
listen 80;
index index.php index.html index.htm;
# NGINX's 1MB default is far too low for Calibre-Web and LMS-like apps.
# So IIAB sets this to 500M, roughly aligning with similar settings...
# 1. 'upload_max_filesize = 500M' and 'post_max_size = 500M' are SOMETIMES set in:
# https://github.com/iiab/iiab/blob/master/roles/www_options/tasks/main.yml#L106-L107
# https://github.com/iiab/iiab/blob/master/roles/www_options/tasks/main.yml#L120-L121
# 2. 'client_max_body_size 512M;' is set in:
# https://github.com/iiab/iiab/blob/master/roles/nextcloud/templates/nextcloud-nginx.conf.j2#L62
client_max_body_size 500M;
# let individual services drop location blocks in conf.d
include {{ nginx_conf_dir }}/*;
location ~ .*\.php$ {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $remote_addr;
proxy_set_header Host $host;
fastcgi_pass php;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
include fastcgi_params;
}
# 2021-07-30: Security risk identified by @tim-moody
#location /cgi-bin {
# root /usr/lib;
#}
# if you don't like seeing all the errors for missing favicon.ico in root
location = /favicon.ico { access_log off; log_not_found off; }
# if you don't like seeing errors for a missing robots.txt in root
location = /robots.txt { access_log off; log_not_found off; }
# Let's not serve files like .htaccess .htpassword .secret etc.
# EXCEPTION: 'location ^~ /kiwix' in /etc/nginx/conf.d/kiwix-nginx.conf
# overrules this, for ZIM file articles that begin with a dot (#3072).
location ~ /\. { deny all; }
}
Reference in a new issue View git blame Copy permalink