Last roadblock changing from Apache: SSL & PHP #2

Philip Rhoades phil at pricom.com.au
Mon May 15 00:35:40 UTC 2017 

Rainer,


On 2017-05-15 10:07, Rainer Duffner wrote:
>> Am 15.05.2017 um 00:50 schrieb Philip Rhoades <phil at pricom.com.au>:
>> Also, nginx and php-fpm were actually running as services of course
>> . .
> 
> Maybe strip the  comments next time you post a config file…


Ah . . good point.  Thanks for your response.

Regards,

Phil.


> I have:
> 
> server {
>  set_real_ip_from 127.0.0.12; real_ip_header X-Forwarded-For;
>  listen 80;
>  server_name bla ;
>  root /usr/local/www/roundcube;
>   index index.php index.html index.htm;
>  access_log /var/log/nginx/bla_access.log;
>  error_log /var/log/nginx/bla_error.log;
>  location /roundcube {
>  root /usr/local/www/roundcube ;
>  try_files $uri $uri/ /index.php?q=$uri&$args;
>   }
>  error_page 404 /404.html;
>  error_page 500 502 503 504 /50x.html;
>  location = /50x.html {
>  root /usr/local/www//nginx-errors;
>  }
>  location ~ ^/(README.md|INSTALL|LICENSE|CHANGELOG|UPGRADING)$ {
>  deny all;
>  }
>  location ~ ^/(config|temp|logs)/ {
>  deny all;
>  }
>  location ~ /\. {
>  deny all;
>  access_log off;
>  log_not_found off;
>  }
> # pass the PHP scripts to FastCGI server listening on
> /var/run/fastcgi/www.sock
>  location ~ \.php$ {
>  try_files $uri =404;
>  fastcgi_pass unix:/var/run/fastcgi/www.sock;
>  fastcgi_index index.php;
>  fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
>  include fastcgi_params;
>  }
> }
> 
> root at webmail:/usr/local/etc/nginx # cat fastcgi_params
> 
> fastcgi_param  QUERY_STRING       $query_string;
> fastcgi_param  REQUEST_METHOD     $request_method;
> fastcgi_param  CONTENT_TYPE       $content_type;
> fastcgi_param  CONTENT_LENGTH     $content_length;
> 
> fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
> fastcgi_param  REQUEST_URI        $request_uri;
> fastcgi_param  DOCUMENT_URI       $document_uri;
> fastcgi_param  DOCUMENT_ROOT      $document_root;
> fastcgi_param  SERVER_PROTOCOL    $server_protocol;
> fastcgi_param  HTTPS              $https if_not_empty;
> 
> fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
> fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
> 
> fastcgi_param  REMOTE_ADDR        $remote_addr;
> fastcgi_param  REMOTE_PORT        $remote_port;
> fastcgi_param  SERVER_ADDR        $server_addr;
> fastcgi_param  SERVER_PORT        $server_port;
> fastcgi_param  SERVER_NAME        $server_name;
> 
> # PHP only, required if PHP was built with --enable-force-cgi-redirect
> fastcgi_param  REDIRECT_STATUS    200;
> 
> fastcgi_keep_conn on;
> fastcgi_split_path_info       ^(.+\.php)(.*)$;
> fastcgi_param PATH_INFO       $fastcgi_path_info;
> fastcgi_param PATH_TRANSLATED    $document_root$fastcgi_path_info;
> 
> Not chrooted, though, because it’s in a jail and I haven’t figured
> out how to setup all the fancy nullfs mounts in a jail.
> 
> It’s behind a haproxy that distributes traffic between various jails
> - but that’s irrelevant for the current  case.
> _______________________________________________
> nginx mailing list
> nginx at nginx.org
> http://mailman.nginx.org/mailman/listinfo/nginx

-- 
Philip Rhoades

PO Box 896
Cowra  NSW  2794
Australia
E-mail:  phil at pricom.com.au

More information about the nginx mailing list