50 lines
1.4 KiB
Org Mode
50 lines
1.4 KiB
Org Mode
# redirect http -> https
|
|
server {
|
|
server_name wallabag.tildeverse.org;
|
|
return 301 https://wallabag.tildeverse.org$request_uri;
|
|
}
|
|
|
|
# redirect wallabag.aussies.space -> wallabag.tildeverse.org
|
|
server {
|
|
server_name wallabag.aussies.space;
|
|
return 301 https://wallabag.tildeverse.org$request_uri;
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
listen [::]:443 ssl;
|
|
|
|
server_name wallabag.tildeverse.org;
|
|
root /var/www/wallabag/web;
|
|
|
|
# ssl
|
|
ssl_certificate **path has been removed**; # managed by Certbot
|
|
ssl_certificate_key **path has been removed**; # managed by Certbot
|
|
include /etc/letsencrypt/options-ssl-nginx.conf;
|
|
|
|
location / {
|
|
try_files $uri /app.php$is_args$args;
|
|
}
|
|
|
|
location ~ ^/app\.php(/|$) {
|
|
# include snippets/php_common;
|
|
|
|
# came from the wallabag vhosts documentation
|
|
fastcgi_pass unix:/run/php/php7.2-fpm.sock;
|
|
fastcgi_split_path_info ^(.+\.php)(/.*)$;
|
|
include fastcgi_params;
|
|
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
|
|
fastcgi_param DOCUMENT_ROOT $realpath_root;
|
|
internal;
|
|
}
|
|
|
|
# return 404 for all other php files not matching the front controller
|
|
# this prevents access to other php files you don't want to be accessible.
|
|
location ~ \.php$ {
|
|
return 404;
|
|
}
|
|
|
|
error_log /var/log/nginx/wallabag_error.log;
|
|
access_log /var/log/nginx/wallabag_access.log;
|
|
}
|