107 lines
3.5 KiB
Nginx Configuration File
107 lines
3.5 KiB
Nginx Configuration File
server {
|
|
listen 80;
|
|
listen [::]:80;
|
|
server_name YOUR_DOMAIN;
|
|
return 301 https://$server_name$request_uri;
|
|
}
|
|
server {
|
|
listen 443 ssl http2;
|
|
listen [::]:443 ssl http2;
|
|
server_name YOUR_DOMAIN;
|
|
ssl_protocols TLSv1.2;
|
|
ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
|
|
ssl_prefer_server_ciphers on;
|
|
ssl_session_cache shared:SSL:10m;
|
|
ssl_stapling on;
|
|
ssl_stapling_verify on;
|
|
add_header Strict-Transport-Security "max-age=31536000";
|
|
add_header X-XSS-Protection "1; mode=block";
|
|
ssl_certificate /etc/CHANGE_THIS/fullchain.pem;
|
|
ssl_certificate_key /etc/CHANGE_THIS/privkey.pem;
|
|
ssl_dhparam /etc/CHANGE_THIS/dhparam.pem;
|
|
keepalive_timeout 70;
|
|
sendfile on;
|
|
client_max_body_size 20m;
|
|
root /var/www/example.com;
|
|
location ~* (?:DESIGN|(?:gpl|README|LICENSE)[^.]*|LEGALNOTICE)(?:\.txt)*$ {
|
|
return 302 /;
|
|
}
|
|
location ~* \.(?:bat|git|ini|sh|svn[^.]*|txt|tpl|xml)$ {
|
|
return 404;
|
|
}
|
|
|
|
# Main
|
|
rewrite ^/home/?$ / permanent;
|
|
rewrite ^/login/?$ /login/login.php break;
|
|
rewrite ^/auth/?$ /login/auth.php break;
|
|
rewrite ^/logout/?$ /login/logout.php break;
|
|
rewrite ^/terms/?$ /login/terms.php break;
|
|
rewrite ^/privacy/?$ /login/privacy.php break;
|
|
rewrite ^/imprint/?$ /login/imprint.php break;
|
|
|
|
# LTL
|
|
rewrite ^/local/?$ /local.php break;
|
|
|
|
# FTL
|
|
rewrite ^/federated/?$ /federated.php break;
|
|
|
|
# Notice
|
|
rewrite ^/notifications/?$ /notifications.php break;
|
|
|
|
# Who to follow
|
|
rewrite ^/whotofollow/?$ /who_to_follow.php break;
|
|
|
|
# Direct
|
|
rewrite ^/direct/?$ /direct.php break;
|
|
|
|
# Instance
|
|
rewrite ^/instance/?$ /instance.php break;
|
|
|
|
# Lists
|
|
rewrite ^/lists/?$ /lists.php break;
|
|
rewrite ^/lists/(\d+)/?$ /lists_view.php?id=$1 break;
|
|
rewrite ^/lists/(\d+)/add/?$ /lists_add.php?id=$1 break;
|
|
|
|
# Search
|
|
rewrite ^/search/?$ /search_hash_tag.php break;
|
|
rewrite ^/search/users/?$ /search_user.php break;
|
|
|
|
# Settings
|
|
rewrite ^/settings/?$ /settings_general.php break;
|
|
rewrite ^/settings/profile/?$ /settings_profile.php break;
|
|
rewrite ^/settings/appearance/?$ /settings_appearance.php break;
|
|
rewrite ^/settings/filters/?$ /settings_filters.php break;
|
|
rewrite ^/settings/media/?$ /settings_media.php break;
|
|
|
|
# User
|
|
rewrite ^/@(.+)@(.+)\.([a-z]+)/?$ /user.php?user=@$1@$2\.$3 break;
|
|
rewrite ^/@(.+)@(.+)\.([a-z]+)/status/(.+?)?$ /user.php?user=@$1@$2\.$3&status=$4 break;
|
|
rewrite ^/@(.+)@(.+)\.([a-z]+)/media/?$ /user_only_media.php?user=@$1@$2\.$3 break;
|
|
rewrite ^/@(.+)@(.+)\.([a-z]+)/with_replies/?$ /user_include_replies.php?user=@$1@$2\.$3 break;
|
|
rewrite ^/@(.+)@(.+)\.([a-z]+)/followers/?$ /user_followers.php?user=@$1@$2\.$3 break;
|
|
rewrite ^/@(.+)@(.+)\.([a-z]+)/following/?$ /user_following.php?user=@$1@$2\.$3 break;
|
|
rewrite ^/@(.+)@(.+)\.([a-z]+)/favourites/?$ /user_favorite.php?user=@$1@$2\.$3 break;
|
|
|
|
# Image
|
|
rewrite ^/avatars/original/missing.png$ /assets/images/missing.png break;
|
|
rewrite ^/headers/original/missing.png$ /assets/images/missing_header.png break;
|
|
|
|
# 404
|
|
rewrite ^/404/?$ /404.php break;
|
|
|
|
location ~ [^/]\.php(/|$) {
|
|
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
|
include fastcgi_params;
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
if (!-f $document_root$fastcgi_script_name) {
|
|
return 404;
|
|
}
|
|
fastcgi_param PATH_INFO $fastcgi_path_info;
|
|
fastcgi_param HTTPS on;
|
|
fastcgi_buffers 8 256k;
|
|
fastcgi_buffer_size 128k;
|
|
fastcgi_intercept_errors on;
|
|
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
|
|
}
|
|
}
|