remove php from nginx default location
This commit is contained in:
parent
1d1b5156bc
commit
a257c8184b
|
@ -1,19 +1,6 @@
|
|||
index index.php index.html index.htm;
|
||||
try_files $uri $uri/ index.php$uri =404;
|
||||
|
||||
location ~ ^(.+\.php)(.*)$ {
|
||||
fastcgi_param PATH_INFO $fastcgi_path_info;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_pass php;
|
||||
fastcgi_split_path_info ^(.+\.php)(.*)$;
|
||||
include fastcgi_params;
|
||||
try_files $uri index.php =404;
|
||||
}
|
||||
|
||||
location ~ /\.ht {
|
||||
deny all;
|
||||
}
|
||||
|
||||
location ~ /ip(f|n)s {
|
||||
proxy_pass http://$host:8080;
|
||||
}
|
||||
|
|
|
@ -33,7 +33,7 @@ tagprefix = $(call urlprefix,$(or $($(call UPPERCASE,$(1)_SERVICE_$(2)_PATH)),$
|
|||
envprefix = $(foreach env,$(3),$(if $($(call UPPERCASE,$(1)_SERVICE_$(2)_$(env))),$(env)=$($(call UPPERCASE,$(1)_SERVICE_$(2)_$(env)))))
|
||||
patsublist = $(patsubst $(1),$(2),$(firstword $(3)))$(foreach pattern,$(wordlist 2,16,$(3)),$(comma)$(patsubst $(1),$(2),$(pattern)))
|
||||
servicenvs = $(foreach env,$(call UPPERCASE,$($(1)_SERVICE_$(2)_ENVS)),$(if $(3),$($(1)_SERVICE_$(env)_$(3)),$($(1)_SERVICE_$(2)_$(env))))
|
||||
uriprefix = $(foreach svc,$(1),$(patsubst %,$(addsuffix .,$(or $($(call UPPERCASE,$(svc)_SERVICE_$(2)_NAME)),$($(call UPPERCASE,$(svc)_SERVICE_NAME)),$(svc)))%,$(APP_URIS)))
|
||||
uriprefix = $(foreach svc,$(1),$(patsubst %,$(addsuffix .,$(or $($(call UPPERCASE,$(svc)_SERVICE_$(2)_NAME)),$($(call UPPERCASE,$(svc)_SERVICE_NAME)),$(svc)))%,$(or $(3),$(APP_URIS))))
|
||||
url_suffix = *
|
||||
urlprefix = $(strip $(call patsublist,%,urlprefix-%$(1)$(url_suffix) $(2),$(or $(3),$(APP_URIS))))
|
||||
urlprefixs = $(strip $(call urlprefix,$(firstword $(1)),$(wordlist 2,16,$(1)))$(foreach prefix,$(subst $(space),$(dollar),$(2)) $(subst $(space),$(dollar),$(3)) $(subst $(space),$(dollar),$(4)),$(comma)$(call subst,$(dollar),$(space),$(call urlprefix,$(firstword $(prefix)),$(wordlist 2,16,$(prefix))))))
|
||||
|
|
|
@ -7,7 +7,7 @@ ifeq ($(SETUP_UFW),true)
|
|||
define ufw
|
||||
$(call INFO,ufw,$(1)$(comma))
|
||||
$(call app-bootstrap,ufw-docker)
|
||||
$(eval COMPOSE_PROJECT_NAME := $(HOST_COMPOSE_PROJECT_NAME))
|
||||
$(eval DOCKER_COMPOSE_PROJECT_NAME := $(HOST_COMPOSE_PROJECT_NAME))
|
||||
$(call app-exec,,$(if $(DOCKER_RUN),,$(SUDO)) ufw $(1))
|
||||
endef
|
||||
|
||||
|
@ -15,7 +15,7 @@ endef
|
|||
define ufw-docker
|
||||
$(call INFO,ufw-docker,$(1)$(comma))
|
||||
$(call app-bootstrap,ufw-docker)
|
||||
$(eval COMPOSE_PROJECT_NAME := $(HOST_COMPOSE_PROJECT_NAME))
|
||||
$(eval DOCKER_COMPOSE_PROJECT_NAME := $(HOST_COMPOSE_PROJECT_NAME))
|
||||
$(call app-exec,,$(if $(DOCKER_RUN),,$(SUDO)) ufw-docker $(1))
|
||||
endef
|
||||
|
||||
|
|
|
@ -1,7 +1,9 @@
|
|||
ENV_VARS += USER_IPFS_API_HTTPHEADERS_ACA_ORIGIN USER_IPFS_SERVICE_5001_TAGS USER_IPFS_SERVICE_8080_TAGS
|
||||
USER_IPFS_API_HTTPHEADERS_ACA_ORIGIN ?= [$(call patsublist,%,"https://%",$(USER_IPFS_SERVICE_8080_URIS))]
|
||||
USER_IPFS_SERVICE_NAME ?= ipfs
|
||||
USER_IPFS_SERVICE_HOST ?= $(patsubst %,$(RESU).%,$(DOMAIN))
|
||||
USER_IPFS_SERVICE_5001_PATH ?= api/
|
||||
USER_IPFS_SERVICE_5001_TAGS ?= $(strip $(filter %.localhost/api/$(url_suffix),$(call tagprefix,USER_IPFS,5001)) $(if $(call servicenvs,USER_IPFS,5001,URIS),$(call urlprefix,$(USER_IPFS_SERVICE_5001_PATH),,$(call servicenvs,USER_IPFS,5001,URIS))))
|
||||
USER_IPFS_SERVICE_5001_URIS ?= $(call uriprefix,ipfs)
|
||||
USER_IPFS_SERVICE_5001_URIS ?= $(call uriprefix,USER_IPFS,5001,$(patsubst %,%/,$(USER_IPFS_SERVICE_HOST)))
|
||||
USER_IPFS_SERVICE_8080_TAGS ?= $(call tagprefix,USER_IPFS,8080)
|
||||
USER_IPFS_SERVICE_8080_URIS ?= $(call uriprefix,USER_IPFS,8080,$(patsubst %,%/,$(USER_IPFS_SERVICE_HOST)))
|
||||
|
|
|
@ -26,13 +26,13 @@ host-ssl-certs:
|
|||
; [ -f /host/htpasswd/default.htpasswd ] \
|
||||
|| echo "default:{PLAIN}$(shell head -c 15 /dev/random |base64)" > /host/htpasswd/default.htpasswd \
|
||||
; for domain in ${DOMAIN}; do \
|
||||
[ -f /host/live/\$${domain}/fullchain.pem -a -f /host/live/\$${domain}/privkey.pem ] \
|
||||
[ -f /host/live/\$${domain}/privkey.pem ] \
|
||||
&& openssl x509 -in /host/live/\$${domain}/fullchain.pem -noout -issuer 2>/dev/null |grep -iqv staging \
|
||||
&& cp -L /host/live/\$${domain}/fullchain.pem /host/certs/\$${domain}-cert.pem \
|
||||
&& cp -L /host/live/\$${domain}/privkey.pem /host/certs/\$${domain}-key.pem \
|
||||
; if [ ! -f /host/certs/\$${domain}-cert.pem -o ! -f /host/certs/\$${domain}-key.pem ]; then \
|
||||
; if [ ! -f /host/certs/\$${domain}-key.pem ]; then \
|
||||
apk --no-cache add openssl \
|
||||
&& { [ -f /host/certs/\$${domain}-priv.pem ] || openssl genrsa -out /host/certs/\$${domain}-key.pem 2048; } \
|
||||
&& openssl genrsa -out /host/certs/\$${domain}-key.pem 2048 \
|
||||
&& openssl req -key /host/certs/\$${domain}-key.pem -out /host/certs/\$${domain}-cert.pem \
|
||||
-addext extendedKeyUsage=serverAuth \
|
||||
-addext subjectAltName=DNS:\$${domain},DNS:*.\$${domain} \
|
||||
|
|
Loading…
Reference in New Issue