Finish README. Separate docker configs from example configs.

This commit is contained in:
Greg Sarjeant 2025-06-18 09:34:41 -04:00
parent a3a6471ced
commit 4bd65daf5d
15 changed files with 263 additions and 158 deletions

View File

@ -2,7 +2,28 @@
A lightweight, HTML-only status feed for self-hosted personal websites. Written in PHP. Heavily inspired by [status.cafe](https://status.cafe).
![tkr homepage](https://subcultureofone.org/images/tkr/tkr-homepage.png)
## Screenshots
### Mobile
<img src="https://subcultureofone.org/images/tkr/tkr-logged-out-mobile.png"
alt="tkr logged out view - mobile"
width="40%" height="40%">
<img src="https://subcultureofone.org/images/tkr/tkr-logged-in-mobile.png"
alt="tkr logged in view - mobile"
width="40%" height="40%">
### Desktop
<img src="https://subcultureofone.org/images/tkr/tkr-logged-out-desktop.png"
alt="tkr logged in view - desktop"
width="60%" height="60%">
<img src="https://subcultureofone.org/images/tkr/tkr-logged-in-desktop.png"
alt="tkr logged in view - desktop"
width="60%" height="60%">
## Features
@ -11,6 +32,8 @@ A lightweight, HTML-only status feed for self-hosted personal websites. Written
* CSS uploads for custom theming
* Custom emoji to personalize moods (unicode only)
I'm trying to make sure that the HTML is both semantically valid and accessible, but I have a lot to learn about both. If you see something I should fix, please let me know!
## Prerequisites
* A web server with PHP support, such as:
@ -27,18 +50,25 @@ A lightweight, HTML-only status feed for self-hosted personal websites. Written
1. Copy the `tkr` directory to the location you want to serve it from
* on debian-based systems, `/var/www/tkr` is recommended
1. Make the `storage` directory writable by the web server account.
* For example, on nginx on debian-based distributions:
```sh
chown www-data:www-data /path/to/tkr/storage
chmod 0770 /path/to/tkr/storage
```
1. Add the necessary web server configuration
* Examples for common deployment scenarios, including documentation, are in the examples directory.
1. Add the necessary web server configuration.
* Examples for common scenarios can be found in the [examples](./examples) directory.
* Apache VPS, subdomain (e.g. `https://tkr.your-domain.com`): [examples/apache/vps/root](./examples/apache/vps/root)
* Apache VPS, subfolder (e.g. `https://your-domain.com/tkr`): [examples/apache/vps/subfolder](./examples/apache/vps/subfolder)
* Nginx VPS, subdomain (e.g. `https://tkr.your-domain.com`): [examples/nginx/root](./examples/nginx/root)
* Nginx VPS, subfolder (e.g. `https://your-domain.com/tkr`): [examples/nginx/subfolder](./examples/nginx/subfolder)
* Any values that need to be configured for your environment are labeled with `CONFIG`.
* The SSL configurations are basic, but should work. For more robust SSL configurations, see https://ssl-config.mozilla.org
## From git
### From git
If you'd prefer to install from git:
1. Clone this directoryand copy the `/tkr` directory to your web server.
1. Clone this directory and copy the `/tkr` directory to your web server.
* Required subdirectories are:
1. `config`
1. `public`
@ -46,7 +76,7 @@ If you'd prefer to install from git:
1. `storage`
1. `templates`
* Exclude the other directories
2. Follow the main installation from step 2.
2. Follow the main installation from step 4.
## Initial configuration
@ -71,7 +101,7 @@ The document root should be `/PATH/TO/tkr/public`. This will ensure that only th
There is an `.htaccess` file in the `tkr/` root directory. It's designed for the following installation scenario:
* shared hosting
* `tkr/` is deployed installed to `tkr/` under your web root. (e.g. `public_html/tkr`).
* `tkr/` is installed to `tkr/` under your web root. (e.g. `public_html/tkr`).
* `tkr/public` is the document root
* The other application directories are blocked both by `tkr/.htaccess` and by `.htaccess` files in the directories themselves. These are:
* `tkr/config`
@ -80,16 +110,12 @@ There is an `.htaccess` file in the `tkr/` root directory. It's designed for the
* `tkr/storage`
* `tkr/templates`
There are example configurations for other common scenarios in the [examples](./examples) directory.
* Apache VPS, subdomain (e.g. `https://tkr.your-domain.com`): [examples/apache/vps/root](./examples/apache/vps/subdomain)
* Apache VPS, subfolder (e.g. `https://your-domain.com/tkr`): [examples/apache/vps/subfolder](./examples/apache/vps/subfolder)
* Nginx VPS, subdomain (e.g. `https://tkr.your-domain.com`): [examples/nginx/root](./examples/nginx/subfolder)
* Nginx VPS, subfolder (e.g. `https://your-domain.com/tkr`): [examples/nginx/subfolder](./examples/nginx/subfolder)
### Docker compose
The example directories contain docker-compose.yml files for the different configurations. To run tkr locally on your machine, copy the docker-compose file you're interested in to `tkr/` and run `docker compose up`.
The [docker](./docker) directory contains docker-compose.yml files and web server configs for some different server configurations. For simplicity, these do not use SSL.
To run tkr locally on your machine, copy the docker-compose file you're interested in to `tkr/` and run `docker compose up`.
## Storage
@ -109,7 +135,7 @@ For illustration, here's a sample from the file `/tkr/storage/ticks/2025/05/25`
### SQLite Database
tkr stores profile information, custom emojis, and uploaded css metadata in a SQLite database located at `tkr/storage/db`.
tkr stores profile information, custom emojis, and uploaded css metadata in a SQLite database located at `tkr/storage/db/tkr.sqlite`.
You don't have to do any database setup. The database is automatically created and initialized on first run.

View File

@ -0,0 +1,49 @@
# Example Apache VirtualHost
# for serving tkr as a subdirectory path
# on shared hosting via .htaccess
#
# e.g. http://www.my-domain.com/tkr
#
# This should work without modification if you extract the app
# to /tkr from your web document root
# Enable mod_rewrite
RewriteEngine On
# Security headers
Header always set X-Frame-Options "SAMEORIGIN"
Header always set X-XSS-Protection "1; mode=block"
Header always set X-Content-Type-Options "nosniff"
# Directory index
DirectoryIndex public/index.php
# Security: Block direct access to .php files (except through rewrites)
RewriteCond %{THE_REQUEST} \s/[^?\s]*\.php[\s?] [NC]
RewriteRule ^.*$ - [R=404,L]
# Security: Block access to sensitive directories
RewriteRule ^(storage|src|templates|examples|config)(/.*)?$ - [F,L]
# Security: Block access to hidden files
RewriteRule ^\..*$ - [F,L]
# Cache CSS files for 1 hour
<FilesMatch "\.css$">
Header set Cache-Control "public, max-age=3600"
</FilesMatch>
# Serve the one static file that exists: css/tkr.css
# (Pass requests to css/custom/ through to the PHP app)
RewriteCond %{REQUEST_URI} !^/css/custom/
RewriteRule ^css/tkr\.css$ public/css/tkr.css [L]
# 404 all other static files (images, js, fonts, etc.)
# so those requests don't hit the PHP app
# (this is to reduce load on the PHP app from bots and scanners)
RewriteRule \.(js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot|pdf|zip|mp3|mp4|avi|mov)$ - [R=404,L]
# Everything else goes to the front controller
RewriteCond %{REQUEST_FILENAME} !-f
RewriteCond %{REQUEST_FILENAME} !-d
RewriteRule ^(.*)$ public/index.php [L]

View File

@ -10,7 +10,7 @@ services:
- ./src:/var/www/html/tkr/src
- ./storage:/var/www/html/tkr/storage
- ./templates:/var/www/html/tkr/templates
- ./examples/apache/shared-hosting/.htaccess:/var/www/html/tkr/.htaccess
- ./docker/apache/shared-hosting/.htaccess:/var/www/html/tkr/.htaccess
command: >
bash -c "a2enmod rewrite headers expires &&
apache2-foreground &&

View File

@ -10,7 +10,7 @@ services:
- ./src:/var/www/tkr/src
- ./storage:/var/www/tkr/storage
- ./templates:/var/www/tkr/templates
- ./examples/apache/vps/root/tkr.my-domain.com.conf:/etc/apache2/sites-enabled/tkr.my-domain.com.conf
- ./docker/apache/vps/root/tkr.my-domain.com.conf:/etc/apache2/sites-enabled/tkr.my-domain.com.conf
command: >
bash -c "a2enmod rewrite headers expires &&
apache2-foreground &&

View File

@ -1,29 +1,13 @@
# Example Apache VirtualHost
# for serving tkr as a subdomain root with SSL
# e.g. https://tkr.my-domain.com/
# for serving tkr as a subdomain root without SSL
# e.g. http://tkr.my-domain.com/
#
# Use SSL in production.
# This is a minimal SSL confiuration
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
# NOTE: Do not use in production.
# This is provided for docker compose
# (The included docker-compose file will mount it in the container image)
<VirtualHost *:80>
# Replace localhost with your subdomain, e.g. tkr.my-domain.com
ServerName localhost
DocumentRoot /var/www/tkr/public
# Redirect HTTP to HTTPS
Redirect permanent / https://tkr.my-domain.com/
</VirtualHost>
<VirtualHost *:443>
ServerName localhost
DocumentRoot /var/www/tkr/public
# SSL Configuration
SSLEngine on
# Assumes you're using letsencrypt for cert generation
# Replace with the actual paths to your cert and key
SSLCertificateFile /etc/letsencrypt/live/tkr.my-domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/tkr.my-domain.com/privkey.pem
# Security headers
Header always set X-Frame-Options "SAMEORIGIN"

View File

@ -10,7 +10,7 @@ services:
- ./src:/var/www/tkr/src
- ./storage:/var/www/tkr/storage
- ./templates:/var/www/tkr/templates
- ./examples/apache/vps/subfolder/my-domain.com.conf:/etc/apache2/sites-enabled/my-domain.com.conf
- ./docker/apache/vps/subfolder/my-domain.com.conf:/etc/apache2/sites-enabled/my-domain.com.conf
command: >
bash -c "a2enmod rewrite headers expires &&
a2dissite 000-default &&

View File

@ -1,30 +1,13 @@
# Example Apache VirtualHost
# for serving tkr as a subdirectory path with SSL
# e.g. https://www.my-domain.com/tkr
# for serving tkr as a subdirectory path without SSL
# e.g. http://www.my-domain.com/tkr
#
# Use SSL in production.
# This is a minimal SSL confiuration
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
# NOTE: Do not use in production.
# This is provided for docker compose
# (The included docker-compose file will mount it in the container image)
<VirtualHost *:80>
# Replace localhost with your subdomain, e.g. tkr.my-domain.com
ServerName localhost
DocumentRoot /var/www/html
# Redirect HTTP to HTTPS
Redirect permanent / https://my-domain.com/
</VirtualHost>
<VirtualHost *:443>
# Replace localhost with your subdomain, e.g. tkr.my-domain.com
ServerName localhost
DocumentRoot /var/www/html
# SSL Configuration
SSLEngine on
# Assumes you're using letsencrypt for cert generation
# Replace with the actual paths to your cert and key
SSLCertificateFile /etc/letsencrypt/live/my-domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/my-domain.com/privkey.pem
# Security headers
Header always set X-Frame-Options "SAMEORIGIN"

View File

@ -6,7 +6,7 @@ services:
- "80:80"
volumes:
- ./public:/var/www/tkr/public
- ./examples/nginx/root/nginx.conf:/etc/nginx/conf.d/default.conf
- ./docker/nginx/root/nginx.conf:/etc/nginx/conf.d/default.conf
depends_on:
- php
restart: unless-stopped

View File

@ -1,23 +1,14 @@
# Example nginx config
# for serving tkr as a subdomain with SSL
# e.g. https://tkr.my-domain.com/
# for serving tkr as a subdomain without SSL
# e.g. http://tkr.my-domain.com/
#
# Use SSL in production.
# This is a minimal SSL confiuration
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
# NOTE: Do not use in production.
# This is provided for docker compose
# (The included docker-compose file will mount it in the container image)
server {
listen 443 ssl;
listen [::]:443 ssl;
# replace localhost with your subdomain
# e.g. tkr.my-domain.com
listen 80;
server_name localhost;
# Assumes you're using letsencrypt for cert generation
# Replace with the actual paths to your cert and key
ssl_certificate /etc/letsencrypt/live/tkr.my-domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/tkr.my-domain.com/privkey.pem;
root /var/www/tkr/public;
index index.php;
@ -44,7 +35,16 @@ server {
# I've excluded /css/custom so that requests for uploaded css can be handled by the PHP app.
# That lets me store uploaded content outside of the document root,
# so it isn't served directly.
location ~* ^/(?!css/custom/).+\.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
# CSS files - 1 hour cache
location ~* ^/(?!css/custom/).+\.css$ {
expires 1h;
add_header Cache-Control "public";
try_files $uri =404;
}
# Other static assets - 1 year cache
location ~* ^/.+\.(js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
expires 1y;
add_header Cache-Control "public, immutable";
try_files $uri =404;
@ -98,10 +98,3 @@ server {
return 404;
}
}
server {
listen 80 default_server;
listen [::]:80 default_server;
return 301 https://$host$request_uri;
}

View File

@ -6,7 +6,7 @@ services:
- "80:80"
volumes:
- ./public:/var/www/tkr/public
- ./examples/nginx/subfolder/nginx.conf:/etc/nginx/conf.d/default.conf
- ./docker/nginx/subfolder/nginx.conf:/etc/nginx/conf.d/default.conf
depends_on:
- php
restart: unless-stopped

View File

@ -1,16 +1,16 @@
# Example nginx config
# for serving tkr as a subdfolder with SSL
# e.g. https://my-domain.com/tkr
# for serving tkr as a subdfolder without SSL
# e.g. http://my-domain.com/tkr
#
# Use SSL in production.
# This is a minimal SSL confiuration
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
# NOTE: Do not use in production.
# This is provided for docker compose
# (The included docker-compose file will mount it in the container image)
server {
listen 443 ssl;
listen [::]:443 ssl;
listen 80 default_server;
listen [::]:80 default_server;
# Replace localhost with your domain
# e.g. my-domain.com
# replace localhost with your subdomain
# e.g. tkr.my-domain.com
server_name localhost;
root /var/www/html;
@ -42,7 +42,16 @@ server {
# I've excluded /css/custom so that requests for uploaded css can be handled by the PHP app.
# That lets me store uploaded content outside of the document root,
# so it isn't served directly.
location ~* ^/tkr/(?!css/custom/).+\.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
# CSS files - 1 hour cache
location ~* ^/tkr/(?!css/custom/).+\.css$ {
expires 1h;
add_header Cache-Control "public";
try_files $uri =404;
}
# Other static assets - 1 year cache
location ~* ^/tkr/.+\.(js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
expires 1y;
add_header Cache-Control "public, immutable";
try_files $uri =404;
@ -89,11 +98,4 @@ server {
deny all;
return 404;
}
}
server {
listen 80 default_server;
listen [::]:80 default_server;
return 301 https://$host$request_uri;
}
}

View File

@ -1,14 +1,32 @@
# Example Apache VirtualHost
# for serving tkr as a subdomain root without SSL
# e.g. http://tkr.my-domain.com/
# for serving tkr as a subdomain root with SSL
# e.g. https://tkr.my-domain.com/
#
# NOTE: Do not use in production.
# This is provided for docker compose
# (The included docker-compose file will mount it in the container image)
# Use SSL in production.
# This is a minimal SSL confiuration
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
<VirtualHost *:80>
# Replace localhost with your subdomain, e.g. tkr.my-domain.com
# CONFIG: Replace localhost with your subdomain, e.g. tkr.my-domain.com
ServerName localhost
# CONFIG: Replace localhost with your subdomain, e.g. tkr.my-domain.com
DocumentRoot /var/www/tkr/public
# Redirect HTTP to HTTPS
Redirect permanent / https://tkr.my-domain.com/
</VirtualHost>
<VirtualHost *:443>
# CONFIG: Replace localhost with your subdomain, e.g. tkr.my-domain.com
ServerName localhost
# CONFIG: Replace localhost with your subdomain, e.g. tkr.my-domain.com
DocumentRoot /var/www/tkr/public
# SSL Configuration
SSLEngine on
# Assumes you're using letsencrypt for cert generation
# Replace with the actual paths to your cert and key
SSLCertificateFile /etc/letsencrypt/live/tkr.my-domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/tkr.my-domain.com/privkey.pem
# Security headers
Header always set X-Frame-Options "SAMEORIGIN"

View File

@ -1,14 +1,32 @@
# Example Apache VirtualHost
# for serving tkr as a subdirectory path without SSL
# e.g. http://www.my-domain.com/tkr
# for serving tkr as a subdirectory path with SSL
# e.g. https://www.my-domain.com/tkr
#
# NOTE: Do not use in production.
# This is provided for docker compose
# (The included docker-compose file will mount it in the container image)
# Use SSL in production.
# This is a minimal SSL confiuration
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
<VirtualHost *:80>
# Replace localhost with your subdomain, e.g. tkr.my-domain.com
# CONFIG: Replace localhost with your subdomain, e.g. tkr.my-domain.com
ServerName localhost
DocumentRoot /var/www/html
# CONFIG: Replace with your subdomain, e.g. tkr.my-domain.com
DocumentRoot /var/www/tkr
# Redirect HTTP to HTTPS
Redirect permanent / https://my-domain.com/
</VirtualHost>
<VirtualHost *:443>
# CONFIG: Replace localhost with your subdomain, e.g. tkr.my-domain.com
ServerName localhost
# CONFIG: Replace with your subdomain, e.g. tkr.my-domain.com
DocumentRoot /var/www/tkr/
# SSL Configuration
SSLEngine on
# Assumes you're using letsencrypt for cert generation
# Replace with the actual paths to your cert and key
SSLCertificateFile /etc/letsencrypt/live/my-domain.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/live/my-domain.com/privkey.pem
# Security headers
Header always set X-Frame-Options "SAMEORIGIN"

View File

@ -1,19 +1,28 @@
# Example nginx config
# for serving tkr as a subdomain without SSL
# e.g. http://tkr.my-domain.com/
# for serving tkr as a subdomain with SSL
# e.g. https://tkr.my-domain.com/
#
# NOTE: Do not use in production.
# This is provided for docker compose
# (The included docker-compose file will mount it in the container image)
# Use SSL in production.
# This is a minimal SSL confiuration
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
server {
listen 80;
# replace localhost with your subdomain
# e.g. tkr.my-domain.com
listen 443 ssl;
listen [::]:443 ssl;
# CONFIG: replace "localhost" with your subdomain (e.g. tkr.my-domain.com)
server_name localhost;
# CONFIG:
# replace "/var/www/tkr" with the directory you extracted the .zip file to (if different)
root /var/www/tkr/public;
index index.php;
# CONFIG:
# Assumes you're using letsencrypt for cert generation
# Replace with the actual paths to your cert and key
ssl_certificate /etc/letsencrypt/live/tkr.my-domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/tkr.my-domain.com/privkey.pem;
# Security headers
# The first rule is to prevent including in a frame on a different domain.
# Remove it if you want to do that.
@ -37,16 +46,7 @@ server {
# I've excluded /css/custom so that requests for uploaded css can be handled by the PHP app.
# That lets me store uploaded content outside of the document root,
# so it isn't served directly.
# CSS files - 1 hour cache
location ~* ^/(?!css/custom/).+\.css$ {
expires 1h;
add_header Cache-Control "public";
try_files $uri =404;
}
# Other static assets - 1 year cache
location ~* ^/.+\.(js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
location ~* ^/(?!css/custom/).+\.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
expires 1y;
add_header Cache-Control "public, immutable";
try_files $uri =404;
@ -57,10 +57,14 @@ server {
# But if someone tries to directly access index.php, that file will throw a 404
# so bots and scanners can't tell this is a php app
location = /index.php {
# CONFIG:
# If you're running php-fpm on the same server as nginx,
# then change this to the local php-fpm socket
# e.g. fastcgi_pass unix:/run/php/php8.2-fpm.sock;
fastcgi_pass php:9000;
# CONFIG:
# replace "/var/www/tkr" with the directory you extracted the .zip file to (if different)
fastcgi_param SCRIPT_FILENAME /var/www/tkr/public/index.php;
include fastcgi_params;
@ -82,10 +86,14 @@ server {
# Fallback for /tkr routing - all non-file requests (e.g. /login) go to index.php
location @tkr_fallback {
# CONFIG:
# If you're running php-fpm on the same server as nginx,
# then change this to the local php-fpm socket
# e.g. fastcgi_pass unix:/run/php/php8.2-fpm.sock;
fastcgi_pass php:9000;
# CONFIG:
# replace "/var/www/tkr" with the directory you extracted the .zip file to (if different)
fastcgi_param SCRIPT_FILENAME /var/www/tkr/public/index.php;
include fastcgi_params;
@ -100,3 +108,10 @@ server {
return 404;
}
}
server {
listen 80 default_server;
listen [::]:80 default_server;
return 301 https://$host$request_uri;
}

View File

@ -1,20 +1,22 @@
# Example nginx config
# for serving tkr as a subdfolder without SSL
# e.g. http://my-domain.com/tkr
# for serving tkr as a subdfolder with SSL
# e.g. https://my-domain.com/tkr
#
# NOTE: Do not use in production.
# This is provided for docker compose
# (The included docker-compose file will mount it in the container image)
# Use SSL in production.
# This is a minimal SSL confiuration
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
server {
listen 80 default_server;
listen [::]:80 default_server;
listen 443 ssl;
listen [::]:443 ssl;
# replace localhost with your subdomain
# e.g. tkr.my-domain.com
# CONFIG: Replace localhost with your domain e.g. my-domain.com
server_name localhost;
root /var/www/html;
index index.html;
# CONFIG:
# Assumes you're using letsencrypt for cert generation
# Replace with the actual paths to your cert and key
ssl_certificate /etc/letsencrypt/live/my-domain.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/my-domain.com/privkey.pem;
# Security headers
# The first rule is to prevent including in a frame on a different domain.
@ -32,6 +34,8 @@ server {
# PHP routing - everything under /tkr goes through index.php
location /tkr {
# CONFIG:
# replace "/var/www/tkr" with the directory you extracted the .zip file to (if different)
alias /var/www/tkr/public;
index index.php;
@ -42,16 +46,7 @@ server {
# I've excluded /css/custom so that requests for uploaded css can be handled by the PHP app.
# That lets me store uploaded content outside of the document root,
# so it isn't served directly.
# CSS files - 1 hour cache
location ~* ^/tkr/(?!css/custom/).+\.css$ {
expires 1h;
add_header Cache-Control "public";
try_files $uri =404;
}
# Other static assets - 1 year cache
location ~* ^/tkr/.+\.(js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
location ~* ^/tkr/(?!css/custom/).+\.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
expires 1y;
add_header Cache-Control "public, immutable";
try_files $uri =404;
@ -62,7 +57,14 @@ server {
# But if someone tries to directly access index.php, that file will throw a 404
# so bots and scanners can't tell this is a php app
location = /tkr/index.php {
# CONFIG:
# If you're running php-fpm on the same server as nginx,
# then change this to the local php-fpm socket
# e.g. fastcgi_pass unix:/run/php/php8.2-fpm.sock;
fastcgi_pass php:9000;
# CONFIG:
# replace "/var/www/tkr" with the directory you extracted the .zip file to (if different)
fastcgi_param SCRIPT_FILENAME /var/www/tkr/public/index.php;
include fastcgi_params;
@ -84,7 +86,15 @@ server {
# Fallback for /tkr routing - all non-file requests (e.g. /login) go to index.php
location @tkr_fallback {
# CONFIG:
# If you're running php-fpm on the same server as nginx,
# then change this to the local php-fpm socket
# e.g. fastcgi_pass unix:/run/php/php8.2-fpm.sock;
fastcgi_pass php:9000;
# CONFIG:
# replace "/var/www/tkr" with the directory you extracted the .zip file to (if different)
fastcgi_param SCRIPT_FILENAME /var/www/tkr/public/index.php;
fastcgi_param SCRIPT_FILENAME /var/www/tkr/public/index.php;
include fastcgi_params;
@ -98,4 +108,11 @@ server {
deny all;
return 404;
}
}
}
server {
listen 80 default_server;
listen [::]:80 default_server;
return 301 https://$host$request_uri;
}