Finish README. Separate docker configs from example configs.
This commit is contained in:
parent
a3a6471ced
commit
4bd65daf5d
58
README.md
58
README.md
@ -2,7 +2,28 @@
|
||||
|
||||
A lightweight, HTML-only status feed for self-hosted personal websites. Written in PHP. Heavily inspired by [status.cafe](https://status.cafe).
|
||||
|
||||

|
||||
## Screenshots
|
||||
|
||||
### Mobile
|
||||
|
||||
<img src="https://subcultureofone.org/images/tkr/tkr-logged-out-mobile.png"
|
||||
alt="tkr logged out view - mobile"
|
||||
width="40%" height="40%">
|
||||
<img src="https://subcultureofone.org/images/tkr/tkr-logged-in-mobile.png"
|
||||
alt="tkr logged in view - mobile"
|
||||
width="40%" height="40%">
|
||||
|
||||
### Desktop
|
||||
|
||||
<img src="https://subcultureofone.org/images/tkr/tkr-logged-out-desktop.png"
|
||||
alt="tkr logged in view - desktop"
|
||||
width="60%" height="60%">
|
||||
|
||||
<img src="https://subcultureofone.org/images/tkr/tkr-logged-in-desktop.png"
|
||||
alt="tkr logged in view - desktop"
|
||||
width="60%" height="60%">
|
||||
|
||||
|
||||
|
||||
## Features
|
||||
|
||||
@ -11,6 +32,8 @@ A lightweight, HTML-only status feed for self-hosted personal websites. Written
|
||||
* CSS uploads for custom theming
|
||||
* Custom emoji to personalize moods (unicode only)
|
||||
|
||||
I'm trying to make sure that the HTML is both semantically valid and accessible, but I have a lot to learn about both. If you see something I should fix, please let me know!
|
||||
|
||||
## Prerequisites
|
||||
|
||||
* A web server with PHP support, such as:
|
||||
@ -27,18 +50,25 @@ A lightweight, HTML-only status feed for self-hosted personal websites. Written
|
||||
1. Copy the `tkr` directory to the location you want to serve it from
|
||||
* on debian-based systems, `/var/www/tkr` is recommended
|
||||
1. Make the `storage` directory writable by the web server account.
|
||||
* For example, on nginx on debian-based distributions:
|
||||
```sh
|
||||
chown www-data:www-data /path/to/tkr/storage
|
||||
chmod 0770 /path/to/tkr/storage
|
||||
```
|
||||
1. Add the necessary web server configuration
|
||||
* Examples for common deployment scenarios, including documentation, are in the examples directory.
|
||||
1. Add the necessary web server configuration.
|
||||
* Examples for common scenarios can be found in the [examples](./examples) directory.
|
||||
* Apache VPS, subdomain (e.g. `https://tkr.your-domain.com`): [examples/apache/vps/root](./examples/apache/vps/root)
|
||||
* Apache VPS, subfolder (e.g. `https://your-domain.com/tkr`): [examples/apache/vps/subfolder](./examples/apache/vps/subfolder)
|
||||
* Nginx VPS, subdomain (e.g. `https://tkr.your-domain.com`): [examples/nginx/root](./examples/nginx/root)
|
||||
* Nginx VPS, subfolder (e.g. `https://your-domain.com/tkr`): [examples/nginx/subfolder](./examples/nginx/subfolder)
|
||||
* Any values that need to be configured for your environment are labeled with `CONFIG`.
|
||||
* The SSL configurations are basic, but should work. For more robust SSL configurations, see https://ssl-config.mozilla.org
|
||||
|
||||
## From git
|
||||
|
||||
### From git
|
||||
|
||||
If you'd prefer to install from git:
|
||||
|
||||
1. Clone this directoryand copy the `/tkr` directory to your web server.
|
||||
1. Clone this directory and copy the `/tkr` directory to your web server.
|
||||
* Required subdirectories are:
|
||||
1. `config`
|
||||
1. `public`
|
||||
@ -46,7 +76,7 @@ If you'd prefer to install from git:
|
||||
1. `storage`
|
||||
1. `templates`
|
||||
* Exclude the other directories
|
||||
2. Follow the main installation from step 2.
|
||||
2. Follow the main installation from step 4.
|
||||
|
||||
## Initial configuration
|
||||
|
||||
@ -71,7 +101,7 @@ The document root should be `/PATH/TO/tkr/public`. This will ensure that only th
|
||||
There is an `.htaccess` file in the `tkr/` root directory. It's designed for the following installation scenario:
|
||||
|
||||
* shared hosting
|
||||
* `tkr/` is deployed installed to `tkr/` under your web root. (e.g. `public_html/tkr`).
|
||||
* `tkr/` is installed to `tkr/` under your web root. (e.g. `public_html/tkr`).
|
||||
* `tkr/public` is the document root
|
||||
* The other application directories are blocked both by `tkr/.htaccess` and by `.htaccess` files in the directories themselves. These are:
|
||||
* `tkr/config`
|
||||
@ -80,16 +110,12 @@ There is an `.htaccess` file in the `tkr/` root directory. It's designed for the
|
||||
* `tkr/storage`
|
||||
* `tkr/templates`
|
||||
|
||||
There are example configurations for other common scenarios in the [examples](./examples) directory.
|
||||
|
||||
* Apache VPS, subdomain (e.g. `https://tkr.your-domain.com`): [examples/apache/vps/root](./examples/apache/vps/subdomain)
|
||||
* Apache VPS, subfolder (e.g. `https://your-domain.com/tkr`): [examples/apache/vps/subfolder](./examples/apache/vps/subfolder)
|
||||
* Nginx VPS, subdomain (e.g. `https://tkr.your-domain.com`): [examples/nginx/root](./examples/nginx/subfolder)
|
||||
* Nginx VPS, subfolder (e.g. `https://your-domain.com/tkr`): [examples/nginx/subfolder](./examples/nginx/subfolder)
|
||||
|
||||
### Docker compose
|
||||
|
||||
The example directories contain docker-compose.yml files for the different configurations. To run tkr locally on your machine, copy the docker-compose file you're interested in to `tkr/` and run `docker compose up`.
|
||||
The [docker](./docker) directory contains docker-compose.yml files and web server configs for some different server configurations. For simplicity, these do not use SSL.
|
||||
|
||||
To run tkr locally on your machine, copy the docker-compose file you're interested in to `tkr/` and run `docker compose up`.
|
||||
|
||||
## Storage
|
||||
|
||||
@ -109,7 +135,7 @@ For illustration, here's a sample from the file `/tkr/storage/ticks/2025/05/25`
|
||||
|
||||
### SQLite Database
|
||||
|
||||
tkr stores profile information, custom emojis, and uploaded css metadata in a SQLite database located at `tkr/storage/db`.
|
||||
tkr stores profile information, custom emojis, and uploaded css metadata in a SQLite database located at `tkr/storage/db/tkr.sqlite`.
|
||||
|
||||
You don't have to do any database setup. The database is automatically created and initialized on first run.
|
||||
|
||||
|
49
docker/apache/shared-hosting/.htaccess
Normal file
49
docker/apache/shared-hosting/.htaccess
Normal file
@ -0,0 +1,49 @@
|
||||
# Example Apache VirtualHost
|
||||
# for serving tkr as a subdirectory path
|
||||
# on shared hosting via .htaccess
|
||||
#
|
||||
# e.g. http://www.my-domain.com/tkr
|
||||
#
|
||||
# This should work without modification if you extract the app
|
||||
# to /tkr from your web document root
|
||||
|
||||
# Enable mod_rewrite
|
||||
RewriteEngine On
|
||||
|
||||
# Security headers
|
||||
Header always set X-Frame-Options "SAMEORIGIN"
|
||||
Header always set X-XSS-Protection "1; mode=block"
|
||||
Header always set X-Content-Type-Options "nosniff"
|
||||
|
||||
# Directory index
|
||||
DirectoryIndex public/index.php
|
||||
|
||||
# Security: Block direct access to .php files (except through rewrites)
|
||||
RewriteCond %{THE_REQUEST} \s/[^?\s]*\.php[\s?] [NC]
|
||||
RewriteRule ^.*$ - [R=404,L]
|
||||
|
||||
# Security: Block access to sensitive directories
|
||||
RewriteRule ^(storage|src|templates|examples|config)(/.*)?$ - [F,L]
|
||||
|
||||
# Security: Block access to hidden files
|
||||
RewriteRule ^\..*$ - [F,L]
|
||||
|
||||
# Cache CSS files for 1 hour
|
||||
<FilesMatch "\.css$">
|
||||
Header set Cache-Control "public, max-age=3600"
|
||||
</FilesMatch>
|
||||
|
||||
# Serve the one static file that exists: css/tkr.css
|
||||
# (Pass requests to css/custom/ through to the PHP app)
|
||||
RewriteCond %{REQUEST_URI} !^/css/custom/
|
||||
RewriteRule ^css/tkr\.css$ public/css/tkr.css [L]
|
||||
|
||||
# 404 all other static files (images, js, fonts, etc.)
|
||||
# so those requests don't hit the PHP app
|
||||
# (this is to reduce load on the PHP app from bots and scanners)
|
||||
RewriteRule \.(js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot|pdf|zip|mp3|mp4|avi|mov)$ - [R=404,L]
|
||||
|
||||
# Everything else goes to the front controller
|
||||
RewriteCond %{REQUEST_FILENAME} !-f
|
||||
RewriteCond %{REQUEST_FILENAME} !-d
|
||||
RewriteRule ^(.*)$ public/index.php [L]
|
@ -10,7 +10,7 @@ services:
|
||||
- ./src:/var/www/html/tkr/src
|
||||
- ./storage:/var/www/html/tkr/storage
|
||||
- ./templates:/var/www/html/tkr/templates
|
||||
- ./examples/apache/shared-hosting/.htaccess:/var/www/html/tkr/.htaccess
|
||||
- ./docker/apache/shared-hosting/.htaccess:/var/www/html/tkr/.htaccess
|
||||
command: >
|
||||
bash -c "a2enmod rewrite headers expires &&
|
||||
apache2-foreground &&
|
@ -10,7 +10,7 @@ services:
|
||||
- ./src:/var/www/tkr/src
|
||||
- ./storage:/var/www/tkr/storage
|
||||
- ./templates:/var/www/tkr/templates
|
||||
- ./examples/apache/vps/root/tkr.my-domain.com.conf:/etc/apache2/sites-enabled/tkr.my-domain.com.conf
|
||||
- ./docker/apache/vps/root/tkr.my-domain.com.conf:/etc/apache2/sites-enabled/tkr.my-domain.com.conf
|
||||
command: >
|
||||
bash -c "a2enmod rewrite headers expires &&
|
||||
apache2-foreground &&
|
@ -1,29 +1,13 @@
|
||||
# Example Apache VirtualHost
|
||||
# for serving tkr as a subdomain root with SSL
|
||||
# e.g. https://tkr.my-domain.com/
|
||||
# for serving tkr as a subdomain root without SSL
|
||||
# e.g. http://tkr.my-domain.com/
|
||||
#
|
||||
# Use SSL in production.
|
||||
# This is a minimal SSL confiuration
|
||||
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
|
||||
# NOTE: Do not use in production.
|
||||
# This is provided for docker compose
|
||||
# (The included docker-compose file will mount it in the container image)
|
||||
<VirtualHost *:80>
|
||||
# Replace localhost with your subdomain, e.g. tkr.my-domain.com
|
||||
ServerName localhost
|
||||
DocumentRoot /var/www/tkr/public
|
||||
# Redirect HTTP to HTTPS
|
||||
Redirect permanent / https://tkr.my-domain.com/
|
||||
</VirtualHost>
|
||||
|
||||
<VirtualHost *:443>
|
||||
ServerName localhost
|
||||
DocumentRoot /var/www/tkr/public
|
||||
|
||||
# SSL Configuration
|
||||
SSLEngine on
|
||||
|
||||
# Assumes you're using letsencrypt for cert generation
|
||||
# Replace with the actual paths to your cert and key
|
||||
SSLCertificateFile /etc/letsencrypt/live/tkr.my-domain.com/fullchain.pem
|
||||
SSLCertificateKeyFile /etc/letsencrypt/live/tkr.my-domain.com/privkey.pem
|
||||
|
||||
# Security headers
|
||||
Header always set X-Frame-Options "SAMEORIGIN"
|
@ -10,7 +10,7 @@ services:
|
||||
- ./src:/var/www/tkr/src
|
||||
- ./storage:/var/www/tkr/storage
|
||||
- ./templates:/var/www/tkr/templates
|
||||
- ./examples/apache/vps/subfolder/my-domain.com.conf:/etc/apache2/sites-enabled/my-domain.com.conf
|
||||
- ./docker/apache/vps/subfolder/my-domain.com.conf:/etc/apache2/sites-enabled/my-domain.com.conf
|
||||
command: >
|
||||
bash -c "a2enmod rewrite headers expires &&
|
||||
a2dissite 000-default &&
|
@ -1,30 +1,13 @@
|
||||
# Example Apache VirtualHost
|
||||
# for serving tkr as a subdirectory path with SSL
|
||||
# e.g. https://www.my-domain.com/tkr
|
||||
# for serving tkr as a subdirectory path without SSL
|
||||
# e.g. http://www.my-domain.com/tkr
|
||||
#
|
||||
# Use SSL in production.
|
||||
# This is a minimal SSL confiuration
|
||||
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
|
||||
# NOTE: Do not use in production.
|
||||
# This is provided for docker compose
|
||||
# (The included docker-compose file will mount it in the container image)
|
||||
<VirtualHost *:80>
|
||||
# Replace localhost with your subdomain, e.g. tkr.my-domain.com
|
||||
ServerName localhost
|
||||
DocumentRoot /var/www/html
|
||||
# Redirect HTTP to HTTPS
|
||||
Redirect permanent / https://my-domain.com/
|
||||
</VirtualHost>
|
||||
|
||||
<VirtualHost *:443>
|
||||
# Replace localhost with your subdomain, e.g. tkr.my-domain.com
|
||||
ServerName localhost
|
||||
DocumentRoot /var/www/html
|
||||
|
||||
# SSL Configuration
|
||||
SSLEngine on
|
||||
|
||||
# Assumes you're using letsencrypt for cert generation
|
||||
# Replace with the actual paths to your cert and key
|
||||
SSLCertificateFile /etc/letsencrypt/live/my-domain.com/fullchain.pem
|
||||
SSLCertificateKeyFile /etc/letsencrypt/live/my-domain.com/privkey.pem
|
||||
|
||||
# Security headers
|
||||
Header always set X-Frame-Options "SAMEORIGIN"
|
@ -6,7 +6,7 @@ services:
|
||||
- "80:80"
|
||||
volumes:
|
||||
- ./public:/var/www/tkr/public
|
||||
- ./examples/nginx/root/nginx.conf:/etc/nginx/conf.d/default.conf
|
||||
- ./docker/nginx/root/nginx.conf:/etc/nginx/conf.d/default.conf
|
||||
depends_on:
|
||||
- php
|
||||
restart: unless-stopped
|
@ -1,23 +1,14 @@
|
||||
# Example nginx config
|
||||
# for serving tkr as a subdomain with SSL
|
||||
# e.g. https://tkr.my-domain.com/
|
||||
# for serving tkr as a subdomain without SSL
|
||||
# e.g. http://tkr.my-domain.com/
|
||||
#
|
||||
# Use SSL in production.
|
||||
# This is a minimal SSL confiuration
|
||||
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
|
||||
# NOTE: Do not use in production.
|
||||
# This is provided for docker compose
|
||||
# (The included docker-compose file will mount it in the container image)
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
# replace localhost with your subdomain
|
||||
# e.g. tkr.my-domain.com
|
||||
listen 80;
|
||||
server_name localhost;
|
||||
|
||||
# Assumes you're using letsencrypt for cert generation
|
||||
# Replace with the actual paths to your cert and key
|
||||
ssl_certificate /etc/letsencrypt/live/tkr.my-domain.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/tkr.my-domain.com/privkey.pem;
|
||||
|
||||
root /var/www/tkr/public;
|
||||
index index.php;
|
||||
|
||||
@ -44,7 +35,16 @@ server {
|
||||
# I've excluded /css/custom so that requests for uploaded css can be handled by the PHP app.
|
||||
# That lets me store uploaded content outside of the document root,
|
||||
# so it isn't served directly.
|
||||
location ~* ^/(?!css/custom/).+\.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
|
||||
|
||||
# CSS files - 1 hour cache
|
||||
location ~* ^/(?!css/custom/).+\.css$ {
|
||||
expires 1h;
|
||||
add_header Cache-Control "public";
|
||||
try_files $uri =404;
|
||||
}
|
||||
|
||||
# Other static assets - 1 year cache
|
||||
location ~* ^/.+\.(js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
|
||||
expires 1y;
|
||||
add_header Cache-Control "public, immutable";
|
||||
try_files $uri =404;
|
||||
@ -98,10 +98,3 @@ server {
|
||||
return 404;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
@ -6,7 +6,7 @@ services:
|
||||
- "80:80"
|
||||
volumes:
|
||||
- ./public:/var/www/tkr/public
|
||||
- ./examples/nginx/subfolder/nginx.conf:/etc/nginx/conf.d/default.conf
|
||||
- ./docker/nginx/subfolder/nginx.conf:/etc/nginx/conf.d/default.conf
|
||||
depends_on:
|
||||
- php
|
||||
restart: unless-stopped
|
@ -1,16 +1,16 @@
|
||||
# Example nginx config
|
||||
# for serving tkr as a subdfolder with SSL
|
||||
# e.g. https://my-domain.com/tkr
|
||||
# for serving tkr as a subdfolder without SSL
|
||||
# e.g. http://my-domain.com/tkr
|
||||
#
|
||||
# Use SSL in production.
|
||||
# This is a minimal SSL confiuration
|
||||
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
|
||||
# NOTE: Do not use in production.
|
||||
# This is provided for docker compose
|
||||
# (The included docker-compose file will mount it in the container image)
|
||||
server {
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
|
||||
# Replace localhost with your domain
|
||||
# e.g. my-domain.com
|
||||
# replace localhost with your subdomain
|
||||
# e.g. tkr.my-domain.com
|
||||
server_name localhost;
|
||||
|
||||
root /var/www/html;
|
||||
@ -42,7 +42,16 @@ server {
|
||||
# I've excluded /css/custom so that requests for uploaded css can be handled by the PHP app.
|
||||
# That lets me store uploaded content outside of the document root,
|
||||
# so it isn't served directly.
|
||||
location ~* ^/tkr/(?!css/custom/).+\.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
|
||||
|
||||
# CSS files - 1 hour cache
|
||||
location ~* ^/tkr/(?!css/custom/).+\.css$ {
|
||||
expires 1h;
|
||||
add_header Cache-Control "public";
|
||||
try_files $uri =404;
|
||||
}
|
||||
|
||||
# Other static assets - 1 year cache
|
||||
location ~* ^/tkr/.+\.(js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
|
||||
expires 1y;
|
||||
add_header Cache-Control "public, immutable";
|
||||
try_files $uri =404;
|
||||
@ -89,11 +98,4 @@ server {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
}
|
@ -1,14 +1,32 @@
|
||||
# Example Apache VirtualHost
|
||||
# for serving tkr as a subdomain root without SSL
|
||||
# e.g. http://tkr.my-domain.com/
|
||||
# for serving tkr as a subdomain root with SSL
|
||||
# e.g. https://tkr.my-domain.com/
|
||||
#
|
||||
# NOTE: Do not use in production.
|
||||
# This is provided for docker compose
|
||||
# (The included docker-compose file will mount it in the container image)
|
||||
# Use SSL in production.
|
||||
# This is a minimal SSL confiuration
|
||||
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
|
||||
<VirtualHost *:80>
|
||||
# Replace localhost with your subdomain, e.g. tkr.my-domain.com
|
||||
# CONFIG: Replace localhost with your subdomain, e.g. tkr.my-domain.com
|
||||
ServerName localhost
|
||||
# CONFIG: Replace localhost with your subdomain, e.g. tkr.my-domain.com
|
||||
DocumentRoot /var/www/tkr/public
|
||||
# Redirect HTTP to HTTPS
|
||||
Redirect permanent / https://tkr.my-domain.com/
|
||||
</VirtualHost>
|
||||
|
||||
<VirtualHost *:443>
|
||||
# CONFIG: Replace localhost with your subdomain, e.g. tkr.my-domain.com
|
||||
ServerName localhost
|
||||
# CONFIG: Replace localhost with your subdomain, e.g. tkr.my-domain.com
|
||||
DocumentRoot /var/www/tkr/public
|
||||
|
||||
# SSL Configuration
|
||||
SSLEngine on
|
||||
|
||||
# Assumes you're using letsencrypt for cert generation
|
||||
# Replace with the actual paths to your cert and key
|
||||
SSLCertificateFile /etc/letsencrypt/live/tkr.my-domain.com/fullchain.pem
|
||||
SSLCertificateKeyFile /etc/letsencrypt/live/tkr.my-domain.com/privkey.pem
|
||||
|
||||
# Security headers
|
||||
Header always set X-Frame-Options "SAMEORIGIN"
|
||||
|
@ -1,14 +1,32 @@
|
||||
# Example Apache VirtualHost
|
||||
# for serving tkr as a subdirectory path without SSL
|
||||
# e.g. http://www.my-domain.com/tkr
|
||||
# for serving tkr as a subdirectory path with SSL
|
||||
# e.g. https://www.my-domain.com/tkr
|
||||
#
|
||||
# NOTE: Do not use in production.
|
||||
# This is provided for docker compose
|
||||
# (The included docker-compose file will mount it in the container image)
|
||||
# Use SSL in production.
|
||||
# This is a minimal SSL confiuration
|
||||
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
|
||||
<VirtualHost *:80>
|
||||
# Replace localhost with your subdomain, e.g. tkr.my-domain.com
|
||||
# CONFIG: Replace localhost with your subdomain, e.g. tkr.my-domain.com
|
||||
ServerName localhost
|
||||
DocumentRoot /var/www/html
|
||||
# CONFIG: Replace with your subdomain, e.g. tkr.my-domain.com
|
||||
DocumentRoot /var/www/tkr
|
||||
# Redirect HTTP to HTTPS
|
||||
Redirect permanent / https://my-domain.com/
|
||||
</VirtualHost>
|
||||
|
||||
<VirtualHost *:443>
|
||||
# CONFIG: Replace localhost with your subdomain, e.g. tkr.my-domain.com
|
||||
ServerName localhost
|
||||
# CONFIG: Replace with your subdomain, e.g. tkr.my-domain.com
|
||||
DocumentRoot /var/www/tkr/
|
||||
|
||||
# SSL Configuration
|
||||
SSLEngine on
|
||||
|
||||
# Assumes you're using letsencrypt for cert generation
|
||||
# Replace with the actual paths to your cert and key
|
||||
SSLCertificateFile /etc/letsencrypt/live/my-domain.com/fullchain.pem
|
||||
SSLCertificateKeyFile /etc/letsencrypt/live/my-domain.com/privkey.pem
|
||||
|
||||
# Security headers
|
||||
Header always set X-Frame-Options "SAMEORIGIN"
|
||||
|
@ -1,19 +1,28 @@
|
||||
# Example nginx config
|
||||
# for serving tkr as a subdomain without SSL
|
||||
# e.g. http://tkr.my-domain.com/
|
||||
# for serving tkr as a subdomain with SSL
|
||||
# e.g. https://tkr.my-domain.com/
|
||||
#
|
||||
# NOTE: Do not use in production.
|
||||
# This is provided for docker compose
|
||||
# (The included docker-compose file will mount it in the container image)
|
||||
# Use SSL in production.
|
||||
# This is a minimal SSL confiuration
|
||||
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
|
||||
server {
|
||||
listen 80;
|
||||
# replace localhost with your subdomain
|
||||
# e.g. tkr.my-domain.com
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
# CONFIG: replace "localhost" with your subdomain (e.g. tkr.my-domain.com)
|
||||
server_name localhost;
|
||||
|
||||
# CONFIG:
|
||||
# replace "/var/www/tkr" with the directory you extracted the .zip file to (if different)
|
||||
root /var/www/tkr/public;
|
||||
index index.php;
|
||||
|
||||
# CONFIG:
|
||||
# Assumes you're using letsencrypt for cert generation
|
||||
# Replace with the actual paths to your cert and key
|
||||
ssl_certificate /etc/letsencrypt/live/tkr.my-domain.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/tkr.my-domain.com/privkey.pem;
|
||||
|
||||
# Security headers
|
||||
# The first rule is to prevent including in a frame on a different domain.
|
||||
# Remove it if you want to do that.
|
||||
@ -37,16 +46,7 @@ server {
|
||||
# I've excluded /css/custom so that requests for uploaded css can be handled by the PHP app.
|
||||
# That lets me store uploaded content outside of the document root,
|
||||
# so it isn't served directly.
|
||||
|
||||
# CSS files - 1 hour cache
|
||||
location ~* ^/(?!css/custom/).+\.css$ {
|
||||
expires 1h;
|
||||
add_header Cache-Control "public";
|
||||
try_files $uri =404;
|
||||
}
|
||||
|
||||
# Other static assets - 1 year cache
|
||||
location ~* ^/.+\.(js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
|
||||
location ~* ^/(?!css/custom/).+\.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
|
||||
expires 1y;
|
||||
add_header Cache-Control "public, immutable";
|
||||
try_files $uri =404;
|
||||
@ -57,10 +57,14 @@ server {
|
||||
# But if someone tries to directly access index.php, that file will throw a 404
|
||||
# so bots and scanners can't tell this is a php app
|
||||
location = /index.php {
|
||||
# CONFIG:
|
||||
# If you're running php-fpm on the same server as nginx,
|
||||
# then change this to the local php-fpm socket
|
||||
# e.g. fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
||||
fastcgi_pass php:9000;
|
||||
|
||||
# CONFIG:
|
||||
# replace "/var/www/tkr" with the directory you extracted the .zip file to (if different)
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/tkr/public/index.php;
|
||||
include fastcgi_params;
|
||||
|
||||
@ -82,10 +86,14 @@ server {
|
||||
|
||||
# Fallback for /tkr routing - all non-file requests (e.g. /login) go to index.php
|
||||
location @tkr_fallback {
|
||||
# CONFIG:
|
||||
# If you're running php-fpm on the same server as nginx,
|
||||
# then change this to the local php-fpm socket
|
||||
# e.g. fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
||||
fastcgi_pass php:9000;
|
||||
|
||||
# CONFIG:
|
||||
# replace "/var/www/tkr" with the directory you extracted the .zip file to (if different)
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/tkr/public/index.php;
|
||||
include fastcgi_params;
|
||||
|
||||
@ -100,3 +108,10 @@ server {
|
||||
return 404;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
@ -1,20 +1,22 @@
|
||||
# Example nginx config
|
||||
# for serving tkr as a subdfolder without SSL
|
||||
# e.g. http://my-domain.com/tkr
|
||||
# for serving tkr as a subdfolder with SSL
|
||||
# e.g. https://my-domain.com/tkr
|
||||
#
|
||||
# NOTE: Do not use in production.
|
||||
# This is provided for docker compose
|
||||
# (The included docker-compose file will mount it in the container image)
|
||||
# Use SSL in production.
|
||||
# This is a minimal SSL confiuration
|
||||
# For more robust SSL configuration, refer to https://ssl-config.mozilla.org/
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
listen 443 ssl;
|
||||
listen [::]:443 ssl;
|
||||
|
||||
# replace localhost with your subdomain
|
||||
# e.g. tkr.my-domain.com
|
||||
# CONFIG: Replace localhost with your domain e.g. my-domain.com
|
||||
server_name localhost;
|
||||
|
||||
root /var/www/html;
|
||||
index index.html;
|
||||
# CONFIG:
|
||||
# Assumes you're using letsencrypt for cert generation
|
||||
# Replace with the actual paths to your cert and key
|
||||
ssl_certificate /etc/letsencrypt/live/my-domain.com/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/my-domain.com/privkey.pem;
|
||||
|
||||
# Security headers
|
||||
# The first rule is to prevent including in a frame on a different domain.
|
||||
@ -32,6 +34,8 @@ server {
|
||||
|
||||
# PHP routing - everything under /tkr goes through index.php
|
||||
location /tkr {
|
||||
# CONFIG:
|
||||
# replace "/var/www/tkr" with the directory you extracted the .zip file to (if different)
|
||||
alias /var/www/tkr/public;
|
||||
index index.php;
|
||||
|
||||
@ -42,16 +46,7 @@ server {
|
||||
# I've excluded /css/custom so that requests for uploaded css can be handled by the PHP app.
|
||||
# That lets me store uploaded content outside of the document root,
|
||||
# so it isn't served directly.
|
||||
|
||||
# CSS files - 1 hour cache
|
||||
location ~* ^/tkr/(?!css/custom/).+\.css$ {
|
||||
expires 1h;
|
||||
add_header Cache-Control "public";
|
||||
try_files $uri =404;
|
||||
}
|
||||
|
||||
# Other static assets - 1 year cache
|
||||
location ~* ^/tkr/.+\.(js|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
|
||||
location ~* ^/tkr/(?!css/custom/).+\.(js|css|png|jpg|jpeg|gif|ico|svg|woff|woff2|ttf|eot)$ {
|
||||
expires 1y;
|
||||
add_header Cache-Control "public, immutable";
|
||||
try_files $uri =404;
|
||||
@ -62,7 +57,14 @@ server {
|
||||
# But if someone tries to directly access index.php, that file will throw a 404
|
||||
# so bots and scanners can't tell this is a php app
|
||||
location = /tkr/index.php {
|
||||
# CONFIG:
|
||||
# If you're running php-fpm on the same server as nginx,
|
||||
# then change this to the local php-fpm socket
|
||||
# e.g. fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
||||
fastcgi_pass php:9000;
|
||||
|
||||
# CONFIG:
|
||||
# replace "/var/www/tkr" with the directory you extracted the .zip file to (if different)
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/tkr/public/index.php;
|
||||
include fastcgi_params;
|
||||
|
||||
@ -84,7 +86,15 @@ server {
|
||||
|
||||
# Fallback for /tkr routing - all non-file requests (e.g. /login) go to index.php
|
||||
location @tkr_fallback {
|
||||
# CONFIG:
|
||||
# If you're running php-fpm on the same server as nginx,
|
||||
# then change this to the local php-fpm socket
|
||||
# e.g. fastcgi_pass unix:/run/php/php8.2-fpm.sock;
|
||||
fastcgi_pass php:9000;
|
||||
|
||||
# CONFIG:
|
||||
# replace "/var/www/tkr" with the directory you extracted the .zip file to (if different)
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/tkr/public/index.php;
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/tkr/public/index.php;
|
||||
include fastcgi_params;
|
||||
|
||||
@ -98,4 +108,11 @@ server {
|
||||
deny all;
|
||||
return 404;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80 default_server;
|
||||
listen [::]:80 default_server;
|
||||
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
Loading…
x
Reference in New Issue
Block a user