Greg Sarjeant
86abf587f6
Reviewed-on: https://gitea.subcultureofone.org/greg/tkr/pulls/65 Co-authored-by: Greg Sarjeant <greg@subcultureofone.org> Co-committed-by: Greg Sarjeant <greg@subcultureofone.org>
52 lines
1.4 KiB
Nginx Configuration File
52 lines
1.4 KiB
Nginx Configuration File
# Basic nginx config for tkr
|
|
# Replace "your-domain.com" with your actual domain
|
|
# Replace "/var/www/tkr" with your installation path
|
|
|
|
# HTTP - redirect to HTTPS
|
|
server {
|
|
listen 80;
|
|
listen [::]:80;
|
|
server_name your-domain.com;
|
|
return 301 https://$host$request_uri;
|
|
}
|
|
|
|
# HTTPS
|
|
server {
|
|
listen 443 ssl;
|
|
listen [::]:443 ssl;
|
|
|
|
server_name your-domain.com;
|
|
root /var/www/tkr/public;
|
|
index index.php;
|
|
|
|
# SSL Configuration (using Let's Encrypt)
|
|
ssl_certificate /etc/letsencrypt/live/your-domain.com/fullchain.pem;
|
|
ssl_certificate_key /etc/letsencrypt/live/your-domain.com/privkey.pem;
|
|
|
|
# Block access to sensitive directories
|
|
location ~ ^/(storage|src|templates|config) {
|
|
deny all;
|
|
return 404;
|
|
}
|
|
|
|
# Block access to hidden files
|
|
location ~ /\. {
|
|
deny all;
|
|
}
|
|
|
|
# Front controller pattern - route everything through index.php
|
|
location / {
|
|
try_files $uri $uri/ @tkr;
|
|
}
|
|
|
|
# Handle PHP requests
|
|
location @tkr {
|
|
fastcgi_pass unix:/run/php/php8.2-fpm.sock; # Adjust PHP version as needed
|
|
fastcgi_param SCRIPT_FILENAME /var/www/tkr/public/index.php;
|
|
include fastcgi_params;
|
|
fastcgi_param REQUEST_METHOD $request_method;
|
|
fastcgi_param REQUEST_URI $request_uri;
|
|
fastcgi_param QUERY_STRING $query_string;
|
|
}
|
|
}
|