search

eureka2 / G6K

Generator of calculation simulator (calculator)
MIT License
20 stars 19 forks source link

NGinx #13

Closed richpeck closed 4 years ago

richpeck commented 5 years ago

Not sure whether this is still applicable with the latest release, but it took me some time to get set up on NGinx (didn't realize that /admin was routed through /app_admin.php)...

# /etc/nginx/sites-enabled/your-site.com

##########################################
##########################################

##            your-site.com             ##

##########################################
##########################################

##   General server setup in default    ##

##########################################
##########################################

## Apex to WWW ##
## HTTPS ##
server {

  ## Native ##
  # listen 80;
  # listen [::]:80;

  ## Ports ##
  listen 443 ssl;
  listen [::]:443 ssl;

  ## Domain ##
  server_name g6k.your-site.com;

  ## Root ##
  root /var/www/calcul;

  ## Location ##
  rewrite ^/app\.php/?(.*)$ /$1 permanent;

  ## PHP ##
  try_files $uri @rewriteapp;

  ## Admin ##
  location /admin {
    rewrite ^(.*)$ /app_admin.php/$1 last;
  }

  ## Main ##
  location @rewriteapp {
    rewrite ^(.*)$ /app.php/$1 last;
  }

  ## SSL ##
  include /etc/nginx/ssl.conf; # n'est pas necessaire

  ## Certs ##
  #ssl_certificate     /etc/letsencrypt/live/your-site.com/fullchain.pem;
  #ssl_certificate_key /etc/letsencrypt/live/your-site.com/privkey.pem;

  ## Symfony ##
  ## PRODUCTION ENV ##
  location ~ ^/(app|app_admin)\.php(/|$) {
    fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    # When you are using symlinks to link the document root to the
    # current version of your application, you should pass the real
    # application path instead of the path to the symlink to PHP
    # FPM.
    # Otherwise, PHP's OPcache may not properly detect changes to
    # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
    # for more information).
    fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
    fastcgi_param DOCUMENT_ROOT $realpath_root;
    # Prevents URIs that include the front controller. This will 404:
    # http://domain.tld/app.php/some-path
    # Remove the internal directive to allow URIs like this
    internal;
  }

  ## Favicons ##
  location = /favicon.ico {
    access_log     off;
    log_not_found  off;
  }

  # static file 404's aren't logged and expires header is set to maximum age
  location ~* \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
    access_log off;
    expires max;
  }

  ## PHP ##
  # return 404 for all other php files not matching the front controller
  # this prevents access to other php files you don't want to be accessible.
  location ~ \.php$ {
    return 404;
  }

  ## DENY ALL . FILES ##
  ## Don't need to use Apache's stuff in NGinx ##
  location ~ /\. {
    deny  all;
  }

  ## STATIC ASSETS ##
  ## Used to store images, CSS/JS etc ##
  location /(bundles|media) {
    access_log off;
    expires 30d;

    try_files $uri @rewriteapp;
  }

  ## LOGS ##
  error_log /var/log/nginx/g6k_error.log;
  access_log /var/log/nginx/g6k_access.log;

}

##########################################
##########################################

Would you want me to add to ReadMe?

richpeck commented 5 years ago

BTW if you're interested in seeing your work in the wild, here is an iframe implementation integrated with Shopify: https://carte-grise-pref.fr/products/carte-gris - I can explain the process if interested.

eureka2 commented 5 years ago

Not sure whether this is still applicable with the latest release, but it took me some time to get set up on NGinx (didn't realize that /admin was routed through /app_admin.php)...

# /etc/nginx/sites-enabled/your-site.com

##########################################
##########################################

##            your-site.com             ##

##########################################
##########################################

##   General server setup in default    ##

##########################################
##########################################

## Apex to WWW ##
## HTTPS ##
server {

  ## Native ##
  # listen 80;
  # listen [::]:80;

  ## Ports ##
  listen 443 ssl;
  listen [::]:443 ssl;

  ## Domain ##
  server_name g6k.your-site.com;

  ## Root ##
  root /var/www/calcul;

  ## Location ##
  rewrite ^/app\.php/?(.*)$ /$1 permanent;

  ## PHP ##
  try_files $uri @rewriteapp;

  ## Admin ##
  location /admin {
    rewrite ^(.*)$ /app_admin.php/$1 last;
  }

  ## Main ##
  location @rewriteapp {
    rewrite ^(.*)$ /app.php/$1 last;
  }

  ## SSL ##
  include /etc/nginx/ssl.conf; # n'est pas necessaire

  ## Certs ##
  #ssl_certificate     /etc/letsencrypt/live/your-site.com/fullchain.pem;
  #ssl_certificate_key /etc/letsencrypt/live/your-site.com/privkey.pem;

  ## Symfony ##
  ## PRODUCTION ENV ##
  location ~ ^/(app|app_admin)\.php(/|$) {
    fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    # When you are using symlinks to link the document root to the
    # current version of your application, you should pass the real
    # application path instead of the path to the symlink to PHP
    # FPM.
    # Otherwise, PHP's OPcache may not properly detect changes to
    # your PHP files (see https://github.com/zendtech/ZendOptimizerPlus/issues/126
    # for more information).
    fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
    fastcgi_param DOCUMENT_ROOT $realpath_root;
    # Prevents URIs that include the front controller. This will 404:
    # http://domain.tld/app.php/some-path
    # Remove the internal directive to allow URIs like this
    internal;
  }

  ## Favicons ##
  location = /favicon.ico {
    access_log     off;
    log_not_found  off;
  }

  # static file 404's aren't logged and expires header is set to maximum age
  location ~* \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
    access_log off;
    expires max;
  }

  ## PHP ##
  # return 404 for all other php files not matching the front controller
  # this prevents access to other php files you don't want to be accessible.
  location ~ \.php$ {
    return 404;
  }

  ## DENY ALL . FILES ##
  ## Don't need to use Apache's stuff in NGinx ##
  location ~ /\. {
    deny  all;
  }

  ## STATIC ASSETS ##
  ## Used to store images, CSS/JS etc ##
  location /(bundles|media) {
    access_log off;
    expires 30d;

    try_files $uri @rewriteapp;
  }

  ## LOGS ##
  error_log /var/log/nginx/g6k_error.log;
  access_log /var/log/nginx/g6k_access.log;

}

##########################################
##########################################

Would you want me to add to ReadMe?

Hi, you can add this in the 'Web server configuration' section of README

eureka2 commented 5 years ago

BTW if you're interested in seeing your work in the wild, here is an iframe implementation integrated with Shopify: https://carte-grise-pref.fr/products/carte-gris - I can explain the process if interested.

I get that when I click on your link: image

richpeck commented 5 years ago

haha that's the recent patch I did in NGinx - figured I was being smart by only allowing Shopify and my own system's IP. Let me fix it, thanks for pointing out.

R

On 23 December 2018 at 22:59 Jacques Archimède notifications@github.com wrote:

    > > 
    BTW if you're interested in seeing your work in the wild, here is an iframe implementation integrated with Shopify: https://carte-grise-pref.fr/products/carte-gris - I can explain the process if interested.

>

I get that when I click on your link: [image] https://user-images.githubusercontent.com/200478/50388154-a757da80-070e-11e9-8dbd-342d80858528.png

—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub https://github.com/eureka2/G6K/issues/13#issuecomment-449668386 , or mute the thread https://github.com/notifications/unsubscribe-auth/ABDaL9dZxcEIxbGb7qEJbJq8k_Oofrldks5u8ArhgaJpZM4ZcBhk .