Changes to recommended nginx config

[ChillyCider]

I was able to get nginx up and running with a mix of reading https://picocms.org/in-depth/nginx/ and the helpful discussions at picocms/Pico#343 and picocms/Pico#350.

So yeah, it sort of worked. There was a weird problem, though. I opened my browser to /vendor/ to make sure the 404 worked, and it downloaded a plain-text version of index.php to my hard drive.

I was confuse. 😂

But, I managed to fix it! After some struggle, here's my new config. Would it be ok if I submit a PR to get this onto the "How to Configure Nginx for Pico" page?

Here's the fixed nginx config:

    ...

    # 404 on the theme's README, CHANGELOG, etc.
    location ~ ^/themes(/?$|/[^/]+(/?$|/[^/]+/?$)) {
        error_page 404 /index.php;
        return 404;
    }

    # 404 on PicoCMS README, CHANGELOG, and other forbiddens
    location ~ ^/((CHANGELOG.md|CONTRIBUTING.md|LICENSE|README.md|plugins|config|content|vendor|composer\.(json|lock|phar))(/|$)|(.+/)?\.(?!well-known(/|$))) {
        error_page 404 /index.php;
        return 404;
    }

    # Rewrite all other requests to go to the front controller
    location / {
        error_page 404 /index.php;
        try_files $uri $uri/ /index.php$uri =404;
    }

    # Front controller
    location ~ ^/index\.php(/|$) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        if (!-f $document_root$fastcgi_script_name) {
            return 404;
        }

        try_files $fastcgi_script_name =404;

        fastcgi_param HTTP_PROXY "";
        fastcgi_pass 127.0.0.1:9000;
        fastcgi_index index.php;

        include fastcgi_params;
    }

    ...

[github-actions[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed in two days if no further activity occurs. Thank you for your contributions! :+1:

[mayamcdougall]

@PhrozenByte, maybe you just skimmed over this quickly when you tagged it, but this isn't really a "Support" request.

@ChillyCider It's unfortunately been a really long time since I've done anything with Nginx. I can't really verify anything about our recommended Nginx config right now.

You're not the first to express issues with it, and it definitely needs investigation. All I can say is that at the time it was written, it worked, but that was quite a few years ago now. 😒

Web server configuration in general is something we often shy away from in support Issues, due to its complexity.

Someone can easily share a part of their config and ask for help, without realizing that the cause of the issue actually lies somewhere else on their system, in another file. The problem could be something that they intentionally (unknowingly) changed, or just something that their distro or hosting provider shipped for them.

Because of this, it's really hard to have a "one size fits all" answer when it comes to web server config. Even our provided .htaccess file for Apache isn't always perfect.

So, unfortunately, without an "expert" on-board here, I can't really take your config at face value, stick it in the Docs, and call this Issue "resolved".

If your config works for you, that's great! Use it. 👍🏻

But for the time being, I can't blindly accept any contributions on the subject. Hopefully in the future I'll find some time to deep-dive back into Nginx and see if I can find where the shortcomings are.

I'm really sorry that you had issue with our suggested examples. When I wrote the Nginx Docs, I tried to be as thorough as I could with explaining the reasoning for each bit. It wasn't necessarily supposed to be a copy-and-paste solution, though it was intended to be as close to one as possible. 😓

Anyway, I appreciate your interest. It might be a bit before we see this one truly solved though. 😅

[PhrozenByte]

Good point, moving to the website repo then :+1: