diff --git a/ansible/roles/dokuwiki-and-nginx/info.md b/ansible/roles/dokuwiki-and-nginx/info.md index 8cbeec2..a0f970f 100644 --- a/ansible/roles/dokuwiki-and-nginx/info.md +++ b/ansible/roles/dokuwiki-and-nginx/info.md @@ -1,3 +1,8 @@ ## Beschreibung - zur Einrichtung von [nginx](../nginx) als Reverse-Proxy für [DokuWiki](../dokuwiki) + + +## Verweise + +- [DokuWiki-Dokumentation | nginx](https://www.dokuwiki.org/install:nginx) diff --git a/ansible/roles/dokuwiki-and-nginx/templates/conf.j2 b/ansible/roles/dokuwiki-and-nginx/templates/conf.j2 index 085847c..3fa71ba 100644 --- a/ansible/roles/dokuwiki-and-nginx/templates/conf.j2 +++ b/ansible/roles/dokuwiki-and-nginx/templates/conf.j2 @@ -1,15 +1,62 @@ server { listen 80; listen [::]:80; - listen 443 ssl; + server_name {{var_dokuwiki_and_nginx_domain}}; + return 301 https://$server_name$request_uri; +} + +server { listen [::]:443 ssl; + listen 443 ssl; server_name {{var_dokuwiki_and_nginx_domain}}; - + {% if var_dokuwiki_and_nginx_tls_enable %} ssl_certificate /etc/ssl/fullchains/{{var_dokuwiki_and_nginx_domain}}.pem; ssl_certificate_key /etc/ssl/private/{{var_dokuwiki_and_nginx_domain}}.pem; + ssl_session_timeout 5m; + ssl_ciphers "HIGH:!aNULL:!MD5 or HIGH:!aNULL:!MD5:!3DES"; {% endif %} - document_root {{var_dokuwiki_and_nginx_directory}} + # Maximum file upload size is 4MB - change accordingly if needed + client_max_body_size 4M; + client_body_buffer_size 128k; + + root {{var_dokuwiki_and_nginx_directory}}; + index doku.php; + + #Remember to comment the below out when you're installing, and uncomment it when done. + location ~ /(conf/|bin/|inc/|vendor/|install.php) { + # deny all; + } + + #Support for X-Accel-Redirect + location ~ ^/data/ { + internal; + } + + location ~ ^/lib.*\.(js|css|gif|png|ico|jpg|jpeg)$ { + expires 365d; + } + + location / { + try_files $uri $uri/ @dokuwiki; + } + + location @dokuwiki { + # rewrites "doku.php/" out of the URLs if you set the userwrite setting to .htaccess in dokuwiki config page + rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last; + rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last; + rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last; + rewrite ^/(.*) /doku.php?id=$1&$args last; + } + + location ~ \.php$ { + try_files $uri $uri/ /doku.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; + fastcgi_param REDIRECT_STATUS 200; + fastcgi_pass unix:/var/run/php/php8.2-fpm.sock; + # fastcgi_pass unix:/var/run/php5-fpm.sock; #old php version + } }