add php

Signed-off-by: Zoey <zoey@z0ey.de>
2025-08-03 16:03:38 +00:00 · 2022-12-19 08:27:13 +01:00
parent 19a304d9ce
commit 920bce627a
38 changed files with 511 additions and 279 deletions
--- a/rootfs/usr/local/nginx/conf/conf.d/include/default.conf
+++ b/rootfs/usr/local/nginx/conf/conf.d/include/default.conf
@@ -0,0 +1,29 @@
+# ------------------------------------------------------------
+# Default Site
+# ------------------------------------------------------------
+server {
+  listen 80 default_server;
+  listen [::]:80 default_server;
+
+  listen 443 ssl http2 default_server;
+  listen [::]:443 ssl http2 default_server;
+
+  listen 443 http3 default_server;
+  listen [::]:443 http3 default_server;
+
+  server_name _;
+
+  include conf.d/include/force-ssl.conf;
+  include conf.d/include/ssl-ciphers.conf;
+  include conf.d/include/letsencrypt-acme-challenge.conf;
+  include conf.d/include/block-exploits.conf;
+  add_header alt-svc 'h3=":443"; ma=86400, h3-29=":443"; ma=86400';
+
+  ssl_certificate /data/nginx/dummycert.pem;
+  ssl_certificate_key /data/nginx/dummykey.pem;
+
+  location / {
+    include conf.d/include/letsencrypt-acme-challenge.conf;
+    alias /html/default/;
+  }
+}
--- a/rootfs/usr/local/nginx/conf/conf.d/include/proxy.conf
+++ b/rootfs/usr/local/nginx/conf/conf.d/include/proxy.conf
@@ -4,7 +4,7 @@ proxy_set_header X-Forwarded-Scheme $scheme;
 proxy_set_header X-Forwarded-Proto $scheme;
 proxy_set_header X-Real-IP $remote_addr;
 proxy_set_header Accept-Encoding "";
-proxy_set_header Host $host:$server_port;
+proxy_set_header Host $host;

 proxy_http_version 1.1;
 proxy_ssl_protocols TLSv1.3 TLSv1.2 TLSv1.1 TLSv1 SSLv3 SSLv2;
--- a/rootfs/usr/local/nginx/conf/conf.d/no-server-name.conf
+++ b/rootfs/usr/local/nginx/conf/conf.d/no-server-name.conf
@@ -1,34 +1,28 @@
 server {
+    listen 81 ssl http2;
+    listen 81 http3;
+
+    listen [::]:81 ssl http2;
+    listen [::]:81 http3;
+
    listen 80;
    listen [::]:80;

-    server_name nginxproxymanager-default;
-    
-    include conf.d/include/force-ssl.conf;
-    include conf.d/include/block-exploits.conf;
-    include conf.d/include/letsencrypt-acme-challenge.conf;
-}
-
-# First 443 Host, which is the default if another default doesn't exist
-server {
    listen 443 ssl http2;
-    listen 443 http3;
    listen [::]:443 ssl http2;
+
+    listen 443 http3;
    listen [::]:443 http3;

+    server_name "";
+    return 444;
+
+    include conf.d/include/force-ssl.conf;
+    include conf.d/include/ssl-ciphers.conf;
+    include conf.d/include/letsencrypt-acme-challenge.conf;
+    include conf.d/include/block-exploits.conf;
    add_header alt-svc 'h3=":443"; ma=86400, h3-29=":443"; ma=86400';

-    server_name nginxproxymanager-default;
-    
    ssl_certificate /data/nginx/dummycert.pem;
    ssl_certificate_key /data/nginx/dummykey.pem;
-    
-    include conf.d/include/ssl-ciphers.conf;
-    include conf.d/include/block-exploits.conf;
-    include conf.d/include/letsencrypt-acme-challenge.conf;
-
-    location / {
-        include conf.d/include/letsencrypt-acme-challenge.conf;
-        root /var/www/html;
-    }
 }
--- a/rootfs/usr/local/nginx/conf/conf.d/production.conf
+++ b/rootfs/usr/local/nginx/conf/conf.d/production.conf
@@ -1,11 +1,11 @@
-# Admin Interface
 server {
    listen 81 ssl http2 default_server;
    listen 81 http3 default_server;
+    
    listen [::]:81 ssl http2 default_server;
    listen [::]:81 http3 default_server;

-    server_name nginxproxymanager;
+    server_name _;
    ssl_certificate /data/nginx/dummycert.pem;
    ssl_certificate_key /data/nginx/dummykey.pem;
    include conf.d/include/ssl-ciphers.conf;
@@ -26,7 +26,7 @@ server {
        proxy_set_header X-Forwarded-Proto $scheme;
        proxy_set_header X-Real-IP $remote_addr;
        proxy_set_header Accept-Encoding "";
-        proxy_set_header Host $host:$server_port;
+        proxy_set_header Host $host;
        
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
--- a/rootfs/usr/local/nginx/conf/nginx.conf
+++ b/rootfs/usr/local/nginx/conf/nginx.conf
@@ -36,11 +36,15 @@ http {
    gzip_comp_level 9;

    resolver localhost;
-    index index.html Index.html;
+    fastcgi_index index.php;
+    index index.php index.html;
    
    error_page 404 =307 $scheme://$host:$server_port;
    error_page 497 =301 https://$host:$server_port$request_uri;

+    proxy_headers_hash_max_size 1024;
+    proxy_headers_hash_bucket_size 128;
+    
    # Default upstream scheme
    map $host $forward_scheme {
        default http;
@@ -52,6 +56,22 @@ http {
        '' close;
    }

+    upstream php7 {
+        server unix:/dev/php7.sock;
+    }
+
+    upstream php8 {
+        server unix:/dev/php8.sock;
+    }
+
+    upstream php81 {
+        server unix:/dev/php81.sock;
+    }
+
+    upstream php82 {
+        server unix:/dev/php82.sock;
+    }
+    
    # Fancy Index
    fancyindex on;
    fancyindex_localtime on;
@@ -75,7 +95,10 @@ http {
    set_real_ip_from 169.254.0.0/16;
    set_real_ip_from fc00::/7;
    set_real_ip_from fec0::/10;
-
+    
+    include fastcgi.conf;
+    fastcgi_param HTTP_PROXY "";
+    
    include conf.d/include/ip_ranges.conf;
    
    include /data/nginx/default.conf;