nginx/pages.conf
Anthony Wang b0941d271f
Revert "Enable CGI for exopages using php-fpm"
This reverts commit 52fc0762e8.

CGI has serious security issues since all CGI scripts run as the http user
2023-06-01 16:30:47 +00:00

56 lines
1.4 KiB
Text

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ~^(\d)\.exozy\.me;
include conf.d/ssl;
index index.html;
location / {
# https://serverfault.com/questions/638505/nginx-dynamic-proxy-pass-doesnt-resolve-properly
proxy_pass http://127.0.0.1:420$1;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Proxy WebSockets
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name ~^(?<page>.+)\.exozy\.me;
include conf.d/ssl;
root /srv/http/pages/$page;
index index.html;
error_page 502 404 /404.html;
location = /404.html {
internal;
}
location / {
try_files $uri $uri.html $uri/ = @fallback;
}
location @fallback {
proxy_pass http://unix:/srv/http/pages/$page;
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
# Proxy WebSockets
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "Upgrade";
}
}