From ca49d8bcc24e29c797333ba68df427a9e3f46312 Mon Sep 17 00:00:00 2001 From: Matthias Quintern Date: Sun, 10 Nov 2024 18:40:48 +0100 Subject: [PATCH] Add configs --- imgsort2-nginx.conf | 47 +++++++++++++++++++++++++++++++++++++++++++ imgsort2-php-fpm.conf | 20 ++++++++++++++++++ 2 files changed, 67 insertions(+) create mode 100755 imgsort2-nginx.conf create mode 100755 imgsort2-php-fpm.conf diff --git a/imgsort2-nginx.conf b/imgsort2-nginx.conf new file mode 100755 index 0000000..1fbb06e --- /dev/null +++ b/imgsort2-nginx.conf @@ -0,0 +1,47 @@ +# vi: ft=nginx +server { + listen 8080 default_server; + + server_name localhost; + + # Optional security related headers + # add_header Content-Security-Policy "default-src 'self';"; + # add_header Strict-Transport-Security "max-age=31536000;"; # includeSubDomains" + # add_header X-Frame-Options "SAMEORIGIN"; + # add_header X-Content-Type-Options "nosniff"; + # add_header Referrer-Policy "origin-when-cross-origin"; + + # access_log /var/log/nginx/imgsort2-access.log; + # error_log /var/log/nginx/imgsort2-error.log; + + root /mnt/imgsort2; + index index.html; + + # serve full size images here + location /images-full { + alias /mnt/data/images; + } + # serve low res images here + location /images { + alias /mnt/data/images; + location ~* \.(jpg|png|jpeg|webp)$ { + # resize to width=700 + image_filter resize 700 -; + image_filter_jpeg_quality 50; + image_filter_webp_quality 50; + image_filter_buffer 40M; + } + } + + # TODO: Access restriction + # https://docs.nginx.com/nginx/admin-guide/security-controls/configuring-http-basic-authentication/ + + # auth_basic "Imgsort 2"; + # auth_basic_user_file /etc/www/.imgsort2.htpasswd; + + location ~ .*\.php$ { + # TODO: this depends on your php-fpm configuration + fastcgi_pass unix:/var/run/php/php-fpm-imgsort2.sock; + include fastcgi.conf; + } +} diff --git a/imgsort2-php-fpm.conf b/imgsort2-php-fpm.conf new file mode 100755 index 0000000..6a39a35 --- /dev/null +++ b/imgsort2-php-fpm.conf @@ -0,0 +1,20 @@ +; vi: ft=dosini +[imgsort2] +php_admin_value[disable_functions] = php_uname,getmyuid,getmypid,passthru,leak,listen,diskfreespace,tmpfile,link,ignore_user_abord,dl,set_time_limit,exec,shell_exec,system,highlight_file,source,show_source,fpaththru,virtual,posix_ctermid,posix_getcwd,posix_getegid,posix_geteuid,posix_getgid,posix_getgrgid,posix_getgrnam,posix_getgroups,posix_getlogin,posix_getpgid,posix_getpgrp,posix_getpid,posix,_getppid,posix_getpwnam,posix_getpwuid,posix_getrlimit,posix_getsid,posix_getuid,posix_isatty,posix_kill,posix_mkfifo,posix_setegid,posix_seteuid,posix_setgid,posix_setpgid,posix_setsid,posix_setuid,posix_times,posix_ttyname,posix_uname,proc_get_status,proc_nice,proc_terminate,phpinfo +php_admin_value[open_basedir] = /mnt/imgsort2:/mnt/data/images +php_admin_value[error_log] = /var/log/php-fpm/imgsort2.log +php_admin_value[display_errors] = on + +user = www-data +group = www-data + +listen = /var/run/php/php-fpm-imgsort2.sock +listen.owner = www-data +listen.group = www-data + +pm = dynamic +pm.max_children = 5 +pm.start_servers = 1 +pm.min_spare_servers = 1 +pm.max_spare_servers = 1 +pm.process_idle_timeout = 10s