From 4ffbae098b1fabb656d8dc8c18c44db20cbdc76a Mon Sep 17 00:00:00 2001
From: Bob Mottram <bob@robotics.uk.to>
Date: Sat, 1 Oct 2016 12:18:23 +0100
Subject: [PATCH] Limits inside of locations
---
src/freedombone-app-blog | 10 ++++++----
src/freedombone-app-gnusocial | 8 ++++----
src/freedombone-app-gogs | 8 ++++----
src/freedombone-app-hubzilla | 12 ++++++++----
src/freedombone-app-mediagoblin | 24 ++++++++++++++++++++----
src/freedombone-app-searx | 4 ++--
src/freedombone-app-wiki | 20 ++++++++++++++------
7 files changed, 58 insertions(+), 28 deletions(-)
diff --git a/src/freedombone-app-blog b/src/freedombone-app-blog
index 822994308..613c64caa 100755
--- a/src/freedombone-app-blog
+++ b/src/freedombone-app-blog
@@ -418,8 +418,6 @@ function install_blog_website {
echo ' index index.php;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo ' charset utf-8;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $FULLBLOG_DOMAIN_NAME
function_check nginx_ssl
nginx_ssl $FULLBLOG_DOMAIN_NAME
function_check nginx_disable_sniffing
@@ -428,6 +426,8 @@ function install_blog_website {
echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo ' location / {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $FULLBLOG_DOMAIN_NAME
echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
@@ -501,14 +501,14 @@ function install_blog_website_onion {
echo ' index index.php;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo ' charset utf-8;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $FULLBLOG_DOMAIN_NAME
function_check nginx_disable_sniffing
nginx_disable_sniffing $FULLBLOG_DOMAIN_NAME
echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo ' location / {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $FULLBLOG_DOMAIN_NAME
echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
@@ -535,6 +535,8 @@ function install_blog_website_onion {
echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo ' # or a unix socket' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $FULLBLOG_DOMAIN_NAME
echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$FULLBLOG_DOMAIN_NAME
diff --git a/src/freedombone-app-gnusocial b/src/freedombone-app-gnusocial
index a34089331..9c7171afc 100755
--- a/src/freedombone-app-gnusocial
+++ b/src/freedombone-app-gnusocial
@@ -449,8 +449,6 @@ function install_gnusocial_main {
function_check nginx_disable_sniffing
nginx_disable_sniffing $MICROBLOG_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $MICROBLOG_DOMAIN_NAME '15m'
echo ' add_header Strict-Transport-Security max-age=15768000;' >> $microblog_nginx_site
echo '' >> $microblog_nginx_site
echo ' # Logs' >> $microblog_nginx_site
@@ -471,6 +469,8 @@ function install_gnusocial_main {
echo '' >> $microblog_nginx_site
echo ' # Location' >> $microblog_nginx_site
echo ' location / {' >> $microblog_nginx_site
+ function_check nginx_limits
+ nginx_limits $MICROBLOG_DOMAIN_NAME '15m'
echo ' try_files $uri $uri/ @gnusocial;' >> $microblog_nginx_site
echo ' }' >> $microblog_nginx_site
echo '' >> $microblog_nginx_site
@@ -493,8 +493,6 @@ function install_gnusocial_main {
echo '' >> $microblog_nginx_site
function_check nginx_disable_sniffing
nginx_disable_sniffing $MICROBLOG_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $MICROBLOG_DOMAIN_NAME '15m'
echo '' >> $microblog_nginx_site
echo ' # Logs' >> $microblog_nginx_site
echo ' access_log off;' >> $microblog_nginx_site
@@ -514,6 +512,8 @@ function install_gnusocial_main {
echo '' >> $microblog_nginx_site
echo ' # Location' >> $microblog_nginx_site
echo ' location / {' >> $microblog_nginx_site
+ function_check nginx_limits
+ nginx_limits $MICROBLOG_DOMAIN_NAME '15m'
echo ' try_files $uri $uri/ @gnusocial;' >> $microblog_nginx_site
echo ' }' >> $microblog_nginx_site
echo '' >> $microblog_nginx_site
diff --git a/src/freedombone-app-gogs b/src/freedombone-app-gogs
index a87a9c020..0f63ef01d 100755
--- a/src/freedombone-app-gogs
+++ b/src/freedombone-app-gogs
@@ -583,8 +583,6 @@ function install_gogs {
echo ' access_log off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo " error_log /var/log/nginx/${GIT_DOMAIN_NAME}_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $GIT_DOMAIN_NAME '10G'
function_check nginx_ssl
nginx_ssl $GIT_DOMAIN_NAME
function_check nginx_disable_sniffing
@@ -592,6 +590,8 @@ function install_gogs {
echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo ' location / {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $GIT_DOMAIN_NAME '10G'
echo ' proxy_pass http://localhost:3000;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
@@ -617,13 +617,13 @@ function install_gogs {
echo ' access_log off;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo " error_log /var/log/nginx/${GIT_DOMAIN_NAME}_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $GIT_DOMAIN_NAME '10G'
function_check nginx_disable_sniffing
nginx_disable_sniffing $GIT_DOMAIN_NAME
echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo ' location / {' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $GIT_DOMAIN_NAME '10G'
echo ' proxy_pass http://localhost:3000;' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$GIT_DOMAIN_NAME
diff --git a/src/freedombone-app-hubzilla b/src/freedombone-app-hubzilla
index ed036fb0c..8ac6488fa 100755
--- a/src/freedombone-app-hubzilla
+++ b/src/freedombone-app-hubzilla
@@ -482,8 +482,6 @@ function install_hubzilla {
echo ' index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' charset utf-8;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' access_log off;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $HUBZILLA_DOMAIN_NAME
function_check nginx_ssl
nginx_ssl $HUBZILLA_DOMAIN_NAME
function_check nginx_disable_sniffing
@@ -492,6 +490,8 @@ function install_hubzilla {
echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' location / {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $HUBZILLA_DOMAIN_NAME
echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
@@ -519,6 +519,8 @@ function install_hubzilla {
echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' # or a unix socket' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $HUBZILLA_DOMAIN_NAME
echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
@@ -557,12 +559,12 @@ function install_hubzilla {
echo ' index index.php;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' charset utf-8;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' access_log off;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
- nginx_limits $HUBZILLA_DOMAIN_NAME
- nginx_disable_sniffing $HUBZILLA_DOMAIN_NAME
echo ' add_header Strict-Transport-Security max-age=15768000;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' location / {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ nginx_limits $HUBZILLA_DOMAIN_NAME
+ nginx_disable_sniffing $HUBZILLA_DOMAIN_NAME
echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
@@ -590,6 +592,8 @@ function install_hubzilla {
echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' # or a unix socket' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
+ nginx_limits $HUBZILLA_DOMAIN_NAME
+ nginx_disable_sniffing $HUBZILLA_DOMAIN_NAME
echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$HUBZILLA_DOMAIN_NAME
diff --git a/src/freedombone-app-mediagoblin b/src/freedombone-app-mediagoblin
index aa9114244..3e475c28a 100755
--- a/src/freedombone-app-mediagoblin
+++ b/src/freedombone-app-mediagoblin
@@ -385,8 +385,6 @@ function install_mediagoblin {
echo ' default_type application/octet-stream;' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' sendfile on;' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- function_check nginx_limits
- nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
function_check nginx_ssl
nginx_ssl $MEDIAGOBLIN_DOMAIN_NAME
function_check nginx_disable_sniffing
@@ -409,26 +407,36 @@ function install_mediagoblin {
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' # MediaGoblins stock static files: CSS, JS, etc.' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' location /mgoblin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ function_check nginx_limits
+ nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin/static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' # Instance specific media:' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' location /mgoblin_media/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ function_check nginx_limits
+ nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/media/public/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' # Theme static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' location /theme_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ function_check nginx_limits
+ nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/theme_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' # Plugin static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' location /plugin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ function_check nginx_limits
+ nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/plugin_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' # Mounting MediaGoblin itself via FastCGI.' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' location / {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ function_check nginx_limits
+ nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
echo ' fastcgi_pass 127.0.0.1:26543;' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' include /etc/nginx/fastcgi_params;' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
@@ -454,8 +462,6 @@ function install_mediagoblin {
echo ' default_type application/octet-stream;' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' sendfile on;' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
- function_check nginx_limits
- nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
function_check nginx_disable_sniffing
nginx_disable_sniffing $MEDIAGOBLIN_DOMAIN_NAME
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
@@ -476,26 +482,36 @@ function install_mediagoblin {
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' # MediaGoblins stock static files: CSS, JS, etc.' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' location /mgoblin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ function_check nginx_limits
+ nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/mediagoblin/static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' # Instance specific media:' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' location /mgoblin_media/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ function_check nginx_limits
+ nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/media/public/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' # Theme static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' location /theme_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ function_check nginx_limits
+ nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/theme_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' # Plugin static files (usually symlinked in)' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' location /plugin_static/ {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ function_check nginx_limits
+ nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
echo " alias $MEDIAGOBLIN_WORKING_DIRECTORY/user_dev/plugin_static/;" >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' }' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' # Mounting MediaGoblin itself via FastCGI.' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' location / {' >> $MEDIAGOBLIN_VIRTUAL_HOST
+ function_check nginx_limits
+ nginx_limits $MEDIAGOBLIN_DOMAIN_NAME '20m'
echo ' fastcgi_pass 127.0.0.1:26543;' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo ' include /etc/nginx/fastcgi_params;' >> $MEDIAGOBLIN_VIRTUAL_HOST
echo '' >> $MEDIAGOBLIN_VIRTUAL_HOST
diff --git a/src/freedombone-app-searx b/src/freedombone-app-searx
index d68b4489b..5af6c2910 100755
--- a/src/freedombone-app-searx
+++ b/src/freedombone-app-searx
@@ -214,13 +214,13 @@ function install_searx {
echo ' access_log off;' >> /etc/nginx/sites-available/searx
echo " error_log /var/log/searx_error.log $WEBSERVER_LOG_LEVEL;" >> /etc/nginx/sites-available/searx
echo '' >> /etc/nginx/sites-available/searx
- function_check nginx_limits
- nginx_limits searx '1M'
function_check nginx_disable_sniffing
nginx_disable_sniffing searx
echo ' add_header Strict-Transport-Security max-age=0;' >> /etc/nginx/sites-available/searx
echo '' >> /etc/nginx/sites-available/searx
echo ' location / {' >> /etc/nginx/sites-available/searx
+ function_check nginx_limits
+ nginx_limits searx '1M'
echo ' proxy_pass http://localhost:8888;' >> /etc/nginx/sites-available/searx
echo ' proxy_set_header Host $host;' >> /etc/nginx/sites-available/searx
echo ' proxy_set_header X-Real-IP $remote_addr;' >> /etc/nginx/sites-available/searx
diff --git a/src/freedombone-app-wiki b/src/freedombone-app-wiki
index acda1341d..e6f9002f8 100755
--- a/src/freedombone-app-wiki
+++ b/src/freedombone-app-wiki
@@ -384,10 +384,10 @@ function install_wiki {
echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
function_check nginx_disable_sniffing
nginx_disable_sniffing $WIKI_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $WIKI_DOMAIN_NAME
echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $WIKI_DOMAIN_NAME
echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
@@ -414,6 +414,8 @@ function install_wiki {
echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $WIKI_DOMAIN_NAME
echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
@@ -458,8 +460,6 @@ function install_wiki {
echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' charset utf-8;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $WIKI_DOMAIN_NAME
function_check nginx_ssl
nginx_ssl $WIKI_DOMAIN_NAME
function_check nginx_disable_sniffing
@@ -468,12 +468,16 @@ function install_wiki {
echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' # webmail' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' location /webmail {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $WIKI_DOMAIN_NAME
echo ' rewrite ^/(.*) /webmail/index.php last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' rewrite ^/(.*) /webmail/installer/index.php last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $WIKI_DOMAIN_NAME
echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
@@ -500,6 +504,8 @@ function install_wiki {
echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $WIKI_DOMAIN_NAME
echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
@@ -547,14 +553,14 @@ function install_wiki {
echo ' index index.php;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' charset utf-8;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' proxy_read_timeout 86400s;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
- function_check nginx_limits
- nginx_limits $WIKI_DOMAIN_NAME
function_check nginx_disable_sniffing
nginx_disable_sniffing $WIKI_DOMAIN_NAME
echo ' add_header Strict-Transport-Security "max-age=0;";' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' # rewrite to front controller as default rule' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' location / {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $WIKI_DOMAIN_NAME
echo ' rewrite ^/(.*) /index.php?q=$uri&$args last;' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' }' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo '' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
@@ -581,6 +587,8 @@ function install_wiki {
echo ' # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' # or a unix socket' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' location ~* \.php$ {' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
+ function_check nginx_limits
+ nginx_limits $WIKI_DOMAIN_NAME
echo ' # Zero-day exploit defense.' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo ' # http://forum.nginx.org/read.php?2,88845,page=3' >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
echo " # Won't work properly (404 error) if the file is not stored on this" >> /etc/nginx/sites-available/$WIKI_DOMAIN_NAME
--
GitLab