Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Update piwigo-nginx-site #18

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Update piwigo-nginx-site #18

Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
38 changes: 34 additions & 4 deletions piwigo-nginx-site
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -62,19 +62,49 @@ server {
deny all;
}

location /upload {
location ^~ /upload {
internal;
}

location /galleries {
location ^~ /galleries {
internal;
}

location /_data {
location ^~ /_data {
internal;
}

location /_data/combined {
try_files $uri $uri/ =404;
}
}

# Various additional fixes if the extra security blocks above are used.

# Enable the "Display reference file" link of the LocalFiles Editor plugin
location = /plugins/LocalFilesEditor/show_default.php {
try_files $uri =404;
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this should probably come after the location = /plugins/piwigo_privacy/get.php block
Also better to give generic explanation that if you use the security block this is how you can open other php routes but leave the actual block commented out.
This is also apply for the metadata block. I don't think we need a block for each file
But just give the tools folder as another location with files that are worth considering

fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
include fastcgi_params;
}

# Enable exif metadata testing using /tools/metadata.php as described in
# https://piwigo.org/doc/doku.php?id=user_documentation:metadata
# Alternatively use the read_metadata plugin
location = /tools/metadata.php {
try_files $uri =404;
fastcgi_pass unix:/run/php-fpm/www.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
include fastcgi_params;
}

# Enable the letsencrypt "webroot installation" verification step
# as used for example by the openmediavault letsencrypt plugin
location ^~ /.well-known/acme-challenge {
Copy link
Owner

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think including letsencrypt block is out of scope for this file.
We want to keep it relevant to the piwigo plugin.

try_files $uri $uri/ =404;
}
}