Die Config von nginx:
Code:
server {
listen [::]:80;
server_name mein-server.eu www.meinserver.eu;
# certbot certonly --webroot ....
location ~ /\.well-known\.* {
allow all;
root /home/meinserver/public_html;
}
rewrite ^ https://$server_name$request_uri? permanent;
}
server {
listen 443 ssl;
listen [::]:443 ssl;
server_tokens off;
root /home/meinserver/public_html/web;
index index.php index.html index.htm;
server_name meinserver.eu www.meinserver.eu;
client_max_body_size 128M;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
ssl_prefer_server_ciphers on;
ssl_ciphers "EECDH+AESGCM EDH+AESGCM EECDH -RC4 EDH -CAMELLIA -SEED !aNULL !eNULL !LOW !3DES !MD5 !EXP !PSK !SRP !DSS !RC4";
ssl_certificate /etc/letsencrypt/live/meinserver.eu/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/meinserver.eu/privkey.pem;
ssl_dhparam /etc/ssl/dhparams_20170716;
# certbot certonly --webroot ....
location ~ /\.well-known\.* {
allow all;
root /home/meinserver/public_html;
}
location / {
index index.php index.html index.htm;
try_files $uri /app.php$is_args$args;
}
location /api {
try_files $uri $uri/ /api/index.php?$query_string;
}
location ~ \.(php|phar)(/.*)?$ {
include snippets/fastcgi-php.conf;
include fastcgi_params;
fastcgi_pass unix:/run/php/php-fpm-meinserver.sock;
fastcgi_split_path_info ^(.+\.(?:php|phar))(/.*)$;
}
access_log /var/log/nginx/meinserver-access.log;
error_log /var/log/nginx/meinserver-error.log warn;
}
Überall wo "meinserver" steht, ist das von mir ersetzt worden, um das hier zu posten.
Mit der Config betreibe ich mehrere 4.x Sites.
https mit letsencrypt funktioniert.
contao-manager funktioniert.
Lesezeichen