2023-02-07 19:52:54 +01:00
|
|
|
# This server block is the publicly exposed ServNest control interface
|
|
|
|
|
2023-01-29 21:14:36 +01:00
|
|
|
server {
|
|
|
|
listen [::1]:42443 ssl http2;
|
|
|
|
listen 127.0.0.1:42443 ssl http2;
|
|
|
|
server_name servnest.test;
|
|
|
|
|
|
|
|
root /srv/servnest/core;
|
|
|
|
|
|
|
|
include inc/tls.conf;
|
|
|
|
include inc/errors.conf;
|
|
|
|
|
|
|
|
more_set_headers "Content-Security-Policy : default-src 'none'; style-src 'self'; frame-ancestors 'none'; form-action 'self';";
|
|
|
|
|
2023-02-07 19:52:54 +01:00
|
|
|
# Main ServNest interface
|
2023-01-29 21:14:36 +01:00
|
|
|
location / {
|
|
|
|
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
|
|
|
fastcgi_pass unix:/run/php-fpm/servnest.sock;
|
|
|
|
include inc/fastcgi.conf;
|
|
|
|
try_files /router.php =500;
|
|
|
|
}
|
|
|
|
|
2023-02-07 19:52:54 +01:00
|
|
|
# The router doesn't manage CSS files
|
2023-01-29 21:14:36 +01:00
|
|
|
location /css {
|
|
|
|
alias /srv/servnest/core/css;
|
|
|
|
}
|
|
|
|
|
|
|
|
location /docs {
|
|
|
|
alias /srv/servnest/docs;
|
|
|
|
}
|
|
|
|
|
2023-02-07 19:52:54 +01:00
|
|
|
# For a public server, these should point to a Let's Encrypt-trusted key pair
|
2023-01-29 21:14:36 +01:00
|
|
|
ssl_certificate /etc/ssl/certs/servnest.crt;
|
|
|
|
ssl_certificate_key /etc/ssl/private/servnest.key;
|
|
|
|
}
|