Fix tor on debian + use unix sockets for tor<=>nginx
This commit is contained in:
parent
0bcf4dbbb5
commit
26529e4c91
|
@ -1,30 +0,0 @@
|
|||
server {
|
||||
listen [::1]:42443 ssl http2;
|
||||
listen 127.0.0.1:42443 ssl http2;
|
||||
server_name servnest.test;
|
||||
|
||||
root /srv/servnest/core;
|
||||
|
||||
include inc/tls.conf;
|
||||
include inc/errors.conf;
|
||||
|
||||
more_set_headers "Content-Security-Policy : default-src 'none'; style-src 'self'; frame-ancestors 'none'; form-action 'self';";
|
||||
|
||||
location / {
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass unix:/run/php-fpm/servnest.sock;
|
||||
include inc/fastcgi.conf;
|
||||
try_files /router.php =500;
|
||||
}
|
||||
|
||||
location /css {
|
||||
alias /srv/servnest/core/css;
|
||||
}
|
||||
|
||||
location /docs {
|
||||
alias /srv/servnest/docs;
|
||||
}
|
||||
|
||||
ssl_certificate /etc/ssl/certs/servnest.crt;
|
||||
ssl_certificate_key /etc/ssl/private/servnest.key;
|
||||
}
|
|
@ -75,10 +75,11 @@ EOF
|
|||
# Configure Tor
|
||||
|
||||
if [[ $ID = "debian" ]]; then
|
||||
mv /etc/systemd/system/tor.service.d/ /etc/systemd/system/tor@default.service.d/
|
||||
sed -i 's/User tor/User debian-tor/' /etc/tor/torrc
|
||||
sed -i 's/reload tor/reload tor@default/' /etc/sudoers.d/servnest
|
||||
sed -i 's/ALL=(tor)/ALL=(debian-tor)/' /etc/sudoers.d/servnest
|
||||
sed -i 's/tor_service = "tor"/tor_service = "tor@default"/' /srv/servnest/core/config.ini
|
||||
sed -i 's/systemctl reload tor"/systemctl reload tor@default"/' /srv/servnest/core/config.ini
|
||||
sed -i 's/tor_user = "tor"/tor_user = "debian-tor"/' /srv/servnest/core/config.ini
|
||||
fi
|
||||
|
||||
|
|
|
@ -1,2 +1,3 @@
|
|||
d /run/servnest 0555 root root - -
|
||||
d /run/knot 0755 knot knot - -
|
||||
d /var/lib/knot 0770 knot knot - -
|
||||
|
|
Loading…
Reference in New Issue