adding missing ssl conf file

2016-07-22 15:53:21 +01:00
parent 4b3ce4b402
commit 72f04208e1
2 changed files with 65 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -137,3 +137,5 @@ The following flags are a list of all the currently supported options that can b
 - **PHP_MEM_LIMIT** : Set higher PHP memory limit, default is 128 Mb
 - **PHP_POST_MAX_SIZE** : Set a larger post_max_size, default is 100 Mb
 - **PHP_UPLOAD_MAX_FILESIZE** : Set a larger upload_max_filesize, default is 100 Mb
+ - **DOMAIN** : Set domain name for Lets Encrypt scripts
+ 
--- a/conf/nginx-site-ssl.conf
+++ b/conf/nginx-site-ssl.conf
@@ -0,0 +1,63 @@
+server {
+	listen 443 ssl;
+
+	root /var/www/html;
+	index index.php index.html index.htm;
+
+	# Make site accessible from http://localhost/
+        server_name _;
+        ssl_certificate     /etc/letsencrypt/live/##DOMAIN##/fullchain.pem;
+        ssl_certificate_key /etc/letsencrypt/live/##DOMAIN##/privkey.pem;
+        ssl_protocols       TLSv1 TLSv1.1 TLSv1.2;
+        ssl_ciphers         HIGH:!aNULL:!MD5;
+
+	# Make site accessible from http://localhost/
+	server_name _;
+	
+	# Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html
+	sendfile off;
+
+	# Add stdout logging
+
+	error_log /dev/stdout info;
+	access_log /dev/stdout;
+
+	location / {
+		# First attempt to serve request as file, then
+		# as directory, then fall back to index.html
+		try_files $uri $uri/ /index.php?q=$uri&$args;
+	}
+
+	#error_page 404 /404.html;
+
+	# redirect server error pages to the static page /50x.html
+	#
+	error_page 500 502 503 504 /50x.html;
+	location = /50x.html {
+		root /var/www/html;
+	}
+
+	# pass the PHP scripts to FastCGI server listening on socket
+	#
+	location ~ \.php$ {
+                try_files $uri =404;
+		fastcgi_split_path_info ^(.+\.php)(/.+)$;
+		fastcgi_pass unix:/var/run/php-fpm.sock;
+		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+    		fastcgi_param SCRIPT_NAME $fastcgi_script_name;
+		fastcgi_index index.php;
+		include fastcgi_params;
+	}
+
+        location ~* \.(jpg|jpeg|gif|png|css|js|ico|xml)$ {
+                expires           5d;
+        }
+
+	# deny access to . files, for security
+	#
+	location ~ /\. {
+    		log_not_found off; 
+    		deny all;
+	}
+
+}