From 8463f6933e5c68e9e5bd369339d2898e9dd6a186 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Nicol=C3=A1s=20Reynolds?= <fauno@kiwwwi.com.ar>
Date: Mon, 25 Oct 2010 15:26:26 -0300
Subject: Default Nginx config

---
 overlay/etc/nginx/conf/nginx.conf | 81 +++++++++++++++++++++++++++++++++++++++
 1 file changed, 81 insertions(+)
 create mode 100644 overlay/etc/nginx/conf/nginx.conf

(limited to 'overlay/etc')

diff --git a/overlay/etc/nginx/conf/nginx.conf b/overlay/etc/nginx/conf/nginx.conf
new file mode 100644
index 0000000..6ee28b9
--- /dev/null
+++ b/overlay/etc/nginx/conf/nginx.conf
@@ -0,0 +1,81 @@
+# Nginx basic configuration
+# Features
+# * HTTPS only
+# * PHP fastcgi
+
+user http http;
+worker_processes  1;
+
+#error_log  logs/error.log;
+#error_log  logs/error.log  notice;
+#error_log  logs/error.log  info;
+#error_log  logs/debug.log  debug;
+
+#pid        logs/nginx.pid;
+
+
+events {
+    worker_connections  1024;
+}
+
+
+http {
+    root          /srv/http/;
+    include       mime.types;
+    default_type  application/octet-stream;
+
+# 
+    ssl_session_cache    shared:SSL:10m;
+    ssl_session_timeout  10m;
+
+    ssl_protocols  SSLv2 SSLv3 TLSv1;
+    ssl_ciphers  ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv2:+EXP;
+    ssl_prefer_server_ciphers   on;
+
+    #log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
+    #                  '$status $body_bytes_sent "$http_referer" '
+    #                  '"$http_user_agent" "$http_x_forwarded_for"';
+
+    #access_log  logs/access.log  main;
+
+    sendfile        on;
+    #tcp_nopush     on;
+
+    #keepalive_timeout  0;
+    keepalive_timeout  65;
+
+    #gzip  on;
+
+# Redirect insecure connections to secure one
+    server {
+        listen 80;
+        server_name %HOSTNAME%;
+
+        rewrite ^(.*) https://$server_name$1 permanent;
+    }
+
+    # HTTPS server
+    #
+    # Install scripts should change %HOSTNAME% into real hostname
+    server {
+        listen       443 default ssl;
+        server_name  %HOSTNAME%;
+        root /srv/http/%HOSTNAME%;
+
+        #ssl                  on;
+        ssl_certificate      /etc/ssl/certs/local.crt;
+        ssl_certificate_key  /etc/ssl/private/local.key;
+
+
+        location / {
+            index  index.html index.htm index.php;
+        }
+
+        location ~ \.(php|inc)$ {
+            include        fastcgi_params;
+            fastcgi_pass   unix:/var/run/php-fpm/php-fpm.sock;
+            fastcgi_index  index.php;
+            fastcgi_param  SCRIPT_FILENAME  /srv/http/%HOSTNAME%/$fastcgi_script_name;
+        }
+    }
+}
-- 
cgit v1.2.2