X-Git-Url: https://git.immae.eu/?a=blobdiff_plain;f=doc%2Fmd%2FServer-configuration.md;fp=doc%2FServer-configuration.md;h=23fdbc8b9bbaddc420680f9f7db33c12c1059a92;hb=53ed6d7d1e678d7486337ce67a2f17b30bac21ac;hp=81cc1a725cf26c5fbf3fa4999e9d0b1ae7b40ffa;hpb=d5d22a6d07917865c44148ad76f43c65a929a890;p=github%2Fshaarli%2FShaarli.git diff --git a/doc/Server-configuration.md b/doc/md/Server-configuration.md similarity index 92% rename from doc/Server-configuration.md rename to doc/md/Server-configuration.md index 81cc1a72..23fdbc8b 100644 --- a/doc/Server-configuration.md +++ b/doc/md/Server-configuration.md @@ -1,8 +1,7 @@ -#Server configuration *Example virtual host configurations for popular web servers* -- [Apache](#apache)[](.html) -- [Nginx](#nginx)[](.html) +- [Apache](#apache) +- [Nginx](#nginx) ## Prerequisites ### Shaarli @@ -14,8 +13,8 @@ ### HTTPS, TLS and self-signed certificates Related guides: -* [How to Create Self-Signed SSL Certificates with OpenSSL](http://www.xenocafe.com/tutorials/linux/centos/openssl/self_signed_certificates/index.php)[](.html) -* [How do I create my own Certificate Authority?](https://workaround.org/certificate-authority)[](.html) +* [How to Create Self-Signed SSL Certificates with OpenSSL](http://www.xenocafe.com/tutorials/linux/centos/openssl/self_signed_certificates/index.php) +* [How do I create my own Certificate Authority?](https://workaround.org/certificate-authority) * Generate a self-signed certificate (will trigger browser warnings) with apache2: `make-ssl-cert generate-default-snakeoil --force-overwrite` will create `/etc/ssl/certs/ssl-cert-snakeoil.pem` and `/etc/ssl/private/ssl-cert-snakeoil.key` ### Proxies @@ -24,7 +23,7 @@ If Shaarli is served behind a proxy (i.e. there is a proxy server between client - `X-Forwarded-Host`; - `X-Forwarded-For`. -See also [proxy-related](https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%93&q=label%3Aproxy+) issues.[](.html) +See also [proxy-related](https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%93&q=label%3Aproxy+) issues. ## Apache ### Minimal @@ -38,8 +37,8 @@ See also [proxy-related](https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%9 This configuration will log both Apache and PHP errors, which may prove useful to identify server configuration errors. See: -* [Apache/PHP - error log per VirtualHost](http://stackoverflow.com/q/176) (StackOverflow)[](.html) -* [PHP: php_value vs php_admin_value and the use of php_flag explained](https://ma.ttias.be/php-php_value-vs-php_admin_value-and-the-use-of-php_flag-explained/)[](.html) +* [Apache/PHP - error log per VirtualHost](http://stackoverflow.com/q/176) (StackOverflow) +* [PHP: php_value vs php_admin_value and the use of php_flag explained](https://ma.ttias.be/php-php_value-vs-php_admin_value-and-the-use-of-php_flag-explained/) ```apache @@ -70,7 +69,7 @@ See: ``` ### Paranoid - Redirect HTTP (:80) to HTTPS (:443) -See [Server-side TLS](https://wiki.mozilla.org/Security/Server_Side_TLS#Apache) (Mozilla).[](.html) +See [Server-side TLS](https://wiki.mozilla.org/Security/Server_Side_TLS#Apache) (Mozilla). ```apache @@ -106,7 +105,7 @@ See [Server-side TLS](https://wiki.mozilla.org/Security/Server_Side_TLS#Apache) Shaarli use `.htaccess` Apache files to deny access to files that shouldn't be directly accessed (datastore, config, etc.). You need the directive `AllowOverride All` in your virtual host configuration for them to work. -**Warning**: If you use Apache 2.2 or lower, you need [mod_version](https://httpd.apache.org/docs/current/mod/mod_version.html) to be installed and enabled.[](.html) +**Warning**: If you use Apache 2.2 or lower, you need [mod_version](https://httpd.apache.org/docs/current/mod/mod_version.html) to be installed and enabled. Apache module `mod_rewrite` **must** be enabled to use the REST API. URL rewriting rules for the Slim microframework are stated in the root `.htaccess` file. @@ -114,20 +113,20 @@ Apache module `mod_rewrite` **must** be enabled to use the REST API. URL rewriti ## Nginx ### Foreword -Nginx does not natively interpret PHP scripts; to this effect, we will run a [FastCGI](https://en.wikipedia.org/wiki/FastCGI) service, to which Nginx's FastCGI module will proxy all requests to PHP resources.[](.html) +Nginx does not natively interpret PHP scripts; to this effect, we will run a [FastCGI](https://en.wikipedia.org/wiki/FastCGI) service, to which Nginx's FastCGI module will proxy all requests to PHP resources. Required packages: -- [nginx](http://nginx.org)[](.html) -- [php-fpm](http://php-fpm.org) - PHP FastCGI Process Manager[](.html) +- [nginx](http://nginx.org) +- [php-fpm](http://php-fpm.org) - PHP FastCGI Process Manager Official documentation: -- [Beginner's guide](http://nginx.org/en/docs/beginners_guide.html)[](.html) -- [ngx_http_fastcgi_module](http://nginx.org/en/docs/http/ngx_http_fastcgi_module.html)[](.html) -- [Pitfalls](http://wiki.nginx.org/Pitfalls)[](.html) +- [Beginner's guide](http://nginx.org/en/docs/beginners_guide.html) +- [ngx_http_fastcgi_module](http://nginx.org/en/docs/http/ngx_http_fastcgi_module.html) +- [Pitfalls](http://wiki.nginx.org/Pitfalls) Community resources: -- [Server-side TLS (Nginx)](https://wiki.mozilla.org/Security/Server_Side_TLS#Nginx) (Mozilla)[](.html) -- [PHP configuration examples](http://kbeezie.com/nginx-configuration-examples/) (Karl Blessing)[](.html) +- [Server-side TLS (Nginx)](https://wiki.mozilla.org/Security/Server_Side_TLS#Nginx) (Mozilla) +- [PHP configuration examples](http://kbeezie.com/nginx-configuration-examples/) (Karl Blessing) ### Common setup Once Nginx and PHP-FPM are installed, we need to ensure: @@ -154,7 +153,7 @@ which corresponds to the following service configuration: user = john group = users -[...][](.html) +[...] listen.owner = john listen.group = users ``` @@ -164,7 +163,7 @@ listen.group = users user john users; http { - [...][](.html) + [...] } ``` @@ -177,20 +176,20 @@ To increase upload size, you will need to modify both nginx and PHP configuratio # /etc/nginx/nginx.conf http { - [...][](.html) + [...] client_max_body_size 10m; - [...][](.html) + [...] } ``` ```ini # /etc/php5/fpm/php.ini -[...][](.html) +[...] post_max_size = 10M -[...][](.html) +[...] upload_max_filesize = 10M ``` @@ -293,10 +292,10 @@ location ~* \.(?:ico|css|js|gif|jpe?g|png)$ { ```nginx # /etc/nginx/nginx.conf -[...][](.html) +[...] http { - [...][](.html) + [...] root /home/john/web; access_log /var/log/nginx/access.log; @@ -347,10 +346,10 @@ Assuming you have generated a (self-signed) key and certificate, and they are lo ```nginx # /etc/nginx/nginx.conf -[...][](.html) +[...] http { - [...][](.html) + [...] index index.html index.php;