diff options
author | ArthurHoaro <arthur@hoa.ro> | 2016-04-14 14:20:23 +0200 |
---|---|---|
committer | ArthurHoaro <arthur@hoa.ro> | 2016-04-14 15:18:25 +0200 |
commit | 5409ade28c5f0acf99dbadd4d95e6f8efda5d395 (patch) | |
tree | 4c8b55010ad02d91b524b0cb8cc02ddf318fcaa2 /doc/Server-configuration.md | |
parent | 9f400b0dad68b82d65692bd6ab6190f6a787fa89 (diff) | |
download | Shaarli-5409ade28c5f0acf99dbadd4d95e6f8efda5d395.tar.gz Shaarli-5409ade28c5f0acf99dbadd4d95e6f8efda5d395.tar.zst Shaarli-5409ade28c5f0acf99dbadd4d95e6f8efda5d395.zip |
Update docs from Wiki
Diffstat (limited to 'doc/Server-configuration.md')
-rw-r--r-- | doc/Server-configuration.md | 28 |
1 files changed, 25 insertions, 3 deletions
diff --git a/doc/Server-configuration.md b/doc/Server-configuration.md index c7b17c5a..fd98a608 100644 --- a/doc/Server-configuration.md +++ b/doc/Server-configuration.md | |||
@@ -2,19 +2,29 @@ | |||
2 | *Example virtual host configurations for popular web servers* | 2 | *Example virtual host configurations for popular web servers* |
3 | 3 | ||
4 | - [Apache](#apache)[](.html) | 4 | - [Apache](#apache)[](.html) |
5 | - [LightHttpd](#lighthttpd) (empty)[](.html) | ||
6 | - [Nginx](#nginx)[](.html) | 5 | - [Nginx](#nginx)[](.html) |
7 | 6 | ||
8 | ## Prerequisites | 7 | ## Prerequisites |
8 | ### Shaarli | ||
9 | * Shaarli is installed in a directory readable/writeable by the user | 9 | * Shaarli is installed in a directory readable/writeable by the user |
10 | * the correct read/write permissions have been granted to the web server _user and/or group_ | 10 | * the correct read/write permissions have been granted to the web server _user and/or group_ |
11 | * for HTTPS / SSL: | 11 | * for HTTPS / SSL: |
12 | * a key pair (public, private) and a certificate have been generated | 12 | * a key pair (public, private) and a certificate have been generated |
13 | * the appropriate server SSL extension is installed and active | 13 | * the appropriate server SSL extension is installed and active |
14 | 14 | ||
15 | ### HTTPS, TLS and self-signed certificates | ||
15 | Related guides: | 16 | Related guides: |
16 | * [How to Create Self-Signed SSL Certificates with OpenSSL](http://www.xenocafe.com/tutorials/linux/centos/openssl/self_signed_certificates/index.php)[](.html) | 17 | * [How to Create Self-Signed SSL Certificates with OpenSSL](http://www.xenocafe.com/tutorials/linux/centos/openssl/self_signed_certificates/index.php)[](.html) |
17 | * [How do I create my own Certificate Authority?](https://workaround.org/certificate-authority)[](.html) | 18 | * [How do I create my own Certificate Authority?](https://workaround.org/certificate-authority)[](.html) |
19 | * Generate a self-signed certificate (will trigger browser warnings) with apache2: `make-ssl-cert generate-default-snakeoil --force-overwrite` will create `/etc/ssl/certs/ssl-cert-snakeoil.pem` and `/etc/ssl/private/ssl-cert-snakeoil.key` | ||
20 | |||
21 | ### Proxies | ||
22 | If Shaarli is served behind a proxy (i.e. there is a proxy server between clients and the web server hosting Shaarli), please refer to the proxy server documentation for proper configuration. In particular, you have to ensure that the following server variables are properly set: | ||
23 | - `X-Forwarded-Proto`; | ||
24 | - `X-Forwarded-Host`; | ||
25 | - `X-Forwarded-For`. | ||
26 | |||
27 | See also [proxy-related](https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%93&q=label%3Aproxy+) issues.[](.html) | ||
18 | 28 | ||
19 | ## Apache | 29 | ## Apache |
20 | ### Minimal | 30 | ### Minimal |
@@ -29,7 +39,7 @@ This configuration will log both Apache and PHP errors, which may prove useful t | |||
29 | 39 | ||
30 | See: | 40 | See: |
31 | * [Apache/PHP - error log per VirtualHost](http://stackoverflow.com/q/176) (StackOverflow)[](.html) | 41 | * [Apache/PHP - error log per VirtualHost](http://stackoverflow.com/q/176) (StackOverflow)[](.html) |
32 | * [PHP: php_value vs php_admin_value and the use of php_flag explained](PHP: php_value vs php_admin_value and the use of php_flag explained)[](.html) | 42 | * [PHP: php_value vs php_admin_value and the use of php_flag explained](https://ma.ttias.be/php-php_value-vs-php_admin_value-and-the-use-of-php_flag-explained/)[](.html) |
33 | 43 | ||
34 | ```apache | 44 | ```apache |
35 | <VirtualHost *:80> | 45 | <VirtualHost *:80> |
@@ -68,7 +78,7 @@ See [Server-side TLS](https://wiki.mozilla.org/Security/Server_Side_TLS#Apache) | |||
68 | DocumentRoot /absolute/path/to/shaarli/ | 78 | DocumentRoot /absolute/path/to/shaarli/ |
69 | 79 | ||
70 | SSLEngine on | 80 | SSLEngine on |
71 | SSLCertificateFile /absolute/path/to/the/website/certificate.crt | 81 | SSLCertificateFile /absolute/path/to/the/website/certificate.pem |
72 | SSLCertificateKeyFile /absolute/path/to/the/website/key.key | 82 | SSLCertificateKeyFile /absolute/path/to/the/website/key.key |
73 | 83 | ||
74 | <Directory /absolute/path/to/shaarli/> | 84 | <Directory /absolute/path/to/shaarli/> |
@@ -324,3 +334,15 @@ http { | |||
324 | } | 334 | } |
325 | } | 335 | } |
326 | ``` | 336 | ``` |
337 | |||
338 | ## Restricting search engines and web crawler traffic | ||
339 | |||
340 | Creating a `robots.txt` witht he following contents at the root of your Shaarli installation will prevent "honest" web crawlers from indexing each and every link and Daily page from a Shaarli instance, thus getting rid of a certain amount of unsollicited network traffic. | ||
341 | |||
342 | ``` | ||
343 | User-agent: * | ||
344 | Disallow: / | ||
345 | ``` | ||
346 | |||
347 | See: http://www.robotstxt.org/, http://www.robotstxt.org/robotstxt.html, http://www.robotstxt.org/meta.html | ||
348 | |||