diff options
Diffstat (limited to 'doc/Server-configuration.html')
-rw-r--r-- | doc/Server-configuration.html | 74 |
1 files changed, 49 insertions, 25 deletions
diff --git a/doc/Server-configuration.html b/doc/Server-configuration.html index 1d2276df..2f1c25b5 100644 --- a/doc/Server-configuration.html +++ b/doc/Server-configuration.html | |||
@@ -52,13 +52,13 @@ code > span.in { color: #60a0b0; font-weight: bold; font-style: italic; } /* Inf | |||
52 | <div id="local-sidebar"> | 52 | <div id="local-sidebar"> |
53 | <ul> | 53 | <ul> |
54 | <li><a href="Home.html">Home</a></li> | 54 | <li><a href="Home.html">Home</a></li> |
55 | <li>Installation | 55 | <li>Setup |
56 | <ul> | 56 | <ul> |
57 | <li><a href="Download.html">Download</a></li> | 57 | <li><a href="Download-and-Installation.html">Download and Installation</a></li> |
58 | <li><a href="Upgrade-and-migration.html">Upgrade and migration</a></li> | ||
58 | <li><a href="Server-requirements.html">Server requirements</a></li> | 59 | <li><a href="Server-requirements.html">Server requirements</a></li> |
59 | <li><a href="Server-configuration.html">Server configuration</a></li> | 60 | <li><a href="Server-configuration.html">Server configuration</a></li> |
60 | <li><a href="Server-security.html">Server security</a></li> | 61 | <li><a href="Server-security.html">Server security</a></li> |
61 | <li><a href="Shaarli-installation.html">Shaarli installation</a></li> | ||
62 | <li><a href="Shaarli-configuration.html">Shaarli configuration</a></li> | 62 | <li><a href="Shaarli-configuration.html">Shaarli configuration</a></li> |
63 | <li><a href="Plugins.html">Plugins</a></li> | 63 | <li><a href="Plugins.html">Plugins</a></li> |
64 | </ul></li> | 64 | </ul></li> |
@@ -73,7 +73,6 @@ code > span.in { color: #60a0b0; font-weight: bold; font-style: italic; } /* Inf | |||
73 | <li>How To | 73 | <li>How To |
74 | <ul> | 74 | <ul> |
75 | <li><a href="Backup,-restore,-import-and-export.html">Backup, restore, import and export</a></li> | 75 | <li><a href="Backup,-restore,-import-and-export.html">Backup, restore, import and export</a></li> |
76 | <li><a href="Upgrade-from-original-sebsauvage/Shaarli.html">Upgrade from original sebsauvage/Shaarli</a></li> | ||
77 | <li><a href="Copy-an-existing-installation-over-SSH-and-serve-it-locally.html">Copy an existing installation over SSH and serve it locally</a></li> | 76 | <li><a href="Copy-an-existing-installation-over-SSH-and-serve-it-locally.html">Copy an existing installation over SSH and serve it locally</a></li> |
78 | <li><a href="Create-and-serve-multiple-Shaarlis-(farm).html">Create and serve multiple Shaarlis (farm)</a></li> | 77 | <li><a href="Create-and-serve-multiple-Shaarlis-(farm).html">Create and serve multiple Shaarlis (farm)</a></li> |
79 | <li><a href="Download-CSS-styles-from-an-OPML-list.html">Download CSS styles from an OPML list</a></li> | 78 | <li><a href="Download-CSS-styles-from-an-OPML-list.html">Download CSS styles from an OPML list</a></li> |
@@ -97,7 +96,6 @@ code > span.in { color: #60a0b0; font-weight: bold; font-style: italic; } /* Inf | |||
97 | <ul> | 96 | <ul> |
98 | <li><a href="FAQ.html">FAQ</a></li> | 97 | <li><a href="FAQ.html">FAQ</a></li> |
99 | <li><a href="Community-&-Related-software.html">Community & Related software</a></li> | 98 | <li><a href="Community-&-Related-software.html">Community & Related software</a></li> |
100 | <li><a href="TODO.html">TODO</a></li> | ||
101 | </ul></li> | 99 | </ul></li> |
102 | </ul> | 100 | </ul> |
103 | </div> | 101 | </div> |
@@ -133,7 +131,7 @@ code > span.in { color: #60a0b0; font-weight: bold; font-style: italic; } /* Inf | |||
133 | <p>See also <a href="https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%93&q=label%3Aproxy+">proxy-related</a> issues.<a href=".html"></a></p> | 131 | <p>See also <a href="https://github.com/shaarli/Shaarli/issues?utf8=%E2%9C%93&q=label%3Aproxy+">proxy-related</a> issues.<a href=".html"></a></p> |
134 | <h2 id="apache">Apache</h2> | 132 | <h2 id="apache">Apache</h2> |
135 | <h3 id="minimal">Minimal</h3> | 133 | <h3 id="minimal">Minimal</h3> |
136 | <div class="sourceCode"><pre class="sourceCode apache"><code class="sourceCode apache"><span class="fu"><VirtualHost</span><span class="ot"> *:80</span><span class="fu">></span> | 134 | <div class="sourceCode"><pre class="sourceCode apache"><code class="sourceCode apache"><span class="fu"><VirtualHost</span><span class="at"> *:80</span><span class="fu">></span> |
137 | ServerName<span class="st"> shaarli.my-domain.org</span> | 135 | ServerName<span class="st"> shaarli.my-domain.org</span> |
138 | DocumentRoot<span class="st"> /absolute/path/to/shaarli/</span> | 136 | DocumentRoot<span class="st"> /absolute/path/to/shaarli/</span> |
139 | <span class="fu"></VirtualHost></span></code></pre></div> | 137 | <span class="fu"></VirtualHost></span></code></pre></div> |
@@ -144,11 +142,11 @@ code > span.in { color: #60a0b0; font-weight: bold; font-style: italic; } /* Inf | |||
144 | <li><a href="http://stackoverflow.com/q/176">Apache/PHP - error log per VirtualHost</a> (StackOverflow)<a href=".html"></a></li> | 142 | <li><a href="http://stackoverflow.com/q/176">Apache/PHP - error log per VirtualHost</a> (StackOverflow)<a href=".html"></a></li> |
145 | <li><a href="https://ma.ttias.be/php-php_value-vs-php_admin_value-and-the-use-of-php_flag-explained/">PHP: php_value vs php_admin_value and the use of php_flag explained</a><a href=".html"></a></li> | 143 | <li><a href="https://ma.ttias.be/php-php_value-vs-php_admin_value-and-the-use-of-php_flag-explained/">PHP: php_value vs php_admin_value and the use of php_flag explained</a><a href=".html"></a></li> |
146 | </ul> | 144 | </ul> |
147 | <div class="sourceCode"><pre class="sourceCode apache"><code class="sourceCode apache"><span class="fu"><VirtualHost</span><span class="ot"> *:80</span><span class="fu">></span> | 145 | <div class="sourceCode"><pre class="sourceCode apache"><code class="sourceCode apache"><span class="fu"><VirtualHost</span><span class="at"> *:80</span><span class="fu">></span> |
148 | ServerName<span class="st"> shaarli.my-domain.org</span> | 146 | ServerName<span class="st"> shaarli.my-domain.org</span> |
149 | DocumentRoot<span class="st"> /absolute/path/to/shaarli/</span> | 147 | DocumentRoot<span class="st"> /absolute/path/to/shaarli/</span> |
150 | 148 | ||
151 | <span class="ot">LogLevel</span><span class="ch"> </span><span class="kw">warn</span> | 149 | <span class="ex">LogLevel</span><span class="ch"> </span><span class="kw">warn</span> |
152 | ErrorLog<span class="st"> /var/log/apache2/shaarli-error.log</span> | 150 | ErrorLog<span class="st"> /var/log/apache2/shaarli-error.log</span> |
153 | CustomLog<span class="st"> /var/log/apache2/shaarli-access.log combined</span> | 151 | CustomLog<span class="st"> /var/log/apache2/shaarli-access.log combined</span> |
154 | 152 | ||
@@ -158,43 +156,46 @@ code > span.in { color: #60a0b0; font-weight: bold; font-style: italic; } /* Inf | |||
158 | php_value error_log /var/log/apache2/shaarli-php-error.log | 156 | php_value error_log /var/log/apache2/shaarli-php-error.log |
159 | <span class="fu"></VirtualHost></span></code></pre></div> | 157 | <span class="fu"></VirtualHost></span></code></pre></div> |
160 | <h3 id="standard---keep-access-and-error-logs">Standard - Keep access and error logs</h3> | 158 | <h3 id="standard---keep-access-and-error-logs">Standard - Keep access and error logs</h3> |
161 | <div class="sourceCode"><pre class="sourceCode apache"><code class="sourceCode apache"><span class="fu"><VirtualHost</span><span class="ot"> *:80</span><span class="fu">></span> | 159 | <div class="sourceCode"><pre class="sourceCode apache"><code class="sourceCode apache"><span class="fu"><VirtualHost</span><span class="at"> *:80</span><span class="fu">></span> |
162 | ServerName<span class="st"> shaarli.my-domain.org</span> | 160 | ServerName<span class="st"> shaarli.my-domain.org</span> |
163 | DocumentRoot<span class="st"> /absolute/path/to/shaarli/</span> | 161 | DocumentRoot<span class="st"> /absolute/path/to/shaarli/</span> |
164 | 162 | ||
165 | <span class="ot">LogLevel</span><span class="ch"> </span><span class="kw">warn</span> | 163 | <span class="ex">LogLevel</span><span class="ch"> </span><span class="kw">warn</span> |
166 | ErrorLog<span class="st"> /var/log/apache2/shaarli-error.log</span> | 164 | ErrorLog<span class="st"> /var/log/apache2/shaarli-error.log</span> |
167 | CustomLog<span class="st"> /var/log/apache2/shaarli-access.log combined</span> | 165 | CustomLog<span class="st"> /var/log/apache2/shaarli-access.log combined</span> |
168 | <span class="fu"></VirtualHost></span></code></pre></div> | 166 | <span class="fu"></VirtualHost></span></code></pre></div> |
169 | <h3 id="paranoid---redirect-http-80-to-https-443">Paranoid - Redirect HTTP (:80) to HTTPS (:443)</h3> | 167 | <h3 id="paranoid---redirect-http-80-to-https-443">Paranoid - Redirect HTTP (:80) to HTTPS (:443)</h3> |
170 | <p>See <a href="https://wiki.mozilla.org/Security/Server_Side_TLS#Apache">Server-side TLS</a> (Mozilla).<a href=".html"></a></p> | 168 | <p>See <a href="https://wiki.mozilla.org/Security/Server_Side_TLS#Apache">Server-side TLS</a> (Mozilla).<a href=".html"></a></p> |
171 | <div class="sourceCode"><pre class="sourceCode apache"><code class="sourceCode apache"><span class="fu"><VirtualHost</span><span class="ot"> *:443</span><span class="fu">></span> | 169 | <div class="sourceCode"><pre class="sourceCode apache"><code class="sourceCode apache"><span class="fu"><VirtualHost</span><span class="at"> *:443</span><span class="fu">></span> |
172 | ServerName<span class="st"> shaarli.my-domain.org</span> | 170 | ServerName<span class="st"> shaarli.my-domain.org</span> |
173 | DocumentRoot<span class="st"> /absolute/path/to/shaarli/</span> | 171 | DocumentRoot<span class="st"> /absolute/path/to/shaarli/</span> |
174 | 172 | ||
175 | <span class="ot">SSLEngine</span><span class="ch"> </span><span class="kw">on</span> | 173 | <span class="ex">SSLEngine</span><span class="ch"> </span><span class="kw">on</span> |
176 | SSLCertificateFile<span class="st"> /absolute/path/to/the/website/certificate.pem</span> | 174 | SSLCertificateFile<span class="st"> /absolute/path/to/the/website/certificate.pem</span> |
177 | SSLCertificateKeyFile<span class="st"> /absolute/path/to/the/website/key.key</span> | 175 | SSLCertificateKeyFile<span class="st"> /absolute/path/to/the/website/key.key</span> |
178 | 176 | ||
179 | <span class="fu"><Directory</span><span class="ot"> /absolute/path/to/shaarli/</span><span class="fu">></span> | 177 | <span class="fu"><Directory</span><span class="at"> /absolute/path/to/shaarli/</span><span class="fu">></span> |
180 | <span class="ot">AllowOverride</span><span class="ch"> </span><span class="kw">All</span> | 178 | <span class="ex">AllowOverride</span><span class="ch"> </span><span class="kw">All</span> |
181 | <span class="ot">Options</span><span class="ch"> </span><span class="kw">Indexes</span><span class="ch"> </span><span class="kw">FollowSymLinks</span><span class="ch"> </span><span class="kw">MultiViews</span> | 179 | <span class="ex">Options</span><span class="ch"> </span><span class="kw">Indexes</span><span class="ch"> </span><span class="kw">FollowSymLinks</span><span class="ch"> </span><span class="kw">MultiViews</span> |
182 | <span class="ot">Order</span><span class="ch"> </span><span class="kw">allow,deny</span> | 180 | <span class="ex">Order</span><span class="ch"> </span><span class="kw">allow,deny</span> |
183 | allow<span class="st"> from all</span> | 181 | allow<span class="st"> from all</span> |
184 | <span class="fu"></Directory></span> | 182 | <span class="fu"></Directory></span> |
185 | 183 | ||
186 | <span class="ot">LogLevel</span><span class="ch"> </span><span class="kw">warn</span> | 184 | <span class="ex">LogLevel</span><span class="ch"> </span><span class="kw">warn</span> |
187 | ErrorLog<span class="st"> /var/log/apache2/shaarli-error.log</span> | 185 | ErrorLog<span class="st"> /var/log/apache2/shaarli-error.log</span> |
188 | CustomLog<span class="st"> /var/log/apache2/shaarli-access.log combined</span> | 186 | CustomLog<span class="st"> /var/log/apache2/shaarli-access.log combined</span> |
189 | <span class="fu"></VirtualHost></span> | 187 | <span class="fu"></VirtualHost></span> |
190 | <span class="fu"><VirtualHost</span><span class="ot"> *:80</span><span class="fu">></span> | 188 | <span class="fu"><VirtualHost</span><span class="at"> *:80</span><span class="fu">></span> |
191 | ServerName<span class="st"> shaarli.my-domain.org</span> | 189 | ServerName<span class="st"> shaarli.my-domain.org</span> |
192 | Redirect<span class="st"> 301 / https://shaarli.my-domain.org</span> | 190 | Redirect<span class="st"> 301 / https://shaarli.my-domain.org</span> |
193 | 191 | ||
194 | <span class="ot">LogLevel</span><span class="ch"> </span><span class="kw">warn</span> | 192 | <span class="ex">LogLevel</span><span class="ch"> </span><span class="kw">warn</span> |
195 | ErrorLog<span class="st"> /var/log/apache2/shaarli-error.log</span> | 193 | ErrorLog<span class="st"> /var/log/apache2/shaarli-error.log</span> |
196 | CustomLog<span class="st"> /var/log/apache2/shaarli-access.log combined</span> | 194 | CustomLog<span class="st"> /var/log/apache2/shaarli-access.log combined</span> |
197 | <span class="fu"></VirtualHost></span></code></pre></div> | 195 | <span class="fu"></VirtualHost></span></code></pre></div> |
196 | <h3 id="htaccess">.htaccess</h3> | ||
197 | <p>Shaarli use <code>.htaccess</code> Apache files to deny access to files that shouldn't be directly accessed (datastore, config, etc.). You need the directive <code>AllowOverride All</code> in your virtual host configuration for them to work.</p> | ||
198 | <p><strong>Warning</strong>: If you use Apache 2.2 or lower, you need <a href="https://httpd.apache.org/docs/current/mod/mod_version.html">mod_version</a> to be installed and enabled.<a href=".html"></a></p> | ||
198 | <h2 id="lighthttpd">LightHttpd</h2> | 199 | <h2 id="lighthttpd">LightHttpd</h2> |
199 | <h2 id="nginx">Nginx</h2> | 200 | <h2 id="nginx">Nginx</h2> |
200 | <h3 id="foreword">Foreword</h3> | 201 | <h3 id="foreword">Foreword</h3> |
@@ -235,7 +236,7 @@ code > span.in { color: #60a0b0; font-weight: bold; font-style: italic; } /* Inf | |||
235 | <li>files may be located in a user's home directory</li> | 236 | <li>files may be located in a user's home directory</li> |
236 | <li>in this case, make sure both Nginx and PHP-FPM are running as the local user/group!</li> | 237 | <li>in this case, make sure both Nginx and PHP-FPM are running as the local user/group!</li> |
237 | </ul> | 238 | </ul> |
238 | <p>For all following examples, a development configuration will be used:</p> | 239 | <p>For all following configuration examples, this user/group pair will be used:</p> |
239 | <ul> | 240 | <ul> |
240 | <li><code>user:group = john:users</code>,</li> | 241 | <li><code>user:group = john:users</code>,</li> |
241 | </ul> | 242 | </ul> |
@@ -253,6 +254,24 @@ user john users; | |||
253 | http { | 254 | http { |
254 | [...][](.html) | 255 | [...][](.html) |
255 | }</code></pre> | 256 | }</code></pre> |
257 | <h3 id="optional-increase-the-maximum-file-upload-size">(Optional) Increase the maximum file upload size</h3> | ||
258 | <p>Some bookmark dumps generated by web browsers can be <em>huge</em> due to the presence of Base64-encoded images and favicons, as well as extra verbosity when nesting links in (sub-)folders.</p> | ||
259 | <p>To increase upload size, you will need to modify both nginx and PHP configuration:</p> | ||
260 | <pre class="nginx"><code># /etc/nginx/nginx.conf | ||
261 | |||
262 | http { | ||
263 | [...][](.html) | ||
264 | |||
265 | client_max_body_size 10m; | ||
266 | |||
267 | [...][](.html) | ||
268 | }</code></pre> | ||
269 | <div class="sourceCode"><pre class="sourceCode ini"><code class="sourceCode ini"><span class="co"># /etc/php5/fpm/php.ini</span> | ||
270 | |||
271 | <span class="kw">[...][]</span><span class="dt">(.html)</span> | ||
272 | <span class="dt">post_max_size </span><span class="ot">=</span><span class="st"> 10M</span> | ||
273 | <span class="kw">[...][]</span><span class="dt">(.html)</span> | ||
274 | <span class="dt">upload_max_filesize </span><span class="ot">=</span><span class="st"> 10M</span></code></pre></div> | ||
256 | <h3 id="minimal-1">Minimal</h3> | 275 | <h3 id="minimal-1">Minimal</h3> |
257 | <p><em>WARNING: Use for development only!</em></p> | 276 | <p><em>WARNING: Use for development only!</em></p> |
258 | <pre class="nginx"><code>user john users; | 277 | <pre class="nginx"><code>user john users; |
@@ -352,6 +371,11 @@ http { | |||
352 | error_log /var/log/nginx/shaarli.error.log; | 371 | error_log /var/log/nginx/shaarli.error.log; |
353 | } | 372 | } |
354 | 373 | ||
374 | location = /shaarli/favicon.ico { | ||
375 | # serve the Shaarli favicon from its custom location | ||
376 | alias /var/www/shaarli/images/favicon.ico; | ||
377 | } | ||
378 | |||
355 | include deny.conf; | 379 | include deny.conf; |
356 | include static_assets.conf; | 380 | include static_assets.conf; |
357 | include php.conf; | 381 | include php.conf; |
@@ -405,15 +429,15 @@ http { | |||
405 | error_log /var/log/nginx/shaarli.error.log; | 429 | error_log /var/log/nginx/shaarli.error.log; |
406 | } | 430 | } |
407 | 431 | ||
432 | location = /shaarli/favicon.ico { | ||
433 | # serve the Shaarli favicon from its custom location | ||
434 | alias /var/www/shaarli/images/favicon.ico; | ||
435 | } | ||
436 | |||
408 | include deny.conf; | 437 | include deny.conf; |
409 | include static_assets.conf; | 438 | include static_assets.conf; |
410 | include php.conf; | 439 | include php.conf; |
411 | } | 440 | } |
412 | }</code></pre> | 441 | }</code></pre> |
413 | <h2 id="restricting-search-engines-and-web-crawler-traffic">Restricting search engines and web crawler traffic</h2> | ||
414 | <p>Creating a <code>robots.txt</code> witht he following contents at the root of your Shaarli installation will prevent "honest" web crawlers from indexing each and every link and Daily page from a Shaarli instance, thus getting rid of a certain amount of unsollicited network traffic.</p> | ||
415 | <pre><code>User-agent: * | ||
416 | Disallow: /</code></pre> | ||
417 | <p>See: <a href="http://www.robotstxt.org/" class="uri">http://www.robotstxt.org/</a>, <a href="http://www.robotstxt.org/robotstxt.html" class="uri">http://www.robotstxt.org/robotstxt.html</a>, <a href="http://www.robotstxt.org/meta.html" class="uri">http://www.robotstxt.org/meta.html</a></p> | ||
418 | </body> | 442 | </body> |
419 | </html> | 443 | </html> |