diff options
Diffstat (limited to 'doc')
-rw-r--r-- | doc/md/Docker.md | 7 | ||||
-rw-r--r-- | doc/md/Server-configuration.md | 42 |
2 files changed, 20 insertions, 29 deletions
diff --git a/doc/md/Docker.md b/doc/md/Docker.md index c152fe92..fc406c00 100644 --- a/doc/md/Docker.md +++ b/doc/md/Docker.md | |||
@@ -1,3 +1,4 @@ | |||
1 | |||
1 | # Docker | 2 | # Docker |
2 | 3 | ||
3 | [Docker](https://docs.docker.com/get-started/overview/) is an open platform for developing, shipping, and running applications | 4 | [Docker](https://docs.docker.com/get-started/overview/) is an open platform for developing, shipping, and running applications |
@@ -113,9 +114,11 @@ $ mkdir shaarli && cd shaarli | |||
113 | # Download the latest version of Shaarli's docker-compose.yml | 114 | # Download the latest version of Shaarli's docker-compose.yml |
114 | $ curl -L https://raw.githubusercontent.com/shaarli/Shaarli/latest/docker-compose.yml -o docker-compose.yml | 115 | $ curl -L https://raw.githubusercontent.com/shaarli/Shaarli/latest/docker-compose.yml -o docker-compose.yml |
115 | # Create the .env file and fill in your VPS and domain information | 116 | # Create the .env file and fill in your VPS and domain information |
116 | # (replace <MY_SHAARLI_DOMAIN> and <MY_CONTACT_EMAIL> with your actual information) | 117 | # (replace <shaarli.mydomain.org>, <admin@mydomain.org> and <latest> with your actual information) |
117 | $ echo 'SHAARLI_VIRTUAL_HOST=shaarli.mydomain.org' > .env | 118 | $ echo 'SHAARLI_VIRTUAL_HOST=shaarli.mydomain.org' > .env |
118 | $ echo 'SHAARLI_LETSENCRYPT_EMAIL=admin@mydomain.org' >> .env | 119 | $ echo 'SHAARLI_LETSENCRYPT_EMAIL=admin@mydomain.org' >> .env |
120 | # Available Docker tags can be found at https://hub.docker.com/r/shaarli/shaarli/tags | ||
121 | $ echo 'SHAARLI_DOCKER_TAG=latest' >> .env | ||
119 | # Pull the Docker images | 122 | # Pull the Docker images |
120 | $ docker-compose pull | 123 | $ docker-compose pull |
121 | # Run! | 124 | # Run! |
@@ -224,4 +227,4 @@ $ docker system prune | |||
224 | - [docker pull](https://docs.docker.com/engine/reference/commandline/pull/) | 227 | - [docker pull](https://docs.docker.com/engine/reference/commandline/pull/) |
225 | - [docker run](https://docs.docker.com/engine/reference/commandline/run/) | 228 | - [docker run](https://docs.docker.com/engine/reference/commandline/run/) |
226 | - [docker-compose logs](https://docs.docker.com/compose/reference/logs/) | 229 | - [docker-compose logs](https://docs.docker.com/compose/reference/logs/) |
227 | - Træfik: [Getting Started](https://docs.traefik.io/), [Docker backend](https://docs.traefik.io/configuration/backends/docker/), [Let's Encrypt](https://docs.traefik.io/user-guide/docker-and-lets-encrypt/), [Docker image](https://hub.docker.com/_/traefik/) \ No newline at end of file | 230 | - Træfik: [Getting Started](https://docs.traefik.io/), [Docker backend](https://docs.traefik.io/configuration/backends/docker/), [Let's Encrypt](https://docs.traefik.io/user-guide/docker-and-lets-encrypt/), [Docker image](https://hub.docker.com/_/traefik/) |
diff --git a/doc/md/Server-configuration.md b/doc/md/Server-configuration.md index 4e74d80b..a49b6033 100644 --- a/doc/md/Server-configuration.md +++ b/doc/md/Server-configuration.md | |||
@@ -193,19 +193,24 @@ sudo nano /etc/apache2/sites-available/shaarli.mydomain.org.conf | |||
193 | Require all granted | 193 | Require all granted |
194 | </Directory> | 194 | </Directory> |
195 | 195 | ||
196 | <LocationMatch "/\."> | 196 | # BE CAREFUL: directives order matter! |
197 | # Prevent accessing dotfiles | ||
198 | RedirectMatch 404 ".*" | ||
199 | </LocationMatch> | ||
200 | 197 | ||
201 | <LocationMatch "\.(?:ico|css|js|gif|jpe?g|png)$"> | 198 | <FilesMatch ".*\.(?!(ico|css|js|gif|jpe?g|png|ttf|oet|woff2?)$)[^\.]*$"> |
199 | Require all denied | ||
200 | </FilesMatch> | ||
201 | |||
202 | <Files "index.php"> | ||
203 | Require all granted | ||
204 | </Files> | ||
205 | |||
206 | <FilesMatch "\.(?:ico|css|js|gif|jpe?g|png|ttf|oet|woff2)$"> | ||
202 | # allow client-side caching of static files | 207 | # allow client-side caching of static files |
203 | Header set Cache-Control "max-age=2628000, public, must-revalidate, proxy-revalidate" | 208 | Header set Cache-Control "max-age=2628000, public, must-revalidate, proxy-revalidate" |
204 | </LocationMatch> | 209 | </FilesMatch> |
210 | |||
205 | 211 | ||
206 | # serve the Shaarli favicon from its custom location | 212 | # serve the Shaarli favicon from its custom location |
207 | Alias favicon.ico /var/www/shaarli.mydomain.org/images/favicon.ico | 213 | Alias favicon.ico /var/www/shaarli.mydomain.org/images/favicon.ico |
208 | |||
209 | </VirtualHost> | 214 | </VirtualHost> |
210 | ``` | 215 | ``` |
211 | 216 | ||
@@ -296,7 +301,7 @@ server { | |||
296 | location / { | 301 | location / { |
297 | # default index file when no file URI is requested | 302 | # default index file when no file URI is requested |
298 | index index.php; | 303 | index index.php; |
299 | try_files $uri /index.php$is_args$args; | 304 | try_files _ /index.php$is_args$args; |
300 | } | 305 | } |
301 | 306 | ||
302 | location ~ (index)\.php$ { | 307 | location ~ (index)\.php$ { |
@@ -309,23 +314,7 @@ server { | |||
309 | include fastcgi.conf; | 314 | include fastcgi.conf; |
310 | } | 315 | } |
311 | 316 | ||
312 | location ~ \.php$ { | 317 | location ~ /doc/html/ { |
313 | # deny access to all other PHP scripts | ||
314 | # disable this if you host other PHP applications on the same virtualhost | ||
315 | deny all; | ||
316 | } | ||
317 | |||
318 | location ~ /\. { | ||
319 | # deny access to dotfiles | ||
320 | deny all; | ||
321 | } | ||
322 | |||
323 | location ~ ~$ { | ||
324 | # deny access to temp editor files, e.g. "script.php~" | ||
325 | deny all; | ||
326 | } | ||
327 | |||
328 | location ~ /doc/ { | ||
329 | default_type "text/html"; | 318 | default_type "text/html"; |
330 | try_files $uri $uri/ $uri.html =404; | 319 | try_files $uri $uri/ $uri.html =404; |
331 | } | 320 | } |
@@ -336,13 +325,12 @@ server { | |||
336 | } | 325 | } |
337 | 326 | ||
338 | # allow client-side caching of static files | 327 | # allow client-side caching of static files |
339 | location ~* \.(?:ico|css|js|gif|jpe?g|png)$ { | 328 | location ~* \.(?:ico|css|js|gif|jpe?g|png|ttf|oet|woff2?)$ { |
340 | expires max; | 329 | expires max; |
341 | add_header Cache-Control "public, must-revalidate, proxy-revalidate"; | 330 | add_header Cache-Control "public, must-revalidate, proxy-revalidate"; |
342 | # HTTP 1.0 compatibility | 331 | # HTTP 1.0 compatibility |
343 | add_header Pragma public; | 332 | add_header Pragma public; |
344 | } | 333 | } |
345 | |||
346 | } | 334 | } |
347 | ``` | 335 | ``` |
348 | 336 | ||