devuan: merge nginx changes from debian
This commit is contained in:
Valentin Kleibel
parent
37eecb945d
commit
8dbb543d72
|
|
@ -9,69 +9,36 @@ cd "$(dirname "$0")"
|
|||
. ./environment.sh
|
||||
|
||||
#send a message
|
||||
verbose "Installing Nginx"
|
||||
verbose "Installing the web server"
|
||||
|
||||
#if [ ."$cpu_architecture" = ."arm" ]; then
|
||||
#9.x - */stretch/
|
||||
#8.x - */jessie/
|
||||
#fi
|
||||
if [ ."$php_version" = ."5" ]; then
|
||||
#verbose "Switching forcefully to php5* packages"
|
||||
which add-apt-repository || apt-get install -y software-properties-common
|
||||
#LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php
|
||||
#LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php5-compat
|
||||
apt-get update
|
||||
elif [ ."$os_name" = ."Ubuntu" ]; then
|
||||
#16.10.x - */yakkety/
|
||||
#16.04.x - */xenial/
|
||||
#14.04.x - */trusty/
|
||||
if [ ."$os_codename" = ."trusty" ]; then
|
||||
which add-apt-repository || apt-get install -y software-properties-common
|
||||
LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php
|
||||
apt-get -q update
|
||||
fi
|
||||
elif [ ."$cpu_architecture" = ."arm" ]; then
|
||||
#Pi2 and Pi3 Raspbian
|
||||
#Odroid
|
||||
if [ ."$os_codename" = ."jessie" ]; then
|
||||
echo "deb http://packages.moopi.uk/debian jessie main" > /etc/apt/sources.list.d/moopi.list
|
||||
wget -O - http://packages.moopi.uk/debian/moopi.gpg.key | apt-key add -
|
||||
apt-get -q update
|
||||
fi
|
||||
else
|
||||
#9.x - */stretch/
|
||||
#8.x - */jessie/
|
||||
if [ ."$os_codename" = ."jessie" ]; then
|
||||
echo "deb http://packages.dotdeb.org $os_codename all" > /etc/apt/sources.list.d/dotdeb.list
|
||||
echo "deb-src http://packages.dotdeb.org $os_codename all" >> /etc/apt/sources.list.d/dotdeb.list
|
||||
wget -O - https://www.dotdeb.org/dotdeb.gpg | apt-key add -
|
||||
apt-get -q update
|
||||
fi
|
||||
#change the version of php for arm
|
||||
if [ ."$cpu_architecture" = ."arm" ]; then
|
||||
#Pi2 and Pi3 Raspbian
|
||||
#Odroid
|
||||
if [ ."$os_codename" = ."stretch" ]; then
|
||||
php_version=7.2
|
||||
else
|
||||
php_version=5.6
|
||||
fi
|
||||
fi
|
||||
|
||||
#use php version 5 for arm
|
||||
#if [ .$cpu_architecture = .'arm' ]; then
|
||||
# php_version=5
|
||||
#fi
|
||||
|
||||
#install dependencies
|
||||
apt-get install -y -q nginx
|
||||
if [ ."$php_version" = ."5" ]; then
|
||||
apt-get install -y -q php5 php5-cli php5-fpm php5-pgsql php5-sqlite php5-odbc php5-curl php5-imap
|
||||
#set the version of php
|
||||
if [ ."$os_codename" = ."chimaera" ]; then
|
||||
php_version=7.4
|
||||
fi
|
||||
if [ ."$php_version" = ."7" ]; then
|
||||
apt-get install -y -q php7.0 php7.0-cli php7.0-fpm php7.0-pgsql php7.0-sqlite3 php7.0-odbc php7.0-curl php7.0-imap php7.0-xml
|
||||
if [ ."$os_codename" = ."beowulf" ]; then
|
||||
php_version=7.3
|
||||
fi
|
||||
|
||||
#enable fusionpbx nginx config
|
||||
cp nginx/fusionpbx /etc/nginx/sites-available/fusionpbx
|
||||
|
||||
#prepare socket name
|
||||
if [ ."$php_version" = ."5" ]; then
|
||||
sed -i /etc/nginx/sites-available/fusionpbx -e 's#unix:.*;#unix:/var/run/php5-fpm.sock;#g'
|
||||
if [ ."$php_version" = ."7.3" ]; then
|
||||
sed -i /etc/nginx/sites-available/fusionpbx -e 's#unix:.*;#unix:/var/run/php/php7.3-fpm.sock;#g'
|
||||
fi
|
||||
if [ ."$php_version" = ."7" ]; then
|
||||
sed -i /etc/nginx/sites-available/fusionpbx -e 's#unix:.*;#unix:/var/run/php/php7.0-fpm.sock;#g'
|
||||
if [ ."$php_version" = ."7.4" ]; then
|
||||
sed -i /etc/nginx/sites-available/fusionpbx -e 's#unix:.*;#unix:/var/run/php/php7.4-fpm.sock;#g'
|
||||
fi
|
||||
ln -s /etc/nginx/sites-available/fusionpbx /etc/nginx/sites-enabled/fusionpbx
|
||||
|
||||
|
|
@ -82,8 +49,15 @@ ln -s /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/certs/nginx.crt
|
|||
#remove the default site
|
||||
rm /etc/nginx/sites-enabled/default
|
||||
|
||||
#update config if LetsEncrypt folder is unwanted
|
||||
# if [ .$letsencrypt_folder = .false ]; then
|
||||
# sed -i '151,155d' /etc/nginx/sites-available/fusionpbx
|
||||
# fi
|
||||
|
||||
#add the letsencrypt directory
|
||||
mkdir -p /var/www/letsencrypt/
|
||||
if [ .$letsencrypt_folder = .true ]; then
|
||||
mkdir -p /var/www/letsencrypt/
|
||||
fi
|
||||
|
||||
#restart nginx
|
||||
service nginx restart
|
||||
/usr/sbin/service nginx restart
|
||||
|
|
|
|||
|
|
@ -1,254 +1,299 @@
|
|||
|
||||
server {
|
||||
listen 127.0.0.1:80;
|
||||
server_name 127.0.0.1;
|
||||
access_log /var/log/nginx/access.log;
|
||||
error_log /var/log/nginx/error.log;
|
||||
|
||||
client_max_body_size 80M;
|
||||
client_body_buffer_size 128k;
|
||||
|
||||
location / {
|
||||
root /var/www/fusionpbx;
|
||||
index index.php;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
|
||||
#fastcgi_pass 127.0.0.1:9000;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
|
||||
}
|
||||
|
||||
# Allow the upgrade routines to run longer than normal
|
||||
location = /core/upgrade/index.php {
|
||||
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
|
||||
#fastcgi_pass 127.0.0.1:9000;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
|
||||
fastcgi_read_timeout 15m;
|
||||
}
|
||||
|
||||
# Disable viewing .htaccess & .htpassword & .db
|
||||
location ~ .htaccess {
|
||||
deny all;
|
||||
}
|
||||
location ~ .htpassword {
|
||||
deny all;
|
||||
}
|
||||
location ~^.+.(db)$ {
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
server_name fusionpbx;
|
||||
if ($uri !~* ^.*(provision|xml_cdr).*$) {
|
||||
rewrite ^(.*) https://$host$1 permanent;
|
||||
break;
|
||||
}
|
||||
|
||||
#REST api
|
||||
if ($uri ~* ^.*/api/.*$) {
|
||||
rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last;
|
||||
break;
|
||||
}
|
||||
|
||||
#algo
|
||||
rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last;
|
||||
|
||||
#mitel
|
||||
rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last;
|
||||
rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last;
|
||||
|
||||
#grandstream
|
||||
rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1;
|
||||
rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/phonebook\.xml$" /app/provision/?mac=$1&file=phonebook.xml;
|
||||
#grandstream-wave softphone by ext because Android doesn't pass MAC.
|
||||
rewrite "^.*/provision/([0-9]{5})/cfg([A-Fa-f0-9]{12}).xml$" /app/provision/?ext=$1;
|
||||
|
||||
#aastra
|
||||
rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg;
|
||||
#rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last;
|
||||
|
||||
#yealink common
|
||||
rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg;
|
||||
|
||||
#yealink mac
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last;
|
||||
|
||||
#polycom
|
||||
rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg";
|
||||
#rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2;
|
||||
rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg";
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml";
|
||||
|
||||
#cisco
|
||||
rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last;
|
||||
|
||||
#Escene
|
||||
rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last;
|
||||
rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last;
|
||||
|
||||
#Vtech
|
||||
rewrite "^.*/provision/VCS754_([A-Fa-f0-9]{12})\.cfg$" /app/provision/?mac=$1;
|
||||
rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/directory\.xml$" /app/provision/?mac=$1&file=directory.xml;
|
||||
|
||||
#Digium
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-contacts\.cfg$" "/app/provision/?mac=$1&file={%24mac}-contacts.cfg";
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-smartblf\.cfg$" "/app/provision/?mac=$1&file={%24mac}-smartblf.cfg";
|
||||
|
||||
access_log /var/log/nginx/access.log;
|
||||
error_log /var/log/nginx/error.log;
|
||||
|
||||
client_max_body_size 80M;
|
||||
client_body_buffer_size 128k;
|
||||
|
||||
location / {
|
||||
root /var/www/fusionpbx;
|
||||
index index.php;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
|
||||
#fastcgi_pass 127.0.0.1:9000;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
|
||||
}
|
||||
|
||||
# Allow the upgrade routines to run longer than normal
|
||||
location = /core/upgrade/index.php {
|
||||
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
|
||||
#fastcgi_pass 127.0.0.1:9000;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
|
||||
fastcgi_read_timeout 15m;
|
||||
}
|
||||
|
||||
# Disable viewing .htaccess & .htpassword & .db
|
||||
location ~ .htaccess {
|
||||
deny all;
|
||||
}
|
||||
location ~ .htpassword {
|
||||
deny all;
|
||||
}
|
||||
location ~^.+.(db)$ {
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443;
|
||||
server_name fusionpbx;
|
||||
ssl on;
|
||||
ssl_certificate /etc/ssl/certs/nginx.crt;
|
||||
ssl_certificate_key /etc/ssl/private/nginx.key;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_ciphers HIGH:!ADH:!MD5:!aNULL;
|
||||
|
||||
#letsencrypt
|
||||
location /.well-known/acme-challenge {
|
||||
root /var/www/letsencrypt;
|
||||
}
|
||||
|
||||
#REST api
|
||||
if ($uri ~* ^.*/api/.*$) {
|
||||
rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last;
|
||||
break;
|
||||
}
|
||||
|
||||
#algo
|
||||
rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last;
|
||||
|
||||
#mitel
|
||||
rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last;
|
||||
rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last;
|
||||
|
||||
#grandstream
|
||||
rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1;
|
||||
rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/phonebook\.xml$" /app/provision/?mac=$1&file=phonebook.xml;
|
||||
#grandstream-wave softphone by ext because Android doesn't pass MAC.
|
||||
rewrite "^.*/provision/([0-9]{5})/cfg([A-Fa-f0-9]{12}).xml$" /app/provision/?ext=$1;
|
||||
|
||||
#aastra
|
||||
rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg;
|
||||
#rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last;
|
||||
|
||||
#yealink common
|
||||
rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg;
|
||||
|
||||
#yealink mac
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last;
|
||||
|
||||
#polycom
|
||||
rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg";
|
||||
#rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2;
|
||||
rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg";
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml";
|
||||
|
||||
#cisco
|
||||
rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last;
|
||||
|
||||
#Escene
|
||||
rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last;
|
||||
rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last;
|
||||
|
||||
#Vtech
|
||||
rewrite "^.*/provision/VCS754_([A-Fa-f0-9]{12})\.cfg$" /app/provision/?mac=$1;
|
||||
rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/directory\.xml$" /app/provision/?mac=$1&file=directory.xml;
|
||||
|
||||
#Digium
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-contacts\.cfg$" "/app/provision/?mac=$1&file={%24mac}-contacts.cfg";
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-smartblf\.cfg$" "/app/provision/?mac=$1&file={%24mac}-smartblf.cfg";
|
||||
|
||||
access_log /var/log/nginx/access.log;
|
||||
error_log /var/log/nginx/error.log;
|
||||
|
||||
client_max_body_size 80M;
|
||||
client_body_buffer_size 128k;
|
||||
|
||||
location / {
|
||||
root /var/www/fusionpbx;
|
||||
index index.php;
|
||||
}
|
||||
|
||||
# Allow the upgrade routines to run longer than normal
|
||||
location = /core/upgrade/index.php {
|
||||
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
|
||||
#fastcgi_pass 127.0.0.1:9000;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
|
||||
fastcgi_read_timeout 15m;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
|
||||
#fastcgi_pass 127.0.0.1:9000;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
|
||||
}
|
||||
|
||||
# Disable viewing .htaccess & .htpassword & .db
|
||||
location ~ .htaccess {
|
||||
deny all;
|
||||
}
|
||||
location ~ .htpassword {
|
||||
deny all;
|
||||
}
|
||||
location ~^.+.(db)$ {
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 127.0.0.1:80;
|
||||
server_name 127.0.0.1;
|
||||
access_log /var/log/nginx/access.log;
|
||||
error_log /var/log/nginx/error.log;
|
||||
|
||||
client_max_body_size 80M;
|
||||
client_body_buffer_size 128k;
|
||||
|
||||
location / {
|
||||
root /var/www/fusionpbx;
|
||||
index index.php;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
|
||||
#fastcgi_pass 127.0.0.1:9000;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
|
||||
}
|
||||
|
||||
# Allow the upgrade routines to run longer than normal
|
||||
location = /core/upgrade/index.php {
|
||||
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
|
||||
#fastcgi_pass 127.0.0.1:9000;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
|
||||
fastcgi_read_timeout 15m;
|
||||
}
|
||||
|
||||
# Disable viewing .htaccess & .htpassword & .db & .git
|
||||
location ~ .htaccess {
|
||||
deny all;
|
||||
}
|
||||
location ~ .htpassword {
|
||||
deny all;
|
||||
}
|
||||
location ~^.+.(db)$ {
|
||||
deny all;
|
||||
}
|
||||
location ~ /\.git {
|
||||
deny all;
|
||||
}
|
||||
location ~ /\.lua {
|
||||
deny all;
|
||||
}
|
||||
location ~ /\. {
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
server_name fusionpbx;
|
||||
|
||||
#redirect letsencrypt to dehydrated
|
||||
location ^~ /.well-known/acme-challenge {
|
||||
default_type "text/plain";
|
||||
auth_basic "off";
|
||||
alias /var/www/dehydrated;
|
||||
}
|
||||
|
||||
#rewrite rule - send to https with an exception for provisioning
|
||||
if ($uri !~* ^.*(provision|xml_cdr|firmware).*$) {
|
||||
rewrite ^(.*) https://$host$1 permanent;
|
||||
break;
|
||||
}
|
||||
|
||||
#REST api
|
||||
if ($uri ~* ^.*/api/.*$) {
|
||||
rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last;
|
||||
break;
|
||||
}
|
||||
|
||||
#algo
|
||||
rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last;
|
||||
|
||||
#mitel
|
||||
rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last;
|
||||
rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last;
|
||||
|
||||
#grandstream
|
||||
rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})/phonebook\.xml$" /app/provision/?mac=$1&file=phonebook.xml;
|
||||
rewrite "^.*/provision/(phonebook\.xml)?$" /app/provision/index.php?file=$1 last;
|
||||
#grandstream-wave softphone by ext because Android doesn't pass MAC.
|
||||
rewrite "^.*/provision/([0-9]{5})/cfg([A-Fa-f0-9]{12}).xml$" /app/provision/?ext=$1;
|
||||
|
||||
#aastra
|
||||
rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg;
|
||||
#rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last;
|
||||
|
||||
#yealink
|
||||
#rewrite "^.*/provision/(y[0-9]{12})(\.cfg|\.boot)?$" /app/provision/index.php?file=$1$2;
|
||||
rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last;
|
||||
|
||||
#polycom
|
||||
rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg";
|
||||
#rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2;
|
||||
rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg";
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml";
|
||||
|
||||
#cisco
|
||||
rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last;
|
||||
|
||||
#Escene
|
||||
rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last;
|
||||
rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last;
|
||||
|
||||
#Vtech
|
||||
rewrite "^.*/provision/VCS754_([A-Fa-f0-9]{12})\.cfg$" /app/provision/?mac=$1;
|
||||
rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/directory\.xml$" /app/provision/?mac=$1&file=directory.xml;
|
||||
|
||||
#Digium
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-contacts\.cfg$" "/app/provision/?mac=$1&file={%24mac}-contacts.cfg";
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-smartblf\.cfg$" "/app/provision/?mac=$1&file={%24mac}-smartblf.cfg";
|
||||
|
||||
#Snom
|
||||
rewrite "^.*/provision/-([A-Fa-f0-9]{12})?$" /app/provision/index.php?mac=$1;
|
||||
|
||||
access_log /var/log/nginx/access.log;
|
||||
error_log /var/log/nginx/error.log;
|
||||
|
||||
client_max_body_size 80M;
|
||||
client_body_buffer_size 128k;
|
||||
|
||||
location / {
|
||||
root /var/www/fusionpbx;
|
||||
index index.php;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
|
||||
#fastcgi_pass 127.0.0.1:9000;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
|
||||
}
|
||||
|
||||
# Allow the upgrade routines to run longer than normal
|
||||
location = /core/upgrade/index.php {
|
||||
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
|
||||
#fastcgi_pass 127.0.0.1:9000;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
|
||||
fastcgi_read_timeout 15m;
|
||||
}
|
||||
|
||||
# Disable viewing .htaccess & .htpassword & .db & .git
|
||||
location ~ .htaccess {
|
||||
deny all;
|
||||
}
|
||||
location ~ .htpassword {
|
||||
deny all;
|
||||
}
|
||||
location ~^.+.(db)$ {
|
||||
deny all;
|
||||
}
|
||||
location ~ /\.git {
|
||||
deny all;
|
||||
}
|
||||
location ~ /\.lua {
|
||||
deny all;
|
||||
}
|
||||
location ~ /\. {
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
|
||||
server {
|
||||
listen 443 ssl;
|
||||
server_name fusionpbx;
|
||||
|
||||
ssl_certificate /etc/ssl/certs/nginx.crt;
|
||||
ssl_certificate_key /etc/ssl/private/nginx.key;
|
||||
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
||||
ssl_ciphers HIGH:!ADH:!MD5:!aNULL;
|
||||
#ssl_dhparam
|
||||
|
||||
#redirect letsencrypt to dehydrated
|
||||
location ^~ /.well-known/acme-challenge {
|
||||
default_type "text/plain";
|
||||
auth_basic "off";
|
||||
alias /var/www/dehydrated;
|
||||
}
|
||||
|
||||
#REST api
|
||||
if ($uri ~* ^.*/api/.*$) {
|
||||
rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last;
|
||||
break;
|
||||
}
|
||||
|
||||
#message media
|
||||
rewrite "^/app/messages/media/(.*)/(.*)" /app/messages/message_media.php?id=$1&action=download last;
|
||||
|
||||
#algo
|
||||
rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last;
|
||||
|
||||
#mitel
|
||||
rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last;
|
||||
rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last;
|
||||
|
||||
#grandstream
|
||||
rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})/phonebook\.xml$" /app/provision/?mac=$1&file=phonebook.xml;
|
||||
rewrite "^.*/provision/(phonebook\.xml)?$" /app/provision/index.php?file=$1 last;
|
||||
#grandstream-wave softphone by ext because Android doesn't pass MAC.
|
||||
rewrite "^.*/provision/([0-9]{5})/cfg([A-Fa-f0-9]{12}).xml$" /app/provision/?ext=$1;
|
||||
|
||||
#aastra
|
||||
rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg;
|
||||
#rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last;
|
||||
|
||||
#yealink
|
||||
#rewrite "^.*/provision/(y[0-9]{12})(\.cfg|\.boot)?$" /app/provision/index.php?file=$1$2;
|
||||
rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last;
|
||||
|
||||
#polycom
|
||||
rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg";
|
||||
#rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2;
|
||||
rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1;
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg";
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml";
|
||||
|
||||
#cisco
|
||||
rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last;
|
||||
|
||||
#Escene
|
||||
rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last;
|
||||
rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last;
|
||||
|
||||
#Vtech
|
||||
rewrite "^.*/provision/VCS754_([A-Fa-f0-9]{12})\.cfg$" /app/provision/?mac=$1;
|
||||
rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/directory\.xml$" /app/provision/?mac=$1&file=directory.xml;
|
||||
|
||||
#Digium
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-contacts\.cfg$" "/app/provision/?mac=$1&file={%24mac}-contacts.cfg";
|
||||
rewrite "^.*/provision/([A-Fa-f0-9]{12})-smartblf\.cfg$" "/app/provision/?mac=$1&file={%24mac}-smartblf.cfg";
|
||||
|
||||
access_log /var/log/nginx/access.log;
|
||||
error_log /var/log/nginx/error.log;
|
||||
|
||||
client_max_body_size 80M;
|
||||
client_body_buffer_size 128k;
|
||||
|
||||
location / {
|
||||
root /var/www/fusionpbx;
|
||||
index index.php;
|
||||
}
|
||||
|
||||
location ~ \.php$ {
|
||||
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
|
||||
#fastcgi_pass 127.0.0.1:9000;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
|
||||
}
|
||||
|
||||
# Allow the upgrade routines to run longer than normal
|
||||
location = /core/upgrade/index.php {
|
||||
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
|
||||
#fastcgi_pass 127.0.0.1:9000;
|
||||
fastcgi_index index.php;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
|
||||
fastcgi_read_timeout 15m;
|
||||
}
|
||||
|
||||
# Disable viewing .htaccess & .htpassword & .db & .git
|
||||
location ~ .htaccess {
|
||||
deny all;
|
||||
}
|
||||
location ~ .htpassword {
|
||||
deny all;
|
||||
}
|
||||
location ~^.+.(db)$ {
|
||||
deny all;
|
||||
}
|
||||
location ~ /\.git {
|
||||
deny all;
|
||||
}
|
||||
location ~ /\.lua {
|
||||
deny all;
|
||||
}
|
||||
location ~ /\. {
|
||||
deny all;
|
||||
}
|
||||
}
|
||||
|
|
|
|||
Loading…
Reference in New Issue