dbxe
/
fusionpbx-install.sh
2
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

devuan: merge nginx changes from debian

This commit is contained in:
Valentin Kleibel 2022-04-04 16:20:22 +02:00
parent 37eecb945d
commit 8dbb543d72
2 changed files with 327 additions and 308 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

82
devuan/resources/nginx.sh
View File

@ -9,69 +9,36 @@ cd "$(dirname "$0")"
. ./environment.sh . ./environment.sh
#send a message #send a message
verbose "Installing Nginx" verbose "Installing the web server"
#if [ ."$cpu_architecture" = ."arm" ]; then #change the version of php for arm
#9.x - */stretch/ if [ ."$cpu_architecture" = ."arm" ]; then
#8.x - */jessie/ #Pi2 and Pi3 Raspbian
#fi #Odroid
if [ ."$php_version" = ."5" ]; then if [ ."$os_codename" = ."stretch" ]; then
#verbose "Switching forcefully to php5* packages" php_version=7.2
which add-apt-repository || apt-get install -y software-properties-common else
#LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php php_version=5.6
#LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php5-compat fi
apt-get update
elif [ ."$os_name" = ."Ubuntu" ]; then
#16.10.x - */yakkety/
#16.04.x - */xenial/
#14.04.x - */trusty/
if [ ."$os_codename" = ."trusty" ]; then
which add-apt-repository || apt-get install -y software-properties-common
LC_ALL=C.UTF-8 add-apt-repository -y ppa:ondrej/php
apt-get -q update
fi
elif [ ."$cpu_architecture" = ."arm" ]; then
#Pi2 and Pi3 Raspbian
#Odroid
if [ ."$os_codename" = ."jessie" ]; then
echo "deb http://packages.moopi.uk/debian jessie main" > /etc/apt/sources.list.d/moopi.list
wget -O - http://packages.moopi.uk/debian/moopi.gpg.key | apt-key add -
apt-get -q update
fi
else
#9.x - */stretch/
#8.x - */jessie/
if [ ."$os_codename" = ."jessie" ]; then
echo "deb http://packages.dotdeb.org $os_codename all" > /etc/apt/sources.list.d/dotdeb.list
echo "deb-src http://packages.dotdeb.org $os_codename all" >> /etc/apt/sources.list.d/dotdeb.list
wget -O - https://www.dotdeb.org/dotdeb.gpg | apt-key add -
apt-get -q update
fi
fi fi
#use php version 5 for arm #set the version of php
#if [ .$cpu_architecture = .'arm' ]; then if [ ."$os_codename" = ."chimaera" ]; then
# php_version=5 php_version=7.4
#fi
#install dependencies
apt-get install -y -q nginx
if [ ."$php_version" = ."5" ]; then
apt-get install -y -q php5 php5-cli php5-fpm php5-pgsql php5-sqlite php5-odbc php5-curl php5-imap
fi fi
if [ ."$php_version" = ."7" ]; then if [ ."$os_codename" = ."beowulf" ]; then
apt-get install -y -q php7.0 php7.0-cli php7.0-fpm php7.0-pgsql php7.0-sqlite3 php7.0-odbc php7.0-curl php7.0-imap php7.0-xml php_version=7.3
fi fi
#enable fusionpbx nginx config #enable fusionpbx nginx config
cp nginx/fusionpbx /etc/nginx/sites-available/fusionpbx cp nginx/fusionpbx /etc/nginx/sites-available/fusionpbx
#prepare socket name #prepare socket name
if [ ."$php_version" = ."5" ]; then if [ ."$php_version" = ."7.3" ]; then
sed -i /etc/nginx/sites-available/fusionpbx -e 's#unix:.*;#unix:/var/run/php5-fpm.sock;#g' sed -i /etc/nginx/sites-available/fusionpbx -e 's#unix:.*;#unix:/var/run/php/php7.3-fpm.sock;#g'
fi fi
if [ ."$php_version" = ."7" ]; then if [ ."$php_version" = ."7.4" ]; then
sed -i /etc/nginx/sites-available/fusionpbx -e 's#unix:.*;#unix:/var/run/php/php7.0-fpm.sock;#g' sed -i /etc/nginx/sites-available/fusionpbx -e 's#unix:.*;#unix:/var/run/php/php7.4-fpm.sock;#g'
fi fi
ln -s /etc/nginx/sites-available/fusionpbx /etc/nginx/sites-enabled/fusionpbx ln -s /etc/nginx/sites-available/fusionpbx /etc/nginx/sites-enabled/fusionpbx
@ -82,8 +49,15 @@ ln -s /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/certs/nginx.crt
#remove the default site #remove the default site
rm /etc/nginx/sites-enabled/default rm /etc/nginx/sites-enabled/default
#update config if LetsEncrypt folder is unwanted
# if [ .$letsencrypt_folder = .false ]; then
# sed -i '151,155d' /etc/nginx/sites-available/fusionpbx
# fi
#add the letsencrypt directory #add the letsencrypt directory
mkdir -p /var/www/letsencrypt/ if [ .$letsencrypt_folder = .true ]; then
mkdir -p /var/www/letsencrypt/
fi
#restart nginx #restart nginx
service nginx restart /usr/sbin/service nginx restart

553
devuan/resources/nginx/fusionpbx
View File

@ -1,254 +1,299 @@
server { server {
listen 127.0.0.1:80; listen 127.0.0.1:80;
server_name 127.0.0.1; server_name 127.0.0.1;
access_log /var/log/nginx/access.log; access_log /var/log/nginx/access.log;
error_log /var/log/nginx/error.log; error_log /var/log/nginx/error.log;
client_max_body_size 80M; client_max_body_size 80M;
client_body_buffer_size 128k; client_body_buffer_size 128k;
location / { location / {
root /var/www/fusionpbx; root /var/www/fusionpbx;
index index.php; index index.php;
} }
location ~ \.php$ { location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
#fastcgi_pass 127.0.0.1:9000; #fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php; fastcgi_index index.php;
include fastcgi_params; include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
} }
# Allow the upgrade routines to run longer than normal # Allow the upgrade routines to run longer than normal
location = /core/upgrade/index.php { location = /core/upgrade/index.php {
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
#fastcgi_pass 127.0.0.1:9000; #fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php; fastcgi_index index.php;
include fastcgi_params; include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name; fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
fastcgi_read_timeout 15m; fastcgi_read_timeout 15m;
} }
# Disable viewing .htaccess & .htpassword & .db # Disable viewing .htaccess & .htpassword & .db & .git
location ~ .htaccess { location ~ .htaccess {
deny all; deny all;
} }
location ~ .htpassword { location ~ .htpassword {
deny all; deny all;
} }
location ~^.+.(db)$ { location ~^.+.(db)$ {
deny all; deny all;
} }
} location ~ /\.git {
deny all;
server { }
listen 80; location ~ /\.lua {
server_name fusionpbx; deny all;
if ($uri !~* ^.*(provision|xml_cdr).*$) { }
rewrite ^(.*) https://$host$1 permanent; location ~ /\. {
break; deny all;
} }
}
#REST api
if ($uri ~* ^.*/api/.*$) { server {
rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last; listen 80;
break; server_name fusionpbx;
}
#redirect letsencrypt to dehydrated
#algo location ^~ /.well-known/acme-challenge {
rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last; default_type "text/plain";
auth_basic "off";
#mitel alias /var/www/dehydrated;
rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last; }
rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last;
#rewrite rule - send to https with an exception for provisioning
#grandstream if ($uri !~* ^.*(provision|xml_cdr|firmware).*$) {
rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1; rewrite ^(.*) https://$host$1 permanent;
rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/phonebook\.xml$" /app/provision/?mac=$1&file=phonebook.xml; break;
#grandstream-wave softphone by ext because Android doesn't pass MAC. }
rewrite "^.*/provision/([0-9]{5})/cfg([A-Fa-f0-9]{12}).xml$" /app/provision/?ext=$1;
#REST api
#aastra if ($uri ~* ^.*/api/.*$) {
rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg; rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last;
#rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last; break;
}
#yealink common
rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg; #algo
rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last;
#yealink mac
rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last; #mitel
rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last;
#polycom rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last;
rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg";
#rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2; #grandstream
rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg; rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg; rewrite "^.*/provision/([A-Fa-f0-9]{12})/phonebook\.xml$" /app/provision/?mac=$1&file=phonebook.xml;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1; rewrite "^.*/provision/(phonebook\.xml)?$" /app/provision/index.php?file=$1 last;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg"; #grandstream-wave softphone by ext because Android doesn't pass MAC.
rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml"; rewrite "^.*/provision/([0-9]{5})/cfg([A-Fa-f0-9]{12}).xml$" /app/provision/?ext=$1;
#cisco #aastra
rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last; rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg;
#rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last;
#Escene
rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last; #yealink
rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last; #rewrite "^.*/provision/(y[0-9]{12})(\.cfg|\.boot)?$" /app/provision/index.php?file=$1$2;
rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg;
#Vtech rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last;
rewrite "^.*/provision/VCS754_([A-Fa-f0-9]{12})\.cfg$" /app/provision/?mac=$1;
rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/directory\.xml$" /app/provision/?mac=$1&file=directory.xml; #polycom
rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg";
#Digium #rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-contacts\.cfg$" "/app/provision/?mac=$1&file={%24mac}-contacts.cfg"; rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-smartblf\.cfg$" "/app/provision/?mac=$1&file={%24mac}-smartblf.cfg"; rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1;
access_log /var/log/nginx/access.log; rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg";
error_log /var/log/nginx/error.log; rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml";
client_max_body_size 80M; #cisco
client_body_buffer_size 128k; rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last;
location / { #Escene
root /var/www/fusionpbx; rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last;
index index.php; rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last;
}
#Vtech
location ~ \.php$ { rewrite "^.*/provision/VCS754_([A-Fa-f0-9]{12})\.cfg$" /app/provision/?mac=$1;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/directory\.xml$" /app/provision/?mac=$1&file=directory.xml;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php; #Digium
include fastcgi_params; rewrite "^.*/provision/([A-Fa-f0-9]{12})-contacts\.cfg$" "/app/provision/?mac=$1&file={%24mac}-contacts.cfg";
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name; rewrite "^.*/provision/([A-Fa-f0-9]{12})-smartblf\.cfg$" "/app/provision/?mac=$1&file={%24mac}-smartblf.cfg";
}
#Snom
# Allow the upgrade routines to run longer than normal rewrite "^.*/provision/-([A-Fa-f0-9]{12})?$" /app/provision/index.php?mac=$1;
location = /core/upgrade/index.php {
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; access_log /var/log/nginx/access.log;
#fastcgi_pass 127.0.0.1:9000; error_log /var/log/nginx/error.log;
fastcgi_index index.php;
include fastcgi_params; client_max_body_size 80M;
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name; client_body_buffer_size 128k;
fastcgi_read_timeout 15m;
} location / {
root /var/www/fusionpbx;
# Disable viewing .htaccess & .htpassword & .db index index.php;
location ~ .htaccess { }
deny all;
} location ~ \.php$ {
location ~ .htpassword { fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
deny all; #fastcgi_pass 127.0.0.1:9000;
} fastcgi_index index.php;
location ~^.+.(db)$ { include fastcgi_params;
deny all; fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
} }
}
# Allow the upgrade routines to run longer than normal
server { location = /core/upgrade/index.php {
listen 443; fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
server_name fusionpbx; #fastcgi_pass 127.0.0.1:9000;
ssl on; fastcgi_index index.php;
ssl_certificate /etc/ssl/certs/nginx.crt; include fastcgi_params;
ssl_certificate_key /etc/ssl/private/nginx.key; fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2; fastcgi_read_timeout 15m;
ssl_ciphers HIGH:!ADH:!MD5:!aNULL; }
#letsencrypt # Disable viewing .htaccess & .htpassword & .db & .git
location /.well-known/acme-challenge { location ~ .htaccess {
root /var/www/letsencrypt; deny all;
} }
location ~ .htpassword {
#REST api deny all;
if ($uri ~* ^.*/api/.*$) { }
rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last; location ~^.+.(db)$ {
break; deny all;
} }
location ~ /\.git {
#algo deny all;
rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last; }
location ~ /\.lua {
#mitel deny all;
rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last; }
rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last; location ~ /\. {
deny all;
#grandstream }
rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1; }
rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/phonebook\.xml$" /app/provision/?mac=$1&file=phonebook.xml;
#grandstream-wave softphone by ext because Android doesn't pass MAC. server {
rewrite "^.*/provision/([0-9]{5})/cfg([A-Fa-f0-9]{12}).xml$" /app/provision/?ext=$1; listen 443 ssl;
server_name fusionpbx;
#aastra
rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg; ssl_certificate /etc/ssl/certs/nginx.crt;
#rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last; ssl_certificate_key /etc/ssl/private/nginx.key;
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
#yealink common ssl_ciphers HIGH:!ADH:!MD5:!aNULL;
rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg; #ssl_dhparam
#yealink mac #redirect letsencrypt to dehydrated
rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last; location ^~ /.well-known/acme-challenge {
default_type "text/plain";
#polycom auth_basic "off";
rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg"; alias /var/www/dehydrated;
#rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2; }
rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg; #REST api
rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1; if ($uri ~* ^.*/api/.*$) {
rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg"; rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml"; break;
}
#cisco
rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last; #message media
rewrite "^/app/messages/media/(.*)/(.*)" /app/messages/message_media.php?id=$1&action=download last;
#Escene
rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last; #algo
rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last; rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last;
#Vtech #mitel
rewrite "^.*/provision/VCS754_([A-Fa-f0-9]{12})\.cfg$" /app/provision/?mac=$1; rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last;
rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/directory\.xml$" /app/provision/?mac=$1&file=directory.xml; rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last;
#Digium #grandstream
rewrite "^.*/provision/([A-Fa-f0-9]{12})-contacts\.cfg$" "/app/provision/?mac=$1&file={%24mac}-contacts.cfg"; rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1;
rewrite "^.*/provision/([A-Fa-f0-9]{12})-smartblf\.cfg$" "/app/provision/?mac=$1&file={%24mac}-smartblf.cfg"; rewrite "^.*/provision/([A-Fa-f0-9]{12})/phonebook\.xml$" /app/provision/?mac=$1&file=phonebook.xml;
rewrite "^.*/provision/(phonebook\.xml)?$" /app/provision/index.php?file=$1 last;
access_log /var/log/nginx/access.log; #grandstream-wave softphone by ext because Android doesn't pass MAC.
error_log /var/log/nginx/error.log; rewrite "^.*/provision/([0-9]{5})/cfg([A-Fa-f0-9]{12}).xml$" /app/provision/?ext=$1;
client_max_body_size 80M; #aastra
client_body_buffer_size 128k; rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg;
#rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last;
location / {
root /var/www/fusionpbx; #yealink
index index.php; #rewrite "^.*/provision/(y[0-9]{12})(\.cfg|\.boot)?$" /app/provision/index.php?file=$1$2;
} rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg;
rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last;
# Allow the upgrade routines to run longer than normal
location = /core/upgrade/index.php { #polycom
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg";
#fastcgi_pass 127.0.0.1:9000; #rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2;
fastcgi_index index.php; rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg;
include fastcgi_params; rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg;
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name; rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1;
fastcgi_read_timeout 15m; rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg";
} rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml";
location ~ \.php$ { #cisco
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock; rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php; #Escene
include fastcgi_params; rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last;
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name; rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last;
}
#Vtech
# Disable viewing .htaccess & .htpassword & .db rewrite "^.*/provision/VCS754_([A-Fa-f0-9]{12})\.cfg$" /app/provision/?mac=$1;
location ~ .htaccess { rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/directory\.xml$" /app/provision/?mac=$1&file=directory.xml;
deny all;
} #Digium
location ~ .htpassword { rewrite "^.*/provision/([A-Fa-f0-9]{12})-contacts\.cfg$" "/app/provision/?mac=$1&file={%24mac}-contacts.cfg";
deny all; rewrite "^.*/provision/([A-Fa-f0-9]{12})-smartblf\.cfg$" "/app/provision/?mac=$1&file={%24mac}-smartblf.cfg";
}
location ~^.+.(db)$ { access_log /var/log/nginx/access.log;
deny all; error_log /var/log/nginx/error.log;
}
} client_max_body_size 80M;
client_body_buffer_size 128k;
location / {
root /var/www/fusionpbx;
index index.php;
}
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
}
# Allow the upgrade routines to run longer than normal
location = /core/upgrade/index.php {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
#fastcgi_pass 127.0.0.1:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name;
fastcgi_read_timeout 15m;
}
# Disable viewing .htaccess & .htpassword & .db & .git
location ~ .htaccess {
deny all;
}
location ~ .htpassword {
deny all;
}
location ~^.+.(db)$ {
deny all;
}
location ~ /\.git {
deny all;
}
location ~ /\.lua {
deny all;
}
location ~ /\. {
deny all;
}
}