From a0a4c0df7355ed83781006e1ad18a7f6ab0d1c96 Mon Sep 17 00:00:00 2001 From: Mark J Crane Date: Mon, 27 Mar 2017 02:28:40 -0600 Subject: [PATCH] Get nginx working with php-fpm --- freebsd/resources/fail2ban.sh | 3 +- freebsd/resources/fusionpbx.sh | 6 +-- freebsd/resources/nginx.sh | 8 ++-- freebsd/resources/nginx/nginx.conf | 60 ++++++++++++++++++++++++++++-- 4 files changed, 64 insertions(+), 13 deletions(-) diff --git a/freebsd/resources/fail2ban.sh b/freebsd/resources/fail2ban.sh index 39658c5..d27e1bb 100755 --- a/freebsd/resources/fail2ban.sh +++ b/freebsd/resources/fail2ban.sh @@ -6,7 +6,6 @@ cd "$(dirname "$0")" #includes . ./config.sh . ./colors.sh -. ./environment.sh #send a message verbose "Installing Fail2ban" @@ -29,7 +28,7 @@ cp fail2ban/jail.local /usr/local/etc/fail2ban/jail.local #update config if source is being used if [ .$switch_source = .true ]; then - sed 's#var/log/freeswitch#usr/local/freeswitch/log#g' -i /etc/fail2ban/jail.local + sed -i' ' -e 's#var/log/freeswitch#usr/local/freeswitch/log#g' /etc/fail2ban/jail.local fi #restart fail2ban diff --git a/freebsd/resources/fusionpbx.sh b/freebsd/resources/fusionpbx.sh index 036cebf..64dfd01 100755 --- a/freebsd/resources/fusionpbx.sh +++ b/freebsd/resources/fusionpbx.sh @@ -22,6 +22,6 @@ else fi #get the source code -git clone $branch https://github.com/fusionpbx/fusionpbx.git /var/www/fusionpbx -chown -R www:www /var/www/fusionpbx -chmod -R 755 /var/www/fusionpbx/secure +git clone $branch https://github.com/fusionpbx/fusionpbx.git /usr/local/www/fusionpbx +chown -R www:www /usr/local/www/fusionpbx +chmod -R 755 /usr/local/www/fusionpbx/secure diff --git a/freebsd/resources/nginx.sh b/freebsd/resources/nginx.sh index f739104..f449292 100755 --- a/freebsd/resources/nginx.sh +++ b/freebsd/resources/nginx.sh @@ -31,15 +31,15 @@ fi mv /usr/local/etc/nginx/nginx.conf /usr/local/etc/nginx/nginx.conf-orig cp nginx/nginx.conf /usr/local/etc/nginx mkdir -p /usr/local/etc/nginx/conf.d -cp nginx/fusionpbx.conf /usr/local/etc/nginx/conf.d/fusionpbx +mkdir -p /usr/local/etc/nginx/sites-available/ +mkdir -p /usr/local/etc/nginx/sites-enabled/ +cp nginx/fusionpbx.conf /usr/local/etc/nginx/sites-available/fusionpbx +ln -s /usr/local/etc/nginx/sites-available/fusionpbx /usr/local/etc/nginx/sites-enabled/fusionpbx #self signed certificate #ln -s /etc/ssl/private/ssl-cert-snakeoil.key /etc/ssl/private/nginx.key #ln -s /etc/ssl/certs/ssl-cert-snakeoil.pem /etc/ssl/certs/nginx.crt -#remove the default site -#rm /etc/nginx/sites-enabled/default - #add the letsencrypt directory mkdir -p /var/www/letsencrypt/ diff --git a/freebsd/resources/nginx/nginx.conf b/freebsd/resources/nginx/nginx.conf index b312398..856dd7a 100644 --- a/freebsd/resources/nginx/nginx.conf +++ b/freebsd/resources/nginx/nginx.conf @@ -3,13 +3,65 @@ load_module /usr/local/libexec/nginx/ngx_mail_module.so; load_module /usr/local/libexec/nginx/ngx_stream_module.so; #user nobody; -worker_processes 1; - -#includes -include /usr/local/etc/nginx/conf.d/*.conf; +worker_processes 4; #events section events { worker_connections 768; # multi_accept on; } + +http { + + ## + # Basic Settings + ## + + sendfile on; + tcp_nopush on; + tcp_nodelay on; + keepalive_timeout 65; + types_hash_max_size 2048; + # server_tokens off; + + # server_names_hash_bucket_size 64; + # server_name_in_redirect off; + + include /usr/local/etc/nginx/mime.types; + default_type application/octet-stream; + + ## + # SSL Settings + ## + + ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE + ssl_prefer_server_ciphers on; + + ## + # Logging Settings + ## + + access_log /var/log/nginx/access.log; + error_log /var/log/nginx/error.log; + + ## + # Gzip Settings + ## + + gzip on; + gzip_disable "msie6"; + + # gzip_vary on; + # gzip_proxied any; + # gzip_comp_level 6; + # gzip_buffers 16 8k; + # gzip_http_version 1.1; + # gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript; + + ## + # Virtual Host Configs + ## + + include /usr/local/etc/nginx/conf.d/*.conf; + include /usr/local/etc/nginx/sites-enabled/*; +}