bug fixes
This commit is contained in:
parent
a5a4b85c49
commit
880137bcef
3 changed files with 17 additions and 21 deletions
|
|
@ -54,7 +54,8 @@ bantime = 3600
|
|||
EOL
|
||||
|
||||
# Ensure fail2ban can read the MySQL log
|
||||
usermod -a -G adm fail2ban
|
||||
# Note: maybe not necessary on Ubuntu, as fail2ban runs as root
|
||||
# usermod -a -G adm fail2ban
|
||||
|
||||
# Create MySQL auth filter for fail2ban
|
||||
cat > /etc/fail2ban/filter.d/mysqld-auth.conf << EOL
|
||||
|
|
|
|||
|
|
@ -51,7 +51,7 @@ EOF
|
|||
echo "Created $CONFIG_FILE with $NEW_GROUP configuration."
|
||||
|
||||
# Restart SSH service to apply changes
|
||||
systemctl restart sshd
|
||||
systemctl restart ssh
|
||||
echo "SSH service restarted to apply changes."
|
||||
|
||||
echo "Setup complete. New group $NEW_GROUP has been created and SSHD configured for SFTP access."
|
||||
|
|
|
|||
|
|
@ -2,7 +2,7 @@ server {
|
|||
listen 80;
|
||||
listen [::]:80;
|
||||
server_name .$DOMAIN;
|
||||
return 301 https://\$host\$request_uri;
|
||||
return 301 https://$host$request_uri;
|
||||
}
|
||||
|
||||
server {
|
||||
|
|
@ -18,41 +18,36 @@ server {
|
|||
ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384;
|
||||
|
||||
# Determine the subdomain and set the root accordingly
|
||||
set \$subdomain '';
|
||||
if (\$host ~* ^([^.]+)\.$DOMAIN$) {
|
||||
set \$subdomain \$1;
|
||||
}
|
||||
|
||||
# Default root for subdomains
|
||||
# subdomains are the default, so that we get 404s for nonexistant subdomains
|
||||
root $MAIN_WEB_ROOT/subdomains/\$subdomain/www;
|
||||
|
||||
# For the main domain, use the _main/www directory
|
||||
if (\$host = $DOMAIN) {
|
||||
root $MAIN_WEB_ROOT/_main/www;
|
||||
set $subdomain '';
|
||||
set $full_root = $MAIN_WEB_ROOT/_main/www;
|
||||
if ($host ~* ^([^.]+)\.$DOMAIN$) {
|
||||
set $subdomain $1;
|
||||
set $full_root = $MAIN_WEB_ROOT/subdomains/$subdomain/www;
|
||||
}
|
||||
root $full_root;
|
||||
|
||||
# Index file names
|
||||
index index.html index.htm index.php;
|
||||
|
||||
# Try files first, then use the router.php file if it exists
|
||||
location / {
|
||||
try_files \$uri \$uri/ @router;
|
||||
try_files $uri $uri/ @router;
|
||||
}
|
||||
|
||||
# Use the router.php file for all nonexistant file requests if it exists
|
||||
location @router {
|
||||
if (!-f \$document_root/router.php) {
|
||||
if (!-f $document_root/router.php) {
|
||||
return 404;
|
||||
}
|
||||
fastcgi_pass unix:/var/run/php/php-fpm.sock;
|
||||
include fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME \$document_root/router.php;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root/router.php;
|
||||
}
|
||||
|
||||
# PHP Configuration
|
||||
location ~ \.php$ {
|
||||
try_files \$uri =404;
|
||||
try_files $uri =404;
|
||||
fastcgi_split_path_info ^(.+\.php)(/.+)$;
|
||||
fastcgi_pass unix:/var/run/php/php-fpm.sock;
|
||||
fastcgi_index index.php;
|
||||
|
|
@ -75,9 +70,9 @@ server {
|
|||
# Log to both default location and custom site directory, named by subdomain
|
||||
access_log /var/log/nginx/access.log;
|
||||
error_log /var/log/nginx/error.log;
|
||||
if (\$subdomain != '') {
|
||||
access_log $MAIN_WEB_ROOT/logs/\$subdomain.access.log;
|
||||
error_log $MAIN_WEB_ROOT/logs/\$subdomain.error.log;
|
||||
if ($subdomain != '') {
|
||||
access_log $MAIN_WEB_ROOT/logs/$subdomain.access.log;
|
||||
error_log $MAIN_WEB_ROOT/logs/$subdomain.error.log;
|
||||
}else {
|
||||
access_log $MAIN_WEB_ROOT/logs/_main.access.log;
|
||||
error_log $MAIN_WEB_ROOT/logs/_main.error.log;
|
||||
|
|
|
|||
Loading…
Reference in a new issue