Skip to content
Permalink
Branch: master
Find file Copy path
Find file Copy path
Fetching contributors…
Cannot retrieve contributors at this time
72 lines (57 sloc) 1.52 KB
# file managed by puppet
server {
listen 80 default_server;
listen [2a03:4000:6:b01e::1]:80;
server_name translatewiki.net;
return 301 https://$host$request_uri;
}
server {
listen 443 ssl default_server deferred http2;
listen [2a03:4000:6:b01e::1]:443 default_server deferred ssl http2;
include includes/ssl-certbot.conf;
server_name translatewiki.net;
root /www/$host/docroot;
add_header Referrer-Policy no-referrer-when-downgrade;
add_header X-Xss-Protection "1; mode=block" always;
location = / {
rewrite ^ /w/index.php;
}
location ~ ^/wiki {
rewrite ^ /w/index.php;
}
location = /sitemap {
rewrite ^ "/w/index.php?title=Special:RecentChanges&translations=&feed=atom";
}
location ~ ^/w/(cache|mw-config|includes|maintenance|languages|docs)/ {
deny all;
}
# Allowed php files, case sensitive
location ~ ^/w/(i|index|load|api|opensearch_desc|profileinfo|webfiles/jserror)\.php {
fastcgi_pass php;
fastcgi_buffering off;
fastcgi_buffers 16 16k;
fastcgi_connect_timeout 1s;
fastcgi_send_timeout 2s;
fastcgi_read_timeout 15s;
include fastcgi.conf;
}
# Deny access to all php files except those above
location ~* \.php$ {
deny all;
}
location ~* ^/static/mainpage/.*\.jpg$ {
expires 2M;
if ($http_accept ~ "image/webp") {
add_header Vary Accept;
rewrite ^ $uri.webp;
}
}
location ~* \.(png|jpg|jpeg|gif|ico|svg|woff|woff2|eot|ttf|webp)$ {
expires 2M;
}
error_page 500 502 503 504 /error.html;
location = /error.html {
root /www/translatewiki.net/error;
internal;
}
}
You can’t perform that action at this time.