Re: Spéciale dédicace Ph. Gras - maiman et nginx [était: GLPI - extjs: sous-répertoire manquant]
Le 8 mars 2016 à 12:01, Jean-Marc <jean-marc@6jf.be> a écrit :
> Je commence par une réponse à Ph. Gras qui galère pour mettre en place mailman via nginx.
>
> Dans mes recherches, je bouffe des tonnes de doc' et je me suis dit que ça pouvait servir à d'autres.
>
> Le wiki de nginx fournit aussi des recettes toutes prêtes dont celle-ci :
> https://www.nginx.com/resources/wiki/start/topics/recipes/mailman/
>
> Ph., dis-moi si tu y trouves ton bonheur.
Non, partiellement seulement. Mais pas le bonheur complet.
Ci-joint ma conf. NginX. Je n'ai pas encore trouvé comment
accéder à pipermail.
Ph. Gras
# You may add here your
# server {
#
# }
# statements for each of your virtual hosts to this file
##
# You should look at the following URL's in order to grasp a solid understanding
# of Nginx configuration files in order to fully unleash the power of Nginx.
# http://wiki.nginx.org/Pitfalls
# http://wiki.nginx.org/QuickStart
# http://wiki.nginx.org/Configuration
#
# Generally, you will want to move this file somewhere, and start with a clean
# file but keep this around for reference. Or just disable in sites-enabled.
#
# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
##
server {
#listen 80 default_server;
#listen [::]:80 default_server ipv6only=on;
root /home/postal/site;
# index index.php index.html index.htm;
index index.html;
access_log /var/log/nginx/postal.access.log combined;
error_log /var/log/nginx/postal.error.log;
# Make site accessible from http://localhost/
server_name poste.enpret.com;
# rewrite ^(.*)$ http://www.magazine-litteraire.com$1 permanent;
rewrite ^/([^\.]+)$ /cgi-bin/mailman/$1 last;
rewrite ^/images/mailman/([\w-]+\.[jnpg]+)$ /$1 last;
add_header X-Robots-Tag "noindex, noarchive";
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
#try_files $uri $uri/ /index.php;
try_files $uri $uri/ /index.html;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
# deny all;
allow all;
if ($http_user_agent ~* tools|java|crawl|bot|spider|google|bing|yandex) {
rewrite ^(.*)$ http://www.magazine-litteraire.com$1 permanent;
}
add_header X-Robots-Tag "noindex, noarchive";
}
# location /images/mailman {
# alias /var/lib/mailman/icons;
# }
location /cgi-bin/mailman {
root /usr/lib/;
fastcgi_split_path_info (^/cgi-bin/mailman/[^/]*)(.*)$;
# Disable gzip (it makes scripts feel slower since they have to complete
# before getting gzipped)
gzip off;
# include /etc/nginx/fastcgi_params;
# include /etc/nginx/fcgiwrap.conf;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# fastcgi_param SCRIPT_FILENAME /usr/lib$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
######################
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
#########################
}
location /pipermail(.*)$ {
alias /var/lib/mailman/archives/public$1;
autoindex on;
# fastcgi_split_path_info (^/pipermail)(.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
fastcgi_intercept_errors on;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
######################
fastcgi_param QUERY_STRING $query_string;
fastcgi_param REQUEST_METHOD $request_method;
fastcgi_param CONTENT_TYPE $content_type;
fastcgi_param CONTENT_LENGTH $content_length;
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
fastcgi_param REQUEST_URI $request_uri;
fastcgi_param DOCUMENT_URI $document_uri;
fastcgi_param DOCUMENT_ROOT $document_root;
fastcgi_param SERVER_PROTOCOL $server_protocol;
fastcgi_param GATEWAY_INTERFACE CGI/1.1;
fastcgi_param SERVER_SOFTWARE nginx/$nginx_version;
fastcgi_param REMOTE_ADDR $remote_addr;
fastcgi_param REMOTE_PORT $remote_port;
fastcgi_param SERVER_ADDR $server_addr;
fastcgi_param SERVER_PORT $server_port;
fastcgi_param SERVER_NAME $server_name;
#########################
}
location /doc/ {
alias /usr/share/doc/;
autoindex on;
allow 127.0.0.1;
allow ::1;
deny all;
}
location ~* \.(xml)$ {
add_header X-Robots-Tag "noindex, noarchive";
}
location ~* \.(jpg|jpeg|gif|css|png|js|ico|zip|txt|swf|mp3)$ {
# root /var/lib/mailman/icons;
root /var/lib/mailman/icons;
expires 15d;
add_header Cache-Control public;
add_header X-Robots-Tag "noindex, noarchive";
}
# Only for nginx-naxsi used with nginx-naxsi-ui : process denied requests
#location /RequestDenied {
# proxy_pass http://127.0.0.1:8080;
#}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root /usr/share/nginx/html;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
#
# # With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# # With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location /wp-content/w3tc/dbcache/ { deny all; }
location ~ /wp-config\.php { deny all; }
location ~* /(?:uploads|files)/.*\.php$ { deny all; }
location ~ /\. { deny all; }
location ~* wp-login\.php {
limit_conn limit 5;
if ($http_user_agent = "-") { return 403;}
if ($http_user_agent = "") { return 403;}
# deny 127.0.0.1;
# allow all;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
#location ~ /\.ht {
# deny all;
#}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
# listen 8000;
# listen somename:8080;
# server_name somename alias another.alias;
# root html;
# index index.html index.htm;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
# HTTPS server
#
#server {
# listen 443;
# server_name localhost;
#
# root html;
# index index.html index.htm;
#
# ssl on;
# ssl_certificate cert.pem;
# ssl_certificate_key cert.key;
#
# ssl_session_timeout 5m;
#
# ssl_protocols SSLv3 TLSv1;
# ssl_ciphers ALL:!ADH:!EXPORT56:RC4+RSA:+HIGH:+MEDIUM:+LOW:+SSLv3:+EXP;
# ssl_prefer_server_ciphers on;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
>
> Jean-Marc <jean-marc@6jf.be>
Reply to: