我正在尝试配置 nginx 来提供新鲜RSS在https://myserver/rss/而不是https://rss.myserver/。
我读过文档并尝试适应nginx 配置示例。
目前我有多库维基安装并运行良好,并为我的用户~/www目录定义了一个简单的位置。我想知道我为 DokuWiki 定义的内容与我为 FreshRSS 添加的内容之间是否存在冲突。
###################################################################
## myserver.info ##
###################################################################
server {
server_name myserver.info;
root /usr/share/nginx/html/myserver;
index doku.php;
#####################################
## LetsEncrypt Certificate renewal ##
#####################################
# Uncomment the following two lines when renewing certificates (reverse once done!)
# listen 80;
# listen [::]:80;
# LetsEncrypt : ACME challenge
location ^~ /.well-known/acme-challenge/ {
default_type "text/plain";
root /var/lib/letsencrypt;
}
## LestEncrypt : Certificates
ssl_certificate /etc/letsencrypt/live/myserver.info/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/myserver.info/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/myserver.info/chain.pem;
#####################################
## Normal server config ##
#####################################
# Comment the following lines when renewing certificates (reverse once done!)
listen 443 ssl http2;
listen [::]:443 ssl http2;
#####################################
## Security Headers ##
#####################################
# Add Content Security Policy (see https://lollyrock.com/posts/content-security-policy/)
# but currently using a striped form [email protected] suggested and
# an option to block X-frame (see https://infosec.mozilla.org/guidelines/web_security#x-frame-options)
add_header Content-Security-Policy "default-src 'self' always; frame-ancestors 'none'; img-src *";
# Add Strict Transport Security (see https://infosec.mozilla.org/guidelines/web_security#http-strict-transport-security
add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload;";
add_header X-Content-Type-Options "nosniff";
add_header Referrer-Policy "no-referrer";
#####################################
## Dokuwiki ##
#####################################
# Remember to comment the below out when you're installing DokuWiki, and uncomment it when you're done.
location ~ /(data/|conf/|bin/|inc/|install.php) { deny all; } # secure Dokuwiki
location ~^/\.ht { deny all; } # also secure the Apache .htaccess files
location @dokuwiki {
#rewrites "doku.php/" out of the URLs if you set the userewrite setting to .htaccess in dokuwiki config page
rewrite ^/_media/(.*) /lib/exe/fetch.php?media=$1 last;
rewrite ^/_detail/(.*) /lib/exe/detail.php?media=$1 last;
rewrite ^/_export/([^/]+)/(.*) /doku.php?do=export_$1&id=$2 last;
rewrite ^/(.*) /doku.php?id=$1&$args last;
}
location / { try_files $uri $uri/ @dokuwiki; }
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
#####################################
## User '~/www/' ##
#####################################
location ~ ^/~(.+?)(/.*)?$ {
alias /home/$1/www$2;
index index.html index.htm;
autoindex on;
}
######################################
## FreshRSS (https://freshrss.org/) ##
######################################
location ~ ^/rss/.+?\.php(/.*)?$ {
alias /usr/share/webapps/freshrss/p/;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
# By default, the variable PATH_INFO is not set under PHP-FPM
# But FreshRSS API greader.php need it. If you have a “Bad Request” error, double check this var!
# NOTE: the separate $path_info variable is required. For more details, see:
# https://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
下面的文件/usr/share/webapps/freshrss/p/是...
root@vps410177/usr/share/webapps/freshrss 84 l /usr/share/webapps/freshrss/p/
total 68K
drwxr-xr-x 6 http http 4.0K Oct 5 07:09 .
drwxr-xr-x 8 root root 4.0K Oct 5 07:09 ..
drwxr-xr-x 2 http http 4.0K Oct 5 07:09 api
-rw-r--r-- 1 http http 2.7K Oct 5 07:08 ext.php
-rw-r--r-- 1 http http 18K Oct 5 07:08 favicon.ico
-rw-r--r-- 1 http http 1.6K Oct 5 07:08 f.php
-rw-r--r-- 1 root root 1.2K Oct 5 07:08 .htaccess
drwxr-xr-x 2 http http 4.0K Oct 5 07:09 i
-rw-r--r-- 1 http http 774 Oct 5 07:08 index.html
-rw-r--r-- 1 http http 26 Oct 5 07:08 robots.txt
drwxr-xr-x 2 http http 4.0K Oct 5 07:09 scripts
drwxr-xr-x 16 http http 4.0K Oct 5 07:09 themes
-rw-r--r-- 1 http http 1.7K Oct 5 07:08 Web.config
如果我访问,https://myserver.info/rss/我会被重定向到 Dokuwiki 网站并被告知该主题不存在。如果我尝试,https://myserver.info/rss/f.php我会得到 404 未找到,我认为这是因为location定义...
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
...这与 FreshRSS 别名相冲突location ~ ^/rss/.+?\.php(/.*)?$ {...}...
######################################
## FreshRSS (https://freshrss.org/) ##
######################################
location ~ ^/rss/.+?\.php(/.*)?$ {
alias /usr/share/webapps/freshrss/p/;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
# By default, the variable PATH_INFO is not set under PHP-FPM
# But FreshRSS API greader.php need it. If you have a “Bad Request” error, double check this var!
# NOTE: the separate $path_info variable is required. For more details, see:
# https://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
我发现这个关于嵌套的解决方案location所以已经尝试过了...
location ~ \.php$ {
#####################################################################
## FreshRSS (https://freshrss.org/) ##
#####################################################################
location ~ ^/rss/.+?\.php(/.*)?$ {
alias /usr/share/webapps/freshrss/p/;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
# By default, the variable PATH_INFO is not set under PHP-FPM
# But FreshRSS API greader.php need it. If you have a “Bad Request” error, double check this var!
# NOTE: the separate $path_info variable is required. For more details, see:
# https://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
try_files $uri =404;
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
include fastcgi.conf;
}
https://myserver/rss/...但是如果我去如果它们没有嵌套,则会出现与上面描述相同的结果,但如果我去https://myserver/rss/f.php,我会得到一个 502 Bad Gateway 错误,这是一个进展,但我不确定我哪里出了问题。
有没有办法配置 Nginx 以从不同位置/别名提供 PHP 服务?
编辑 :
根据@Derek Held 的反馈,我尝试location使用如下方式进行设置root,而不是alias在其自己的块下(而不是嵌套在 dokuwiki 配置中)...
location ~ ^/rss/$ {
root /usr/share/webapps/freshrss/p/;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
# By default, the variable PATH_INFO is not set under PHP-FPM
# But FreshRSS API greader.php need it. If you have a “Bad Request” error, double check this var!
# NOTE: the separate $path_info variable is required. For more details, see:
# https://trac.nginx.org/nginx/ticket/321
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
但是没有成功指向https://myserver/rss/并https://myserver/rss/f.php给出 502 Bad Gateway(即使权限是针对nginx以该身份运行的用户)。
答案1
该指令不会覆盖您在服务器块中指定的alias值。您需要用 替换来更改FreshRSS 位置块中的 值。$document_root/usr/share/nginx/html/myserveraliasroot$document_root