PHP Melody nginx config done right

When you buy PHP Melody there’s a .htaccess file and a .htaccess-nginx file.
However you’re missing everything else of it.

So here’s how you properly configure nginx to run PHP Melody.

We assume php-fpm is running on tcp port 9000.
We also have an acme.conf for letsencrypt.
For this we `mkdir -p /var/www/acme/.well-known`.

location /.well-known {
alias /var/www/acme/.well-known;

location ~ /.well-known/(.*) {
default_type text/plain;
}
}

I’ve placed it into the `/etc/nginx/acme.conf` location.

Then we can create our letsencrypt cert using certbot

certbot certonly -d example.com -w /var/www/acme/ --webroot

example.com.conf

server {
listen 80;
listen [::]:80;
server_name example.com;
include /etc/nginx/acme.conf;
location / {
return 301 https://$host$request_uri;
}
}

This part redirects non-https traffic to https and can be used universally for any domain. You only have to change the example.com part for each new domain.

Now still in the same file there’s our PHP Melody nginx configuration and https configuration.

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name example.com;
ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem;
access_log /var/log/nginx/example.com.access.log;
error_log /var/log/nginx/example.com.error.log;
root /var/www/example.com/phpmelody/;
index index.html;

location / {
try_files $uri @rewrites;
}
location @rewrites {
rewrite ^/$ /index.php;
rewrite ^/index.html$ /index.php;
rewrite ^/browse.html$ /category.php;
rewrite ^/browse-(.*)-videos.html$ /category.php?cat=$1;
rewrite ^/browse-(.*)-videos-([0-9]+)-(.*).html$ /category.php?cat=$1&page=$2&sortby=$3;
rewrite ^/videos.flv(.*)$ /videos.php$1;
rewrite ^/videos.mp4(.*)$ /videos.php$1;
rewrite ^/register.html$ /register.php;
rewrite ^/contact.html$ /contact.php;
rewrite ^/edit-profile.html$ /edit-profile.php;
rewrite ^/suggest.html$ /suggest.php;
rewrite ^/upload.html$ /upload.php;
rewrite ^/upload_avatar.html$ /upload_avatar.php;
rewrite ^/suggest.html$ /suggest.php;
rewrite ^/favorites.html(.*)$ /favorites.php$1;
rewrite ^/playlists.html(.*)$ /playlists.php$1;
rewrite ^/login.html(.*)$ /login.php$1;
rewrite ^/newvideos.html(.*)$ /newvideos.php$1;
rewrite ^/topvideos.html(.*)$ /topvideos.php$1;
rewrite ^/series/(page-([0-9]+)/)?$ series.php?page=$2;
rewrite ^/series/([^/]+)/(page-([0-9]+)/)?$ series.php?s=$1&page=$3;
rewrite ^/series/([^/]+)/([^/]+)$ episode.php?s=$2;
rewrite ^/profile.html(.*)$ /profile.php$1;
rewrite ^/user/([^/]+)/?$ /user.php?u=$1;
rewrite ^/user/([^/]+)/(.*)/?$ /user.php?u=$1&view=$2;
rewrite ^/playlist/(.*)/([^/]+)(/)?$ /watch.php?playlist=$1&vid=$2;
rewrite ^/playlist/(.*)$ /playlists.php?playlist=$1;
rewrite ^/memberlist.html(.*)$ /memberlist.php$1;
rewrite ^/articles/index-([0-9]+).html$ /article.php?page=$1;
rewrite ^/articles/browse-(.*)-([0-9]+).html$ /article.php?c=$1&page=$2;
rewrite ^/articles/tag/([^/]+)/page-([0-9]+)(/)?$ /article.php?tag=$1&page=$2;
rewrite ^/articles/tag/([^/]+)(/)?$ /article.php?tag=$1&page=1;
rewrite ^/articles/popular-([0-9]+).html$ /article.php?show=popular&page=$1;
rewrite ^/articles/(.*)_([0-9]+).html$ /article-read.php?a=$2;
rewrite ^/articles(/|.html)?$ /article.php;
rewrite ^/article(/|.html)?$ /article.php;
rewrite ^/pages/(.*).html$ /page.php?name=$1;
rewrite ^/tags/([^/]+)/$ /tag.php?t=$1&page=1;
rewrite ^/tags/([^/]+)/page-([0-9]+)(/)?$ /tag.php?t=$1&page=$2;
rewrite ^/embed/([^/]+)$ /embed.php?vid=$1;
rewrite "^/([^/]*)_([a-zA-Z0-9]{9}).html$" /watch.php?vid=$2;
rewrite ^/fpembed-(.*).swf$ /fpembed.php?vid=$1;
rewrite ^/uploads/thumbs/(.*)-social\.(jpg|gif|png)$ /social-thumb.php?vid=$1;
rewrite ^/rss.xml$ /rss.php last;
}
location ~ \.php(/|$) {
fastcgi_split_path_info ^(.+?\.php)(|/.*)$;
# Security note: If you're running a version of PHP older than the
# latest 5.3, you should have "cgi.fix_pathinfo = 0;" in php.ini.
# See http://serverfault.com/q/627903/94922 for details.
include fastcgi_params;
# Block httpoxy attacks. See https://httpoxy.org/.
fastcgi_param HTTP_PROXY "";
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param QUERY_STRING $query_string;
fastcgi_intercept_errors on;
fastcgi_pass 127.0.0.1:9000;
}

location ~* \.(js|css)$ {
expires 30d;
}
}

Adjust root to where you’ve unpacked PHP Melody.
And that’s it folks.

Schreib einen Kommentar

Deine E-Mail-Adresse wird nicht veröffentlicht. Erforderliche Felder sind mit * markiert.