Nginx¶
The Nginx configuration could look something like.
server {
listen 80;
listen [::]:80;
server_name sulu.lo;
root /var/www/sulu.lo/public;
error_log /var/log/nginx/sulu.lo.error.log;
access_log /var/log/nginx/sulu.lo.at.access.log;
# recommended security headers
add_header X-Frame-Options sameorigin;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
location / {
# try to serve file directly, fallback to index.php
try_files $uri /index.php$is_args$args;
}
# expire
location ~* \.(?:ico|css|js|gif|webp|jpe?g|png|svg|woff|woff2|eot|ttf|mp4)$ {
# try to serve file directly, fallback to index.php
try_files $uri /index.php$is_args$args;
access_log off;
expires 1y;
add_header Pragma public;
add_header Cache-Control "public";
}
# pass the PHP scripts to FastCGI server from upstream phpfcgi
location ~ ^/(index|config)\.php(/|$) {
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
internal;
}
}
Warning
Be sure to also configure your local host-file, if running Sulu locally.
File upload¶
By default nginx has a file limit of 2MB when uploading files.
To increase this add the following to your nginx.conf
:
# ...
http {
client_max_body_size 512m;
# ...
}
Don’t forget to also increase the post_max_size
and upload_max_filesize
in
your php.ini
.
File Permissions¶
Finally, we need to fix the permissions of our project so that the web server is able to read and write them.
Linux¶
Run the following commands on Linux:
HTTPDUSER=`ps axo user,comm | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\ -f1`
sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX var public/uploads
sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX var public/uploads
Mac OSX¶
Or these commands for Mac OSX:
HTTPDUSER=`ps axo user,comm | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\ -f1`
sudo chmod +a "$HTTPDUSER allow delete,write,append,file_inherit,directory_inherit" var public/uploads
sudo chmod +a "`whoami` allow delete,write,append,file_inherit,directory_inherit" var public/uploads
Windows¶
Or these commands for Windows (with IIS web server):
$rule = New-Object System.Security.AccessControl.FileSystemAccessRule -ArgumentList @("IUSR","FullControl","ObjectInherit, ContainerInherit","None","Allow")
$folders = "var", "public\uploads"
foreach ($f in $folders) { $acl = Get-Acl $f; $acl.SetAccessRule($rule); Set-Acl $f $acl; }