Nginx

The Nginx configuration could look something like.

server {
    listen 80;
    listen [::]:80;

    server_name sulu.lo;
    root /var/www/sulu.lo/public;

    error_log /var/log/nginx/sulu.lo.error.log;
    access_log /var/log/nginx/sulu.lo.at.access.log;

        # recommended security headers
    add_header X-Frame-Options sameorigin;
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";

    location / {
        # try to serve file directly, fallback to index.php
        try_files $uri /index.php$is_args$args;
    }

    # expire
    location ~* \.(?:ico|css|js|gif|webp|jpe?g|png|svg|woff|woff2|eot|ttf|mp4)$ {
        # try to serve file directly, fallback to index.php
        try_files $uri /index.php$is_args$args;
        access_log off;
        expires 1y;
        add_header Pragma public;
        add_header Cache-Control "public";
    }

    # pass the PHP scripts to FastCGI server from upstream phpfcgi
    location ~ ^/(index|config)\.php(/|$) {
        fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
        fastcgi_split_path_info ^(.+\.php)(/.*)$;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
        fastcgi_param DOCUMENT_ROOT $realpath_root;
        internal;
    }
}

Warning

Be sure to also configure your local host-file, if running Sulu locally.

File upload

By default nginx has a file limit of 2MB when uploading files. To increase this add the following to your nginx.conf:

# ...

http {
    client_max_body_size 512m;

    # ...
}

Don’t forget to also increase the post_max_size and upload_max_filesize in your php.ini.

File Permissions

Finally, we need to fix the permissions of our project so that the web server is able to read and write them.

Linux

Run the following commands on Linux:

HTTPDUSER=`ps axo user,comm | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\  -f1`
sudo setfacl -R -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX var public/uploads
sudo setfacl -dR -m u:"$HTTPDUSER":rwX -m u:`whoami`:rwX var public/uploads

Mac OSX

Or these commands for Mac OSX:

HTTPDUSER=`ps axo user,comm | grep -E '[a]pache|[h]ttpd|[_]www|[w]ww-data|[n]ginx' | grep -v root | head -1 | cut -d\  -f1`
sudo chmod +a "$HTTPDUSER allow delete,write,append,file_inherit,directory_inherit" var public/uploads
sudo chmod +a "`whoami` allow delete,write,append,file_inherit,directory_inherit" var public/uploads

Windows

Or these commands for Windows (with IIS web server):

$rule = New-Object System.Security.AccessControl.FileSystemAccessRule -ArgumentList @("IUSR","FullControl","ObjectInherit, ContainerInherit","None","Allow")
$folders = "var", "public\uploads"
foreach ($f in $folders) { $acl = Get-Acl $f; $acl.SetAccessRule($rule); Set-Acl $f $acl; }