diff --git a/webserver/doskast-board-webserver.service b/webserver/doskast-board-webserver.service new file mode 100644 index 0000000..24181e4 --- /dev/null +++ b/webserver/doskast-board-webserver.service @@ -0,0 +1,16 @@ +# based on nginx.service + +[Unit] +Description=Webserver for Doskast board +After=syslog.target network.target remote-fs.target nss-lookup.target + +[Service] +Type=forking +PIDFile=/run/doskast-nginx.pid +ExecStartPre=/usr/sbin/nginx -t -c /etc/nginx/doskast-nginx.conf +ExecStart=/usr/sbin/nginx -c /etc/nginx/doskast-nginx.conf +ExecReload=/usr/sbin/nginx -c /etc/nginx/doskast-nginx.conf -s reload +ExecStop=/usr/sbin/nginx -s quit + +[Install] +WantedBy=multi-user.target diff --git a/webserver/doskast-nginx.conf b/webserver/doskast-nginx.conf new file mode 100644 index 0000000..d9026f1 --- /dev/null +++ b/webserver/doskast-nginx.conf @@ -0,0 +1,74 @@ +# TODO: +# - drop priveleges (user/group) or run from non-root +# - change ports +# - improve location +# - log to syslog instead of files +# - protect against DDoS + +#user nobody; +worker_processes 1; + +#error_log logs/error.log; +#error_log logs/error.log notice; +#error_log logs/error.log info; + +#pid logs/nginx.pid; + + +events { + worker_connections 1024; +} + + +http { + include mime.types; + default_type application/octet-stream; + + #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' + # '$status $body_bytes_sent "$http_referer" ' + # '"$http_user_agent" "$http_x_forwarded_for"'; + + #access_log logs/access.log main; + + sendfile on; + #tcp_nopush on; + + #keepalive_timeout 0; + keepalive_timeout 65; + + #gzip on; + + server { + listen 8081; + server_name localhost; + + #charset koi8-r; + + #access_log logs/host.access.log main; + + location / { + root html; + index index.html index.htm; + } + + #error_page 404 /404.html; + + # redirect server error pages to the static page /50x.html + # + error_page 500 502 503 504 /50x.html; + location = /50x.html { + root html; + } + + + location ~ \.fcgi$ { + root /tmp/web; + fastcgi_pass 127.0.0.1:8082; + # fastcgi_index index.php; + # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; + include fastcgi_params; + } + + } + +}