initial

2 files changed, 59 insertions, 0 deletions

diff --git a/conf/ldap/ldap.env b/conf/ldap/ldap.env
new file mode 100644
index 0000000..f387147
--- /dev/null
+++ b/conf/ldap/ldap.env
@@ -0,0 +1,9 @@
+
+LDAP_URL=
+LDAP_BIND_DN=
+LDAP_BIND_PASSWORD=
+LDAP_BASE_DN=
+LDAP_FILTER="(&)"
+LDAP_UID="cn"
+
+HTTP_HOST=auth.example.com
diff --git a/conf/nginx/nginx.conf b/conf/nginx/nginx.conf
new file mode 100644
index 0000000..ae17eba
--- /dev/null
+++ b/conf/nginx/nginx.conf
@@ -0,0 +1,50 @@
+worker_processes 4;
+daemon off;
+pid	/tmp/nginx.pid;
+error_log /var/log/nginx/error.log;
+
+events {
+	worker_connections 1024;
+}
+
+http {
+	include					mime.types;
+	default_type			application/octet-stream;
+	sendfile				on;
+	keepalive_timeout		70;
+	server_tokens			off;
+	client_max_body_size	2m;
+
+	access_log /var/log/nginx/access.log;
+
+	server {
+		listen 8080;
+		root /opt/website;
+
+		gzip on;
+		gzip_vary on;
+		gzip_proxied any;
+		gzip_comp_level 6;
+		gzip_buffers 16 8k;
+		gzip_http_version 1.1;
+		gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript image/svg+xml image/x-icon;
+
+		location /favicon.ico {
+			add_header Cache-Control "public, max-age=31536000, immutable";
+			root /opt/website/public/icons;
+		}
+
+		location /public {
+			add_header Cache-Control "public, max-age=31536000, immutable";
+			try_files $uri =404;
+		}
+
+		location / {
+			add_header Content-Security-Policy "script-src 'none'; object-src 'none'; base-uri 'none'";
+			root /opt/website/web;
+			include fastcgi_params;
+			fastcgi_pass php:9000;
+			fastcgi_param SCRIPT_FILENAME $document_root/index.php;
+		}
+	}
+}