diff --git a/debian/changelog b/debian/changelog index 470a04a..a7ea6b4 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,5 +1,6 @@ -nginx (1.10.2-2) UNRELEASED; urgency=medium +nginx (1.10.2-3) UNRELEASED; urgency=medium + [ Christos Trochalakis ] * Build against OpenSSL 1.1.0. (Closes: #828453) + Patch for nginx-lua by Alessandro Ghedini. + Patch for nginx-upstream-fair by Kurt Roeckx. @@ -8,7 +9,18 @@ nginx (1.10.2-2) UNRELEASED; urgency=medium + Convert dav-ext to a dynamic module package: o libnginx-mod-http-dav-ext - -- Christos Trochalakis Sat, 29 Oct 2016 17:26:04 +0300 + [ Michael Lustfield ] + * debian/conf/sites-available/default: + + Updated PHP sample configuration block. (Closes: #841230) + + Updated documentation and sample configuration. (Closes: #841488) + * Added support for package-maintained configuration files. (Closes: #822792) + + debian/conf/sites-available/default [+include] + + debian/conf/apps.d/README [added] + + debian/nginx-common.dirs [+apps.d] + * debian/nginx-common.postrm: + + Removing /etc/nginx from 'rm -rf' on purge. + + -- Michael Lustfield Thu, 10 Nov 2016 07:21:14 +0000 nginx (1.10.2-1) unstable; urgency=high diff --git a/debian/conf/apps.d/README b/debian/conf/apps.d/README new file mode 100644 index 0000000..6885e0d --- /dev/null +++ b/debian/conf/apps.d/README @@ -0,0 +1,5 @@ +This directory is included by the default configuration file. It is intended +to be a place for web applications to place their configurations and have them +included in the default server block. + +https://wiki.debian.org/Nginx/DirectoryStructure#appincludes diff --git a/debian/conf/sites-available/default b/debian/conf/sites-available/default index 890f572..1f9d710 100644 --- a/debian/conf/sites-available/default +++ b/debian/conf/sites-available/default @@ -1,17 +1,14 @@ ## # You should look at the following URL's in order to grasp a solid understanding # of Nginx configuration files in order to fully unleash the power of Nginx. -# https://www.nginx.com/resources/wiki/start/ +# # https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/ -# https://wiki.debian.org/Nginx/DirectoryStructure +# https://www.nginx.com/resources/wiki/start/ +# http://nginx.com/resources/admin-guide # -# In most cases, administrators will remove this file from sites-enabled/ and -# leave it as reference inside of sites-available where it will continue to be -# updated by the nginx packaging team. -# -# This file will automatically load configuration files provided by other -# applications, such as Drupal or Wordpress. These applications will be made -# available underneath a path with that package name, such as /drupal8. +# In most cases, it is assumed that users will remove this file from sites-enabled/ +# and write their own configuration files while leaving this file as a reference +# in sites-available/. # # Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples. ## @@ -24,8 +21,8 @@ server { # SSL configuration # - # listen 443 ssl default_server; - # listen [::]:443 ssl default_server; + #listen 443 ssl default_server; + #listen [::]:443 ssl default_server; # # Note: You should disable gzip for SSL traffic. # See: https://bugs.debian.org/773332 @@ -36,45 +33,105 @@ server { # Self signed certs generated by the ssl-cert package # Don't use them in a production server! # - # include snippets/snakeoil.conf; + #include snippets/snakeoil.conf; + + # Server name + # + # Our default server_name is an invalid hostname that won't be matched + # by any valid requests. Any server_name defined in another configuration + # will supercede ours and take precedence. + # + # If additional configuration files are created, it would be a good idea + # to include the 'default_server' token on one of them as well. + # + # See: http://ngx.cc/r/server_name + # + server_name _; root /var/www/html; - # Add index.php to the list if you are using PHP index index.html index.htm index.nginx-debian.html; - server_name _; - location / { - # First attempt to serve request as file, then - # as directory, then fall back to displaying a 404. + # This represents the default try_files directive. + # + # $uri serves a static regular file, or symlink, if the root dir + # plus the exact requested path ($uri) exists. + # + # $uri/ has two functions, if a directory named root + $uri exists: + # 1. If the requested path doesn't end in /, nginx issues a 301 + # with a slash (/) appended. + # 2. If the requested path ends in /, nginx tries to serve an index + # file if one exists (index directive), or a generated index if + # autoindex is enabled, or else responds with 403. + # + # The final argument is a fallback and expected to always exist. The + # default "=404" returns a 404 response to the user. + # try_files $uri $uri/ =404; } - # pass PHP scripts to FastCGI server + # Packaged applications # + # Some packages might attempt to provide fully-deployed web applications. + # In these cases, packages are expected to make their application available + # under a path with the same name. + # + # apt-get install drupal7 -> http://localhost/drupal7 + # + # For custom applications, it is perfectly acceptable to create a file + # named apps.d/local_zeplin.conf that provides location ^~ /zeplin { }. + # + # See: https://wiki.debian.org/Nginx/DirectoryStructure#appincludes + # + include apps.d/*.conf; + #location ~ \.php$ { - # include snippets/fastcgi-php.conf; - # - # # With php-fpm (or other unix sockets): - # fastcgi_pass unix:/var/run/php7.0-fpm.sock; - # # With php-cgi (or other tcp sockets): - # fastcgi_pass 127.0.0.1:9000; + # Pass the PHP scripts to a FastCGI application server + # in some cases, "index.php" should be added to the (above) index directive + + # Includes default and suggested FastCGI configuration values + #include snippets/fastcgi-php.conf; + + # If using php-fpm, this is the default socket location. If you have + # a different version of php-fpm installed, this may be different. + #fastcgi_pass unix:/var/run/php7.0-fpm.sock #} - # deny access to .htaccess files, if Apache's document root - # concurs with nginx's one - # #location ~ /\.ht { - # deny all; + # If your web application was designed to be run on apache, it likely + # has .htaccess and possibly a .htpasswd file embedded. It is typically + # recommended to remove access to these files. + + # If you are using apache as your application server, we strongly + # recommend looking into uwsgi as an alternative. + # + #deny all; + #} + + #location ~ /\. { + # As an alternative to the above, it's possible to block access + # to all hidden directories and files, not just .htaccess/passwd. + # + # If choosing this, any hidden directories (such as .well-known, + # used for letsencrypt) will need to be explicitly allowed. + # + # deny all; + #} + + #location ^~ /.well-known/ { + # A prefix ( ^~ ) match will take precedence over the regex ( ~ ) match + # from above. Because nginx will only select one location block per nest, + # no directives need to be specified here to override deny all from above. #} } # Virtual Host configuration for example.com # -# You can move that to a different file under sites-available/ and symlink that -# to sites-enabled/ to enable it. +# You can create files underneath the sites-available/ directory and symlink to +# them from sites-enabled/. Once nginx has been reloaded, the changes will take +# effect. (service nginx reload) # #server { # listen 80; @@ -86,6 +143,6 @@ server { # index index.html; # # location / { -# try_files $uri $uri/ =404; +# try_files $uri =404; # } #} diff --git a/debian/nginx-common.dirs b/debian/nginx-common.dirs index 65bb651..4d76d20 100644 --- a/debian/nginx-common.dirs +++ b/debian/nginx-common.dirs @@ -1,4 +1,5 @@ etc/nginx +etc/nginx/apps.d etc/nginx/conf.d etc/nginx/modules-available etc/nginx/modules-enabled diff --git a/debian/nginx-common.postrm b/debian/nginx-common.postrm index b0f2e30..a523a95 100644 --- a/debian/nginx-common.postrm +++ b/debian/nginx-common.postrm @@ -13,7 +13,8 @@ dpkg-maintscript-helper rm_conffile \ case "$1" in purge) - rm -rf /var/lib/nginx /var/log/nginx /etc/nginx + rm -f /etc/nginx/apps.d/README /etc/nginx/sites-enabled/default /var/www/html/index.nginx-debian.html + rm -rf /var/lib/nginx /var/log/nginx ;; upgrade|remove|failed-upgrade|abort-install|abort-upgrade|disappear)