gitlabFork/ISPConfig3.git - Solinfo Gitblit

vhost quota not correctly pointing to document root (DF -T) (fixes #3984)

Pascal Dreissen

2016-07-08 a481a62a13c241df0b3269f7f915789f4451d51b

commit \| author \| age
181529	1	server {
d22277	2	listen <tmpl_var name='ip_address'>:<tmpl_var name='http_port'>;
8e2c2e	3	<tmpl_if name='ipv6_enabled'>
d22277	4	listen [<tmpl_var name='ipv6_address'>]:<tmpl_var name='http_port'>;
8e2c2e	5	</tmpl_if>
0ae8da	6
8e2c2e	7	<tmpl_if name='ssl_enabled'>
d22277	8	listen <tmpl_var name='ip_address'>:<tmpl_var name='https_port'> ssl{tmpl_if name='enable_http2' op='==' value='y'} http2{/tmpl_if}{tmpl_if name='enable_spdy' op='==' value='y'} spdy{/tmpl_if};
53124e	9	ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
8e2c2e	10	<tmpl_if name='ipv6_enabled'>
d22277	11	listen [<tmpl_var name='ipv6_address'>]:<tmpl_var name='https_port'> ssl{tmpl_if name='enable_http2' op='==' value='y'} http2{/tmpl_if}{tmpl_if name='enable_spdy' op='==' value='y'} spdy{/tmpl_if};
8e2c2e	12	</tmpl_if>
0ae8da	13	ssl_certificate <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.crt;
F	14	ssl_certificate_key <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.key;
8e2c2e	15	</tmpl_if>
0ae8da	16
F	17	server_name <tmpl_var name='domain'> <tmpl_var name='alias'>;
181529	18
0ae8da	19	root <tmpl_var name='web_document_root_www'>;
f92749	20
8e2c2e	21	<tmpl_if name='seo_redirect_enabled'>
bfcdef	22	if ($http_host <tmpl_var name='seo_redirect_operator'> "<tmpl_var name='seo_redirect_origin_domain'>") {
a00888	23	rewrite ^ $scheme://<tmpl_var name='seo_redirect_target_domain'>$request_uri? permanent;
e64fbb	24	}
8e2c2e	25	</tmpl_if>
bfcdef	26	<tmpl_loop name="alias_seo_redirects">
T	27	if ($http_host <tmpl_var name='alias_seo_redirect_operator'> "<tmpl_var name='alias_seo_redirect_origin_domain'>") {
	28	rewrite ^ $scheme://<tmpl_var name='alias_seo_redirect_target_domain'>$request_uri? permanent;
f92749	29	}
8e2c2e	30	</tmpl_loop>
43b345	31	<tmpl_loop name="local_redirects">
T	32	if ($http_host <tmpl_var name='local_redirect_operator'> "<tmpl_var name='local_redirect_origin_domain'>") {
	33	rewrite ^<tmpl_var name='local_redirect_exclude'>(.*)$ <tmpl_var name='local_redirect_target'>$2 <tmpl_var name='local_redirect_type'>;
	34	}
	35	</tmpl_loop>
f0dfa9	36	<tmpl_if name='ssl_enabled'>
MC	37	<tmpl_if name='rewrite_to_https' op='==' value='y'>
	38	if ($scheme != "https") {
	39	rewrite ^ https://$http_host$request_uri? permanent;
	40	}
	41	</tmpl_if>
	42	</tmpl_if>
bfcdef	43
T	44	<tmpl_loop name="own_redirects">
	45	<tmpl_if name='use_rewrite'>
43b345	46	<tmpl_if name='exclude_own_hostname'>if ($http_host != "<tmpl_var name='exclude_own_hostname'>") { </tmpl_if>rewrite ^<tmpl_var name='rewrite_exclude'>(.*)$ <tmpl_var name='rewrite_target'>$2 <tmpl_var name='rewrite_type'>;<tmpl_if name='exclude_own_hostname'> }</tmpl_if>
bfcdef	47	</tmpl_if>
T	48	<tmpl_if name='use_proxy'>
	49	location / {
	50	proxy_pass <tmpl_var name='rewrite_target'>;
43b345	51	<tmpl_if name='rewrite_subdir'>rewrite ^/<tmpl_var name='rewrite_subdir'>(.*) /$1;</tmpl_if>
bfcdef	52	<tmpl_loop name="proxy_directives">
T	53	<tmpl_var name='proxy_directive'>
	54	</tmpl_loop>
	55	}
	56	</tmpl_if>
	57	</tmpl_loop>
	58	<tmpl_if name='use_proxy' op='!=' value='y'>
3c12a4	59	index index.html index.htm index.php index.cgi index.pl index.xhtml;
0ae8da	60
8e2c2e	61	<tmpl_if name='ssi' op='==' value='y'>
0ae8da	62	location ~ \.shtml$ {
F	63	ssi on;
	64	}
8e2c2e	65	</tmpl_if>
0ae8da	66
8e2c2e	67	<tmpl_if name='errordocs'>
0ae8da	68	error_page 400 /error/400.html;
F	69	error_page 401 /error/401.html;
	70	error_page 403 /error/403.html;
	71	error_page 404 /error/404.html;
	72	error_page 405 /error/405.html;
	73	error_page 500 /error/500.html;
445513	74	error_page 502 /error/502.html;
0ae8da	75	error_page 503 /error/503.html;
b67344	76	recursive_error_pages on;
T	77	location = /error/400.html {
bfcdef	78	<tmpl_var name='web_document_root_www_proxy'>
b67344	79	internal;
T	80	}
	81	location = /error/401.html {
bfcdef	82	<tmpl_var name='web_document_root_www_proxy'>
b67344	83	internal;
T	84	}
	85	location = /error/403.html {
bfcdef	86	<tmpl_var name='web_document_root_www_proxy'>
b67344	87	internal;
T	88	}
	89	location = /error/404.html {
bfcdef	90	<tmpl_var name='web_document_root_www_proxy'>
b67344	91	internal;
T	92	}
	93	location = /error/405.html {
bfcdef	94	<tmpl_var name='web_document_root_www_proxy'>
b67344	95	internal;
T	96	}
	97	location = /error/500.html {
bfcdef	98	<tmpl_var name='web_document_root_www_proxy'>
b67344	99	internal;
T	100	}
	101	location = /error/502.html {
bfcdef	102	<tmpl_var name='web_document_root_www_proxy'>
b67344	103	internal;
T	104	}
	105	location = /error/503.html {
bfcdef	106	<tmpl_var name='web_document_root_www_proxy'>
b67344	107	internal;
T	108	}
8e2c2e	109	</tmpl_if>
0ae8da	110
F	111	error_log /var/log/ispconfig/httpd/<tmpl_var name='domain'>/error.log;
b6a10a	112	access_log /var/log/ispconfig/httpd/<tmpl_var name='domain'>/access.log combined;
0ae8da	113
F	114	## Disable .htaccess and other hidden files
c9b5ed	115	location ~ /\.(?!well-known/acme-challenge/) {
0ae8da	116	deny all;
F	117	access_log off;
	118	log_not_found off;
181529	119	}
0ae8da	120
3c12a4	121	location = /favicon.ico {
0ae8da	122	log_not_found off;
F	123	access_log off;
	124	}
	125
	126	location = /robots.txt {
	127	allow all;
	128	log_not_found off;
	129	access_log off;
	130	}
	131
992797	132	location /stats/ {
bfcdef	133	<tmpl_var name='web_document_root_www_proxy'>
0ae8da	134	index index.html index.php;
F	135	auth_basic "Members Only";
	136	auth_basic_user_file <tmpl_var name='stats_auth_passwd_file'>;
	137	}
	138
b67344	139	location ^~ /awstats-icon {
8cf78b	140	alias /usr/share/awstats/icon;
T	141	}
	142
0ae8da	143	location ~ \.php$ {
c8c13a	144	try_files <tmpl_var name='rnd_php_dummy_file'> @php;
e19c2e	145	}
F	146
	147	<tmpl_if name='php' op='==' value='php-fpm'>
	148	location @php {
f92749	149	try_files $uri =404;
ad9986	150	include /etc/nginx/fastcgi_params;
8e2c2e	151	<tmpl_if name='use_tcp'>
F	152	fastcgi_pass 127.0.0.1:<tmpl_var name='fpm_port'>;
	153	</tmpl_if>
	154	<tmpl_if name='use_socket'>
	155	fastcgi_pass unix:<tmpl_var name='fpm_socket'>;
	156	</tmpl_if>
0ae8da	157	fastcgi_index index.php;
F	158	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
43b345	159	#fastcgi_param PATH_INFO $fastcgi_script_name;
ad9986	160	fastcgi_intercept_errors on;
0ae8da	161	}
8e2c2e	162	</tmpl_else>
1c6da3	163	<tmpl_if name='php' op='==' value='hhvm'>
MC	164	location @php {
	165	try_files $uri =404;
	166	include /etc/nginx/fastcgi_params;
	167	fastcgi_pass unix:/var/run/hhvm/hhvm.<tmpl_var name='system_user'>.sock;
	168	fastcgi_index index.php;
	169	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	170	#fastcgi_param PATH_INFO $fastcgi_script_name;
	171	fastcgi_intercept_errors on;
d22277	172	error_page 500 501 502 503 = @phpfallback;
MB	173	}
	174
	175	location @phpfallback {
	176	try_files $uri =404;
	177	include /etc/nginx/fastcgi_params;
	178	<tmpl_if name='use_tcp'>
	179	fastcgi_pass 127.0.0.1:<tmpl_var name='fpm_port'>;
	180	</tmpl_if>
	181	<tmpl_if name='use_socket'>
	182	fastcgi_pass unix:<tmpl_var name='fpm_socket'>;
	183	</tmpl_if>
	184	fastcgi_index index.php;
	185	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	186	#fastcgi_param PATH_INFO $fastcgi_script_name;
	187	fastcgi_intercept_errors on;
1c6da3	188	}
MC	189	</tmpl_else>
	190
e19c2e	191	location @php {
0ae8da	192	deny all;
F	193	}
1c6da3	194	</tmpl_if>
8e2c2e	195	</tmpl_if>
0ae8da	196
8e2c2e	197	<tmpl_if name='cgi' op='==' value='y'>
0ae8da	198	location /cgi-bin/ {
f92749	199	try_files $uri =404;
ad9986	200	include /etc/nginx/fastcgi_params;
0ae8da	201	root <tmpl_var name='document_root'>;
F	202	gzip off;
	203	fastcgi_pass unix:/var/run/fcgiwrap.socket;
	204	fastcgi_index index.cgi;
	205	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
ad9986	206	fastcgi_intercept_errors on;
0ae8da	207	}
8e2c2e	208	</tmpl_if>
181529	209
615a0a	210	<tmpl_loop name="rewrite_rules">
T	211	<tmpl_var name='rewrite_rule'>
	212	</tmpl_loop>
	213
8e2c2e	214	<tmpl_loop name="nginx_directives">
3c12a4	215	<tmpl_var name='nginx_directive'>
8ab3cd	216	</tmpl_loop>
T	217
86bc65	218	<tmpl_if name='enable_pagespeed' op='==' value='y'>
MC	219	pagespeed on;
	220	pagespeed FileCachePath /var/ngx_pagespeed_cache;
	221	<tmpl_if name='ssl_enabled'>pagespeed FetchHttps enable,allow_self_signed;</tmpl_if>
	222
	223
	224	# let's speed up PageSpeed by storing it in the super duper fast memcached
	225	pagespeed MemcachedThreads 1;
	226	pagespeed MemcachedServers "localhost:11211";
	227
	228	# Filter settings
	229	pagespeed RewriteLevel CoreFilters;
	230	pagespeed EnableFilters collapse_whitespace,remove_comments;
	231
	232	# Ensure requests for pagespeed optimized resources go to the pagespeed
	233	# handler and no extraneous headers get set.
	234	location ~ "\.pagespeed\.([a-z]\.)?[a-z]{2}\.[^.]{10}\.[^.]+" {
	235	add_header "" "";
	236	access_log off;
	237	}
	238	location ~ "^/ngx_pagespeed_static/" {
	239	access_log off;
	240	}
	241	location ~ "^/ngx_pagespeed_beacon$" {
	242	access_log off;
	243	}
	244	location /ngx_pagespeed_statistics {
	245	allow 127.0.0.1;
	246	deny all;
	247	access_log off;
	248	}
	249	location /ngx_pagespeed_global_statistics {
	250	allow 127.0.0.1;
	251	deny all;
	252	access_log off;
	253	}
	254	location /ngx_pagespeed_message {
	255	allow 127.0.0.1;
	256	deny all;
	257	access_log off;
	258	}
	259	location /pagespeed_console {
	260	allow 127.0.0.1;
	261	deny all;
	262	access_log off;
	263	}
	264	</tmpl_if>
	265
4a060e	266	location ~ /\.well-known/acme-challenge/ {
MB	267	root /usr/local/ispconfig/interface/acme/;
7456a4	268	index index.html index.htm;
MB	269	try_files $uri =404;
	270	}
	271
	272
8ab3cd	273	<tmpl_loop name="basic_auth_locations">
9b16a3	274	location <tmpl_var name='htpasswd_location'> { ##merge##
8ab3cd	275	auth_basic "Members Only";
T	276	auth_basic_user_file <tmpl_var name='htpasswd_path'>.htpasswd;
e19c2e	277
F	278	location ~ \.php$ {
53f048	279	try_files <tmpl_var name='rnd_php_dummy_file'> @php;
e19c2e	280	}
8ab3cd	281	}
T	282	</tmpl_loop>
bfcdef	283	</tmpl_if>
T	284	}
	285
	286	<tmpl_loop name="redirects">
	287	server {
	288	listen <tmpl_var name='ip_address'>:80;
	289	<tmpl_if name='ipv6_enabled'>
	290	listen [<tmpl_var name='ipv6_address'>]:80;
	291	</tmpl_if>
	292
	293	<tmpl_if name='ssl_enabled'>
	294	listen <tmpl_var name='ip_address'>:443 ssl;
	295	<tmpl_if name='ipv6_enabled'>
	296	listen [<tmpl_var name='ipv6_address'>]:443 ssl;
	297	</tmpl_if>
	298	ssl_certificate <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.crt;
	299	ssl_certificate_key <tmpl_var name='document_root'>/ssl/<tmpl_var name='ssl_domain'>.key;
	300	</tmpl_if>
	301
	302	server_name <tmpl_var name='rewrite_domain'>;
7456a4	303
4a060e	304	location ~ /\.well-known/acme-challenge/ {
MB	305	root /usr/local/ispconfig/interface/acme/;
7456a4	306	index index.html index.htm;
MB	307	try_files $uri =404;
	308	}
	309
bfcdef	310	<tmpl_if name='alias_seo_redirects2'>
T	311	<tmpl_loop name="alias_seo_redirects2">
	312	if ($http_host <tmpl_var name='alias_seo_redirect_operator'> "<tmpl_var name='alias_seo_redirect_origin_domain'>") {
	313	rewrite ^ $scheme://<tmpl_var name='alias_seo_redirect_target_domain'>$request_uri? permanent;
	314	}
	315	</tmpl_loop>
	316	</tmpl_if>
	317	<tmpl_if name='use_rewrite'>
	318	rewrite ^ <tmpl_var name='rewrite_target'>$request_uri? <tmpl_var name='rewrite_type'>;
	319	</tmpl_if>
	320	<tmpl_if name='use_proxy'>
	321	location / {
	322	proxy_pass <tmpl_var name='rewrite_target'>;
43b345	323	<tmpl_if name='rewrite_subdir'>rewrite ^/<tmpl_var name='rewrite_subdir'>(.*) /$1;</tmpl_if>
bfcdef	324	<tmpl_loop name="proxy_directives">
T	325	<tmpl_var name='proxy_directive'>
	326	</tmpl_loop>
	327	}
	328	</tmpl_if>
	329	}
f7ec00	330	</tmpl_loop>