pma_vhost.j2 2.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081
  1. {% if ansible_prolog -%}
  2. {% from 'templates/ansible/prolog.j2' import prolog with context %}
  3. {{ prolog() }}
  4. {% endif -%}
  5. # Nginx vhost for phpmyadmin
  6. server {
  7. {% if phpmyadmin_vhostip or phpmyadmin_vhostport %}
  8. listen {% if phpmyadmin_vhostip %}{{ phpmyadmin_vhostip }}{% endif %}{% if phpmyadmin_vhostip and phpmyadmin_vhostport %}:{% endif %}{% if phpmyadmin_vhostport %}{{ phpmyadmin_vhostport }}{% endif %};
  9. {% endif %}
  10. server_name {{ phpmyadmin_vhostname }};
  11. access_log /var/log/nginx/pma.access.log main;
  12. error_log /var/log/nginx/pma.error.log;
  13. {% if phpmyadmin_ssl %}
  14. include letsencrypt;
  15. {% endif %}
  16. {% if phpmyadmin_ssl and ssl_certs_auto_installed.stdout_lines is defined and phpmyadmin_vhostname in ssl_certs_auto_installed.stdout_lines %}
  17. location / {
  18. return 301 https://{{ phpmyadmin_vhostname }}$request_uri;
  19. }
  20. {% else %}
  21. root /usr/share/phpmyadmin;
  22. index index.php;
  23. try_files $uri $uri/ /index.php;
  24. {% if http_auth_phpmyadmin %}
  25. auth_basic "Restricted Access";
  26. auth_basic_user_file /etc/nginx/auth_admin;
  27. {% endif %}
  28. client_max_body_size 128m;
  29. location ~ \.php(/|$) {
  30. include fastcgi_pass_fpm;
  31. fastcgi_read_timeout 300s;
  32. {% if nginx_fpm_openbasedir_enforced %}
  33. fastcgi_param PHP_ADMIN_VALUE "upload_tmp_dir=/tmp\nopen_basedir=$document_root:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share:/tmp:/dev/random:/dev/urandom\nmax_execution_time=300\nupload_max_filesize=128M\npost_max_size=128M";
  34. {% else %}
  35. fastcgi_param PHP_ADMIN_VALUE "max_execution_time=240\nupload_max_filesize=128M\npost_max_size=128M";
  36. {% endif %}
  37. }
  38. {% endif %}
  39. }
  40. {% if phpmyadmin_ssl and ssl_certs_auto_installed.stdout_lines is defined and phpmyadmin_vhostname in ssl_certs_auto_installed.stdout_lines %}
  41. server {
  42. listen {% if phpmyadmin_vhostip %}{{ phpmyadmin_vhostip }}:{% endif %}{% if phpmyadmin_vhostport %}{{ phpmyadmin_vhostport }}{% else %}443{% endif %} ssl;
  43. server_name {{ phpmyadmin_vhostname }};
  44. include vhost_ssl_auto-{{ phpmyadmin_vhostname }};
  45. access_log /var/log/nginx/pma.access.log main;
  46. error_log /var/log/nginx/pma.error.log;
  47. root /usr/share/phpmyadmin;
  48. index index.php;
  49. try_files $uri $uri/ /index.php;
  50. {% if http_auth_phpmyadmin %}
  51. auth_basic "Restricted Access";
  52. auth_basic_user_file /etc/nginx/auth_admin;
  53. {% endif %}
  54. client_max_body_size 128m;
  55. location ~ \.php(/|$) {
  56. include fastcgi_pass_fpm;
  57. fastcgi_read_timeout 300s;
  58. {% if nginx_fpm_openbasedir_enforced %}
  59. fastcgi_param PHP_ADMIN_VALUE "upload_tmp_dir=/tmp\nopen_basedir=$document_root:/etc/phpmyadmin:/var/lib/phpmyadmin:/tmp:/usr/share:/tmp:/dev/random:/dev/urandom\nmax_execution_time=300\nupload_max_filesize=128M\npost_max_size=128M";
  60. {% else %}
  61. fastcgi_param PHP_ADMIN_VALUE "max_execution_time=240\nupload_max_filesize=128M\npost_max_size=128M";
  62. {% endif %}
  63. }
  64. }
  65. {% endif %}