60e6941e1b
- Renamed nginx-1.2.4-perl_vendor_install.patch to nginx-perl.patch. - Used atosetup -p1 macro and replaced editor from perl to sed. - Updated to 1.27.1 * https://nginx.org/en/CHANGES * Fixed crash in ngx_http_mp4_module via specially crafted mp4 file (CVE-2024-7347). * Now the stream module handler is not mandatory. * Fixed new HTTP/2 connections might ignore graceful shutdown of old worker processes. OBS-URL: https://build.opensuse.org/package/show/server:http/nginx?expand=0&rev=268
120 lines
3.5 KiB
Diff
120 lines
3.5 KiB
Diff
diff -Pdpru nginx-1.27.1.orig/conf/nginx.conf nginx-1.27.1/conf/nginx.conf
|
|
--- nginx-1.27.1.orig/conf/nginx.conf 2024-08-12 17:21:01.000000000 +0300
|
|
+++ nginx-1.27.1/conf/nginx.conf 2024-08-16 02:08:46.680107766 +0300
|
|
@@ -1,16 +1,28 @@
|
|
+#user nginx nginx;
|
|
+#worker_processes 1;
|
|
+#pcre_jit off;
|
|
|
|
-#user nobody;
|
|
-worker_processes 1;
|
|
+# load_module #LIBDIR#/nginx/modules/ngx_http_echo_module.so;
|
|
+# load_module #LIBDIR#/nginx/modules/ngx_http_fancyindex_module.so;
|
|
+# load_module #LIBDIR#/nginx/modules/ngx_http_geoip2_module.so;
|
|
+# load_module #LIBDIR#/nginx/modules/ngx_http_image_filter_module.so;
|
|
+# load_module #LIBDIR#/nginx/modules/ngx_http_lua_module.so;
|
|
+# load_module #LIBDIR#/nginx/modules/ngx_http_perl_module.so;
|
|
+# load_module #LIBDIR#/nginx/modules/ngx_http_xslt_filter_module.so;
|
|
+# load_module #LIBDIR#/nginx/modules/ngx_mail_module.so;
|
|
+# load_module #LIBDIR#/nginx/modules/ngx_stream_geoip2_module.so;
|
|
+# load_module #LIBDIR#/nginx/modules/ngx_stream_module.so;
|
|
|
|
-#error_log logs/error.log;
|
|
-#error_log logs/error.log notice;
|
|
-#error_log logs/error.log info;
|
|
+#error_log /var/log/nginx/error.log;
|
|
+#error_log /var/log/nginx/error.log notice;
|
|
+#error_log /var/log/nginx/error.log info;
|
|
|
|
-#pid logs/nginx.pid;
|
|
+#pid /var/run/nginx.pid;
|
|
|
|
|
|
events {
|
|
worker_connections 1024;
|
|
+ use epoll;
|
|
}
|
|
|
|
|
|
@@ -22,7 +34,7 @@ http {
|
|
# '$status $body_bytes_sent "$http_referer" '
|
|
# '"$http_user_agent" "$http_x_forwarded_for"';
|
|
|
|
- #access_log logs/access.log main;
|
|
+ #access_log /var/log/nginx/access.log main;
|
|
|
|
sendfile on;
|
|
#tcp_nopush on;
|
|
@@ -32,16 +44,18 @@ http {
|
|
|
|
#gzip on;
|
|
|
|
+ include conf.d/*.conf;
|
|
+
|
|
server {
|
|
listen 80;
|
|
server_name localhost;
|
|
|
|
#charset koi8-r;
|
|
|
|
- #access_log logs/host.access.log main;
|
|
+ #access_log /var/log/nginx/host.access.log main;
|
|
|
|
location / {
|
|
- root html;
|
|
+ root /srv/www/htdocs/;
|
|
index index.html index.htm;
|
|
}
|
|
|
|
@@ -51,7 +65,7 @@ http {
|
|
#
|
|
error_page 500 502 503 504 /50x.html;
|
|
location = /50x.html {
|
|
- root html;
|
|
+ root /srv/www/htdocs/;
|
|
}
|
|
|
|
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
|
|
@@ -63,7 +77,7 @@ http {
|
|
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
|
|
#
|
|
#location ~ \.php$ {
|
|
- # root html;
|
|
+ # root /srv/www/htdocs/;
|
|
# fastcgi_pass 127.0.0.1:9000;
|
|
# fastcgi_index index.php;
|
|
# fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
|
|
@@ -87,7 +101,7 @@ http {
|
|
# server_name somename alias another.alias;
|
|
|
|
# location / {
|
|
- # root html;
|
|
+ # root /srv/www/htdocs/;
|
|
# index index.html index.htm;
|
|
# }
|
|
#}
|
|
@@ -102,6 +116,10 @@ http {
|
|
# ssl_certificate cert.pem;
|
|
# ssl_certificate_key cert.key;
|
|
|
|
+ # Allow TLS version 1.2 only, which is a recommended default these days
|
|
+ # by international information security standards.
|
|
+ # ssl_protocols TLSv1.2;
|
|
+
|
|
# ssl_session_cache shared:SSL:1m;
|
|
# ssl_session_timeout 5m;
|
|
|
|
@@ -109,9 +127,11 @@ http {
|
|
# ssl_prefer_server_ciphers on;
|
|
|
|
# location / {
|
|
- # root html;
|
|
+ # root /srv/www/htdocs/;
|
|
# index index.html index.htm;
|
|
# }
|
|
#}
|
|
|
|
+ include vhosts.d/*.conf;
|
|
+
|
|
}
|