ZoneMinder
/
zoneminder
mirror of https://github.com/ZoneMinder/zoneminder.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

rpm pkg - update nginx config

pull/2331/head
Andrew Bauer 2018-12-01 09:58:12 -06:00
parent 6ad54aad93
commit 76e0782d97
5 changed files with 58 additions and 46 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
distros/redhat/CMakeLists.txt
View File

@ -32,6 +32,7 @@ configure_file(httpd/com.zoneminder.systemctl.rules.httpd.in ${CMAKE_CURRENT_SOU
# Configure the Nginx zoneminder files
configure_file(nginx/zm-nginx.conf ${CMAKE_CURRENT_SOURCE_DIR}/zm-nginx.conf COPYONLY)
configure_file(nginx/zoneminder.nginx.conf.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.nginx.conf @ONLY)
configure_file(nginx/redirect.nginx.conf ${CMAKE_CURRENT_SOURCE_DIR}/redirect.nginx.conf COPYONLY)
configure_file(nginx/zoneminder.nginx.tmpfiles.in ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.nginx.tmpfiles.conf @ONLY)
configure_file(nginx/zm-web-user.conf ${CMAKE_CURRENT_SOURCE_DIR}/zm-web-user.conf COPYONLY)
configure_file(nginx/zoneminder.php-fpm.conf ${CMAKE_CURRENT_SOURCE_DIR}/zoneminder.php-fpm.conf COPYONLY)
@ -62,6 +63,7 @@ install(FILES com.zoneminder.systemctl.rules.httpd DESTINATION /etc/zm/www PERMI
# Install the Nginx zoneminder files
install(FILES zm-nginx.conf DESTINATION /usr/lib/systemd/system/zoneminder.service.d PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install(FILES zoneminder.nginx.conf DESTINATION /etc/zm/www PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install(FILES redirect.nginx.conf DESTINATION /etc/zm/www PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install(FILES zoneminder.nginx.tmpfiles.conf DESTINATION /usr/lib/tmpfiles.d PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install(FILES com.zoneminder.systemctl.rules.nginx DESTINATION /etc/zm/www PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)
install(FILES zm-web-user.conf DESTINATION /etc/zm/conf.d PERMISSIONS OWNER_WRITE OWNER_READ GROUP_READ WORLD_READ)

2
distros/redhat/nginx/redirect.nginx.conf Normal file
View File

@ -0,0 +1,2 @@
# Auto redirect to https
return 301 https://$host$request_uri;

90
distros/redhat/nginx/zoneminder.nginx.conf.in
View File

@ -1,53 +1,57 @@
listen 443 ssl;
listen [::]:443 ssl;
server {
listen 443 ssl default_server;
listen [::]:443 ssl default_server;
server_name = localhost $hostname;
ssl_certificate "/etc/pki/tls/certs/localhost.crt";
ssl_certificate_key "/etc/pki/tls/private/localhost.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers PROFILE=SYSTEM;
ssl_prefer_server_ciphers on;
ssl_certificate "/etc/pki/tls/certs/localhost.crt";
ssl_certificate_key "/etc/pki/tls/private/localhost.key";
ssl_session_cache shared:SSL:1m;
ssl_session_timeout 10m;
ssl_ciphers PROFILE=SYSTEM;
ssl_prefer_server_ciphers on;
# Auto-redirect HTTP requests to HTTPS
if ($scheme != "https") {
rewrite ^/?(zm)(.*)$ https://$host/$1$2 permanent;
}
location /cgi-bin-zm {
gzip off;
alias "@ZM_CGIDIR@";
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_pass unix:/run/fcgiwrap.sock;
}
location /zm/cache {
alias "@ZM_CACHEDIR@";
}
location /zm {
gzip off;
alias "@ZM_WEBDIR@";
index index.php;
location ~ \.php$ {
if (!-f $request_filename) { return 404; }
expires epoch;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_index index.php;
fastcgi_pass unix:/run/php-fpm/www.sock;
# Auto redirect to server/zm when no url suffix was given
location = / {
return 301 zm;
}
location ~ \.(jpg|jpeg|gif|png|ico)$ {
access_log off;
expires 33d;
location /cgi-bin-zm {
gzip off;
alias "@ZM_CGIDIR@";
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_pass unix:/run/fcgiwrap.sock;
}
location /zm/api/ {
location /zm/cache {
alias "@ZM_CACHEDIR@";
}
location /zm {
gzip off;
alias "@ZM_WEBDIR@";
rewrite ^/zm/api(.+)$ /zm/api/app/webroot/index.php?p=$1 last;
index index.php;
location ~ \.php$ {
try_files $uri =404;
expires epoch;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_index index.php;
fastcgi_pass unix:/run/php-fpm/www.sock;
}
location ~ \.(jpg|jpeg|gif|png|ico)$ {
access_log off;
expires 33d;
}
location /zm/api/ {
alias "@ZM_WEBDIR@";
rewrite ^/zm/api(.+)$ /zm/api/app/webroot/index.php?p=$1 last;
}
}
}

9
distros/redhat/readme/README.nginx
View File

@ -61,8 +61,7 @@ New installs
6. Configure the web server
This package uses the HTTPS protocol by default to access the web portal,
using the default self signed certificate on your system. Requests using
HTTP will auto-redirect to HTTPS.
using the default self signed certificate on your system.
Inspect the web server configuration file and verify it meets your needs:
@ -71,9 +70,13 @@ New installs
If you are running other web enabled services then you may need to edit
this file to suite. See README.https to learn about other alternatives.
If you wish http requests to auto-redirect to https requests, then link or
copy /etc/zm/www/redirect.nginx.conf into /etc/nginx/default.d folder.
When in doubt, proceed with the default:
sudo ln -sf /etc/zm/www/zoneminder.nginx.conf /etc/nginx/default.d/
sudo ln -sf /etc/zm/www/zoneminder.nginx.conf /etc/nginx/conf.d/
sudo ln -sf /etc/zm/www/redirect.nginx.conf /etc/nginx/default.d/
7. Edit /etc/sysconfig/fcgiwrap and set DAEMON_PROCS to the maximum number of
simulatneous streams the server should support. Generally, a good minimum

1
distros/redhat/zoneminder.spec
View File

@ -390,6 +390,7 @@ EOF
%config(noreplace) %attr(640,root,nginx) %{_sysconfdir}/zm/conf.d/*.conf
%ghost %attr(640,root,nginx) %{_sysconfdir}/zm/conf.d/zmcustom.conf
%config(noreplace) %{_sysconfdir}/zm/www/zoneminder.nginx.conf
%config(noreplace) %{_sysconfdir}/zm/www/redirect.nginx.conf
%ghost %{_sysconfdir}/zm/www/zoneminder.conf
%config(noreplace) %{_sysconfdir}/zm/www/com.zoneminder.systemctl.rules.nginx
%ghost %{_datadir}/polkit-1/rules.d/com.zoneminder.systemctl.rules