* Unificando ficheros de configuración de Nginx

etc/nginx-rhel/fastcgi.conf

@@ -1,26 +0,0 @@
-
-fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
-fastcgi_param  QUERY_STRING       $query_string;
-fastcgi_param  REQUEST_METHOD     $request_method;
-fastcgi_param  CONTENT_TYPE       $content_type;
-fastcgi_param  CONTENT_LENGTH     $content_length;
-
-fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
-fastcgi_param  REQUEST_URI        $request_uri;
-fastcgi_param  DOCUMENT_URI       $document_uri;
-fastcgi_param  DOCUMENT_ROOT      $document_root;
-fastcgi_param  SERVER_PROTOCOL    $server_protocol;
-fastcgi_param  REQUEST_SCHEME     $scheme;
-fastcgi_param  HTTPS              $https if_not_empty;
-
-fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
-fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
-
-fastcgi_param  REMOTE_ADDR        $remote_addr;
-fastcgi_param  REMOTE_PORT        $remote_port;
-fastcgi_param  SERVER_ADDR        $server_addr;
-fastcgi_param  SERVER_PORT        $server_port;
-fastcgi_param  SERVER_NAME        $server_name;
-
-# PHP only, required if PHP was built with --enable-force-cgi-redirect
-fastcgi_param  REDIRECT_STATUS    200;

etc/nginx-rhel/fastcgi_params

@@ -1,25 +0,0 @@
-
-fastcgi_param  QUERY_STRING       $query_string;
-fastcgi_param  REQUEST_METHOD     $request_method;
-fastcgi_param  CONTENT_TYPE       $content_type;
-fastcgi_param  CONTENT_LENGTH     $content_length;
-
-fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
-fastcgi_param  REQUEST_URI        $request_uri;
-fastcgi_param  DOCUMENT_URI       $document_uri;
-fastcgi_param  DOCUMENT_ROOT      $document_root;
-fastcgi_param  SERVER_PROTOCOL    $server_protocol;
-fastcgi_param  REQUEST_SCHEME     $scheme;
-fastcgi_param  HTTPS              $https if_not_empty;
-
-fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
-fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
-
-fastcgi_param  REMOTE_ADDR        $remote_addr;
-fastcgi_param  REMOTE_PORT        $remote_port;
-fastcgi_param  SERVER_ADDR        $server_addr;
-fastcgi_param  SERVER_PORT        $server_port;
-fastcgi_param  SERVER_NAME        $server_name;
-
-# PHP only, required if PHP was built with --enable-force-cgi-redirect
-fastcgi_param  REDIRECT_STATUS    200;

etc/nginx-rhel/koi-utf

@@ -1,109 +0,0 @@
-
-# This map is not a full koi8-r <> utf8 map: it does not contain
-# box-drawing and some other characters.  Besides this map contains
-# several koi8-u and Byelorussian letters which are not in koi8-r.
-# If you need a full and standard map, use contrib/unicode2nginx/koi-utf
-# map instead.
-
-charset_map  koi8-r  utf-8 {
-
-    80  E282AC ; # euro
-
-    95  E280A2 ; # bullet
-
-    9A  C2A0 ;   # &nbsp;
-
-    9E  C2B7 ;   # &middot;
-
-    A3  D191 ;   # small yo
-    A4  D194 ;   # small Ukrainian ye
-
-    A6  D196 ;   # small Ukrainian i
-    A7  D197 ;   # small Ukrainian yi
-
-    AD  D291 ;   # small Ukrainian soft g
-    AE  D19E ;   # small Byelorussian short u
-
-    B0  C2B0 ;   # &deg;
-
-    B3  D081 ;   # capital YO
-    B4  D084 ;   # capital Ukrainian YE
-
-    B6  D086 ;   # capital Ukrainian I
-    B7  D087 ;   # capital Ukrainian YI
-
-    B9  E28496 ; # numero sign
-
-    BD  D290 ;   # capital Ukrainian soft G
-    BE  D18E ;   # capital Byelorussian short U
-
-    BF  C2A9 ;   # (C)
-
-    C0  D18E ;   # small yu
-    C1  D0B0 ;   # small a
-    C2  D0B1 ;   # small b
-    C3  D186 ;   # small ts
-    C4  D0B4 ;   # small d
-    C5  D0B5 ;   # small ye
-    C6  D184 ;   # small f
-    C7  D0B3 ;   # small g
-    C8  D185 ;   # small kh
-    C9  D0B8 ;   # small i
-    CA  D0B9 ;   # small j
-    CB  D0BA ;   # small k
-    CC  D0BB ;   # small l
-    CD  D0BC ;   # small m
-    CE  D0BD ;   # small n
-    CF  D0BE ;   # small o
-
-    D0  D0BF ;   # small p
-    D1  D18F ;   # small ya
-    D2  D180 ;   # small r
-    D3  D181 ;   # small s
-    D4  D182 ;   # small t
-    D5  D183 ;   # small u
-    D6  D0B6 ;   # small zh
-    D7  D0B2 ;   # small v
-    D8  D18C ;   # small soft sign
-    D9  D18B ;   # small y
-    DA  D0B7 ;   # small z
-    DB  D188 ;   # small sh
-    DC  D18D ;   # small e
-    DD  D189 ;   # small shch
-    DE  D187 ;   # small ch
-    DF  D18A ;   # small hard sign
-
-    E0  D0AE ;   # capital YU
-    E1  D090 ;   # capital A
-    E2  D091 ;   # capital B
-    E3  D0A6 ;   # capital TS
-    E4  D094 ;   # capital D
-    E5  D095 ;   # capital YE
-    E6  D0A4 ;   # capital F
-    E7  D093 ;   # capital G
-    E8  D0A5 ;   # capital KH
-    E9  D098 ;   # capital I
-    EA  D099 ;   # capital J
-    EB  D09A ;   # capital K
-    EC  D09B ;   # capital L
-    ED  D09C ;   # capital M
-    EE  D09D ;   # capital N
-    EF  D09E ;   # capital O
-
-    F0  D09F ;   # capital P
-    F1  D0AF ;   # capital YA
-    F2  D0A0 ;   # capital R
-    F3  D0A1 ;   # capital S
-    F4  D0A2 ;   # capital T
-    F5  D0A3 ;   # capital U
-    F6  D096 ;   # capital ZH
-    F7  D092 ;   # capital V
-    F8  D0AC ;   # capital soft sign
-    F9  D0AB ;   # capital Y
-    FA  D097 ;   # capital Z
-    FB  D0A8 ;   # capital SH
-    FC  D0AD ;   # capital E
-    FD  D0A9 ;   # capital SHCH
-    FE  D0A7 ;   # capital CH
-    FF  D0AA ;   # capital hard sign
-}

etc/nginx-rhel/koi-win

@@ -1,103 +0,0 @@
-
-charset_map  koi8-r  windows-1251 {
-
-    80  88 ; # euro
-
-    95  95 ; # bullet
-
-    9A  A0 ; #  
-
-    9E  B7 ; # ·
-
-    A3  B8 ; # small yo
-    A4  BA ; # small Ukrainian ye
-
-    A6  B3 ; # small Ukrainian i
-    A7  BF ; # small Ukrainian yi
-
-    AD  B4 ; # small Ukrainian soft g
-    AE  A2 ; # small Byelorussian short u
-
-    B0  B0 ; # °
-
-    B3  A8 ; # capital YO
-    B4  AA ; # capital Ukrainian YE
-
-    B6  B2 ; # capital Ukrainian I
-    B7  AF ; # capital Ukrainian YI
-
-    B9  B9 ; # numero sign
-
-    BD  A5 ; # capital Ukrainian soft G
-    BE  A1 ; # capital Byelorussian short U
-
-    BF  A9 ; # (C)
-
-    C0  FE ; # small yu
-    C1  E0 ; # small a
-    C2  E1 ; # small b
-    C3  F6 ; # small ts
-    C4  E4 ; # small d
-    C5  E5 ; # small ye
-    C6  F4 ; # small f
-    C7  E3 ; # small g
-    C8  F5 ; # small kh
-    C9  E8 ; # small i
-    CA  E9 ; # small j
-    CB  EA ; # small k
-    CC  EB ; # small l
-    CD  EC ; # small m
-    CE  ED ; # small n
-    CF  EE ; # small o
-
-    D0  EF ; # small p
-    D1  FF ; # small ya
-    D2  F0 ; # small r
-    D3  F1 ; # small s
-    D4  F2 ; # small t
-    D5  F3 ; # small u
-    D6  E6 ; # small zh
-    D7  E2 ; # small v
-    D8  FC ; # small soft sign
-    D9  FB ; # small y
-    DA  E7 ; # small z
-    DB  F8 ; # small sh
-    DC  FD ; # small e
-    DD  F9 ; # small shch
-    DE  F7 ; # small ch
-    DF  FA ; # small hard sign
-
-    E0  DE ; # capital YU
-    E1  C0 ; # capital A
-    E2  C1 ; # capital B
-    E3  D6 ; # capital TS
-    E4  C4 ; # capital D
-    E5  C5 ; # capital YE
-    E6  D4 ; # capital F
-    E7  C3 ; # capital G
-    E8  D5 ; # capital KH
-    E9  C8 ; # capital I
-    EA  C9 ; # capital J
-    EB  CA ; # capital K
-    EC  CB ; # capital L
-    ED  CC ; # capital M
-    EE  CD ; # capital N
-    EF  CE ; # capital O
-
-    F0  CF ; # capital P
-    F1  DF ; # capital YA
-    F2  D0 ; # capital R
-    F3  D1 ; # capital S
-    F4  D2 ; # capital T
-    F5  D3 ; # capital U
-    F6  C6 ; # capital ZH
-    F7  C2 ; # capital V
-    F8  DC ; # capital soft sign
-    F9  DB ; # capital Y
-    FA  C7 ; # capital Z
-    FB  D8 ; # capital SH
-    FC  DD ; # capital E
-    FD  D9 ; # capital SHCH
-    FE  D7 ; # capital CH
-    FF  DA ; # capital hard sign
-}

etc/nginx-rhel/mime.types

@@ -1,89 +0,0 @@
-
-types {
-    text/html                             html htm shtml;
-    text/css                              css;
-    text/xml                              xml;
-    image/gif                             gif;
-    image/jpeg                            jpeg jpg;
-    application/javascript                js;
-    application/atom+xml                  atom;
-    application/rss+xml                   rss;
-
-    text/mathml                           mml;
-    text/plain                            txt;
-    text/vnd.sun.j2me.app-descriptor      jad;
-    text/vnd.wap.wml                      wml;
-    text/x-component                      htc;
-
-    image/png                             png;
-    image/tiff                            tif tiff;
-    image/vnd.wap.wbmp                    wbmp;
-    image/x-icon                          ico;
-    image/x-jng                           jng;
-    image/x-ms-bmp                        bmp;
-    image/svg+xml                         svg svgz;
-    image/webp                            webp;
-
-    application/font-woff                 woff;
-    application/java-archive              jar war ear;
-    application/json                      json;
-    application/mac-binhex40              hqx;
-    application/msword                    doc;
-    application/pdf                       pdf;
-    application/postscript                ps eps ai;
-    application/rtf                       rtf;
-    application/vnd.apple.mpegurl         m3u8;
-    application/vnd.ms-excel              xls;
-    application/vnd.ms-fontobject         eot;
-    application/vnd.ms-powerpoint         ppt;
-    application/vnd.wap.wmlc              wmlc;
-    application/vnd.google-earth.kml+xml  kml;
-    application/vnd.google-earth.kmz      kmz;
-    application/x-7z-compressed           7z;
-    application/x-cocoa                   cco;
-    application/x-java-archive-diff       jardiff;
-    application/x-java-jnlp-file          jnlp;
-    application/x-makeself                run;
-    application/x-perl                    pl pm;
-    application/x-pilot                   prc pdb;
-    application/x-rar-compressed          rar;
-    application/x-redhat-package-manager  rpm;
-    application/x-sea                     sea;
-    application/x-shockwave-flash         swf;
-    application/x-stuffit                 sit;
-    application/x-tcl                     tcl tk;
-    application/x-x509-ca-cert            der pem crt;
-    application/x-xpinstall               xpi;
-    application/xhtml+xml                 xhtml;
-    application/xspf+xml                  xspf;
-    application/zip                       zip;
-
-    application/octet-stream              bin exe dll;
-    application/octet-stream              deb;
-    application/octet-stream              dmg;
-    application/octet-stream              iso img;
-    application/octet-stream              msi msp msm;
-
-    application/vnd.openxmlformats-officedocument.wordprocessingml.document    docx;
-    application/vnd.openxmlformats-officedocument.spreadsheetml.sheet          xlsx;
-    application/vnd.openxmlformats-officedocument.presentationml.presentation  pptx;
-
-    audio/midi                            mid midi kar;
-    audio/mpeg                            mp3;
-    audio/ogg                             ogg;
-    audio/x-m4a                           m4a;
-    audio/x-realaudio                     ra;
-
-    video/3gpp                            3gpp 3gp;
-    video/mp2t                            ts;
-    video/mp4                             mp4;
-    video/mpeg                            mpeg mpg;
-    video/quicktime                       mov;
-    video/webm                            webm;
-    video/x-flv                           flv;
-    video/x-m4v                           m4v;
-    video/x-mng                           mng;
-    video/x-ms-asf                        asx asf;
-    video/x-ms-wmv                        wmv;
-    video/x-msvideo                       avi;
-}

etc/nginx-rhel/nginx.conf

@@ -1,87 +0,0 @@
-user nginx;
-worker_processes auto;
-pid /run/nginx.pid;
-include /etc/nginx/modules-enabled/*.conf;
-
-events {
-	worker_connections 768;
-	# multi_accept on;
-}
-
-http {
-
-	##
-	# Basic Settings
-	##
-
-	sendfile on;
-	tcp_nopush on;
-	tcp_nodelay on;
-	keepalive_timeout 65;
-	types_hash_max_size 2048;
-	server_tokens off;
-
-	# server_names_hash_bucket_size 64;
-	# server_name_in_redirect off;
-
-	include /etc/nginx/mime.types;
-	default_type application/octet-stream;
-
-	##
-	# SSL Settings
-	##
-
-	ssl_protocols TLSv1 TLSv1.1 TLSv1.2; # Dropping SSLv3, ref: POODLE
-	ssl_prefer_server_ciphers on;
-	# Set Stronger Diffie-Hellman key exchange
-	#ssl_dhparam /etc/nginx/ssl/dhparam.pem;
-
-	##
-	# Logging Settings
-	##
-
-	access_log /var/log/nginx/access.log;
-	error_log /var/log/nginx/error.log;
-
-	##
-	# Gzip Settings
-	##
-
-	gzip on;
-
-	# gzip_vary on;
-	# gzip_proxied any;
-	# gzip_comp_level 6;
-	# gzip_buffers 16 8k;
-	# gzip_http_version 1.1;
-	# gzip_types text/plain text/css application/json application/javascript text/xml application/xml application/xml+rss text/javascript;
-
-	##
-	# Virtual Host Configs
-	##
-
-	include /etc/nginx/conf.d/*.conf;
-	include /etc/nginx/sites-enabled/*;
-}
-
-
-#mail {
-#	# See sample authentication script at:
-#	# http://wiki.nginx.org/ImapAuthenticateWithApachePhpScript
-# 
-#	# auth_http localhost/auth.php;
-#	# pop3_capabilities "TOP" "USER";
-#	# imap_capabilities "IMAP4rev1" "UIDPLUS";
-# 
-#	server {
-#		listen     localhost:110;
-#		protocol   pop3;
-#		proxy      on;
-#	}
-# 
-#	server {
-#		listen     localhost:143;
-#		protocol   imap;
-#		proxy      on;
-#	}
-#}

etc/nginx-rhel/proxy_params

@@ -1,4 +0,0 @@
-proxy_set_header Host $http_host;
-proxy_set_header X-Real-IP $remote_addr;
-proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-proxy_set_header X-Forwarded-Proto $scheme;

etc/nginx-rhel/scgi_params

@@ -1,17 +0,0 @@
-
-scgi_param  REQUEST_METHOD     $request_method;
-scgi_param  REQUEST_URI        $request_uri;
-scgi_param  QUERY_STRING       $query_string;
-scgi_param  CONTENT_TYPE       $content_type;
-
-scgi_param  DOCUMENT_URI       $document_uri;
-scgi_param  DOCUMENT_ROOT      $document_root;
-scgi_param  SCGI               1;
-scgi_param  SERVER_PROTOCOL    $server_protocol;
-scgi_param  REQUEST_SCHEME     $scheme;
-scgi_param  HTTPS              $https if_not_empty;
-
-scgi_param  REMOTE_ADDR        $remote_addr;
-scgi_param  REMOTE_PORT        $remote_port;
-scgi_param  SERVER_PORT        $server_port;
-scgi_param  SERVER_NAME        $server_name;

etc/nginx-rhel/sites-available/mediawiki-ssl.conf

@@ -1,84 +0,0 @@
-
-server {
-	listen 80;
-	listen [::]:80;
-	server_name localhost;
-	# Redirect HTTP to HTTPS
-	return 301 https://$host$request_uri;
-}
-
-server {
-	# SSL configuration
-	#
-	listen 443 ssl;
-	listen [::]:443;
-    ssl_certificate /etc/letsencrypt/live/wiki.castanedo.es/fullchain.pem; # managed by Certbot
-    ssl_certificate_key /etc/letsencrypt/live/wiki.castanedo.es/privkey.pem; # managed by Certbot
-	#
-	# Note: You should disable gzip for SSL traffic.
-	# See: https://bugs.debian.org/773332
-	#
-	# Read up on ssl_ciphers to ensure a secure configuration.
-	# See: https://bugs.debian.org/765782
-	#
-	# Self signed certs generated by the ssl-cert package
-	# Don't use them in a production server!
-	#
-	# include snippets/snakeoil.conf;
-
-	root /var/www/wiki;
-
-	# Add index.php to the list if you are using PHP
-	index index.php index.html index.htm;
-
-	server_name localhost;
-
-	access_log /var/log/nginx/wiki-access.log;
-	error_log /var/log/nginx/wiki-error.log;
-
-	# Activate HSTS (HTTP Strict Transport Security)
-	# Note: reinclude if in a location a header is set
-	include snippets/hsts.conf;
-
-	# Allow favicon.ico, robots.txt, .well-known/
-	# Deny *.txt, *.log, .*/*.php, .*, *.json, .lock, *.ht
-	include snippets/allowed.conf;
-	include snippets/denied.conf;
-
-	location / {
-		# First attempt to serve request as file, then
-		# as directory, then fall back to displaying a 404.
-		try_files $uri $uri/ =404;
-		error_page 404 = @mediawiki;
-	}
-	# Rewrite for Short-URL
-	location @mediawiki {
-		rewrite ^/wiki([^?]*)(?:\?(.*))? /index.php?title=$1&$2 last;
-	}
-
-	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
-	#
-	location ~ \.php$ {
-		include snippets/fastcgi-php.conf;
-	#	# With php7.2-fpm:
-		fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
-	}
-	
-	# Disable php in /images/ (security)
-	location ^~ /images/ {
-		#Served like static files
-	}
-	# Deny access to deleted images folder
-	location ^~ /images/deleted/ {
-		deny all;
-	}
-	# Deny access to MediaWiki dirs
-	location ^~ /cache/ { deny all; }
-	location ^~ /languages/ { deny all; }
-	location ^~ /maintenance/ { deny all; }
-	location ^~ /serialized/ { deny all; }
-	location ^~ /mw-config/ { deny all; }
-	# Deny .svn and .git
-	location ~ /.(svn|git)(/|$) { deny all; }
-}
-

etc/nginx-rhel/sites-available/mediawiki.conf

@@ -1,61 +0,0 @@
-
-server {
-	listen 80;
-	listen [::]:80;
-
-	root /var/www/wiki;
-
-	# Add index.php to the list if you are using PHP
-	index index.php index.html index.htm;
-
-	server_name localhost;
-
-	access_log /var/log/nginx/wiki-access.log;
-	error_log /var/log/nginx/wiki-error.log;
-
-	# Activate HSTS (HTTP Strict Transport Security)
-	# Note: reinclude if in a location a header is set
-	include snippets/hsts.conf;
-
-	# Allow favicon.ico, robots.txt, .well-known/
-	# Deny *.txt, *.log, .*/*.php, .*, *.json, .lock, *.ht
-	include snippets/allowed.conf;
-	include snippets/denied.conf;
-
-	location / {
-		# First attempt to serve request as file, then
-		# as directory, then fall back to displaying a 404.
-		try_files $uri $uri/ =404;
-		error_page 404 = @mediawiki;
-	}
-	# Rewrite for Short-URL
-	location @mediawiki {
-		rewrite ^/wiki([^?]*)(?:\?(.*))? /index.php?title=$1&$2 last;
-	}
-
-	# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
-	#
-	location ~ \.php$ {
-		include snippets/fastcgi-php.conf;
-	#	# With php7.2-fpm:
-		fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
-	}
-	
-	# Disable php in /images/ (security)
-	location ^~ /images/ {
-		#Served like static files
-	}
-	# Deny access to deleted images folder
-	location ^~ /images/deleted/ {
-		deny all;
-	}
-	# Deny access to MediaWiki dirs
-	location ^~ /cache/ { deny all; }
-	location ^~ /languages/ { deny all; }
-	location ^~ /maintenance/ { deny all; }
-	location ^~ /serialized/ { deny all; }
-	location ^~ /mw-config/ { deny all; }
-	# Deny .svn and .git
-	location ~ /.(svn|git)(/|$) { deny all; }
-}
-

etc/nginx-rhel/sites-available/phpinfo.conf

@@ -1,53 +0,0 @@
-##
-# You should look at the following URL's in order to grasp a solid understanding
-# of Nginx configuration files in order to fully unleash the power of Nginx.
-# https://www.nginx.com/resources/wiki/start/
-# https://www.nginx.com/resources/wiki/start/topics/tutorials/config_pitfalls/
-# https://wiki.debian.org/Nginx/DirectoryStructure
-#
-# In most cases, administrators will remove this file from sites-enabled/ and
-# leave it as reference inside of sites-available where it will continue to be
-# updated by the nginx packaging team.
-#
-# This file will automatically load configuration files provided by other
-# applications, such as Drupal or Wordpress. These applications will be made
-# available underneath a path with that package name, such as /drupal8.
-#
-# Please see /usr/share/doc/nginx-doc/examples/ for more detailed examples.
-##
-
-server {
-	listen 80;
-	listen [::]:80;
-
-	root /var/www/html;
-
-	# Add index.php to the list if you are using PHP
-	index index.html index.htm index.php;
-
-	server_name localhost;
-
-	location / {
-		# First attempt to serve request as file, then
-		# as directory, then fall back to displaying a 404.
-		try_files $uri $uri/ =404;
-	}
-
-	# pass PHP scripts to FastCGI server
-	#
-	location ~ \.php$ {
-		include snippets/fastcgi-php.conf;
-	#
-		# With php-fpm (or other unix sockets):
-		fastcgi_pass unix:/var/run/php-fpm/php-fpm.sock;
-	#	# With php-cgi (or other tcp sockets):
-	#	fastcgi_pass 127.0.0.1:9000;
-	}
-
-	# deny access to .htaccess files, if Apache's document root
-	# concurs with nginx's one
-	#
-	#location ~ /\.ht {
-	#	deny all;
-	#}
-}

etc/nginx-rhel/snippets/allowed.conf

@@ -1,17 +0,0 @@
-# Allow favicon.ico, robots.txt, .well-known/
-location = /favicon.ico {
-	log_not_found off;
-	access_log off;
-}
-
-location = /robots.txt {
-	allow all;
-	log_not_found off;
-	access_log off;
-}
-
-# Allow "Well-Known URIs" as pwe RFC 5785 (e.g. Let's Encrypt)
-location ~* ^/.well-known/ {
-	auth_basic off;
-	allow all;
-}

etc/nginx-rhel/snippets/denied.conf

@@ -1,26 +0,0 @@
-# Deny *.txt, *.log, .*/*.php, .*, *.json, .lock, *.ht
-
-# Not allow txt or logs to be downloaded
-location ~* \.(txt|log)$ {
-	deny all;
-}
-
-# Not allow execute php in hidden folders
-location ~ \..*/.\.php$ {
-	return 403;
-}
-
-# Not allow "hidden files"
-location ~ (^|/)\. {
-	return 403;
-}
-
-# Not allow *.json or *.lock
-location ~* \.(json|lock)$ {
-	return 403;
-}
-
-# Deny *.ht
-location ~ /\.ht {
-	deny all;
-}

etc/nginx-rhel/snippets/fastcgi-php.conf

@@ -1,13 +0,0 @@
-# regex to split $uri to $fastcgi_script_name and $fastcgi_path
-fastcgi_split_path_info ^(.+\.php)(/.+)$;
-
-# Check that the PHP script exists before passing it
-try_files $fastcgi_script_name =404;
-
-# Bypass the fact that try_files resets $fastcgi_path_info
-# see: http://trac.nginx.org/nginx/ticket/321
-set $path_info $fastcgi_path_info;
-fastcgi_param PATH_INFO $path_info;
-
-fastcgi_index index.php;
-include fastcgi.conf;

etc/nginx-rhel/snippets/hsts.conf

@@ -1,4 +0,0 @@
-# Activate HSTS (HTTP Strict Transport Security)
-# Note: if we set another header in a location we've to
-#       rewrite it
-add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;

etc/nginx-rhel/snippets/snakeoil.conf

@@ -1,5 +0,0 @@
-# Self signed certificates generated by the ssl-cert package
-# Don't use them in a production server!
-
-ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
-ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;

etc/nginx-rhel/uwsgi_params

@@ -1,17 +0,0 @@
-
-uwsgi_param  QUERY_STRING       $query_string;
-uwsgi_param  REQUEST_METHOD     $request_method;
-uwsgi_param  CONTENT_TYPE       $content_type;
-uwsgi_param  CONTENT_LENGTH     $content_length;
-
-uwsgi_param  REQUEST_URI        $request_uri;
-uwsgi_param  PATH_INFO          $document_uri;
-uwsgi_param  DOCUMENT_ROOT      $document_root;
-uwsgi_param  SERVER_PROTOCOL    $server_protocol;
-uwsgi_param  REQUEST_SCHEME     $scheme;
-uwsgi_param  HTTPS              $https if_not_empty;
-
-uwsgi_param  REMOTE_ADDR        $remote_addr;
-uwsgi_param  REMOTE_PORT        $remote_port;
-uwsgi_param  SERVER_PORT        $server_port;
-uwsgi_param  SERVER_NAME        $server_name;

etc/nginx-rhel/win-utf

@@ -1,125 +0,0 @@
-# This map is not a full windows-1251 <> utf8 map: it does not
-# contain Serbian and Macedonian letters.	If you need a full map,
-# use contrib/unicode2nginx/win-utf map instead.
-
-charset_map	windows-1251	utf-8 {
-
-	82	E2809A; # single low-9 quotation mark
-
-	84	E2809E; # double low-9 quotation mark
-	85	E280A6; # ellipsis
-	86	E280A0; # dagger
-	87	E280A1; # double dagger
-	88	E282AC; # euro
-	89	E280B0; # per mille
-
-	91	E28098; # left single quotation mark
-	92	E28099; # right single quotation mark
-	93	E2809C; # left double quotation mark
-	94	E2809D; # right double quotation mark
-	95	E280A2; # bullet
-	96	E28093; # en dash
-	97	E28094; # em dash
-
-	99	E284A2; # trade mark sign
-
-	A0	C2A0;   # &nbsp;
-	A1	D18E;   # capital Byelorussian short U
-	A2	D19E;   # small Byelorussian short u
-
-	A4	C2A4;   # currency sign
-	A5	D290;   # capital Ukrainian soft G
-	A6	C2A6;   # borken bar
-	A7	C2A7;   # section sign
-	A8	D081;   # capital YO
-	A9	C2A9;   # (C)
-	AA	D084;   # capital Ukrainian YE
-	AB	C2AB;   # left-pointing double angle quotation mark
-	AC	C2AC;   # not sign
-	AD	C2AD;   # soft hypen
-	AE	C2AE;   # (R)
-	AF	D087;   # capital Ukrainian YI
-
-	B0	C2B0;   # &deg;
-	B1	C2B1;   # plus-minus sign
-	B2	D086;   # capital Ukrainian I
-	B3	D196;   # small Ukrainian i
-	B4	D291;   # small Ukrainian soft g
-	B5	C2B5;   # micro sign
-	B6	C2B6;   # pilcrow sign
-	B7	C2B7;   # &middot;
-	B8	D191;   # small yo
-	B9	E28496; # numero sign
-	BA	D194;   # small Ukrainian ye
-	BB	C2BB;   # right-pointing double angle quotation mark
-
-	BF	D197;   # small Ukrainian yi
-
-	C0	D090;   # capital A
-	C1	D091;   # capital B
-	C2	D092;   # capital V
-	C3	D093;   # capital G
-	C4	D094;   # capital D
-	C5	D095;   # capital YE
-	C6	D096;   # capital ZH
-	C7	D097;   # capital Z
-	C8	D098;   # capital I
-	C9	D099;   # capital J
-	CA	D09A;   # capital K
-	CB	D09B;   # capital L
-	CC	D09C;   # capital M
-	CD	D09D;   # capital N
-	CE	D09E;   # capital O
-	CF	D09F;   # capital P
-
-	D0	D0A0;   # capital R
-	D1	D0A1;   # capital S
-	D2	D0A2;   # capital T
-	D3	D0A3;   # capital U
-	D4	D0A4;   # capital F
-	D5	D0A5;   # capital KH
-	D6	D0A6;   # capital TS
-	D7	D0A7;   # capital CH
-	D8	D0A8;   # capital SH
-	D9	D0A9;   # capital SHCH
-	DA	D0AA;   # capital hard sign
-	DB	D0AB;   # capital Y
-	DC	D0AC;   # capital soft sign
-	DD	D0AD;   # capital E
-	DE	D0AE;   # capital YU
-	DF	D0AF;   # capital YA
-
-	E0	D0B0;   # small a
-	E1	D0B1;   # small b
-	E2	D0B2;   # small v
-	E3	D0B3;   # small g
-	E4	D0B4;   # small d
-	E5	D0B5;   # small ye
-	E6	D0B6;   # small zh
-	E7	D0B7;   # small z
-	E8	D0B8;   # small i
-	E9	D0B9;   # small j
-	EA	D0BA;   # small k
-	EB	D0BB;   # small l
-	EC	D0BC;   # small m
-	ED	D0BD;   # small n
-	EE	D0BE;   # small o
-	EF	D0BF;   # small p
-
-	F0	D180;   # small r
-	F1	D181;   # small s
-	F2	D182;   # small t
-	F3	D183;   # small u
-	F4	D184;   # small f
-	F5	D185;   # small kh
-	F6	D186;   # small ts
-	F7	D187;   # small ch
-	F8	D188;   # small sh
-	F9	D189;   # small shch
-	FA	D18A;   # small hard sign
-	FB	D18B;   # small y
-	FC	D18C;   # small soft sign
-	FD	D18D;   # small e
-	FE	D18E;   # small yu
-	FF	D18F;   # small ya
-}

install

@@ -728,11 +728,7 @@ configurarNginx() {
 	# Configuramos Nginx
 	rm -Rf /etc/$webServerName/* 2>/dev/null
 	comprobarError $? 107
-	if [ $debianOS = true ];then
-		nginxConfFile="./etc/$webServerName-debian"
-	elif [ $rhelOS = true ];then
-		nginxConfFile="./etc/$webServerName-rhel"
-	fi
+	nginxConfFile="./etc/$webServerName"
 	if [ -d "$nginxConfFile" ];then
 		cp -Rf $nginxConfFile/* /etc/$webServerName/ 2>/dev/null
 		comprobarError $? 107
@@ -747,33 +743,54 @@ configurarNginx() {
 		mkdir "/etc/$webServerName/sites-enabled" 2>/dev/null
 		comprobarError $? 5 "$webServerRoot/sites-enabled"
 	fi
-	webServerUser=$(grep ^user /etc/$webServerName/nginx.conf | cut -d ' ' -f 2 | cut -d ';' -f 1)
-	webServerGroup=$webServerUser
+	# Configuramos Usuario y Grupo
+	if [ $debianOS = true ];then
+		webServerUser="www-data"
+		webServerGroup=$webServerUser
+	elif [ $rhelOS = true ];then
+		webServerUser="nginx"
+		webServerGroup=$webServerUser
+	fi
+	sed -i '/user /c\user '$webServerUser';' /etc/$webServerName/nginx.conf
+	comprobarError $? 107
 	unset nginxConfFile
 }
 
 instalarVirtualHost() {
 	# Configuramos un Virtual Host para Apache o Nginx
-	# Uso: instalarVirtualHost $virtualHost $virtualHostName
+	# Uso: instalarVirtualHost $root $dominio $virtualHost
 	webServerRoot=$(realpath "/etc/$webServerName/")
-	if [ $# -eq 1 ];then
-		virtualHost=$(realpath $1)
-		virtualHostName=$(basename $virtualHost)
-	elif [ $# -eq 2 ];then
-		virtualHost=$(realpath $1)
-		virtualHostName=$2
+	if [ $# -eq 3 ];then
+		rootVirtualHost=$(realpath $1)
+		dominioVirtualHost=$2
+		virtualHostFile=$(realpath $3)
+		virtualHostName=$dominioVirtualHost".conf"
 	else
 		comprobarError 1 908
 	fi
-	if [ ! -f $virtualHost ];then
+	if [ ! -f $virtualHostFile ];then
 		comprobarError 1 909 $virtualHostName
 	fi
-	cp -f $virtualHost "$webServerRoot/sites-available/$virtualHostName" >> $logFile 2>&1
+	if [ $nginxOn = true ];then
+		# Configuramos root, dominio, logs y php-fpm.sock (NGINX)
+		sed -i '/root/c\\troot '/var/www/$dominioVirtualHost';' $virtualHostFile
+		comprobarError $? 502
+		sed -i '/server_name/c\\tserver_name '$dominioVirtualHost';' $virtualHostFile
+		comprobarError $? 502
+		sed -i '/access_log/c\\taccess_log /var/log/nginx/'$dominioVirtualHost'-access.log;' $virtualHostFile
+		comprobarError $? 502
+		sed -i '/error_log/c\\terror_log /var/log/nginx/'$dominioVirtualHost'-error.log;' $virtualHostFile
+		comprobarError $? 502
+		socket=$(find /var/run/ -type s -name 'php*.sock')
+		sed -i '/fastcgi_pass/c\\t\tfastcgi_pass unix:'$socket';' $virtualHostFile
+	fi
+	# Copiamos ficheros de configuración
+	cp -f $virtualHostFile "$webServerRoot/sites-available/$virtualHostName" >> $logFile 2>&1
 	comprobarError $? 910
 	ln -s "$webServerRoot/sites-available/$virtualHostName" "$webServerRoot/sites-enabled/$virtualHostName" >> $logFile 2>&1
 	comprobarError $? 911 $virtualHostName
 	recargarServicio $webServerName
-	unset webServerRoot virtualHost virtualHostName
+	unset webServerRoot rootVirtualHost dominioVirtualHost virtualHostFile virtualHostName
 }
 
 mostrarDatabase() {
@@ -1011,12 +1028,8 @@ instalarPHPInfo() {
 		comprobarError $? 106
 		unset infoFile
 		# Instalar VirtualHost
-		if [ $debianOS = true ];then
-			virtualHost="./etc/$webServerName-debian/sites-available/phpinfo.conf"
-		elif [ $rhelOS = true ];then
-			virtualHost="./etc/$webServerName-rhel/sites-available/phpinfo.conf"
-		fi
-		instalarVirtualHost $virtualHost
+		virtualHost="./etc/$webServerName/sites-available/phpinfo.conf"
+		instalarVirtualHost "/var/www/html" "localhost" $virtualHost
 		unset virtualHost
 		return 0
 	else
@@ -1219,32 +1232,17 @@ configurarMediaWiki() {
 	# Configuramos LocalSettings.php
 	# Configuramos VirtualHost
 	if [ $nginxOn = true ];then
-		if [ $debianOS = true ] && [ $sslOn = false ]; then
-			virtualHost="./etc/nginx-debian/sites-available/mediawiki.conf"
-		elif [ $debianOS = true ] && [ $sslOn = true ]; then
-			virtualHost="./etc/nginx-debian/sites-available/mediawiki-ssl.conf"
-		elif [ $rhelOS = true ] && [ $sslOn = false ]; then
-			virtualHost="./etc/nginx-rhel/sites-available/mediawiki.conf"
-		elif [ $rhelOS = true ] && [ $sslOn = true ]; then
-			virtualHost="./etc/nginx-rhel/sites-available/mediawiki-ssl.conf"
+		if [ $sslOn = true ];then
+			virtualHost="./etc/nginx/sites-available/mediawiki-ssl.conf"
+		else
+			virtualHost="./etc/nginx/sites-available/mediawiki.conf"
 		fi
 		if [ ! -f $virtualHost ];then
 			comprobarError $? 502
 		fi
-		# Configuramos root, dominio, logs y php-fpm.sock
-		sed -i '/root/c\\troot '/var/www/$dominioMediaWiki';' $virtualHost
-		comprobarError $? 502
-		sed -i '/server_name/c\\tserver_name '$dominioMediaWiki';' $virtualHost
-		comprobarError $? 502
-		sed -i '/access_log/c\\taccess_log /var/log/nginx/'$dominioMediaWiki'-access.log;' $virtualHost
-		comprobarError $? 502
-		sed -i '/error_log/c\\terror_log /var/log/nginx/'$dominioMediaWiki'-error.log;' $virtualHost
-		comprobarError $? 502
-		socket=$(find /var/run/ -type s -name 'php*.sock')
-		sed -i '/fastcgi_pass/c\\t\tfastcgi_pass unix:'$socket';' $virtualHost
 		comprobarError $? 502
 	fi
-	instalarVirtualHost $virtualHost $dominioMediWiki
+	instalarVirtualHost "/etc/$webServerName/" $dominioMediaWiki $virtualHost
 	unset virtualHost socket
 }