Differences

This shows you the differences between two versions of the page.

--- servers:linux:nginx_php_php-fpm [2025/04/25 00:45] – [Let's Encrypt] Sean Rhone
+++ servers:linux:nginx_php_php-fpm [2025/07/13 23:02] (current) – Sean Rhone
@@ Line 9: / Line 9: @@
   * [[linux:distros:server:opensuse_tumbleweed_server|openSUSE Tumbleweed (Server)]]
-===== Resources =====
-  * [[https://www.ssllabs.com/ssltest/analyze.html?d=wiki.realmofespionage.xyz|Qualys SSL Test]]
-  * https://fedoraproject.org/wiki/Nginx
-==== Old ====
-  * [[https://cipherli.st/|Cipherli.st]]
-  * [[https://securityheaders.com/?q=wiki.realmofespionage.xyz&followRedirects=on|Security Headers]]
-  * [[https://dev.ssllabs.com/ssltest/analyze.html?d=wiki.realmofespionage.xyz|Qualys SSL Test (dev)]]
-  * https://cs.chromium.org/chromium/src/third_party/blink/renderer/platform/feature_policy/feature_policy.cc?l=138&rcl=ab90b51c5b60de15054a32b0bd18e4839536a1c9
-  * https://infosec.mozilla.org
-  * https://gist.github.com/plentz/6737338
-  * https://scotthelme.co.uk
-  * https://mozilla.github.io/server-side-tls/ssl-config-generator
 ====== Dependencies ======
@@ Line 43: / Line 27: @@
   sudo firewall-cmd --add-service='http' --permanent && sudo firewall-cmd --add-service='https' --permanent && sudo firewall-cmd --reload
-====== SELinux ======
-===== DokuWiki =====
-  * 2023/09/12
-  sudo setsebool -P 'httpd_graceful_shutdown' '1'
-  sudo setsebool -P 'nis_enabled' '1'
-  sudo setsebool -P 'httpd_can_network_connect' '1'
-  sudo setsebool -P 'httpd_can_network_relay' '1'
 ====== Services ======
@@ Line 80: / Line 50: @@
   nano '/etc/nginx/nginx.conf~'
-===== Backup =====
+===== php.ini =====
-  sudo mv '/etc/nginx/default.d/php.conf' '/etc/nginx/default.d/php.conf~'
+  nano '/etc/php8/cli/php.ini'
-  sudo mv '/etc/nginx/conf.d/php-fpm.conf' '/etc/nginx/conf.d/php-fpm.conf~'
-===== View =====
-  nano '/etc/nginx/default.d/php.conf~'
-  nano '/etc/nginx/conf.d/php-fpm.conf~'
-  nano '/etc/php.ini'
 ====== nginx Settings ======
@@ Line 219: / Line 179: @@
 <code>
-# SSL
 ssl_certificate '/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem';
 ssl_trusted_certificate '/etc/letsencrypt/live/realmofespionage.xyz/fullchain.pem';
@@ Line 234: / Line 192: @@
 ssl_prefer_server_ciphers 'on';
 ssl_ecdh_curve 'secp384r1';
-ssl_stapling 'on';
-ssl_stapling_verify 'on';
 # End</code>
+====== TODOs ======
+===== Resources =====
+  * https://nginx.org/en/docs/windows.html
+  * https://gist.github.com/odan/b5f7de8dfbdbf76bef089776c868fea1
+  * https://certbot.eff.org/instructions?ws=other&os=pip
+  * https://community.letsencrypt.org/t/using-certbot-in-windows-the-pragmatic-way/173929
+  * https://www.php.net/manual/en/image.installation.php
+  * [[https://www.ssllabs.com/ssltest/analyze.html?d=wiki.realmofespionage.xyz|Qualys SSL Test]]
+==== Old ====
+  * [[https://cipherli.st/|Cipherli.st]]
+  * [[https://securityheaders.com/?q=wiki.realmofespionage.xyz&followRedirects=on|Security Headers]]
+  * [[https://dev.ssllabs.com/ssltest/analyze.html?d=wiki.realmofespionage.xyz|Qualys SSL Test (dev)]]
+  * https://cs.chromium.org/chromium/src/third_party/blink/renderer/platform/feature_policy/feature_policy.cc?l=138&rcl=ab90b51c5b60de15054a32b0bd18e4839536a1c9
+  * https://infosec.mozilla.org
+  * https://gist.github.com/plentz/6737338
+  * https://scotthelme.co.uk
+  * https://mozilla.github.io/server-side-tls/ssl-config-generator
+  * [[https://www.ssllabs.com/ssltest/analyze.html?d=wiki.realmofespionage.xyz|Qualys SSL Test]]
+  * https://fedoraproject.org/wiki/Nginx