Malin/WPIQ
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update templates

Browse Source
This commit is contained in:
VirtuBox
2019-08-08 08:40:03 +02:00
parent c2641d02cf
commit d1f51f345d
7 changed files with 80 additions and 24 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
install
View File

@@ -667,8 +667,6 @@ wo_tweak_kernel() {
fi fi
# apply sysctl tweaks # apply sysctl tweaks
sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf
else
sysctl -eq -p /etc/sysctl.d/60-wo-tweaks.conf
fi fi
fi fi
if [ ! -x /opt/wo-kernel.sh ]; then if [ ! -x /opt/wo-kernel.sh ]; then

8
wo/cli/templates/fastcgi.mustache
View File

@@ -1,5 +1,5 @@
# FastCGI cache settings # FastCGI cache settings
fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=60m max_size=256M; fastcgi_cache_path /var/run/nginx-cache levels=1:2 keys_zone=WORDPRESS:50m inactive=6h max_size=256M;
fastcgi_cache_key "$scheme$request_method$host$request_uri"; fastcgi_cache_key "$scheme$request_method$host$request_uri";
fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503; fastcgi_cache_use_stale error timeout invalid_header updating http_500 http_503;
fastcgi_cache_lock on; fastcgi_cache_lock on;
@@ -7,11 +7,11 @@ fastcgi_cache_lock_age 5s;
fastcgi_cache_lock_timeout 5s; fastcgi_cache_lock_timeout 5s;
fastcgi_cache_methods GET HEAD; fastcgi_cache_methods GET HEAD;
fastcgi_cache_background_update on; fastcgi_cache_background_update on;
fastcgi_cache_valid 200 1h; fastcgi_cache_valid 200 24h;
fastcgi_cache_valid 301 302 30m; fastcgi_cache_valid 301 302 30m;
fastcgi_cache_valid 499 502 503 1m; fastcgi_cache_valid 499 502 503 1m;
fastcgi_cache_valid 404 15m; fastcgi_cache_valid 404 1h;
fastcgi_cache_valid any 15m; fastcgi_cache_valid any 1h;
fastcgi_buffers 16 16k; fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k; fastcgi_buffer_size 32k;
fastcgi_param SERVER_NAME $http_host; fastcgi_param SERVER_NAME $http_host;

50
wo/cli/templates/locations.mustache
View File

@@ -7,11 +7,35 @@ location = /favicon.ico {
expires max; expires max;
} }
# Cache static files # Cache static files
location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|webm|mp3|aac|tgz|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp)$ { location ~* \.(ogg|ogv|svg|svgz|eot|otf|woff|woff2|ttf|m4a|mp4|ttf|rss|atom|jpe?g|gif|cur|heic|png|tiff|ico|webm|mp3|aac|tgz|doc|xls|exe|ppt|tar|mid|midi|wav|bmp|rtf|swf|webp|json)$ {
add_header "Access-Control-Allow-Origin" "*"; add_header "Access-Control-Allow-Origin" "*";
access_log off; access_log off;
log_not_found off; log_not_found off;
expires max; expires max;
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types
application/atom+xml
application/javascript
application/json
application/rss+xml
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/svg+xml
image/x-icon
text/css
text/plain
text/x-component
text/xml
text/javascript;
} }
# Cache css & js files # Cache css & js files
location ~* \.(?:css(\.map)?|js(\.map)?)$ { location ~* \.(?:css(\.map)?|js(\.map)?)$ {
@@ -19,6 +43,30 @@ location ~* \.(?:css(\.map)?|js(\.map)?)$ {
access_log off; access_log off;
log_not_found off; log_not_found off;
expires 30d; expires 30d;
gzip on;
gzip_vary on;
gzip_proxied any;
gzip_comp_level 6;
gzip_buffers 16 8k;
gzip_http_version 1.1;
gzip_types
application/atom+xml
application/javascript
application/json
application/rss+xml
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/svg+xml
image/x-icon
text/css
text/plain
text/x-component
text/xml
text/javascript;
} }
# Security settings for better privacy # Security settings for better privacy
# Deny hidden files # Deny hidden files

2
wo/cli/templates/redis.mustache
View File

@@ -17,7 +17,7 @@ location /redis-store {
set_unescape_uri $key $arg_key ; set_unescape_uri $key $arg_key ;
redis2_query set $key $echo_request_body; redis2_query set $key $echo_request_body;
redis2_query expire $key 14400; redis2_query expire $key 14400;
redis2_pass redis; redis2_pass redis;
} }

12
wo/cli/templates/sysctl.mustache
View File

@@ -1,10 +1,10 @@
# Kernel sysctl configuration file for Linux # Kernel sysctl configuration file for Linux
# #
# Version 1.16 - 2019-10-25 # Version 1.18 - 2019-08-07
# Michiel Klaver - IT Professional # Michiel Klaver - IT Professional
# Modified by VirtuBox # Modified by VirtuBox (https://github.com/VirtuBox)
# For WordOps (https://github.com/WordOps/WordOps)
# #
# Instructions available on https://github.com/VirtuBox/ubuntu-nginx-web-server
# #
# Sources : # Sources :
# https://klaver.it/linux/sysctl.conf # https://klaver.it/linux/sysctl.conf
@@ -27,10 +27,6 @@
# http://lartc.org/howto/lartc.kernel.obscure.html # http://lartc.org/howto/lartc.kernel.obscure.html
# http://en.wikipedia.org/wiki/Sysctl # http://en.wikipedia.org/wiki/Sysctl
# #
# Usage
# wget -O /etc/sysctl.d/60-ubuntu-nginx-web-server.conf https://virtubox.github.io/ubuntu-nginx-web-server/files/etc/sysctl.d/60-ubuntu-nginx-web-server.conf
#
# sysctl -e -p /etc/sysctl.d/60-ubuntu-nginx-web-server.conf
# For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and sysctl.conf(5) for more details. # For binary values, 0 is disabled, 1 is enabled. See sysctl(8) and sysctl.conf(5) for more details.
# #
@@ -200,6 +196,8 @@ net.core.somaxconn = 32768
# Increase number of incoming connections backlog # Increase number of incoming connections backlog
net.core.netdev_max_backlog = 16384 net.core.netdev_max_backlog = 16384
net.core.dev_weight = 64 net.core.dev_weight = 64
net.core.netdev_budget = 600
net.core.netdev_budget_usecs = 4000
# Increase the maximum amount of option memory buffers # Increase the maximum amount of option memory buffers
net.core.optmem_max = 65535 net.core.optmem_max = 65535

14
wo/cli/templates/wpcommon.mustache
View File

@@ -56,6 +56,20 @@ location /wp-content/plugins/ewww-image-optimizer/images {
deny all; deny all;
} }
} }
# enable gzip on static assets - php files are forbidden
location /wp-content/cache {
# Cache css & js files
location ~* \.(?:css(\.map)?|js(\.map)?|.html)$ {
add_header "Access-Control-Allow-Origin" "*";
access_log off;
log_not_found off;
expires 30d;
}
location ~ \.php$ {
#Prevent Direct Access Of PHP Files From Web Browsers
deny all;
}
}
# Deny access to any files with a .php extension in the uploads directory # Deny access to any files with a .php extension in the uploads directory
# Works in sub-directory installs and also in multisite network # Works in sub-directory installs and also in multisite network
# Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban) # Keep logging the requests to parse later (or to pass to firewall utilities such as fail2ban)

16
wo/cli/templates/wprocket.mustache
View File

@@ -1,21 +1,19 @@
# WPSC NGINX CONFIGURATION - WO v3.9.7 # WPSC NGINX CONFIGURATION - WO v3.9.7
# DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE # DO NOT MODIFY, ALL CHANGES WILL BE LOST AFTER AN WordOps (wo) UPDATE
# $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf # $cache_uri variable set in /etc/nginx/conf.d/map-wp.conf
# Use cached or actual file if they exists, Otherwise pass request to WordPress # Use cached or actual file if they exists, Otherwise pass request to WordPress
location / { location / {
try_files /wp-content/cache/wp-rocket/$http_host/$cache_uri/index$https_prefix.html $uri $uri/ /index.php$is_args$args; try_files /wp-content/cache/wp-rocket/$http_host/$cache_uri/index$https_prefix.html $uri $uri/ /index.php$is_args$args;
} }
location ~ \.php$ { location ~ \.php$ {
try_files $uri =404; try_files $uri =404;
include fastcgi_params; include fastcgi_params;
fastcgi_pass {{upstream}}; fastcgi_pass {{upstream}};
} }
location ~* /cache/wp-rocket/\.html$ { location ~* /cache/wp-rocket/\.html$ {
etag on; etag on;
add_header Vary "Accept-Encoding, Cookie"; add_header Vary "Accept-Encoding, Cookie";
access_log off; access_log off;
log_not_found off; log_not_found off;
expire 10h; expires 10h;
} }