URL Rewriting for nginx

[justinacolmena]

Much easier than one would think at first.
Configuration > Appearance and Options > URL Rewriting [i] > Use Apache mod_rewrite
Of course this is not actually using Apache mod_rewrite. This is the relevant snippet from /etc/nginx/nginx.conf with all the rewriting rules. As far as I can tell, it all works, but the rules from .htaccess as written by the config still need a lot of cleanup for apache, because some of them are wrong.

server {
server_name www.lindberg.farm lindberg.farm; # managed by Certbot
    root         /var/www/lindberg.farm/serendipity;
    index index.php index.html;
    # Load configuration files for the default server block.
    include /etc/nginx/default.d/*.conf;
    location ~ ^/(?:[^/?]*?/|serendipity(?:_admin)?\.(?:js|css)$|admin$) {
            rewrite ^/([^?]*)$ /index.php?/$1;
            rewrite ^/([^?]*?)\?(.*)$ /index.php?/$1&$2;
    }
    location ~ \.php$ {
            fastcgi_pass 127.0.0.1:9000;
            fastcgi_index index.php;
            fastcgi_param SCRIPT_FILENAME $request_filename;
    }

    error_page 404 /404.html;
    location = /404.html {
            root /usr/share/nginx/html/;
    }

    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
            root /usr/share/nginx/html/;
    }

listen [::]:443 ssl; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/amarillo.colmena.biz/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/amarillo.colmena.biz/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot

}

[onli]

This is awesome, I'm not aware that anyone has documented how s9y could be run with nginx.

In your blog jQuery and modernizer seem to fail loading, is that caused by nginx or is it from different changes?

In my eyes, the most important work the .htaccess does is blocking the serendipity_config_local.inc.php from being opened (I checked, it's not accessible in your blog). I don't see that replicated in the config - is it handled elsewhere?

It would be great if you could continue working on this! Three things I see that could be done to make this accessible for everyone:

1. How to use nginx instead of apache could be documented in our documentation, editable under https://github.com/s9y/s9y.github.io
2. Even though I'm not aware of the .htaccess s9y writes being broken (you sure about that?), if that's the case and it blocks nginx (how, it doesn't read them, does it?) they could be fixed.
3. Is there something else s9y would have to do to run under nginx that could be activated with a config option or an automatic detection? That could then be added to the core.

[justinacolmena]

I forgot a rule. The /templates/ folder needs to be accessed as is without rewriting. I inserted a dummy rewrite with a break.

       location ~ ^/(?:[^/?]*?/|serendipity(?:_admin)?\.(?:js|css)$|admin$) {
            rewrite ^/templates/(.*$) /templates/$1 break;
            rewrite ^/([^?]*)$ /index.php?/$1;
            rewrite ^/([^?]*?)\?(.*)$ /index.php?/$1&$2;
       }

As far as I know, nginx ignores apache-style .htaccess files.

[SlidingHorn]

So is this a workable thing now? I remember wanting to run s9y on nginx in the past, but couldn't because I had no idea how to do this very thing...

cc: @onli for input

[onli]

@SlidingHorn I didn't test it yet (and are unlikely to do so, since my Apache setup works and is automatically enabled on my dev server). But the nginx config justinacolmena has shown above looks good.

If you are interested in that setup, I'd recommend to just test it. If you can login to the backend, write articles and comments, read articles and - very important! - not access the serendipity_config_local.inc.php, then everything else is very likely to work as well.

[SlidingHorn]

@onli I'll throw up a VM over the weekend if I have time and give it a shot