PostERG/xamxam
1
0
Fork 0
mirror of https://codeberg.org/PostERG/xamxam.git synced 2026-05-06 19:19:19 +02:00
Code Issues Packages Projects Releases Wiki Activity
Files
0f849468f70b6d9cf0c51d154dbb25dfd7d133e3
xamxam/nginx/SETUP.md

129 lines
2.3 KiB
Markdown
Raw Blame History

# Nginx Setup for Post-ERG
Complete setup guide for nginx with security features and password protection.
## Prerequisites
- Ubuntu/Debian server with root access
- Nginx installed
- PHP-FPM installed (PHP 8.4)
- Domain name pointed to your server
## Quick Setup (Recommended)
### 1. Deploy from your local machine
```bash
just deploy-nginx
```
### 2. Apply on the server
```bash
ssh xamxam
sudo bash /tmp/deploy-server.sh
```
### 3. Set admin password (first time only)
```bash
just manage-admin-users
ssh xamxam "sudo bash /tmp/manage-admin-users.sh"
```
## Manual Setup Steps
### 1. Install Required Packages
```bash
sudo apt update
sudo apt install nginx apache2-utils php8.4-fpm
```
### 2. Create Admin Password
```bash
just manage-admin-users
# Then on the server:
ssh xamxam "sudo bash /tmp/manage-admin-users.sh"
```
### 3. Copy Nginx Configuration
```bash
sudo cp nginx/xamxam.conf /etc/nginx/sites-available/xamxam
sudo ln -s /etc/nginx/sites-available/xamxam /etc/nginx/sites-enabled/
sudo rm -f /etc/nginx/sites-enabled/default
```
### 4. Test and Reload
```bash
sudo nginx -t
sudo systemctl reload nginx
sudo systemctl status nginx
```
## Testing
### Test Admin Authentication
```bash
# Should return 401
curl -I https://xamxam.erg.be/admin/
# With credentials
curl -u admin:password https://xamxam.erg.be/admin/
```
### Test File Protection
```bash
# Should return 403
curl -I https://xamxam.erg.be/storage/test.db
curl -I https://xamxam.erg.be/src/Database.php
```
### Test Security Headers
```bash
curl -I https://xamxam.erg.be/ | grep -E "X-|Strict-Transport"
```
## Troubleshooting
### 403 Forbidden on admin
```bash
sudo ls -l /etc/nginx/.htpasswd-xamxam
sudo chmod 644 /etc/nginx/.htpasswd-xamxam
```
### 502 Bad Gateway
```bash
sudo systemctl status php8.4-fpm
sudo systemctl restart php8.4-fpm
```
### Configuration errors
```bash
sudo nginx -t
```
## Maintenance
### Change Admin Password
```bash
sudo htpasswd /etc/nginx/.htpasswd-xamxam admin
```
### Reload Configuration
```bash
sudo nginx -t && sudo systemctl reload nginx
```
## See Also
- **[docs/PRODUCTION_DEPLOYMENT.md](docs/PRODUCTION_DEPLOYMENT.md)** - Detailed deployment
- **[docs/QUICK_REFERENCE.md](docs/QUICK_REFERENCE.md)** - Command reference
- **[docs/ADMIN_USERS.md](docs/ADMIN_USERS.md)** - User management
Reference in New Issue View Git Blame Copy Permalink