Remove outdated docs and fix repo structure

Trying to make maintenance as easier as we can
2019-02-04 14:09:06 +01:00 · 2019-02-04 14:09:06 +01:00 · 8919496406
parent 76be9604e3
commit 8919496406
10 changed files with 129 additions and 292 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,3 +1,4 @@
 /logs/
-/sites-enabled/*
+/conf.d/*.conf
-!/sites-enabled/.gitkeep
+!/conf.d/.default.conf
 !/conf.d/no-ssl.default.conf
--- a/README.md
+++ b/README.md
@ -6,11 +6,126 @@ ensuring that resources are served with the correct content-type and are
 accessible, if needed, even cross-domain.
-## Documentation
+## Getting Started
-The [documentation](doc/TOC.md) is bundled with
+* [Nginx Beginners Guide](https://nginx.org/en/docs/beginners_guide.html)
-the project, which makes it readily available for offline reading and provides a
+* [Nginx Request Processing](https://nginx.org/en/docs/http/request_processing.html)
-useful starting point for any documentation you want to write about your project.
+* [How Nginx works](docs/getting-started.md) — Understanding nginx, and how it differs from other webservers.
 ### Basic structure
 This repository has the following structure:
 ```
 ./
 ├── conf.d/
 │   ├── default.conf
 │	  └── templates/
 ├── h5bp/
 │   ├── basic.conf
 │   ├── location/
 │   └── .../
 ├── mime.types
 └── nginx.conf
 ```
 * **`conf.d/`**
  This directory should contain all of the server definitions.
  Except if they are dot prefixed or non .conf extension, all files in this
  folder **are** loaded automatically.
  * **`templates` folder**
    Files in this folder contain a `server{}` template for secure and non-secure hosts.
    They are intended to be copied in the `conf.d` folder with all `example.com` 
    occurrences changed to the target host.
 * **`h5bp/`**
  This directory contains config snippets (mixins) to be included as desired.
  There are two types of config files provided, individual config snippets and
  combined config files which provide convenient defaults.
  * **`basic.conf`**
    This file loads a small subset of the rules provided by this repository to add
    expires headers, allow cross domain fonts and protect system files from web
    access.
  * **`location/`**
    Files in this folder contain one or more location directives. They are intended
    to be loaded in the server context (or, in a nested location block).
 * **`mime.types`**
  The mime.types file is responsible for mapping file extensions to mime types.
 * **`nginx.conf`**
  The main nginx config file.
 ### Other resources
 * [Troubleshooting](docs/troubleshooting.md) — Dealing with commonly-encountered errors.
 * [Hotlink protection](docs/hotlink-protection.md)
 ## Usage
 ### As a reference
 To use as reference requires no special installation steps, download/checkout the
 repository to a convenient location and adapt your existing nginx configuration
 incorporating the desired functionality from this repository.
 ### Directly
 To use directly, replace the nginx config directory with this repository. for example:
 ```shell
 nginx stop
 cd /etc
 mv nginx nginx-previous
 git clone https://github.com/h5bp/server-configs-nginx.git nginx
 # install-specific edits
 nginx start
 ```
 ### Manage sites
 ```bash
 $ cd /etc/nginx/conf.d
 ```
 * Creating a new site
  ```bash
  $ cp templates/example.com.conf .actual-hostname.conf
  $ sed -i 's/example.com/actual-hostname/g' .actual-hostname.conf
  ```
 * Enabling a site
  ```bash
  $ mv .actual-hostname.conf actual-hostname.conf
  ```
 * Disabling a site
  ```bash
  $ mv actual-hostname.conf .actual-hostname.conf
  ```
 ```bash
 $ nginx reload
 ```
 ## Support
 * Nginx v**1.6.0**+
 ## Contributing
--- a/doc/TOC.md
+++ b/doc/TOC.md
@ -1,22 +0,0 @@
 [Nginx Server Configs homepage](https://github.com/h5bp/server-configs-nginx)
 # Nginx Server Configs documentation:
 ## Getting started
 * [Usage](usage.md) — Overview of the project contents.
 * [Nginx.conf](nginx-conf.md) — General introduction to the main config file.
 * [How Nginx works](how-nginx-works.md) — Understanding nginx, and how it differs from other webservers.
 * [Common problems](common-problems.md) — Dealing with commonly-encountered errors.
 ## Example tasks
 * [Hotlink protection](examples/hotlink-protection.md)
 ## Related projects
 * [HTML5 Boilerplate](https://html5boilerplate.com) — professional front-end
  template.
 * [Server configs](https://github.com/h5bp/server-configs) — Configs for
  other web servers.
 * [Mozilla SSL Configuration Generator](https://mozilla.github.io/server-side-tls/ssl-config-generator/) — generate Mozilla Security recommended web server configs.
--- a/doc/how-nginx-works.md
+++ b/doc/how-nginx-works.md
@ -1,66 +0,0 @@
 [Nginx Server Configs homepage](https://github.com/h5bp/server-configs-nginx)
 | [Documentation table of contents](TOC.md)
 # How Nginx works
 If you're familiar with any other webserver, some aspects of
 [the way Nginx works](https://nginx.org/en/docs/http/request_processing.html)
 can cause confusion. This document aims to highlight differences or features
 which may trip up new users.
 ## Nginx will only use one location block
 A [location block (directive)](https://nginx.org/en/docs/http/ngx_http_core_module.html#location)
 defines the behavior for a given request which matches the location url pattern. The block used
 is whichever is the most specific for the given request, the rules for
 precedence can be found in [Nginx's documentation](https://nginx.org/en/docs/http/ngx_http_core_module.html#location).
 It is very important when writing nginx configuration files to understand that
 only one location block will be used by Nginx. When in doubt a useful technique
 to identify which location block is to add a header:
 	# Make sure js files are served with a long expire
 	location ~ /something {
 		add_header "section" "something location";
 		...
 	}
 	location /something-else {
 		add_header "section" "something else location";
 		...
 	}
 In the headers for a response, the header added from the block which matched
 will be included:
 	$ curl -I "http://nginx.h5bp.dev/something"
 	...
 	section: something location
 There are some significant consequences to this behavior such as it _not_ being
 possible to build configuration files from small, overlapping, location blocks.
 ## try_files in the server context does not always apply
 Consider the following server block:
 	server {
 		listen 80;
 		server_name example.com;
 		root /var/www/example.com;
 		try_files $uri $uri/ /fallback.html;
 		location ~ ^/somefolder {
 			...
 		}
 	}
 It might be expected that a request for `http://example.com/somefolder/doesnt-exist`
 would result in the contents of `/fallback.html` - but this is not the case. the
 `try_files` directive in the server context _only applies if no location block
 matches_, it is not a default which location blocks inherit.
--- a/doc/nginx-conf.md
+++ b/doc/nginx-conf.md
@ -1,55 +0,0 @@
 [Nginx Server Configs homepage](https://github.com/h5bp/server-configs-nginx)
 | [Documentation table of contents](TOC.md)
 # Nginx.conf
 The `nginx.conf` file is the main config file for nginx, which either defines
 or includes the whole configuration for the server.
 When editing or defining an nginx configuration file - take care to note in
 which [context](https://nginx.org/en/docs/beginners_guide.html#conf_structure)
 a directive applies.
 Below are some notes on a few of the more important/commonly-edited directives.
 For detailed information on any particular directive, please see
 [the official documentation](https://nginx.org/en/docs/).
 ## user
 The [user directive](https://nginx.org/en/docs/ngx_core_module.html#user)
 indicates which user the server will run as. This is typically a user
 specifically for web usage such as "www" "www-data".
 The webserver user, and file permissions for any application, should be defined/chosen
 following [the principle of least privilege](https://en.wikipedia.org/wiki/Principle_of_least_privilege)
 i.e., sufficient privileges to function correctly but no more than that.
 ## worker_processes
 The [worker_processes directive](https://nginx.org/en/docs/ngx_core_module.html#worker_processes)
 broadly defines the number of connections nginx can process.
 As of version 1.2.5+ and 1.3.8+, nginx supports the value "auto" which will
 automatically detect an appropriate value. In earlier versions setting to
 the number of CPUs is a good default/starting point.
 ## error_log
 The [error_log directive](https://nginx.org/en/docs/ngx_core_module.html#error_log)
 can be defined/overriden in any context. The directive in the main context
 defines the log file to use unless otherwise overriden (at http, server or location
 level). This must point to a location writable to the webserver user.
 The location for log files varies depending on the operating system; one technique
 to allow the config files to be ignorant of this is to symlink `/etc/nginx/logs`
 to where you would like log files to be located. e.g.:
    mkdir /var/log/nginx
    cd /etc/nginx
    ln -s /var/log/nginx logs
 ## pid
 The [pid directive](https://nginx.org/en/docs/ngx_core_module.html#pid) is used
 by nginx to store the process id of the main process. This must point to a writable
 location.
--- a/doc/usage.md
+++ b/doc/usage.md
@ -1,120 +0,0 @@
 [Nginx Server Configs homepage](https://github.com/h5bp/server-configs-nginx)
 | [Documentation table of contents](TOC.md)
 # Usage
 ## Requirements
 * nginx version 1.6.0+
 There are two ways to make use of the contents of this repository, as a reference
 or directly as the source for nginx to run from. A number of config snippets are
 provided allowing you to pick and choose which features to allow/expose - some
 snippets are dependent on other features in this repository. For example rules that
 rely on a specific mime type for a given file extension, expect/rely the use of the
 bundled `mime.types` file.
 ## Using as a reference
 To use as reference requires no special installation steps, download/checkout the
 repository to a convenient location and adapt your existing nginx configuration
 incorporating the desired functionality from this repository.
 ## Using directly
 To use directly, replace the nginx config directory with this repository. for example:
    /etc/init.d/nginx stop
    cd /etc
    mv nginx nginx-previous
    git clone https://github.com/h5bp/server-configs-nginx.git nginx
    # install-specific edits
    /etc/init.d/nginx start
 Install specific edits will vary from server to user, see [Getting started](getting-started.md)
 for a description of the required steps.
 ## Basic structure
 This repository has the following structure:
 ```
 ./
 ├── doc/
 ├── conf.d/
 │   ├── default.conf
 │	  └── templates/
 ├── h5bp/
 │   ├── basic.conf
 │   ├── location/
 │   └── ...
 ├── mime.types
 └── nginx.conf
 ```
 Below is a general description of each section
 ### h5bp
 This directory contains config snippets (mixins) to be included as desired.
 There are two types of config files provided, individual config snippets and
 combined config files which provide convenient defaults.
 * `basic.conf`
 This file loads a small subset of the rules provided by this repository to add
 expires headers, allow cross domain fonts and protect system files from web
 access.
 * `location` folder
 Files in this folder contain one or more location directives. They are intended
 to be loaded in the server context (or, in a nested location block).
 ### conf.d
 This directory should contain all of the server definitions.
 Except if they are dot prefixed or non .conf extension, all files in this
 folder **are** loaded automatically.
 * `templates` folder
 Files in this folder contain a server{} template for secure and non-secure hosts.
 They are intended to be copied in the `conf.d` folder with all `example.com` 
 occurrences changed to the target host.
 #### Usage
 ```bash
 $ cd /etc/nginx/conf.d
 ```
 * Creating a new site
  ```bash
  $ cp templates/example.com.conf actual-hostname.conf
  $ sed -i 's/example.com/actual-hostname/g' actual-hostname.conf
  ```
 * Enabling a site
  ```bash
  $ mv .actual-hostname.conf actual-hostname.conf
  ```
 * Disabling a site
  ```bash
  $ mv actual-hostname.conf .actual-hostname.conf
  ```
 ```bash
 $ /etc/init.d/nginx reload
 ```
 ### mime.types
 The mime.types file is responsible for mapping file extensions to mime types.
 ### nginx.conf
 The main nginx config file. [About nginx.conf](nginx-conf.md).
--- a/docs/getting-started.md
+++ b/docs/getting-started.md
@ -1,5 +1,4 @@
 [Nginx Server Configs homepage](https://github.com/h5bp/server-configs-nginx)
 | [Documentation table of contents](TOC.md)
 # Getting started
@ -56,22 +55,8 @@ If you see:
 Or similar, there is still a problem to resolve before continuing.
 ## Creating a site definition
 An example server definition is provided in `sites-available/example.com`. Copy the file to
 `sites-available/yourdomainname.com` and edit appropriately. Verify specifically that
 the hostname (`example.com`) and the root are specified correctly.
 ## Enabling a site
 Activate the new site by linking `yourdomainname.com` into the `sites-enabled` directory:
    cd /etc/nginx/sites-enabled
    ln -s ../sites-available/yourdomainname.com .
 This will make the server active the next time nginx (re)starts.
 ## Verify config and restart nginx
 Verify the config and restart nginx to apply the changes.
 To verify nginx config (Tests default nginx config file)
@ -88,4 +73,4 @@ This will test the nginx config file and throws error if any. Otherwise test is
 Finally reload nginx to apply the changes.
-    /etc/init.d/nginx reload
+    nginx reload
--- a/doc/examples/hotlink-protection.md
+++ b/doc/examples/hotlink-protection.md
@ -1,5 +1,4 @@
 [Nginx Server Configs homepage](https://github.com/h5bp/server-configs-nginx)
 | [Documentation table of contents](../TOC.md)
 # Hotlink Protection
--- a/docs/troubleshooting.md
+++ b/docs/troubleshooting.md
@ -1,7 +1,6 @@
 [Nginx Server Configs homepage](https://github.com/h5bp/server-configs-nginx)
 | [Documentation table of contents](TOC.md)
-# Common Problems
+# Troubleshooting
 ## types_hash errors
--- a/nginx.conf
+++ b/nginx.conf
@ -4,7 +4,8 @@
 # Run as a unique, less privileged user for security reasons.
 # Default: nobody nobody
 # https://nginx.org/en/docs/ngx_core_module.html#user
-user www www;
+# https://en.wikipedia.org/wiki/Principle_of_least_privilege
 user www-data;
 # Sets the worker threads to the number of CPU cores available in the system for best performance.
 # Should be > the number of CPU cores.
@ -37,7 +38,7 @@ events {
 # This is only used when you don't override it on a server{} level
 # Default: logs/error.log error
 # https://nginx.org/en/docs/ngx_core_module.html#error_log
-error_log logs/error.log warn;
+error_log /var/log/nginx/error.log warn;
 # The file storing the process ID of the main process
 # Default: logs/nginx.pid
@ -84,7 +85,7 @@ http {
  # This is only used when you don't override it on a server{} level
  # Default: logs/access.log combined
  # https://nginx.org/en/docs/http/ngx_http_log_module.html#access_log
-  access_log logs/access.log main;
+  access_log /var/log/nginx/access.log main;
  # How long to allow each connection to stay idle.
  # Longer values are better for each individual client, particularly for SSL,