Skip to content

Instantly share code, notes, and snippets.

@rdoursenaud
Created May 20, 2015 08:37
Show Gist options
  • Star 1 You must be signed in to star a gist
  • Fork 1 You must be signed in to fork a gist
  • Save rdoursenaud/0596e0b856c97b45dc88 to your computer and use it in GitHub Desktop.
Save rdoursenaud/0596e0b856c97b45dc88 to your computer and use it in GitHub Desktop.
OTRS FCGIWRAP SSL+HSTS NGINX configuration
server {
listen 443 ssl;
listen [::]:443 ssl;
keepalive_timeout 70;
server_name otrs.example.com;
root /opt/otrs/var/httpd/htdocs;
index index.html;
# SSL
ssl_certificate /etc/ssl/otrs.example.com.combined.crt;
ssl_certificate_key /etc/ssl/otrs.example.com.key;
# HSTS
add_header Strict-Transport-Security "max-age=31536000; includeSubdomains";
access_log /var/log/nginx/otrs.example.com_access.log;
error_log /var/log/nginx/otrs.example.com_error.log;
# Redirect naked domain to the customer interface
location = / {
return 301 https://otrs.example.com/otrs/customer.pl;
}
# Do not log favicon access
location = /favicon.ico {
access_log off;
log_not_found off;
}
# Serve static content directly
location /otrs-web {
gzip on;
alias /opt/otrs/var/httpd/htdocs;
}
# Perl through fciwrap
location ~ ^/otrs/(.*\.pl)(/.*)?$ {
gzip off;
fastcgi_pass unix:/var/run/fcgiwrap.socket;
fastcgi_index index.pl;
fastcgi_param SCRIPT_FILENAME /opt/otrs/bin/fcgi-bin/$1;
include fastcgi.conf;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment