Fork of FusionPBX but with LDAP kinda working
You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
|
|
server { listen 127.0.0.1:80; server_name 127.0.0.1; access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log;
client_max_body_size 80M; client_body_buffer_size 128k;
location / { root /var/www/fusionpbx; index index.php; }
location ~ \.php$ { fastcgi_pass unix:/var/run/php/php7.1-fpm.sock; #fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name; }
# Allow the upgrade routines to run longer than normal location = /core/upgrade/index.php { fastcgi_pass unix:/var/run/php/php7.1-fpm.sock; #fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name; fastcgi_read_timeout 15m; }
# Disable viewing .htaccess & .htpassword & .db & .git location ~ .htaccess { deny all; } location ~ .htpassword { deny all; } location ~^.+.(db)$ { deny all; } location ~ /\.git { deny all; } location ~ /\.lua { deny all; } location ~ /\. { deny all; } }
server { listen 80; server_name fusionpbx;
#redirect letsencrypt to dehydrated location ^~ /.well-known/acme-challenge { default_type "text/plain"; auth_basic "off"; alias /var/www/dehydrated; }
#rewrite rule - send to https with an exception for provisioning if ($uri !~* ^.*(provision|xml_cdr|firmware).*$) { rewrite ^(.*) https://$host$1 permanent; break; }
#REST api if ($uri ~* ^.*/api/.*$) { rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last; break; }
#algo rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last;
#mitel rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last; rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last;
#grandstream rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1; rewrite "^.*/provision/([A-Fa-f0-9]{12})/phonebook\.xml$" /app/provision/?mac=$1&file=phonebook.xml; rewrite "^.*/provision/(phonebook\.xml)?$" /app/provision/index.php?file=$1 last; #grandstream-wave softphone by ext because Android doesn't pass MAC. rewrite "^.*/provision/([0-9]{5})/cfg([A-Fa-f0-9]{12}).xml$" /app/provision/?ext=$1;
#aastra rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg; #rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last;
#yealink #rewrite "^.*/provision/(y[0-9]{12})(\.cfg|\.boot)?$" /app/provision/index.php?file=$1$2; rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg; rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last;
#polycom rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg"; #rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2; rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg; rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg; rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1; rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg"; rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml";
#cisco rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last; rewrite "^.*/provision/directory\.xml$" /app/provision/?file=directory.xml;
#Escene rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last; rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last;
#Vtech rewrite "^.*/provision/VCS754_([A-Fa-f0-9]{12})\.cfg$" /app/provision/?mac=$1; rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/directory\.xml$" /app/provision/?mac=$1&file=directory.xml;
#Digium rewrite "^.*/provision/([A-Fa-f0-9]{12})-contacts\.cfg$" "/app/provision/?mac=$1&file={%24mac}-contacts.cfg"; rewrite "^.*/provision/([A-Fa-f0-9]{12})-smartblf\.cfg$" "/app/provision/?mac=$1&file={%24mac}-smartblf.cfg";
#Snom rewrite "^.*/provision/-([A-Fa-f0-9]{12})?$" /app/provision/index.php?mac=$1;
access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log;
client_max_body_size 80M; client_body_buffer_size 128k;
location / { root /var/www/fusionpbx; index index.php; }
location ~ \.php$ { fastcgi_pass unix:/var/run/php/php7.1-fpm.sock; #fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name; }
# Allow the upgrade routines to run longer than normal location = /core/upgrade/index.php { fastcgi_pass unix:/var/run/php/php7.1-fpm.sock; #fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name; fastcgi_read_timeout 15m; }
# Disable viewing .htaccess & .htpassword & .db & .git location ~ .htaccess { deny all; } location ~ .htpassword { deny all; } location ~^.+.(db)$ { deny all; } location ~ /\.git { deny all; } location ~ /\.lua { deny all; } location ~ /\. { deny all; } }
server { listen 443 ssl; #listen 443 ssl http2; server_name fusionpbx;
ssl_certificate /etc/ssl/certs/nginx.crt; ssl_certificate_key /etc/ssl/private/nginx.key; ssl_protocols TLSv1.2 TLSv1.3; #ssl_protocols TLSv1 TLSv1.1 TLSv1.2 TLSv1.3; ssl_ciphers DHE-RSA-AES256-SHA:AES256-SHA:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; ssl_session_cache shared:SSL:40m; ssl_session_timeout 2h; ssl_session_tickets off;
#redirect letsencrypt to dehydrated location ^~ /.well-known/acme-challenge { default_type "text/plain"; auth_basic "off"; alias /var/www/dehydrated; }
#REST api if ($uri ~* ^.*/api/.*$) { rewrite ^(.*)/api/(.*)$ $1/api/index.php?rewrite_uri=$2 last; break; }
#message media rewrite "^/app/messages/media/(.*)/(.*)" /app/messages/message_media.php?id=$1&action=download last;
#algo rewrite "^.*/provision/algom([A-Fa-f0-9]{12})\.conf" /app/provision/?mac=$1&file=algom%7b%24mac%7d.conf last;
#mitel rewrite "^.*/provision/MN_([A-Fa-f0-9]{12})\.cfg" /app/provision/index.php?mac=$1&file=MN_%7b%24mac%7d.cfg last; rewrite "^.*/provision/MN_Generic.cfg" /app/provision/index.php?mac=08000f000000&file=MN_Generic.cfg last;
#grandstream rewrite "^.*/provision/cfg([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/?mac=$1; rewrite "^.*/provision/([A-Fa-f0-9]{12})/phonebook\.xml$" /app/provision/?mac=$1&file=phonebook.xml; rewrite "^.*/provision/(phonebook\.xml)?$" /app/provision/index.php?file=$1 last; #grandstream-wave softphone by ext because Android doesn't pass MAC. rewrite "^.*/provision/([0-9]{5})/cfg([A-Fa-f0-9]{12}).xml$" /app/provision/?ext=$1;
#aastra rewrite "^.*/provision/aastra.cfg$" /app/provision/?mac=$1&file=aastra.cfg; #rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(cfg))?$" /app/provision/?mac=$1 last;
#yealink #rewrite "^.*/provision/(y[0-9]{12})(\.cfg|\.boot)?$" /app/provision/index.php?file=$1$2; rewrite "^.*/provision/(y[0-9]{12})(\.cfg)?$" /app/provision/index.php?file=$1.cfg; rewrite "^.*/provision/([A-Fa-f0-9]{12})(\.(xml|cfg))?$" /app/provision/index.php?mac=$1 last;
#polycom rewrite "^.*/provision/000000000000.cfg$" "/app/provision/?mac=$1&file={%24mac}.cfg"; #rewrite "^.*/provision/sip_330(\.(ld))$" /includes/firmware/sip_330.$2; rewrite "^.*/provision/features.cfg$" /app/provision/?mac=$1&file=features.cfg; rewrite "^.*/provision/([A-Fa-f0-9]{12})-sip.cfg$" /app/provision/?mac=$1&file=sip.cfg; rewrite "^.*/provision/([A-Fa-f0-9]{12})-phone.cfg$" /app/provision/?mac=$1; rewrite "^.*/provision/([A-Fa-f0-9]{12})-registration.cfg$" "/app/provision/?mac=$1&file={%24mac}-registration.cfg"; rewrite "^.*/provision/([A-Fa-f0-9]{12})-directory.xml$" "/app/provision/?mac=$1&file={%24mac}-directory.xml";
#cisco rewrite "^.*/provision/file/(.*\.(xml|cfg))" /app/provision/?file=$1 last; rewrite "^.*/provision/directory\.xml$" /app/provision/?file=directory.xml;
#Escene rewrite "^.*/provision/([0-9]{1,11})_Extern.xml$" "/app/provision/?ext=$1&file={%24mac}_extern.xml" last; rewrite "^.*/provision/([0-9]{1,11})_Phonebook.xml$" "/app/provision/?ext=$1&file={%24mac}_phonebook.xml" last;
#Vtech rewrite "^.*/provision/VCS754_([A-Fa-f0-9]{12})\.cfg$" /app/provision/?mac=$1; rewrite "^.*/provision/pb([A-Fa-f0-9-]{12,17})/directory\.xml$" /app/provision/?mac=$1&file=directory.xml;
#Digium rewrite "^.*/provision/([A-Fa-f0-9]{12})-contacts\.cfg$" "/app/provision/?mac=$1&file={%24mac}-contacts.cfg"; rewrite "^.*/provision/([A-Fa-f0-9]{12})-smartblf\.cfg$" "/app/provision/?mac=$1&file={%24mac}-smartblf.cfg";
access_log /var/log/nginx/access.log; error_log /var/log/nginx/error.log;
client_max_body_size 80M; client_body_buffer_size 128k;
location / { root /var/www/fusionpbx; index index.php; }
location ~ \.php$ { fastcgi_pass unix:/var/run/php/php7.1-fpm.sock; #fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name; }
# Allow the upgrade routines to run longer than normal location = /core/upgrade/index.php { fastcgi_pass unix:/var/run/php/php7.1-fpm.sock; #fastcgi_pass 127.0.0.1:9000; fastcgi_index index.php; include fastcgi_params; fastcgi_param SCRIPT_FILENAME /var/www/fusionpbx$fastcgi_script_name; fastcgi_read_timeout 15m; }
# Disable viewing .htaccess & .htpassword & .db & .git location ~ .htaccess { deny all; } location ~ .htpassword { deny all; } location ~^.+.(db)$ { deny all; } location ~ /\.git { deny all; } location ~ /\.lua { deny all; } location ~ /\. { deny all; } }
|