How to configure Nginx for Typemill

Thanks to Ezeqiuel Bruni for this instructions. Please head over to to GitHub if you have any comments.

This has not been updated for Typemill Version 2, so it might not run.

Prequisites

  • Nginx installed.
  • PHP-FPM installed, and set to run with the same user anme and group as your Nginx server.
  • The PHP modules listed below:
    • Depending on your Linux distro, some of these modules may be included by default.
    • Some of these modules may be named differently. On Alpine Linux, for example, every "php-" should actually be "php8-" (or whatever PHP version you want), and modules like "php-xmlrpc" will have longer names like "php8-pecl-xmlrpc". Check your distro's documentation and package lists to be sure.
php-common
php-curl
php-fileinfo
php-fpm
php-gd
php-iconv
php-mbstring
php-openssl
php-xmlrpc
php-session
php-soap
php-sqlite3
php-xml
php-zip

The .conf file

Here is the basic file without SSL enabled. Using certbot on it should do the rest. I can also confirm that this configuration works behind a simple Nginx reverse proxy, and will work with separate LXD containers (ie. one container is hosting the website, and another is hosting the proxy server.)

Just change everything in [brackets] to meet your needs, and anything else you feel like changing.

server {
    listen 80;
    listen [::]:80; 

    # Your domain name
    server_name [your-domain-name];

    # document root
    root        [your-root-directory-here];

    # Just setting up some log files
    access_log  /var/log/nginx/typemill_access.log;
    error_log   /var/log/nginx/typemill_error.log;

    # Defining what any directory's index file is going to look like
    index       index.php;

    # Set up robots.txt
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    # --- EVERYTHING BELOW THIS LINE CAN BE LEFT ALONE

    # This enables PHP in your website
    location ~ \.php$ {
        fastcgi_pass   127.0.0.1:9000;
        fastcgi_index  index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include        /etc/nginx/fastcgi_params;
    }

    # This makes sure PHP query URLs don't break. Usually.
    location / {
        try_files $uri $uri/ /index.php?$args;
        rewrite (.*?)index\.php/*(.*) /$1$2 redirect;
        rewrite (^|/)\.(?!well-known\/) /index.php break;
        rewrite ^/(system|content|data|settings|(media\/files\/)) /index.php break;
    }

    # This makes sure that missing links to image files
    # don't clog up your logs.
    location ~* \.(js|css|png|jpg|jpeg|gif|ico)$ {
        expires max;
        log_not_found off;
    }

    # The following two rule sets deny direct access to certain files
    # and kinds of files to prevent security issues.

    location ~\.(git|txt|md|yml|md|php|twig)$ {
        deny all;
        return 404;
    }

    location ~ ^/(licence\.md|readme\.md|composer\.lock|composer\.json|\.htaccess)$ {
                deny all;
        return 404;
    }
}

Typemill is an open source software and a registered trademark. Read more