Welcome! Log In Create A New Profile


"Idiomatic" Gallery3 configuration

Stefan Foerster
September 01, 2013 07:52AM
Hello world,

I've looked around the net for quite some time to find a suitable
configuration for nginx that allows me to run Gallery3 with php-fpm.
Unfortunately, the search results weren't that helpful. So I carefully
read through the official documentation for "location" and
"try_files", and I think I managed to get something that could serve
as a basis. Since I still lack experience with nginx, I'd really
appreciate any help you could give me with cleaning up that

To recap, what needs to be achieved is (examples only):

1. /lib/images/logo.png -> pass through
2. /Controller?param -> /index.php?kohana_uri=Controller?param
3. /index.php/Controller?param -> /index.php?kohana_uri=Controller?param
4. /var/(albums|thumbs|resizes) -> /file_proxy/$1 (continue with #2)
5. deny access to /var/(logs|tmp|tmp) and /bin
6. deny access to .htaccess, config.inc.php and so on
7. set "Expires" headers to static content (to make YSlow happy :-)

The configuration I've come up with is:

# is that outer location block actually needed?
location / {
location ~ /(index\.php/)?(.+)$ {
try_files $uri /index.php?kohana_uri=$2&$args;

# is it possible/desirable to consolidate access control to
# special files within one regexp (and not three?)
location ~ /\.(ht|tpl(\.php?)|sql|inc\.php|db)$ {
deny all;
# see previous comment
location ~ /var/(uploads|tmp|logs) {
deny all;
# see previous comment
location ~ /bin {
deny all;

location ~ /var/(albums|thumbs|resizes) {
# instead of repeating "albums|thumbs..", can I use $1 here? and
# will $2 still be a valid capture then? Something like
# "rewrite ^/var/$1/(.*)$ /file_proxy/$2 last; perhaps?"

# furthermore, is this a legitimate use of "rewrite"?
rewrite ^/var/(albums|thumbs|resizes)/(.*)$ /file_proxy/$2 last;

location ~* \.(js|css|png|jpg|jpeg|gif|ico|ttf)$ {
try_files $uri /index.php?kohana_uri=$uri&$args;
expires 30d;
location = /index.php {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/vhost-3222.sock;
fastcgi_index index.php;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi_params;

There are a couple of things I'm unsure about and a few other things
that I'm unhappy with - I've outlined them with comments:

1. Is the outer "location /" block actually needed?
2. As you can see, I'm using three regexps to protect special
directories. Is it desirable to consolidate those into one
3. The location block protecting "/var/(albums|...)" already captures
a part of the URL - can I refer to "$1" in the "rewrite" clause? If
so, can I still refer to "$2"? What would be the proper way to
handle this?
4. From reading through a lot of threads, I get the impression that
the use of "rewrite" is actually frowned upon. Is my use of
"rewrite" a "legitimate" one?

Furthermore, I'd like to make the configuration a bit more "generic".
As of now, it is assumed that the application is actually installed in
the server's root directory. Could I use a variable to store the
actual installation root and refer to this within the "location"

I'd appreciate any and all insights you could share with me. Please
don't hesitate to tell me when I need to read certain parts of the
documentation again :)


nginx mailing list
Subject Author Posted

"Idiomatic" Gallery3 configuration

Stefan Foerster September 01, 2013 07:52AM

Re: "Idiomatic" Gallery3 configuration

Gwyneth Llewelyn February 11, 2014 07:17AM

Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 83
Record Number of Users: 6 on February 13, 2018
Record Number of Guests: 421 on December 02, 2018
Powered by nginx      Powered by FreeBSD      PHP Powered      Powered by MariaDB      ipv6 ready