Add Hubzilla sandcastle.hubzilla

See hubzilla.castle.yml for installation and usage instructions to get
started.

3 files changed, 90 insertions, 0 deletions

diff --git a/volumes/hubzilla/crontab b/volumes/hubzilla/crontab
new file mode 100644
index 0000000..96c0b78
--- /dev/null
+++ b/volumes/hubzilla/crontab
@@ -0,0 +1,2 @@
+# Run periodic tasks for Hubzilla
+su -s /bin/bash www-data -c "cd /var/www/html; /usr/bin/php Zotlabs/Daemon/Master.php Cron > /dev/null 2>&1"
diff --git a/volumes/hubzilla/fpm.conf b/volumes/hubzilla/fpm.conf
new file mode 100644
index 0000000..4a0dafa
--- /dev/null
+++ b/volumes/hubzilla/fpm.conf
@@ -0,0 +1,15 @@
+[www]
+user = www-data
+group = www-data
+
+listen = 0.0.0.0:9000
+
+pm = dynamic
+pm.max_children = 5
+pm.start_servers = 2
+pm.min_spare_servers = 1
+pm.max_spare_servers = 3
+
+php_value[upload_max_filesize] = 5M
+php_value[post_max_size] = 20M
+php_value[max_file_uploads] = 4
diff --git a/volumes/hubzilla/nginx.conf b/volumes/hubzilla/nginx.conf
new file mode 100644
index 0000000..0680a2b
--- /dev/null
+++ b/volumes/hubzilla/nginx.conf
@@ -0,0 +1,73 @@
+#
+# Hubzilla nginx configuration for sandcastles
+#
+# TLS is terminated by the traefik router, so we will only ever see http
+# trafic here.
+#
+
+server {
+  listen 80;
+  server_name hubzilla.castle;
+
+  index index.php;
+  charset utf-8;
+  root /var/www/html;
+
+  # allow uploads up to 20MB in size
+  client_max_body_size 20m;
+  client_body_buffer_size 128k;
+
+  include mime.types;
+
+  # rewrite to front controller as default rule
+  location / {
+    if (!-e $request_filename) {
+      rewrite ^(.*)$ /index.php?q=$1;
+    }
+  }
+
+  # make sure webfinger and other well known services aren't blocked
+  # by denying dot files and rewrite request to the front controller
+  location ^~ /.well-known/ {
+    allow all;
+    if (!-e $request_filename) {
+      rewrite ^(.*)$ /index.php?q=$1;
+    }
+  }
+
+  # block these file types
+  location ~* \.(tpl|md|tgz|log|out)$ {
+    deny all;
+  }
+
+  # pass the PHP scripts to the fpm container
+  location ~* \.php$ {
+    try_files $uri =404;
+
+    fastcgi_param HTTPS on;
+
+    # NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
+    fastcgi_split_path_info ^(.+\.php)(/.+)$;
+
+    fastcgi_pass hubzilla_fpm:9000;
+
+    include fastcgi_params;
+    fastcgi_index index.php;
+    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+  }
+
+  # deny access to all dot files
+  location ~ /\. {
+    deny all;
+  }
+
+  #deny access to store
+  location ~ /store {
+        deny  all;
+  }
+
+  #deny access to util
+  location ~ /util {
+        deny  all;
+  }
+}