server {
listen 80;
listen [::]:80;
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name wiki.your-domain.com;
root /var/www/mediawiki;
index index.php;
ssl_certificate /etc/ssl/certs/cloudflare_kangtain.com.pem;
ssl_certificate_key /etc/ssl/private/cloudflare_key_kangtain.com.pem;
ssl_client_certificate /etc/ssl/certs/origin-pull-ca.pem;
ssl_verify_client on;
error_log /var/log/nginx/kangtain.com.error;
access_log /var/log/nginx/kangtain.com.access;
location / {
try_files $uri $uri/ /index.php;
}
location ~ /.well-known {
allow all;
}
location ~ /\.ht {
deny all;
}
location /rest.php {
try_files $uri $uri/ /rest.php?$args;
}
location ~ \.php$ {
fastcgi_pass unix:/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
include snippets/fastcgi-php.conf;
}
}
Source