From e43ef0c7b9490ece68af38f8a658ad8a710e4e37 Mon Sep 17 00:00:00 2001
From: Guilhem Moulin <guilhem@fripost.org>
Date: Sat, 16 May 2020 00:52:10 +0200
Subject: Nextcloud: use dedicated user and PHP FPM pool.

There is a real security gain in not using the 'www-data' user: nginx
workers can't read Nextcloud config files and data directory, so should
our nginx configuration be insecure a leak is much less likely.
---
 roles/common-web/files/etc/nginx/snippets/fastcgi-php.conf | 1 -
 1 file changed, 1 deletion(-)

(limited to 'roles/common-web/files/etc/nginx/snippets/fastcgi-php.conf')

diff --git a/roles/common-web/files/etc/nginx/snippets/fastcgi-php.conf b/roles/common-web/files/etc/nginx/snippets/fastcgi-php.conf
index 48ebc63..f82bc5d 100644
--- a/roles/common-web/files/etc/nginx/snippets/fastcgi-php.conf
+++ b/roles/common-web/files/etc/nginx/snippets/fastcgi-php.conf
@@ -11,4 +11,3 @@ fastcgi_param PATH_INFO $path_info;
 
 fastcgi_index index.php;
 include       snippets/fastcgi.conf;
-fastcgi_pass  unix:/run/php/php7.3-fpm.sock;
-- 
cgit v1.2.3