forked from exozyme/nginx
Update NC config
This commit is contained in:
parent
42d6a4d658
commit
47c305c77a
1 changed files with 19 additions and 13 deletions
|
@ -1,6 +1,4 @@
|
||||||
upstream php-handler {
|
upstream php-handler {
|
||||||
#server 127.0.0.1:9000;
|
|
||||||
#server unix:/var/run/php/php7.4-fpm.sock;
|
|
||||||
server unix:/run/nextcloud/nextcloud.sock;
|
server unix:/run/nextcloud/nextcloud.sock;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -29,10 +27,10 @@ server {
|
||||||
# will add the domain to a hardcoded list that is shipped
|
# will add the domain to a hardcoded list that is shipped
|
||||||
# in all major browsers and getting removed from this list
|
# in all major browsers and getting removed from this list
|
||||||
# could take several months.
|
# could take several months.
|
||||||
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains;" always;
|
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
|
||||||
|
|
||||||
# set max upload size
|
# set max upload size
|
||||||
client_max_body_size 1G;
|
client_max_body_size 512M;
|
||||||
fastcgi_buffers 64 4K;
|
fastcgi_buffers 64 4K;
|
||||||
|
|
||||||
# Enable gzip but do not remove ETag headers
|
# Enable gzip but do not remove ETag headers
|
||||||
|
@ -87,15 +85,13 @@ server {
|
||||||
access_log off;
|
access_log off;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Uncomment this line to enable webfinger (used by ActivityPub)
|
|
||||||
# rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
|
|
||||||
|
|
||||||
# Make a regex exception for `/.well-known` so that clients can still
|
# Make a regex exception for `/.well-known` so that clients can still
|
||||||
# access it despite the existence of the regex rule
|
# access it despite the existence of the regex rule
|
||||||
# `location ~ /(\.|autotest|...)` which would otherwise handle requests
|
# `location ~ /(\.|autotest|...)` which would otherwise handle requests
|
||||||
# for `/.well-known`.
|
# for `/.well-known`.
|
||||||
location ^~ /.well-known {
|
location ^~ /.well-known {
|
||||||
# The following 6 rules are borrowed from `.htaccess`
|
# The rules in this block are an adaptation of the rules
|
||||||
|
# in `.htaccess` that concern `/.well-known`.
|
||||||
|
|
||||||
location = /.well-known/carddav {
|
location = /.well-known/carddav {
|
||||||
return 301 /remote.php/dav/;
|
return 301 /remote.php/dav/;
|
||||||
|
@ -103,12 +99,17 @@ server {
|
||||||
location = /.well-known/caldav {
|
location = /.well-known/caldav {
|
||||||
return 301 /remote.php/dav/;
|
return 301 /remote.php/dav/;
|
||||||
}
|
}
|
||||||
# Anything else is dynamically handled by Nextcloud
|
|
||||||
location ^~ /.well-known {
|
location /.well-known/acme-challenge {
|
||||||
return 301 /index.php$uri;
|
try_files $uri $uri/ =404;
|
||||||
|
}
|
||||||
|
location /.well-known/pki-validation {
|
||||||
|
try_files $uri $uri/ =404;
|
||||||
}
|
}
|
||||||
|
|
||||||
try_files $uri $uri/ =404;
|
# Let Nextcloud's API for `/.well-known` URIs handle all other
|
||||||
|
# requests by passing them to the front-end controller.
|
||||||
|
return 301 /index.php$request_uri;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Rules borrowed from `.htaccess` to hide certain paths from clients
|
# Rules borrowed from `.htaccess` to hide certain paths from clients
|
||||||
|
@ -142,7 +143,7 @@ server {
|
||||||
fastcgi_request_buffering off;
|
fastcgi_request_buffering off;
|
||||||
}
|
}
|
||||||
|
|
||||||
location ~ \.(?:css|js|svg|gif)$ {
|
location ~ \.(?:css|js|svg|gif|png|jpg|ico)$ {
|
||||||
try_files $uri /index.php$request_uri;
|
try_files $uri /index.php$request_uri;
|
||||||
expires 6M; # Cache-Control policy borrowed from `.htaccess`
|
expires 6M; # Cache-Control policy borrowed from `.htaccess`
|
||||||
access_log off; # Optional: Don't log access to assets
|
access_log off; # Optional: Don't log access to assets
|
||||||
|
@ -154,6 +155,11 @@ server {
|
||||||
access_log off; # Optional: Don't log access to assets
|
access_log off; # Optional: Don't log access to assets
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Rule borrowed from `.htaccess`
|
||||||
|
location /remote {
|
||||||
|
return 301 /remote.php$request_uri;
|
||||||
|
}
|
||||||
|
|
||||||
location / {
|
location / {
|
||||||
try_files $uri $uri/ /index.php$request_uri;
|
try_files $uri $uri/ /index.php$request_uri;
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue