x/nginx
1
0
Fork 0
forked from exozyme/nginx
Code Pull requests Activity

Update NC config

Browse source
This commit is contained in:
Anthony Wang 2021-08-02 10:05:18 -05:00
parent 42d6a4d658
commit 47c305c77a
Signed by untrusted user: a
GPG key ID: BC96B00AEC5F2D76
1 changed files with 19 additions and 13 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

32
nextcloud.conf
View file

@ -1,6 +1,4 @@
upstream php-handler { upstream php-handler {
#server 127.0.0.1:9000;
#server unix:/var/run/php/php7.4-fpm.sock;
server unix:/run/nextcloud/nextcloud.sock; server unix:/run/nextcloud/nextcloud.sock;
} }
@ -29,10 +27,10 @@ server {
# will add the domain to a hardcoded list that is shipped # will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list # in all major browsers and getting removed from this list
# could take several months. # could take several months.
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains;" always; #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
# set max upload size # set max upload size
client_max_body_size 1G; client_max_body_size 512M;
fastcgi_buffers 64 4K; fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers # Enable gzip but do not remove ETag headers
@ -87,15 +85,13 @@ server {
access_log off; access_log off;
} }
# Uncomment this line to enable webfinger (used by ActivityPub)
# rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
# Make a regex exception for `/.well-known` so that clients can still # Make a regex exception for `/.well-known` so that clients can still
# access it despite the existence of the regex rule # access it despite the existence of the regex rule
# `location ~ /(\.|autotest|...)` which would otherwise handle requests # `location ~ /(\.|autotest|...)` which would otherwise handle requests
# for `/.well-known`. # for `/.well-known`.
location ^~ /.well-known { location ^~ /.well-known {
# The following 6 rules are borrowed from `.htaccess` # The rules in this block are an adaptation of the rules
# in `.htaccess` that concern `/.well-known`.
location = /.well-known/carddav { location = /.well-known/carddav {
return 301 /remote.php/dav/; return 301 /remote.php/dav/;
@ -103,12 +99,17 @@ server {
location = /.well-known/caldav { location = /.well-known/caldav {
return 301 /remote.php/dav/; return 301 /remote.php/dav/;
} }
# Anything else is dynamically handled by Nextcloud
location ^~ /.well-known { location /.well-known/acme-challenge {
return 301 /index.php$uri; try_files $uri $uri/ =404;
}
location /.well-known/pki-validation {
try_files $uri $uri/ =404;
} }
try_files $uri $uri/ =404; # Let Nextcloud's API for `/.well-known` URIs handle all other
# requests by passing them to the front-end controller.
return 301 /index.php$request_uri;
} }
# Rules borrowed from `.htaccess` to hide certain paths from clients # Rules borrowed from `.htaccess` to hide certain paths from clients
@ -142,7 +143,7 @@ server {
fastcgi_request_buffering off; fastcgi_request_buffering off;
} }
location ~ \.(?:css|js|svg|gif)$ { location ~ \.(?:css|js|svg|gif|png|jpg|ico)$ {
try_files $uri /index.php$request_uri; try_files $uri /index.php$request_uri;
expires 6M; # Cache-Control policy borrowed from `.htaccess` expires 6M; # Cache-Control policy borrowed from `.htaccess`
access_log off; # Optional: Don't log access to assets access_log off; # Optional: Don't log access to assets
@ -154,6 +155,11 @@ server {
access_log off; # Optional: Don't log access to assets access_log off; # Optional: Don't log access to assets
} }
# Rule borrowed from `.htaccess`
location /remote {
return 301 /remote.php$request_uri;
}
location / { location / {
try_files $uri $uri/ /index.php$request_uri; try_files $uri $uri/ /index.php$request_uri;
} }