mirror of
https://github.com/YunoHost-Apps/nextcloud_ynh.git
synced 2024-09-03 19:55:57 +02:00
Update nginx.conf
This commit is contained in:
Éric Gaspar
parent
8558d812d5
commit
2699202daf
1 changed files with 16 additions and 12 deletions
|
|
@ -1,4 +1,10 @@
|
||||||
location ^~ /.well-known {
|
location = /robots.txt {
|
||||||
|
allow all;
|
||||||
|
log_not_found off;
|
||||||
|
access_log off;
|
||||||
|
}
|
||||||
|
|
||||||
|
location ^~ /.well-known {
|
||||||
# The following 6 rules are borrowed from `.htaccess`
|
# The following 6 rules are borrowed from `.htaccess`
|
||||||
|
|
||||||
# The following 2 rules are only needed for the user_webfinger app.
|
# The following 2 rules are only needed for the user_webfinger app.
|
||||||
|
|
@ -23,7 +29,7 @@ location ^~ __PATH__/ {
|
||||||
# Path to source
|
# Path to source
|
||||||
alias __INSTALL_DIR__/;
|
alias __INSTALL_DIR__/;
|
||||||
|
|
||||||
# Set max upload size
|
# set max upload size and increase upload timeout:
|
||||||
client_max_body_size 10G;
|
client_max_body_size 10G;
|
||||||
client_body_timeout 300s;
|
client_body_timeout 300s;
|
||||||
fastcgi_buffers 64 4K;
|
fastcgi_buffers 64 4K;
|
||||||
|
|
@ -45,7 +51,7 @@ location ^~ __PATH__/ {
|
||||||
# for tunning hints
|
# for tunning hints
|
||||||
client_body_buffer_size 512k;
|
client_body_buffer_size 512k;
|
||||||
|
|
||||||
# Add headers to serve security related headers
|
# HTTP response headers borrowed from Nextcloud `.htaccess`
|
||||||
more_set_headers "Strict-Transport-Security: max-age=15768000; includeSubDomains; preload;";
|
more_set_headers "Strict-Transport-Security: max-age=15768000; includeSubDomains; preload;";
|
||||||
more_set_headers "Referrer-Policy: no-referrer";
|
more_set_headers "Referrer-Policy: no-referrer";
|
||||||
more_set_headers "X-Content-Type-Options: nosniff";
|
more_set_headers "X-Content-Type-Options: nosniff";
|
||||||
|
|
@ -77,12 +83,6 @@ location ^~ __PATH__/ {
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
location = __PATH__/robots.txt {
|
|
||||||
allow all;
|
|
||||||
log_not_found off;
|
|
||||||
access_log off;
|
|
||||||
}
|
|
||||||
|
|
||||||
# Rules borrowed from `.htaccess` to hide certain paths from clients
|
# Rules borrowed from `.htaccess` to hide certain paths from clients
|
||||||
location ~ ^__PATH__/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
|
location ~ ^__PATH__/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
|
||||||
location ~ ^__PATH__/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
|
location ~ ^__PATH__/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; }
|
||||||
|
|
@ -93,8 +93,6 @@ location ^~ __PATH__/ {
|
||||||
# `/nextcloud/index.php` to the URI, resulting in a HTTP 500 error response.
|
# `/nextcloud/index.php` to the URI, resulting in a HTTP 500 error response.
|
||||||
location ~ \.php(?:$|/) {
|
location ~ \.php(?:$|/) {
|
||||||
# Required for legacy support
|
# Required for legacy support
|
||||||
# https://github.com/nextcloud/documentation/pull/2197#issuecomment-721432337
|
|
||||||
# This line fix the ldap admin page
|
|
||||||
rewrite ^__PATH__/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) __PATH__/index.php$request_uri;
|
rewrite ^__PATH__/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) __PATH__/index.php$request_uri;
|
||||||
|
|
||||||
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
|
||||||
|
|
@ -111,6 +109,7 @@ location ^~ __PATH__/ {
|
||||||
fastcgi_param front_controller_active true; # Enable pretty urls
|
fastcgi_param front_controller_active true; # Enable pretty urls
|
||||||
fastcgi_param HTTP_ACCEPT_ENCODING ""; # Disable encoding of nextcloud response to inject ynh scripts
|
fastcgi_param HTTP_ACCEPT_ENCODING ""; # Disable encoding of nextcloud response to inject ynh scripts
|
||||||
fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
|
fastcgi_pass unix:/var/run/php/php__PHPVERSION__-fpm-__NAME__.sock;
|
||||||
|
|
||||||
fastcgi_intercept_errors on;
|
fastcgi_intercept_errors on;
|
||||||
fastcgi_request_buffering off;
|
fastcgi_request_buffering off;
|
||||||
|
|
||||||
|
|
@ -130,7 +129,7 @@ location ^~ __PATH__/ {
|
||||||
|
|
||||||
location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map)$ {
|
location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map)$ {
|
||||||
try_files $uri / __PATH__/index.php$request_uri;
|
try_files $uri / __PATH__/index.php$request_uri;
|
||||||
expires 6M; # Cache-Control policy borrowed from `.htaccess`
|
more_set_headers "Cache-Control: public, max-age=15778463, $asset_immutable";
|
||||||
access_log off; # Optional: Don't log access to assets
|
access_log off; # Optional: Don't log access to assets
|
||||||
|
|
||||||
location ~ \.wasm$ {
|
location ~ \.wasm$ {
|
||||||
|
|
@ -144,6 +143,11 @@ location ^~ __PATH__/ {
|
||||||
access_log off; # Optional: Don't log access to assets
|
access_log off; # Optional: Don't log access to assets
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Rule borrowed from `.htaccess`
|
||||||
|
location __PATH__/remote {
|
||||||
|
return 301 __PATH__/remote.php$request_uri;
|
||||||
|
}
|
||||||
|
|
||||||
location ~ / {
|
location ~ / {
|
||||||
if ($request_method ~ ^(PUT|DELETE|PATCH)$) {
|
if ($request_method ~ ^(PUT|DELETE|PATCH)$) {
|
||||||
rewrite ^ __PATH__/index.php$request_uri last;
|
rewrite ^ __PATH__/index.php$request_uri last;
|
||||||
|
|
|
||||||
Loading…
Add table
Reference in a new issue