YunoHost-Apps/nextcloud_ynh
1
0
Fork 0
mirror of https://github.com/YunoHost-Apps/nextcloud_ynh.git synced 2024-09-03 19:55:57 +02:00
Code Issues Activity Actions

Update nginx configuration to latest Nextcloud recommendations

Browse source
This commit is contained in:
Jimmy Monin 2019-03-02 12:18:33 +01:00
parent 445e8d2a69
commit 3dd34327ca
1 changed files with 8 additions and 7 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

15
conf/nginx.conf
View file

@ -13,7 +13,7 @@ location ^~ __PATH__ {
} }
# Add headers to serve security related headers # Add headers to serve security related headers
more_set_headers "Strict-Transport-Security: max-age=15768000"; more_set_headers "Strict-Transport-Security: max-age=15768000; includeSubDomains; preload;";
more_set_headers "X-Content-Type-Options: nosniff"; more_set_headers "X-Content-Type-Options: nosniff";
more_set_headers "X-XSS-Protection: 1; mode=block"; more_set_headers "X-XSS-Protection: 1; mode=block";
more_set_headers "X-Robots-Tag: none"; more_set_headers "X-Robots-Tag: none";
@ -59,9 +59,9 @@ location ^~ __PATH__ {
deny all; deny all;
} }
location ~ ^__PATH__/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) { location ~ ^__PATH__/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|ocm-provider/.+)\.php(/.*|)$ {
include fastcgi_params; include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.+)$; fastcgi_split_path_info ^(.+\.php)(/.*|)$;
fastcgi_param SCRIPT_FILENAME $request_filename; fastcgi_param SCRIPT_FILENAME $request_filename;
fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on; fastcgi_param HTTPS on;
@ -71,14 +71,15 @@ location ^~ __PATH__ {
fastcgi_intercept_errors on; fastcgi_intercept_errors on;
} }
location ~ ^__PATH__/(?:updater|ocs-provider)(?:$|/) { location ~ ^__PATH__/(?:updater|ocs-provider|ocm-provider)(?:$|/) {
try_files $uri/ =404; try_files $uri/ =404;
index index.php; index index.php;
} }
# Adding the cache control header for js and css files # Adding the cache control header for js and css files
location ~* \.(?:css|js)$ { location ~ ^__PATH__/.+[^/]\.(?:css|js|woff2?|svg|gif)$ {
more_set_headers "Cache-Control: public, max-age=7200"; try_files $uri __PATH__/index.php$request_uri;
more_set_headers "Cache-Control: public, max-age=15778463";
# Add headers to serve security related headers # Add headers to serve security related headers
more_set_headers "Strict-Transport-Security: max-age=15768000"; more_set_headers "Strict-Transport-Security: max-age=15768000";
more_set_headers "X-Content-Type-Options: nosniff"; more_set_headers "X-Content-Type-Options: nosniff";
@ -92,7 +93,7 @@ location ^~ __PATH__ {
access_log off; access_log off;
} }
location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ { location ~* \.(?:png|html|ttf|ico|jpg|jpeg)$ {
# Optional: Don't log access to other assets # Optional: Don't log access to other assets
access_log off; access_log off;
} }