From 94087e89d51dae733994c9b2495410566a0fd1bb Mon Sep 17 00:00:00 2001 From: Jimmy Monin Date: Thu, 7 Feb 2019 21:38:17 +0100 Subject: [PATCH 1/2] Upgrade to upstream version 15.0.4 --- README.md | 2 +- manifest.json | 2 +- scripts/upgrade.d/upgrade.last.sh | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 146d35d..865fc0c 100644 --- a/README.md +++ b/README.md @@ -5,7 +5,7 @@ Nextcloud for YunoHost own data. A personal cloud which run on your own server. With Nextcloud you can synchronize your files over your devices. -**Shipped version:** 15.0.2 +**Shipped version:** 15.0.4 [![Install Nextcloud with YunoHost](https://install-app.yunohost.org/install-with-yunohost.png)](https://install-app.yunohost.org/?app=nextcloud) ![](https://raw.githubusercontent.com/nextcloud/screenshots/master/files/Files%20Overview.png) diff --git a/manifest.json b/manifest.json index 568d011..43bf976 100644 --- a/manifest.json +++ b/manifest.json @@ -6,7 +6,7 @@ "en": "Access & share your files, calendars, contacts, mail & more from any device, on your terms", "fr": "Consultez et partagez vos fichiers, agendas, carnets d'adresses, emails et bien plus depuis les appareils de votre choix, sous vos conditions" }, - "version": "15.0.2~ynh1", + "version": "15.0.4~ynh1", "url": "https://nextcloud.com", "license": "AGPL-3.0", "maintainer": { diff --git a/scripts/upgrade.d/upgrade.last.sh b/scripts/upgrade.d/upgrade.last.sh index 1a77d52..80d65dd 100755 --- a/scripts/upgrade.d/upgrade.last.sh +++ b/scripts/upgrade.d/upgrade.last.sh @@ -1,10 +1,10 @@ #!/bin/bash # Last available nextcloud version -next_version="15.0.2" +next_version="15.0.4" # Nextcloud tarball checksum sha256 -nextcloud_source_sha256="c1f4cc33e39994ddbe6777370b62c30b7ae52136a0530c0b9922770803ca0fea" +nextcloud_source_sha256="f87db047c174f563e391a22c959d9ace767ca14ef0f97fc394f3061fc63d8f77" # This function will only be executed upon applying the last upgrade referenced above last_upgrade_operations () { From c3480daae60f402982754c152c4e663616d977a6 Mon Sep 17 00:00:00 2001 From: Jimmy Monin Date: Thu, 7 Feb 2019 21:41:32 +0100 Subject: [PATCH 2/2] Adapt nginx configuration to avoid double headers due to core change (https://github.com/YunoHost/yunohost/commit/8cb029a55e471e1ece3a8a2d7bba00975a6f2d17) --- conf/nginx.conf | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/conf/nginx.conf b/conf/nginx.conf index 1691095..2e085c9 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -13,23 +13,23 @@ location ^~ __PATH__ { } # Add headers to serve security related headers - add_header Strict-Transport-Security "max-age=15768000;"; - add_header X-Content-Type-Options nosniff; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - add_header Referrer-Policy no-referrer; + more_set_headers "Strict-Transport-Security: max-age=15768000"; + more_set_headers "X-Content-Type-Options: nosniff"; + more_set_headers "X-XSS-Protection: 1; mode=block"; + more_set_headers "X-Robots-Tag: none"; + more_set_headers "X-Download-Options: noopen"; + more_set_headers "X-Permitted-Cross-Domain-Policies: none"; + more_set_headers "Referrer-Policy: no-referrer"; # Set max upload size client_max_body_size 10G; fastcgi_buffers 64 4K; - + # Extend timeouts client_body_timeout 60m; proxy_read_timeout 60m; fastcgi_read_timeout 60m; - + # Disable gzip to avoid the removal of the ETag header gzip off; @@ -78,15 +78,15 @@ location ^~ __PATH__ { # Adding the cache control header for js and css files location ~* \.(?:css|js)$ { - add_header Cache-Control "public, max-age=7200"; + more_set_headers "Cache-Control: public, max-age=7200"; # Add headers to serve security related headers - add_header Strict-Transport-Security "max-age=15768000;"; - add_header X-Content-Type-Options nosniff; - add_header X-XSS-Protection "1; mode=block"; - add_header X-Robots-Tag none; - add_header X-Download-Options noopen; - add_header X-Permitted-Cross-Domain-Policies none; - add_header Referrer-Policy no-referrer; + more_set_headers "Strict-Transport-Security: max-age=15768000"; + more_set_headers "X-Content-Type-Options: nosniff"; + more_set_headers "X-XSS-Protection: 1; mode=block"; + more_set_headers "X-Robots-Tag: none"; + more_set_headers "X-Download-Options: noopen"; + more_set_headers "X-Permitted-Cross-Domain-Policies: none"; + more_set_headers "Referrer-Policy: no-referrer"; # Optional: Don't log access to assets access_log off;