mirror of
https://github.com/YunoHost-Apps/nextcloud_ynh.git
synced 2024-09-03 19:55:57 +02:00
bc1fe2ff26
The rich workspace dialouge loads by default in every folder. When user deletes README.md file, Nextcloud responds with 404 http code to inform the UI scipts to not render the rich workspace. Overwriting the response with custom 404 status page creates "spinning wheel" UI bug in every folder without README.md file in it. Fixes #318
150 lines
4.8 KiB
Nginx Configuration File
150 lines
4.8 KiB
Nginx Configuration File
location = /.well-known/carddav {
|
|
return 301 https://$server_name__PATH__/remote.php/dav;
|
|
}
|
|
location = /.well-known/caldav {
|
|
return 301 https://$server_name__PATH__/remote.php/dav;
|
|
}
|
|
|
|
# The following 2 rules are only needed for the user_webfinger app.
|
|
# Uncomment it if you're planning to use this app.
|
|
#location = /.well-known/host-meta {
|
|
# return 301 $scheme://$host:$server_port__PATH__/public.php?service=host-meta;
|
|
#}
|
|
#location = /.well-known/host-meta.json {
|
|
# return 301 $scheme://$host:$server_port__PATH__/public.php?service=host-meta-json;
|
|
#}
|
|
|
|
# The following 2 rules are only needed for the Social app.
|
|
# Uncomment it if you're planning to use this app.
|
|
#location = /.well-known/webfinger {
|
|
# return 301 $scheme://$host:$server_port__PATH__/public.php?service=webfinger;
|
|
#}
|
|
#location = /.well-known/nodeinfo {
|
|
# return 301 $scheme://$host:$server_port__PATH__/public.php?service=nodeinfo;
|
|
#}
|
|
|
|
#sub_path_only rewrite ^__PATH__$ __PATH__/ permanent;
|
|
location ^~ __PATH__/ {
|
|
|
|
# Path to source
|
|
alias __FINALPATH__/;
|
|
|
|
# Force usage of https
|
|
if ($scheme = http) {
|
|
rewrite ^ https://$server_name$request_uri? permanent;
|
|
}
|
|
|
|
# Add headers to serve security related headers
|
|
more_set_headers "Strict-Transport-Security: max-age=15768000; includeSubDomains; preload;";
|
|
more_set_headers "X-Content-Type-Options: nosniff";
|
|
more_set_headers "X-XSS-Protection: 1; mode=block";
|
|
more_set_headers "X-Robots-Tag: none";
|
|
more_set_headers "X-Download-Options: noopen";
|
|
more_set_headers "X-Permitted-Cross-Domain-Policies: none";
|
|
more_set_headers "Referrer-Policy: no-referrer";
|
|
|
|
# Set max upload size
|
|
client_max_body_size 10G;
|
|
fastcgi_buffers 64 4K;
|
|
|
|
# Extend timeouts
|
|
client_body_timeout 60m;
|
|
proxy_read_timeout 60m;
|
|
fastcgi_read_timeout 60m;
|
|
|
|
# Disable gzip to avoid the removal of the ETag header
|
|
gzip off;
|
|
|
|
# Errors pages
|
|
error_page 403 __PATH__/core/templates/403.php;
|
|
# Don't set custom 404 error page, as nextcloud uses 404 codes with meaningful payload.
|
|
# Setting custom 404 page clears the payload and creates UI bugs
|
|
# error_page 404 __PATH__/core/templates/404.php;
|
|
|
|
location __PATH__/ {
|
|
rewrite ^ __PATH__/index.php;
|
|
}
|
|
|
|
location = __PATH__/robots.txt {
|
|
allow all;
|
|
log_not_found off;
|
|
access_log off;
|
|
}
|
|
|
|
location ~ ^__PATH__/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
|
|
deny all;
|
|
}
|
|
location ~ ^__PATH__/(?:\.|autotest|occ|issue|indie|db_|console) {
|
|
deny all;
|
|
}
|
|
|
|
location ~ ^__PATH__/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy)\.php(?:$|\/) {
|
|
fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
|
|
set $path_info $fastcgi_path_info;
|
|
try_files $fastcgi_script_name =404;
|
|
include fastcgi_params;
|
|
|
|
fastcgi_param SCRIPT_FILENAME $request_filename;
|
|
fastcgi_param PATH_INFO $path_info;
|
|
fastcgi_param HTTPS on;
|
|
# Avoid sending the security headers twice
|
|
fastcgi_param modHeadersAvailable true;
|
|
# Enable pretty urls
|
|
fastcgi_param front_controller_active true;
|
|
fastcgi_pass unix:/var/run/php/php__YNH_PHP_VERSION__-fpm-__NAME__.sock;
|
|
fastcgi_intercept_errors on;
|
|
fastcgi_request_buffering off;
|
|
}
|
|
|
|
location ~ ^__PATH__/(?:updater|oc[ms]-provider)(?:$|\/) {
|
|
try_files $uri/ =404;
|
|
index index.php;
|
|
}
|
|
|
|
location = __PATH__/core/js/oc.js {
|
|
rewrite ^ __PATH__/index.php$request_uri;
|
|
}
|
|
|
|
location = __PATH__/core/preview.png {
|
|
rewrite ^ __PATH__/index.php$request_uri;
|
|
}
|
|
|
|
location ~* ^__PATH__/(?:css|js)/ {
|
|
rewrite ^ __PATH__/index.php$request_uri;
|
|
}
|
|
|
|
location ~* ^__PATH__/apps/theming/img/core/filetypes/ {
|
|
rewrite ^ __PATH__/index.php$request_uri;
|
|
}
|
|
|
|
location ~* ^__PATH__/apps/documentserver_community/ {
|
|
rewrite ^ __PATH__/index.php$request_uri;
|
|
}
|
|
|
|
# Adding the cache control header for js, css and map files
|
|
location ~ ^__PATH__/.+[^\/]\.(?:css|js|woff2?|svg|gif|map)$ {
|
|
try_files $uri __PATH__/index.php$request_uri;
|
|
more_set_headers "Cache-Control: public, max-age=15778463";
|
|
# Add headers to serve security related headers
|
|
more_set_headers "Strict-Transport-Security: max-age=15768000";
|
|
more_set_headers "X-Content-Type-Options: nosniff";
|
|
more_set_headers "X-XSS-Protection: 1; mode=block";
|
|
more_set_headers "X-Robots-Tag: none";
|
|
more_set_headers "X-Download-Options: noopen";
|
|
more_set_headers "X-Permitted-Cross-Domain-Policies: none";
|
|
more_set_headers "X-Frame-Options: SAMEORIGIN";
|
|
more_set_headers "Referrer-Policy: no-referrer";
|
|
|
|
# Optional: Don't log access to assets
|
|
access_log off;
|
|
}
|
|
|
|
location ~ ^__PATH__/.+[^\/]\.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ {
|
|
try_files $uri __PATH__/index.php$request_uri;
|
|
# Optional: Don't log access to other assets
|
|
access_log off;
|
|
}
|
|
|
|
# show YunoHost panel access
|
|
include conf.d/yunohost_panel.conf.inc;
|
|
}
|