1st commit - refined 2019 cfg + AI made README (I despise writing docs so it was either letting AI write README or having none, sorry)
This commit is contained in:
corrado.mulas
146
nginx/sites-available/drive.mulas.me
Normal file
146
nginx/sites-available/drive.mulas.me
Normal file
@@ -0,0 +1,146 @@
|
||||
# This is an NGINX configuration file written and used by me in order to serve my Nextcloud instance at drive.net.mulas.me.
|
||||
#
|
||||
# (c) Corrado Mulas <tlc@mulas.me>
|
||||
#
|
||||
# For the full copyright and license information, please view the LICENSE
|
||||
# file that was distributed with this source code.
|
||||
|
||||
upstream php-handler {
|
||||
server unix:/var/run/php/php8.5-fpm.sock;
|
||||
}
|
||||
|
||||
server {
|
||||
listen 80;
|
||||
|
||||
server_name drive.net.mulas.me;
|
||||
include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;
|
||||
|
||||
rewrite ^ https://drive.net.mulas.me$request_uri? permanent;
|
||||
}
|
||||
|
||||
server {
|
||||
server_name drive.net.mulas.me;
|
||||
listen 443 ssl http2;
|
||||
|
||||
include /etc/nginx/snippets/letsencrypt-acme-challenge.conf;
|
||||
|
||||
ssl_certificate /etc/letsencrypt/live/drive.net.mulas.me/fullchain.pem;
|
||||
ssl_certificate_key /etc/letsencrypt/live/drive.net.mulas.me/privkey.pem;
|
||||
ssl_stapling on;
|
||||
|
||||
root /ssda1/www/drive.net.mulas.me/;
|
||||
|
||||
location = / {
|
||||
if ($http_user_agent ~ ^DavClnt) {
|
||||
return 302 /remote.php/webdav/$is_args$args;
|
||||
}
|
||||
}
|
||||
|
||||
location = /robots.txt {
|
||||
allow all;
|
||||
log_not_found off;
|
||||
access_log off;
|
||||
}
|
||||
|
||||
location = /.well-known/carddav {
|
||||
return 301 $scheme://$host/remote.php/dav;
|
||||
}
|
||||
|
||||
|
||||
location = /.well-known/caldav {
|
||||
return 301 $scheme://$host/remote.php/dav;
|
||||
}
|
||||
|
||||
#SOCIAL app enabled? Please uncomment the following row
|
||||
rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
|
||||
|
||||
#WEBFINGER app enabled? Please uncomment the following two rows.
|
||||
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
|
||||
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
|
||||
client_max_body_size 50G;
|
||||
|
||||
location / {
|
||||
rewrite ^ /index.php;
|
||||
}
|
||||
|
||||
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
|
||||
return 404;
|
||||
}
|
||||
|
||||
location ^~ /apps/rainloop/app/data {
|
||||
deny all;
|
||||
}
|
||||
|
||||
# location ~ \.(?:flv|mp4|mov|m4a)$ {
|
||||
# mp4;
|
||||
# mp4_buffer_size 100M;
|
||||
# mp4_max_buffer_size 10240M;
|
||||
# fastcgi_split_path_info ^(.+?.php)(\/.*|)$;
|
||||
# set $path_info $fastcgi_path_info;
|
||||
# try_files $fastcgi_script_name =404;
|
||||
# include /etc/nginx/fcgi.d/fastcgi_params;
|
||||
# # include php_optimization.conf;
|
||||
# }
|
||||
|
||||
|
||||
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode(_arm64)?\/proxy)\.php(?:$|\/) {
|
||||
fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
|
||||
set $path_info $fastcgi_path_info;
|
||||
try_files $fastcgi_script_name =404;
|
||||
include /etc/nginx/fcgi.d/fastcgi_params;
|
||||
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
||||
fastcgi_param PATH_INFO $path_info;
|
||||
fastcgi_param HTTPS on;
|
||||
# Avoid sending the security headers twice
|
||||
fastcgi_param modHeadersAvailable true;
|
||||
# Enable pretty urls
|
||||
fastcgi_param front_controller_active true;
|
||||
fastcgi_pass php-handler;
|
||||
fastcgi_intercept_errors on;
|
||||
fastcgi_request_buffering off;
|
||||
fastcgi_max_temp_file_size 0;
|
||||
fastcgi_hide_header X-Powered-By;
|
||||
}
|
||||
|
||||
|
||||
# location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
|
||||
# fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
|
||||
# set $path_info $fastcgi_path_info;
|
||||
# try_files $fastcgi_script_name =404;
|
||||
# include /etc/nginx/fcgi.d/fastcgi_params;
|
||||
# include php_optimization.conf;
|
||||
#
|
||||
# }
|
||||
|
||||
location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
|
||||
try_files $uri/ =404;
|
||||
index index.php;
|
||||
}
|
||||
|
||||
location ~ \.(?:css|js|svg|gif|map|png|html|ico|jpg|jpeg)$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
access_log off;
|
||||
expires 360d;
|
||||
}
|
||||
|
||||
location ~ \.(?:mjs|webp|wasm|tflite|ogg|flac|mp4|webm)$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
access_log off;
|
||||
expires 360d;
|
||||
}
|
||||
|
||||
location ~ \.(?:otf|ttf|woff2?)$ {
|
||||
try_files $uri /index.php$request_uri;
|
||||
access_log off;
|
||||
expires 7d;
|
||||
}
|
||||
|
||||
location /remote {
|
||||
return 301 /remote.php$request_uri;
|
||||
}
|
||||
|
||||
}
|
||||
Reference in New Issue
Block a user