# This is an NGINX configuration file written and used by me in order to serve my Nextcloud instance at drive.net.mulas.me. # # (c) Corrado Mulas # # For the full copyright and license information, please view the LICENSE # file that was distributed with this source code. upstream php-handler { server unix:/var/run/php/php8.5-fpm.sock; } server { listen 80; server_name drive.net.mulas.me; include /etc/nginx/snippets/letsencrypt-acme-challenge.conf; rewrite ^ https://drive.net.mulas.me$request_uri? permanent; } server { server_name drive.net.mulas.me; listen 443 ssl http2; include /etc/nginx/snippets/letsencrypt-acme-challenge.conf; ssl_certificate /etc/letsencrypt/live/drive.net.mulas.me/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/drive.net.mulas.me/privkey.pem; ssl_stapling on; root /ssda1/www/drive.net.mulas.me/; location = / { if ($http_user_agent ~ ^DavClnt) { return 302 /remote.php/webdav/$is_args$args; } } location = /robots.txt { allow all; log_not_found off; access_log off; } location = /.well-known/carddav { return 301 $scheme://$host/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host/remote.php/dav; } #SOCIAL app enabled? Please uncomment the following row rewrite ^/.well-known/webfinger /public.php?service=webfinger last; #WEBFINGER app enabled? Please uncomment the following two rows. rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; client_max_body_size 50G; location / { rewrite ^ /index.php; } location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; } location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; } location ^~ /apps/rainloop/app/data { deny all; } # location ~ \.(?:flv|mp4|mov|m4a)$ { # mp4; # mp4_buffer_size 100M; # mp4_max_buffer_size 10240M; # fastcgi_split_path_info ^(.+?.php)(\/.*|)$; # set $path_info $fastcgi_path_info; # try_files $fastcgi_script_name =404; # include /etc/nginx/fcgi.d/fastcgi_params; # # include php_optimization.conf; # } location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode(_arm64)?\/proxy)\.php(?:$|\/) { fastcgi_split_path_info ^(.+?\.php)(\/.*|)$; set $path_info $fastcgi_path_info; try_files $fastcgi_script_name =404; include /etc/nginx/fcgi.d/fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $path_info; fastcgi_param HTTPS on; # Avoid sending the security headers twice fastcgi_param modHeadersAvailable true; # Enable pretty urls fastcgi_param front_controller_active true; fastcgi_pass php-handler; fastcgi_intercept_errors on; fastcgi_request_buffering off; fastcgi_max_temp_file_size 0; fastcgi_hide_header X-Powered-By; } # location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) { # fastcgi_split_path_info ^(.+?\.php)(\/.*|)$; # set $path_info $fastcgi_path_info; # try_files $fastcgi_script_name =404; # include /etc/nginx/fcgi.d/fastcgi_params; # include php_optimization.conf; # # } location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) { try_files $uri/ =404; index index.php; } location ~ \.(?:css|js|svg|gif|map|png|html|ico|jpg|jpeg)$ { try_files $uri /index.php$request_uri; access_log off; expires 360d; } location ~ \.(?:mjs|webp|wasm|tflite|ogg|flac|mp4|webm)$ { try_files $uri /index.php$request_uri; access_log off; expires 360d; } location ~ \.(?:otf|ttf|woff2?)$ { try_files $uri /index.php$request_uri; access_log off; expires 7d; } location /remote { return 301 /remote.php$request_uri; } }