blob: c9ca9652162506ad789d860255c4cde18f72b8a3 (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
|
server {
listen 443 ssl http2;
server_name cloud.example.com;
ssl_certificate ssl/cloud.example.com.crt;
ssl_certificate_key ssl/cloud.example.com.key;
root /usr/share/webapps/nextcloud;
client_max_body_size 1G;
add_header Strict-Transport-Security max-age=15768000;
add_header X-Robots-Tag "none";
add_header X-Content-Type-Options "nosniff";
add_header X-XSS-Protection "1; mode=block";
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
rewrite ^/.well-known/carddav $scheme://$host/remote.php/dav/ permanent;
rewrite ^/.well-known/caldav $scheme://$host/remote.php/dav/ permanent;
# The following 2 rules are only needed with webfinger
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ \.php(?:$|/) {
include uwsgi_params;
uwsgi_modifier1 14;
uwsgi_pass unix:///run/nextcloud.sock;
}
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
index index.php;
location / {
try_files $uri $uri/ /index.php;
}
}
|