mirror of
https://github.com/hoellen/docker-nextcloud.git
synced 2025-04-20 04:29:34 +00:00
27170e4500
https://docs.nextcloud.com/server/15/admin_manual/installation/nginx.html, v14 and v13 has configuration examples for woff2 files. the overview in nextcloud 15 har started to complain about not delivering woff2 files correct. This commit fixes this issue.
79 lines
3.0 KiB
Nginx Configuration File
79 lines
3.0 KiB
Nginx Configuration File
server {
|
|
listen 8888;
|
|
root /nextcloud;
|
|
|
|
fastcgi_buffers 64 4K;
|
|
|
|
# https://docs.nextcloud.com/server/14/admin_manual/configuration_server/harden_server.html?highlight=security#enable-http-strict-transport-security
|
|
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload";
|
|
# https://docs.nextcloud.com/server/14/admin_manual/configuration_server/harden_server.html?highlight=security#serve-security-related-headers-by-the-web-server
|
|
add_header X-Content-Type-Options nosniff;
|
|
add_header X-XSS-Protection "1; mode=block";
|
|
add_header X-Robots-Tag none;
|
|
add_header X-Download-Options noopen;
|
|
add_header X-Permitted-Cross-Domain-Policies none;
|
|
add_header Referrer-Policy "no-referrer" always;
|
|
|
|
location = /robots.txt {
|
|
allow all;
|
|
log_not_found off;
|
|
access_log off;
|
|
}
|
|
|
|
location = /.well-known/carddav {
|
|
return 301 $scheme://$host/remote.php/dav;
|
|
}
|
|
|
|
location = /.well-known/caldav {
|
|
return 301 $scheme://$host/remote.php/dav;
|
|
}
|
|
|
|
location / {
|
|
rewrite ^ /index.php$uri;
|
|
}
|
|
|
|
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
|
|
deny all;
|
|
}
|
|
|
|
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
|
|
deny all;
|
|
}
|
|
|
|
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
|
|
include /nginx/conf/fastcgi_params;
|
|
fastcgi_split_path_info ^(.+\.php)(/.*)$;
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
fastcgi_param PATH_INFO $fastcgi_path_info;
|
|
fastcgi_param modHeadersAvailable true;
|
|
fastcgi_param front_controller_active true;
|
|
fastcgi_pass unix:/php/run/php-fpm.sock;
|
|
fastcgi_intercept_errors on;
|
|
fastcgi_request_buffering off;
|
|
fastcgi_read_timeout 1200;
|
|
}
|
|
|
|
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
|
|
try_files $uri/ =404;
|
|
index index.php;
|
|
}
|
|
|
|
location ~* \.(?:css|js|woff2?|svg|gif)$ {
|
|
try_files $uri /index.php$uri$is_args$args;
|
|
add_header Cache-Control "public, max-age=7200";
|
|
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
|
|
add_header X-Frame-Options "SAMEORIGIN";
|
|
add_header X-Content-Type-Options nosniff;
|
|
add_header X-XSS-Protection "1; mode=block";
|
|
add_header X-Robots-Tag none;
|
|
add_header X-Download-Options noopen;
|
|
add_header X-Permitted-Cross-Domain-Policies none;
|
|
access_log off;
|
|
}
|
|
|
|
location ~* \.(?:png|html|ttf|ico|jpg|jpeg)$ {
|
|
try_files $uri /index.php$uri$is_args$args;
|
|
access_log off;
|
|
}
|
|
}
|