diff --git a/nextcloud/rootfs/nginx/sites-enabled/nginx.conf b/nextcloud/rootfs/nginx/sites-enabled/nginx.conf
index d00377a..8620e93 100644
--- a/nextcloud/rootfs/nginx/sites-enabled/nginx.conf
+++ b/nextcloud/rootfs/nginx/sites-enabled/nginx.conf
@@ -4,14 +4,13 @@ server {
 
         fastcgi_buffers 64 4K;
 
-        add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload";
-        add_header X-Content-Type-Options nosniff;
-        add_header X-XSS-Protection "1; mode=block";
-        add_header X-Robots-Tag none;
-        add_header X-Download-Options noopen;
-        add_header X-Permitted-Cross-Domain-Policies none;
-        add_header Referrer-Policy no-referrer;
-
+        add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
+        add_header Referrer-Policy "no-referrer" always;
+        add_header X-Content-Type-Options "nosniff" always;
+        add_header X-Download-Options "noopen" always;
+        add_header X-Permitted-Cross-Domain-Policies "none" always;
+        add_header X-Robots-Tag "none" always;
+        add_header X-XSS-Protection "1; mode=block" always;
 
 
         location = /robots.txt {
@@ -63,20 +62,20 @@ server {
             index index.php;
         }
 
-        location ~ \.(?:css|js|woff2?|svg|gif)$ {
+        location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
             try_files $uri /index.php$request_uri;
             add_header Cache-Control "public, max-age=7200";
-            add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
-            add_header X-Content-Type-Options nosniff;
-            add_header X-XSS-Protection "1; mode=block";
-            add_header X-Robots-Tag none;
-            add_header X-Download-Options noopen;
-            add_header X-Permitted-Cross-Domain-Policies none;
-            add_header Referrer-Policy no-referrer;
+            add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
+            add_header Referrer-Policy "no-referrer" always;
+            add_header X-Content-Type-Options "nosniff" always;
+            add_header X-Download-Options "noopen" always;
+            add_header X-Permitted-Cross-Domain-Policies "none" always;
+            add_header X-Robots-Tag "none" always;
+            add_header X-XSS-Protection "1; mode=block" always;
             access_log off;
         }
 
-        location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
+        location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ {
             try_files $uri /index.php$request_uri;
             access_log off;
         }