section/generalconfig at 2614181c41676b6723c968982dbd139fd5d75d40 ・ Gitprep

generalconfig / etc / nginx / sites-available / nextcloud /

Newer ■ ■ ■ ■ ■ ■ ■ ■ ■ ■ Older

126 lines | 3.483kb

ajout version récente conf n... e98091e Sébastien authored on 2023-04-24	1	server {
	2	listen 80;
	3	server_name cloud.paris12.pcf.fr;
	4
	5	location ~ /\.well-known/acme-challenge {
	6	allow all;
	7	default_type "text/plain";
	8	root /var/www/nextcloud;
	9	}
	10
	11	location / {
	12	return 301 https://$host$request_uri;
	13	}
	14	}
	15
	16	server {
	17	listen 443 ssl;
	18	server_name cloud.paris12.pcf.fr;
	19
	20	add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always;
	21
	22	root /var/www/nextcloud/;
	23
	24	access_log off;
	25	error_log /var/log/nginx/cloud/error.log;
	26
	27	client_max_body_size 10G;
	28	fastcgi_buffers 64 4K;
	29
	30	proxy_connect_timeout 1800;
	31	proxy_send_timeout 1800;
	32	proxy_read_timeout 1800;
	33	send_timeout 1800;
	34
	35	rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
	36	rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
	37	rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
	38
	39	index index.php;
	40	error_page 403 /core/templates/403.php;
	41	error_page 404 /core/templates/404.php;
	42
	43	ssl_certificate /etc/letsencrypt/live/cloud.paris12.pcf.fr/fullchain.pem;
	44	ssl_certificate_key /etc/letsencrypt/live/cloud.paris12.pcf.fr/privkey.pem;
	45
	46	location = /robots.txt {
	47	deny all;
	48	log_not_found off;
	49	access_log off;
	50	}
	51
	52	location ~ ^/(?:\.htaccess\|data\|config\|db_structure\.xml\|README){
	53	deny all;
	54	}
	55
	56	location / {
	57	# The following 2 rules are only needed with webfinger
	58	rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
	59	rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
	60
	61	rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
	62	rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
	63
	64	rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
	65
	66	try_files $uri $uri/ /index.php;
	67	}
	68
	69	location ~ \.php(?:$\|/) {
	70	fastcgi_split_path_info ^(.+\.php)(/.+)$;
	71	include fastcgi_params;
	72	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	73	fastcgi_param PATH_INFO $fastcgi_path_info;
	74	fastcgi_param HTTPS on;
	75	fastcgi_pass php-handler-cloud;
	76	fastcgi_read_timeout 1800;
	77	}
	78
	79	location ^~ /adminprinter {
	80	auth_basic "Halte ! Qui va la ?";
	81	auth_basic_user_file /etc/nginx/htpasswd;
	82	proxy_pass https://192.168.1.54/;
	83	proxy_http_version 1.1;
	84	proxy_set_header Upgrade $http_upgrade;
	85	proxy_set_header Connection 'upgrade';
	86	proxy_set_header Host $host;
	87	proxy_cache_bypass $http_upgrade;
	88	}
	89
	90	location ^~ /adminbdd {
	91	root /var/www/;
	92	auth_basic "Halte ! Qui va la ?";
	93	auth_basic_user_file /etc/nginx/htpasswd;
	94	location ~ \.php {
	95	fastcgi_split_path_info ^(.+\.php)(/.+)$;
	96	include fastcgi_params;
	97	fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
	98	fastcgi_param PATH_INFO $fastcgi_path_info;
	99	fastcgi_param HTTPS on;
	100	fastcgi_pass php-handler-cloud;
	101	}
	102	}
	103
	104	# set long EXPIRES header on static assets
	105	location ~* \.(?:jpg\|jpeg\|gif\|bmp\|ico\|png\|css\|js\|swf)$ {
	106	expires 30d;
	107	access_log off;
	108	}
	109
	110	location ^~ /cartes-elections {
	111	proxy_pass http://127.0.0.1:8080;
	112	proxy_http_version 1.1;
	113	proxy_set_header Upgrade $http_upgrade;
	114	proxy_set_header Connection 'upgrade';
	115	proxy_set_header Host $host;
	116	proxy_cache_bypass $http_upgrade;
	117	}
	118
	119	location ^~ /images/ {
	120	alias /var/www/images/;
	121	}
	122
	123	location ^~ /petitions/logements-etudiants-jc {
	124	rewrite ^/petitions/logements-etudiants-jc /index.php/apps/forms/Pgoe5oGTpwAEFP6F permanent;
	125	}
	126	}