View difference between Paste ID: <a href="/ejqHfrAs">ejqHfrAs</a> and <a href="/0G4qCUrC">0G4qCUrC</a>

server {
1		server {
2		listen 80;
3		server_name dom.herfort.eu;
4		return 301 https://$server_name$request_uri;
5		}
6		server {
7		listen 443 ssl http2;
8		server_name dom.herfort.eu;
9		root /var/www/nextcloud;
10
11		ssl on;
12		ssl_certificate /etc/letsencrypt/live/dom.herfort.eu/fullchain.pem;
13		ssl_certificate_key /etc/letsencrypt/live/dom.herfort.eu/privkey.pem;
14		ssl_session_timeout 5m;
15		ssl_ciphers 'AES128+EECDH:AES128+EDH:!aNULL';
16		ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
17		ssl_prefer_server_ciphers on;
18
19		add_header X-Content-Type-Options nosniff;
20		add_header X-Frame-Options "SAMEORIGIN";
21		add_header X-XSS-Protection "1; mode=block";
22		add_header X-Robots-Tag none;
23		add_header X-Download-Options noopen;
24		add_header X-Permitted-Cross-Domain-Policies none;
25
26		access_log /var/log/nginx/nextcloud.access.log;
27		error_log /var/log/nginx/nextcloud.error.log;
28
29		location = /robots.txt {
30		allow all;
31		log_not_found off;
32		access_log off;
33		}
34
35		location = /.well-known/carddav {
36		return 301 $scheme://$host/remote.php/dav;
37		}
38		location = /.well-known/caldav {
39		return 301 $scheme://$host/remote.php/dav;
40		}
41
42		client_max_body_size 512M;
43		fastcgi_buffers 64 4K;
44		gzip off;
45
46		error_page 403 /core/templates/403.php;
47		error_page 404 /core/templates/404.php;
48
49		location / {
50		rewrite ^ /index.php$uri;
51		}
52
53		location ~ ^/(?:build\|tests\|config\|lib\|3rdparty\|templates\|data)/ {
54		deny all;
55		}
56
57		location ~ ^/(?:\.\|autotest\|occ\|issue\|indie\|db_\|console) {
58		deny all;
59		}
60
61		location ~^/(?:index\|remote\|public\|cron\|core/ajax/update\|status\|ocs/v[12]\|updater/.+\|ocs-provider/.+\|core/templates/40[34])\.php(?:$\|/) {
62		include fastcgi_params;
63		fastcgi_split_path_info ^(.+\.php)(/.+)$;
64		fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
65		fastcgi_param PATH_INFO $fastcgi_path_info;
66		fastcgi_param HTTPS on;
67		#Avoid sending the security headers twice
68		fastcgi_param modHeadersAvailable true;
69		fastcgi_param front_controller_active true;
70		fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
71		fastcgi_intercept_errors on;
72		fastcgi_request_buffering off;
73		}
74
75		location ~ ^/(?:updater\|ocs-provider)(?:$\|/) {
76		try_files $uri/ =404;
77		index index.php;
78		}
79
80		location ~* \.(?:css\|js)$ {
81		try_files $uri /index.php$uri$is_args$args;
82		add_header Cache-Control "public, max-age=7200";
83		add_header X-Content-Type-Options nosniff;
84		add_header X-Frame-Options "SAMEORIGIN";
85		add_header X-XSS-Protection "1; mode=block";
86		add_header X-Robots-Tag none;
87		add_header X-Download-Options noopen;
88		add_header X-Permitted-Cross-Domain-Policies none;
89		# Optional: Don't log access to assets
90		access_log off;
91		}
92
93		location ~* \.(?:svg\|gif\|png\|html\|ttf\|woff\|ico\|jpg\|jpeg)$ {
94		try_files $uri /index.php$uri$is_args$args;
95		access_log off;
96		}
97
98		location ~ /\.ht {
99		deny all;
100		}
101
102		location /tv {
103		proxy_pass http://127.0.0.1:9981;
104		proxy_redirect off;
105		proxy_set_header Host $host;
106		proxy_set_header X-Real-IP $remote_addr;
107		proxy_set_header X-Forwarded-For $remote_addr;
108		proxy_set_header X-Forwarded-Proto https;
109		}
110
111		include snippets/letsencrypt.include;
112		}