API tools faq
paste
Advertisement
Guest User

Untitled

a guest
Jan 7th, 2017
143
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 4.51 KB | None | 0 0
raw download clone embed print report
  1. upstream php {
  2. server 127.0.0.1:9000;
  3. }
  4.  
  5. server {
  6. listen 80 default_server;
  7. listen [::]:80 default_server;
  8. server_name dom.herfort.eu www.dom.herfort.eu;
  9. # return 301 https://$server_name$request_uri;
  10. location / {
  11. rewrite ^ https://$host$request_uri? permanent;
  12. }
  13. location /tv {
  14. proxy_pass http://127.0.0.1:9981;
  15. proxy_redirect off;
  16. proxy_set_header Host $host;
  17. proxy_set_header X-Real-IP $remote_addr;
  18. proxy_set_header X-Forwarded-For $remote_addr;
  19. }
  20. }
  21.  
  22. server {
  23. # SSL configuration
  24. listen 443 ssl http2 default_server;
  25. listen [::]:443 ssl http2 default_server;
  26. include snippets/ssl-dom.herfort.eu.conf;
  27. include snippets/ssl-params.conf;
  28.  
  29. root /media/MedienPlatte/nextcloud;
  30.  
  31. add_header X-Content-Type-Options nosniff;
  32. add_header X-Frame-Options "SAMEORIGIN";
  33. add_header X-XSS-Protection "1; mode=block";
  34. add_header X-Robots-Tag none;
  35. add_header X-Download-Options noopen;
  36. add_header X-Permitted-Cross-Domain-Policies none;
  37.  
  38. access_log /var/log/nginx/nextcloud.access.log;
  39. error_log /var/log/nginx/nextcloud.error.log;
  40.  
  41. # -----------------------------------------------------------------------------
  42. # ------------------------ TV-Headend Server ----------------------------------
  43. location /tv/ {
  44. proxy_pass http://dom.herfort.eu:9981;
  45. proxy_set_header Host $host;
  46. }
  47. # -----------------------------------------------------------------------------
  48. # ------------------------ PHPmyAdmin -----------------------------------------
  49. location /phpmyadmin {
  50. root /usr/share/;
  51. index index.php;
  52. try_files $uri $uri/ =404;
  53.  
  54. location ~ ^/phpmyadmin/(doc|sql|setup)/ {
  55. deny all;
  56. }
  57.  
  58. location ~ /phpmyadmin/(.+\.php)$ {
  59. fastcgi_pass unix:/run/php/php7.0-fpm.sock;
  60. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  61. include fastcgi_params;
  62. include snippets/fastcgi-php.conf;
  63. }
  64. }
  65. # -----------------------------------------------------------------------------
  66.  
  67. location = /robots.txt {
  68. allow all;
  69. log_not_found off;
  70. access_log off;
  71. }
  72.  
  73. location = /.well-known/carddav {
  74. return 301 $scheme://$host/remote.php/dav;
  75. }
  76. location = /.well-known/caldav {
  77. return 301 $scheme://$host/remote.php/dav;
  78. }
  79.  
  80. client_max_body_size 512M;
  81. fastcgi_buffers 8 16K;
  82. fastcgi_buffer_size 32k;
  83. fastcgi_connect_timeout 300;
  84. fastcgi_send_timeout 300;
  85. fastcgi_read_timeout 300;
  86. gzip off;
  87.  
  88. error_page 403 /core/templates/403.php;
  89. error_page 404 /core/templates/404.php;
  90.  
  91.  
  92. location / {
  93. rewrite ^ /index.php$uri;
  94. }
  95.  
  96. location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
  97. deny all;
  98. }
  99.  
  100. location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
  101. deny all;
  102. }
  103.  
  104. location ~^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?$
  105. include fastcgi_params;
  106. fastcgi_split_path_info ^(.+\.php)(/.+)$;
  107. fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
  108. fastcgi_param PATH_INFO $fastcgi_path_info;
  109. fastcgi_param HTTPS on;
  110. #Avoid sending the security headers twice
  111. fastcgi_param modHeadersAvailable true;
  112. fastcgi_param front_controller_active true;
  113. fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
  114. fastcgi_intercept_errors on;
  115. fastcgi_request_buffering off;
  116. }
  117. location ~ ^/(?:updater|ocs-provider)(?:$|/) {
  118. try_files $uri/ =404;
  119. index index.php;
  120. }
  121.  
  122. location ~* \.(?:css|js)$ {
  123. try_files $uri /index.php$uri$is_args$args;
  124. add_header Cache-Control "public, max-age=7200";
  125. add_header X-Content-Type-Options nosniff;
  126. add_header X-Frame-Options "SAMEORIGIN";
  127. add_header X-XSS-Protection "1; mode=block";
  128. add_header X-Robots-Tag none;
  129. add_header X-Download-Options noopen;
  130. add_header X-Permitted-Cross-Domain-Policies none;
  131. # Optional: Don't log access to assets
  132. access_log off;
  133. }
  134.  
  135. location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
  136. try_files $uri /index.php$uri$is_args$args;
  137. access_log off;
  138. }
  139.  
  140. location ~ /\.ht {
  141. deny all;
  142. }
  143. }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!