Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- upstream php-handler {
- server 127.0.0.1:9000;
- }
- server {
- listen 443 ssl http2; # managed by Certbot
- listen [::]:443 ssl http2;
- server_name cloud.xxxxx.xx;
- ssl_certificate /etc/letsencrypt/live/cloud.xxxx.xx/fullchain.pem; # managed by Certbot
- ssl_certificate_key /etc/letsencrypt/live/cloud.xxxxx.xx/privkey.pem; # managed by Certbot
- include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
- ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
- access_log /var/log/nginx/Nextcloud-access.log;
- error_log /var/log/nginx/Nextcloud-error.log;
- client_max_body_size 3G;
- fastcgi_buffers 64 4K;
- #Enable gzip
- gzip on;
- gzip_vary on;
- gzip_comp_level 4;
- gzip_min_length 256;
- gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
- gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web>
- # Remove X-Powered-By, which is an information leak
- fastcgi_hide_header X-Powered-By;
- # display real ip in nginx logs when connected through reverse proxy via docker network
- set_real_ip_from 172.0.0.0/8;
- real_ip_header X-Forwarded-For;
- # Specify how to handle directories -- specifying `/index.php$request_uri`
- # here as the fallback means that Nginx always exhibits the desired behaviour
- # when a client requests a path that corresponds to a directory that exists
- # on the server. In particular, if that directory contains an index.php file,
- # that file is correctly served; if it doesn't, then the request is passed to
- # the front-end controller. This consistent behaviour means that we don't need
- # to specify custom rules for certain paths (e.g. images and other assets,
- # `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
- # `try_files $uri $uri/ /index.php$request_uri`
- # always provides the desired behaviour.
- index index.php index.html /index.php$request_uri;
- # Rule borrowed from `.htaccess` to handle Microsoft DAV clients
- location = / {
- if ( $http_user_agent ~ ^DavClnt ) {
- return 302 /remote.php/webdav/$is_args$args;
- }
- }
- location = /robots.txt {
- allow all;
- log_not_found off;
- access_log off;
- }
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement