API tools faq
paste
Advertisement
pcking

Nginx config

pcking
Jun 14th, 2021
146
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 2.39 KB | None | 0 0
raw download clone embed print report
  1. upstream php-handler {
  2. server 127.0.0.1:9000;
  3. }
  4.  
  5. server {
  6. listen 443 ssl http2; # managed by Certbot
  7. listen [::]:443 ssl http2;
  8. server_name cloud.xxxxx.xx;
  9.  
  10. ssl_certificate /etc/letsencrypt/live/cloud.xxxx.xx/fullchain.pem; # managed by Certbot
  11. ssl_certificate_key /etc/letsencrypt/live/cloud.xxxxx.xx/privkey.pem; # managed by Certbot
  12. include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
  13. ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
  14.  
  15. access_log /var/log/nginx/Nextcloud-access.log;
  16. error_log /var/log/nginx/Nextcloud-error.log;
  17.  
  18. client_max_body_size 3G;
  19. fastcgi_buffers 64 4K;
  20.  
  21. #Enable gzip
  22. gzip on;
  23. gzip_vary on;
  24. gzip_comp_level 4;
  25. gzip_min_length 256;
  26. gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
  27. gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web>
  28.  
  29. # Remove X-Powered-By, which is an information leak
  30. fastcgi_hide_header X-Powered-By;
  31.  
  32. # display real ip in nginx logs when connected through reverse proxy via docker network
  33. set_real_ip_from 172.0.0.0/8;
  34. real_ip_header X-Forwarded-For;
  35.  
  36. # Specify how to handle directories -- specifying `/index.php$request_uri`
  37. # here as the fallback means that Nginx always exhibits the desired behaviour
  38. # when a client requests a path that corresponds to a directory that exists
  39. # on the server. In particular, if that directory contains an index.php file,
  40. # that file is correctly served; if it doesn't, then the request is passed to
  41. # the front-end controller. This consistent behaviour means that we don't need
  42. # to specify custom rules for certain paths (e.g. images and other assets,
  43. # `/updater`, `/ocm-provider`, `/ocs-provider`), and thus
  44. # `try_files $uri $uri/ /index.php$request_uri`
  45. # always provides the desired behaviour.
  46. index index.php index.html /index.php$request_uri;
  47.  
  48. # Rule borrowed from `.htaccess` to handle Microsoft DAV clients
  49. location = / {
  50. if ( $http_user_agent ~ ^DavClnt ) {
  51. return 302 /remote.php/webdav/$is_args$args;
  52. }
  53. }
  54.  
  55. location = /robots.txt {
  56. allow all;
  57. log_not_found off;
  58. access_log off;
  59. }
  60.  
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!