diff options
| author | Romain Gonçalves <me@rgoncalves.se> | 2024-02-08 13:32:16 +0100 |
|---|---|---|
| committer | Romain Gonçalves <me@rgoncalves.se> | 2024-02-08 13:33:36 +0100 |
| commit | 5c5b0fbf68dca224b7f92f5de0913fd684e7d3d9 (patch) | |
| tree | dfaf322db68eee91a4f8b46f4d89943c646ed089 /roles/nextcloud/templates/nextcloud.conf.httpd.j2 | |
| parent | 375f7a47425867eb781ac0d626bded21c80ea51b (diff) | |
| download | rules-5c5b0fbf68dca224b7f92f5de0913fd684e7d3d9.tar.gz | |
feat(roles/nextcloud): bring back basic nextcloud setup
Diffstat (limited to 'roles/nextcloud/templates/nextcloud.conf.httpd.j2')
| -rw-r--r-- | roles/nextcloud/templates/nextcloud.conf.httpd.j2 | 87 |
1 files changed, 87 insertions, 0 deletions
diff --git a/roles/nextcloud/templates/nextcloud.conf.httpd.j2 b/roles/nextcloud/templates/nextcloud.conf.httpd.j2 new file mode 100644 index 0000000..ffae130 --- /dev/null +++ b/roles/nextcloud/templates/nextcloud.conf.httpd.j2 @@ -0,0 +1,87 @@ +# managed by Ansible +# see: https://x61.sh/log/2023/02/20230217T112354-nextcloud_openbsd.html + + +server "{{ nextcloud__domain_name }}" { + listen on * port {{ nextcloud__listen_port }} + + root "/nextcloud" + + hsts max-age 15768000 + + # set max upload size + connection max request body 537919488 + connection max requests 1000 + connection request timeout 3600 + connection timeout 3600 + tcp nodelay + + gzip-static + + # deny access to the specified files + location "/db_structure.xml" { block } + location "/README" { block } + location "/config*" { block } + location "/build*" { block } + location "/tests*" { block } + location "/lib*" { block } + location "/3rdparty*" { block } + location "/templates*" { block } + location "/data*" { block } + location "/.ht*" { block } + location "/.user*" { block } + location "/autotest*" { block } + location "/occ*" { block } + location "/issue*" { block } + location "/indie*" { block } + location "/db_*" { block } + location "/console*" { block } + + location "/core/*" { + gzip-static + pass + } + + location "/apps/*" { + gzip-static + pass + } + + location "/dist/*" { + gzip-static + pass + } + + location "/.well-known/carddav" { + block return 301 "/remote.php/dav/" + } + + location "/.well-known/caldav" { + block return 301 "/remote.php/dav/" + } + + location match "/oc[ms]%-provider/*" { + directory index index.php + pass + } + + location "/.well-known/webfinger" { + block return 301 "/index.php$REQUEST_URI" + } + + location "/.well-known/nodeinfo" { + block return 301 "/index.php$REQUEST_URI" + } + + location "/.well-known/host-meta" { + block return 301 "/public.php?service=host-meta" + } + + location "/.well-known/host-meta.json" { + block return 301 "/public.php?service=host-meta-json" + } + + location "/*.php*" { + fastcgi socket "/run/php-fpm.sock" + } +} |