From 5c5b0fbf68dca224b7f92f5de0913fd684e7d3d9 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Romain=20Gon=C3=A7alves?= Date: Thu, 8 Feb 2024 13:32:16 +0100 Subject: feat(roles/nextcloud): bring back basic nextcloud setup --- roles/nextcloud/templates/nextcloud.conf.httpd.j2 | 87 +++++++++++++++++++++++ 1 file changed, 87 insertions(+) create mode 100644 roles/nextcloud/templates/nextcloud.conf.httpd.j2 (limited to 'roles/nextcloud/templates/nextcloud.conf.httpd.j2') diff --git a/roles/nextcloud/templates/nextcloud.conf.httpd.j2 b/roles/nextcloud/templates/nextcloud.conf.httpd.j2 new file mode 100644 index 0000000..ffae130 --- /dev/null +++ b/roles/nextcloud/templates/nextcloud.conf.httpd.j2 @@ -0,0 +1,87 @@ +# managed by Ansible +# see: https://x61.sh/log/2023/02/20230217T112354-nextcloud_openbsd.html + + +server "{{ nextcloud__domain_name }}" { + listen on * port {{ nextcloud__listen_port }} + + root "/nextcloud" + + hsts max-age 15768000 + + # set max upload size + connection max request body 537919488 + connection max requests 1000 + connection request timeout 3600 + connection timeout 3600 + tcp nodelay + + gzip-static + + # deny access to the specified files + location "/db_structure.xml" { block } + location "/README" { block } + location "/config*" { block } + location "/build*" { block } + location "/tests*" { block } + location "/lib*" { block } + location "/3rdparty*" { block } + location "/templates*" { block } + location "/data*" { block } + location "/.ht*" { block } + location "/.user*" { block } + location "/autotest*" { block } + location "/occ*" { block } + location "/issue*" { block } + location "/indie*" { block } + location "/db_*" { block } + location "/console*" { block } + + location "/core/*" { + gzip-static + pass + } + + location "/apps/*" { + gzip-static + pass + } + + location "/dist/*" { + gzip-static + pass + } + + location "/.well-known/carddav" { + block return 301 "/remote.php/dav/" + } + + location "/.well-known/caldav" { + block return 301 "/remote.php/dav/" + } + + location match "/oc[ms]%-provider/*" { + directory index index.php + pass + } + + location "/.well-known/webfinger" { + block return 301 "/index.php$REQUEST_URI" + } + + location "/.well-known/nodeinfo" { + block return 301 "/index.php$REQUEST_URI" + } + + location "/.well-known/host-meta" { + block return 301 "/public.php?service=host-meta" + } + + location "/.well-known/host-meta.json" { + block return 301 "/public.php?service=host-meta-json" + } + + location "/*.php*" { + fastcgi socket "/run/php-fpm.sock" + } +} -- cgit v1.2.3