|
|
@ -5,7 +5,7 @@ location = /.well-known/caldav { |
|
|
return 301 https://$server_name#PATH#/remote.php/dav; |
|
|
return 301 https://$server_name#PATH#/remote.php/dav; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
location #LOCATION# { |
|
|
|
|
|
|
|
|
location ^~ #LOCATION# { |
|
|
alias #DESTDIR#/; |
|
|
alias #DESTDIR#/; |
|
|
|
|
|
|
|
|
if ($scheme = http) { |
|
|
if ($scheme = http) { |
|
|
@ -23,26 +23,23 @@ location #LOCATION# { |
|
|
|
|
|
|
|
|
# Set max upload size |
|
|
# Set max upload size |
|
|
client_max_body_size 10G; |
|
|
client_max_body_size 10G; |
|
|
|
|
|
fastcgi_buffers 64 4K; |
|
|
|
|
|
|
|
|
# Disable gzip to avoid the removal of the ETag header |
|
|
# Disable gzip to avoid the removal of the ETag header |
|
|
gzip off; |
|
|
gzip off; |
|
|
|
|
|
|
|
|
# Index and errors pages |
|
|
|
|
|
index index.php; |
|
|
|
|
|
|
|
|
# Errors pages |
|
|
error_page 403 #PATH#/core/templates/403.php; |
|
|
error_page 403 #PATH#/core/templates/403.php; |
|
|
error_page 404 #PATH#/core/templates/404.php; |
|
|
error_page 404 #PATH#/core/templates/404.php; |
|
|
|
|
|
|
|
|
# The following 2 rules are only needed for the user_webfinger app. |
|
|
# The following 2 rules are only needed for the user_webfinger app. |
|
|
# Uncomment it if you're planning to use this app. |
|
|
# Uncomment it if you're planning to use this app. |
|
|
#rewrite ^#PATH#/.well-known/host-meta #PATH#/public.php?service=host-meta last; |
|
|
|
|
|
#rewrite ^#PATH#/.well-known/host-meta.json #PATH#/public.php?service=host-meta-json last; |
|
|
|
|
|
|
|
|
#rewrite ^/.well-known/host-meta #PATH#/public.php?service=host-meta last; |
|
|
|
|
|
#rewrite ^/.well-known/host-meta.json #PATH#/public.php?service=host-meta-json last; |
|
|
|
|
|
|
|
|
# Other rewrite rules |
|
|
|
|
|
rewrite ^#PATH#/remote/(.*) /remote.php last; |
|
|
|
|
|
rewrite ^(#PATH#/core/doc/[^\/]+/)$ $1/index.html; |
|
|
|
|
|
|
|
|
|
|
|
# Catch unknown files |
|
|
|
|
|
try_files $uri $uri/ =404; |
|
|
|
|
|
|
|
|
location #LOCATION# { |
|
|
|
|
|
rewrite ^ #PATH#/index.php$uri; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
location = #PATH#/robots.txt { |
|
|
location = #PATH#/robots.txt { |
|
|
allow all; |
|
|
allow all; |
|
|
@ -50,16 +47,28 @@ location #LOCATION# { |
|
|
access_log off; |
|
|
access_log off; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
location ~ \.php(?:$|/) { |
|
|
|
|
|
fastcgi_split_path_info ^(.+\.php)(/.+)$; |
|
|
|
|
|
|
|
|
location ~ ^#PATH#/(?:build|tests|config|lib|3rdparty|templates|data)/ { |
|
|
|
|
|
deny all; |
|
|
|
|
|
} |
|
|
|
|
|
location ~ ^#PATH#/(?:\.|autotest|occ|issue|indie|db_|console) { |
|
|
|
|
|
deny all; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
location ~ ^#PATH#/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) { |
|
|
include fastcgi_params; |
|
|
include fastcgi_params; |
|
|
fastcgi_buffers 64 4K; |
|
|
|
|
|
|
|
|
fastcgi_split_path_info ^(.+\.php)(/.+)$; |
|
|
fastcgi_param SCRIPT_FILENAME $request_filename; |
|
|
fastcgi_param SCRIPT_FILENAME $request_filename; |
|
|
fastcgi_param PATH_INFO $fastcgi_path_info; |
|
|
fastcgi_param PATH_INFO $fastcgi_path_info; |
|
|
fastcgi_param HTTPS on; |
|
|
fastcgi_param HTTPS on; |
|
|
fastcgi_param modHeadersAvailable true; |
|
|
fastcgi_param modHeadersAvailable true; |
|
|
fastcgi_param REMOTE_USER $remote_user; |
|
|
fastcgi_param REMOTE_USER $remote_user; |
|
|
fastcgi_pass unix:/var/run/php5-fpm-#APP#.sock; |
|
|
fastcgi_pass unix:/var/run/php5-fpm-#APP#.sock; |
|
|
|
|
|
fastcgi_intercept_errors on; |
|
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
location ~ ^#PATH#/(?:updater|ocs-provider)(?:$|/) { |
|
|
|
|
|
try_files $uri/ =404; |
|
|
|
|
|
index index.php; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
# Adding the cache control header for js and css files |
|
|
# Adding the cache control header for js and css files |
|
|
@ -77,18 +86,11 @@ location #LOCATION# { |
|
|
access_log off; |
|
|
access_log off; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
|
|
|
location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ { |
|
|
# Optional: Don't log access to other assets |
|
|
# Optional: Don't log access to other assets |
|
|
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ { |
|
|
|
|
|
access_log off; |
|
|
access_log off; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
# show YunoHost panel access |
|
|
# show YunoHost panel access |
|
|
include conf.d/yunohost_panel.conf.inc; |
|
|
include conf.d/yunohost_panel.conf.inc; |
|
|
} |
|
|
} |
|
|
|
|
|
|
|
|
location ~ ^#PATH#/(build|tests|config|lib|3rdparty|templates|data)/ { |
|
|
|
|
|
deny all; |
|
|
|
|
|
} |
|
|
|
|
|
location ~ ^#PATH#/(?:\.|autotest|occ|issue|indie|db_|console) { |
|
|
|
|
|
deny all; |
|
|
|
|
|
} |
|
|
|
Jérôme Lebleu
10 years ago