Testing

2019-01-11 16:36:45 -05:00
parent 5ffda99de2
commit db6a573b5b
5 changed files with 245 additions and 194 deletions
--- a/templates/Nextcloud/0/Resources/conf.d/collabora.conf
+++ b/templates/Nextcloud/0/Resources/conf.d/collabora.conf
@@ -0,0 +1,40 @@
+server {
+    listen 81;
+    listen [::]:81;
+    
+    # static files
+    location ^~ /loleaflet {
+        proxy_pass http://collabora:9980;
+        proxy_set_header Host $http_host;
+    }
+
+    # WOPI discovery URL
+    location ^~ /hosting/discovery {
+        proxy_pass http://collabora:9980;
+        proxy_set_header Host $http_host;
+    }
+
+    # main websocket
+    location ~ ^/lool/(.*)/ws$ {
+        proxy_pass http://collabora:9980;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $http_host;
+        proxy_read_timeout 36000s;
+    }
+    
+    # download, presentation and image upload
+    location ~ ^/lool {
+        proxy_pass http://collabora:9980;
+        proxy_set_header Host $http_host;
+    }
+    
+    # Admin Console websocket
+    location ^~ /lool/adminws {
+        proxy_pass http://collabora:9980;
+        proxy_set_header Upgrade $http_upgrade;
+        proxy_set_header Connection "Upgrade";
+        proxy_set_header Host $http_host;
+        proxy_read_timeout 36000s;
+    }
+}
--- a/templates/Nextcloud/0/Resources/conf.d/nextcloud.conf
+++ b/templates/Nextcloud/0/Resources/conf.d/nextcloud.conf
@@ -0,0 +1,69 @@
+upstream php-handler {
+    server nextcloud:9000;
+}
+
+server {
+    listen 80;
+    listen [::]:80;
+    server_name _;
+
+    root /var/www/html/; # Path to the root of your installation
+
+    client_max_body_size 10G; # Max upload size
+    fastcgi_buffers 64 4K;
+
+    # Enable gzip but do not remove ETag headers
+    gzip off;
+
+    index index.php
+    error_page 403 /core/templates/403.php;
+    error_page 404 /core/templates/404.php;
+
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+
+    location = /.well-known/carddav {
+        return 301 $scheme://$host/remote.php/dav;
+    }
+
+    location = /.well-known/caldav {
+        return 301 $scheme://$host/remote.php/dav;
+    }
+
+
+
+    location / {
+        rewrite ^ /index.php$request_uri;
+    }
+
+    location ~ \.php(?:$|/) {
+        fastcgi_split_path_info ^(.+\.php)(/.+)$;
+        include fastcgi_params;
+        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+        fastcgi_param PATH_INFO $fastcgi_path_info;
+        fastcgi_pass php-handler;
+        fastcgi_intercept_errors on;
+    }
+
+    # Adding the cache control header for js and css files
+    # Make sure it is BELOW the location ~ \.php(?:$|/) { block
+    location ~* \.(?:css|js)$ {
+        add_header Cache-Control "public, max-age=7200";
+        # Add headers to serve security related headers
+        add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
+        add_header X-Content-Type-Options nosniff;
+        add_header X-Frame-Options "SAMEORIGIN";
+        add_header X-XSS-Protection "1; mode=block";
+        add_header X-Robots-Tag none;
+        # Optional: Don't log access to assets
+        access_log off;
+    }
+
+    # Optional: Don't log access to other assets
+    location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
+        access_log off;
+    }
+}