server {
|
|
listen 80;
|
|
server_name owncloud.{{ domain }};
|
|
return 301 https://$server_name$request_uri;
|
|
}
|
|
|
|
server {
|
|
listen 443 ssl;
|
|
server_name owncloud.{{ instance_name }};
|
|
keepalive_timeout 70;
|
|
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
|
|
ssl_ciphers AES128-SHA:AES256-SHA:RC4-SHA:DES-CBC3-SHA:RC4-MD5;
|
|
ssl_certificate /etc/nginx/ssl/owncloud.crt;
|
|
ssl_certificate_key /etc/nginx/ssl/owncloud.key;
|
|
root /var/www/owncloud/owncloud/;
|
|
error_log /var/log/owncloud.error.log;
|
|
access_log /var/log/owncloud.access.log;
|
|
|
|
client_max_body_size 10G;
|
|
fastcgi_buffers 64 4K;
|
|
|
|
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
|
|
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
|
|
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
|
|
|
|
index index.php;
|
|
error_page 403 /core/templates/403.php;
|
|
error_page 404 /core/templates/404.php;
|
|
|
|
location = /robots.txt {
|
|
allow all;
|
|
log_not_found off;
|
|
access_log off;
|
|
}
|
|
|
|
location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
|
|
deny all;
|
|
}
|
|
|
|
location / {
|
|
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
|
|
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
|
|
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
|
|
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
|
|
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
|
|
try_files $uri $uri/ index.php;
|
|
error_log /var/log/owncloud.error.log;
|
|
access_log /var/log/owncloud.access.log;
|
|
}
|
|
|
|
location ~ ^(.+?\.php)(/.*)?$ {
|
|
try_files $1 = 404;
|
|
include fastcgi_params;
|
|
fastcgi_param SCRIPT_FILENAME $document_root$1;
|
|
fastcgi_param PATH_INFO $2;
|
|
fastcgi_param HTTPS on;
|
|
fastcgi_connect_timeout 60;
|
|
fastcgi_send_timeout 180;
|
|
fastcgi_param htaccessWorking true;
|
|
fastcgi_read_timeout 360;
|
|
fastcgi_pass unix:/var/run/php5-fpm-www-data.sock;
|
|
error_log /var/log/owncloud.fpm.error.log;
|
|
access_log /var/log/owncloud.fpm.access.log;
|
|
}
|
|
|
|
# Optional: set long EXPIRES header on static assets
|
|
location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
|
|
expires 30d;
|
|
# Optional: Don't log access to assets
|
|
access_log off;
|
|
}
|
|
}
|
|
|