scale-catalog/jails/nextcloud/includes/Caddyfile-selfsigned
Kjeld Schouten-Lebbing cd5adfd94b
Jailman v1.1.0 (#24)
* set branch (+2 squashed commit)

Squashed commit:

[e322f24] remove placeholder

[8647131] palceholder

* Code cleanup and (primarily) consolidation (#21)

* set branch

* Exit 1 on iocage create failure

* - Move jailcreate to global function
- Remove Jailcreate.sh

* Add dataset creation function

* - add test script to test new global changes
- also create folder in jail with createmount

* fix

* make test executable

* more verbosity, fixing folder creation

* moving global dataset create

* move jails to new dataset-mount creation function

* remove test jail and test branch-ref

* Add Nextcloud (#22)

* Basic working nextcloud integration

* Enable persistent reinstall of Nextcloud

* prepare for dev merge

* Licence alert

* Add external database and integrated jail

* small improvements and update script

* Add mariadb to dev (#31)

* Working MariaDB config

* - Set ZFS settings for DB on Nextcloud and MariaDB
- Cleanup MariaDB

* prepare for dev merge

* Niceify Readme (#34)

* put content from master into it

* Some readme itteration

* more niceification

* [WIP} Wiki workflow test (#37)

introduce automatic wiki generation

* Add Bitwarden support (#35)

* Nextcloud-Cleanup for v1.1.0 (#40)

* Nextcloud cleanup
- add db-type sanity check
- remove some integrated db checks
- Move ssl to /config/ssl
- remove integrated databases

* slight default tweaking

* fix mariadb install bug

* QA cycle
2020-03-13 23:59:05 +01:00

129 lines
3.0 KiB
Caddyfile
Executable File

http://yourhostnamehere http://JAIL-IP {
redir https://yourhostnamehere{uri}
}
https://yourhostnamehere https://JAIL-IP {
root /usr/local/www/nextcloud
log /var/log/nextcloud_access.log
errors /var/log/nextcloud_errors.log
tls /config/ssl/fullchain.pem /config/ssl/privkey.pem
fastcgi / 127.0.0.1:9000 php {
env PATH /bin
env modHeadersAvailable true
env front_controller_active true
connect_timeout 60s
read_timeout 3600s
send_timeout 300s
}
header / {
Strict-Transport-Security "max-age=15768000;"
X-Content-Type-Options "nosniff"
X-XSS-Protection "1; mode=block"
X-Robots-Tag "none"
X-Download-Options "noopen"
X-Permitted-Cross-Domain-Policies "none"
X-Frame-Options "SAMEORIGIN"
Referrer-Policy "no-referrer"
}
header /core/fonts {
Cache-Control "max-age=604800"
}
# checks for images
rewrite {
ext .png .html .ttf .ico .jpg .jpeg .css .js .woff .woff2 .svg .gif .map
r ^/index.php/.*$
to /{1} /index.php?{query}
}
rewrite {
r ^/\.well-known/host-meta$
to /public.php?service=host-meta&{query}
}
rewrite {
r ^/\.well-known/host-meta\.json$
to /public.php?service=host-meta-json&{query}
}
rewrite {
r ^/\.well-known/webfinger$
to /public.php?service=webfinger&{query}
}
rewrite {
r ^/index.php/.*$
to /index.php?{query}
}
rewrite / {
if {path} not_starts_with /remote.php
if {path} not_starts_with /public.php
ext .png .html .ttf .ico .jpg .jpeg .css .js .woff .woff2 .svg .gif .map .html .ttf
r ^/(.*)$
to /{1} /index.php{uri}
}
rewrite / {
if {path} not /core/img/favicon.ico
if {path} not /core/img/manifest.json
if {path} not_starts_with /remote.php
if {path} not_starts_with /public.php
if {path} not_starts_with /cron.php
if {path} not_starts_with /core/ajax/update.php
if {path} not_starts_with /status.php
if {path} not_starts_with /ocs/v1.php
if {path} not_starts_with /ocs/v2.php
if {path} not /robots.txt
if {path} not_starts_with /updater/
if {path} not_starts_with /ocs-provider/
if {path} not_starts_with /ocm-provider/
if {path} not_starts_with /.well-known/
to /index.php{uri}
}
# client support (e.g. os x calendar / contacts)
redir /.well-known/carddav /remote.php/carddav 301
redir /.well-known/caldav /remote.php/caldav 301
# remove trailing / as it causes errors with php-fpm
rewrite {
r ^/remote.php/(webdav|caldav|carddav|dav)(\/?)(\/?)$
to /remote.php/{1}
}
rewrite {
r ^/remote.php/(webdav|caldav|carddav|dav)/(.+?)(\/?)(\/?)$
to /remote.php/{1}/{2}
}
rewrite {
r ^/public.php/(dav|webdav|caldav|carddav)(\/?)(\/?)$
to /public.php/{1}
}
rewrite {
r ^/public.php/(dav|webdav|caldav|carddav)/(.+)(\/?)(\/?)$
to /public.php/{1}/{2}
}
# .htaccess / data / config / ... shouldn't be accessible from outside
status 404 {
/.htaccess
/data
/config
/db_structure
/.xml
/README
/3rdparty
/lib
/templates
/occ
/console.php
}
}