cd5adfd94b
* set branch (+2 squashed commit) Squashed commit: [e322f24] remove placeholder [8647131] palceholder * Code cleanup and (primarily) consolidation (#21) * set branch * Exit 1 on iocage create failure * - Move jailcreate to global function - Remove Jailcreate.sh * Add dataset creation function * - add test script to test new global changes - also create folder in jail with createmount * fix * make test executable * more verbosity, fixing folder creation * moving global dataset create * move jails to new dataset-mount creation function * remove test jail and test branch-ref * Add Nextcloud (#22) * Basic working nextcloud integration * Enable persistent reinstall of Nextcloud * prepare for dev merge * Licence alert * Add external database and integrated jail * small improvements and update script * Add mariadb to dev (#31) * Working MariaDB config * - Set ZFS settings for DB on Nextcloud and MariaDB - Cleanup MariaDB * prepare for dev merge * Niceify Readme (#34) * put content from master into it * Some readme itteration * more niceification * [WIP} Wiki workflow test (#37) introduce automatic wiki generation * Add Bitwarden support (#35) * Nextcloud-Cleanup for v1.1.0 (#40) * Nextcloud cleanup - add db-type sanity check - remove some integrated db checks - Move ssl to /config/ssl - remove integrated databases * slight default tweaking * fix mariadb install bug * QA cycle
123 lines
2.8 KiB
Caddyfile
Executable File
123 lines
2.8 KiB
Caddyfile
Executable File
yourhostnamehere:80 JAIL-IP:80 {
|
|
|
|
root /usr/local/www/nextcloud
|
|
log /var/log/nextcloud_access.log
|
|
errors /var/log/nextcloud_errors.log
|
|
|
|
fastcgi / 127.0.0.1:9000 php {
|
|
env PATH /bin
|
|
env modHeadersAvailable true
|
|
env front_controller_active true
|
|
connect_timeout 60s
|
|
read_timeout 3600s
|
|
send_timeout 300s
|
|
}
|
|
|
|
header / {
|
|
Strict-Transport-Security "max-age=15768000;"
|
|
X-Content-Type-Options "nosniff"
|
|
X-XSS-Protection "1; mode=block"
|
|
X-Robots-Tag "none"
|
|
X-Download-Options "noopen"
|
|
X-Permitted-Cross-Domain-Policies "none"
|
|
X-Frame-Options "SAMEORIGIN"
|
|
Referrer-Policy "no-referrer"
|
|
}
|
|
|
|
header /core/fonts {
|
|
Cache-Control "max-age=604800"
|
|
}
|
|
|
|
# checks for images
|
|
rewrite {
|
|
ext .png .html .ttf .ico .jpg .jpeg .css .js .woff .woff2 .svg .gif .map
|
|
r ^/index.php/.*$
|
|
to /{1} /index.php?{query}
|
|
}
|
|
|
|
rewrite {
|
|
r ^/\.well-known/host-meta$
|
|
to /public.php?service=host-meta&{query}
|
|
}
|
|
rewrite {
|
|
r ^/\.well-known/host-meta\.json$
|
|
to /public.php?service=host-meta-json&{query}
|
|
}
|
|
rewrite {
|
|
r ^/\.well-known/webfinger$
|
|
to /public.php?service=webfinger&{query}
|
|
}
|
|
|
|
rewrite {
|
|
r ^/index.php/.*$
|
|
to /index.php?{query}
|
|
}
|
|
|
|
rewrite / {
|
|
if {path} not_starts_with /remote.php
|
|
if {path} not_starts_with /public.php
|
|
ext .png .html .ttf .ico .jpg .jpeg .css .js .woff .woff2 .svg .gif .map .html .ttf
|
|
r ^/(.*)$
|
|
to /{1} /index.php{uri}
|
|
}
|
|
|
|
rewrite / {
|
|
if {path} not /core/img/favicon.ico
|
|
if {path} not /core/img/manifest.json
|
|
if {path} not_starts_with /remote.php
|
|
if {path} not_starts_with /public.php
|
|
if {path} not_starts_with /cron.php
|
|
if {path} not_starts_with /core/ajax/update.php
|
|
if {path} not_starts_with /status.php
|
|
if {path} not_starts_with /ocs/v1.php
|
|
if {path} not_starts_with /ocs/v2.php
|
|
if {path} not /robots.txt
|
|
if {path} not_starts_with /updater/
|
|
if {path} not_starts_with /ocs-provider/
|
|
if {path} not_starts_with /ocm-provider/
|
|
if {path} not_starts_with /.well-known/
|
|
to /index.php{uri}
|
|
}
|
|
|
|
# client support (e.g. os x calendar / contacts)
|
|
redir /.well-known/carddav /remote.php/carddav 301
|
|
redir /.well-known/caldav /remote.php/caldav 301
|
|
|
|
# remove trailing / as it causes errors with php-fpm
|
|
rewrite {
|
|
r ^/remote.php/(webdav|caldav|carddav|dav)(\/?)(\/?)$
|
|
to /remote.php/{1}
|
|
}
|
|
|
|
rewrite {
|
|
r ^/remote.php/(webdav|caldav|carddav|dav)/(.+?)(\/?)(\/?)$
|
|
to /remote.php/{1}/{2}
|
|
}
|
|
|
|
rewrite {
|
|
r ^/public.php/(dav|webdav|caldav|carddav)(\/?)(\/?)$
|
|
to /public.php/{1}
|
|
}
|
|
|
|
rewrite {
|
|
r ^/public.php/(dav|webdav|caldav|carddav)/(.+)(\/?)(\/?)$
|
|
to /public.php/{1}/{2}
|
|
}
|
|
|
|
# .htaccess / data / config / ... shouldn't be accessible from outside
|
|
status 404 {
|
|
/.htaccess
|
|
/data
|
|
/config
|
|
/db_structure
|
|
/.xml
|
|
/README
|
|
/3rdparty
|
|
/lib
|
|
/templates
|
|
/occ
|
|
/console.php
|
|
}
|
|
|
|
}
|