scale-catalog/blueprints/nextcloud/includes/Caddyfile-nossl
Kjeld Schouten-Lebbing dbfbd489fa
[WIP] Allow multiple installations of same blueprint (#88)
* Multi-install support, Blueprints and config changes. Initial commit

* Migrating jails to blueprints, first steps.
Tested Working:
- Transmission
- Lidarr
- Sonarr
- Radarr

fix lidarr config (+10 squashed commit)

Squashed commit:

[5f14653] always link ports folders

[f18f2f0] Optional (blueprint) ports mount
Fixes #89

[96ef7e7] chmod all the things

[129e707] same mistake... again...

[e1596dc] missing reference

[6da3567] Forgot one reference

[d78b5b6] Update wiki.yml

[cecc53a] Update filecheck.yml

[5244abd] basic settings changed.
More involved blueprints still need changes, such as: Bitwarden, nextcloud, Mariadb

[6568e92] jails -> blueprints

* Added Tested Working:
- KMS
- Plex
- Tautulli
- Organizr
- InfluxDB
- MariaDB

Many squashed small fixes included:
Make *.rc executable (+13 squashed commit)

Squashed commit:

[b28aa83] use .rc for rc.d config files

[e940a48] some mariadb cleanup

[dc27aff] testing another way

[83bd91b] Mariadb root password alter instead of update, initial config for unifi

[0ca3074] some light config cleanup

[a0d4352] also remove database from influxdb example config (db should be created when required)

[2c218cc] Prepare influxdb and remove unneeded content

[1b34109] more shellcheck fixups

[c96566c] Some shellcheck cleanup

[8969ca7] bitwarden mostly done, some work on nextcloud and unifi

[7f89bfa] initial mariadb patch

[dd7e85f] missed one problem

[f814cb7] Initial pseudo-compatibility patch for unifi

* Enable Bitwarden support and some small fixes/tweaks
Fixes #95

more bugs and typo's (+3 squashed commit)

Squashed commit:

[3b5213e] Bitwarden not correctly installing db

[b7438a5] yeah thats not gonna cut it... >.<

[e7987c2] some slight bitwarden tweaks

* Enable Unifi support and some small fixes/tweaks

small unifi cleanup. Unifi is working (+3 squashed commit)

Squashed commit:

[d906d2d] chmod unifi

[545e999] Add extra sanity, remove unneeded variables from example

[b8c0b24] Some small Unifi Tweaks

* Nextcloud Cleanup, Some fixes, Initial support for blueprintsystem
Fixes #96
Fixes #97
Fixes #98

some bloat and syntax fixes (+5 squashed commit)

Squashed commit:

[78f6428] Some more nextcloud cleanup and tweaks
- combines multiple variables for cert system selection (Fixes #98 )
- Default to self signed cert
- Force manual admin password

[7cacae4] slight fixes

[3d81cda] More cleanup

[50496cc] small mariadb fix and more nextcloud cleanup

[c1b2c20] Cleaning nextcloud
- Remove external DB (Fixes #97 )
- Remove Postgresql (Fixes #96 )
- Some preparation for blueprint

* Nextcloud done

and..  another... (+5 squashed commit)

Squashed commit:

[c65751b] caddy not installed right.

[e5da66b] more fixes

[a33300e] Damnit, two typo's same scentence

[4292a7a] another typo

[1b820cf] typo and example hotfix

* Introduce version checking for config file
2020-05-02 17:45:13 +02:00

123 lines
2.8 KiB
Caddyfile

yourhostnamehere:80 JAIL-IP:80 {
root /usr/local/www/nextcloud
log /var/log/nextcloud_access.log
errors /var/log/nextcloud_errors.log
fastcgi / 127.0.0.1:9000 php {
env PATH /bin
env modHeadersAvailable true
env front_controller_active true
connect_timeout 60s
read_timeout 3600s
send_timeout 300s
}
header / {
Strict-Transport-Security "max-age=15768000;"
X-Content-Type-Options "nosniff"
X-XSS-Protection "1; mode=block"
X-Robots-Tag "none"
X-Download-Options "noopen"
X-Permitted-Cross-Domain-Policies "none"
X-Frame-Options "SAMEORIGIN"
Referrer-Policy "no-referrer"
}
header /core/fonts {
Cache-Control "max-age=604800"
}
# checks for images
rewrite {
ext .png .html .ttf .ico .jpg .jpeg .css .js .woff .woff2 .svg .gif .map
r ^/index.php/.*$
to /{1} /index.php?{query}
}
rewrite {
r ^/\.well-known/host-meta$
to /public.php?service=host-meta&{query}
}
rewrite {
r ^/\.well-known/host-meta\.json$
to /public.php?service=host-meta-json&{query}
}
rewrite {
r ^/\.well-known/webfinger$
to /public.php?service=webfinger&{query}
}
rewrite {
r ^/index.php/.*$
to /index.php?{query}
}
rewrite / {
if {path} not_starts_with /remote.php
if {path} not_starts_with /public.php
ext .png .html .ttf .ico .jpg .jpeg .css .js .woff .woff2 .svg .gif .map .html .ttf
r ^/(.*)$
to /{1} /index.php{uri}
}
rewrite / {
if {path} not /core/img/favicon.ico
if {path} not /core/img/manifest.json
if {path} not_starts_with /remote.php
if {path} not_starts_with /public.php
if {path} not_starts_with /cron.php
if {path} not_starts_with /core/ajax/update.php
if {path} not_starts_with /status.php
if {path} not_starts_with /ocs/v1.php
if {path} not_starts_with /ocs/v2.php
if {path} not /robots.txt
if {path} not_starts_with /updater/
if {path} not_starts_with /ocs-provider/
if {path} not_starts_with /ocm-provider/
if {path} not_starts_with /.well-known/
to /index.php{uri}
}
# client support (e.g. os x calendar / contacts)
redir /.well-known/carddav /remote.php/carddav 301
redir /.well-known/caldav /remote.php/caldav 301
# remove trailing / as it causes errors with php-fpm
rewrite {
r ^/remote.php/(webdav|caldav|carddav|dav)(\/?)(\/?)$
to /remote.php/{1}
}
rewrite {
r ^/remote.php/(webdav|caldav|carddav|dav)/(.+?)(\/?)(\/?)$
to /remote.php/{1}/{2}
}
rewrite {
r ^/public.php/(dav|webdav|caldav|carddav)(\/?)(\/?)$
to /public.php/{1}
}
rewrite {
r ^/public.php/(dav|webdav|caldav|carddav)/(.+)(\/?)(\/?)$
to /public.php/{1}/{2}
}
# .htaccess / data / config / ... shouldn't be accessible from outside
status 404 {
/.htaccess
/data
/config
/db_structure
/.xml
/README
/3rdparty
/lib
/templates
/occ
/console.php
}
}