From 68dacf2b5b198dac82f38b09617175b4087f9af1 Mon Sep 17 00:00:00 2001
From: Remi Collet <fedora@famillecollet.com>
Date: Tue, 31 May 2016 16:32:29 +0200
Subject: owncloud: 9.0.2

---
 owncloud-default-nginx.conf | 78 +++++++++++++++++++++++++++++++++++++++++++++
 1 file changed, 78 insertions(+)
 create mode 100644 owncloud-default-nginx.conf

(limited to 'owncloud-default-nginx.conf')

diff --git a/owncloud-default-nginx.conf b/owncloud-default-nginx.conf
new file mode 100644
index 0000000..81459b9
--- /dev/null
+++ b/owncloud-default-nginx.conf
@@ -0,0 +1,78 @@
+    rewrite ^/owncloud$ /owncloud/ redirect;
+
+    location /owncloud/ {
+        root /usr/share/;
+
+        # Add headers to serve security related headers
+        # Before enabling Strict-Transport-Security headers please read into this topic first.
+        # add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
+        add_header X-Content-Type-Options nosniff;
+        add_header X-Frame-Options "SAMEORIGIN";
+        add_header X-XSS-Protection "1; mode=block";
+        add_header X-Robots-Tag none;
+
+        # set max upload size
+        client_max_body_size 10G;
+        fastcgi_buffers 64 4K;
+
+        # Disable gzip to avoid the removal of the ETag header
+        gzip off;
+
+        # Uncomment if your server is build with the ngx_pagespeed module
+        # This module is currently not supported.
+        #pagespeed off;
+
+        index index.php;
+
+        error_page 403 /owncloud/core/templates/403.php;
+        error_page 404 /owncloud/core/templates/404.php;
+
+        location ~ ^/owncloud/apps-appstore/(.*)$ {
+            alias /var/lib/owncloud/apps/$1;
+        }
+
+        location ~ ^/owncloud/assets/(.*)$ {
+            alias /var/lib/owncloud/assets/$1;
+        }
+
+        location ~ ^/owncloud/(build|tests|config|lib|3rdparty|templates|data)/ {
+            deny all;
+        }
+
+        location ~ ^/owncloud/(?:\.|autotest|occ|issue|indie|db_|console) {
+            deny all;
+        }
+
+        rewrite ^/owncloud/remote/(.*) /owncloud/remote.php last;
+        rewrite ^/owncloud/core/doc/([^\/]+)(?:$|/) /owncloud/core/doc/$1/index.html;
+
+        try_files $uri $uri/ =404;
+
+        location ~ \.php(?:$|/) {
+            fastcgi_split_path_info ^(.+\.php)(/.+)$;
+            include fastcgi_params;
+            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
+            fastcgi_param PATH_INFO $fastcgi_path_info;
+        #    fastcgi_param HTTPS on;
+            fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
+            fastcgi_pass php-owncloud;
+            fastcgi_intercept_errors on;
+        }
+
+        # Adding the cache control header for js and css files
+        # Make sure it is BELOW the location ~ \.php(?:$|/) { block
+        location ~* \.(?:css|js)$ {
+            add_header Cache-Control "public, max-age=7200";
+            # Optional: Don't log access to assets
+            access_log off;
+        }
+
+        # Optional: Don't log access to other assets
+        location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
+            access_log off;
+        }
+
+        }
+
+
+
-- 
cgit