public/nixpkgs
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

nixos/nextcloud: update recommended nginx settings

Browse Source 
This updates the configuration to the recommendations in
https://docs.nextcloud.com/server/15/admin_manual/installation/nginx.html
This commit is contained in:
Pascal Bach 2019-02-27 14:36:11 +01:00
parent 81bf897e29
commit 7f8620900a
1 changed files with 9 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

14
nixos/modules/services/web-apps/nextcloud.nix
View File

@ -13,6 +13,7 @@ let
${optionalString cfg.caching.apcu "extension=${cfg.phpPackages.apcu}/lib/php/extensions/apcu.so"} ${optionalString cfg.caching.apcu "extension=${cfg.phpPackages.apcu}/lib/php/extensions/apcu.so"}
${optionalString cfg.caching.redis "extension=${cfg.phpPackages.redis}/lib/php/extensions/redis.so"} ${optionalString cfg.caching.redis "extension=${cfg.phpPackages.redis}/lib/php/extensions/redis.so"}
${optionalString cfg.caching.memcached "extension=${cfg.phpPackages.memcached}/lib/php/extensions/memcached.so"} ${optionalString cfg.caching.memcached "extension=${cfg.phpPackages.memcached}/lib/php/extensions/memcached.so"}
extension=${cfg.phpPackages.imagick}/lib/php/extensions/imagick.so
zend_extension = opcache.so zend_extension = opcache.so
opcache.enable = 1 opcache.enable = 1
''; '';
@ -407,7 +408,7 @@ in {
}; };
"/" = { "/" = {
priority = 200; priority = 200;
extraConfig = "rewrite ^ /index.php$uri;"; extraConfig = "rewrite ^ /index.php$request_uri;";
}; };
"~ ^/store-apps" = { "~ ^/store-apps" = {
priority = 201; priority = 201;
@ -444,22 +445,23 @@ in {
fastcgi_read_timeout 120s; fastcgi_read_timeout 120s;
''; '';
}; };
"~ ^/(?:updater|ocs-provider)(?:$|/)".extraConfig = '' "~ ^/(?:updater|ocs-provider|ocm-provider)(?:$|\/)".extraConfig = ''
try_files $uri/ =404; try_files $uri/ =404;
index index.php; index index.php;
''; '';
"~ \\.(?:css|js|woff|svg|gif)$".extraConfig = '' "~ \\.(?:css|js|woff2?|svg|gif)$".extraConfig = ''
try_files $uri /index.php$uri$is_args$args; try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463"; add_header Cache-Control "public, max-age=15778463";
add_header X-Content-Type-Options nosniff; add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block"; add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none; add_header X-Robots-Tag none;
add_header X-Download-Options noopen; add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none; add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
access_log off; access_log off;
''; '';
"~ \\.(?:png|html|ttf|ico|jpg|jpeg)$".extraConfig = '' "~ \\.(?:png|html|ttf|ico|jpg|jpeg)$".extraConfig = ''
try_files $uri /index.php$uri$is_args$args; try_files $uri /index.php$request_uri;
access_log off; access_log off;
''; '';
}; };
@ -469,10 +471,12 @@ in {
add_header X-Robots-Tag none; add_header X-Robots-Tag none;
add_header X-Download-Options noopen; add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none; add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
error_page 403 /core/templates/403.php; error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php; error_page 404 /core/templates/404.php;
client_max_body_size ${cfg.maxUploadSize}; client_max_body_size ${cfg.maxUploadSize};
fastcgi_buffers 64 4K; fastcgi_buffers 64 4K;
fastcgi_hide_header X-Powered-By;
gzip on; gzip on;
gzip_vary on; gzip_vary on;
gzip_comp_level 4; gzip_comp_level 4;