61 lines
2.6 KiB
Plaintext
61 lines
2.6 KiB
Plaintext
# Control Panel
|
|
# Proxy /admin to our Python based control panel daemon. It is
|
|
# listening on IPv4 only so use an IP address and not 'localhost'.
|
|
rewrite ^/admin$ /admin/;
|
|
location /admin/ {
|
|
proxy_pass http://127.0.0.1:10222/;
|
|
proxy_set_header X-Forwarded-For $remote_addr;
|
|
}
|
|
|
|
# ownCloud configuration.
|
|
rewrite ^/cloud$ /cloud/ redirect;
|
|
rewrite ^/cloud/$ /cloud/index.php;
|
|
rewrite ^/cloud/(contacts|calendar|files)$ /cloud/index.php/apps/$1/ redirect;
|
|
rewrite ^(/cloud/core/doc/[^\/]+/)$ $1/index.html;
|
|
location /cloud/ {
|
|
alias /usr/local/lib/owncloud/;
|
|
location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
|
|
deny all;
|
|
}
|
|
}
|
|
location ~ ^(/cloud)((?:/ocs)?/[^/]+\.php)(/.*)?$ {
|
|
# note: ~ has precendence over a regular location block
|
|
# Accept URLs like:
|
|
# /cloud/index.php/apps/files/
|
|
# /cloud/index.php/apps/files/ajax/scan.php (it's really index.php; see 6fdef379adfdeac86cc2220209bdf4eb9562268d)
|
|
# /cloud/ocs/v1.php/apps/files_sharing/api/v1 (see #240)
|
|
# /cloud/remote.php/webdav/yourfilehere...
|
|
include fastcgi_params;
|
|
fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$2;
|
|
fastcgi_param SCRIPT_NAME $1$2;
|
|
fastcgi_param PATH_INFO $3;
|
|
# TODO: see the dispreferred "method 2" for xaccel at https://doc.owncloud.org/server/8.1/admin_manual/configuration_files/serving_static_files_configuration.html
|
|
fastcgi_param MOD_X_ACCEL_REDIRECT_ENABLED on;
|
|
fastcgi_read_timeout 630;
|
|
fastcgi_pass php-fpm;
|
|
error_page 403 /cloud/core/templates/403.php;
|
|
error_page 404 /cloud/core/templates/404.php;
|
|
client_max_body_size 1G;
|
|
fastcgi_buffers 64 4K;
|
|
}
|
|
location ^~ $STORAGE_ROOT/owncloud {
|
|
# This directory is for MOD_X_ACCEL_REDIRECT_ENABLED. It works a little weird.
|
|
# The full path on disk of the file is passed as the URL path. ownCloud 8 totally
|
|
# busted the sane way this worked in ownCloud 7. There's a pending change using
|
|
# a new parameter to make this make more sense.
|
|
# We need to only allow 'internal' redirects within nginx so that the filesystem
|
|
# is not exposed to the world.
|
|
internal;
|
|
alias $STORAGE_ROOT/owncloud;
|
|
}
|
|
location ~ ^/((caldav|carddav|webdav).*)$ {
|
|
# Z-Push doesn't like getting a redirect, and a plain rewrite didn't work either.
|
|
# Properly proxying like this seems to work fine.
|
|
proxy_pass https://$HOSTNAME/cloud/remote.php/$1;
|
|
}
|
|
rewrite ^/.well-known/host-meta /cloud/public.php?service=host-meta last;
|
|
rewrite ^/.well-known/host-meta.json /cloud/public.php?service=host-meta-json last;
|
|
rewrite ^/.well-known/carddav /cloud/remote.php/carddav/ redirect;
|
|
rewrite ^/.well-known/caldav /cloud/remote.php/caldav/ redirect;
|
|
|