Nextcloud 13 on ISPConfig 3 Nginx

Discussion in 'General' started by pvanthony, May 26, 2018.

  1. pvanthony

    pvanthony Member

    The following 3 sections need to be commented out for Nextcloud 13 to work on ISPConfig 3 Nginx.
    Is there another way to install Nextcloud 13 on ISPConfig 3 without doing the following modifications?
    With the modifications it works great. Hoping to find a way where just adding the config through the ISPConfig 3 GUI would be enough to make it work.

    # have to disable for nextcloud to work.
    #location ~ /\. {
    # deny all;
    #}


    # have to disable this to make nextcloud to work.
    # if not we get the following error.
    # "Not enough free space, you are uploading 19.8 MB but only 0 B is left"
    #location ~ \.php$ {
    # try_files /01ccc0dc719a7105b6ddfd073185a06f.htm @php;
    #}


    # have to disable this to make nextcloud to work.
    # the delete does not work for 1.8GB file.
    #location @php {
    # try_files $uri =404;
    # include /etc/nginx/fastcgi_params;
    # fastcgi_pass unix:/var/lib/php5-fpm/web3.sock;
    # fastcgi_index index.php;
    # fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    # fastcgi_intercept_errors on;
    #}





    Below is the complete config for nextcloud for ISPConfig 3 Nginx

    server {
    listen *:80;

    listen *:443 ssl http2;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_certificate /var/www/clients/client1/web3/ssl/nextcloud.example.com-le.crt;
    ssl_certificate_key /var/www/clients/client1/web3/ssl/nextcloud.example.com-le.key;

    server_name nextcloud.example.com ;

    root /var/www/nextcloud.example.com/web/;

    if ($scheme != "https") {
    rewrite ^ https://$http_host$request_uri? permanent;
    }


    index index.html index.htm index.php index.cgi index.pl index.xhtml;



    error_log /var/log/ispconfig/httpd/nextcloud.example.com/error.log;
    access_log /var/log/ispconfig/httpd/nextcloud.example.com/access.log combined;

    # have to disable for nextcloud to work.
    #location ~ /\. {
    # deny all;
    #}

    location ^~ /.well-known/acme-challenge/ {
    access_log off;
    log_not_found off;
    root /usr/local/ispconfig/interface/acme/;
    autoindex off;
    index index.html;
    try_files $uri $uri/ =404;
    }

    location = /favicon.ico {
    log_not_found off;
    access_log off;
    expires max;
    add_header Cache-Control "public, must-revalidate, proxy-revalidate";
    }

    location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
    }

    location /stats/ {

    index index.html index.php;
    auth_basic "Members Only";
    auth_basic_user_file /var/www/clients/client1/web3/web/stats/.htpasswd_stats;
    }

    location ^~ /awstats-icon {
    alias /usr/share/awstats/icon;
    }

    # have to disable this to make nextcloud to work.
    # if not we get the following error.
    # "Not enough free space, you are uploading 19.8 MB but only 0 B is left"
    #location ~ \.php$ {
    # try_files /01ccc0dc719a7105b6ddfd073185a06f.htm @php;
    #}

    # have to disable this to make nextcloud to work.
    # the delete does not work for 1.8GB file.
    #location @php {
    # try_files $uri =404;
    # include /etc/nginx/fastcgi_params;
    # fastcgi_pass unix:/var/lib/php5-fpm/web3.sock;
    # fastcgi_index index.php;
    # fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    # fastcgi_intercept_errors on;
    #}


    # ----> below here is what was added from within the GUI of ISPConfig 3 <-----

    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;


    location = /.well-known/carddav {
    return 301 $scheme://$host/remote.php/dav;
    }

    location = /.well-known/caldav {
    return 301 $scheme://$host/remote.php/dav;
    }

    client_max_body_size 2000M;
    fastcgi_buffers 64 4K;

    gzip on;
    gzip_vary on;
    gzip_comp_level 4;
    gzip_min_length 256;
    gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
    gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;


    location / {
    rewrite ^ /index.php$uri;
    }

    location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
    deny all;
    }

    location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
    deny all;
    }

    location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
    fastcgi_split_path_info ^(.+\.php)(/.*)$;
    include fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param PATH_INFO $fastcgi_path_info;
    fastcgi_param HTTPS on;
    fastcgi_param modHeadersAvailable true;
    fastcgi_param front_controller_active true;
    fastcgi_pass unix:/var/lib/php5-fpm/web3.sock;
    fastcgi_intercept_errors on;
    fastcgi_request_buffering off;
    fastcgi_read_timeout 900s; # 15 minutes
    }

    location ~ ^/(?:updater|ocs-provider)(?:$|/) {
    try_files $uri/ =404;
    index index.php;
    }

    location ~ \.(?:css|js|woff|svg|gif)$ {
    try_files $uri /index.php$uri$is_args$args;
    add_header Cache-Control "public, max-age=15778463";
    add_header X-Content-Type-Options nosniff;
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;
    access_log off;
    }

    location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
    try_files $uri /index.php$uri$is_args$args;
    access_log off;
    }

    }
     
    ahrasis likes this.

Share This Page