mirror of
https://github.com/kevinveenbirkenbach/computer-playbook.git
synced 2024-11-30 00:11:03 +01:00
38 lines
1.6 KiB
Plaintext
38 lines
1.6 KiB
Plaintext
|
server
|
||
|
{
|
||
|
server_name {{domain}};
|
||
|
|
||
|
{% include 'roles/native-letsencrypt/templates/ssl_header.j2' %}
|
||
|
|
||
|
# Remove X-Powered-By, which is an information leak
|
||
|
fastcgi_hide_header X-Powered-By;
|
||
|
|
||
|
# set max upload size
|
||
|
client_max_body_size 10G;
|
||
|
client_body_buffer_size 400M;
|
||
|
fastcgi_buffers 64 4K;
|
||
|
|
||
|
# Enable gzip but do not remove ETag headers
|
||
|
gzip on;
|
||
|
gzip_vary on;
|
||
|
gzip_comp_level 4;
|
||
|
gzip_min_length 256;
|
||
|
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
|
||
|
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
|
||
|
|
||
|
|
||
|
{% include 'roles/native-nginx-docker-proxy/templates/proxy_pass.conf.j2' %}
|
||
|
|
||
|
location ^~ /.well-known {
|
||
|
rewrite ^/\.well-known/host-meta\.json /public.php?service=host-meta-json last;
|
||
|
rewrite ^/\.well-known/host-meta /public.php?service=host-meta last;
|
||
|
rewrite ^/\.well-known/webfinger /public.php?service=webfinger last;
|
||
|
rewrite ^/\.well-known/nodeinfo /public.php?service=nodeinfo last;
|
||
|
|
||
|
location = /.well-known/carddav { return 301 /remote.php/dav/; }
|
||
|
location = /.well-known/caldav { return 301 /remote.php/dav/; }
|
||
|
|
||
|
try_files $uri $uri/ =404;
|
||
|
}
|
||
|
}
|