nextcloud伪静态nginx另一种配置参考

服务器技术 8 个月前 回复

, ,

如果上一篇文章nextcloud伪静态设置不成功,你可以尝试这种!

直接上代码:

server
    {
        listen 80;
        #listen [::]:80;
        server_name pan.hjyl.org;
        index index.html index.htm index.php default.html default.htm default.php;
        root  /home/wwwroot/pan.hjyl.org;
        client_max_body_size 10G;
        fastcgi_buffers 64 4K;
        gzip on;
        gzip_vary on;
        gzip_comp_level 4;
        gzip_min_length 256;
        gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
        gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
        #nextcloud包含了403和404的错误页面
        error_page 403 /core/templates/403.php;
        error_page 404 /core/templates/404.php;

        #防止一些HTTP响应头引起的安全隐患
        add_header Strict-Transport-Security 'max-age=15552000';
        add_header X-Content-Type-Options 'nosniff';
        add_header X-Robots-Tag 'none';
        add_header X-Frame-Options 'SAMEORIGIN';
        add_header X-Download-Options 'noopen';
        add_header X-Permitted-Cross-Domain-Policies 'none';
        add_header X-XSS-Protection '1;mode=block';
        add_header Referrer-Policy "no-referrer";

        location = /.well-known/carddav {
          return 301 $scheme://$host:$server_port/remote.php/dav;
        }
        location = /.well-known/caldav {
          return 301 $scheme://$host:$server_port/remote.php/dav;
        }

        location / {
            rewrite ^ /index.php;
        }

        #Let's Encrypt 证书续期验证目录
        location ~ \.well-known{
            allow all;
        }

        #nextcloud一些关键目录的权限设置
        location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
            deny all;
        }
        location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
            deny all;
        }

        location ~ [^/]\.php(/|$) {
            fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
            set $path_info $fastcgi_path_info;
            try_files $fastcgi_script_name =404;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param PATH_INFO $path_info;
            #fastcgi_param HTTPS on;
            fastcgi_param modHeadersAvailable true;
            #宝塔默认是include调用PHP相关配置,这里稍稍修改了一下,注意php版本 #加入了front_controller_active这项参数以隐藏页面URL中的index.php
            fastcgi_param front_controller_active true;
            fastcgi_pass unix:/tmp/php-cgi.sock;
            fastcgi_intercept_errors on;
            fastcgi_request_buffering off;
            include fastcgi.conf;
            include pathinfo.conf;
        }

        location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
            try_files $uri/ =404;
            index index.php;
        }

        location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
            try_files $uri /index.php$request_uri;
            add_header Cache-Control "public, max-age=15778463";
            add_header Referrer-Policy "no-referrer" always;
            add_header X-Content-Type-Options "nosniff" always;
            add_header X-Download-Options "noopen" always;
            add_header X-Frame-Options "SAMEORIGIN" always;
            add_header X-Permitted-Cross-Domain-Policies "none" always;
            add_header X-Robots-Tag "none" always;
            add_header X-XSS-Protection "1; mode=block" always;
            access_log off;
        }

        location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ {
            try_files $uri /index.php$request_uri;
            access_log off;
        }

        location ~ .*\.(gif|jpg|jpeg|png|bmp|swf)$
        {
            expires      30d;
            error_log off;
            access_log /dev/null;
        }

        location ~ .*\.(js|css)?$
        {
            expires      12h;
            error_log off;
            access_log /dev/null; 
        }


        access_log off;
    }

参考:

https://docs.nextcloud.com/server/13/admin_manual/configuration_server/caching_configuration.html

https://serverfault.com/questions/845696/nginx-rewrite-nextcloud-index-php-in-url

宝塔面板下nextcloud完美优化配置

https://blog.csdn.net/qq_28718329/article/details/112687699

支付宝打赏微信打赏

如果此文对你有帮助,欢迎打赏作者。

发表评论

欢迎回来 (打开)

(必填)