server { server_name cloud.pyuxiang.com; root /var/www/nextcloud; index index.php index.html /index.php$request_uri; listen 80; # If using own SSL certificate, otherwise let Certbot handle this #listen 443 ssl; #ssl_certificate /etc/letsencrypt/live/cloud.pyuxiang.com/fullchain.pem; #ssl_certificate_key /etc/letsencrypt/live/cloud.pyuxiang.com/privkey.pem; #include /etc/letsencrypt/options-ssl-nginx.conf; #ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # Max upload size client_max_body_size 1G; fastcgi_buffers 64 4K; # For security/privacy add_header Referrer-Policy "no-referrer" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Download-Options "noopen" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "none" always; add_header X-XSS-Protection "1; mode=block" always; fastcgi_hide_header X-Powered-By; # Allow client access to `/.well-known` # Copied from default nginx configuration for Nextcloud location ^~ /.well-known { location = /.well-known/carddav { return 301 /remote.php/dav/; } location = /.well-known/caldav { return 301 /remote.php/dav/; } location /.well-known/acme-challenge { try_files $uri $uri/ =404; } location /.well-known/pki-validation { try_files $uri $uri/ =404; } # Pass to frontend for handling of `/.well-known` URIs to Nextcloud API return 301 /index.php$request_uri; } location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; } location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; } # This will be your own PHP scripts/server location ~\.php(?:$|/) { include snippets/fastcgi-php.conf; fastcgi_pass unix:/var/run/php/php[VER]-fpm.sock; } location ~ \.(?:css|js|svg|gif)$ { try_files $uri /index.php$request_uri; expires 6M; access_log off; } location ~ \.woff2?$ { try_files $uri /index.php$request_uri; expires 7d; access_log off; } location /remote { return 301 /remote.php$request_uri; } location / { try_files $uri $uri/ /index.php$request_uri; } }