server {
listen 80;
server_name www;
rewrite ^ https://$http_host$request_uri? permanent;
server_tokens off;
}
server {
listen 443;
ssl on;
ssl_certificate /etc/letsencrypt/live/www/cert.pem;
ssl_certificate_key /etc/letsencrypt/live/www/privkey.pem;
server_name www;
server_tokens off;
# ......
fastcgi_param HTTPS on;
fastcgi_param HTTP_SCHEME https;
root /var/www/nextcloud;
index index.php index.html;
location / {
proxy_pass http://localhost:8080;
include /etc/nginx/proxy_params;
}
location ~ /\.ht {
deny all;
}
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
#proxy_set_header X-Forwarded-Proto $scheme;
client_max_body_size 1536M;
client_body_buffer_size 1600M;
proxy_intercept_errors on;
proxy_buffering on;
proxy_buffer_size 128k;
proxy_buffers 256 16k;
proxy_busy_buffers_size 256k;
proxy_temp_file_write_size 256k;
proxy_max_temp_file_size 0;
proxy_read_timeout 300;
<VirtualHost *:8080>
ServerAdmin
DocumentRoot /var/www/nextcloud
ServerName www
ServerAlias www.
ErrorLog logs/www-error_log
CustomLog logs/www-access_log common
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=7776000; includeSubDomains"
</IfModule>
# SSLEngine off
# SSLCertificateFile /etc/letsencrypt/live/www/cert.pem
# SSLCertificateKeyFile /etc/letsencrypt/live/www/privkey.pem
# Include /etc/letsencrypt/options-ssl-apache.conf
# SSLCertificateChainFile /etc/letsencrypt/live/www/chain.pem
</VirtualHost>
Alias /nextcloud "/var/www/nextcloud/"
<Directory /var/www/nextcloud/>
Options +FollowSymlinks
AllowOverride All
<IfModule mod_dav.c>
Dav off
</IfModule>
SetEnv HOME /var/www/nextcloud
SetEnv HTTP_HOME /var/www/nextcloud
</Directory>