From 6a032dc5b1ff43748f837705eeba78d5b11860a1 Mon Sep 17 00:00:00 2001 From: Paul Lecuq Date: Sat, 17 Dec 2022 23:33:52 +0100 Subject: [PATCH] updated nginx state --- states/nginx/service.sls | 4 ++- states/nginx/templates/types/nextcloud.j2 | 33 ++++++++++++----------- 2 files changed, 20 insertions(+), 17 deletions(-) diff --git a/states/nginx/service.sls b/states/nginx/service.sls index 1397ff5..8fc3fb2 100644 --- a/states/nginx/service.sls +++ b/states/nginx/service.sls @@ -3,4 +3,6 @@ nginx-service: service.running: - name: nginx - enable: true - - reload: true \ No newline at end of file + - reload: true + - check_cmd: + - nginx -t diff --git a/states/nginx/templates/types/nextcloud.j2 b/states/nginx/templates/types/nextcloud.j2 index e51631b..ebb247c 100644 --- a/states/nginx/templates/types/nextcloud.j2 +++ b/states/nginx/templates/types/nextcloud.j2 @@ -14,24 +14,25 @@ server { index index.php; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; - rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; - rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; - rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; client_max_body_size 4G; fastcgi_buffers 64 4K; add_header Strict-Transport-Security "max-age=31536000; includeSubDomains" always; {%- for key,value in headers.items() %} add_header {{ key }} "{{ value }}"; {% endfor -%} + rewrite ^/caldav(.*)$ https://$server_name/remote.php/dav$1 redirect; + rewrite ^/carddav(.*)$ https://$server_name/remote.php/dav$1 redirect; + rewrite ^/webdav(.*)$ https://$server_name/remote.php/webdav$1 redirect; location / { - rewrite ^/.well-known/host-meta /public.php?service=host-meta last; - rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; - rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; - rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; - rewrite ^/.well-known/webfinger /public.php?service=webfinger last; - rewrite ^/.well-known/nodeinfo /public.php?service=nodeinfo last; - rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + rewrite ^/caldav(.*)$ https://$server_name/remote.php/dav$1 redirect; + rewrite ^/carddav(.*)$ https://$server_name/remote.php/dav$1 redirect; + rewrite ^/webdav(.*)$ https://$server_name/remote.php/webdav$1 redirect; + rewrite ^/.well-known/host-meta https://$server_name/public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json https://$server_name/public.php?service=host-meta-json last; + rewrite ^/.well-known/webfinger https://$server_name/public.php?service=webfinger last; + rewrite ^/.well-known/nodeinfo https://$server_name/public.php?service=nodeinfo last; + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; try_files $uri $uri/ index.php; } @@ -46,12 +47,12 @@ server { } location ~ ^(.+?\.php)(/.*)?$ { - include fastcgi_params; - fastcgi_pass unix:{{ php_socket_file }}; - fastcgi_index index.php; - fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name; - fastcgi_split_path_info ^(.+\.php)(/.+)$; - try_files $1 =404; + include fastcgi_params; + fastcgi_pass unix:{{ php_socket_file }}; + fastcgi_index index.php; + fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name; + fastcgi_split_path_info ^(.+\.php)(/.+)$; + try_files $1 =404; } location /robots.txt {