On Sat, May 18, 2019 at 10:07:44AM +0200, Gonzalo L. Rodriguez wrote:
> A diff would be nice, I like a simpler version of httpd.conf.
Is this OK?
diff 280bf952361344623a0efd16a764d42cf5d7a8b9 /usr/ports
blob - 03857e21f187289323ca086848538a0ab24d2cfe
file + www/nextcloud/Makefile
--- www/nextcloud/Makefile
+++ www/nextcloud/Makefile
@@ -5,6 +5,7 @@ COMMENT= easy and universal access to shared
and/or p
V= 16.0.0
DISTNAME= nextcloud-${V}
EXTRACT_SUFX= .tar.bz2
+REVISION= 0
CATEGORIES= www
blob - ef8c31fac5a80c2878b486f1472ac53152e7119b
file + www/nextcloud/pkg/README
--- www/nextcloud/pkg/README
+++ www/nextcloud/pkg/README
@@ -38,9 +38,6 @@ httpd(8) example configuration for Nextcloud:
server "domain.tld" {
listen on egress tls port 443
- root "/nextcloud"
- request strip 1
-
hsts max-age 15768000
tls {
@@ -48,28 +45,54 @@ server "domain.tld" {
key "/etc/ssl/private/domain.tld_private.pem"
}
- # First deny access to the specified files
- location "/.ht*" { block }
- location "/.user*" { block }
- location "/3rdparty*" { block }
- location "/README" { block }
- location "/autotest*" { block }
- location "/build*" { block }
- location "/config*" { block }
- location "/console*" { block }
- location "/data*" { block }
- location "/db_*" { block }
- location "/indie*" { block }
- location "/issue*" { block }
- location "/lib*" { block }
- location "/occ*" { block }
- location "/templates*" { block }
- location "/tests*" { block }
+ # Set max upload size to 513M (in bytes)
+ connection max request body 537919488
+ connection max requests 1000
+ connection request timeout 3600
+ connection timeout 3600
- location "/*.php*" {
+ block drop
+
+ # Ensure that no '*.php*' files can be fetched from these directories
+ location "/nextcloud/config/*" {
+ block drop
+ }
+ location "/nextcloud/data/*" {
+ block drop
+ }
+
+ # Note that this matches "*.php*" anywhere in the request path.
+ location "/nextcloud/*.php*" {
root "/nextcloud"
request strip 1
fastcgi socket "/run/php-fpm.sock"
+ pass
+ }
+
+ location "/nextcloud/apps/*" {
+ root "/nextcloud"
+ request strip 1
+ pass
+ }
+
+ location "/nextcloud/core/*" {
+ root "/nextcloud"
+ request strip 1
+ pass
+ }
+
+ location "/nextcloud/settings/*" {
+ root "/nextcloud"
+ request strip 1
+ pass
+ }
+
+ location "/nextcloud" {
+ block return 301 "$DOCUMENT_URI/index.php"
+ }
+
+ location "/nextcloud/" {
+ block return 301 "$DOCUMENT_URI/index.php"
}
}
---8<---------------------------------------------------------------------------
