owncloud nginx config

7/10/2013 - 9:42 AM
server {
        listen 80;
        server_name cloud.sjchen.net;
        return 301 https://$server_name$request_uri;  # enforce https
}

server {
        server_name cloud.sjchen.net;
        root /srv/owncloud;

        listen 443 ssl;
        
        ssl on;
        ssl_certificate /etc/nginx/keys/cloud-sjchen-net/server.crt;
        ssl_certificate_key /etc/nginx/keys/cloud-sjchen-net/server.key;
        ssl_ciphers ECDHE-RSA-AES128-SHA256:AES128-GCM-SHA256:RC4:HIGH:!MD5:!aNULL:!EDH;
        ssl_prefer_server_ciphers on;

        error_log /var/log/nginx/cloud-sjchen-net.error_log;
        access_log /var/log/nginx/cloud-sjchen-net.access_log;
        index index.php;

        error_page 403 = /core/templates/403.php;
        error_page 404 = /core/templates/404.php;

        client_max_body_size 10G;
        fastcgi_buffers 64 4K;

        rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
        rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
        rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;

        autoindex off;

        location = /robots.txt {
                log_not_found off;
                access_log off;
                allow all;
        }

        location = /favicon.ico {
                log_not_found off;
                access_log off;
        }

        location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
                deny all;
        }

        location / {

                rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
                rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
                rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
                rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
                rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;

                try_files $uri $uri/ @webdav;
        }

        location @webdav {
                
                fastcgi_split_path_info ^(.+\.php)(/.*)$;
                fastcgi_pass unix:/var/run/php-fpm.sock;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                fastcgi_param HTTPS on;
                include fastcgi_params;

        }

        #location ~ \.php$ {
                ##NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
                #try_files $uri = 404;
                #fastcgi_pass unix:/var/run/php-fpm.sock;
                #fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                #fastcgi_param HTTPS on;
                #include fastcgi_params;
        #}

        location ~ ^(.+?\.php)(/.*)?$ {
                try_files $1 = 404;
                include fastcgi_params;
                fastcgi_param SCRIPT_FILENAME $document_root$1;
                fastcgi_param PATH_INFO $2;
                fastcgi_param HTTPS on;
                fastcgi_pass unix:/var/run/php-fpm.sock;
        }

        location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
                expires 30d;
                access_log off;
        }

}
Cacher is the code snippet organizer for pro developers

We empower you and your team to get more done, faster

owncloud nginx config
