# redirect http to https. server { listen [::]:80; server_name owncloud.lovius.net; rewrite ^ https://$server_name$request_uri? permanent; # enforce https } # owncloud (ssl/tls) server { listen [::]:443 ssl; server_name owncloud.lovius.net; ssl_certificate /etc/nginx/certs/owncloud.pem; ssl_certificate_key /etc/nginx/certs/owncloudkey.pem; access_log /var/log/nginx/owncloud.lovius.net.access.log; error_log /var/log/nginx/owncloud.lovius.net.error.log; root /var/www/owncloud; client_max_body_size 10G; # set max upload size fastcgi_buffers 64 4K; rewrite ^/caldav((/|$).*)$ /remote.php/caldav$1 last; rewrite ^/carddav((/|$).*)$ /remote.php/carddav$1 last; rewrite ^/webdav((/|$).*)$ /remote.php/webdav$1 last; index index.php; error_page 403 = /core/templates/403.php; error_page 404 = /core/templates/404.php; location ~ ^/(data|config|\.ht|db_structure\.xml|README|AUTHORS|COPYING-AGPL|COPYING-README) { deny all; } location / { rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; rewrite ^/apps/calendar/caldav.php /remote.php/caldav/ last; rewrite ^/apps/contacts/carddav.php /remote.php/carddav/ last; rewrite ^/apps/([^/]*)/(.*\.(css|php))$ /index.php?app=$1&getfile=$2 last; rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; try_files $uri $uri/ index.php; } location ~ ^(?.+?\.php)(?/.*)?$ { try_files $script_name = 404; include fastcgi_params; fastcgi_param PATH_INFO $path_info; fastcgi_param HTTPS on; fastcgi_pass unix:/var/run/php5-fpm.sock; } location ~* ^.+.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ { expires 30d; # Optional: Don't log access to assets access_log off; } }