forked from NethServer/nethserver-nextcloud
/
10base
60 lines (50 loc) · 1.81 KB
/
10base
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
{
my $vhost = $nextcloud{'VirtualHost'} || '';
my $php_port = ${'php72-php-fpm'}{'TCPPorts'} || '9001';
my $config = '
<Directory "/usr/share/nextcloud">
Options +FollowSymLinks
AllowOverride All
Require all granted
<IfModule mod_dav.c>
Dav off
</IfModule>
<IfModule mod_headers.c>
Header always set Strict-Transport-Security "max-age=15552000"
</IfModule>
<FilesMatch \.php$>
SetHandler "proxy:fcgi://127.0.0.1:'.$php_port.'"
</FilesMatch>
SetEnv HOME /usr/share/nextcloud
SetEnv HTTP_HOME /usr/share/nextcloud
SetEnvIf Authorization "(.*)" HTTP_AUTHORIZATION=$1
</Directory>
<Directory "/usr/share/nextcloud/data/">
# just in case if .htaccess gets disabled
Require all denied
</Directory>';
if ($vhost ne '') {
$OUT .= "<VirtualHost *:80>\n";
$OUT .= " IncludeOptional conf.d/default-virtualhost.inc\n";
$OUT .= "</VirtualHost>\n\n";
$OUT .= "<VirtualHost *:80>\n";
$OUT .= " ServerName $vhost\n";
$OUT .= " RedirectMatch 301 ^(?!/.well-known/acme-challenge/).* https://$vhost\n";
$OUT .= "</VirtualHost>\n\n";
$OUT .= "<VirtualHost *:80>\n";
$OUT .= " ServerName $vhost\n";
$OUT .= " Redirect / https://$vhost/\n";
$OUT .= "</VirtualHost>\n\n";
$OUT .= "<VirtualHost *:443>\n";
$OUT .= " ServerName $vhost\n";
$OUT .= " SSLEngine on\n";
$OUT .= " RewriteCond %\{HTTPS\} !=on\n";
$OUT .= " RewriteRule (.*) https://%\{SERVER_NAME\}%\{REQUEST_URI\} [END,QSA,R=permanent]\n\n";
$OUT .= " Alias / \"/usr/share/nextcloud/\"";
$OUT .= $config;
$OUT .= "\n</VirtualHost>\n";
} else {
$OUT .= " Alias /nextcloud \"/usr/share/nextcloud/\"";
$OUT .= $config;
}
}