mirror of
https://github.com/EGroupware/egroupware.git
synced 2024-12-21 06:01:06 +01:00
124 lines
4.4 KiB
Nginx Configuration File
124 lines
4.4 KiB
Nginx Configuration File
# /etc/nginx/sites-available/egroupware-nginx.conf
|
|
# need to be symlinked to /etc/nginx/sites-enabled/ and nginx -s reload (after removing default!)
|
|
|
|
# stuff for http block
|
|
client_max_body_size 1g;
|
|
# fix error: upstream sent too big header while reading response header from upstream
|
|
fastcgi_buffers 16 16k;
|
|
fastcgi_buffer_size 32k;
|
|
|
|
server {
|
|
listen 80 default_server;
|
|
|
|
# ssl config (enable following line plus either include or ssl_certificate* line)
|
|
#listen 443 ssl http2 default_server;
|
|
#include snippets/snakeoil.conf; # requires ssl-certs package installed!
|
|
# concatenate private key, certificate and intermediate certs to /etc/ssl/private/certificate.pem
|
|
#ssl_certificate /etc/ssl/private/certificate.pem;
|
|
#ssl_certificate_key /etc/ssl/private/certificate.pem;
|
|
# HTTP Strict-Transport-Security header (start with a short max-age!)
|
|
#add_header Strict-Transport-Security max-age=31536000; # 31536000sec=1year
|
|
|
|
# A free of charge ssl certificate can be obtained from https://letsencrypt.org
|
|
# Instrunctions for Ubuntu 16.04 are eg. available at
|
|
# https://www.digitalocean.com/community/tutorials/how-to-secure-nginx-with-let-s-encrypt-on-ubuntu-16-04
|
|
# Just use /etc/egroupware/nginx.conf instead of /etc/nginx/sites-available/default
|
|
|
|
server_name _;
|
|
root /var/www/html;
|
|
|
|
index index.php index.nginx-debian.html index.html index.htm;
|
|
|
|
# include other EGroupware parts like Collabora
|
|
include app.d/egroupware*.conf;
|
|
|
|
# other settings
|
|
client_max_body_size 65M;
|
|
|
|
# EGroupware installed in /usr/share/egroupware
|
|
location ^~ /egroupware {
|
|
alias /usr/share/egroupware/;
|
|
try_files $uri $uri/ =404;
|
|
location ~ ^/egroupware(/(?U).+\.php) {
|
|
# do not allow to call files ment to be included only
|
|
location ~ ^/egroupware/(vendor|[^/]+/(src|setup|inc|vendor))/ {
|
|
return 404;
|
|
}
|
|
alias /usr/share/egroupware;
|
|
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
|
|
# added to support WebDAV/CalDAV/CardDAV
|
|
fastcgi_read_timeout 60m;
|
|
fastcgi_index index.php;
|
|
fastcgi_split_path_info ^((?U).+\.php)(.*)$;
|
|
fastcgi_param PATH_INFO $fastcgi_path_info;
|
|
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
|
|
# standard Nginx
|
|
include fastcgi_params;
|
|
fastcgi_param SCRIPT_FILENAME /usr/share/egroupware$1;
|
|
fastcgi_param DOCUMENT_ROOT /var/www/html;
|
|
}
|
|
location ~ (?i)\.(ico|jpe?g|gif|png|svg|xet|xml|js|css|html|map|swf)$ {
|
|
access_log off;
|
|
expires 10d;
|
|
add_header Pragma public;
|
|
add_header Cache-Control "public";
|
|
location ~ ^/egroupware(/.*)$ {
|
|
alias /usr/share/egroupware/;
|
|
try_files $1 =404;
|
|
}
|
|
}
|
|
}
|
|
|
|
# PHP in docroot
|
|
#location ~ \.php {
|
|
# fastcgi_pass unix:/run/php/php7.0-fpm.sock;
|
|
# include fastcgi_params;
|
|
#}
|
|
|
|
# phpmyadmin in /usr/share/phpmyadmin
|
|
#location /phpmyadmin {
|
|
# alias /usr/share/phpmyadmin/;
|
|
# try_files $uri $uri/ =404;
|
|
# location ~ ^/phpmyadmin(/(?U).+\.php) {
|
|
# alias /usr/share/phpmyadmin;
|
|
# fastcgi_pass unix:/run/php/php7.0-fpm.sock;
|
|
# fastcgi_index index.php;
|
|
# fastcgi_split_path_info ^((?U).+\.php)(.*)$;
|
|
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
# fastcgi_param PATH_INFO $fastcgi_path_info;
|
|
# fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
|
|
# # standard Nginx
|
|
# include fastcgi_params;
|
|
# fastcgi_param DOCUMENT_ROOT /var/www/html;
|
|
# fastcgi_param SCRIPT_FILENAME /usr/share/phpmyadmin$1;
|
|
# }
|
|
#}
|
|
|
|
# ActiveSync support
|
|
location /Microsoft-Server-ActiveSync {
|
|
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
|
|
# added to support WebDAV/CalDAV/CardDAV
|
|
fastcgi_read_timeout 60m;
|
|
fastcgi_index index.php;
|
|
fastcgi_split_path_info ^((?U).+\.php)(.*)$;
|
|
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
|
|
fastcgi_param PATH_INFO $fastcgi_path_info;
|
|
fastcgi_param PATH_TRANSLATED $document_root$fastcgi_path_info;
|
|
include fastcgi_params;
|
|
fastcgi_param SCRIPT_FILENAME /usr/share/egroupware/activesync/index.php;
|
|
}
|
|
# CalDAV & CardDAV autoconfig
|
|
location ~ ^/.well-known/(caldav|carddav)$ {
|
|
return 301 $scheme://$host/egroupware/groupdav.php/;
|
|
}
|
|
location ~ ^(/principals/users/.*)$ {
|
|
return 301 $scheme://$host/egroupware/groupdav.php$1;
|
|
}
|
|
# Nginx does NOT use index for OPTIONS requests breakng WebDAV
|
|
# for Windows, which sends OPTIONS / and stalls on Nginx 405 response!
|
|
# This also redirects all requests to root to EGroupware.
|
|
location = / {
|
|
return 301 $scheme://$host/egroupware/index.php;
|
|
}
|
|
}
|