diff --git a/conf/nginx.conf b/conf/nginx.conf index 573cde2..512e45d 100644 --- a/conf/nginx.conf +++ b/conf/nginx.conf @@ -4,8 +4,39 @@ location PATHTOCHANGE { rewrite ^ https://$server_name$request_uri? permanent; } client_max_body_size 10G; + fastcgi_buffers 64 4K; + + rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect; + rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect; + rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect; + index index.php; - try_files $uri $uri/ /index.php; + error_page 403 /core/templates/403.php; + error_page 404 /core/templates/404.php; + + location = /robots.txt { + allow all; + log_not_found off; + access_log off; + } + + location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README) { + deny all; + } + + location / { + # The following 2 rules are only needed with webfinger + rewrite ^/.well-known/host-meta /public.php?service=host-meta last; + rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; + + rewrite ^/.well-known/carddav /remote.php/carddav/ redirect; + rewrite ^/.well-known/caldav /remote.php/caldav/ redirect; + + rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; + + try_files $uri $uri/ index.php; + } + location ~ [^/]\.php(/|$) { fastcgi_split_path_info ^(.+?\.php)(/.*)$; fastcgi_pass unix:/var/run/php5-fpm-NAMETOCHANGE.sock; @@ -18,9 +49,11 @@ location PATHTOCHANGE { # Include SSOWAT user panel. sub_filter ''; sub_filter_once on; -} - -location ~ ^PATHTOCHANGE/(data|config|\.ht|db_structure\.xml|README) { - deny all; -} + } + # Optional: set long EXPIRES header on static assets + location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ { + expires 30d; + # Optional: Don't log access to assets + access_log off; + }