I installed the latest OwnCloud 8.2 under the subdirectory on https://crossrt.me, so I can share the SSL certificate to protect my files during transfer between remote and client. I search the Nginx configuration for my circumstance, but not luck since no one is working. So I decide to modify the config file from administration manual, here is the link to it.
My circumstance:
- Want to install OwnCloud 8.2
- WordPress installed on the domain.
- Share SSL certificate.
Here is my nginx config file, modify it according to your need:
server {
listen 443 default_server;
ssl on;
ssl_certificate /PATH/TO/YOUR/SSL.crt;
ssl_certificate_key /PATH/TO/YOUR/SSL.key;
server_name domainname.com;
root /PATH/TO/YOUR/domainname.com;
index index.php index.html index.htm;
location / {
try_files $uri $uri/ /index.php?q=$uri&$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root concurs with nginx's one
location ~ /\.ht {
deny all;
}
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
# Add headers to serve security related headers
# add Strict-Transport-Security to prevent man in the middle attacks
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
location /owncloud {
client_max_body_size 2G; # set max upload size
fastcgi_buffers 64 4K;
error_page 403 /owncloud/core/templates/403.php;
error_page 404 /owncloud/core/templates/404.php;
rewrite ^/owncloud/.well-known/carddav /remote.php/carddav/ permanent;
rewrite ^/owncloud/.well-known/caldav /remote.php/caldav/ permanent;
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/owncloud/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/owncloud/.well-known/host-meta.json /public.php?service=host-meta-json last;
location = /owncloud/robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/owncloud/(build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/owncloud/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
rewrite ^/owncloud/remote/(.*) /remote.php last;
rewrite ^/owncloud(/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ =404;
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
fastcgi_intercept_errors on;
}
# Adding the cache control header for js and css files
# Make sure it is BELOW the location ~ \.php(?:$|/) { block
location ~* \.(?:css|js)$ {
add_header Cache-Control "public, max-age=7200";
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
# Optional: Don't log access to assets
access_log off;
}
# Optional: Don't log access to other assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {
access_log off;
}
}
}
So basically I just modify the rewrite rules in the config file from its official document. Again, remember to refer OwnCloud official document, it’s always helped.
Leave a Comment