github/reverse-proxy-confs
1
0
Fork 0
mirror of https://github.com/linuxserver/reverse-proxy-confs.git synced 2025-07-06 13:01:35 -07:00
Code Issues Projects Releases Packages Wiki Activity Actions 2

Merge pull request #585 from linuxserver/nextcloud-headers

Browse source 
Nextcloud header adjustments
This commit is contained in:
Eric Nemchik 2023-06-25 08:19:49 -05:00 committed by GitHub
commit c51e31e661
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 20 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

10
nextcloud.subdomain.conf.sample
View file

@ -1,4 +1,4 @@
## Version 2023/06/06 ## Version 2023/06/24
# make sure that your nextcloud container is named nextcloud # make sure that your nextcloud container is named nextcloud
# make sure that your dns has a cname set for nextcloud # make sure that your dns has a cname set for nextcloud
# assuming this container is called "swag", edit your nextcloud container's config # assuming this container is called "swag", edit your nextcloud container's config
@ -32,8 +32,14 @@ server {
set $upstream_proto https; set $upstream_proto https;
proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_pass $upstream_proto://$upstream_app:$upstream_port;
# Uncomment X-Frame-Options directive in ssl.conf to pass security checks. # Hide proxy response headers from Nextcloud that conflict with ssl.conf
# Uncomment the Optional additional headers in SWAG's ssl.conf to pass Nextcloud's security scan
proxy_hide_header Referrer-Policy;
proxy_hide_header X-Content-Type-Options;
proxy_hide_header X-Frame-Options; proxy_hide_header X-Frame-Options;
proxy_hide_header X-XSS-Protection;
# Disable proxy buffering
proxy_buffering off; proxy_buffering off;
} }
} }

16
nextcloud.subfolder.conf.sample
View file

@ -1,4 +1,4 @@
## Version 2023/06/06 ## Version 2023/06/24
# make sure that your nextcloud container is named nextcloud # make sure that your nextcloud container is named nextcloud
# make sure that nextcloud is set to work with the base url /nextcloud/ # make sure that nextcloud is set to work with the base url /nextcloud/
# Assuming this container is called "swag", edit your nextcloud container's config # Assuming this container is called "swag", edit your nextcloud container's config
@ -34,10 +34,18 @@ location ^~ /nextcloud/ {
proxy_pass $upstream_proto://$upstream_app:$upstream_port; proxy_pass $upstream_proto://$upstream_app:$upstream_port;
rewrite /nextcloud(.*) $1 break; rewrite /nextcloud(.*) $1 break;
# Uncomment X-Frame-Options directive in ssl.conf to pass security checks.
proxy_hide_header X-Frame-Options;
proxy_buffering off;
proxy_set_header Range $http_range; proxy_set_header Range $http_range;
proxy_set_header If-Range $http_if_range; proxy_set_header If-Range $http_if_range;
proxy_ssl_session_reuse off; proxy_ssl_session_reuse off;
# Hide proxy response headers from Nextcloud that conflict with ssl.conf
# Uncomment the Optional additional headers in SWAG's ssl.conf to pass Nextcloud's security scan
proxy_hide_header Referrer-Policy;
proxy_hide_header X-Content-Type-Options;
proxy_hide_header X-Frame-Options;
proxy_hide_header X-XSS-Protection;
# Disable proxy buffering
proxy_buffering off;
} }