From f06a31b8d4ff703eee3ea129177afda445dab138 Mon Sep 17 00:00:00 2001
From: EVOTk <45015615+EVOTk@users.noreply.github.com>
Date: Mon, 22 Feb 2021 23:02:23 +0100
Subject: [PATCH] Update nextcloud.subdomain.conf.sample

Update for nextcloud 21
Security safety recommendation  for .well-known
https://docs.nextcloud.com/server/21/admin_manual/installation/nginx.html
---
 nextcloud.subdomain.conf.sample | 16 ++++++++++++++++
 1 file changed, 16 insertions(+)

diff --git a/nextcloud.subdomain.conf.sample b/nextcloud.subdomain.conf.sample
index 8ddbb4d..8496ae4 100644
--- a/nextcloud.subdomain.conf.sample
+++ b/nextcloud.subdomain.conf.sample
@@ -33,4 +33,20 @@ server {
 
         proxy_max_temp_file_size 2048m;
     }
+    
+    location = /robots.txt {
+        allow all;
+        log_not_found off;
+        access_log off;
+    }
+    
+    location ^~ /.well-known {
+        # The following 6 rules are borrowed from `.htaccess`
+        location = /.well-known/carddav     { return 301 /remote.php/dav/; }
+        location = /.well-known/caldav      { return 301 /remote.php/dav/; }
+        # Anything else is dynamically handled by Nextcloud
+        location ^~ /.well-known            { return 301 /index.php$uri; }
+
+        try_files $uri $uri/ =404;
+    }
 }