conf_server/default_configuration/xmpp/nginx.conf.sample

server {
    listen 80;
    listen [::]:80;
    server_name upload.__XMPP_DOMAIN__ ;

    include snippets/acme-challenge.conf;

    return 301 https://$http_host$request_uri;

    access_log /var/log/upload.__DOMAIN__-access.log;
    error_log /var/log/upload.__DOMAIN__-error.log;
}

server {
    listen 443 ssl http2;
    listen [::]:443 ssl http2;
    server_name upload.__DOMAIN__;

    ssl_certificate /etc/ssl/upload.__DOMAIN__.crt;
    ssl_certificate_key /etc/ssl/private/upload.__DOMAIN__.key;
    root /xmpp-upload/;

    include snippets/secure-ssl.conf;

    include snippets/secure-headers.conf;
        #custom headers
        add_header 'Access-Control-Allow-Origin' '*';
        add_header 'Access-Control-Allow-Methods' 'HEAD, GET, PUT, OPTIONS';
        add_header 'Access-Control-Allow-Headers' 'Authorization';
        add_header 'Access-Control-Allow-Credentials' 'true';
        add_header x-robots-tag "noindex, follow";
        client_max_body_size 105M; # Choose a value a bit higher than the max upload configured in XMPP server

#    add_header Strict-Transport-Security " max-age=63072000; includeSubDomains; preload";


  include snippets/acme-challenge.conf;
  location ~ \.php(?:$|/) {
        fastcgi_split_path_info ^(.+?\.php)(/.*)$;
        set $path_info $fastcgi_path_info;

        try_files $fastcgi_script_name =404;

        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $path_info;
        fastcgi_param HTTPS on;

        fastcgi_param modHeadersAvailable true;         # Avoid sending the security headers twice
        fastcgi_param front_controller_active true;     # Enable pretty urls
        fastcgi_pass php-handler;

        fastcgi_intercept_errors on;
        fastcgi_request_buffering off;
    }

    access_log /var/log/upload.__DOMAIN__-access.log;
    error_log /var/log/upload.__DOMAIN__-error.log;
}
Init repo 2023-01-11 01:03:34 +01:00			`server {`
			`listen 80;`
			`listen [::]:80;`
			`server_name upload.__XMPP_DOMAIN__ ;`

			`include snippets/acme-challenge.conf;`

			`return 301 https://$http_host$request_uri;`

			`access_log /var/log/upload.__DOMAIN__-access.log;`
			`error_log /var/log/upload.__DOMAIN__-error.log;`
			`}`

			`server {`
			`listen 443 ssl http2;`
			`listen [::]:443 ssl http2;`
			`server_name upload.__DOMAIN__;`

			`ssl_certificate /etc/ssl/upload.__DOMAIN__.crt;`
			`ssl_certificate_key /etc/ssl/private/upload.__DOMAIN__.key;`
			`root /xmpp-upload/;`

			`include snippets/secure-ssl.conf;`

			`include snippets/secure-headers.conf;`
			`#custom headers`
			`add_header 'Access-Control-Allow-Origin' '*';`
			`add_header 'Access-Control-Allow-Methods' 'HEAD, GET, PUT, OPTIONS';`
			`add_header 'Access-Control-Allow-Headers' 'Authorization';`
			`add_header 'Access-Control-Allow-Credentials' 'true';`
			`add_header x-robots-tag "noindex, follow";`
			`client_max_body_size 105M; # Choose a value a bit higher than the max upload configured in XMPP server`

			`# add_header Strict-Transport-Security " max-age=63072000; includeSubDomains; preload";`


			`include snippets/acme-challenge.conf;`
			`location ~ \.php(?:$\|/) {`
			`fastcgi_split_path_info ^(.+?\.php)(/.*)$;`
			`set $path_info $fastcgi_path_info;`

			`try_files $fastcgi_script_name =404;`

			`include fastcgi_params;`
			`fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;`
			`fastcgi_param PATH_INFO $path_info;`
			`fastcgi_param HTTPS on;`

			`fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice`
			`fastcgi_param front_controller_active true; # Enable pretty urls`
			`fastcgi_pass php-handler;`

			`fastcgi_intercept_errors on;`
			`fastcgi_request_buffering off;`
			`}`

			`access_log /var/log/upload.__DOMAIN__-access.log;`
			`error_log /var/log/upload.__DOMAIN__-error.log;`
			`}`