diff --git a/conf/nginx-primaryonly.conf b/conf/nginx-primaryonly.conf index 288fce4..31bf009 100644 --- a/conf/nginx-primaryonly.conf +++ b/conf/nginx-primaryonly.conf @@ -22,20 +22,20 @@ rewrite ^(/cloud/oc[sm]-provider)/$ $1/index.php redirect; location /cloud/ { alias /usr/local/lib/owncloud/; - location ~ ^/cloud/(build|tests|config|lib|3rdparty|templates|data|README)/ { - deny all; - } - location ~ ^/cloud/(?:\.|autotest|occ|issue|indie|db_|console) { - deny all; - } + location ~ ^/cloud/(build|tests|config|lib|3rdparty|templates|data|README)/ { + deny all; + } + location ~ ^/cloud/(?:\.|autotest|occ|issue|indie|db_|console) { + deny all; + } # Enable paths for service and cloud federation discovery # Resolves warning in Nextcloud Settings panel - location ~ ^/cloud/(oc[sm]-provider)?/([^/]+\.php)$ { - index index.php; - include fastcgi_params; - fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$1/$2; - fastcgi_pass php-fpm; - } + location ~ ^/cloud/(oc[sm]-provider)?/([^/]+\.php)$ { + index index.php; + include fastcgi_params; + fastcgi_param SCRIPT_FILENAME /usr/local/lib/owncloud/$1/$2; + fastcgi_pass php-fpm; + } } location ~ ^(/cloud)((?:/ocs)?/[^/]+\.php)(/.*)?$ { # note: ~ has precendence over a regular location block diff --git a/management/web_update.py b/management/web_update.py index 0609c77..83aa91b 100644 --- a/management/web_update.py +++ b/management/web_update.py @@ -146,7 +146,7 @@ def make_domain_config(domain, templates, ssl_certificates, env): finally: f.close() return sha1.hexdigest() - nginx_conf_extra += "# ssl files sha1: %s / %s\n" % (hashfile(tls_cert["private-key"]), hashfile(tls_cert["certificate"])) + nginx_conf_extra += "\t# ssl files sha1: %s / %s\n" % (hashfile(tls_cert["private-key"]), hashfile(tls_cert["certificate"])) # Add in any user customizations in YAML format. hsts = "yes" @@ -188,9 +188,9 @@ def make_domain_config(domain, templates, ssl_certificates, env): # Add the HSTS header. if hsts == "yes": - nginx_conf_extra += "add_header Strict-Transport-Security \"max-age=15768000\" always;\n" + nginx_conf_extra += "\tadd_header Strict-Transport-Security \"max-age=15768000\" always;\n" elif hsts == "preload": - nginx_conf_extra += "add_header Strict-Transport-Security \"max-age=15768000; includeSubDomains; preload\" always;\n" + nginx_conf_extra += "\tadd_header Strict-Transport-Security \"max-age=15768000; includeSubDomains; preload\" always;\n" # Add in any user customizations in the includes/ folder. nginx_conf_custom_include = os.path.join(env["STORAGE_ROOT"], "www", safe_domain_name(domain) + ".conf")