Nextcloud 22 in einem Unterordner v. 3.2

Nextcloud 22 in einem Unterverzeichnis

Die in der Nextcloud 22 Installationsanleitung v. 3.2 verwendete Nextcloud Konfiguration (vhost-Datei)
können Sie einfach austauschen und die Nextcloud dadurch in einem Unterordner (…/nextcloud) betreiben. Wechseln Sie zuerst in den privilegierten Benutzermodus:

sudo -s

Verschieben Sie die Original vhost-Datei

mv /etc/nginx/conf.d/nextcloud.conf /etc/nginx/conf.d/nextcloud.conf.disabled

und legen dann die neue vhost-Datei für Ihre Nextcloud (in einem Web-Untervezeichnis) an:

nano /etc/nginx/conf.d/nextcloud.conf
server {
listen 443 ssl http2 default_server;
listen [::]:443 ssl http2 default_server;
server_name ihre.domain.de;
# Self Signed Certificates
ssl_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
ssl_certificate_key /etc/ssl/private/ssl-cert-snakeoil.key;
ssl_trusted_certificate /etc/ssl/certs/ssl-cert-snakeoil.pem;
# bestehen schon Let's Encrypt Zertifikate, dann verwenden Sie stattdessen diese Zeilen:
#ssl_certificate /etc/letsencrypt/rsa-certs/fullchain.pem;
#ssl_certificate_key /etc/letsencrypt/rsa-certs/privkey.pem;
#ssl_certificate /etc/letsencrypt/ecc-certs/fullchain.pem;
#ssl_certificate_key /etc/letsencrypt/ecc-certs/privkey.pem;
#ssl_trusted_certificate /etc/letsencrypt/ecc-certs/chain.pem;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1.3 TLSv1.2;
ssl_ciphers 'TLS-CHACHA20-POLY1305-SHA256:TLS-AES-256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384';
ssl_ecdh_curve X448:secp521r1:secp384r1;
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_stapling_verify on;
root /var/www;
expires 1m;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location /.well-known {
location = /.well-known/carddav   { return 301 /nextcloud/remote.php/dav/; }
location = /.well-known/caldav    { return 301 /nextcloud/remote.php/dav/; }
location ^~ /.well-known          { return 301 /nextcloud/index.php$uri; }
try_files $uri $uri/ =404;
}
location ^~ /nextcloud {
client_max_body_size 5120M;
fastcgi_buffers 64 4K;
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
add_header Strict-Transport-Security            "max-age=15768000; includeSubDomains; preload;" always;
add_header Permissions-Policy                   "interest-cohort=()";
add_header Referrer-Policy                      "no-referrer"   always;
add_header X-Content-Type-Options               "nosniff"       always;
add_header X-Download-Options                   "noopen"        always;
add_header X-Frame-Options                      "SAMEORIGIN"    always;
add_header X-Permitted-Cross-Domain-Policies    "none"          always;
add_header X-Robots-Tag                         "none"          always;
add_header X-XSS-Protection                     "1; mode=block" always;
fastcgi_hide_header X-Powered-By;
fastcgi_read_timeout 3600;
fastcgi_send_timeout 3600;
fastcgi_connect_timeout 3600;
index index.php index.html /nextcloud/index.php$request_uri;
location ^~ /nextcloud/apps/rainloop/app/data {
deny all;
}
location = /nextcloud {
if ( $http_user_agent ~ ^DavClnt ) {
return 302 /nextcloud/remote.php/webdav/$is_args$args;
}
}
location ~ ^/nextcloud/(?:build|tests|config|lib|3rdparty|templates|data)(?:$|/) { return 404; }
location ~ ^/nextcloud/(?:\.|autotest|occ|issue|indie|db_|console)               { return 404; }
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
rewrite ^/nextcloud/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+|.+\/richdocumentscode\/proxy) /nextcloud/index.php$request_uri;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ \.(?:css|js|svg|gif)$ {
try_files $uri /nextcloud/index.php$request_uri;
expires 6M;
access_log off;
}
location ~ \.woff2?$ {
try_files $uri /nextcloud/index.php$request_uri;
expires 7d;
access_log off;
}
location /nextcloud {
try_files $uri $uri/ /nextcloud/index.php$request_uri;
}
}
}

Speichern Sie die neue vhost-Datei und starten dann den Webserver neu:

service nginx restart

Hinweis:
Vergessen Sie bei einer bereits bestehenden Nextcloud Instanz nicht, die config.php hinsichtlich der overwrite-url und möglicher anderer Parameter anzupassen!

Ihre Nextcloud ist ab sofort unter https://ihre.domain.de/nextcloud erreichbar.

Ich wünsche Ihnen viel Spaß mit Ihren Daten in Ihrer privaten Cloud. Über eine Spende würden sich meine Frau, meine Zwillinge und ich sehr freuen!

© Carsten Rieger IT-Services