From ad61f383d75b129486ccb32f0e424d4b48be250b Mon Sep 17 00:00:00 2001
From: Mark <mark@openappstack.net>
Date: Wed, 24 Jul 2019 10:27:05 +0200
Subject: [PATCH] Add nginx config to nextcloud values

---
 helmfiles/values/nextcloud.yaml.gotmpl | 28 ++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/helmfiles/values/nextcloud.yaml.gotmpl b/helmfiles/values/nextcloud.yaml.gotmpl
index 5edca0dc5..75e4c3305 100644
--- a/helmfiles/values/nextcloud.yaml.gotmpl
+++ b/helmfiles/values/nextcloud.yaml.gotmpl
@@ -10,6 +10,34 @@ nextcloud:
       kubernetes.io/tls-acme: "true"
       # Set max body size high to allow big NextCloud uploads
       nginx.ingress.kubernetes.io/proxy-body-size: 1G
+      nginx.ingress.kubernetes.io/server-snippet: |-
+        server_tokens off;
+        proxy_hide_header X-Powered-By;
+        rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
+        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
+        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json;
+        location = /.well-known/carddav {
+          return 301 $scheme://$host/remote.php/dav;
+        }
+        location = /.well-known/caldav {
+          return 301 $scheme://$host/remote.php/dav;
+        }
+        location = /robots.txt {
+          allow all;
+          log_not_found off;
+          access_log off;
+        }
+        location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
+          try_files $uri /index.php$request_uri;
+          # Optional: Don't log access to other assets
+          access_log off;
+        }
+        location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
+          deny all;
+        }
+        location ~ ^/(?:autotest|occ|issue|indie|db_|console) {
+          deny all;
+        }
     hosts:
       - "files.{{ .Environment.Values.domain }}"
     tls:
-- 
GitLab