ansible-role-nextcloud/templates/nginx_site.j2

server {
        listen 80;
	server_name {{ item.name }};
{% if item.alias is defined %}
  {% for alias in item.alias %}
	server_name {{ alias }};
  {% endfor %}
{% endif %}
        include snippets/letsencrypt.conf;
        location / { return 301 https://$http_host$request_uri; }
}

server {
	listen 443 ssl http2;
        server_name {{ item.name }};
        ssl_certificate /var/lib/dehydrated/certs/{{ item.name }}/fullchain.pem;
        ssl_certificate_key /var/lib/dehydrated/certs/{{ item.name }}/privkey.pem;
        include /etc/nginx/proxy_params;
        add_header Referrer-Policy $referrerpolicy;
        add_header Strict-Transport-Security $sts;
        add_header X-Content-Type-Options $xcontentoptions;
        add_header X-XSS-Protection $xxssprotection;

        location ~ /.well-known/(carddav|caldav) {
                return 301 $scheme://$host/remote.php/dav;
        }

        location ~ \.* {
                proxy_pass http://{{ inventory_hostname }}:80;
        }
}

{% if item.alias is defined %}
  {% for alias in item.alias %}
server {
	listen 443 ssl http2;
        server_name {{ alias }};
        ssl_certificate /var/lib/dehydrated/certs/{{ alias }}/fullchain.pem;
        ssl_certificate_key /var/lib/dehydrated/certs/{{ alias }}/privkey.pem;
        include /etc/nginx/proxy_params;
        add_header Referrer-Policy $referrerpolicy;
        add_header Strict-Transport-Security $sts;
        add_header X-Content-Type-Options $xcontentoptions;
        add_header X-XSS-Protection $xxssprotection;

        location ~ /.well-known/(carddav|caldav) {
                return 301 $scheme://$host/remote.php/dav;
        }

        location ~ \.* {
                proxy_pass http://{{ inventory_hostname }}:80;
        }
}
  {% endfor %}
{% endif %}
Beginne Nextcloud-Rolle 2020-12-03 15:52:14 +01:00			`server {`
			`listen 80;`
Update Nextcloud role to include Hiddenservice tasks 2023-05-21 23:01:31 +02:00			`server_name {{ item.name }};`
			`{% if item.alias is defined %}`
			`{% for alias in item.alias %}`
Anpassungen für Alias-Domains 2021-10-14 16:09:47 +02:00			`server_name {{ alias }};`
			`{% endfor %}`
Fixes für zentrale Verwaltung 2021-06-26 02:32:29 +02:00			`{% endif %}`
Beginne Nextcloud-Rolle 2020-12-03 15:52:14 +01:00			`include snippets/letsencrypt.conf;`
			`location / { return 301 https://$http_host$request_uri; }`
			`}`

			`server {`
Fixes für zentrale Verwaltung 2021-06-26 02:32:29 +02:00			`listen 443 ssl http2;`
Update Nextcloud role to include Hiddenservice tasks 2023-05-21 23:01:31 +02:00			`server_name {{ item.name }};`
			`ssl_certificate /var/lib/dehydrated/certs/{{ item.name }}/fullchain.pem;`
			`ssl_certificate_key /var/lib/dehydrated/certs/{{ item.name }}/privkey.pem;`
Beginne Nextcloud-Rolle 2020-12-03 15:52:14 +01:00			`include /etc/nginx/proxy_params;`
			`add_header Referrer-Policy $referrerpolicy;`
			`add_header Strict-Transport-Security $sts;`
			`add_header X-Content-Type-Options $xcontentoptions;`
			`add_header X-XSS-Protection $xxssprotection;`

			`location ~ /.well-known/(carddav\|caldav) {`
			`return 301 $scheme://$host/remote.php/dav;`
			`}`

			`location ~ \.* {`
			`proxy_pass http://{{ inventory_hostname }}:80;`
			`}`
Fixes für zentrale Verwaltung 2021-06-26 02:32:29 +02:00			`}`

Update Nextcloud role to include Hiddenservice tasks 2023-05-21 23:01:31 +02:00			`{% if item.alias is defined %}`
			`{% for alias in item.alias %}`
Fixes für zentrale Verwaltung 2021-06-26 02:32:29 +02:00			`server {`
			`listen 443 ssl http2;`
Anpassungen für Alias-Domains 2021-10-14 16:09:47 +02:00			`server_name {{ alias }};`
			`ssl_certificate /var/lib/dehydrated/certs/{{ alias }}/fullchain.pem;`
			`ssl_certificate_key /var/lib/dehydrated/certs/{{ alias }}/privkey.pem;`
Fixes für zentrale Verwaltung 2021-06-26 02:32:29 +02:00			`include /etc/nginx/proxy_params;`
			`add_header Referrer-Policy $referrerpolicy;`
			`add_header Strict-Transport-Security $sts;`
			`add_header X-Content-Type-Options $xcontentoptions;`
			`add_header X-XSS-Protection $xxssprotection;`

			`location ~ /.well-known/(carddav\|caldav) {`
			`return 301 $scheme://$host/remote.php/dav;`
			`}`

			`location ~ \.* {`
			`proxy_pass http://{{ inventory_hostname }}:80;`
			`}`
			`}`
Anpassungen für Alias-Domains 2021-10-14 16:09:47 +02:00			`{% endfor %}`
			`{% endif %}`