Nginx 在 URL 中重写 nextcloud index.php

Question

我只需要修正最后一节关于nginx如何将php文件传递给的内容php-fpm。

这是我目前的最终配置：

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    ssl_certificate     /etc/ssl/certs/clouddomain.ltdcrt;
    ssl_certificate_key /etc/ssl/private/clouddomain.ltdkey;
    set $root_path "/media/storage/nextcloud";
    root $root_path;
    index index.php;
    set $socket "unix:/var/run/fpm-759c4785-ef9f904a4833.sock";
    access_log /var/log/nginx/storage-access.log;
    error_log  /var/log/nginx/storage-error.log;
    large_client_header_buffers 4 16k;

    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";

    # Set max upload size
    client_max_body_size 10G; 
    fastcgi_buffers 64 4K;

    # Disable gzip to avoid the removal of the ETag header
    gzip off;

    # Only use index.php for the index page
    index index.php;

    # Use pretty error pages
    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;

    # If robots.txt is present, always allow access and serve it directly
    # If it isn't, don't log the access attempt
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    # Deny access to the data and config directories, .ht* files,
    # the README, and the database structure definition
    location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
        deny all;
    }

    # Pretty URLs for WebDAV
    location ~* \/remote\/(?:.*)$ {
        rewrite ^ /remote.php last;
    }

    # Rewrite file preview requests and requests for the JS configuration file
    # to the nextcloud front controller
    location ~* \/core\/(?:js\/oc\.js|preview\.png).*$ {
        rewrite ^ /index.php last;
    }

    # Main location block
    # Most requests will fall into this block
    location / {
        # Specific rewrites for WebDAV/CalDAV/CardDAV and documentation
        rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
        rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
        rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
        # The following 2 rules are only needed with webfinger
        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;

        # Exclude static assets, specific PHP files, and Let's Encrypt verifications,
        # then rewrite everything else to the ownCloud front controller
        if ($uri !~* (?:\.(?:css|js|svg|gif|png|html|ttf|woff)$|^\/(?:remote|public|cron|status|ocs\/v1|ocs\/v2)\.php|^\/\.well-known\/acme-challenge\/.*$)){
            rewrite ^ /index.php last;
        }

    }

    # Set a long expires header on static assets, excluding files accessed through WebDAV
    # This block will break uploads to WebDAV for the listed file extensions without the negative lookahead
    location ~* ^(?!\/remote\.php)(?:.*)\.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf|html|svg|ttf|woff)$ {
        expires 30d;
        # Optional: Don't log access to assets
        access_log off;
    }    

    # Pass PHP files to PHP-FPM for processing
    location ~ ^(.+?\.php)(/.*)?$ {
        try_files $1 = 404;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$1;
        fastcgi_param PATH_INFO $2;
        fastcgi_param HTTPS on;
        # Tell nextcloud we're rewriting URLs
        fastcgi_param front_controller_active true;
        fastcgi_pass $socket;
    }       

}

来源：https://help.nextcloud.com/t/pretty-urls-for-nextcloud-11-with-nginx-and-php5/11921/3

Answer 1

我只需要修正最后一节关于nginx如何将php文件传递给的内容php-fpm。

这是我目前的最终配置：

server {
    listen 443 ssl;
    listen [::]:443 ssl;
    ssl_certificate     /etc/ssl/certs/clouddomain.ltdcrt;
    ssl_certificate_key /etc/ssl/private/clouddomain.ltdkey;
    set $root_path "/media/storage/nextcloud";
    root $root_path;
    index index.php;
    set $socket "unix:/var/run/fpm-759c4785-ef9f904a4833.sock";
    access_log /var/log/nginx/storage-access.log;
    error_log  /var/log/nginx/storage-error.log;
    large_client_header_buffers 4 16k;

    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";

    # Set max upload size
    client_max_body_size 10G; 
    fastcgi_buffers 64 4K;

    # Disable gzip to avoid the removal of the ETag header
    gzip off;

    # Only use index.php for the index page
    index index.php;

    # Use pretty error pages
    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;

    # If robots.txt is present, always allow access and serve it directly
    # If it isn't, don't log the access attempt
    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    # Deny access to the data and config directories, .ht* files,
    # the README, and the database structure definition
    location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
        deny all;
    }

    # Pretty URLs for WebDAV
    location ~* \/remote\/(?:.*)$ {
        rewrite ^ /remote.php last;
    }

    # Rewrite file preview requests and requests for the JS configuration file
    # to the nextcloud front controller
    location ~* \/core\/(?:js\/oc\.js|preview\.png).*$ {
        rewrite ^ /index.php last;
    }

    # Main location block
    # Most requests will fall into this block
    location / {
        # Specific rewrites for WebDAV/CalDAV/CardDAV and documentation
        rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
        rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
        rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
        # The following 2 rules are only needed with webfinger
        rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
        rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
        rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
        rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
        rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;

        # Exclude static assets, specific PHP files, and Let's Encrypt verifications,
        # then rewrite everything else to the ownCloud front controller
        if ($uri !~* (?:\.(?:css|js|svg|gif|png|html|ttf|woff)$|^\/(?:remote|public|cron|status|ocs\/v1|ocs\/v2)\.php|^\/\.well-known\/acme-challenge\/.*$)){
            rewrite ^ /index.php last;
        }

    }

    # Set a long expires header on static assets, excluding files accessed through WebDAV
    # This block will break uploads to WebDAV for the listed file extensions without the negative lookahead
    location ~* ^(?!\/remote\.php)(?:.*)\.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf|html|svg|ttf|woff)$ {
        expires 30d;
        # Optional: Don't log access to assets
        access_log off;
    }    

    # Pass PHP files to PHP-FPM for processing
    location ~ ^(.+?\.php)(/.*)?$ {
        try_files $1 = 404;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$1;
        fastcgi_param PATH_INFO $2;
        fastcgi_param HTTPS on;
        # Tell nextcloud we're rewriting URLs
        fastcgi_param front_controller_active true;
        fastcgi_pass $socket;
    }       

}

来源：https://help.nextcloud.com/t/pretty-urls-for-nextcloud-11-with-nginx-and-php5/11921/3

Nginx 在 URL 中重写 nextcloud index.php

答案1

相关内容