infra-nextcloud/rootfs-etc-caddy-Caddyfile

# Caddy's configuration file
# see: https://caddyserver.com/docs/caddyfile

cutei.j4ne.de {
	header {
		Strict-Transport-Security "max-age=31536000; includeSubDomains;"
		?Referrer-Policy "no-referrer"
		?X-Content-Type-Options "nosniff"
		?X-Download-Options "noopen"
		?X-Frame-Options "SAMEORIGIN"
		?X-Permitted-Cross-Domain-Policies "none"
		?X-Robots-Tag "noindex, nofollow"
		?X-XSS-Protection "1; mode=block"
	}
	encode {
		zstd
		gzip 4
		minimum_length 256

	}
	route {
		@msftdavclient {
			header User-Agent DavClnt*
			path /
		}
		redir @msftdavclient /remote.php/webdav 302
		redir /.well-known/carddav /remote.php/dav 301
		redir /.well-known/caldav /remote.php/dav 301
		redir /remote/* /remote.php{path} 301

		route /robots.txt {
			log_skip
			file_server
		}

		# check .htaccess before updating nextcloud
		@internal {
			path \
				/build/* /tests/* /config/* /lib/* /3rdparty/* /templates/* \
				.autotest* .occ* .issue* .indie* .db_* .console*
		}
		error @internal 404

		@assets {
			path *.css *.js *.mjs *.svg *.gif *.png *.jpg *.webp *.ico *.wasm *.tflite \
 *.otf *.woff2 *.webm \
 *.js.map *.css.map
			file {path}
		}
		route @assets {
			file_server {
				precompressed gzip zstd
			}
		}

		#try_files {path} {path}/
		#@notphpordir not path /*.php /*.php/* / /*/
		#file_server @notphpordir {
		#	pass_thru
		#}

		@notlegacy {
			path *.php *.php/
			not path /index*
			not path /remote*
			not path /public*
			not path /cron*
			not path /core/ajax/update*
			not path /status*
			not path /ocs/v1*
			not path /ocs/v2*
			not path /ocs-provider/*
			not path /updater/*
			not path */richdocumentscode/proxy*
		}

		rewrite @notlegacy /index.php{uri}
	}

	php_fastcgi unix//run/nextcloud/fastcgi.sock
	root * /usr/share/webapps/nextcloud
	encode gzip
}
initial commit 2025-01-23 16:26:06 +01:00			`# Caddy's configuration file`
			`# see: https://caddyserver.com/docs/caddyfile`

			`cutei.j4ne.de {`
			`header {`
			`Strict-Transport-Security "max-age=31536000; includeSubDomains;"`
			`?Referrer-Policy "no-referrer"`
			`?X-Content-Type-Options "nosniff"`
			`?X-Download-Options "noopen"`
			`?X-Frame-Options "SAMEORIGIN"`
			`?X-Permitted-Cross-Domain-Policies "none"`
			`?X-Robots-Tag "noindex, nofollow"`
			`?X-XSS-Protection "1; mode=block"`
			`}`
			`encode {`
			`zstd`
			`gzip 4`
			`minimum_length 256`

			`}`
			`route {`
			`@msftdavclient {`
			`header User-Agent DavClnt*`
			`path /`
			`}`
			`redir @msftdavclient /remote.php/webdav 302`
			`redir /.well-known/carddav /remote.php/dav 301`
			`redir /.well-known/caldav /remote.php/dav 301`
			`redir /remote/* /remote.php{path} 301`

			`route /robots.txt {`
			`log_skip`
			`file_server`
			`}`

			`# check .htaccess before updating nextcloud`
			`@internal {`
			`path \`
			`/build/* /tests/* /config/* /lib/* /3rdparty/* /templates/* \`
			`.autotest* .occ* .issue* .indie* .db_* .console*`
			`}`
			`error @internal 404`

			`@assets {`
			`path .css .js .mjs .svg .gif .png .jpg .webp .ico .wasm *.tflite \`
			`.otf .woff2 *.webm \`
			`.js.map .css.map`
			`file {path}`
			`}`
			`route @assets {`
			`file_server {`
			`precompressed gzip zstd`
			`}`
			`}`

			`#try_files {path} {path}/`
			`#@notphpordir not path /.php /.php/* / /*/`
			`#file_server @notphpordir {`
			`# pass_thru`
			`#}`

			`@notlegacy {`
			`path .php .php/`
			`not path /index*`
			`not path /remote*`
			`not path /public*`
			`not path /cron*`
			`not path /core/ajax/update*`
			`not path /status*`
			`not path /ocs/v1*`
			`not path /ocs/v2*`
			`not path /ocs-provider/*`
			`not path /updater/*`
			`not path /richdocumentscode/proxy`
			`}`

			`rewrite @notlegacy /index.php{uri}`
			`}`

			`php_fastcgi unix//run/nextcloud/fastcgi.sock`
			`root * /usr/share/webapps/nextcloud`
			`encode gzip`
			`}`