42 lines
1.2 KiB
Caddyfile
42 lines
1.2 KiB
Caddyfile
:80 {
|
|
# Racine du site (doit correspondre au volume partagé)
|
|
root * /var/www/html
|
|
file_server
|
|
|
|
# Sécurité : En-têtes recommandés par Nextcloud
|
|
header {
|
|
Strict-Transport-Security "max-age=15552000;"
|
|
X-Content-Type-Options "nosniff"
|
|
X-Frame-Options "SAMEORIGIN"
|
|
Referrer-Policy "no-referrer"
|
|
X-XSS-Protection "1; mode=block"
|
|
Permissions-Policy "interest-cohort=()"
|
|
}
|
|
|
|
# Redirections obligatoires pour la synchro Contacts/Calendrier
|
|
redir /.well-known/carddav /remote.php/dav/ 301
|
|
redir /.well-known/caldav /remote.php/dav/ 301
|
|
|
|
# Empêcher l'accès aux dossiers critiques
|
|
@forbidden {
|
|
path /data/* /config/* /db_structure /README /3rdparty/* /lib/* /templates/* /occ /console.php
|
|
}
|
|
respond @forbidden 403
|
|
|
|
# Configuration PHP-FPM
|
|
php_fastcgi nextcloud-app:9000 {
|
|
env front_controller_active true
|
|
# Augmenter le timeout pour les gros transferts
|
|
read_timeout 3600s
|
|
}
|
|
|
|
# Compression optimale
|
|
encode zstd gzip
|
|
|
|
# Gestion du cache pour les fichiers statiques
|
|
@static {
|
|
file
|
|
path *.css *.js *.svg *.gif *.png *.jpg *.ico *.wasm *.tflite
|
|
}
|
|
header @static Cache-Control "max-age=15778463"
|
|
} |