# 2025-01-02 Hyperling
# A dummy test file since true scripts are being kept private.
# This should help others understand how to get Nextcloud working.

## Instructions ##
# Add this without the comment to your /etc/hosts to test that it is working,
#   YOUR_DOCKER_SERVER_IP cloud.example.com
# If testing locally on a workstation,
#   127.0.0.1 cloud.example.com
# Then to test, first start the container,
#   cd $DOCKER_HOME/Config/ReverseProxy && docker compose build && docker compose up -d
# Then from the system with the modified /etc/hosts,
#   curl --insecure cloud.example.com
# You should see activity in the container log as well as the contents of the
# proxied website in the terminal, NOT cloud.example.com. If using a browser then you
# should notice that the URL is still cloud.example.com but the website is correct.

server {
    listen 80;
    server_name cloud.example.com nextcloud.example.com;

    location /.well-known/acme-challenge/ {
        default_type "text/plain";
        root /etc/nginx/letsencrypt/;
    }

    location / {
        return 301 https://$host$request_uri;
    }
}

server {
    listen 443 ssl;
    server_name cloud.example.com nextcloud.example.com;

    ssl_certificate /etc/nginx/certs/nextcloud.example.com/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/nginx/certs/nextcloud.example.com/privkey.pem; # managed by Certbot

    # https://docs.nextcloud.com/server/latest/admin_manual/configuration_server/reverse_proxy_configuration.html#nginx
    rewrite ^/\.well-known/carddav https://$server_name/remote.php/dav/ redirect;
    rewrite ^/\.well-known/caldav https://$server_name/remote.php/dav/ redirect;

    location /.well-known/acme-challenge/ {
        default_type "text/plain";
        root /etc/nginx/letsencrypt/;
    }

    # Attempt to make OnlyOffice work both internally and externally.
    # https://helpcenter.onlyoffice.com/installation/docs-nextcloud-proxy.aspx
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header X-Forwarded-Host $http_host/office;

    # Send traffic to upstream server
    location / {
        expires epoch;
        add_header Pragma public;
        add_header Cache-Control "private, no-store";
        add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload";

        # Fix upload errors (HTTP Error: Request Entity Too Large).
        client_max_body_size 0;
        client_body_buffer_size 100M;

        # Attempt to make OnlyOffice work both internally and externally.
        # https://helpcenter.onlyoffice.com/installation/docs-nextcloud-proxy.asp
        proxy_pass_header Server;
        proxy_pass http://example-cloud;
    }

    # Attempt to make OnlyOffice work both internally and externally.
    # https://helpcenter.onlyoffice.com/installation/docs-nextcloud-proxy.aspx
    location /office/ {
       proxy_pass http://example-office-http;
    }
}