Created
May 4, 2016 09:26
-
-
Save benoitberlin/4d1eafdbc406fd0a695a227e90ee6599 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Server configuration: | |
Operating system: Debian Jessie 8.4 | |
Web server: Apache/2.4.10 | |
Database: Mysql Ver 5.5.49 | |
PHP version: PHP 5.6.20-0+deb8u1 | |
ownCloud version (see ownCloud admin page): 9.0.2.2 | |
owncloud.config: | |
<?php | |
$CONFIG = array ( | |
'instanceid' => 'xxxxxxxxxxx', | |
'passwordsalt' => 'xxxxxxxxxxx', | |
'secret' => 'xxxxxxxxxxx', | |
'trusted_domains' => | |
array ( | |
0 => 'xxx.xxx.xxx.x', | |
1 => 'xxxxxxxxxxx.de', | |
2 => 'owncloud.xxxxxxxxxxx.de', | |
), | |
'datadirectory' => '/home/xxxxxx/owncloud_data', | |
'overwrite.cli.url' => 'https://xxx.xxx.xxx.xx/owncloud', | |
'dbtype' => 'mysql', | |
'version' => '9.0.2.2', | |
'dbname' => 'owncloud', | |
'dbhost' => 'localhost', | |
'dbtableprefix' => 'oc_', | |
'dbuser' => 'oc_xxxxx1', | |
'dbpassword' => 'xxxxxxxxxxxxxxxxxx', | |
'logtimezone' => 'UTC', | |
'installed' => true, | |
'mail_smtpmode' => 'smtp', | |
'mail_from_address' => 'kontakt', | |
'mail_domain' => 'xxxxxxxxxxxxxr.de', | |
'mail_smtpsecure' => 'ssl', | |
'mail_smtpauthtype' => 'LOGIN', | |
'mail_smtphost' => 'smtp.xxxxx.de', | |
'mail_smtpauth' => 1, | |
'mail_smtpport' => '465', | |
'mail_smtpname' => 'xxxxxxx@xxxxxxxxxxxx.de', | |
'mail_smtppassword' => '#vio2105#', | |
'loglevel' => 0, | |
'maintenance' => false, | |
'theme' => '', | |
'trashbin_retention_obligation' => 'auto', | |
'updatechecker' => false, | |
); | |
.htaccess | |
<IfModule mod_headers.c> | |
<IfModule mod_setenvif.c> | |
<IfModule mod_fcgid.c> | |
SetEnvIfNoCase ^Authorization$ "(.+)" XAUTHORIZATION=$1 | |
RequestHeader set XAuthorization %{XAUTHORIZATION}e env=XAUTHORIZATION | |
</IfModule> | |
<IfModule mod_proxy_fcgi.c> | |
SetEnvIfNoCase Authorization "(.+)" HTTP_AUTHORIZATION=$1 | |
</IfModule> | |
</IfModule> | |
<IfModule mod_env.c> | |
# Add security and privacy related headers | |
Header set X-Content-Type-Options "nosniff" | |
Header set X-XSS-Protection "1; mode=block" | |
Header set X-Robots-Tag "none" | |
Header set X-Frame-Options "SAMEORIGIN" | |
Header set X-Download-Options "noopen" | |
Header set X-Permitted-Cross-Domain-Policies "none" | |
SetEnv modHeadersAvailable true | |
</IfModule> | |
# Add cache control for CSS and JS files | |
<FilesMatch "\.(css|js)$"> | |
Header set Cache-Control "max-age=7200, public" | |
</FilesMatch> | |
</IfModule> | |
<IfModule mod_php5.c> | |
php_value upload_max_filesize 513M | |
php_value post_max_size 513M | |
php_value memory_limit 512M | |
php_value mbstring.func_overload 0 | |
php_value always_populate_raw_post_data -1 | |
php_value default_charset 'UTF-8' | |
php_value output_buffering 0 | |
<IfModule mod_env.c> | |
SetEnv htaccessWorking true | |
</IfModule> | |
</IfModule> | |
<IfModule mod_php7.c> | |
php_value upload_max_filesize 513M | |
php_value post_max_size 513M | |
php_value memory_limit 512M | |
php_value mbstring.func_overload 0 | |
php_value default_charset 'UTF-8' | |
php_value output_buffering 0 | |
<IfModule mod_env.c> | |
SetEnv htaccessWorking true | |
</IfModule> | |
</IfModule> | |
<IfModule mod_rewrite.c> | |
RewriteEngine on | |
RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization}] | |
RewriteRule ^\.well-known/host-meta /public.php?service=host-meta [QSA,L] | |
RewriteRule ^\.well-known/host-meta\.json /public.php?service=host-meta-json [QSA,L] | |
RewriteRule ^\.well-known/carddav /remote.php/dav/ [R=301,L] | |
RewriteRule ^\.well-known/caldav /remote.php/dav/ [R=301,L] | |
RewriteRule ^remote/(.*) remote.php [QSA,L] | |
RewriteRule ^(build|tests|config|lib|3rdparty|templates)/.* - [R=404,L] | |
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.* | |
RewriteRule ^(\.|autotest|occ|issue|indie|db_|console).* - [R=404,L] | |
# Rewrite rules for `front_controller_active` | |
Options -MultiViews | |
RewriteRule ^core/js/oc.js$ index.php [PT,E=PATH_INFO:$1] | |
RewriteRule ^core/preview.png$ index.php [PT,E=PATH_INFO:$1] | |
RewriteCond %{REQUEST_FILENAME} !\.(css|js|svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ | |
RewriteCond %{REQUEST_FILENAME} !core/img/favicon.ico$ | |
RewriteCond %{REQUEST_FILENAME} !/remote.php | |
RewriteCond %{REQUEST_FILENAME} !/public.php | |
RewriteCond %{REQUEST_FILENAME} !/cron.php | |
RewriteCond %{REQUEST_FILENAME} !/core/ajax/update.php | |
RewriteCond %{REQUEST_FILENAME} !/status.php | |
RewriteCond %{REQUEST_FILENAME} !/ocs/v1.php | |
RewriteCond %{REQUEST_FILENAME} !/ocs/v2.php | |
RewriteCond %{REQUEST_FILENAME} !/updater/ | |
RewriteCond %{REQUEST_FILENAME} !/ocs-provider/ | |
RewriteCond %{REQUEST_URI} !^/.well-known/acme-challenge/.* | |
</IfModule> | |
<IfModule mod_mime.c> | |
AddType image/svg+xml svg svgz | |
AddEncoding gzip svgz | |
</IfModule> | |
<IfModule mod_dir.c> | |
DirectoryIndex index.php index.html | |
</IfModule> | |
AddDefaultCharset utf-8 | |
Options -Indexes | |
<IfModule pagespeed_module> | |
ModPagespeed Off | |
</IfModule> | |
#### DO NOT CHANGE ANYTHING ABOVE THIS LINE #### | |
ErrorDocument 403 /owncloud/core/templates/403.php | |
ErrorDocument 404 /owncloud/core/templates/404.php | |
<IfModule mod_rewrite.c> | |
RewriteRule . index.php [PT,E=PATH_INFO:$1] | |
RewriteBase /owncloud | |
<IfModule mod_env.c> | |
SetEnv front_controller_active true | |
<IfModule mod_dir.c> | |
DirectorySlash off | |
</IfModule> | |
</IfModule> | |
</IfModule> | |
apache config: | |
/etc/apache2/sites-enabled/owncloud.conf | |
<VirtualHost *:80> | |
ServerName MyDomain.de | |
Redirect permanent / https://MyDomain.de/ | |
</VirtualHost> | |
/etc/apache2/sites-enabled/ssl.conf | |
NameVirtualHost *:443 | |
SSLCertificateFile /etc/ssl/certs/apache.crt | |
SSLCertificateKeyFile /etc/ssl/private/apache.key | |
<VirtualHost *:443> | |
SSLEngine on | |
ServerName MyDomain.de | |
DocumentRoot /var/www/owncloud/ | |
Header always add Strict-Transport-Security "max-age=15768000; includeSubDomains; preload" | |
</VirtualHost> | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
/etc/apache2/sites-enabled/000-default.conf:
<VirtualHost *:80>
ServerAdmin webmaster@localhost