From 372ffaa88e506ad86819d867d87547e73b41abce Mon Sep 17 00:00:00 2001
From: David Beniamine <david.beniamine@tetras-libre.fr>
Date: Mon, 15 Nov 2021 18:11:17 +0100
Subject: [PATCH] Fix nginx conf for onlyoffice + update Readme

---
 Readme.md                       | 31 ++++++++++++++++++-----
 nginx.conf => nginx.conf.sample | 45 +++++++++++++++++----------------
 2 files changed, 48 insertions(+), 28 deletions(-)
 rename nginx.conf => nginx.conf.sample (78%)

diff --git a/Readme.md b/Readme.md
index 51e6b68..102a46a 100644
--- a/Readme.md
+++ b/Readme.md
@@ -1,16 +1,35 @@
 # Nextcloud
 
-Ce dépôt contient le docker-compose pour nextcloud + onlyoffice avec front-end nginx, base de donnée et cron séparés.
+This repository provides a quick way to laucndh nextcloud + only office (optionnal) behind nginx (optionnal) and with an ldap connection (optionnal).
+
+## Installation
+
+The default docker-compose does not expose any ports.
+
+There are three optionnals compose file that can be activated vi `COMPOSE_FILE` variable in `.env` :
+
++ `traefik.yml` : a config file to use behind traefik, this file assumes that you have a traefik configured as [here](https://gitlab.tetras-libre.fr/nocloud/docker/traefik) and a docker network called `traefik` to join it
++ `ldap.yml` : setup connection to to a `ldap` service via a `ldap` network, you have to install this service by yourself
++ `onlyoffice.yml` add an onlyoffice server to your nextcloud, **warning** you also have to uncomment a few lines in `nginx.conf`
+
+```
+cp .env.sample .env
+cp nginx.conf.sample nginx.conf
+# Edit both files to suit your needs
+# You have to uncomment a block in nginx.conf if you want to use onlyoffice
+docker-compose up -d
+# Got to nextcloud url to finish the setup
+```
 
 ## Description du docker-compose
 
 Docker-compose from https://github.com/ONLYOFFICE/docker-onlyoffice-nextcloud and https://hub.docker.com/_/nextcloud
 
-* Nextcloud installé via le tag 22-fpm (mise à jour manuelle pour changement de version majeure)
-* Mariadb installé via le tag `latest`
-* Nginx installé via le tag `latest`
-* Aucun port n'ext exposé vers l'extérieur (utilisation de Traefik)
-* Données Nextcloud accessible à
+* Nextcloud installed via tag 22-fpm (major upgrade is manual)
+* Mariadb installed using tag `latest`
+* Nginx installed using tag `latest`
+* No port exposed to external network
+* Nextcloud data are visible to
     * cron
     * nextcloud
     * nginx
diff --git a/nginx.conf b/nginx.conf.sample
similarity index 78%
rename from nginx.conf
rename to nginx.conf.sample
index 498c367..fb617cb 100644
--- a/nginx.conf
+++ b/nginx.conf.sample
@@ -45,12 +45,12 @@ http {
     }
 
     server {
-   	listen 80;
+        listen 80;
 
         # Add headers to serve security related headers
-	add_header Referrer-Policy "no-referrer" always;
+        add_header Referrer-Policy "no-referrer" always;
         add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
-	add_header X-Frame-Options "SAMEORIGIN" always;
+        add_header X-Frame-Options "SAMEORIGIN" always;
         add_header X-Content-Type-Options nosniff;
         add_header X-XSS-Protection "1; mode=block";
         add_header X-Robots-Tag none;
@@ -87,25 +87,26 @@ http {
             try_files $uri $uri/ =404;
         }
 
-	location ~* ^/ds-vpath/ {
-		rewrite /ds-vpath/(.*) /$1  break;
-                proxy_pass http://onlyoffice-document-server;
-                proxy_redirect     off;
-
-                client_max_body_size 100m;
-
-                proxy_http_version 1.1;
-                proxy_set_header Upgrade $http_upgrade;
-		# Disabled, if enable we get "Unknown error on OnlyOffice
-                # proxy_set_header Connection "upgrade";
-
-                proxy_set_header Host $http_host;
-                proxy_set_header X-Real-IP $remote_addr;
-                proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
-                proxy_set_header X-Forwarded-Host $the_host/ds-vpath;
-		# Manually set to https to avoid "Unknown error" on OnlyOffice
-                proxy_set_header X-Forwarded-Proto "https";
-        }
+        # Uncomment the block below to use onlyoffice
+        #location ~* ^/ds-vpath/ {
+        #    rewrite /ds-vpath/(.*) /$1  break;
+        #    proxy_pass http://onlyoffice-document-server;
+        #    proxy_redirect     off;
+
+        #    client_max_body_size 100m;
+
+        #    proxy_http_version 1.1;
+        #    proxy_set_header Upgrade $http_upgrade;
+        #    # Disabled, if enable we get "Unknown error on OnlyOffice
+        #    # proxy_set_header Connection "upgrade";
+
+        #    proxy_set_header Host $http_host;
+        #    proxy_set_header X-Real-IP $remote_addr;
+        #    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
+        #    proxy_set_header X-Forwarded-Host $the_host/ds-vpath;
+        #    # Manually set to https to avoid "Unknown error" on OnlyOffice
+        #    proxy_set_header X-Forwarded-Proto "https";
+        #}
 
         location ~ \.php(?:$|/) {
             fastcgi_split_path_info ^(.+\.php)(/.+)$;
-- 
GitLab