server { listen 80; listen [::]:80; server_name opencloud.ascoetpi.ovh; return 301 https://$host$request_uri; } server { listen 443 ssl; listen [::]:443 ssl; server_name opencloud.ascoetpi.ovh; ssl_certificate /etc/nginx/ssl/opencloud.ascoetpi.ovh_P256/fullchain.cer; ssl_certificate_key /etc/nginx/ssl/opencloud.ascoetpi.ovh_P256/private.key; set $upstream http://127.0.0.1:7750; location / { proxy_buffers 4 256k; proxy_buffer_size 128k; proxy_busy_buffers_size 256k; # Disable checking of client request body size client_max_body_size 0; proxy_set_header Host $host; proxy_set_header X-Original-URL $scheme://$http_host$request_uri; proxy_set_header X-Forwarded-Proto $scheme; proxy_set_header X-Forwarded-Host $http_host; proxy_set_header X-Forwarded-URI $request_uri; proxy_set_header X-Forwarded-Ssl on; #proxy_set_header X-Forwarded-For $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Real-IP $remote_addr; proxy_pass $upstream; } # -------------------------------------- # RADICALE CalDAV # -------------------------------------- location /caldav/ { proxy_pass http://127.0.0.1:5232/; proxy_set_header X-Script-Name /caldav; proxy_set_header X-Remote-User $http_x_remote_user; proxy_set_header Host $host; proxy_http_version 1.1; proxy_buffering off; } # -------------------------------------- # RADICALE CardDAV # -------------------------------------- location /carddav/ { proxy_pass http://127.0.0.1:5232/; proxy_set_header X-Script-Name /carddav; proxy_set_header X-Remote-User $http_x_remote_user; proxy_set_header Host $host; proxy_http_version 1.1; proxy_buffering off; } location ~ /.well-known/acme-challenge { proxy_set_header Host $host; proxy_set_header X-Real_IP $remote_addr; proxy_set_header X-Forwarded-For $remote_addr:$remote_port; proxy_pass http://127.0.0.1:9180; } }