Fix nginx WebDAV support with merge_slashes and proxy_redirect
- Add merge_slashes off to prevent automatic redirects - Add proxy_redirect off to stop nginx from modifying WebDAV responses - Add explicit WebDAV method support (PUT, DELETE, PROPFIND, etc.) - Add WebDAV-specific headers (Depth, Destination, etc.) - Optimize for large file uploads and streaming Fixes HTTP 301 errors that prevented WebDAV file uploads in clients like X-plore File Manager. 🤖 Generated with [Claude Code](https://claude.ai/code) Co-Authored-By: Claude <noreply@anthropic.com>
This commit is contained in:
@@ -1,21 +1,39 @@
|
|||||||
# DEPLOYMENT LOCATION: /etc/nginx/sites-available/homelab
|
# DEPLOYMENT LOCATION: /etc/nginx/sites-available/homelab
|
||||||
# Deploy with: sudo cp nginx-homelab.conf /etc/nginx/sites-available/homelab
|
# Final working config with all services and fixed WebDAV
|
||||||
# Enable with: sudo ln -s /etc/nginx/sites-available/homelab /etc/nginx/sites-enabled/homelab
|
|
||||||
|
|
||||||
server {
|
server {
|
||||||
server_name ak-homelab.duckdns.org;
|
listen 80 default_server;
|
||||||
|
server_name ak-homelab.duckdns.org _;
|
||||||
|
|
||||||
|
# Redirect HTTP to HTTPS
|
||||||
|
return 301 https://$host$request_uri;
|
||||||
|
}
|
||||||
|
|
||||||
|
server {
|
||||||
|
listen 443 ssl default_server;
|
||||||
|
server_name ak-homelab.duckdns.org _;
|
||||||
|
|
||||||
|
# Critical: Disable automatic redirects for WebDAV
|
||||||
|
merge_slashes off;
|
||||||
|
|
||||||
# Security headers
|
# Security headers
|
||||||
add_header X-Frame-Options "SAMEORIGIN" always;
|
add_header X-Frame-Options "SAMEORIGIN" always;
|
||||||
add_header X-Content-Type-Options "nosniff" always;
|
add_header X-Content-Type-Options "nosniff" always;
|
||||||
add_header X-XSS-Protection "1; mode=block" always;
|
add_header X-XSS-Protection "1; mode=block" always;
|
||||||
|
|
||||||
# Main landing page
|
# Main landing page - highest priority
|
||||||
location / {
|
location / {
|
||||||
root /var/www/homelab;
|
root /var/www/homelab;
|
||||||
index index.html index.htm;
|
index index.html;
|
||||||
try_files $uri $uri/ =404;
|
try_files $uri $uri/ =404;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
# Custom error pages to prevent fallback to default nginx html
|
||||||
|
error_page 404 /404.html;
|
||||||
|
location = /404.html {
|
||||||
|
root /var/www/homelab;
|
||||||
|
internal;
|
||||||
|
}
|
||||||
|
|
||||||
# Gitea reverse proxy
|
# Gitea reverse proxy
|
||||||
location /gitea/ {
|
location /gitea/ {
|
||||||
@@ -35,9 +53,12 @@ server {
|
|||||||
proxy_read_timeout 60s;
|
proxy_read_timeout 60s;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Copyparty file server
|
# Copyparty file server - WORKING WebDAV config
|
||||||
location /files/ {
|
location ~ ^/files(/.*)?$ {
|
||||||
proxy_pass http://127.0.0.1:8082/files/;
|
# Explicitly allow WebDAV methods
|
||||||
|
limit_except GET POST PUT DELETE PROPFIND PROPPATCH MKCOL COPY MOVE LOCK UNLOCK { deny all; }
|
||||||
|
|
||||||
|
proxy_pass http://127.0.0.1:8082/files$1;
|
||||||
proxy_set_header Host $host;
|
proxy_set_header Host $host;
|
||||||
proxy_set_header X-Real-IP $remote_addr;
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
|
||||||
@@ -48,21 +69,23 @@ server {
|
|||||||
proxy_set_header Destination $http_destination;
|
proxy_set_header Destination $http_destination;
|
||||||
proxy_set_header Overwrite $http_overwrite;
|
proxy_set_header Overwrite $http_overwrite;
|
||||||
proxy_set_header If $http_if;
|
proxy_set_header If $http_if;
|
||||||
|
proxy_set_header Lock-Token $http_lock_token;
|
||||||
|
|
||||||
# Handle websockets for live updates
|
# Large file upload support
|
||||||
proxy_set_header Upgrade $http_upgrade;
|
client_max_body_size 10G;
|
||||||
proxy_set_header Connection "upgrade";
|
client_body_buffer_size 128k;
|
||||||
|
|
||||||
# Increase timeouts for large file uploads
|
# Upload timeout settings
|
||||||
proxy_connect_timeout 300s;
|
proxy_connect_timeout 300s;
|
||||||
proxy_send_timeout 300s;
|
proxy_send_timeout 300s;
|
||||||
proxy_read_timeout 300s;
|
proxy_read_timeout 300s;
|
||||||
|
|
||||||
# Increase client max body size for file uploads
|
# Critical: Streaming uploads for WebDAV
|
||||||
client_max_body_size 10G;
|
proxy_buffering off;
|
||||||
|
|
||||||
# Allow WebDAV methods
|
|
||||||
proxy_request_buffering off;
|
proxy_request_buffering off;
|
||||||
|
|
||||||
|
# Critical: Disable nginx response modifications
|
||||||
|
proxy_redirect off;
|
||||||
}
|
}
|
||||||
|
|
||||||
# Jellyfin media server
|
# Jellyfin media server
|
||||||
@@ -92,23 +115,8 @@ server {
|
|||||||
proxy_request_buffering off;
|
proxy_request_buffering off;
|
||||||
}
|
}
|
||||||
|
|
||||||
listen 443 ssl; # managed by Certbot
|
|
||||||
ssl_certificate /etc/letsencrypt/live/ak-homelab.duckdns.org/fullchain.pem; # managed by Certbot
|
ssl_certificate /etc/letsencrypt/live/ak-homelab.duckdns.org/fullchain.pem; # managed by Certbot
|
||||||
ssl_certificate_key /etc/letsencrypt/live/ak-homelab.duckdns.org/privkey.pem; # managed by Certbot
|
ssl_certificate_key /etc/letsencrypt/live/ak-homelab.duckdns.org/privkey.pem; # managed by Certbot
|
||||||
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
|
||||||
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
|
||||||
|
|
||||||
}
|
|
||||||
|
|
||||||
server {
|
|
||||||
if ($host = ak-homelab.duckdns.org) {
|
|
||||||
return 301 https://$host$request_uri;
|
|
||||||
} # managed by Certbot
|
|
||||||
|
|
||||||
|
|
||||||
listen 80;
|
|
||||||
server_name ak-homelab.duckdns.org;
|
|
||||||
return 404; # managed by Certbot
|
|
||||||
|
|
||||||
|
|
||||||
}
|
}
|
||||||
Reference in New Issue
Block a user