iiab/roles/nextcloud/templates/nextcloud.conf.j2

# Ansible template that becomes /etc/apache2/sites-available/nextcloud.conf

Alias {{ nextcloud_url }} {{ nextcloud_prefix }}/nextcloud

<Directory {{ nextcloud_prefix }}/nextcloud/>
    # 2019-09-04 commenting out towards future removal
    #Options -Indexes

    Options +FollowSymlinks
    AllowOverride All

    <IfModule mod_authz_core.c>
    # Apache 2.4
    # http://httpd.apache.org/docs/2.4/mod/mod_authz_core.html

    # 2019-09-04 commenting out towards future removal
    #Require host localhost

{% if True %}    {# 2020-02-15: Condition WAS... nextcloud_allow_public_ips #}
    # PERMIT ACCESS FROM ALL IPv4 ADDRESSES:
    Require all granted
    # PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY:
    #Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10
{% else %}
    # PERMIT ACCESS FROM ALL IPv4 ADDRESSES:
    #Require all granted
    # PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY:
    Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10
{% endif %}
{# Reminder that {{ lan_ip }}/{{ lan_netmask }} is 172.18.96.1/255.255.224.0 #}
    # AVOID THIS LINE AS IT OVERLY RESTRICTS SCHOOLS W/ 192.168.1.x, 10.x.y.z:
    #Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} {{ nextcloud_required_ip }} {{ openvpn_server_virtual_ip }}/255.255.255.0
    </IfModule>
    
    # 2019-09-04 commenting out towards future removal
    #<IfModule !mod_authz_core.c>
    ## Apache 2.2
    #Order Deny,Allow
    #Deny from all
    #Allow from 127.0.0.1
    #Allow from ::1
    #</IfModule>
    #
    #ErrorDocument 404 /core/templates/404.php
    #
    # 2019-09-04 commenting out towards future removal
    #<IfModule mod_php5.c>
    #php_value upload_max_filesize 512M
    #php_value post_max_size 512M
    #php_value memory_limit 512M
    #php_value mbstring.func_overload 0
    #</IfModule>
    #
    #SetEnv htaccessWorking true
    #
    #<IfModule pagespeed_module>
    #ModPagespeed Off
    #</IfModule>
    #
    #RewriteEngine on
    #RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last]
    #RewriteRule ^\.well-known/carddav /remote.php/carddav/ [R]
    #RewriteRule ^\.well-known/caldav /remote.php/caldav/ [R]
</Directory>
Update nextcloud.conf.j2 2019-09-04 21:01:20 +00:00			`# Ansible template that becomes /etc/apache2/sites-available/nextcloud.conf`

Adds spaces in variables after {{ and before }} Fixes various warnings in Travis CI [EXTRA0001] Variables should have spaces after {{ and before }} 2017-10-20 04:36:10 +00:00			`Alias {{ nextcloud_url }} {{ nextcloud_prefix }}/nextcloud`
add in the nextcloud from old iiab/pr3 2017-05-29 22:02:55 +00:00
			`<Directory {{ nextcloud_prefix }}/nextcloud/>`
Mark+deprecate ancient code for future removal? 2019-09-04 21:49:20 +00:00			`# 2019-09-04 commenting out towards future removal`
			`#Options -Indexes`

			`Options +FollowSymlinks`
fix .htaccess error nextcloud 2018-09-06 14:45:13 +00:00			`AllowOverride All`
add in the nextcloud from old iiab/pr3 2017-05-29 22:02:55 +00:00
			`<IfModule mod_authz_core.c>`
			`# Apache 2.4`
Update nextcloud.conf.j2 2019-09-04 16:54:57 +00:00			`# http://httpd.apache.org/docs/2.4/mod/mod_authz_core.html`
Continued pruning of nextcloud.conf 2019-09-05 02:01:56 +00:00
			`# 2019-09-04 commenting out towards future removal`
			`#Require host localhost`

Fix nextcloud/templates/nextcloud.conf.j2 2020-02-16 06:31:41 +00:00			`{% if True %} {# 2020-02-15: Condition WAS... nextcloud_allow_public_ips #}`
			`# PERMIT ACCESS FROM ALL IPv4 ADDRESSES:`
Unblock Nextcloud in 192.168.1.* schools & all others! 2019-09-04 16:29:33 +00:00			`Require all granted`
Fix nextcloud/templates/nextcloud.conf.j2 2020-02-16 06:31:41 +00:00			`# PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY:`
			`#Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10`
			`{% else %}`
			`# PERMIT ACCESS FROM ALL IPv4 ADDRESSES:`
			`#Require all granted`
			`# PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY:`
			`Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10`
			`{% endif %}`
Generalize+explain LAN-side 172.18.96.1/255.255.224.0 2019-09-04 20:02:07 +00:00			`{# Reminder that {{ lan_ip }}/{{ lan_netmask }} is 172.18.96.1/255.255.224.0 #}`
			`# AVOID THIS LINE AS IT OVERLY RESTRICTS SCHOOLS W/ 192.168.1.x, 10.x.y.z:`
Unblock Nextcloud in 192.168.1.* schools & all others! 2019-09-04 16:29:33 +00:00			`#Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} {{ nextcloud_required_ip }} {{ openvpn_server_virtual_ip }}/255.255.255.0`
add in the nextcloud from old iiab/pr3 2017-05-29 22:02:55 +00:00			`</IfModule>`
Mark+deprecate ancient code for future removal? 2019-09-04 21:49:20 +00:00
			`# 2019-09-04 commenting out towards future removal`
			`#<IfModule !mod_authz_core.c>`
			`## Apache 2.2`
			`#Order Deny,Allow`
			`#Deny from all`
			`#Allow from 127.0.0.1`
			`#Allow from ::1`
			`#</IfModule>`
			`#`
			`#ErrorDocument 404 /core/templates/404.php`
			`#`
			`# 2019-09-04 commenting out towards future removal`
			`#<IfModule mod_php5.c>`
			`#php_value upload_max_filesize 512M`
			`#php_value post_max_size 512M`
			`#php_value memory_limit 512M`
			`#php_value mbstring.func_overload 0`
			`#</IfModule>`
			`#`
			`#SetEnv htaccessWorking true`
			`#`
			`#<IfModule pagespeed_module>`
			`#ModPagespeed Off`
			`#</IfModule>`
			`#`
			`#RewriteEngine on`
			`#RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last]`
			`#RewriteRule ^\.well-known/carddav /remote.php/carddav/ [R]`
			`#RewriteRule ^\.well-known/caldav /remote.php/caldav/ [R]`
add in the nextcloud from old iiab/pr3 2017-05-29 22:02:55 +00:00			`</Directory>`