# Ansible template that becomes /etc/apache2/sites-available/nextcloud.conf

Alias {{ nextcloud_url }} {{ nextcloud_prefix }}/nextcloud

<Directory {{ nextcloud_prefix }}/nextcloud/>
    # 2019-09-04 commenting out towards future removal
    #Options -Indexes

    Options +FollowSymlinks
    AllowOverride All

    <IfModule mod_authz_core.c>
    # Apache 2.4
    # http://httpd.apache.org/docs/2.4/mod/mod_authz_core.html

    # 2019-09-04 commenting out towards future removal
    #Require host localhost

{% if nextcloud_allow_public_ips %}
    # PERMIT ACCESS FROM ALL IPv4 ADDRESSES:
    Require all granted
    # PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY:
    #Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10
{% else %}
    # PERMIT ACCESS FROM ALL IPv4 ADDRESSES:
    #Require all granted
    # PERMIT ACCESS FROM THESE IPv4 ADDRESS RANGES ONLY:
    Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} 192.168 10
{% endif %}
{# Reminder that {{ lan_ip }}/{{ lan_netmask }} is 172.18.96.1/255.255.224.0 #}
    # AVOID THIS LINE AS IT OVERLY RESTRICTS SCHOOLS W/ 192.168.1.x, 10.x.y.z:
    #Require ip 127.0.0.1 {{ lan_ip }}/{{ lan_netmask }} {{ nextcloud_required_ip }} {{ openvpn_server_virtual_ip }}/255.255.255.0
    </IfModule>
    
    # 2019-09-04 commenting out towards future removal
    #<IfModule !mod_authz_core.c>
    ## Apache 2.2
    #Order Deny,Allow
    #Deny from all
    #Allow from 127.0.0.1
    #Allow from ::1
    #</IfModule>
    #
    #ErrorDocument 404 /core/templates/404.php
    #
    # 2019-09-04 commenting out towards future removal
    #<IfModule mod_php5.c>
    #php_value upload_max_filesize 512M
    #php_value post_max_size 512M
    #php_value memory_limit 512M
    #php_value mbstring.func_overload 0
    #</IfModule>
    #
    #SetEnv htaccessWorking true
    #
    #<IfModule pagespeed_module>
    #ModPagespeed Off
    #</IfModule>
    #
    #RewriteEngine on
    #RewriteRule .* - [env=HTTP_AUTHORIZATION:%{HTTP:Authorization},last]
    #RewriteRule ^\.well-known/carddav /remote.php/carddav/ [R]
    #RewriteRule ^\.well-known/caldav /remote.php/caldav/ [R]
</Directory>