rewrite ^/nextcloud$ /nextcloud/ redirect;

    location /nextcloud/ {

        root /usr/share/;

        # Add headers to serve security related headers

        # Before enabling Strict-Transport-Security headers please read into this topic first.

        # add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";

        add_header X-Content-Type-Options nosniff;

        add_header X-Frame-Options "SAMEORIGIN";

        add_header X-XSS-Protection "1; mode=block";

        add_header X-Robots-Tag none;

        add_header X-Download-Options noopen;

        add_header X-Permitted-Cross-Domain-Policies none;

        add_header Referrer-Policy no-referrer always;

        # set max upload size

        client_max_body_size 10G;

        fastcgi_buffers 64 4K;

        # Disable gzip to avoid the removal of the ETag header

        gzip off;

        # Uncomment if your server is build with the ngx_pagespeed module

        # This module is currently not supported.

        #pagespeed off;

        index index.php;

        error_page 403 /nextcloud/core/templates/403.php;

        error_page 404 /nextcloud/core/templates/404.php;

        location ~ ^/nextcloud/apps-appstore/(.*)$ {

            alias /var/lib/nextcloud/apps/$1;

        }

        location ~ ^/nextcloud/assets/(.*)$ {

            alias /var/lib/nextcloud/assets/$1;

        }

        location ~ ^/nextcloud/(build|tests|config|lib|3rdparty|templates|data)/ {

            deny all;

        }

        location ~ ^/nextcloud/(?:\.|autotest|occ|issue|indie|db_|console) {

            deny all;

        }

        rewrite ^/nextcloud/remote/(.*) /nextcloud/remote.php last;

        rewrite ^/nextcloud/core/doc/([^\/]+)(?:$|/) /nextcloud/core/doc/$1/index.html;

        try_files $uri $uri/ =404;

        location ~ \.php(?:$|/) {

            fastcgi_split_path_info ^(.+\.php)(/.+)$;

            include fastcgi_params;

            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;

            fastcgi_param PATH_INFO $fastcgi_path_info;

        #    fastcgi_param HTTPS on;

            fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice

            fastcgi_pass php-nextcloud;

            fastcgi_intercept_errors on;

        }

        # Adding the cache control header for js and css files

        # Make sure it is BELOW the location ~ \.php(?:$|/) { block

        location ~* \.(?:css|js)$ {

            add_header Cache-Control "public, max-age=7200";

            # Optional: Don't log access to assets

            access_log off;

        }

        # Optional: Don't log access to other assets

        location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ {

            access_log off;

        }

        }