From ebc2d55a0142f9d24568859b9536222443a3ebb7 Mon Sep 17 00:00:00 2001
From: Brad Holland <hollanbm@users.noreply.github.com>
Date: Tue, 10 May 2022 00:38:55 -0400
Subject: [PATCH 1/3] Updates for NextCloud security checks

---
 nextcloud.subdomain.conf.sample | 17 +++++++++++++++++
 1 file changed, 17 insertions(+)

diff --git a/nextcloud.subdomain.conf.sample b/nextcloud.subdomain.conf.sample
index c1c846a0c..cfae0e7da 100644
--- a/nextcloud.subdomain.conf.sample
+++ b/nextcloud.subdomain.conf.sample
@@ -33,4 +33,21 @@ server {
 
         proxy_max_temp_file_size 2048m;
     }
+    
+    # The rules in this block are an adaptation of the rules
+    # in the Nextcloud `.htaccess` that concern `/.well-known`.
+    location /.well-known/carddav {
+        return 301 $scheme://$host/remote.php/dav;
+    }
+
+    # The rules in this block are an adaptation of the rules
+    # in the Nextcloud `.htaccess` that concern `/.well-known`.
+    location /.well-known/caldav {
+        return 301 $scheme://$host/remote.php/dav;
+    }
+
+    # Let Nextcloud's API for `/.well-known` URIs handle all other
+    # requests by passing them to the front-end controller.
+    rewrite ^/.well-known/webfinger /index.php$uri redirect;
+    rewrite ^/.well-known/nodeinfo /index.php$uri redirect;
 }

From d99cbfd10d56f2ebbe65b120cc4b7c2a977d3618 Mon Sep 17 00:00:00 2001
From: Brad Holland <hollanbm@users.noreply.github.com>
Date: Tue, 10 May 2022 00:52:48 -0400
Subject: [PATCH 2/3] refactor location blocks

---
 nextcloud.subdomain.conf.sample | 15 ++++-----------
 1 file changed, 4 insertions(+), 11 deletions(-)

diff --git a/nextcloud.subdomain.conf.sample b/nextcloud.subdomain.conf.sample
index cfae0e7da..62aa78adb 100644
--- a/nextcloud.subdomain.conf.sample
+++ b/nextcloud.subdomain.conf.sample
@@ -36,18 +36,11 @@ server {
     
     # The rules in this block are an adaptation of the rules
     # in the Nextcloud `.htaccess` that concern `/.well-known`.
-    location /.well-known/carddav {
+    location ^/.well-known/(caldav|carddav) {
         return 301 $scheme://$host/remote.php/dav;
     }
-
-    # The rules in this block are an adaptation of the rules
-    # in the Nextcloud `.htaccess` that concern `/.well-known`.
-    location /.well-known/caldav {
-        return 301 $scheme://$host/remote.php/dav;
-    }
-
-    # Let Nextcloud's API for `/.well-known` URIs handle all other
+    
+    # Let Nextcloud's API for `/.well-known` URIs handle these
     # requests by passing them to the front-end controller.
-    rewrite ^/.well-known/webfinger /index.php$uri redirect;
-    rewrite ^/.well-known/nodeinfo /index.php$uri redirect;
+    rewrite ^/.well-known/(webfinger|nodeinfo) /index.php$uri redirect;
 }

From 759ee5aa71172b6d6f17cbb404f50059ea75377d Mon Sep 17 00:00:00 2001
From: Brad Holland <hollanbm@users.noreply.github.com>
Date: Tue, 10 May 2022 01:45:54 -0400
Subject: [PATCH 3/3] update sample date

---
 nextcloud.subdomain.conf.sample | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/nextcloud.subdomain.conf.sample b/nextcloud.subdomain.conf.sample
index 62aa78adb..e41e6a272 100644
--- a/nextcloud.subdomain.conf.sample
+++ b/nextcloud.subdomain.conf.sample
@@ -1,4 +1,4 @@
-## Version 2021/05/18
+## Version 2022/05/10
 # make sure that your dns has a cname set for nextcloud
 # assuming this container is called "swag", edit your nextcloud container's config
 # located at /config/www/nextcloud/config/config.php and add the following lines before the ");":