From f598e2423c6a9cd08776879725e554f20ef5cd59 Mon Sep 17 00:00:00 2001
From: Joshua Ruehlig <joshruehlig@gmail.com>
Date: Thu, 6 Aug 2020 01:43:10 -0700
Subject: [PATCH 1/4] Basic changes

I think we mostly agree on these, grouping them for easy merging.

Creating a new branch is giving me an error for some reason, so I will commit directly. If necessary we can always revert.
---
 admin_manual/installation/nginx.rst | 20 ++++++++++----------
 1 file changed, 10 insertions(+), 10 deletions(-)

diff --git a/admin_manual/installation/nginx.rst b/admin_manual/installation/nginx.rst
index e924cb7ed..c04c94309 100644
--- a/admin_manual/installation/nginx.rst
+++ b/admin_manual/installation/nginx.rst
@@ -112,7 +112,7 @@ webroot of your nginx installation. In this example it is
       
       # Rule borrowed from `.htaccess` to handle Microsoft DAV clients
       location = / {
-          if ( $http_user_agent ~ DavClnt ) {
+          if ( $http_user_agent ~ ^DavClnt ) {
               return 302 /remote.php/webdav/$is_args$args;
           }
       }
@@ -140,15 +140,15 @@ webroot of your nginx installation. In this example it is
       }
       
       # Rules borrowed from `.htaccess` to hide certain paths from clients
-      location ~ ^/(build|tests|config|lib|3rdparty|templates|data)($|/)  { return 404; }
-      location ~ ^/(\.|autotest|occ|issue|indie|db_|console)              { return 404; }
+      location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)($|/)  { return 404; }
+      location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console)              { return 404; }
       
       # Ensure this block, which passes PHP files to the PHP process, is above the blocks
       # which handle static assets (as seen below). If this block is not declared first,
       # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
       # to the URI, resulting in a HTTP 500 error response.
       location ~ \.php($|/) {
-          fastcgi_split_path_info ^(.+?\.php)(/.*|)$;
+          fastcgi_split_path_info ^(.+?\.php)(/.*)$;
           set $path_info $fastcgi_path_info;
           
           try_files $fastcgi_script_name =404;
@@ -166,7 +166,7 @@ webroot of your nginx installation. In this example it is
           fastcgi_request_buffering off;
       }
       
-      location ~ \.(css|js|svg|gif)$ {
+      location ~ \.(?:css|js|svg|gif)$ {
           try_files $uri /index.php$request_uri;
           expires 6M;         # Cache-Control policy borrowed from `.htaccess`
           access_log off;     # Optional: Don't log access to assets
@@ -304,21 +304,21 @@ The configuration differs from the "Nextcloud in webroot" configuration above in
 
           # Rule borrowed from `.htaccess` to handle Microsoft DAV clients
           location = /nextcloud {
-              if ( $http_user_agent ~ DavClnt ) {
+              if ( $http_user_agent ~ ^DavClnt ) {
                   return 302 /nextcloud/remote.php/webdav/$is_args$args;
               }
           }
           
           # Rules borrowed from `.htaccess` to hide certain paths from clients
-          location ~ ^/nextcloud/(build|tests|config|lib|3rdparty|templates|data)($|/)    { return 404; }
-          location ~ ^/nextcloud/(\.|autotest|occ|issue|indie|db_|console)                { return 404; }
+          location ~ ^/nextcloud/(?:build|tests|config|lib|3rdparty|templates|data)($|/)    { return 404; }
+          location ~ ^/nextcloud/(?:\.|autotest|occ|issue|indie|db_|console)                { return 404; }
           
           # Ensure this block, which passes PHP files to the PHP process, is above the blocks
           # which handle static assets (as seen below). If this block is not declared first,
           # then Nginx will encounter an infinite rewriting loop when it prepends
           # `/nextcloud/index.php` to the URI, resulting in a HTTP 500 error response.
           location ~ \.php($|/) {
-              fastcgi_split_path_info ^(.+?\.php)(/.*|)$;
+              fastcgi_split_path_info ^(.+?\.php)(/.*)$;
               set $path_info $fastcgi_path_info;
               
               try_files $fastcgi_script_name =404;
@@ -336,7 +336,7 @@ The configuration differs from the "Nextcloud in webroot" configuration above in
               fastcgi_request_buffering off;
           }
           
-          location ~ \.(css|js|svg|gif)$ {
+          location ~ \.(?:css|js|svg|gif)$ {
               try_files $uri /nextcloud/index.php$request_uri;
               expires 6M;         # Cache-Control policy borrowed from `.htaccess`
               access_log off;     # Optional: Don't log access to assets

From 1835250df20ec38eb9e7f4a2c1506e8c70e91af5 Mon Sep 17 00:00:00 2001
From: Joshua Ruehlig <joshruehlig@gmail.com>
Date: Thu, 6 Aug 2020 02:07:55 -0700
Subject: [PATCH 2/4] Another minor change

You probably are correct on NGINX optimizing groups with unused captures into non-capturing groups, but unless we know for sure/see documentation I think it is best we are explicit.
---
 admin_manual/installation/nginx.rst | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/admin_manual/installation/nginx.rst b/admin_manual/installation/nginx.rst
index c04c94309..2efc0bc7b 100644
--- a/admin_manual/installation/nginx.rst
+++ b/admin_manual/installation/nginx.rst
@@ -147,7 +147,7 @@ webroot of your nginx installation. In this example it is
       # which handle static assets (as seen below). If this block is not declared first,
       # then Nginx will encounter an infinite rewriting loop when it prepends `/index.php`
       # to the URI, resulting in a HTTP 500 error response.
-      location ~ \.php($|/) {
+      location ~ \.php(?:$|/) {
           fastcgi_split_path_info ^(.+?\.php)(/.*)$;
           set $path_info $fastcgi_path_info;
           
@@ -317,7 +317,7 @@ The configuration differs from the "Nextcloud in webroot" configuration above in
           # which handle static assets (as seen below). If this block is not declared first,
           # then Nginx will encounter an infinite rewriting loop when it prepends
           # `/nextcloud/index.php` to the URI, resulting in a HTTP 500 error response.
-          location ~ \.php($|/) {
+          location ~ \.php(?:$|/) {
               fastcgi_split_path_info ^(.+?\.php)(/.*)$;
               set $path_info $fastcgi_path_info;
               

From f383cf62eb9c129ee91f9a68c08cb9de78ac8bef Mon Sep 17 00:00:00 2001
From: Joshua Ruehlig <joshruehlig@gmail.com>
Date: Thu, 6 Aug 2020 03:15:55 -0700
Subject: [PATCH 3/4] Update nginx.rst

Discussed here > https://github.com/nextcloud/documentation/pull/2197#discussion_r453641162
---
 admin_manual/installation/nginx.rst | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/admin_manual/installation/nginx.rst b/admin_manual/installation/nginx.rst
index 2efc0bc7b..54de040ad 100644
--- a/admin_manual/installation/nginx.rst
+++ b/admin_manual/installation/nginx.rst
@@ -135,8 +135,8 @@ webroot of your nginx installation. In this example it is
           rewrite ^/\.well-known/webfinger        /public.php?service=webfinger       last;
           rewrite ^/\.well-known/nodeinfo         /public.php?service=nodeinfo        last;
           
-          location /.well-known/carddav   { return 301 /remote.php/dav/; }
-          location /.well-known/caldav    { return 301 /remote.php/dav/; }
+          location = /.well-known/carddav   { return 301 /remote.php/dav/; }
+          location = /.well-known/caldav    { return 301 /remote.php/dav/; }
       }
       
       # Rules borrowed from `.htaccess` to hide certain paths from clients
@@ -248,8 +248,8 @@ The configuration differs from the "Nextcloud in webroot" configuration above in
           rewrite ^/\.well-known/webfinger        /nextcloud/public.php?service=webfinger         last;
           rewrite ^/\.well-known/nodeinfo         /nextcloud/public.php?service=nodeinfo          last;
 
-          location /.well-known/carddav   { return 301 /nextcloud/remote.php/dav/; }
-          location /.well-known/caldav    { return 301 /nextcloud/remote.php/dav/; }
+          location = /.well-known/carddav   { return 301 /nextcloud/remote.php/dav/; }
+          location = /.well-known/caldav    { return 301 /nextcloud/remote.php/dav/; }
 
           try_files $uri $uri/ /nextcloud/index.php$request_uri;
       }

From 59c946850a5a2bb271c4282a0ebe2fb09a3af3cd Mon Sep 17 00:00:00 2001
From: Joshua Ruehlig <joshruehlig@gmail.com>
Date: Thu, 6 Aug 2020 04:41:28 -0700
Subject: [PATCH 4/4] Update nginx.rst

Note is no longer relevant
---
 admin_manual/installation/nginx.rst | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/admin_manual/installation/nginx.rst b/admin_manual/installation/nginx.rst
index 54de040ad..ab320c1cf 100644
--- a/admin_manual/installation/nginx.rst
+++ b/admin_manual/installation/nginx.rst
@@ -11,13 +11,6 @@ server. These configurations examples were originally provided by
    **ssl_certificate_key** to suit your needs.
 -  Make sure your SSL certificates are readable by the server (see `nginx HTTP
    SSL Module documentation <http://wiki.nginx.org/HttpSslModule>`_).
--  ``add_header`` statements are only taken from the current level and are not
-   cascaded from or to a different level. All necessary ``add_header``
-   statements must be defined in each level needed. For better readability it
-   is possible to move *common* add header statements into a separate file
-   and include that file wherever necessary. However, each ``add_header``
-   statement must be written in a single line to prevent connection problems
-   with sync clients.
 -  Be careful about line breaks if you copy the examples, as long lines may be
    broken for page formatting.
 -  Some environments might need a ``cgi.fix_pathinfo`` set to ``1`` in their