apiVersion: v1 kind: ConfigMap metadata: name: "nginx-configuration" data: protocol: {{ include "nginx.scheme" . }} {{ $timeout := 60 }} {{ $size := .Values.nextcloud.max_upload_size | default 3 }} {{/* Safely access key as it is conditionaly shown */}} {{ if hasKey .Values "nginxConfig" }} {{ $timeout = .Values.nginxConfig.proxy_timeouts | default 60 }} {{ end }} nginx.conf: |- events {} http { # redirects all http requests to https requests server { listen 8000 default_server; listen [::]:8000 default_server; return 301 https://$host$request_uri; } server { server_name localhost; listen {{ .Values.service.nodePort }} ssl http2; listen [::]:{{ .Values.service.nodePort }} ssl http2; ssl_certificate '/etc/nginx-certs/public.crt'; ssl_certificate_key '/etc/nginx-certs/private.key'; # maximum 3GB Upload File; change to fit your needs client_max_body_size {{ $size }}G; add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload" always; location = /robots.txt { allow all; log_not_found off; access_log off; } location = /.well-known/carddav { return 301 $scheme://$host:$server_port/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host:$server_port/remote.php/dav; } location / { proxy_pass http://localhost; proxy_http_version 1.1; proxy_cache_bypass $http_upgrade; proxy_request_buffering off; # Proxy headers proxy_set_header Upgrade $http_upgrade; proxy_set_header Connection "upgrade"; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto https; proxy_set_header X-Forwarded-Host $host; proxy_set_header X-Forwarded-Port $server_port; # Proxy timeouts proxy_connect_timeout {{ $timeout }}s; proxy_send_timeout {{ $timeout }}s; proxy_read_timeout {{ $timeout }}s; } } }