map $host $nextcloud { default nextcloud; }

server {
    listen      80;
    listen      [::]:80;
    server_name nextcloud.shore.co.il;
    include     snippets/robots-disallow-all.conf;
    include     snippets/ads-txt.conf;
    include     snippets/security-txt.conf;
    include     snippets/www-acme-challenge.conf;
    include     snippets/redirect-https.conf;
}

server {
    listen      443 ssl http2;
    listen      [::]:443 ssl http2;
    server_name nextcloud.shore.co.il;
    include     snippets/robots-disallow-all.conf;
    include     snippets/ads-txt.conf;
    include     snippets/security-txt.conf;
    include     snippets/ssl.conf;
    include     snippets/nextcloud-well-known.conf;

    location / {
        proxy_pass              http://$nextcloud$request_uri;
        proxy_http_version      1.1;
        include                 snippets/proxy-headers.conf;
        proxy_hide_header       X-Frame-Options;
        client_max_body_size    512m;

        # Temporary measure to test a Collabora Online issue, should not be left
        # as is.
        proxy_hide_header       content-security-policy;
        # Another workaround, this time mixed content and HSTS.
        sub_filter_once         on;
        sub_filter              'http://nextcloud.shore.co.il' 'https://nextcloud.shore.co.il';
    }
}