From fad940750eed00745e89d04a9e8b8c9fba852bef Mon Sep 17 00:00:00 2001
From: Actaeus Curabitur <actcur@actcur.com>
Date: Thu, 30 Nov 2023 00:13:43 -0600
Subject: [PATCH 1/4] fixed nextcloud php config

---
 states/roles/maintain/nextcloud/nextcloud-php.ini | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/states/roles/maintain/nextcloud/nextcloud-php.ini b/states/roles/maintain/nextcloud/nextcloud-php.ini
index 703878c..7fb70d8 100644
--- a/states/roles/maintain/nextcloud/nextcloud-php.ini
+++ b/states/roles/maintain/nextcloud/nextcloud-php.ini
@@ -928,7 +928,7 @@ extension=intl
 ;extension=odbc
 ;zend_extension=opcache
 ;extension=pdo_dblib
-;extension=pdo_mysql
+extension=pdo_mysql
 ;extension=pdo_odbc
 ;extension=pdo_pgsql
 ;extension=pdo_sqlite

From 9a2a21603242b6c538bca9d7213cc63de42cc38f Mon Sep 17 00:00:00 2001
From: Actaeus Curabitur <actcur@actcur.com>
Date: Thu, 30 Nov 2023 11:53:04 -0600
Subject: [PATCH 2/4] moved nextcloud to nextcloud.old since it's currently
 breaking system

---
 states/roles/maintain/{nextcloud => nextcloud.old}/bashrc         | 0
 .../maintain/{nextcloud => nextcloud.old}/cron-override.conf      | 0
 states/roles/maintain/{nextcloud => nextcloud.old}/init.sls       | 0
 .../maintain/{nextcloud => nextcloud.old}/nextcloud-config.php    | 0
 .../roles/maintain/{nextcloud => nextcloud.old}/nextcloud-php.ini | 0
 states/roles/maintain/{nextcloud => nextcloud.old}/nextcloud.hook | 0
 .../maintain/{nextcloud => nextcloud.old}/nginx-collabora.conf    | 0
 .../maintain/{nextcloud => nextcloud.old}/nginx-nextcloud.conf    | 0
 .../maintain/{nextcloud => nextcloud.old}/php-fpm-nextcloud.conf  | 0
 .../maintain/{nextcloud => nextcloud.old}/php-fpm-override.conf   | 0
 states/roles/maintain/{nextcloud => nextcloud.old}/php-fpm.ini    | 0
 11 files changed, 0 insertions(+), 0 deletions(-)
 rename states/roles/maintain/{nextcloud => nextcloud.old}/bashrc (100%)
 rename states/roles/maintain/{nextcloud => nextcloud.old}/cron-override.conf (100%)
 rename states/roles/maintain/{nextcloud => nextcloud.old}/init.sls (100%)
 rename states/roles/maintain/{nextcloud => nextcloud.old}/nextcloud-config.php (100%)
 rename states/roles/maintain/{nextcloud => nextcloud.old}/nextcloud-php.ini (100%)
 rename states/roles/maintain/{nextcloud => nextcloud.old}/nextcloud.hook (100%)
 rename states/roles/maintain/{nextcloud => nextcloud.old}/nginx-collabora.conf (100%)
 rename states/roles/maintain/{nextcloud => nextcloud.old}/nginx-nextcloud.conf (100%)
 rename states/roles/maintain/{nextcloud => nextcloud.old}/php-fpm-nextcloud.conf (100%)
 rename states/roles/maintain/{nextcloud => nextcloud.old}/php-fpm-override.conf (100%)
 rename states/roles/maintain/{nextcloud => nextcloud.old}/php-fpm.ini (100%)

diff --git a/states/roles/maintain/nextcloud/bashrc b/states/roles/maintain/nextcloud.old/bashrc
similarity index 100%
rename from states/roles/maintain/nextcloud/bashrc
rename to states/roles/maintain/nextcloud.old/bashrc
diff --git a/states/roles/maintain/nextcloud/cron-override.conf b/states/roles/maintain/nextcloud.old/cron-override.conf
similarity index 100%
rename from states/roles/maintain/nextcloud/cron-override.conf
rename to states/roles/maintain/nextcloud.old/cron-override.conf
diff --git a/states/roles/maintain/nextcloud/init.sls b/states/roles/maintain/nextcloud.old/init.sls
similarity index 100%
rename from states/roles/maintain/nextcloud/init.sls
rename to states/roles/maintain/nextcloud.old/init.sls
diff --git a/states/roles/maintain/nextcloud/nextcloud-config.php b/states/roles/maintain/nextcloud.old/nextcloud-config.php
similarity index 100%
rename from states/roles/maintain/nextcloud/nextcloud-config.php
rename to states/roles/maintain/nextcloud.old/nextcloud-config.php
diff --git a/states/roles/maintain/nextcloud/nextcloud-php.ini b/states/roles/maintain/nextcloud.old/nextcloud-php.ini
similarity index 100%
rename from states/roles/maintain/nextcloud/nextcloud-php.ini
rename to states/roles/maintain/nextcloud.old/nextcloud-php.ini
diff --git a/states/roles/maintain/nextcloud/nextcloud.hook b/states/roles/maintain/nextcloud.old/nextcloud.hook
similarity index 100%
rename from states/roles/maintain/nextcloud/nextcloud.hook
rename to states/roles/maintain/nextcloud.old/nextcloud.hook
diff --git a/states/roles/maintain/nextcloud/nginx-collabora.conf b/states/roles/maintain/nextcloud.old/nginx-collabora.conf
similarity index 100%
rename from states/roles/maintain/nextcloud/nginx-collabora.conf
rename to states/roles/maintain/nextcloud.old/nginx-collabora.conf
diff --git a/states/roles/maintain/nextcloud/nginx-nextcloud.conf b/states/roles/maintain/nextcloud.old/nginx-nextcloud.conf
similarity index 100%
rename from states/roles/maintain/nextcloud/nginx-nextcloud.conf
rename to states/roles/maintain/nextcloud.old/nginx-nextcloud.conf
diff --git a/states/roles/maintain/nextcloud/php-fpm-nextcloud.conf b/states/roles/maintain/nextcloud.old/php-fpm-nextcloud.conf
similarity index 100%
rename from states/roles/maintain/nextcloud/php-fpm-nextcloud.conf
rename to states/roles/maintain/nextcloud.old/php-fpm-nextcloud.conf
diff --git a/states/roles/maintain/nextcloud/php-fpm-override.conf b/states/roles/maintain/nextcloud.old/php-fpm-override.conf
similarity index 100%
rename from states/roles/maintain/nextcloud/php-fpm-override.conf
rename to states/roles/maintain/nextcloud.old/php-fpm-override.conf
diff --git a/states/roles/maintain/nextcloud/php-fpm.ini b/states/roles/maintain/nextcloud.old/php-fpm.ini
similarity index 100%
rename from states/roles/maintain/nextcloud/php-fpm.ini
rename to states/roles/maintain/nextcloud.old/php-fpm.ini

From 65352d35d39e3f584c6013e103a502dad45706e8 Mon Sep 17 00:00:00 2001
From: Actaeus Curabitur <actcur@actcur.com>
Date: Wed, 6 Dec 2023 01:25:50 -0600
Subject: [PATCH 3/4] added per-service proxy header settings and set them for
 jellyfin

---
 pillars/roles/nginx/jellyfin.sls              | 5 +++++
 states/roles/maintain/nginx-proxy/local.conf  | 5 +++++
 states/roles/maintain/nginx-proxy/remote.conf | 9 +++++++++
 3 files changed, 19 insertions(+)

diff --git a/pillars/roles/nginx/jellyfin.sls b/pillars/roles/nginx/jellyfin.sls
index 153e2ec..ace1e18 100644
--- a/pillars/roles/nginx/jellyfin.sls
+++ b/pillars/roles/nginx/jellyfin.sls
@@ -4,6 +4,11 @@ nginx:
     https:
       port: 8096
       prot: http
+    proxy_headers:
+      X-Forwarded-Protocol: $scheme
+      Upgrade: $http_upgrade
+      Connection: upgrade
+
 
 portal:
   Media:
diff --git a/states/roles/maintain/nginx-proxy/local.conf b/states/roles/maintain/nginx-proxy/local.conf
index 754729c..95e4463 100644
--- a/states/roles/maintain/nginx-proxy/local.conf
+++ b/states/roles/maintain/nginx-proxy/local.conf
@@ -39,6 +39,11 @@ server {
     proxy_set_header X-Forwarded-For $remote_addr;
     proxy_set_header X-Forwarded-Ssl on;
 
+{%- if pillar['nginx'][server]['proxy_headers'] is defined -%}
+  {%- for header in pillar['nginx'][server]['proxy_headers'] %}
+    proxy_set_header {{header}} {{pillar['nginx'][server]['proxy_headers'][header]}};
+  {%- endfor %}
+{%- endif %}
 
     # re-write redirects to http as to https, example: /home
     proxy_redirect http:// https://;
diff --git a/states/roles/maintain/nginx-proxy/remote.conf b/states/roles/maintain/nginx-proxy/remote.conf
index 9bccdd8..adbc78c 100644
--- a/states/roles/maintain/nginx-proxy/remote.conf
+++ b/states/roles/maintain/nginx-proxy/remote.conf
@@ -38,8 +38,17 @@ server {
     {% set location="2" %}{% include 'roles/maintain/nginx-proxy/auth.conf' %}
     proxy_pass $backend;
     proxy_set_header Host $host;
+    proxy_set_header X-Forwarded-Proto https;
+    proxy_set_header X-Forwarded-Port 443;
     proxy_set_header X-Real-IP  $remote_addr;
     proxy_set_header X-Forwarded-For $remote_addr;
+    proxy_set_header X-Forwarded-Ssl on;
+
+{%- if pillar['nginx'][server]['proxy_headers'] is defined -%}
+  {%- for header in pillar['nginx'][server]['proxy_headers'] %}
+    proxy_set_header {{header}} {{pillar['nginx'][server]['proxy_headers'][header]}};
+  {%- endfor %}
+{%- endif %}
 
     # re-write redirects to http as to https, example: /home
     proxy_redirect http:// https://;

From c1fe7075c03502082d6e42ce7989d54a4d2bb48d Mon Sep 17 00:00:00 2001
From: Actaeus Curabitur <actcur@actcur.com>
Date: Sun, 24 Mar 2024 22:52:16 -0500
Subject: [PATCH 4/4] updated nextcloud nginx proxy, removing local proxy

---
 pillars/roles/nginx/nextcloud.sls | 7 -------
 1 file changed, 7 deletions(-)

diff --git a/pillars/roles/nginx/nextcloud.sls b/pillars/roles/nginx/nextcloud.sls
index f820f5d..0130a1a 100644
--- a/pillars/roles/nginx/nextcloud.sls
+++ b/pillars/roles/nginx/nextcloud.sls
@@ -1,10 +1,3 @@
-nginx:
-  cloud:
-    auth: none
-    https:
-      port: 8080
-      prot: http
-
 portal:
   Misc:
     cloud: