Hello,

at reset of nginx after change of a configuration the mistake began to arise. Help, please!!!

nginx [43482]: nginx: [emerg] of "location" directive is not allowed here in/etc/nginx/sites-enabled/nextcloud:57
nginx [43482]: nginx: configuration file/etc/nginx/nginx.conf test failed

nextcloud.conf

upstream php-handler {
server unix:/var/run/php7-fpm.sock;
}

server {
listen 80;
server_name domain.ru;
if ($uri !~* ^/(mailview|msd|separator)) {
return 301 https://$server_name$request_uri;
}
}
server {
gzip on;
gzip_vary on;
gzip_comp_level 6;
gzip_min_length 256;
gzip_buffers 16 8k;
gzip_types text/plain text/json text/css text/javascript text/xml application/octet-stream application/msword application/rtf application/x-7z-compressed application/vnd.ms-excel application/zip application/pdf application/x-rar-compressed application/font-woff application/font-woff2 font/ttf application/atom+xml application/javascript application/x-javascript application/json application/ld+json application/manifest+json image/svg+xml image/bmp image/gif image/jpeg video/mp2t video/mp4 video/x-m4v video/mpeg video/x-matroska video/x-msvideo application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image;
gzip_disable "msie6";
gzip_proxied any;
gzip_http_version 1.1;
expires 365d;
add_header Cache-Control private;
listen 443 ssl http2;
server_name mail.domain.ru;
rewrite ^/(mailview|msd|separator) http://$server_name$request_uri permanent;
}
root /var/www/nextcloud;

ssl_certificate /etc/letsencrypt/live/domain.ru/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/domain.ru/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/domain.ru/fullchain.pem;
ssl_dhparam /etc/ssl/certs/dhparam.pem;

ssl_ciphers "EECDH+AESGCM:EECDH+CHACHA20:EECDH+AES256:!AES128";

ssl_stapling on;
ssl_stapling_verify on;
resolver 8.8.4.4 8.8.8.8;

add_header X-Xss-Protection "1; mode=block" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Proxy-Cache "EXPIRED" always;
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;

access_log /var/log/nginx/nextcloud.access.log;
error_log /var/log/nginx/nextcloud.error.log;


proxy_connect_timeout 7200;
proxy_send_timeout 7200;
proxy_read_timeout 7200;
send_timeout 7200;

location = /robots.txt {
allow all;
root /var/www/nextcloud;
log_not_found off;
access_log off;
}

location ^~ /.well-known/acme-challenge { allow all; }

location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}

client_max_body_size 20G;
fastcgi_buffers 64 4K;

error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;

location / {
rewrite ^ /index.php$uri;
}

location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}

location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}

location ~^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
#Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
fastcgi_read_timeout 7200;
}

location ~ ^/(?:updater|ocs-provider)(?:$|/) {
try_files $uri/ =404;
index index.php;
}

location ~* \.(?:css|js)$ {
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=7200";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Optional: Don't log access to assets
access_log off;
}

location ~* \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg)$ {
try_files $uri /index.php$uri$is_args$args;
access_log off;
}

location ~ /.ht {
deny all;
}

location ~* ^.+.(jpg|jpeg|gif|png|ico|css|mp3|ogg|mpeg|avi|mp4|mkv|m4v|zip|pdf|doc|docx|xls|xlsx|ppt|woff|ttf|txt|svg|bmp|rtf|js)$ {
root /var/www/nextcloud;
expires 365d;

}

}

chillywilly Wrote:
-------------------------------------------------------

> location = /robots.txt {
> allow all;
> root /var/www/nextcloud;
> log_not_found off;
> access_log off;

Gives an error message on this parameter

location is only allowed in server {} blocks.

---
nginx for Windows http://nginx-win.ecsds.eu/

itpp2012 Wrote:
-------------------------------------------------------
> location is only allowed in server {} blocks.

I have dealt with it, Thanks!!! Now gives an error message

nginx [45012]: nginx: [emerg] of invalid log level of "proxy_connect_timeout" in/etc/nginx/sites-enabled/nextcloud:126
Sep of the 25th 6:02:45 PM nextcloud nginx [45012]: nginx: configuration file/etc/nginx/nginx.conf test failed

Parameter in a config

proxy_connect_timeout 7200;
proxy_send_timeout 7200;
proxy_read_timeout 7200;
send_timeout 7200;

Here I won't understand any more where to expose this level of the log?

Since you messed up the server blocks you may very well have messed up other areas that suppose to be in server blocks and some that should be outside, have a good look at ALL .conf files, print them out and lay them on a table.

---
nginx for Windows http://nginx-win.ecsds.eu/

itpp2012 Wrote:
-------------------------------------------------------
> Since you messed up the server blocks you may very well have messed up
> other areas that suppose to be in server blocks and some that should
> be outside, have a good look at ALL .conf files, print them out and
> lay them on a table.

Thank you for councils everything has earned!!!