I'm new at deploying, and basically this is the first time i get in touch with it. Short about application structure:
I have three parts:
api.app.dev/ - which is written in Lumen,
app.dev/backend/ - basic PHP middleware, used to keep API token and user data,
app.dev/ - which is front-end (JS).
I'm using nginx.
I spent so much time trying to set it up. The problem is that at app.dev/ i have /template folder where PHP templates are stored.
At app.dev/backend/ i have just one page which processing request
before it comes to API. How configuration should looks like?
I successfully configured API. Front-end works for now, but i can't test it.
But can't get back-end part working. There is current configuration:
app.dev/backend
server {
# Port that the web server will listen on.
listen 80;
# Host that will serve this project.
server_name hr.dev/backend;
# Useful logs for debug.
access_log /var/log/nginx/access-hr-backend.log main;
error_log /var/log/nginx/error-hr-backend.log;
rewrite_log on;
# The location of our projects public directory.
root /var/www/hr_app/git_repository/backend;
index page.php;
location / {
add_header Access-Control-Allow-Origin "http://hr.dev";
add_header Access-Control-Allow-Credentials true;
# URLs to attempt, including pretty ones.
try_files $uri/ /page.php?$query_string;
}
# Remove trailing slash to please routing system.
if (!-d $request_filename) {
rewrite ^/(.+)/$ /$1 permanent;
}
# PHP FPM configuration.
location ~* \.php$ {
add_header Access-Control-Allow-Origin "http://hr.dev";
add_header Access-Control-Allow-Credentials true;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
fastcgi_index page.php;
fastcgi_split_path_info ^(.+\.php)(.*)$;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# We don't need .ht files with nginx.
location ~ /\.ht {
deny all;
}
location ~ \.css {
add_header Content-Type text/css;
add_header Access-Control-Allow-Origin *;
}
location ~ \.js {
add_header Content-Type application/x-javascript;
add_header Access-Control-Allow-Origin *;
}
# Set header expirations on per-project basis
location ~* \.(?:ico|css|js|jpe?g|JPG|png|svg|woff)$ {
add_header Access-Control-Allow-Origin *;
expires 365d;
}
}
How do back-end part is accessed?
- It's accessed via front-end. AJAX request is sent to URL below.
When i try to access: app.dev/backend/?action=1123 i get 404 page not found.
On localhost everything works like charm. I develop with PHP internal server, and that was a BIG mistake!
Ok, i solved my problem by a lot of googling and trying. There are vhosts:
api.app.dev
server {
# Port that the web server will listen on.
listen 80;
# Host that will serve this project.
server_name api.app.dev;
# Useful logs for debug.
access_log /var/log/nginx/access-hr-api.log main;
error_log /var/log/nginx/error-hr-api.log;
rewrite_log on;
# The location of our projects public directory.
root /var/www/app/api/public;
# Point index to the Laravel front controller.
index index.php;
location / {
# URLs to attempt, including pretty ones.
add_header Access-Control-Allow-Origin *;
try_files $uri $uri/ /index.php?$query_string;
}
# Remove trailing slash to please routing system.
if (!-d $request_filename) {
rewrite ^/(.+)/$ /$1 permanent;
}
# PHP FPM configuration.
location ~* \.php$ {
add_header Access-Control-Allow-Origin *;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(.*)$;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# We don't need .ht files with nginx.
location ~ /\.ht {
deny all;
}
# Set header expirations on per-project basis
location ~* \.(?:ico|css|js|jpe?g|JPG|png|svg|woff)$ {
expires 365d;
}
}
app.dev/ ( && app.dev/backend/)
server {
# Port that the web server will listen on.
listen 80;
# Host that will serve this project.
server_name app.dev;
# Useful logs for debug.
root /var/www/app;
index index.html page.php;
access_log /var/log/nginx/access-hr.log main;
error_log /var/log/nginx/error-hr.log;
rewrite_log on;
location /backend {
add_header Test "location /backend ";
add_header Access-Control-Allow-Origin "http://hr.dev";
add_header Access-Control-Allow-Credentials true;
alias /var/www/app/backend;
# URLs to attempt, including pretty ones.
try_files $uri/ /page.php?$query_string;
}
location / {
add_header Test "location / in frontent";
add_header Test "location / in frontend vhost";
add_header Access-Control-Allow-Origin "app.dev";
add_header Access-Control-Allow-Credentials true;
root /var/www/app/frontend;
index index.html;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
index index.html;
}
# Remove trailing slash to please routing system.
if (!-d $request_filename) {
rewrite ^/(.+)/$ /$1 permanent;
}
location /frontend/template {
alias /var/www/app/frontend;
}
# PHP FPM configuration.
location ~* \.php$ {
add_header Test "location php in backend ";
add_header Access-Control-Allow-Origin "http://app.dev";
add_header Access-Control-Allow-Credentials true;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(.*)$;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# We don't need .ht files with nginx.
location ~ /\.ht {
add_header Test "location ht in backend ";
deny all;
}
location ~ \.css {
add_header Test "location css in hr.dev";
add_header Content-Type text/css;
add_header Access-Control-Allow-Origin *;
root /var/www/app/frontend;
}
location ~ securimage.js {
add_header Content-Type application/x-javascript;
root /var/www/app;
}
location ~ \.js {
add_header Test "location js in hr.dev";
add_header Content-Type application/x-javascript;
add_header Access-Control-Allow-Origin *;
root /var/www/app/frontend;
}
# Set header expirations on per-project basis
location ~* \.(?:ico|jpe?g|JPG|png|svg|woff)$ {
add_header Test "location ico,js,jpeg... in backend";
add_header Access-Control-Allow-Origin *;
expires 365d;
}
}
Related
My application includes a vue only frontend with api written in laravel. The way I want to set it up like this:
http://myapp.local --> Points to the vue frontend.
http://myapp.local/api --> Points to the laravel application api routes.
This is my nginx config:
server {
listen 80;
server_name myapp.local *.myapp.local;
root /var/www/myapp-frontend/dist;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location ^~ /api {
alias /var/www/myapp-api/public;
try_files $uri $uri/ #api;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
include fastcgi_params;
}
}
location #api {
rewrite /api/(.*)$ /api/index.php/$1 last;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
Hitting http://myapp.local/api opens the root laravel route. But if I open any other route in my application I get an 500 Internal Server
Error.
This is the error in nginx's error log:
2019/09/09 15:58:18 [error] 20954#20954: *10 rewrite or internal redirection cycle while redirect to named location "#api", client:
127.0.0.1, server: myapp.local, request: "GET /api/admin/features HTTP/1.1", host: "myapp.local"
Update
I have managed to make it work somehow, this is what the updated config looks like
server {
listen 80;
server_name *.myapp.local;
root /var/www/myapp-api/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.php;
charset utf-8;
add_header X-debug-request-filename "$request_filename" always;
add_header X-debug-document-root "$document_root" always;
add_header X-debug-fastcgi-script-name "$fastcgi_script_name" always;
add_header X-debug-query-string "$query_string" always;
location / {
root /var/www/myapp-frontend/dist;
try_files $uri $uri/ /index.html = 404;
}
location /api {
alias /var/www/myapp-api/public;
try_files $uri $uri/ #api;
add_header X-debug-request-filename "$request_filename" always;
add_header X-debug-document-root "$document_root" always;
add_header X-debug-fastcgi-script-name "$fastcgi_script_name" always;
add_header X-debug-query-string "$query_string" always;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
include fastcgi_params;
}
}
location #api {
rewrite ^/api/(.*)$ /api/index.php?/$1 last; # THIS IS THE IMPORTANT LINE
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
#error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
I have one small problem though, everytime I access the api routes I need to write /api twice in order to get the correct address. For example like this http://myapp.local/api/api/login. /api/login is the actual route, and http://myapp.local/api/ points to the laravel application, so needing to write /api twice makes sense. But would it be anyhow possible to just use http://myapp.local/api/login to access /api/login route?
Add the location / for the vue.js interpreter
server {
listen 80;
server_name myapp.local *.myapp.local;
root /var/www/myapp-frontend/dist;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location ^~ /api {
alias /var/www/myapp-api/public;
try_files $uri $uri/ #api;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.3-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
include fastcgi_params;
}
}
location / {
proxy_pass http://127.0.0.1:3000;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
}
location #api {
rewrite /api/(.*)$ /api/index.php/$1 last;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
Used the port 3000 as example in here. Set it to your node listening port.
I am having trouble with the appropriate Nginx configuration of my server.
The deployed php app on It is OJS, a journal management and publishing system, originally developed to run on Apache1.
Although OJS may runs on Nginx without further specific server configuration, a minor change on the OJS main config settings (disable_path_info ON) must be done because PATH_INFO doesn't seem to be supported by Nginx. However that generate non pretty URLs, which in turn cause some OJS features/plugins to work out of specifications, or not to work at all2.
I found some posts were people share successful experiences on that:
https://coolpandaca.wordpress.com/2012/12/07/migrate-ojs-to-nginx-from-apache
https://forum.pkp.sfu.ca/t/ojs3-on-nginx-php7-0-fpm/28590
This is another site
https://www.snip2code.com/Snippet/305514/nginx-configuration-for-OJS-on-an-aegir-
I am running Ubuntu 18.04.1 LTS (GNU/Linux 4.15.0-42-generic x86_64)
on a Digital Ocean account configured by Laravel Forge.
I couldn't find the way to combine this blocks of code (the ones at examples on above links) with mine default Nginx settings.
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/evidenciaonojs.tk/before/*;
server {
listen 80;
listen [::]:80;
server_name evidenciaonojs.tk;
root /home/forge/evidenciaonojs.tk/;
# FORGE SSL (DO NOT REMOVE!)
# ssl_certificate;
# ssl_certificate_key;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparams.pem;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/evidenciaonojs.tk/server/*;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/evidenciaonojs.tk-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/evidenciaonojs.tk/after/*;
I expect to change back OJS config file to disable_path_info Off and be able to use pretty URL while running on Nginx.
Any help on this will be truly appreciated!
I just now saw your message on the OJS3 forum.
For NginX try this configuration
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/evidenciaonojs.tk/before/*;
server {
listen 80;
listen [::]:80;
server_name evidenciaonojs.tk;
root /home/forge/evidenciaonojs.tk/;
# FORGE SSL (DO NOT REMOVE!)
# ssl_certificate;
# ssl_certificate_key;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparams.pem;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/evidenciaonojs.tk/server/*;
location / {
try_files $uri $uri/ /index.php?$args;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/evidenciaonojs.tk-error.log error;
error_page 404 /index.php;
location ~ ^(.+\.php)(.*)$ {
set $path_info $fastcgi_path_info;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_param PATH_INFO $path_info;
fastcgi_param PATH_TRANSLATED $document_root$path_info;
if (!-f $document_root$fastcgi_script_name) {
return 404;
}
include fastcgi_params;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/evidenciaonojs.tk/after/*;
Be sure to to set:
1. cgi.fix_pathinfo=1 in PHP-FPM (in /etc/php/7.2/fpm/php.ini probably).
2. security.limit_extensions = .php in your FPM pool config file (in /etc/php/7.2/fpm/pool.d/your_site.conf)
3. disable_path_info = Off (in OJS config.inc.php)
Restart PHP-FPM and NginX services. Then, if it works, read about the evils of NginX IF and 'cgi.fix_pathinfo'.
Just con confirm that things that were useful in my case to run successfully OJS on Nginx (Ubuntu 18.04.1 LTS on a Digital Ocean account configured by Laravel Forge) included:
1) Modify cgi.fix_pathinfo=1 in PHP-FPM (in /etc/php/7.2/fpm/php.ini)
2) Uncomment (enable) security.limit_extensions = .php (in /etc/php/7.2/fpm/pool.d/www.conf)
3) Changed disable_path_info = Off (in OJS config.inc.php).
4) Replace nginx config with:
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/evidenciaonojs.tk/before/*;
server {
listen 80;
listen [::]:80;
server_name evidenciaonojs.tk;
root /home/forge/evidenciaonojs.tk/;
# FORGE SSL (DO NOT REMOVE!)
# ssl_certificate;
# ssl_certificate_key;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparams.pem;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/evidenciaonojs.tk/server/*;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log off;
error_log /var/log/nginx/evidenciaonojs.tk-error.log error;
error_page 404 /index.php;
location ~ ^(.+\.php)(.*)$ {
set $path_info $fastcgi_path_info;
fastcgi_split_path_info ^(.+\.php)(.*)$;
fastcgi_param PATH_INFO $path_info;
fastcgi_param PATH_TRANSLATED $document_root$path_info;
fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/evidenciaonojs.tk/after/*;
5) And finally restart services (service php7.2-fpm restart AND sudo service nginx restart).
I follow these 2 tutorials:
(install magento 2)
(install letsencrypt)
When I visit my magento instance. It said "redirects too many times"
Here is my nginx config
upstream fastcgi_backend {
server unix:/run/php/php7.0-fpm.sock;
}
server {
listen 80;
listen [::]:80;
server_name sub.site.com www.sub.site.com;
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
include snippets/ssl-sub.site.com.conf;
include snippets/ssl-params.conf;
server_name server_name sub.site.com www.sub.site.com;
set $MAGE_ROOT /home/sub_site/public_html;
set $MAGE_MODE developer;
include /home/sub_site/public_html/nginx.conf.sample;
location ~ /.well-known {
allow all;
}
}
Update 1: include /home/sub_site/public_html/nginx.conf.sample;
## Example configuration:
# upstream fastcgi_backend {
# # use tcp connection
# # server 127.0.0.1:9000;
# # or socket
# server unix:/var/run/php5-fpm.sock;
# }
# server {
# listen 80;
# server_name mage.dev;
# set $MAGE_ROOT /var/www/magento2;
# include /vagrant/magento2/nginx.conf.sample;
# }
#
## Optional override of deployment mode. We recommend you use the
## command 'bin/magento deploy:mode:set' to switch modes instead.
##
## set $MAGE_MODE default; # or production or developer
##
## If you set MAGE_MODE in server config, you must pass the variable into the
## PHP entry point blocks, which are indicated below. You can pass
## it in using:
##
## fastcgi_param MAGE_MODE $MAGE_MODE;
##
## In production mode, you should uncomment the 'expires' directive in the /static/ location block
root $MAGE_ROOT/pub;
index index.php;
autoindex off;
charset UTF-8;
error_page 404 403 = /errors/404.php;
#add_header "X-UA-Compatible" "IE=Edge";
# PHP entry point for setup application
location ~* ^/setup($|/) {
root $MAGE_ROOT;
location ~ ^/setup/index.php {
fastcgi_pass fastcgi_backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/setup/(?!pub/). {
deny all;
}
location ~ ^/setup/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
# PHP entry point for update application
location ~* ^/update($|/) {
root $MAGE_ROOT;
location ~ ^/update/index.php {
fastcgi_split_path_info ^(/update/index.php)(/.+)$;
fastcgi_pass fastcgi_backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi_params;
}
# Deny everything but index.php
location ~ ^/update/(?!pub/). {
deny all;
}
location ~ ^/update/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location /pub/ {
location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
deny all;
}
alias $MAGE_ROOT/pub/;
add_header X-Frame-Options "SAMEORIGIN";
}
location /static/ {
# Uncomment the following line in production mode
# expires max;
# Remove signature of the static files that is used to overcome the browser cache
location ~ ^/static/version {
rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/ {
try_files $uri $uri/ /get.php?$args;
location ~ ^/media/theme_customization/.*\.xml {
deny all;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
try_files $uri $uri/ /get.php?$args;
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
try_files $uri $uri/ /get.php?$args;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/customer/ {
deny all;
}
location /media/downloadable/ {
deny all;
}
location /media/import/ {
deny all;
}
# PHP entry point for main application
location ~ (index|get|static|report|404|503)\.php$ {
try_files $uri =404;
fastcgi_pass fastcgi_backend;
fastcgi_buffers 1024 4k;
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
gzip on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types
text/plain
text/css
text/js
text/xml
text/javascript
application/javascript
application/x-javascript
application/json
application/xml
application/xml+rss
image/svg+xml;
gzip_vary on;
# Banned locations (only reached if the earlier PHP entry point regexes don't match)
location ~* (\.php$|\.htaccess$|\.git) {
deny all;
}
I am using magento2 and fishpig WordPress integration extension and using Nginx Server. Wordpress directory is on magento root with name "wp".
Magento is working fine and display the blog content but when accessing the WordPress admin URL or frontend it shows 404 error page not found.
After research, I found that we have to do the setting in Nginx config file (/etc/Nginx/sites-available) and setup the location of wp directory.
Below are the code which i have tried to add in Nginx Config file
location /wp {
index index.php index.html index.htm;
try_files $uri $uri/ /wp/index.php?$args;
}
location /wp {
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?$args;
}
location /wp/wp-admin/ {
index index.php index.html index.htm;
try_files $uri $uri/ /wp/wp-admin/index.php?$args;
}
Below are some URL which I have gone through -:
Nginx configuration for a wordpress blog in a subfolder of magento root
https://codex.wordpress.org/Nginx
https://www.getpagespeed.com/web-apps/magento-wordpress-integration-nginx
Below is my Nginx file.
server {
listen 80;
listen [::]:80;
listen 443 ssl;
listen [::]:443 ssl;
server_name magento.online.com;
set $MAGE_ROOT /var/www/html/prod;
ssl_certificate /etc/nginx/ssl/nginx.crt;
ssl_certificate_key /etc/nginx/ssl/nginx.key;
root $MAGE_ROOT/pub;
index index.php;
autoindex off;
charset UTF-8;
##raj
error_page 404 403 = /errors/404.php;
#add_header "X-UA-Compatible" "IE=Edge";
# PHP entry point for setup application
location ~* ^/setup($|/) {
root $MAGE_ROOT;
location ~ ^/setup/index.php {
fastcgi_pass fastcgi_backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~ ^/setup/(?!pub/). {
deny all;
}
location ~ ^/setup/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
# PHP entry point for update application
location ~* ^/update($|/) {
root $MAGE_ROOT;
location ~ ^/update/index.php {
fastcgi_split_path_info ^(/update/index.php)(/.+)$;
fastcgi_pass fastcgi_backend;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
include fastcgi_params;
}
# Deny everything but index.php
location ~ ^/update/(?!pub/). {
deny all;
}
location ~ ^/update/pub/ {
add_header X-Frame-Options "SAMEORIGIN";
}
}
location / {
try_files $uri $uri/ /index.php?$args;
}
#wordpress Code
# location /wordpress/ {
# try_files $uri $uri/ /wordpress/index.php?$args;
# }
location /wp/wp-admin/ {
index index.php index.html index.htm;
try_files $uri $uri/ /wp/wp-admin/index.php?$args;
}
# location /wp/wp-admin/ {
# index index.php index.html index.htm;
# try_files $uri $uri/ /index.php?$args;
# }
#End of code
location /pub/ {
location ~ ^/pub/media/(downloadable|customer|import|theme_customization/.*\.xml) {
deny all;
}
alias $MAGE_ROOT/pub/;
add_header X-Frame-Options "SAMEORIGIN";
}
location /static/ {
# Uncomment the following line in production mode
# expires max;
# Remove signature of the static files that is used to overcome the browser cache
location ~ ^/static/version {
rewrite ^/static/(version\d*/)?(.*)$ /static/$2 last;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
}
if (!-f $request_filename) {
rewrite ^/static/(version\d*/)?(.*)$ /static.php?resource=$2 last;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/ {
try_files $uri $uri/ /get.php?$args;
location ~ ^/media/theme_customization/.*\.xml {
deny all;
}
location ~* \.(ico|jpg|jpeg|png|gif|svg|js|css|swf|eot|ttf|otf|woff|woff2)$ {
add_header Cache-Control "public";
add_header X-Frame-Options "SAMEORIGIN";
expires +1y;
try_files $uri $uri/ /get.php?$args;
}
location ~* \.(zip|gz|gzip|bz2|csv|xml)$ {
add_header Cache-Control "no-store";
add_header X-Frame-Options "SAMEORIGIN";
expires off;
try_files $uri $uri/ /get.php?$args;
}
add_header X-Frame-Options "SAMEORIGIN";
}
location /media/customer/ {
deny all;
}
location /media/downloadable/ {
deny all;
}
location /media/import/ {
deny all;
}
# PHP entry point for main application
location ~ (index|get|static|report|404|503)\.php$ {
try_files $uri =404;
fastcgi_pass fastcgi_backend;
fastcgi_buffers 1024 4k;
fastcgi_param PHP_FLAG "session.auto_start=off \n suhosin.session.cryptua=off";
fastcgi_param PHP_VALUE "memory_limit=768M \n max_execution_time=600";
fastcgi_read_timeout 600s;
fastcgi_connect_timeout 600s;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
gzip on;
gzip_disable "msie6";
gzip_comp_level 6;
gzip_min_length 1100;
gzip_buffers 16 8k;
gzip_proxied any;
gzip_types
text/plain
text/css
text/js
text/xml
text/javascript
application/javascript
application/x-javascript
application/json
application/xml
application/xml+rss
image/svg+xml;
gzip_vary on;
# Banned locations (only reached if the earlier PHP entry point regexes don't match)
location ~* (\.php$|\.htaccess$|\.git) {
deny all;
}
}
#
## Optional override of deployment mode. We recommend you use the
## command 'bin/magento deploy:mode:set' to switch modes instead.
##
## set $MAGE_MODE default; # or production or developer
##
## If you set MAGE_MODE in server config, you must pass the variable into the
## PHP entry point blocks, which are indicated below. You can pass
## it in using:
##
## fastcgi_param MAGE_MODE $MAGE_MODE;
##
## In production mode, you should uncomment the 'expires' directive in the /static/ location block
Any help will be really appriciated.
When integrating WordPress into Magento, you don't need to do anything special with the rewrites that you wouldn't do as normal to get WordPress working on Nginx.
You might not even need the rewrites at all. The rewrites exist to route all frontend requests through index.php to provide pretty SEO URLs. This functionality of WordPress isn't being used as the frontend is being displayed by Magento, therefore the rewrites may not be needed. All requests to the WordPress Admin are to files that exist and therefore rewrites shouldn't be needed.
I want to have a owncloud instance in a subfolder on my nginx server. But I have problems with some of the files requested by opwncloud (it seems css and js don't load).
Here is the nginx conf file for this virtual host :
server {
listen 80;
server_name blackblock.22decembre.eu;
return 301 https://blackblock.22decembre.eu$request_uri;
}
server {
listen 443 default_server ssl;
server_name blackblock.22decembre.eu;
root /srv/www/blackblock/;
access_log /var/log/nginx/blackblock.access.log;
error_log /var/log/nginx/blackblock.errors.log;
index index.html index.php;
# This block will catch static file requests, such as images, css, js
# The : prefix is a "non-capturing" mark, meaning we do not require
# the pattern to be captured into $1 which should help improve performance
location ~* \.(:ico|css|js|gif|jpeg|png)$ {
# Some basic cache-control for static files to be sent to the browser
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
# remove the robots line if you want to use wordpress" virtual robots.txt
# location = /robots.txt { access_log off; log_not_found off; }
location = /favicon.ico { access_log off; log_not_found off; }
# this prevents hidden files (beginning with a period) from being served
location ~ /\. { access_log off; log_not_found off; deny all; }
#location ~ ^(?<script_name>.+?\.php)(?<path_info>/.*)?$ {
location ~ \.php {
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
fastcgi_pass unix:/run/php5-fpm.sock;
include fastcgi_params;
}
location /roundcube/program/js/tiny_mce/ { alias /usr/share/tinymce/www/; }
location /roundcube/(config|temp|logs) { deny all;}
##### owncloud
location ~ /owncloud/ {
root /srv/www/blackblock/owncloud/;
try_files $uri $uri/ index.php;
#client_max_body_size 10G; # set max upload size
#fastcgi_buffers 64 4K;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
location ~ ^/remote.php(/.*)$ {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_pass unix:/run/php5-fpm.sock;
include fastcgi_params;
}
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
# The following 2 rules are only needed with webfinger
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
# Optional: set long EXPIRES header on static assets
#location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
# expires 30d;
# Optional: Don't log access to assets
# access_log off;
# }
}
##### torrent (not related to owncloud, flask application)
location = /flask-torrent { rewrite ^ /flask-torrent/ last; }
}
I can't find why owncloud doesn't load correctly !
You can have a look at the website, I feel fine and secured for that : https://blackblock.22decembre.eu/owncloud/ (cacert certificates).
If I launch a specific virtual host for owncloud, it works perfectly, but I don't want, I prefer it in a subfolder of this host (blackblock) !
The reason why ownCloud doesn't work in a subfolder with nginx is that nginx, by default, doesn't include the subfolder in the parameter SCRIPT_NAME. If ownCloud is at domain.tld/owncloud/index.php, it expects $_SERVER['SCRIPT_NAME'] to be /owncloud/index.php, but nginx by default (if you include fastcgi_params;) sets it to index.php. The solution is to override the behaviour: add fastcgi_param SCRIPT_NAME /owncloud/$fastcgi_script_name; to the php-location-block in the nginx conf file.
Relevant parts of my nginx configuration file follow. Please note that I haven't tested it completely; on the first look it seems to work though. My System: nginx 1.2.1 and php 5.4.4 on Debian Wheezy 64 bit.
location /owncloud/ {
alias /var/www/owncloud/;
location ~ ^/owncloud/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
rewrite ^/owncloud/caldav(.*)$ /owncloud/remote.php/caldav$1 redirect;
rewrite ^/owncloud/carddav(.*)$ /owncloud/remote.php/carddav$1 redirect;
rewrite ^/owncloud/webdav(.*)$ /owncloud/remote.php/webdav$1 redirect;
rewrite ^/owncloud/.well-known/host-meta /owncloud/public.php?service=host-meta last;
rewrite ^/owncloud/.well-known/host-meta.json /owncloud/public.php?service=host-meta-json last;
rewrite ^/owncloud/.well-known/carddav /owncloud/remote.php/carddav/ redirect;
rewrite ^/owncloud/.well-known/caldav /owncloud/remote.php/caldav/ redirect;
rewrite ^/owncloud/apps/([^/]*)/(.*\.(css|php))$ /owncloud/index.php?app=$1&getfile=$2 last;
rewrite ^(/owncloud/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ index.php;
location ~ ^/owncloud/(.+?\.php)/? { # note the question mark here and in the next line!
fastcgi_split_path_info ^/owncloud/(.+?\.php)(/?.*)$;
set $path_info $fastcgi_path_info; # workaround for bug: try_files resets fastcgi_path_info for some reason.
try_files $fastcgi_script_name = 404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
fastcgi_param SCRIPT_NAME /owncloud/$fastcgi_script_name; # !!!
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
}
None of the other answers worked for me, I finally got a working solution from this blog:
http://www.aelog.org/install-owncloud-in-a-subdirectory-using-nginx/
Here's a version:
server {
listen 80;
server_name example.com;
# enforce https
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/ssl/nginx/cloud.example.com.crt;
ssl_certificate_key /etc/ssl/nginx/cloud.example.com.key;
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
# Path to the root of your website (one level above owncloud folder)
root /var/www;
# set max upload size
client_max_body_size 10G;
fastcgi_buffers 64 4K;
# Disable gzip to avoid the removal of the ETag header
gzip off;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
# ownCloud blacklist
location ~ ^/owncloud/(?:\.htaccess|data|config|db_structure\.xml|README) {
deny all;
error_page 403 = /owncloud/core/templates/403.php;
}
index index.php;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
deny all;
}
location /owncloud {
error_page 403 = /owncloud/core/templates/403.php;
error_page 404 = /owncloud/core/templates/404.php;
rewrite ^/owncloud/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/owncloud/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/owncloud/webdav(.*)$ /remote.php/webdav$1 redirect;
rewrite ^(/owncloud/core/doc[^\/]+/)$ $1/index.html;
# The following rules are only needed with webfinger
rewrite ^/owncloud/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/owncloud/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/owncloud/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/owncloud/.well-known/caldav /remote.php/caldav/ redirect;
try_files $uri $uri/ index.php;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
location / {
root /var/www/html/;
index index.html;
}
# Optional: set long EXPIRES header on static assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
# Optional: Don't log access to assets
access_log off;
}
}
I've created a documentation pull request here:
https://github.com/owncloud/documentation/pull/1704
Apologies if you have reviewed this already but there are a few items including multiple Nginx location directives that are absent from the config you posted. I would recommend looking at the configuration notes (link at the bottom of this post) and ensuring that you have Nginx location directives for ownCloud and ownCloud data.
Check the Nginx PHP handler:
Your Nginx configuration should include a handler for PHP5-FPM, put this before the server directive at the top of the Nginx configuration:
upstream php5-fpm-handler {
server unix:/var/run/php5-fpm.sock;
}
Check the Nginx directives:
Examples:
location /owncloud {
rewrite ^ https://$http_host$request_uri? permanent;
}
location ~ ^/owncloud/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
Check the PHP5-FPM configuration:
Also, please ensure that you PHP5-FPM pool configuration (usually somewhere like /etc/php5/fpm/pool.d/www.conf on Ubuntu) is set to listen on the socket and not a TCP port which should match your handler. The configuration directives for PHP5-FPM socket versus port follow.
Example socket:
listen = /var/run/php5-fpm.sock
Example port (commented out to match the upstream handler):
;listen = 127.0.0.1:9000
Also, if you have not already done so, please take a look at the ownCloud configuration notes for Nginx.
http://doc.owncloud.org/server/5.0/admin_manual/installation/installation_others.html
First let me point out that / isn't working yet /index.php is working, which means that the index statement for some reason isn't working, or that your URI is matching another block.
To be safe rewrite location ~ /owncloud/ to location ^~ /owncloud
Your config needs a lot of rewriting, mind that the default configuration was made for owncloud installed on root directory, yours in a subdirecotry you need to fix few things, like keep in mind that $uri would include /owncloud and /file.ext would hop outside the owncloud folder, so all rewrites that are like
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
need to be fixed because of 2 things,
^/caldav(.*)$ will never happen, uri will always begin with ^/owncloud
/remote.php/... will look outside owncloud
A fix would be something like this:
rewrite ^/owncloud/caldav(.*)$ /owncloud/remote.php/caldav$1 redirect;
Try those for a start and tell me how it goes.