I want to have a owncloud instance in a subfolder on my nginx server. But I have problems with some of the files requested by opwncloud (it seems css and js don't load).
Here is the nginx conf file for this virtual host :
server {
listen 80;
server_name blackblock.22decembre.eu;
return 301 https://blackblock.22decembre.eu$request_uri;
}
server {
listen 443 default_server ssl;
server_name blackblock.22decembre.eu;
root /srv/www/blackblock/;
access_log /var/log/nginx/blackblock.access.log;
error_log /var/log/nginx/blackblock.errors.log;
index index.html index.php;
# This block will catch static file requests, such as images, css, js
# The : prefix is a "non-capturing" mark, meaning we do not require
# the pattern to be captured into $1 which should help improve performance
location ~* \.(:ico|css|js|gif|jpeg|png)$ {
# Some basic cache-control for static files to be sent to the browser
expires max;
add_header Pragma public;
add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}
# remove the robots line if you want to use wordpress" virtual robots.txt
# location = /robots.txt { access_log off; log_not_found off; }
location = /favicon.ico { access_log off; log_not_found off; }
# this prevents hidden files (beginning with a period) from being served
location ~ /\. { access_log off; log_not_found off; deny all; }
#location ~ ^(?<script_name>.+?\.php)(?<path_info>/.*)?$ {
location ~ \.php {
fastcgi_param SCRIPT_NAME $fastcgi_script_name;
#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_index index.php;
fastcgi_pass unix:/run/php5-fpm.sock;
include fastcgi_params;
}
location /roundcube/program/js/tiny_mce/ { alias /usr/share/tinymce/www/; }
location /roundcube/(config|temp|logs) { deny all;}
##### owncloud
location ~ /owncloud/ {
root /srv/www/blackblock/owncloud/;
try_files $uri $uri/ index.php;
#client_max_body_size 10G; # set max upload size
#fastcgi_buffers 64 4K;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
location ~ ^/remote.php(/.*)$ {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_pass unix:/run/php5-fpm.sock;
include fastcgi_params;
}
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
# The following 2 rules are only needed with webfinger
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
# Optional: set long EXPIRES header on static assets
#location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
# expires 30d;
# Optional: Don't log access to assets
# access_log off;
# }
}
##### torrent (not related to owncloud, flask application)
location = /flask-torrent { rewrite ^ /flask-torrent/ last; }
}
I can't find why owncloud doesn't load correctly !
You can have a look at the website, I feel fine and secured for that : https://blackblock.22decembre.eu/owncloud/ (cacert certificates).
If I launch a specific virtual host for owncloud, it works perfectly, but I don't want, I prefer it in a subfolder of this host (blackblock) !
The reason why ownCloud doesn't work in a subfolder with nginx is that nginx, by default, doesn't include the subfolder in the parameter SCRIPT_NAME. If ownCloud is at domain.tld/owncloud/index.php, it expects $_SERVER['SCRIPT_NAME'] to be /owncloud/index.php, but nginx by default (if you include fastcgi_params;) sets it to index.php. The solution is to override the behaviour: add fastcgi_param SCRIPT_NAME /owncloud/$fastcgi_script_name; to the php-location-block in the nginx conf file.
Relevant parts of my nginx configuration file follow. Please note that I haven't tested it completely; on the first look it seems to work though. My System: nginx 1.2.1 and php 5.4.4 on Debian Wheezy 64 bit.
location /owncloud/ {
alias /var/www/owncloud/;
location ~ ^/owncloud/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
rewrite ^/owncloud/caldav(.*)$ /owncloud/remote.php/caldav$1 redirect;
rewrite ^/owncloud/carddav(.*)$ /owncloud/remote.php/carddav$1 redirect;
rewrite ^/owncloud/webdav(.*)$ /owncloud/remote.php/webdav$1 redirect;
rewrite ^/owncloud/.well-known/host-meta /owncloud/public.php?service=host-meta last;
rewrite ^/owncloud/.well-known/host-meta.json /owncloud/public.php?service=host-meta-json last;
rewrite ^/owncloud/.well-known/carddav /owncloud/remote.php/carddav/ redirect;
rewrite ^/owncloud/.well-known/caldav /owncloud/remote.php/caldav/ redirect;
rewrite ^/owncloud/apps/([^/]*)/(.*\.(css|php))$ /owncloud/index.php?app=$1&getfile=$2 last;
rewrite ^(/owncloud/core/doc/[^\/]+/)$ $1/index.html;
try_files $uri $uri/ index.php;
location ~ ^/owncloud/(.+?\.php)/? { # note the question mark here and in the next line!
fastcgi_split_path_info ^/owncloud/(.+?\.php)(/?.*)$;
set $path_info $fastcgi_path_info; # workaround for bug: try_files resets fastcgi_path_info for some reason.
try_files $fastcgi_script_name = 404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
fastcgi_param SCRIPT_NAME /owncloud/$fastcgi_script_name; # !!!
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
}
None of the other answers worked for me, I finally got a working solution from this blog:
http://www.aelog.org/install-owncloud-in-a-subdirectory-using-nginx/
Here's a version:
server {
listen 80;
server_name example.com;
# enforce https
return 301 https://$server_name$request_uri;
}
server {
listen 443 ssl;
server_name example.com;
ssl_certificate /etc/ssl/nginx/cloud.example.com.crt;
ssl_certificate_key /etc/ssl/nginx/cloud.example.com.key;
# Add headers to serve security related headers
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
# Path to the root of your website (one level above owncloud folder)
root /var/www;
# set max upload size
client_max_body_size 10G;
fastcgi_buffers 64 4K;
# Disable gzip to avoid the removal of the ETag header
gzip off;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
# ownCloud blacklist
location ~ ^/owncloud/(?:\.htaccess|data|config|db_structure\.xml|README) {
deny all;
error_page 403 = /owncloud/core/templates/403.php;
}
index index.php;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
deny all;
}
location /owncloud {
error_page 403 = /owncloud/core/templates/403.php;
error_page 404 = /owncloud/core/templates/404.php;
rewrite ^/owncloud/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/owncloud/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/owncloud/webdav(.*)$ /remote.php/webdav$1 redirect;
rewrite ^(/owncloud/core/doc[^\/]+/)$ $1/index.html;
# The following rules are only needed with webfinger
rewrite ^/owncloud/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/owncloud/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/owncloud/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/owncloud/.well-known/caldav /remote.php/caldav/ redirect;
try_files $uri $uri/ index.php;
}
location ~ \.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
location / {
root /var/www/html/;
index index.html;
}
# Optional: set long EXPIRES header on static assets
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
expires 30d;
# Optional: Don't log access to assets
access_log off;
}
}
I've created a documentation pull request here:
https://github.com/owncloud/documentation/pull/1704
Apologies if you have reviewed this already but there are a few items including multiple Nginx location directives that are absent from the config you posted. I would recommend looking at the configuration notes (link at the bottom of this post) and ensuring that you have Nginx location directives for ownCloud and ownCloud data.
Check the Nginx PHP handler:
Your Nginx configuration should include a handler for PHP5-FPM, put this before the server directive at the top of the Nginx configuration:
upstream php5-fpm-handler {
server unix:/var/run/php5-fpm.sock;
}
Check the Nginx directives:
Examples:
location /owncloud {
rewrite ^ https://$http_host$request_uri? permanent;
}
location ~ ^/owncloud/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
Check the PHP5-FPM configuration:
Also, please ensure that you PHP5-FPM pool configuration (usually somewhere like /etc/php5/fpm/pool.d/www.conf on Ubuntu) is set to listen on the socket and not a TCP port which should match your handler. The configuration directives for PHP5-FPM socket versus port follow.
Example socket:
listen = /var/run/php5-fpm.sock
Example port (commented out to match the upstream handler):
;listen = 127.0.0.1:9000
Also, if you have not already done so, please take a look at the ownCloud configuration notes for Nginx.
http://doc.owncloud.org/server/5.0/admin_manual/installation/installation_others.html
First let me point out that / isn't working yet /index.php is working, which means that the index statement for some reason isn't working, or that your URI is matching another block.
To be safe rewrite location ~ /owncloud/ to location ^~ /owncloud
Your config needs a lot of rewriting, mind that the default configuration was made for owncloud installed on root directory, yours in a subdirecotry you need to fix few things, like keep in mind that $uri would include /owncloud and /file.ext would hop outside the owncloud folder, so all rewrites that are like
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
need to be fixed because of 2 things,
^/caldav(.*)$ will never happen, uri will always begin with ^/owncloud
/remote.php/... will look outside owncloud
A fix would be something like this:
rewrite ^/owncloud/caldav(.*)$ /owncloud/remote.php/caldav$1 redirect;
Try those for a start and tell me how it goes.
Related
I am trying to set up email verification, but because of wrong configuration of either, server or php I always get 403 Invalid signature error. If you know how to solve this problem I would be very grateful. All the solutions I googled don't work for me.
my route with params:
https://mysite.lo/email/verify/1001/82f42f0bbc6880958a68b56159cb7cbf96199ddf?expires=1642686658&signature=87fa7d09653adcbbeb4dd99bec9a97395d7417bdfeffc145a1c5d6e80feeb726
PHP DEBUG
$request->server->get('QUERY_STRING')
output:
/email/verify/1001/82f42f0bbc6880958a68b56159cb7cbf96199ddf&expires=1642686658&signature=87fa7d09653adcbbeb4dd99bec9a97395d7417bdfeffc145a1c5d6e80feeb726
enter image description here
But there should be another output, starting from ? to the end, for example:
expires=1642686658&signature=87fa7d09653adcbbeb4dd99bec9a97395d7417bdfeffc145a1c5d6e80feeb726
Or am I misunderstanding something?
Anyway, I don't understand why this is happening.
The nginx settings are below.
server {
listen 80;
listen 443 ssl;
listen [::]:80;
server_name mysite.lo *.mysite.lo;
ssl_certificate /etc/nginx/ssl/ssl.crt;
ssl_certificate_key /etc/nginx/ssl/ssl.key;
access_log /var/www/mysite/mpa/storage/logs/nginx_access.log;
error_log /var/www/mysite/mpa/storage/logs/nginx_error.log;
root /var/www/mysite/mpa/public;
index index.php;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
charset utf-8;
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
# serve static files directly
location ~* \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
access_log off;
expires max;
log_not_found off;
}
# removes trailing slashes (prevents SEO duplicate content issues)
if (!-d $request_filename)
{
rewrite ^/(.+)/$ /$1 permanent;
}
# enforce NO www
if ($host ~* ^www\.(.*))
{
set $host_without_www $1;
rewrite ^/(.*)$ $scheme://$host_without_www/$1 permanent;
}
# unless the request is for a valid file (image, js, css, etc.), send to bootstrap
if (!-e $request_filename)
{
rewrite ^/(.*)$ /index.php?/$1 last;
break;
}
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri /index.php =404;
fastcgi_pass php-upstream;
fastcgi_index index.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fixes timeouts
fastcgi_read_timeout 600;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
This is the local environment.
I am using: laradock php 8
It is your rewrite ^/(.*)$ /index.php?/$1 last; rule adds an original URI as the first query argument. As rewrite directive documentation says:
If a replacement string includes the new request arguments, the previous request arguments are appended after them.
You can avoid adding an original URI as the first query argument specifically for the /email/verify/ route:
if (!-e $request_filename)
{
# do not append an original URI to this route
rewrite ^/email/verify/ /index.php last;
# but append it to everything else
rewrite ^/(.*)$ /index.php?/$1 last;
break;
}
On Apache we used to have a URL like MyUrl.com/UserId and in the root index.php code executed that got the request_uri that had the UserId. In Nginx instead it looks for a folder called UserId which doesn’t exist. How can I modify the Nginx config to still use the root index.php file instead of look for a non existent folder?
Here is my current nginx config:
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/MyUrl.com/before/*;
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name MyUrl.com;
root /home/forge/MyUrl.com;
rewrite_log on;
# FORGE SSL (DO NOT REMOVE!)
ssl_certificate /etc/nginx/ssl/MyUrl.com/766650/server.crt;
ssl_certificate_key /etc/nginx/ssl/MyUrl.com/766650/server.key;
ssl_protocols TLSv1.2;
ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_prefer_server_ciphers on;
ssl_dhparam /etc/nginx/dhparams.pem;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/MyUrl.com/server/*;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
access_log /var/log/nginx/MyUrl.com-access.log combined;
error_log /var/log/nginx/MyUrl.com-error.log error;
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_read_timeout 180;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
location /api/v1/ {
rewrite_log on;
index index.php;
fastcgi_index index.php;
error_page 405 =200 $uri;
if (!-e $request_filename){
rewrite /api/v1/(.*)$ /api/v1/api.php?request=$1 break;
}
}
client_max_body_size 128M;
}
# FORGE CONFIG (DO NOT REMOVE!)
include forge-conf/MyUrl.com/after/*;
Apache and Nginx use different configuration formats. You need to convert what is currently in your .htaccess file into a format that Nginx understands.
This is an example of an Apache .htaccess configuration:
Options +FollowSymLinks
RewriteEngine On
RewriteCond %{REQUEST_FILENAME} !-d
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^ index.php [L]
In Nginx it could look something like this:
location / {
try_files $uri $uri/ /index.php?$query_string;
}
Take a look at these questions for more details:
Converting .htaccess to nginx (mod_rewrite)
Convert htaccess to nginx rewrite
Also this tool might help with the conversion:
https://winginx.com/en/htaccess
I'm new at deploying, and basically this is the first time i get in touch with it. Short about application structure:
I have three parts:
api.app.dev/ - which is written in Lumen,
app.dev/backend/ - basic PHP middleware, used to keep API token and user data,
app.dev/ - which is front-end (JS).
I'm using nginx.
I spent so much time trying to set it up. The problem is that at app.dev/ i have /template folder where PHP templates are stored.
At app.dev/backend/ i have just one page which processing request
before it comes to API. How configuration should looks like?
I successfully configured API. Front-end works for now, but i can't test it.
But can't get back-end part working. There is current configuration:
app.dev/backend
server {
# Port that the web server will listen on.
listen 80;
# Host that will serve this project.
server_name hr.dev/backend;
# Useful logs for debug.
access_log /var/log/nginx/access-hr-backend.log main;
error_log /var/log/nginx/error-hr-backend.log;
rewrite_log on;
# The location of our projects public directory.
root /var/www/hr_app/git_repository/backend;
index page.php;
location / {
add_header Access-Control-Allow-Origin "http://hr.dev";
add_header Access-Control-Allow-Credentials true;
# URLs to attempt, including pretty ones.
try_files $uri/ /page.php?$query_string;
}
# Remove trailing slash to please routing system.
if (!-d $request_filename) {
rewrite ^/(.+)/$ /$1 permanent;
}
# PHP FPM configuration.
location ~* \.php$ {
add_header Access-Control-Allow-Origin "http://hr.dev";
add_header Access-Control-Allow-Credentials true;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
fastcgi_index page.php;
fastcgi_split_path_info ^(.+\.php)(.*)$;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# We don't need .ht files with nginx.
location ~ /\.ht {
deny all;
}
location ~ \.css {
add_header Content-Type text/css;
add_header Access-Control-Allow-Origin *;
}
location ~ \.js {
add_header Content-Type application/x-javascript;
add_header Access-Control-Allow-Origin *;
}
# Set header expirations on per-project basis
location ~* \.(?:ico|css|js|jpe?g|JPG|png|svg|woff)$ {
add_header Access-Control-Allow-Origin *;
expires 365d;
}
}
How do back-end part is accessed?
- It's accessed via front-end. AJAX request is sent to URL below.
When i try to access: app.dev/backend/?action=1123 i get 404 page not found.
On localhost everything works like charm. I develop with PHP internal server, and that was a BIG mistake!
Ok, i solved my problem by a lot of googling and trying. There are vhosts:
api.app.dev
server {
# Port that the web server will listen on.
listen 80;
# Host that will serve this project.
server_name api.app.dev;
# Useful logs for debug.
access_log /var/log/nginx/access-hr-api.log main;
error_log /var/log/nginx/error-hr-api.log;
rewrite_log on;
# The location of our projects public directory.
root /var/www/app/api/public;
# Point index to the Laravel front controller.
index index.php;
location / {
# URLs to attempt, including pretty ones.
add_header Access-Control-Allow-Origin *;
try_files $uri $uri/ /index.php?$query_string;
}
# Remove trailing slash to please routing system.
if (!-d $request_filename) {
rewrite ^/(.+)/$ /$1 permanent;
}
# PHP FPM configuration.
location ~* \.php$ {
add_header Access-Control-Allow-Origin *;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(.*)$;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# We don't need .ht files with nginx.
location ~ /\.ht {
deny all;
}
# Set header expirations on per-project basis
location ~* \.(?:ico|css|js|jpe?g|JPG|png|svg|woff)$ {
expires 365d;
}
}
app.dev/ ( && app.dev/backend/)
server {
# Port that the web server will listen on.
listen 80;
# Host that will serve this project.
server_name app.dev;
# Useful logs for debug.
root /var/www/app;
index index.html page.php;
access_log /var/log/nginx/access-hr.log main;
error_log /var/log/nginx/error-hr.log;
rewrite_log on;
location /backend {
add_header Test "location /backend ";
add_header Access-Control-Allow-Origin "http://hr.dev";
add_header Access-Control-Allow-Credentials true;
alias /var/www/app/backend;
# URLs to attempt, including pretty ones.
try_files $uri/ /page.php?$query_string;
}
location / {
add_header Test "location / in frontent";
add_header Test "location / in frontend vhost";
add_header Access-Control-Allow-Origin "app.dev";
add_header Access-Control-Allow-Credentials true;
root /var/www/app/frontend;
index index.html;
proxy_http_version 1.1;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection 'upgrade';
proxy_set_header Host $host;
proxy_cache_bypass $http_upgrade;
index index.html;
}
# Remove trailing slash to please routing system.
if (!-d $request_filename) {
rewrite ^/(.+)/$ /$1 permanent;
}
location /frontend/template {
alias /var/www/app/frontend;
}
# PHP FPM configuration.
location ~* \.php$ {
add_header Test "location php in backend ";
add_header Access-Control-Allow-Origin "http://app.dev";
add_header Access-Control-Allow-Credentials true;
fastcgi_pass unix:/var/run/php/php7.1-fpm.sock;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(.*)$;
include /etc/nginx/fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
# We don't need .ht files with nginx.
location ~ /\.ht {
add_header Test "location ht in backend ";
deny all;
}
location ~ \.css {
add_header Test "location css in hr.dev";
add_header Content-Type text/css;
add_header Access-Control-Allow-Origin *;
root /var/www/app/frontend;
}
location ~ securimage.js {
add_header Content-Type application/x-javascript;
root /var/www/app;
}
location ~ \.js {
add_header Test "location js in hr.dev";
add_header Content-Type application/x-javascript;
add_header Access-Control-Allow-Origin *;
root /var/www/app/frontend;
}
# Set header expirations on per-project basis
location ~* \.(?:ico|jpe?g|JPG|png|svg|woff)$ {
add_header Test "location ico,js,jpeg... in backend";
add_header Access-Control-Allow-Origin *;
expires 365d;
}
}
Im using nginx with a very simple configuration, it works for all php sites in the subdirs of /usr/share/nginx/www/.
But now id like to make a new project in a subdirectory with rewrite rules.
So i decide to make a .conf for this beside the default.
But the rewriting is not working cause of the error "rewrite or internal redirection cycle".
default
server {
listen 80 default_server;
# listen [::]:80 default_server ipv6only=on;
root /usr/share/nginx/www;
index index.php index.html index.htm;
# Make site accessible from http://localhost/
server_name localhost;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.html;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
location /doc/ {
alias /usr/share/doc/;
autoindex on;
allow 127.0.0.1;
allow ::1;
deny all;
}
location ~ \.php$ {
try_files $uri =404;
# fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
# With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# With php5-fpm:
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_intercept_errors on;
}
location ~ /\. {
access_log off;
log_not_found off;
deny all;
}
}
newproject.conf
# nginx configuration
autoindex off;
location /newproject/ {
if (!-e $request_filename) {
rewrite ^/newproject/(.+)$ /newproject/index.php?url=$1 break;
}
}
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ /index.html;
This part about fall back to 404 is wrong. Probably you have missed =404 here, which resulted in redirection cycle (it redirects to /index.html again and again).
Please note from the documentation:
If none of the files were found, an internal redirect to the uri specified in the last parameter is made.
I have a Problem with our Nginx configuration, We have Wordpress in our current root directory and i would like to setup owncloud on /owncloud by using a directory outside of our root. I have tried to setup an alias in nginx but i get an "access denied" from nginx or php i'am not sure.
My nginx config:
server {
listen 134.34.60.101:80; ## listen for ipv4; this line is default and implied
# listen [::]:80 default ipv6only=on; ## listen for ipv6
listen 134.34.60.101:443 default ssl;
server_name fachschaft.inf.uni-konstanz.de www.fachschaft.inf.uni-konstanz.de;
#root /usr/share/nginx/www;
root /srv/www/website/current;
index index.php;
# reroute to old svn for now - Sammy 2013-11-26
rewrite ^/svn/fachschaft(/.*)$ https://134.34.58.21/svn/fachschaft$1;
ssl_certificate ssl/chained-nginx.crt;
ssl_certificate_key ssl/key-no-pw.pem;
ssl_session_timeout 5m;
ssl_protocols SSLv3 TLSv1 TLSv1.1 TLSv1.2;
ssl_ciphers HIGH:!aNULL:!MD5;
ssl_prefer_server_ciphers on;
if ($ssl_protocol = "") {
rewrite ^ https://www.fachschaft.inf.uni-konstanz.de$request_uri? redirect;
}
#Owncloudsettings:
client_max_body_size 256M; # set max upload size
fastcgi_buffers 64 4K;
rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;
location = /favicon.ico {
log_not_found off;
access_log off;
}
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location / {
try_files $uri $uri/ /index.php?$args;
}
location /doc/ {
alias /usr/share/doc/;
autoindex on;
allow 127.0.0.1;
deny all;
}
location ~ /adminier {
# TODO find a better solution...
alias /srv/www/adminier/index.php;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location /owncloud {
alias /srv/www/owncloud;
try_files $uri $uri/ /index.php?$args;
# fastcgi_split_path_info ^(/owncloud/.+\.php)(/.+)$;
fastcgi_split_path_info ^/owncloud/(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
#Owncloud:
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;
location ~ ^/owncloud/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
#error_page 500 502 503 504 /50x.html;
#location = /50x.html {
# root /usr/share/nginx/www;
#}
# Roots Wordpress Theme Rewrites
# See http://roots.io/roots-101/
location ~ ^/assets/(img|js|css|fonts)/(.*)$ {
try_files $uri $uri/ /content/themes/fsinf-v2/assets/$1/$2;
}
location ~ ^/plugins/(.*)$ {
try_files $uri $uri/ /content/plugins/$1;
}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
#location ~ \.php$ {
#fastcgi_split_path_info ^(.+\.php)(/.+)$;
# NOTE: You should have "cgi.fix_pathinfo = 0;" in php.ini
# With php5-cgi alone:
# fastcgi_pass 127.0.0.1:9000;
# With php5-fpm:
#fastcgi_pass unix:/var/run/php5-fpm.sock;
#fastcgi_index index.php;
include fastcgi_params;
#}
location ~ ^(.+?\.php)(/.*)?$ {
try_files $1 = 404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$1;
fastcgi_param PATH_INFO $2;
fastcgi_param htaccessWorking true;
fastcgi_pass unix:/var/run/php5-fpm.sock;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
# location ~ /\.ht {
# deny all;
#}
location ~ ^/owncloud/(data|config|\.ht|db_structure\.xml|README) {
deny all;
}
}
Has anyone an idea how it will work?
1) First of all, check
fastcgi_split_path_info ^/owncloud/(.+\.php)(/.+)$;
I think You must use (.+?.php) here, ? will allow to correctly operate with *.php file as user data (I see You use it above). BTW, create info.php with
<?php
phpinfo();
?>
Upload it to You server and try download it from owncloud/remote.php/webdav/SOME_FOLDER/info.php, its must start downloading, not executing.
2) Make sure that fastcgi parameter PATH_INFO set correctly (using that info.php file), if not, try use
set $path_info $fastcgi_path_info;
fastcgi_param PATH_INFO $path_info;
Don't ask me why it's set in such odd way, there was a bug, I don't remember where I found this solution…
3) Why You are using fastcgi_split_path_info in location /owncloud? This location is not blocking further regex matches (use location ^~ … to avoid it), so php scripts won't get there, it will be matched in location ~ ^(.+?\.php)(/.*)?$ below, which, by the way, seems doesn't have fastcgi_split_path_info.
Can't say more, sorry, I just using owncloud for my home PC
PS) I recommend You use include directive to split one huge config in multiple small configs to increase readability …