You are not logged in.
- Topics: Active | Unanswered
Pages: 1
#1 2019-08-18 10:22:28
- carletto86
- Member
- Registered: 2019-08-18
- Posts: 13
[SOLVED] Nextcloud + Nginx
Hi Everybody.
I'm really new in Arch. I'm trying to install Nextcloud with Nginx for the last 3 days but it doesn't work. I read the whole wiki from Arch and I set up the nginx.conf and the server block according to the guide.
These are the files
user http;
# May be equal to grep processor /proc/cpuinfo | wc -l
worker_processes auto;
worker_cpu_affinity auto;
# PCRE JIT can speed up processing of regular expressions significantly.
pcre_jit on;
events {
# Should be equal to ulimit -n
worker_connections 1024;
# Let each process accept multiple connections.
multi_accept on;
# Preferred connection method for newer linux versions.
use epoll;
}
http {
server_tokens off; # Disables the Server response header
charset utf-8;
# Sendfile copies data between one FD and other from within the kernel.
# More efficient than read() + write(), since the requires transferring
# data to and from the user space.
sendfile on;
# Tcp_nopush causes nginx to attempt to send its HTTP response head in one
# packet, instead of using partial frames. This is useful for prepending
# headers before calling sendfile, or for throughput optimization.
tcp_nopush on;
# Don't buffer data-sends (disable Nagle algorithm). Good for sending
# frequent small bursts of data in real time.
#
tcp_nodelay on;
# On Linux, AIO can be used starting from kernel version 2.6.22.
# It is necessary to enable directio, or otherwise reading will be blocking.
# aio threads;
# aio_write on;
# directio 8m;
# Caches information about open FDs, freqently accessed files.
# open_file_cache max=200000 inactive=20s;
# open_file_cache_valid 60s;
# open_file_cache_min_uses 2;
# open_file_cache_errors on;
# http://nginx.org/en/docs/hash.html
types_hash_max_size 4096; include mime.types;
default_type application/octet-stream;
# Logging Settings access_log off;
# Gzip Settings
gzip on;
gzip_comp_level 6;
gzip_min_length 500;
gzip_proxied expired no-cache no-store private auth;
gzip_vary on;
gzip_disable "MSIE [1-6]\.";
gzip_types
application/atom+xml
application/javascript
application/json
application/ld+json
application/manifest+json
application/rss+xml
application/vnd.geo+json
application/vnd.ms-fontobject
application/x-font-ttf
application/x-web-app-manifest+json
application/xhtml+xml
application/xml
font/opentype
image/bmp
image/svg+xml
image/x-icon
text/cache-manifest
text/css
text/plain
text/vcard
text/vnd.rim.location.xloc
text/vtt
text/x-component
text/x-cross-domain-policy;
# index index.php index.html index.htm;
include sites-enabled/*; # See Server blocks
ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
# Redirect to HTTPS
server {
listen 80;
server_name 10.0.0.18;
return 301 https://$host$request_uri;
}
server {
listen 80; # Uncomment to also listen for HTTP requests
listen 443 ssl http2; # HTTP/2 is only possible when using SSL
server_name 10.0.0.18;
ssl_certificate ssl/server.crt;
ssl_certificate_key ssl/server.key;
root /usr/share/nginx/html;
location / {
index index.html index.htm;
}
}
}and /etc/nginx/sites-available/nextcloud.conf:
upstream php-handler {
server unix:/run/php-fpm/php-fpm.sock;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name 10.0.0.18/nextcloud;
ssl_certificate /etc/nginx/ssl/server.crt;
ssl_certificate_key /etc/nginx/ssl/server.key;
# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;
# Path to the root of your installation
root /usr/share/webapps/nextcloud/;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location = /data/htaccesstest.txt {
allow all;
log_not_found off;
access_log off;
}
location = /favicon.ico {
return 204;
access_log off;
log_not_found off;
}
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
# The following rule is only needed for the Social app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/webfinger /public.php?service=webfinger last;
location = /.well-known/carddav {
return 301 $scheme://$host:$server_port/remote.php/dav;
}
# set max upload size
client_max_body_size 512M;
fastcgi_buffers 64 4K;
# Enable gzip but do not remove ETag headers
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-we>
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
location / {
rewrite ^ /index.php$request_uri;
}
location ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
deny all;
}
location ^\/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
# Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
# Enable pretty urls
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js, css and map files
# Make sure it is BELOW the PHP block
location \.(?:css|js|woff2?|svg|gif|map)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463";
# Add headers to serve security related headers (It is intended to
# have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read into
# this topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;
# Optional: Don't log access to assets
access_log off;
}
location \.(?:png|html|ttf|ico|jpg|jpeg)$ {
try_files $uri /index.php$request_uri;
# Optional: Don't log access to other assets
access_log off;
}
location ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
#Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location [^/]\.php(/|$) {
# Correctly handle request like /test.php/foo/blah.php or /test.php/
fastcgi_split_path_info ^(.+?\.php)(/.*)$;
try_files $uri $document_root$fastcgi_script_name =404;
# Mitigate https://httpoxy.org/ vulnerabilities
fastcgi_param HTTP_PROXY "";
fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}if I type the server ip in the browser I get the "welcome to nginx" but if I type ip/nextcloud I get "404 not found". I configured also PHP-FPM and I set up nextcloud's folder permission (user: http) according to the guide
Can anyone please help me?
Question No 2: I would like to use a ddns address. Is it enough to write it instead of my server ip in the server_name?
PS: this is the first post of my life and I hope I wrote it in the right way 
Thanks in advance
Last edited by carletto86 (2019-08-22 20:10:40)
Offline
#2 2019-08-18 12:20:09
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,182
Re: [SOLVED] Nextcloud + Nginx
https://wiki.archlinux.org/index.php/Ng … er_entries
DDNS depends on whether you've configured such service, but you should not open your server to the internet before you've ensured *locally* that all restrictions are in place and everything works fine.
Offline
#3 2019-08-18 16:09:54
- carletto86
- Member
- Registered: 2019-08-18
- Posts: 13
Re: [SOLVED] Nextcloud + Nginx
I already did everything from this link and it still doesn't work
Offline
#4 2019-08-18 16:12:55
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,182
Re: [SOLVED] Nextcloud + Nginx
You didn't mention that you symlink'd /etc/nginx/sites-available/nextcloud.conf to /etc/nginx/sites-enabled/nextcloud.conf - did you?
Offline
#5 2019-08-18 17:10:07
- carletto86
- Member
- Registered: 2019-08-18
- Posts: 13
Re: [SOLVED] Nextcloud + Nginx
Yes I also created the symlink. Which permission should have the file nextcloud.conf in sites-available? At the moment is root:root
Offline
#6 2019-08-18 19:17:32
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,182
Re: [SOLVED] Nextcloud + Nginx
nginx is configured to run as user "http", that user must (exist and) be able to read the file.
Please post the nginx log(s)
Offline
#7 2019-08-19 09:30:00
- carletto86
- Member
- Registered: 2019-08-18
- Posts: 13
Re: [SOLVED] Nextcloud + Nginx
I found the error_log and I think the error
2019/08/19 09:17:19 [error] 7699#7699: *2 open() "/usr/share/nginx/html/nextcloud" failed (2: No such file or directory),
But I can't find how I can correct it
Offline
#8 2019-08-19 10:53:34
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,182
Re: [SOLVED] Nextcloud + Nginx
Means that "root /usr/share/webapps/nextcloud/;" isn't accepted or shadowed by your nginx config…
Offline
#9 2019-08-19 12:35:57
- carletto86
- Member
- Registered: 2019-08-18
- Posts: 13
Re: [SOLVED] Nextcloud + Nginx
Now I get this new error
/08/19 12:27:12 [error] 2041#2041: *1 rewrite or internal redirection cycle while processing "/index.php/nextcloud", request: "GET /nextcloud HTTP/2.0",
Offline
#10 2019-08-19 12:43:05
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,182
Re: [SOLVED] Nextcloud + Nginx
We're not gonna play this.
Post the log.
Offline
#11 2019-08-19 13:26:12
- carletto86
- Member
- Registered: 2019-08-18
- Posts: 13
Re: [SOLVED] Nextcloud + Nginx
This is the log
2019/08/19 12:27:12 [error] 2041#2041: *1 rewrite or internal redirection
cycle while processing "/index.php/nextcloud", client: 89.144.209.41, serv
er: carletto86.ddns.net/nextcloud, request: "GET /nextcloud HTTP/2.0", hos
t: "carletto86.ddns.net"
2019/08/19 12:32:31 [error] 2041#2041: *2 rewrite or internal redirection
cycle while processing "/index.php/", client: 89.144.209.41, server: carle
tto86.ddns.net/nextcloud, request: "GET / HTTP/2.0", host: "carletto86.ddn
s.net"
2019/08/19 13:04:44 [notice] 2793#2793: using the "epoll" event method
2019/08/19 13:04:44 [notice] 2793#2793: nginx/1.17.3
2019/08/19 13:04:44 [notice] 2793#2793: OS: Linux 5.2.9-arch1-1-ARCH
2019/08/19 13:04:44 [notice] 2793#2793: getrlimit(RLIMIT_NOFILE): 1024:524
288
2019/08/19 13:04:44 [notice] 2794#2794: start worker processes
2019/08/19 13:04:44 [notice] 2794#2794: start worker process 2795
2019/08/19 13:04:44 [notice] 2794#2794: start worker process 2796
2019/08/19 13:04:44 [notice] 2795#2795: sched_setaffinity(): using cpu #0
2019/08/19 13:04:44 [notice] 2796#2796: sched_setaffinity(): using cpu #1
2019/08/19 13:04:53 [error] 2795#2795: *1 rewrite or internal redirection
cycle while processing "/index.php/", client: 89.144.209.41, server: carle
tto86.ddns.net/nextcloud, request: "GET / HTTP/2.0", host: "carletto86.ddn
s.net"
2019/08/19 13:05:03 [error] 2795#2795: *1 rewrite or internal redirection
cycle while processing "/index.php/nextcloud", client: 89.144.209.41, serv
er: carletto86.ddns.net/nextcloud, request: "GET /nextcloud HTTP/2.0", hos
t: "carletto86.ddns.net"
2019/08/19 13:05:06 [error] 2795#2795: *1 rewrite or internal redirection
cycle while processing "/index.php/nextxloud", client: 89.144.209.41, serv
er: carletto86.ddns.net/nextcloud, request: "GET /nextxloud HTTP/2.0", hos
t: "carletto86.ddns.net"
~
~
"/var/log/nginx/nginx_error.log" 14 lines, 1813 characters
Ps:i changed today the server.name in the nginx.conf and nextcloud.conf with ddns because I'm not at home
Offline
#12 2019-08-19 13:56:45
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,182
Re: [SOLVED] Nextcloud + Nginx
a) Please use code tags, not quote tags
b) nginx should be built debug enabled and we want to see *why* this happens:
(for log in /var/log/nginx/*; do print "\n=====\n$log\n--------\n"; cat "$log"; done) | curl -F 'f:1=<-' ix.ioOffline
#13 2019-08-19 14:58:21
- carletto86
- Member
- Registered: 2019-08-18
- Posts: 13
Re: [SOLVED] Nextcloud + Nginx
a) thank you, didn't know
b) I wrote the string in this way (I'm not that sure that's right) :
(for log in /var/log/nginx/nginx_error.log; do printf "\n=====\n$log\n--------\n"; cat "$log"; done) | curl -F 'f:1=<-' https://carletto86.ddns.net/nextcloudand this is the output:
<html>
<head><title>500 Internal Server Error</title></head>
<body>
<center><h1>500 Internal Server Error</h1></center>
<hr><center>nginx</center>
</body>
</html>Offline
#14 2019-08-19 15:12:05
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,182
Re: [SOLVED] Nextcloud + Nginx
ix.io is a pastebin service…
Offline
#15 2019-08-20 11:54:32
- carletto86
- Member
- Registered: 2019-08-18
- Posts: 13
Re: [SOLVED] Nextcloud + Nginx
I solved. I removed the server block from the /etc/nginx/nginx.conf. After that there were a problem in the /etc/nginx/sites-available/nextcloud.conf: he was always searching the index.php in the folder /usr/share/webapps/nextcloud/nextcloud instead of /usr/share/webapps/nextcloud. I downloaded a new conf file and now is working.
The .log file helped me a lot.
Should i write [SOLVED] on the topic?
Thank you very much for your help!
Offline
#16 2019-08-20 14:52:17
- seth
- Member
- Registered: 2012-09-03
- Posts: 51,182
Re: [SOLVED] Nextcloud + Nginx
Yes, please always remember to mark resolved threads by editing your initial posts subject - so others will know that there's no task left, but maybe a solution to find.
Thanks.
Offline
Pages: 1