Nexcloud + nginx

Hello, I will briefly explain to you what problems I am having and what I have done. I have ubuntu server with apache and nexcloud which works, however I wanted to switch to ngenix.
Problem
If I point to the nexcloud folder without https I get the error 404 Not Found if instead I point with http asking me where to save the index.pxp file
The welcome message works with both protocols and the php info file is seen.
I also have the aria2c webgui located on / var / www / aria2c
here is some output
automatic translation from Italian

manuel@ubuntu-server:~$ grep “date.timezone” /etc/php/7.2/cli/php.ini
; http://php.net/date.timezone
date.timezone = “Italy/Rome”
manuel@ubuntu-server:~$ grep “cgi.fix_pathinfo=0” /etc/php/7.2/cli/php.ini
cgi.fix_pathinfo=0
manuel@ubuntu-server:~$ grep “date.timezone” /etc/php/7.2/fpm/php.ini
; http://php.net/date.timezone
date.timezone = “Italy/Rome”
manuel@ubuntu-server:~$ grep “cgi.fix_pathinfo=0” /etc/php/7.2/fpm/php.ini
cgi.fix_pathinfo=0

manuel@ubuntu-server:~$ grep “env” /etc/php/7.2/fpm/pool.d/www.conf
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp

manuel@ubuntu-server:~$ ls -al /var/www
totale 20
drwxr-xr-x 5 root root 4096 set 14 2019 .
drwxr-xr-x 14 root root 4096 nov 16 09:19 …
drwxr-xr-x 7 www www 4096 set 29 12:43 aria2c
drwxr-xr-x 2 root root 4096 mar 22 13:05 html
drwxr-xr-x 14 www-data www-data 4096 mar 21 15:04 nextcloud

Stato del service php7.2-fpm

manuel@ubuntu-server:~$ sudo systemctl status php7.2-fpm
● php7.2-fpm.service - The PHP 7.2 FastCGI Process Manager
Loaded: loaded (/lib/systemd/system/php7.2-fpm.service; enabled; vendor preset: enabled)
Active: active (running) since Sun 2020-03-22 13:52:25 CET; 3h 53min ago
Docs: man:php-fpm7.2(8)
Main PID: 2814 (php-fpm7.2)
Status: “Processes active: 0, idle: 2, Requests: 4, slow: 0, Traffic: 0req/sec”
Tasks: 3 (limit: 2092)
CGroup: /system.slice/php7.2-fpm.service
├─2814 php-fpm: master process (/etc/php/7.2/fpm/php-fpm.conf)
├─2834 php-fpm: pool www
└─2837 php-fpm: pool www

mar 22 13:52:25 ubuntu-server systemd[1]: Starting The PHP 7.2 FastCGI Process Manager…
mar 22 13:52:25 ubuntu-server systemd[1]: Started The PHP 7.2 FastCGI Process Manager.

File di configurazione nextcloud.conf

manuel@ubuntu-server:~$ sudo cat /etc/nginx/sites-available/nextcloud.conf
upstream php-handler {
server 127.0.0.1:9000;
#server unix:/var/run/php/php7.2-fpm.sock;
}

server {
listen 80;
listen [::]:80;
server_name 192.168.1.11;
# enforce https
return 301 https://$server_name:443$request_uri;
}

server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name 192.168.1.11;

# Use Mozilla's guidelines for SSL/TLS settings
# https://mozilla.github.io/server-side-tls/ssl-config-generator/
# NOTE: some settings below might be redundant
ssl_certificate /etc/nginx/ssl/certificate.crt;
ssl_certificate_key /etc/nginx/ssl/key.key;

# Add headers to serve security related headers
# Before enabling Strict-Transport-Security headers please read into this
# topic first.
#add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header Referrer-Policy "no-referrer" always;
add_header X-Content-Type-Options "nosniff" always;
add_header X-Download-Options "noopen" always;
add_header X-Frame-Options "SAMEORIGIN" always;
add_header X-Permitted-Cross-Domain-Policies "none" always;
add_header X-Robots-Tag "none" always;
add_header X-XSS-Protection "1; mode=block" always;

# Remove X-Powered-By, which is an information leak
fastcgi_hide_header X-Powered-By;

# Path to the root of your installation
root /var/www;

location = /robots.txt {
    allow all;
    log_not_found off;
    access_log off;
}

# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /nextcloud/public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /nextcloud/public.php?service=host-meta-json last;

# The following rule is only needed for the Social app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/webfinger /nextcloud/public.php?service=webfinger last;

location = /.well-known/carddav {
  return 301 $scheme://$host:$server_port/nextcloud/remote.php/dav;
}
location = /.well-known/caldav {
  return 301 $scheme://$host:$server_port/nextcloud/remote.php/dav;
}

location /.well-known/acme-challenge { }

location ^~ /nextcloud {

    # set max upload size
    client_max_body_size 512M;
    fastcgi_buffers 64 4K;

    # Enable gzip but do not remove ETag headers
    gzip on;
    gzip_vary on;
    gzip_comp_level 4;
    gzip_min_length 256;
    gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
    gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;

    # Uncomment if your server is build with the ngx_pagespeed module
    # This module is currently not supported.
    #pagespeed off;

    location /nextcloud {
        rewrite ^ /nextcloud/index.php;
    }

    location ~ ^\/nextcloud\/(?:build|tests|config|lib|3rdparty|templates|data)\/ {
        deny all;
    }
    location ~ ^\/nextcloud\/(?:\.|autotest|occ|issue|indie|db_|console) {
        deny all;
    }

    location ~ ^\/nextcloud\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
        fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
        set $path_info $fastcgi_path_info;
        try_files $fastcgi_script_name =404;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $path_info;
        fastcgi_param HTTPS on;
        # Avoid sending the security headers twice
        fastcgi_param modHeadersAvailable true;
        # Enable pretty urls
        fastcgi_param front_controller_active true;
        fastcgi_pass php-handler;
        fastcgi_intercept_errors on;
        fastcgi_request_buffering off;
    }

    location ~ ^\/nextcloud\/(?:updater|oc[ms]-provider)(?:$|\/) {
        try_files $uri/ =404;
        index index.php;
    }

    # Adding the cache control header for js, css and map files
    # Make sure it is BELOW the PHP block
    location ~ ^\/nextcloud\/.+[^\/]\.(?:css|js|woff2?|svg|gif|map)$ {
        try_files $uri /nextcloud/index.php$request_uri;
        add_header Cache-Control "public, max-age=15778463";
        # Add headers to serve security related headers  (It is intended
        # to have those duplicated to the ones above)
        # Before enabling Strict-Transport-Security headers please read
        # into this topic first.
        #add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;" always;
        #
        # WARNING: Only add the preload option once you read about
        # the consequences in https://hstspreload.org/. This option
        # will add the domain to a hardcoded list that is shipped
        # in all major browsers and getting removed from this list
        # could take several months.
        add_header Referrer-Policy "no-referrer" always;
        add_header X-Content-Type-Options "nosniff" always;
        add_header X-Download-Options "noopen" always;
        add_header X-Frame-Options "SAMEORIGIN" always;
        add_header X-Permitted-Cross-Domain-Policies "none" always;
        add_header X-Robots-Tag "none" always;
        add_header X-XSS-Protection "1; mode=block" always;

        # Optional: Don't log access to assets
        access_log off;
    }

    location ~ ^\/nextcloud\/.+[^\/]\.(?:png|html|ttf|ico|jpg|jpeg|bcmap)$ {
        try_files $uri /nextcloud/index.php$request_uri;
        # Optional: Don't log access to other assets
        access_log off;
    }
}

}

This is probably the best guide to Nextclod+NGINX instaqllation
https://www.c-rieger.de/nextcloud-installationsanleitung/

thanks for the tip I followed the guide but the problem remains! say it’s possible that the apache installation will conflict even if the service is logically down!

You’re trying to migrate your nextcloud from apache to nginx on the same server, is that right?

Yes that’s what I’m trying to do …

It seems that the connection between nginx and php-fpm is not configured properly. The link to your php7.2-fpm socket is missing in your configuration. But on the other hand, I somehow don’t understand your host configuration.

I run this setup myself on my server and I have one “general” configuration for the gateway host that handles all incoming connections and routes them to other virtual hosts (nextcloud, wordpress, etc.).

It seems you have one file for all, is that right?

Even if you use only one vhost configuration, your configuration is not complete because it’s missing the path to php-fpm. This is why your php files are not executed but downloaded.

I use a conf file in the avaible folder for each folder present on var / www / … but the dive path is the php-fpm folder where I have to put it :thinking:. I am not very practical of web servers …

In your file /etc/php/7.2/fpm/pool.d/www.conf, do you have enabled :

listen = /run/php/php7.2-fpm.sock

or

listen = 127.0.0.1:9000

?

Your upstream php-handler is server 127.0.0.1:9000;
So you have to enable it there as well, and not the socket.

on the www.conf file the line listen = /run/php/php7.2-fpm.sock is unconfirmed

(Attachment pEpkey.asc is missing)

Try changing it to “listen = 127.0.0.1:9000” to match the upstream php-handler in your nginx host configuration.

i tried it doesn’t work too. but I don’t explain if there was a problem in the general PHP configuration why does the phpinfo page on / var / www / HTML work?

(Attachment pEpkey.asc is missing)

Screen Shot 03-28-20 at 12.54 PM

if i try to start the web installer put on var/wwww/htm it seems to work!! but why then doesn’t nextcloud work? :weary: :weary: