[solved] Nginx/php-fpm not rendering php for install

Running archlinuxarm on an rpi3 with nginx 1.15.8, php-fpm 7.3.0 and postgres 11.1

Not using the arch package for nextcloud but the downloaded zip of 15.0.0

My nginx.conf is:

user http;
worker_processes auto;
worker_cpu_affinity auto;
pcre_jit on;
events {
    worker_connections 2048;
}
http {
    ssl_ciphers "EECDH+AESGCM:EDH+AESGCM:AES256+EECDH:AES256+EDH";
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    include mime.types;
    proxy_buffers 16 16k;
    proxy_buffer_size 16k;
    default_type application/octet-stream;
    sendfile on;
    tcp_nopush on;
    aio threads;
    server_tokens off; # Security: Disables nginx version in error messages and in the “Server” response header field.
    charset utf-8; # Force usage of UTF-8
    index index.php index.html;
    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                               '$status $body_bytes_sent "$http_referer" '
                               '"$http_user_agent" "$http_x_forwarded_for"';
    include sites-enabled/*.conf;
}

In sites-enabled I have two .conf files… www.rpi3.lan and nextcloud.rpi3.lan. I only need this on my LAN so dnsmasq is doing the DNS stuff.

The rpi3 one renders php scripts as expected (although I’ve only tested with a phpinfo() call.) That one looks like this:

upstream php-handler-www {
        server unix:/run/php-fpm/php-fpm.sock;
}
server {
        listen 80;
        server_name www.rpi3.lan;
        return 301 https://$host$request_uri;
}
server {
        listen 443 ssl http2;
        server_name www.rpi3.lan;
        ssl_certificate ssl/server.crt;
        ssl_certificate_key ssl/server.key;
        root /usr/share/nginx/www.rpi3.lan/html;
        access_log /etc/nginx/logs/www.rpi3.lan_access.log;
        error_log  /etc/nginx/logs/www.rpi3.lan_error.log info;
        location ~ \.(php|html)$ {
                try_files $uri $document_root$fastcgi_script_name =404;
                #fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
                fastcgi_pass php-handler-www;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi.conf;

                # prevention for httpoxy vulnerability: https://httpoxy.org/
                fastcgi_param HTTP_PROXY "";
        }
}

The nextcloud one I took from here ( https://docs.nextcloud.com/server/15/admin_manual/installation/nginx.html ) - I used the first example and the only changes I made are below (my one on the right)

 server 127.0.0.1:9000;                                    |     #server 127.0.0.1:9000;
 #server unix:/var/run/php/php7.0-fpm.sock;                |     server unix:/run/php-fpm/php-fpm.sock;
 server_name cloud.example.com;                            |     server_name nextcloud.rpi3.lan;
 server_name cloud.example.com;                            |     server_name nextcloud.rpi3.lan;
 ssl_certificate /etc/ssl/nginx/cloud.example.com.crt;     |     ssl_certificate /etc/nginx/ssl/server.crt;
 ssl_certificate_key /etc/ssl/nginx/cloud.example.com.key; |     ssl_certificate_key /etc/nginx/ssl/server.key;
 root /var/www/nextcloud/;                                 |     root /usr/share/nginx/nextcloud.rpi3.lan/nextcloud/;

My socket looks good and like I said, it works for the other virtual host served by nginx

[root@rpi3 sites-available]# ls -l /run/php-fpm/php-fpm.sock
srw-rw-rw- 1 http http 0 Dec 31 00:01 /run/php-fpm/php-fpm.sock

What am I missing? When I hit http://nextcloud.rpi3.lan it redirects to https and then tries to download the index.php file rather than processing it

Try adding this block from your rpi3.lan:

        location ~ \.(php|html)$ {
                try_files $uri $document_root$fastcgi_script_name =404;
                fastcgi_pass unix:/run/php-fpm/php-fpm.sock;
                fastcgi_pass php-handler-www;
                fastcgi_index index.php;
                fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                include fastcgi.conf;

                # prevention for httpoxy vulnerability: https://httpoxy.org/
                fastcgi_param HTTP_PROXY "";
        }

Yep - that did it! Thanks. Although now I have a 504 timeout after hitting ‘finish setup’ but I can start a new thread if I make no progress on that.

Just one small point, but that block as posted needs one of those fastcgi_pass statements commented out. It’s only there because I wanted to make sure it worked both both ways

Thanks again

edit - all is good. I guess the web-based installer just took a little long to get a response. I can log in with no issues now though