I corrected the article now regarding SCRIPTFILENAME vs. SCRIPT_FILENAME and PATHINFO vs. PATH_INFO. Also I pinned it globally.
1 Like
Oh - you can edit the first post? Could you please also add what Meiros posted?
The was another change in the nginx-config, which didnāt make it in the initial post. It would be great, if you could add that as well, since many people might not notice the other change.
1 Like
I actually didnāt want to mess with the official post, but I think you are right. If users already modify their config, it should be done right.
So @all please, check your config again, there has been a little change in the first post!
2 Likes
i see two added lines:
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
Edit: Oh, Bernie_O already mentioned that in the post above. My bad
@Schmu Please also update the official blog post. Having two different versions might be a bit confusing.
@jospoortvliet
1 Like
Sorry, Iām not an official and donāt have access to the blog.
I only jumped in to help forum users to directly pick the latest config changes. We have to wait for @system to do so.
1 Like
Please remove the typo ^^
$try_files
->
try_files
3 Likes
Iām running Nginx on a raspberry pi as a reverse proxy. And on another raspberry pi NextcloudPi. Would it effect me as well?
Asking because i donāt even have ā rewrite ^ /index.php$request_uri ā under locationā¦
same here, do i need to update the php version running nextcloud on snap? if yes then how do i do that?
no
Updated nginx to mainline, php to 7.3, and nextcloud to 17. Running on Ubuntu 19.10, and I added the nginx hardened configā¦
I got a whitescreen of death now, cannot access nextcloud.
Is it related to this?
Yep, that warning is real.
White screen went away, it seems OP needs to be updated.
Thereās one new line in the docs, which is not included in the op.
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
fastcgi_split_path_info ^(.+?\.php)(\/.*|)$;
set $path_info $fastcgi_path_info;
try_files $fastcgi_script_name =404;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $path_info;
fastcgi_param HTTPS on;
# Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
# Enable pretty urls
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
Added set $path_info $fastcgi_path_info;
If you edited or will edit, itās good to look the example in the docs.
1 Like
Dumb question:
I donĀ“t have
location / {
rewrite ^ /index.php$request_uri;
}
But I have
location / {
try_files $uri $uri/ index.php;
}
Is this part doing the same stuff, just with other words? If I just add the
location / {
rewrite ^ /index.php;
}
section the ānginx configtestā fails. PHP by the way not updated yet cause latest Raspbian sources are not containing it yet 
Similar to you I have:
location / {
rewrite ^ /index.php$uri;
}
Do I need to change this?
Thank you, i had this error:
$ sudo nginx -t
nginx: [emerg] unknown directive "$try_files" in /etc/nginx/conf.d/nextcloud.conf:107
nginx: configuration file /etc/nginx/nginx.conf test failed
For others searching for the correct (and updated) documentation:
https://docs.nextcloud.com/server/17/admin_manual/installation/nginx.html
The examples under docker repo are still not updated. So use the documentation to update the nginx configs.
For those working with nginx as reverse proxy to a docker container, or any other configuration where local files at nginx proxy do not match to path at fastcgi server.
You would need to edit SCRIPT_FILENAME to match against the path inside the fastcgi server. An example in case of the official fpm docker container:
fastcgi_param SCRIPT_FILENAME /var/www/html$fastcgi_script_name;
My config was a bit different, but also needed patching anyways.
I made a backup of the old config and just replaced everything with the new one.
Just needed to adjust server_name , root , ssl_certificate and ssl_certificate_key, as advised on the documentation. Quick and easy.
As many have mentioned, the patched PHP version was not available for me until yesterday. It is available now though (I am using Suryās repos on Debian 9, with php 7.3).
Gotta thank Sury for how fast he made that available!
Cheers!
Gus