I constantly get these errors, and there have been no problems. But now I have problems associated with these errors. I’ve tried a bunch of ways, but I can’t solve them.
PHP version 8.1
Engine version 26.0.6
I suspect that the configs may be incorrect (confused).
Config on the reverse proxy side:
server {
listen 443 ssl;
server_name ****.cloud;
server_name_in_redirect on;
location / {
proxy_pass http://192.168.0.101/; # ip виртуалки1
proxy_http_version 1.1;
proxy_cache_bypass $http_upgrade;
proxy_set_header Remote_User $ssl_client_s_dn;
proxy_set_header REMOTE_USER $remote_user;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection "upgrade";
proxy_set_header Host $host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-Host $host;
proxy_set_header X-Forwarded-Port $server_port;
proxy_connect_timeout ****;
proxy_send_timeout ****;
proxy_read_timeout ****;
send_timeout ****;
}
ssl_certificate /etc/letsencrypt/live/****.cloud/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/****.cloud/privkey.pem; # managed by Certbot
}
server {
if ($host = ****.cloud) {
return 301 https://$host$request_uri;
} # managed by Certbot
listen 80;
server_name ****.cloud;
return 404; # managed by Certbot
}
Server side config (sensetive data removed - *****):
upstream php-handler {
server unix:/var/run/php/php8.1-fpm.sock;
}
map $arg_v $asset_immutable {
"" "";
default "immutable";
}
server {
server_name ******.cloud;
root /var/www/nextcloud;
access_log /var/log/nginx/****.cloud.log;
error_log /var/log/nginx/****.cloud-error.log;
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
set_real_ip_from 192.168.0.102;
real_ip_header X-Real-IP;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location ^~ /.well-known {
# The following 6 rules are borrowed from `.htaccess`
rewrite ^/\.well-known/host-meta\.json /public.php?service=host-meta-json last;
rewrite ^/\.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/\.well-known/webfinger /public.php?service=webfinger last;
rewrite ^/\.well-known/nodeinfo /public.php?service=nodeinfo last;
location = /.well-known/carddav { return 301 https://$host/remote.php/dav/; }
location = /.well-known/caldav { return 301 https://$host/remote.php/dav/; }
location = /.well-known/webfinger { return 301 https://$host/remote.php/dav/; }
location = /.well-known/nodeinfo { return 301 https://$host/remote.php/dav/; }
try_files $uri $uri/ =404;
}
client_max_body_size *******;
fastcgi_buffers 64 4K;
gzip off;
location / {
rewrite ^ /index.php$uri;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^\/(?:index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|oc[ms]-provider\/.+)\.php(?:$|\/) {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param REMOTE_USER $remote_user;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_param PHP_VALUE "
opcache.enable_cli=1
opcache.interned_strings_buffer=*******
opcache.max_accelerated_files=******
opcache.memory_consumption=******
opcache.save_comments=1
opcache.revalidate_freq=1";
fastcgi_read_timeout *******;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
}
location ~ ^\/(?:updater|oc[ms]-provider)(?:$|\/) {
try_files $uri/ =404;
index index.php;
}
location ~ \.(?:css|js|woff2?|svg|gif|map)$ {
try_files $uri /index.php$request_uri;
add_header Cache-Control "public, max-age=15778463";
# Add headers to serve security related headers (It is intended to
# have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read into
# this topic first.
#add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload;";
#
# WARNING: Only add the preload option once you read about
# the consequences in https://hstspreload.org/. This option
# will add the domain to a hardcoded list that is shipped
# in all major browsers and getting removed from this list
# could take several months.
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
# Optional: Don't log access to assets
access_log off;
}
location ~* \.(?:png|html|ttf|ico|jpg|jpeg)$ {
try_files $uri /index.php$uri$is_args$args;
access_log off;
}
}
#server {
# listen 80;
# listen [::]:80;
# return 301 https://$server_name:443$request_uri;
# server_name ******.cloud;
#
# root /var/www/nextcloud/;
# index index.html;
#
# location / {
# try_files $uri $uri/ =404;
# }
#}
#server {
# if ($host = *****.cloud) {
# return 301 https://$host$request_uri;
# } # managed by Certbot
#
#
# listen 80;
# server_name ****.cloud;
# return 404; # managed by Certbot
#
#}