Joshua Parker Ruehlig
Hall of Famer
- Joined
- Dec 5, 2011
- Messages
- 5,949
I have not tried personally. Something I would want to play with eventually though
-
Important Announcement for the TrueNAS Community.
The TrueNAS Community has now been moved. This forum has become READ-ONLY for historical purposes. Please feel free to join us on the new TrueNAS Community Forums
[How-To] ownCloud using NGINX, PHP-FPM, and MySQL
- Thread starter Joshua Parker Ruehlig
- Start date
Hi Joshua,
I went to the Nextcloud link you provided and noticed you are the one who contributed to its content. Very nice.
One question though, why is the nginx.conf content provided on this forum so much different than the one provided on the Nextcloud one?
I think I understand why everything is hosted on Freenas forum, but then would it make sense to include the link to the Nextcloud doc as well?
Joshua Parker Ruehlig
Hall of Famer
- Joined
- Dec 5, 2011
- Messages
- 5,949
I'm not sure what you mean by saying they are very different? The location blocks (PHP/JS/CSS) that matter should be identical. Alot of the extra SSL and unnecessary stuff I do not include here.
Understood.
I have commented out the line from the nginx.conf:
Code:
# add_header X-Frame-Options "SAMEORIGIN";
And restarted the services.
Nextcloud 12 is now reporting no issues.
Code:
Security & setup warnings It's important for the security and performance of your instance that everything is configured correctly. To help you with that we are doing some automatic checks. Please see the Tips & Ticks section and the documentation for more information. All checks passed.
I will run through another jail install and validate everything is going smoothly before I upgrade my current NC 11 setup.
Thanks for the help.
I was able to create a new jail and install NC12.
I did actually go through the migration (from an different dataset) from owncloud 9 through NC12 in increment across the major releases without issues.
The update from my current NC11 to NC12 was a bit more challenging because I tried to reinstall APCU as I thought it was outdated.
Other than that I am up and running.
Thanks.
I did actually go through the migration (from an different dataset) from owncloud 9 through NC12 in increment across the major releases without issues.
The update from my current NC11 to NC12 was a bit more challenging because I tried to reinstall APCU as I thought it was outdated.
Other than that I am up and running.
Thanks.
DigitalShadow
Dabbler
- Joined
- Apr 13, 2017
- Messages
- 24
I've followed the instructions and everything is where it should be, but I can't get the nginx.conf correct, so I am stuck with a 500 error.
Trying to install nextcloud 12
Please help, been at this for 6 hours now :(
Trying to install nextcloud 12
Please help, been at this for 6 hours now :(
DigitalShadow
Dabbler
- Joined
- Apr 13, 2017
- Messages
- 24
Used the nginx.conf from here and modified for my server, still getting the dreaded 500 error. I'm missing something obvious
Joshua Parker Ruehlig
Hall of Famer
- Joined
- Dec 5, 2011
- Messages
- 5,949
Can you post your modifications?
DigitalShadow
Dabbler
- Joined
- Apr 13, 2017
- Messages
- 24
I changed the server_name to the duckdns domain I am using. and changed the SSL cert to reflect that change as well
Joshua Parker Ruehlig
Hall of Famer
- Joined
- Dec 5, 2011
- Messages
- 5,949
are you still using the /owncloud webroot, or did you change that?
DigitalShadow
Dabbler
- Joined
- Apr 13, 2017
- Messages
- 24
I have checked the install path is where I expect it to be with
su -m www -c 'php /usr/local/www/nextcloud/occ status''
Everything reports ok, starting the four services also show no errors.
su -m www -c 'php /usr/local/www/nextcloud/occ status''
Everything reports ok, starting the four services also show no errors.
Joshua Parker Ruehlig
Hall of Famer
- Joined
- Dec 5, 2011
- Messages
- 5,949
if that is where you are hosting nextcloud, the nginx config I present needs to be adjusted more then what you said you changed.
DigitalShadow
Dabbler
- Joined
- Apr 13, 2017
- Messages
- 24
that was changed to /nextcloud
and in nginx.conf
root /usr/local/www/nextcloud/
and in nginx.conf
root /usr/local/www/nextcloud/
Joshua Parker Ruehlig
Hall of Famer
- Joined
- Dec 5, 2011
- Messages
- 5,949
if you changed the root, several of the location references would need to be changed as well.
You should post your nginx config so I can check it
DigitalShadow
Dabbler
- Joined
- Apr 13, 2017
- Messages
- 24
I really appreciate your help, i'm feeling such a failure right now.
During install all references were changed from owncloud to nextcloud
The nginx is identical to the one here, apart from i changed my server_name and SSL info
https://forums.freenas.org/index.php?goto/post&id=334519#post-334519
During install all references were changed from owncloud to nextcloud
The nginx is identical to the one here, apart from i changed my server_name and SSL info
https://forums.freenas.org/index.php?goto/post&id=334519#post-334519
DigitalShadow
Dabbler
- Joined
- Apr 13, 2017
- Messages
- 24
Services seem to start fine, files are where they should be.
root@cloud:/ # service nginx restart
Performing sanity check on nginx configuration:
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
Stopping nginx.
Waiting for PIDS: 6668.
Performing sanity check on nginx configuration:
nginx: the configuration file /usr/local/etc/nginx/nginx.conf syntax is ok
nginx: configuration file /usr/local/etc/nginx/nginx.conf test is successful
Starting nginx.
root@cloud:/ # service php-fpm restart
Performing sanity check on php-fpm configuration:
[07-Jun-2017 23:03:27] NOTICE: configuration file /usr/local/etc/php-fpm.conf test is successful
Stopping php_fpm.
Waiting for PIDS: 840.
Performing sanity check on php-fpm configuration:
[07-Jun-2017 23:03:27] NOTICE: configuration file /usr/local/etc/php-fpm.conf test is successful
Starting php_fpm.
root@cloud:/ # service mysql-server restart
Stopping mysql.
Waiting for PIDS: 7322.
Starting mysql.
root@cloud:/ # service redis restart
Stopping redis.
Waiting for PIDS: 7349.
Starting redis.
Joshua Parker Ruehlig
Hall of Famer
- Joined
- Dec 5, 2011
- Messages
- 5,949
If you want me to review it you need to post it.
Some things you can check
- does browing to http://JailIP/robots.txt work?
- does 'sockstat' show that php-fpm is listening at /var/run/php-fpm.sock
DigitalShadow
Dabbler
- Joined
- Apr 13, 2017
- Messages
- 24
robots.txt displayed correctly
sockstat shows for php-fpm
Will get the nginx.conf, one moment
sockstat shows for php-fpm
www php-fpm 7428 0 stream /var/run/php-fpm.sock
www php-fpm 7427 0 stream /var/run/php-fpm.sock
root php-fpm 7426 8 stream -> ??
root php-fpm 7426 10 stream -> ??
root php-fpm 7426 11 stream /var/run/php-fpm.sock
Will get the nginx.conf, one moment
DigitalShadow
Dabbler
- Joined
- Apr 13, 2017
- Messages
- 24
Code:
load_module /usr/local/libexec/nginx/ngx_mail_module.so;
load_module /usr/local/libexec/nginx/ngx_stream_module.so;
#user nobody;
worker_processes 2; ##TUNE TO CPUS YOU HAVE
# This default error log path is compiled-in to make sure configuration parsing errors are logged somewhere, especially
# during unattended boot when stderr isn't normally logged anywhere. This path will be touched on every nginx start
# regardless of error log location configured here. See https://trac.nginx.org/nginx/ticket/147 for more info.
#
error_log /var/log/nginx/error.log;
#
#pid logs/nginx.pid;
events {
worker_connections 1024;
}
http {
include mime.types;
default_type application/octet-stream;
#log_format main '$remote_addr - $remote_user [$time_local] "$request" '
# '$status $body_bytes_sent "$http_referer" '
# '"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log;
sendfile on;
#tcp_nopush on;
#keepalive_timeout 0;
keepalive_timeout 65;
#gzip on;
upstream php-handler {
#server 127.0.0.1:9000;
server unix:/var/run/php-fpm.sock;
}
server {
listen 80;
server_name *removed*.duckdns.org;
# enforce https
return 301 https://$server_name$request_uri;
}
# NGINX CAN USE HTTP/2 Protocol For Supported Browsers
server {
listen 443 ssl http2;
server_name *removed*.duckdns.org;
ssl_certificate /usr/local/etc/nginx/ssl/*removed*.duckdns.org.crt;
ssl_certificate_key /usr/local/etc/nginx/ssl/*removed*.duckdns.org.key;
# Add headers to serve security related headers Before enabling Strict-Transport-Security headers please read into
# this topic first. add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Path to the root of your installation
root /usr/local/www/nextcloud/;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
# The following 2 rules are only needed for the user_webfinger app. Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last; rewrite ^/.well-known/host-meta.json
#/public.php?service=host-meta-json
# last;
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
# set max upload size
client_max_body_size 512M;
fastcgi_buffers 64 4K;
# Disable gzip to avoid the removal of the ETag header
gzip off;
# Uncomment if your server is build with the ngx_pagespeed module This module is currently not supported. pagespeed
#off;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location / {
rewrite ^ /index.php$uri;
}
## THIS LOCATION BLOCK IS THROWING ERRORS - NEEDS REVIEW/EDITING
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location
^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/)
{
include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
#Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass php-handler;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js and css files Make sure it is BELOW the PHP block
location \.(?:css|js|woff|svg|gif)$ {
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=7200";
# Add headers to serve security related headers (It is intended to have those duplicated to the ones above)
# Before enabling Strict-Transport-Security headers please read into this topic first. add_header
# Strict-Transport-Security "max-age=15768000;
# includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Optional: Don't log access to assets
access_log off;
}
location \.(?:png|html|ttf|ico|jpg|jpeg)$ {
try_files $uri /index.php$uri$is_args$args;
# Optional: Don't log access to other assets
access_log off;
}
}
}
DigitalShadow
Dabbler
- Joined
- Apr 13, 2017
- Messages
- 24
I am trying to install version 12, I appreciate that nginx.conf was written with version 11 in mind. I tried to make my own, based on your links to the nextcloud site, but my attempts were a failure.
Related topics on forums.truenas.com for thread: "[How-To] ownCloud using NGINX, PHP-FPM, and MySQL"
Similar threads
- Locked
