Skip to content

Instantly share code, notes, and snippets.

@jerome-diver

jerome-diver/config.php

Created December 28, 2018 16:49
Show Gist options
  • Save jerome-diver/abd31f236f0617325589fb1e7eb0f774 to your computer and use it in GitHub Desktop.
Save jerome-diver/abd31f236f0617325589fb1e7eb0f774 to your computer and use it in GitHub Desktop.
Download ZIP
nginx-passenger with nextcloud-14 (nextcloud faile to print app/files after login with a loop)
Raw
config.php
<?php
$CONFIG = array (
'instanceid' => '[private]',
'passwordsalt' => '[private]',
'secret' => '[private]',
'trusted_domains' =>
array (
0 => 'cloud.my_domain.tk',
),
'datadirectory' => '/usr/local/www/nextcloud/data',
'dbtype' => 'pgsql',
'version' => '14.0.4.2',
'overwrite.cli.url' => 'https://cloud.my_domain.tk',
'dbname' => 'nextcloud',
'dbpassword' => '[private]',
'dbhost' => 'localhost',
'dbport' => '5432',
'dbtableprefix' => 'oc_',
'dbuser' => 'nextcloud',
'installed' => true,
'loglevel' => "0",
);
Raw
nextcloud-http.conf
# NEXTCLOUD SERVER REDIRECTION TO SSL
server {
listen 80;
listen [::]:80;
server_name cloud.my_domain.tk
#root /usr/local/www/nextcloud/;
include letsencrypt.conf;
return 301 https://$server_name$request_uri;
}
Raw
nextcloud-https.conf
# NEXTCLOUD HTTPS SERVER (SSL)
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name cloud.my_domain.tk;
root /usr/local/www/nextcloud/;
#charset utf8;
include ssl.conf;
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
add_header Referrer-Policy no-referrer;
fastcgi_hide_header X-Powered-By;
client_max_body_size 512M;
fastcgi_buffers 64 4K;
gzip on;
gzip_vary on;
gzip_comp_level 4;
gzip_min_length 256;
gzip_proxied expired no-cache no-store private no_last_modified no_etag auth;
gzip_types application/atom+xml application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy;
#pagespeed off;
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
location / {
rewrite ^ /index.php$request_uri;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+)\.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS on;
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass php-handler; #127.0.0.1:9000;
fastcgi_intercept_errors on;
fastcgi_request_buffering off;
}
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
try_files $uri/ =404;
index index.php;
}
location ~ \.(?:css|js|woff|svg|gif)$ {
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=15778463";
#add_header Strict-Transport-Security "max-age=15552000; includeSubdomains";
add_header X-Content-Type-Options nosniff;
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
access_log off;
}
location ~ \.(?:png|html|ttf|ico|jpg|jpeg)$ {
try_files $uri /index.php$request_uri;
access_log off;
}
}
Raw
nextcloud-server.conf
# HTTP NEXTCLOUD SERVER (Wil redirect to HTTPS)
include nextcloud-http.conf
# HTTPS NEXTCLOUD SERVER (SSL)
include nextcloud-https.conf
Raw
nginx.conf
nginx.conf
user www;
worker_processes 4;
error_log /var/log/nginx/error.log crit;
pid /var/run/nginx.pid;
load_module "/usr/local/libexec/nginx/ngx_http_passenger_module.so";
events { worker_connections 1024; }
http {
include mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" ';
sendfile on;
tcp_nopush on;
keepalive_timeout 65;
include php-handler.conf; # PHP-HANDLER
include passenger.conf; # MON_SITE SERVER
#include mon_site-server.conf; # Web site SERVER
#include postfix_admin-server.conf; # POSTFIX SERVER
include nextcloud-server.conf; # NEXCLOUD SERVER
}
Raw
php-handler.conf
upstream php-handler { server 127.0.0.1:9000; }
@jerome-diver
Copy link
Author

jerome-diver commented Dec 28, 2018
edited
Loading

When i access my server from web browser (firefox or chrome or midori or qutebrowser the same...), i get the login page, then i log in (as admin)... and the application Nextcloud redirect to app/files but this break with message "The page isn’t redirecting properly".
When i'm going to have a look on development web browser tools, i can see many redirection and it is the web browser who stop this infinite loop.

  • I tryed to remove nextcloud-http.conf (and comment link), then restart nginx... same problem.

  • The redirection is working fine from http to https (nginx do the job well).

  • Error logs Nginx side is clean

  • Error log passenger side is fine

  • Error log Nextcloud side is empty (loglevel 3 the same)

And it is a fresh install of nextcloud-14..0.4.2 on FreeBSD-11.2 server is Nginx with passenger... it did works when Nextcloud was version 12...)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment