DaemonForums  

Go Back   DaemonForums > OpenBSD > OpenBSD Packages and Ports

OpenBSD Packages and Ports Installation and upgrading of packages and ports on OpenBSD.

Reply
 
Thread Tools Display Modes
  #1   (View Single Post)  
Old 27th February 2018
toprank toprank is offline
Fdisk Soldier
 
Join Date: Feb 2018
Posts: 52
Default www/nextcloud and httpd.conf subdomain config

I'm overlooking something that has my httpd server serving nextcloud as the domain's root rather than the created cloud.domain.tld subdomain, and would like a fresh set of eyes to please point out my errors.

/etc/httpd.conf is very basic:

Code:
server "default" {
        listen on * port 80

        location "/.well-known/acme-challenge/*" {
                root "/htdocs/acme"
                root strip 2
        }
}

server "cloud.domain.tld" {
        listen on * tls port 443
        root "/nextcloud/"
        directory index index.php
        tls {
                key "/etc/ssl/private/domain.tld.key"
                certificate "/etc/ssl/domain.tld.fullchain.pem"
        }
        hsts

        # This defines the maximum request size in bytes
        connection max request body 5000000000

        location "/db_structure.xml" { block }
        location "/.ht*"             { block }
        location "/README"           { block }
        location "/data*"            { block }
        location "/config*"          { block }

        location "/*.php*" {
                fastcgi socket "/run/php-fpm.sock"
        }
}

And the httpd chroot:

Code:
# pwd
/var/www
# ls -al
total 60
drwxr-xr-x  15 root  daemon   512 Feb 27 13:18 .
drwxr-xr-x  24 root  wheel    512 Feb 27 01:53 ..
drwxr-xr-x   2 root  daemon   512 Oct  4 12:42 acme
drwxr-xr-x   2 root  daemon   512 Feb 27 12:28 bin
drwx-----T   2 www   daemon   512 Oct  4 12:42 cache
drwxr-xr-x   2 root  daemon   512 Feb 23 23:52 cgi-bin
drwxr-xr-x   3 root  daemon   512 Feb 27 12:28 conf
drwxr-xr-x   2 root  daemon   512 Feb 27 02:34 etc
drwxr-xr-x   5 root  daemon   512 Feb 27 12:25 htdocs
drwxr-xr-x   2 root  daemon   512 Feb 25 00:00 logs
drwxr-xr-x  15 root  daemon  1024 Feb 27 13:16 nextcloud
drwxr-xr-x   2 root  daemon   512 Feb 27 13:27 run
drwx-----T   2 www   www     2048 Feb 27 15:51 tmp
drwxr-xr-x   4 root  daemon   512 Feb 27 12:30 usr
drwxr-xr-x   3 root  daemon   512 Feb 27 02:26 var
# ls -al htdocs/                                                                                                                                                                            
total 28
drwxr-xr-x   4 root  daemon  512 Feb 27 16:06 .
drwxr-xr-x  15 root  daemon  512 Feb 27 13:18 ..
drwxr-xr-x   2 www   www     512 Feb 23 22:42 acme
drwxr-xr-x   2 root  wheel   512 Oct  4 17:12 bgplg
-rw-r--r--   1 www   www     923 Feb 24 01:15 index.html
-rw-r--r--   1 root  daemon  114 Feb 23 23:10 index.php
-rw-r--r--   1 root  daemon   69 Feb 27 02:18 info.php
The tail of httpd's /var/www/logs/access.log while accessing cloud.domain.tld shows no activity. Whereas the output when accessing domain.tld is active:

Code:
cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:47 +1100] "GET / HTTP/1.1" 302 0
cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:47 +1100] "GET /index.php/apps/files/ HTTP/1.1" 200 0
cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:47 +1100] "GET /index.php/core/js/oc.js?v=fc042ba824ff4166163bc855df2375bd HTTP/1.1" 200 0
cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:48 +1100] "GET /cron.php HTTP/1.1" 200 0
cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:48 +1100] "GET /index.php/apps/gallery/config?extramediatypes=1 HTTP/1.1" 200 0
cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:48 +1100] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 200 0
cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:48 +1100] "PROPFIND /remote.php/webdav/ HTTP/1.1" 207 0
cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:48 +1100] "GET /index.php/apps/systemtags/lastused HTTP/1.1" 200 0
cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:48 +1100] "GET /index.php/apps/files/ajax/getstoragestats.php?dir=%252F HTTP/1.1" 200 0
There are no outputs to /var/www/logs/error.log when accessing either URL. Although there is a lone PHP error that is unrelated to this issue:

Code:
PHP message: PHP Fatal error:  session_start(): Failed to create session ID: files (path: ) in /nextcloud/lib/private/Session/Internal.php on line 174
Any help would be much appreciated. Please advise if further information is needed. Thanks!
Reply With Quote
  #2   (View Single Post)  
Old 27th February 2018
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,220
Default

Your configuration is not so basic, but I do see you are directing the root to "/nextcloud/" directory. "/htdocs" is the defaullt, which you overrode. Remove the root directive if you want to use /htdocs instead.
Reply With Quote
  #3   (View Single Post)  
Old 27th February 2018
toprank toprank is offline
Fdisk Soldier
 
Join Date: Feb 2018
Posts: 52
Default

Thanks, jggimi.

I do, however, want the root of cloud.domain.tld to be /var/www/nextcloud; not domain.tld, though. But the behaviour this current configuration shows is /var/www/nextcloud being served for domain.tld requests while cloud.domain.tld requests are not being received by the httpd server at all.
Reply With Quote
  #4   (View Single Post)  
Old 27th February 2018
toprank toprank is offline
Fdisk Soldier
 
Join Date: Feb 2018
Posts: 52
Default

Rather than:

Code:
        root "/nextcloud/"
Should I change it to:

Code:
        location "/" {
        root "/nextcloud/"
}
Reply With Quote
  #5   (View Single Post)  
Old 27th February 2018
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,220
Default

Thanks for the clarification. I believe your issue is you only have a single server defined, so it is the default server and will respond to all requests. See the man page, in the EXAMPLES section, beginning with "Multiple servers can be configured to support hosting of different domains."
Reply With Quote
  #6   (View Single Post)  
Old 27th February 2018
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,220
Default

Oh, and if the server isn't receiving requests for cloud.domain.tld, then perhaps that doesn't resolve to your server's address?
Reply With Quote
  #7   (View Single Post)  
Old 27th February 2018
toprank toprank is offline
Fdisk Soldier
 
Join Date: Feb 2018
Posts: 52
Default

Thanks for the pointer.

As far as I can tell, the following configuration should serve /var/www/htdcos for domain.tld requests, and should serve /var/www/nextcloud for cloud.domain.tld requests:

Code:
server "domain.tld" {
        alias "www.domain.tld"
        listen on * port 80
        listen on * tls port 443

        tls {
                key "/etc/ssl/private/domain.tld.key"
                certificate "/etc/ssl/domain.tld.fullchain.pem"
        }

        location "/.well-known/acme-challenge/*" {
                root "/htdocs/acme"
                root strip 2
        }
}

server "cloud.domain.tld" {
        listen on * tls port 443
        root "/nextcloud"
        directory index index.php
        tls {
                key "/etc/ssl/private/domain.tld.key"
                certificate "/etc/ssl/domain.tld.fullchain.pem"
        }
        hsts

        # This defines the maximum request size in bytes
        connection max request body 5000000000

        location "/db_structure.xml" { block }
        location "/.ht*"             { block }
        location "/README"           { block }
        location "/data*"            { block }
        location "/config*"          { block }

        location "/*.php*" {
                fastcgi socket "/run/php-fpm.sock"
        }
}
But it doesn't.

domain.tld requests are being served correctly, but cloud.domain.tld requests appear to not even be received.
Reply With Quote
  #8   (View Single Post)  
Old 27th February 2018
toprank toprank is offline
Fdisk Soldier
 
Join Date: Feb 2018
Posts: 52
Default

Quote:
Originally Posted by jggimi View Post
Oh, and if the server isn't receiving requests for cloud.domain.tld, then perhaps that doesn't resolve to your server's address?
Both domain.tld and cloud.domain.tld are on the same server with the same local IP on a box sharing the same external IP. And the A record for domain.tld and CNAME for cloud.domain.tld both point to the same IP.
Reply With Quote
  #9   (View Single Post)  
Old 27th February 2018
toprank toprank is offline
Fdisk Soldier
 
Join Date: Feb 2018
Posts: 52
Default

Okay, I would love an explanation:

After parsing my configuration countless times and deciding that everything was configured correctly, I tried accessing cloud.domain.tld from my phone using its cellular connection--not WiFi--and it connected to /var/www/nextcloud as it should! Yet, the MacBook on the LAN that I was testing, and accessing the server, from could not connect. Requests weren't even making it through to the server! Then, all of a sudden, it connected!

Wtf?
Reply With Quote
Old 27th February 2018
toprank toprank is offline
Fdisk Soldier
 
Join Date: Feb 2018
Posts: 52
Default

Also, is this correct behaviour: the connection max request body under the server "cloud.domain.tld" doesn't work. With it nestled here, nextcloud returns 413 errors for all files over 1MB. However, with it nestled under the server "domain.tld" it allows uploads of larger files.

Code:
server "domain.tld" {
        alias "www.domain.tld"
        listen on * port 80
        listen on * tls port 443

        tls {
                key "/etc/ssl/private/domain.tld.key"
                certificate "/etc/ssl/domain.tld.fullchain.pem"
        }

        # IT WORKS HERE!
        connection max request body 5000000000

        location "/.well-known/acme-challenge/*" {
                root "/htdocs/acme"
                root strip 2
        }
}

server "cloud.domain.tld" {
        listen on * tls port 443
        root "/nextcloud"
        directory index index.php
        tls {
                key "/etc/ssl/private/domain.tld.key"
                certificate "/etc/ssl/domain.tld.fullchain.pem"
        }
        hsts

        # IT DOES NOT WORK HERE!
        connection max request body 5000000000

        location "/db_structure.xml" { block }
        location "/.ht*"             { block }
        location "/README"           { block }
        location "/data*"            { block }
        location "/config*"          { block }

        location "/*.php*" {
                fastcgi socket "/run/php-fpm.sock"
        }
}
Reply With Quote
Old 27th February 2018
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,220
Default

Your cloud.domain.tld server only listens on 443. Are you attempting to connect through port 80? If so, it will use a default virtual server, which is the first server defined that listens on port 80.
Reply With Quote
Old 27th February 2018
toprank toprank is offline
Fdisk Soldier
 
Join Date: Feb 2018
Posts: 52
Default

No, requests are being made through https:// (i.e., port 443).
Reply With Quote
Old 27th February 2018
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,220
Default

OK. I'll have some time to investigate this in about 12 hours, and will see if I can recreate the problem. Meanwhile, someone who has more caffeine in their system might see something I'm missing.
Reply With Quote
Old 27th February 2018
toprank toprank is offline
Fdisk Soldier
 
Join Date: Feb 2018
Posts: 52
Default

Thanks, jggimi. But the server is now receiving requests as it should as explained in http://daemonforums.org/showpost.php...62&postcount=9

domain.tld requests are serving from /var/www/htdocs

cloud.domain.tld requests are serving from /var/www/nextcloud

However, see post http://daemonforums.org/showpost.php...3&postcount=10 for latest query.
Reply With Quote
Old 28th February 2018
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,220
Default

I'm going to guess that you have a browser cache issue, rather than a server issue. Try clearing your cache. I say that, because I have just installed and run nextcloud in a test system and I am unable to recreate your problem.

Here's my httpd.conf file. (Ignore my certs, because I also tested with TLS and used an existing production cert collection as an expedient.)
Code:
ext_if="*"

types { include "/usr/share/misc/mime.types" }

server "jggimi.net" {
    listen on $ext_if port 80

#    listen on $ext_if tls port 443
#       tls certificate "/etc/ssl/acme/fullchain.pem"
#       tls key "/etc/ssl/acme/private/privkey.pem"

    directory auto index
}

server "cloud.jggimi.net" {
    listen on $ext_if port 80

#    listen on $ext_if tls port 443
#       tls certificate "/etc/ssl/acme/fullchain.pem"
#       tls key "/etc/ssl/acme/private/privkey.pem"

    # Set max upload size to 513M (in bytes)
    connection max request body 537919488

    # First deny access to the specified files
    location "/db_structure.xml"    { block }
    location "/.ht*"        { block }
    location "/README"        { block }
    location "/data*"        { block }
    location "/config*"        { block }
        
    location "/*.php*" {
        root { "/nextcloud", strip 1 }
        fastcgi socket "/run/php-fpm.sock"
    }
        
    location "/*" {
        root { "/nextcloud", strip 1 }
        
    }
}
Reply With Quote
Old 28th February 2018
toprank toprank is offline
Fdisk Soldier
 
Join Date: Feb 2018
Posts: 52
Default

Thanks, jggimi. I think you're right about it having been a browser cache issue (the failure of domain.tld requests serving /var/www/nextcloud and cloud.domain.tld requests being dropped). However, I made sure to clear browser cache several times. Although historically I have found that it can take time for these changes to take effect, if you know what I mean.

However, clearing browser cache doesn't explain the connection max request body not working when nestled under the server "cloud.domain.tld" but only working when nestled under the server "domain.tld" instead. When configured with:

Code:
# cat /etc/httpd.conf
server "domain.tld" {
        alias "www.domain.tld"
        listen on * port 80
        listen on * tls port 443

        tls {
                key "/etc/ssl/private/domain.tld.key"
                certificate "/etc/ssl/domain.tld.fullchain.pem"
        }

        location "/*.php*" {
                fastcgi socket "/run/php-fpm.sock"
        }

        location "/.well-known/acme-challenge/*" {
                root "/htdocs/acme"
                root strip 2
        }
}

server "cloud.domain.tld" {
        listen on * tls port 443
        root "/nextcloud"
        directory index index.php
        tls {
                key "/etc/ssl/private/domain.tld.key"
                certificate "/etc/ssl/domain.tld.fullchain.pem"
        }

        hsts

        connection max request body 5000000000

        location "/db_structure.xml" { block }
        location "/.ht*"             { block }
        location "/README"           { block }
        location "/data*"            { block }
        location "/config*"          { block }

        location "/*.php*" {
                fastcgi socket "/run/php-fpm.sock"
        }
}
I get 413 (payload too large) errors from both desktop and mobile attempts to upload large(r) files. Is this expected behaviour?
Reply With Quote
Old 28th February 2018
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,220
Default

Quote:
Originally Posted by toprank View Post
However, clearing browser cache doesn't explain the connection max request body not working when nestled under the server "cloud.domain.tld" but only working when nestled under the server "domain.tld" instead.
No, according to httpd.conf(5), connection is an option for server name {...}. I'll test when I next have a little time.
Reply With Quote
Old 28th February 2018
toprank toprank is offline
Fdisk Soldier
 
Join Date: Feb 2018
Posts: 52
Default

I thought so. But sure enough, I need this or it doesn't work:

Code:
# cat /etc/httpd.conf
server "domain.tld" {
        alias "www.domain.tld"
        listen on * port 80
        listen on * tls port 443

        tls {
                key "/etc/ssl/private/domain.tld.key"
                certificate "/etc/ssl/domain.tld.fullchain.pem"
        }

        connection max request body 5000000000

        location "/*.php*" {
                fastcgi socket "/run/php-fpm.sock"
        }

        location "/.well-known/acme-challenge/*" {
                root "/htdocs/acme"
                root strip 2
        }
}

server "cloud.domain.tld" {
        listen on * tls port 443
        root "/nextcloud"
        directory index index.php
        tls {
                key "/etc/ssl/private/domain.tld.key"
                certificate "/etc/ssl/domain.tld.fullchain.pem"
        }
        hsts

        location "/db_structure.xml" { block }
        location "/.ht*"             { block }
        location "/README"           { block }
        location "/data*"            { block }
        location "/config*"          { block }

        location "/*.php*" {
                fastcgi socket "/run/php-fpm.sock"
        }
}
Thanks for all your help, jggimi. I appreciate it!
Reply With Quote
Old 28th February 2018
jggimi's Avatar
jggimi jggimi is offline
More noise than signal
 
Join Date: May 2008
Location: USA
Posts: 6,220
Default

And I had a little time. I was able to duplicate the problem with the configuration I posted above.

When I commented out the first server name {} entry, I could successfully upload files over 1 MB. This is was with -release. I don't have time to test with -current today to see if it is an already fixed bug. If you can wait until Thursday, I can attempt to reproduce on -current then.
Reply With Quote
Old 28th February 2018
toprank toprank is offline
Fdisk Soldier
 
Join Date: Feb 2018
Posts: 52
Default

Okay, so looks like we have a bug?
Reply With Quote
Reply

Tags
httpd, mariadb, mysql, nextcloud, php

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
httpd rc.conf.local question psypro OpenBSD General 3 30th October 2016 05:54 PM
httpd.conf chroot morophla OpenBSD General 4 19th April 2015 02:07 PM
ipsec.conf & IKE mode config pyzo OpenBSD Security 1 24th May 2012 05:06 AM
Update httpd.conf IPs from DNS zones. bigb89 Programming 16 2nd December 2008 02:02 AM
httpd.conf Snoop1990 General software and network 5 29th July 2008 04:30 AM


All times are GMT. The time now is 03:42 AM.


Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2018, Jelsoft Enterprises Ltd.
Content copyright © 2007-2010, the authors
Daemon image copyright ©1988, Marshall Kirk McKusick