|
|
|||||||
| OpenBSD Packages and Ports Installation and upgrading of packages and ports on OpenBSD. |
 |
|
|
Thread Tools | Display Modes |
27th February 2018
|
|||
|
|||
www/nextcloud and httpd.conf subdomain config
I'm overlooking something that has my httpd server serving nextcloud as the domain's root rather than the created cloud.domain.tld subdomain, and would like a fresh set of eyes to please point out my errors.
/etc/httpd.conf is very basic: Code:
server "default" {
listen on * port 80
location "/.well-known/acme-challenge/*" {
root "/htdocs/acme"
root strip 2
}
}
server "cloud.domain.tld" {
listen on * tls port 443
root "/nextcloud/"
directory index index.php
tls {
key "/etc/ssl/private/domain.tld.key"
certificate "/etc/ssl/domain.tld.fullchain.pem"
}
hsts
# This defines the maximum request size in bytes
connection max request body 5000000000
location "/db_structure.xml" { block }
location "/.ht*" { block }
location "/README" { block }
location "/data*" { block }
location "/config*" { block }
location "/*.php*" {
fastcgi socket "/run/php-fpm.sock"
}
}
And the httpd chroot: Code:
# pwd /var/www # ls -al total 60 drwxr-xr-x 15 root daemon 512 Feb 27 13:18 . drwxr-xr-x 24 root wheel 512 Feb 27 01:53 .. drwxr-xr-x 2 root daemon 512 Oct 4 12:42 acme drwxr-xr-x 2 root daemon 512 Feb 27 12:28 bin drwx-----T 2 www daemon 512 Oct 4 12:42 cache drwxr-xr-x 2 root daemon 512 Feb 23 23:52 cgi-bin drwxr-xr-x 3 root daemon 512 Feb 27 12:28 conf drwxr-xr-x 2 root daemon 512 Feb 27 02:34 etc drwxr-xr-x 5 root daemon 512 Feb 27 12:25 htdocs drwxr-xr-x 2 root daemon 512 Feb 25 00:00 logs drwxr-xr-x 15 root daemon 1024 Feb 27 13:16 nextcloud drwxr-xr-x 2 root daemon 512 Feb 27 13:27 run drwx-----T 2 www www 2048 Feb 27 15:51 tmp drwxr-xr-x 4 root daemon 512 Feb 27 12:30 usr drwxr-xr-x 3 root daemon 512 Feb 27 02:26 var # ls -al htdocs/ total 28 drwxr-xr-x 4 root daemon 512 Feb 27 16:06 . drwxr-xr-x 15 root daemon 512 Feb 27 13:18 .. drwxr-xr-x 2 www www 512 Feb 23 22:42 acme drwxr-xr-x 2 root wheel 512 Oct 4 17:12 bgplg -rw-r--r-- 1 www www 923 Feb 24 01:15 index.html -rw-r--r-- 1 root daemon 114 Feb 23 23:10 index.php -rw-r--r-- 1 root daemon 69 Feb 27 02:18 info.php Code:
cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:47 +1100] "GET / HTTP/1.1" 302 0 cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:47 +1100] "GET /index.php/apps/files/ HTTP/1.1" 200 0 cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:47 +1100] "GET /index.php/core/js/oc.js?v=fc042ba824ff4166163bc855df2375bd HTTP/1.1" 200 0 cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:48 +1100] "GET /cron.php HTTP/1.1" 200 0 cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:48 +1100] "GET /index.php/apps/gallery/config?extramediatypes=1 HTTP/1.1" 200 0 cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:48 +1100] "GET /ocs/v2.php/apps/notifications/api/v2/notifications HTTP/1.1" 200 0 cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:48 +1100] "PROPFIND /remote.php/webdav/ HTTP/1.1" 207 0 cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:48 +1100] "GET /index.php/apps/systemtags/lastused HTTP/1.1" 200 0 cloud.domain.tld 10.0.0.138 - - [27/Feb/2018:16:09:48 +1100] "GET /index.php/apps/files/ajax/getstoragestats.php?dir=%252F HTTP/1.1" 200 0 Code:
PHP message: PHP Fatal error: session_start(): Failed to create session ID: files (path: ) in /nextcloud/lib/private/Session/Internal.php on line 174 
|
|
27th February 2018
|
||||
|
||||
|
Your configuration is not so basic, but I do see you are directing the root to "/nextcloud/" directory. "/htdocs" is the defaullt, which you overrode. Remove the root directive if you want to use /htdocs instead.
|
|
27th February 2018
|
|||
|
|||
|
Thanks, jggimi.
I do, however, want the root of cloud.domain.tld to be /var/www/nextcloud; not domain.tld, though. But the behaviour this current configuration shows is /var/www/nextcloud being served for domain.tld requests while cloud.domain.tld requests are not being received by the httpd server at all.
|
|
27th February 2018
|
|||
|
|||
|
Rather than:
Code:
root "/nextcloud/" Code:
location "/" {
root "/nextcloud/"
}
|
|
27th February 2018
|
||||
|
||||
|
Thanks for the clarification. I believe your issue is you only have a single server defined, so it is the default server and will respond to all requests. See the man page, in the EXAMPLES section, beginning with "Multiple servers can be configured to support hosting of different domains."
|
|
27th February 2018
|
||||
|
||||
|
Oh, and if the server isn't receiving requests for cloud.domain.tld, then perhaps that doesn't resolve to your server's address?
|
|
27th February 2018
|
|||
|
|||
|
Thanks for the pointer.
As far as I can tell, the following configuration should serve /var/www/htdcos for domain.tld requests, and should serve /var/www/nextcloud for cloud.domain.tld requests: Code:
server "domain.tld" {
alias "www.domain.tld"
listen on * port 80
listen on * tls port 443
tls {
key "/etc/ssl/private/domain.tld.key"
certificate "/etc/ssl/domain.tld.fullchain.pem"
}
location "/.well-known/acme-challenge/*" {
root "/htdocs/acme"
root strip 2
}
}
server "cloud.domain.tld" {
listen on * tls port 443
root "/nextcloud"
directory index index.php
tls {
key "/etc/ssl/private/domain.tld.key"
certificate "/etc/ssl/domain.tld.fullchain.pem"
}
hsts
# This defines the maximum request size in bytes
connection max request body 5000000000
location "/db_structure.xml" { block }
location "/.ht*" { block }
location "/README" { block }
location "/data*" { block }
location "/config*" { block }
location "/*.php*" {
fastcgi socket "/run/php-fpm.sock"
}
}
domain.tld requests are being served correctly, but cloud.domain.tld requests appear to not even be received.
|
|
27th February 2018
|
|||
|
|||
|
Quote:
|
|
27th February 2018
|
|||
|
|||
|
Okay, I would love an explanation:
After parsing my configuration countless times and deciding that everything was configured correctly, I tried accessing cloud.domain.tld from my phone using its cellular connection--not WiFi--and it connected to /var/www/nextcloud as it should! Yet, the MacBook on the LAN that I was testing, and accessing the server, from could not connect. Requests weren't even making it through to the server! Then, all of a sudden, it connected! Wtf?
|
|
27th February 2018
|
|||
|
|||
|
Also, is this correct behaviour: the connection max request body under the server "cloud.domain.tld" doesn't work. With it nestled here, nextcloud returns 413 errors for all files over 1MB. However, with it nestled under the server "domain.tld" it allows uploads of larger files.
Code:
server "domain.tld" {
alias "www.domain.tld"
listen on * port 80
listen on * tls port 443
tls {
key "/etc/ssl/private/domain.tld.key"
certificate "/etc/ssl/domain.tld.fullchain.pem"
}
# IT WORKS HERE!
connection max request body 5000000000
location "/.well-known/acme-challenge/*" {
root "/htdocs/acme"
root strip 2
}
}
server "cloud.domain.tld" {
listen on * tls port 443
root "/nextcloud"
directory index index.php
tls {
key "/etc/ssl/private/domain.tld.key"
certificate "/etc/ssl/domain.tld.fullchain.pem"
}
hsts
# IT DOES NOT WORK HERE!
connection max request body 5000000000
location "/db_structure.xml" { block }
location "/.ht*" { block }
location "/README" { block }
location "/data*" { block }
location "/config*" { block }
location "/*.php*" {
fastcgi socket "/run/php-fpm.sock"
}
}
|
|
27th February 2018
|
||||
|
||||
|
Your cloud.domain.tld server only listens on 443. Are you attempting to connect through port 80? If so, it will use a default virtual server, which is the first server defined that listens on port 80.
|
|
27th February 2018
|
|||
|
|||
|
No, requests are being made through https:// (i.e., port 443).
|
|
27th February 2018
|
||||
|
||||
|
OK. I'll have some time to investigate this in about 12 hours, and will see if I can recreate the problem. Meanwhile, someone who has more caffeine in their system might see something I'm missing.
|
|
27th February 2018
|
|||
|
|||
|
Thanks, jggimi. But the server is now receiving requests as it should as explained in http://daemonforums.org/showpost.php...62&postcount=9
domain.tld requests are serving from /var/www/htdocs cloud.domain.tld requests are serving from /var/www/nextcloud However, see post http://daemonforums.org/showpost.php...3&postcount=10 for latest query.
|
|
28th February 2018
|
||||
|
||||
|
I'm going to guess that you have a browser cache issue, rather than a server issue. Try clearing your cache. I say that, because I have just installed and run nextcloud in a test system and I am unable to recreate your problem.
Here's my httpd.conf file. (Ignore my certs, because I also tested with TLS and used an existing production cert collection as an expedient.) Code:
ext_if="*"
types { include "/usr/share/misc/mime.types" }
server "jggimi.net" {
listen on $ext_if port 80
# listen on $ext_if tls port 443
# tls certificate "/etc/ssl/acme/fullchain.pem"
# tls key "/etc/ssl/acme/private/privkey.pem"
directory auto index
}
server "cloud.jggimi.net" {
listen on $ext_if port 80
# listen on $ext_if tls port 443
# tls certificate "/etc/ssl/acme/fullchain.pem"
# tls key "/etc/ssl/acme/private/privkey.pem"
# Set max upload size to 513M (in bytes)
connection max request body 537919488
# First deny access to the specified files
location "/db_structure.xml" { block }
location "/.ht*" { block }
location "/README" { block }
location "/data*" { block }
location "/config*" { block }
location "/*.php*" {
root { "/nextcloud", strip 1 }
fastcgi socket "/run/php-fpm.sock"
}
location "/*" {
root { "/nextcloud", strip 1 }
}
}
|
|
28th February 2018
|
|||
|
|||
|
Thanks, jggimi. I think you're right about it having been a browser cache issue (the failure of domain.tld requests serving /var/www/nextcloud and cloud.domain.tld requests being dropped). However, I made sure to clear browser cache several times. Although historically I have found that it can take time for these changes to take effect, if you know what I mean.
However, clearing browser cache doesn't explain the connection max request body not working when nestled under the server "cloud.domain.tld" but only working when nestled under the server "domain.tld" instead. When configured with: Code:
# cat /etc/httpd.conf
server "domain.tld" {
alias "www.domain.tld"
listen on * port 80
listen on * tls port 443
tls {
key "/etc/ssl/private/domain.tld.key"
certificate "/etc/ssl/domain.tld.fullchain.pem"
}
location "/*.php*" {
fastcgi socket "/run/php-fpm.sock"
}
location "/.well-known/acme-challenge/*" {
root "/htdocs/acme"
root strip 2
}
}
server "cloud.domain.tld" {
listen on * tls port 443
root "/nextcloud"
directory index index.php
tls {
key "/etc/ssl/private/domain.tld.key"
certificate "/etc/ssl/domain.tld.fullchain.pem"
}
hsts
connection max request body 5000000000
location "/db_structure.xml" { block }
location "/.ht*" { block }
location "/README" { block }
location "/data*" { block }
location "/config*" { block }
location "/*.php*" {
fastcgi socket "/run/php-fpm.sock"
}
}
|
|
28th February 2018
|
||||
|
||||
|
Quote:
|
|
28th February 2018
|
|||
|
|||
|
I thought so. But sure enough, I need this or it doesn't work:
Code:
# cat /etc/httpd.conf
server "domain.tld" {
alias "www.domain.tld"
listen on * port 80
listen on * tls port 443
tls {
key "/etc/ssl/private/domain.tld.key"
certificate "/etc/ssl/domain.tld.fullchain.pem"
}
connection max request body 5000000000
location "/*.php*" {
fastcgi socket "/run/php-fpm.sock"
}
location "/.well-known/acme-challenge/*" {
root "/htdocs/acme"
root strip 2
}
}
server "cloud.domain.tld" {
listen on * tls port 443
root "/nextcloud"
directory index index.php
tls {
key "/etc/ssl/private/domain.tld.key"
certificate "/etc/ssl/domain.tld.fullchain.pem"
}
hsts
location "/db_structure.xml" { block }
location "/.ht*" { block }
location "/README" { block }
location "/data*" { block }
location "/config*" { block }
location "/*.php*" {
fastcgi socket "/run/php-fpm.sock"
}
}
|
|
28th February 2018
|
||||
|
||||
|
And I had a little time. I was able to duplicate the problem with the configuration I posted above.
When I commented out the first server name {} entry, I could successfully upload files over 1 MB. This is was with -release. I don't have time to test with -current today to see if it is an already fixed bug. If you can wait until Thursday, I can attempt to reproduce on -current then.
|
|
28th February 2018
|
|||
|
|||
|
Okay, so looks like we have a bug?
|
|
| Tags |
| httpd, mariadb, mysql, nextcloud, php |
| Thread Tools | |
| Display Modes | |
|
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| httpd rc.conf.local question | psypro | OpenBSD General | 3 | 30th October 2016 05:54 PM |
| httpd.conf chroot | morophla | OpenBSD General | 4 | 19th April 2015 02:07 PM |
| ipsec.conf & IKE mode config | pyzo | OpenBSD Security | 1 | 24th May 2012 05:06 AM |
| Update httpd.conf IPs from DNS zones. | bigb89 | Programming | 16 | 2nd December 2008 02:02 AM |
| httpd.conf | Snoop1990 | General software and network | 5 | 29th July 2008 04:30 AM |
Linear Mode
