Hi everybody,
First I would like to thank all of people involved in OpenMediaVault project for your hard work. Thanks to you I decided to revive my old PC and make it my personal cloud. However I have run into some nginx trouble during the setup. I followed guides NextCloud Installation and http://wiki.pine64.org/index.php/OpenMediaVault but I am stuck at trying to call Nextcloud installation via browser. I installed omv4 on Debian 9. I disabled and later purged apache2 package as it was interfering with omv installation - ngixng package. I installed OMV-Extra plugins and used it to get nginx and mysql plugins. I also installed php7.0-curl/gd/zip. My current confings are:
Name: pool_nextcloud
User: www-data
Group: www-data
Display errors: OFF
HTML errors: OFF
Max execution time: 30s
Memory limit: 128 MB
Max POST size: 8MB
Max upload filesize: 2 MB
Max children 5
Start servers 2
Min spare 1
Max spare servers 3
Max request 0
Extra options:
clear_env = no
env[HOSTNAME] = $HOSTNAME
env[PATH] = /usr/local/bin:/usr/bin:/bin
env[TMP] = /tmp
env[TMPDIR] = /tmp
env[TEMP] = /tmp
Alles anzeigen
I just disabled fastcgi_param HTTPS -> off
Enable: ON
Directory: nextcloud [on /dev/sdb1, www/nextcloud/]
Use root: ON
Use public directory: OFF
Host type: Port
Port: 90
Default server: OFF
Enable SSL: ON
Port: 91
Default server: OFF
Certificate: SET
Only use SSL: OFF
Enable PHP: ON
PHP-FPM pool: pool_nextcloud
Default confing: ON
Use index: ON
Index html and index.php are ON
Enable log: ON
Header buffer: 8k
Extra options:
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
location = /robots.txt {
log_not_found off;
allow all;
access_log off;
}
# The following 2 rules are only needed for the user_webfinger app.
# Uncomment it if you're planning to use this app.
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json
# last;
location = /.well-known/carddav {
return 301 $scheme://$host/remote.php/dav;
}
location = /.well-known/caldav {
return 301 $scheme://$host/remote.php/dav;
}
# set max upload size
client_max_body_size 50G;
fastcgi_buffers 64 4K;
# Disable gzip to avoid the removal of the ETag header
gzip off;
# Uncomment if your server is build with the ngx_pagespeed module
# This module is currently not supported.
#pagespeed off;
error_page 403 /core/templates/403.php;
error_page 404 /core/templates/404.php;
location / {
rewrite ^ /index.php$uri;
}
location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ {
deny all;
}
location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) {
deny all;
}
location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param HTTPS off;
#Avoid sending the security headers twice
fastcgi_param modHeadersAvailable true;
fastcgi_param front_controller_active true;
fastcgi_pass $socket;
fastcgi_intercept_errors on;
}
location ~ ^/(?:updater|ocs-provider)(?:$|/) {
try_files $uri/ =404;
index index.php;
}
# Adding the cache control header for js and css files
# Make sure it is BELOW the PHP block
location ~* \.(?:css|js|woff|svg|gif)$ {
try_files $uri /index.php$uri$is_args$args;
add_header Cache-Control "public, max-age=7200";
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
add_header X-Content-Type-Options nosniff;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Robots-Tag none;
add_header X-Download-Options noopen;
add_header X-Permitted-Cross-Domain-Policies none;
# Optional: Don't log access to assets
access_log off;
}
location ~* \.(?:png|html|ttf|ico|jpg|jpeg)$ {
try_files $uri /index.php$uri$is_args$args;
# Optional: Don't log access to other assets
access_log off;
}
Alles anzeigen
Access rights seems to be ok
root@openmediavault:/srv/dev-disk-by-id-ata-TOSHIBA_HDWD130_972SLDZAS-part1/www/nextcloud# ls -al
total 216
drwxrws---+ 14 www-data www-data 4096 Jan 21 20:51 .
drwxrws---+ 3 www-data www-data 4096 Jan 21 13:31 ..
drwxrws---+ 33 www-data www-data 4096 Dec 4 08:22 3rdparty
drwxrws---+ 36 www-data www-data 4096 Dec 4 08:19 apps
-rwxrwx---+ 1 www-data www-data 8868 Dec 4 08:18 AUTHORS
drwxrws---+ 2 www-data www-data 4096 Dec 4 08:18 config
-rwxrwx---+ 1 www-data www-data 4050 Dec 4 08:18 console.php
drwxrws---+ 16 www-data www-data 4096 Dec 4 08:22 core
-rwxrwx---+ 1 www-data www-data 5057 Dec 4 08:18 cron.php
-rwxrwx---+ 1 www-data www-data 41077 Dec 4 08:18 db_structure.xml
-rwxrwx---+ 1 www-data www-data 179 Dec 4 08:18 index.html
-rwxrwx---+ 1 www-data www-data 2804 Dec 4 08:18 index.php
drwxrws---+ 3 www-data www-data 4096 Dec 4 08:18 l10n
drwxrws---+ 6 www-data www-data 4096 Dec 4 08:18 lib
-rwxrwx---+ 1 www-data www-data 283 Dec 4 08:18 occ
drwxrws---+ 2 www-data www-data 4096 Dec 4 08:18 ocs
drwxrws---+ 2 www-data www-data 4096 Dec 4 08:18 ocs-provider
-rwxrwx---+ 1 www-data www-data 3152 Dec 4 08:18 public.php
-rwxrwx---+ 1 www-data www-data 5323 Dec 4 08:18 remote.php
drwxrws---+ 4 www-data www-data 4096 Dec 4 08:18 resources
-rwxrwx---+ 1 www-data www-data 26 Dec 4 08:18 robots.txt
drwxrws---+ 14 www-data www-data 4096 Dec 4 08:18 settings
-rwxrwx---+ 1 www-data www-data 2110 Dec 4 08:18 status.php
drwxrws---+ 3 www-data www-data 4096 Dec 4 08:18 themes
drwxrws---+ 2 www-data www-data 4096 Dec 4 08:19 updater
-rwxrwx---+ 1 www-data www-data 481 Dec 4 08:22 version.php
Alles anzeigen
Nginx service seems to be running OK:
In netstat I can see that nginx ports 90 and 91 are open and waiting for connection:
root@openmediavault:/srv/dev-disk-by-id-ata-TOSHIBA_HDWD130_972SLDZAS-part1/www/nextcloud# netstat -a
Active Internet connections (servers and established)
tcp6 0 0 [::]:90 [::]:* LISTEN
tcp6 0 0 [::]:91 [::]:* LISTEN
But despite that everything looks OK when I go to my http://IP:90 or https://IP:91 I just get information that browser could not connect. Can anybody help me with this issue? It is driving me mad for past 2 days... Big thanks in advance.
Regards
L