Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > Linux Forums > Server Operation

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 26th June 2013, 16:45
cbj4074 cbj4074 is offline
Senior Member
 
Join Date: Nov 2010
Posts: 395
Thanks: 30
Thanked 58 Times in 50 Posts
Default Trouble adding /pma location to all virtual hosts

I posted the same question to the nginx mailing list, but have not received a reply.

I'm trying to accomplish something that feels like it should be very simple, yet I'm struggling. I'm new to nginx, and I feel a bit lost as I try to "translate" everything that I've done in Apache over the years to nginx. So, please bear with me. I've done my research and asking this list for help is a last-resort.

I have an application, phpMyAdmin, installed in /var/www/pma. I would like to modify the nginx configuration such that every virtual-host whose configuration file is located in /etc/nginx/sites-available/ has access to the files in this directory by browsing to the location /pma/, relative to the domain root.

The filesystem information for /var/www/pma is as follows (the permissions are set recursively on the entire directory -- for now):

Code:
# ls -lah /var/www | grep "pma"
drwxrwxr-x  9 www-data www-data 4.0K Jun 17 16:37 pma
I figured that it might be simpler to get phpMyAdmin working for a single vhost before attempting the same move server-wide.

On the surface, it looks to be this simple:

Code:
location /pma/ {
    alias /var/www/pma/;
    include /etc/nginx/fastcgi_params;
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_intercept_errors on;
}
When I try this configuration, I have the following in error.log:

Code:
2013/06/25 14:04:07 [error] 29741#0: *21 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 1.2.3.4, server: example.com, request: "GET /pma/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "example.com"
While researching the cause of this error, I have seen others state that SCRIPT_FILENAME has to be modified when using an alias in this way, e.g.

fastcgi_param SCRIPT_FILENAME $request_filename;

but the error messages are the same with this line, too.

So, I tried to use the "root" directive, instead of "alias", as I have no particular reason for using one over the other in this scenario.

Code:
location /pma/ {
    #alias /var/www/pma/;
    root /var/www;
    include /etc/nginx/fastcgi_params;
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_intercept_errors on;
}
This "kind of works". The index file at location /pma/index.php is parsed via PHP, but requests for all other resources on the page yield "403 Forbidden". The log states:

Code:
2013/06/25 14:21:46 [error] 30343#0: *12 FastCGI sent in stderr: "Access to the script '/var/www/pma/favicon.ico' has been denied (see security.limit_extensions)" while reading response header from upstream, client: 1.2.3.4, server: example.com, request: "GET /pma/favicon.ico HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "example.com"
Obviously, the aim here is not to execute '/var/www/pma/favicon.ico' as a PHP script.

I found a thread at http://serverfault.com/questions/486...-403-forbidden which seems to address this intended behavior (the rationale is sound). So, I split my configuration up into the following sections, so that PHP scripts would be handled via php-fpm and static content would be handled directly:

Code:
location ~ /pma/.*\.php$ {
    root /var/www;
    include /etc/nginx/fastcgi_params;
    fastcgi_pass unix:/var/run/php5-fpm.sock;
    fastcgi_index index.php;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_intercept_errors on;
}

location /pma/ {
    root /var/www;
    # Adding the following line makes no difference:
    index index.php;
}
With this configuration, PMA's index page won't even load. The location /pma/ returns a 404, as does /pma/index.php.

Nothing is written to the vhost's error.log when /pma/ or /pma/index.php is requested. Only the following (I've omitted the irrelevant bits) is written to access.log:

Code:
"GET /pma/ HTTP/1.1" 404 200 "-"
"GET /pma/index.php HTTP/1.1" 404 200 "-"
I must be doing something completely asinine.

Other misc. details:

- PHP's open_basedir directive includes the path /var/www/pma.

- nginx is executing the request as the user "web2" who is in the group "client2" (this is configured via ISPConfig).

- The group "client2" is in the group "www-data", and /var/www/pma's user:group is www-data:www-data and the permissions on the directory are 0775, recursively.

Thanks in advance for any help here!
Reply With Quote
Sponsored Links
  #2  
Old 26th June 2013, 17:25
cbj4074 cbj4074 is offline
Senior Member
 
Join Date: Nov 2010
Posts: 395
Thanks: 30
Thanked 58 Times in 50 Posts
Default

I was able to accomplish my objective with some help from the tutorial at: http://www.howtoforge.com/running-ph...e-ubuntu-11.04

Code:
location /pma {
   root /var/www/;
   index index.php index.html index.htm;
   location ~ ^/pma/(.+\.php)$ {
       try_files $uri =404;
       root /var/www/;
       fastcgi_pass unix:/var/run/php5-fpm.sock;
       fastcgi_param HTTPS on;
       fastcgi_index index.php;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       include /etc/nginx/fastcgi_params;
   }
   location ~* ^/pma/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
       root /var/www/;
   }
}
location /PMA {
       rewrite ^/* /pma last;
}
I don't know if the key is the nested location block, or something else. If anyone is able to point-out the fundamental differences between the configuration snippet that I posted previously and the snippet above, which actually works, I would be most appreciative.

Thank you!
Reply With Quote
  #3  
Old 26th June 2013, 22:48
cbj4074 cbj4074 is offline
Senior Member
 
Join Date: Nov 2010
Posts: 395
Thanks: 30
Thanked 58 Times in 50 Posts
 
Default

More and more questions...

So, now that PMA functions as expected, I am hoping to achieve the same with Roundcube webmail.

In theory, I should be able to use nearly the same configuration directives. The only difference between PMA and Roundcube is that the request directory and the filesystem directory share the same name (I chose "pma") for PMA, but for Roundcube, I want to use "/webmail" for the location and "roundcube" on the filesystem.

To better illustrate:

Code:
LOCATION -> FILESYSTEM PATH
------------------------------------
/pma -> /var/www/pma
/webmail -> /var/www/roundcube
My limited understanding of nginx dictates that the Roundcube case calls for the use of the alias directive, as opposed to the root directive.

So, I tried replacing "pma" with "webmail" in each location's first line, and replacing root /var/www/ with alias /var/www/roundcube/ within each location's body.

This didn't work. I receive a 404 when requesting the /webmail URL, with no errors logged (just standard 404s in the vhost's access.log).

I diddled with adding the regex capture groups to the end of the alias and such, but this didn't seem to change the behavior.

Here's where I gave-up:

Code:
location /webmail {
    alias /var/www/roundcube/;
    index index.php index.html index.htm;
    location ~ ^/webmail/(.+\.php)$ {
        try_files $uri =404;
        alias /var/www/roundcube/$1;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_param HTTPS on;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        # Using the below line instead of the above didn't seem to change anything.
        #fastcgi_param SCRIPT_FILENAME $request_filename;
        include /etc/nginx/fastcgi_params;
    }
    location ~* ^/webmail/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
        alias /var/www/roundcube/$1;
    }
}
location /WEBMAIL {
    rewrite ^/* /webmail last;
}
Any help is much appreciated!

UPDATE: This is the kind of thing that makes one want to drink to excess. After searching the darkest corners of my brain, I remembered reading in the nginx Documentation, "Note that there is a longstanding bug that alias and try_files don't work together." So, I commented-out the try_files line and everything worked!

Last edited by cbj4074; 26th June 2013 at 22:51.
Reply With Quote
Reply

Bookmarks

Tags
alias, location, nginx, root, vhost

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
ssl and multiple virtual hosts in apache max123 Server Operation 4 20th November 2012 16:00
Postfix problem and few questions Gimly Installation/Configuration 12 7th July 2009 17:27
Apache Virtual Hosts - I have never gotten this right. DazzyB Server Operation 2 24th December 2007 14:37
Strato Server - Restoring with SystemImager popper2001 HOWTO-Related Questions 5 28th July 2007 11:18
Creating image with Systemimager cuongtim HOWTO-Related Questions 3 18th November 2006 14:55


All times are GMT +2. The time now is 05:51.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.