1. ホーム
  2. 質問と答え
  3. アーチのOwncloud/Nginx - サイトにアクセスできない

アーチのOwncloud/Nginx - サイトにアクセスできない

2016-08-19 5 views
0

自分のラズベリーパイ3にアーチシステムをインストールしました。インストール後、私はこのguideの設定に従いました。 SSl証明書については、私はアーチown25 documentationの指示に従っています。アーチのOwncloud/Nginx - サイトにアクセスできない

#upstream php-handler { 
#server 127.0.0.1:9000; 
# server unix:/run/php-fpm/php-fpm.sock; 
#} 

server { 
listen 80; 
server_name mycloud.go.com; 
# enforce https 
return 301 https://$server_name$request_uri; 
} 

server { 
listen 443 ssl; 
server_name mycloud.go.com; 

ssl_certificate ssl/server.crt; 
ssl_certificate_key ssl/server.key; 

# Add headers to serve security related headers 
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; 
add_header X-Content-Type-Options nosniff; 
add_header X-Frame-Options "SAMEORIGIN"; 
add_header X-XSS-Protection "1; mode=block"; 
add_header X-Robots-Tag none; 

# Path to the root of your installation 
root /usr/share/webapps/owncloud; 
# set max upload size 
client_max_body_size 10G; 
fastcgi_buffers 64 4K; 

# Disable gzip to avoid the removal of the ETag header 
gzip off; 

# Uncomment if your server is build with the ngx_pagespeed module 
# This module is currently not supported. 
#pagespeed off; 

index index.php; 
error_page 403 /core/templates/403.php; 
error_page 404 /core/templates/404.php; 

rewrite ^/.well-known/carddav /remote.php/carddav/ permanent; 
rewrite ^/.well-known/caldav /remote.php/caldav/ permanent; 

# The following 2 rules are only needed for the user_webfinger app. 
# Uncomment it if you're planning to use this app. 
#rewrite ^/.well-known/host-meta /public.php?service=host-meta last; 
#rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; 

location = /robots.txt { 
allow all; 
log_not_found off; 
access_log off; 
} 

location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ { 
    deny all; 
} 

location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { 
    deny all; 
} 

location/{ 
    rewrite ^/remote/(.*) /remote.php last; 
    rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; 
    try_files $uri $uri/ =404; 
} 

location ~ \.php(?:$|/) { 
    fastcgi_split_path_info ^(.+\.php)(/.+)$; 
    include fastcgi_params; 
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 
    fastcgi_param PATH_INFO $fastcgi_path_info; 
    fastcgi_param HTTPS on; 
    fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice 
    fastcgi_pass unix:/run/php-fpm/php-fpm.sock; 
    fastcgi_intercept_errors on; 
} 

# Adding the cache control header for js and css files 
# Make sure it is BELOW the location ~ \.php(?:$|/) { block 
location ~* \.(?:css|js)$ { 
add_header Cache-Control "public, max-age=7200"; 
# Add headers to serve security related headers 
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; 
add_header X-Content-Type-Options nosniff; 
add_header X-Frame-Options "SAMEORIGIN"; 
add_header X-XSS-Protection "1; mode=block"; 
add_header X-Robots-Tag none; 
# Optional: Don't log access to assets 
    access_log off; 
    } 

# Optional: Don't log access to other assets 
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ { 
    access_log off; 
} 
}

そして、私がアクセス/etc/nginx/conf.d/owncloud.conf

など/ nginxの/ nginx.conf

http{ 

    include /etc/nginx/conf.d/*.conf; 
    include  mime.types; 
    default_type application/octet-stream; 

    #log_format main '$remote_addr - $remote_user [$time_local] "$request" ' 
    #     '$status $body_bytes_sent "$http_referer" ' 
    #     '"$http_user_agent" "$http_x_forwarded_for"'; 

    #access_log logs/access.log main; 

    sendfile  on; 
    #tcp_nopush  on; 

    #keepalive_timeout 0; 
    keepalive_timeout 65; 

    #gzip on; 

    server { 
    listen  80; 
    server_name localhost; 

    #charset koi8-r; 

    #access_log logs/host.access.log main; 

    location/{ 
     root /usr/share/nginx/html; 
     index index.html index.htm; 
     } 

    #error_page 404    /404.html; 

    # redirect server error pages to the static page /50x.html 
    # 
    error_page 500 502 503 504 /50x.html; 
    location = /50x.html { 
     root /usr/share/nginx/html; 
    } 

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80 
    # 
    #location ~ \.php$ { 
    # proxy_pass http://127.0.0.1; 
    #} 

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000 
    # 
    #location ~ \.php$ { 
    # root   html; 
    # fastcgi_pass 127.0.0.1:9000; 
    # fastcgi_index index.php; 
    # fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name; 
    # include  fastcgi_params; 
    #} 

    # deny access to .htaccess files, if Apache's document root 
    # concurs with nginx's one 
    # 
    #location ~ /\.ht { 
    # deny all; 
    #} 
} 


# another virtual host using mix of IP-, name-, and port-based configuration 
# 
#server { 
# listen  8000; 
# listen  somename:8080; 
# server_name somename alias another.alias; 

# location/{ 
#  root html; 
#  index index.html index.htm; 
# } 
#} 


# HTTPS server 
# 
#server { 
# listen  443 ssl; 
# server_name localhost; 

# ssl_certificate  cert.pem; 
# ssl_certificate_key cert.key; 

# ssl_session_cache shared:SSL:1m; 
# ssl_session_timeout 5m; 

# ssl_ciphers HIGH:!aNULL:!MD5; 
# ssl_prefer_server_ciphers on; 

# location/{ 
#  root html; 
#  index index.html index.htm; 
# } 
# } 
}

私のブラウザからサーバ名を取得すると、これは私にこれを与える:

このサイトにはアクセスできません mycloud.go.comは接続を拒否しました。

私のSSL証明書は、次の場所にあります。私はそれが私を与えるowncloud.confの構文をチェックもした後

の/ etc/nginxの/ SSL

2016/08/19 14:03:02 [emerg] 1513#1513:/etc/nginx/conf.d/owncloud.confの "server"ディレクティブは許可されていません。 nginx:configurationファイル/etc/nginx/conf.d/owncloud.confのテストに失敗しました

出典

2016-08-19 Cristian Gabor

+0

あなたは/etc/php/php.iniを意味しますか? –

+0

ああ... owncloudはphp-fpmモジュールを使っているので、それも含まれているかもしれないと思う。 –

+0

アップストリームでエラーが出てしまった? –

答えて

1

問題が何かを発見しました。私はルータに間違ったポートを設定していました。私は80の外部ポートを設定していましたが、それは443である必要がありました。また、私のowncloud.confが動作しています

server { 

    listen    80; 
    server_name  localhost; 
    return    301 https://$server_name$request_uri;    
} 



server { 

    listen  443; 
    ssl on; 

    server_name localhost; 






    ssl_protocols TLSv1 TLSv1.1 TLSv1.2; 
    ssl_prefer_server_ciphers on; 
    ssl_ciphers 'ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-AES256-GCM-SHA384:DHE-RSA-AES128-GCM-SHA256:DHE-DSS-AES128-GCM-SHA256:kEDH+AESGCM:ECDHE-RSA-AES128-SHA256:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA:ECDHE-ECDSA-AES128-SHA:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA:ECDHE-ECDSA-AES256-SHA:DHE-RSA-AES128-SHA256:DHE-RSA-AES128-SHA:DHE-DSS-AES128-SHA256:DHE-RSA-AES256-SHA256:DHE-DSS-AES256-SHA:DHE-RSA-AES256-SHA:AES128-GCM-SHA256:AES256-GCM-SHA384:AES128-SHA256:AES256-SHA256:AES128-SHA:AES256-SHA:AES:CAMELLIA:DES-CBC3-SHA:!aNULL:!eNULL:!EXPORT:!DES:!RC4:!MD5:!PSK:!aECDH:!EDH-DSS-DES-CBC3-SHA:!EDH-RSA-DES-CBC3-SHA:!KRB5-DES-CBC3-SHA'; 



# Add headers to serve security related headers 
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; 
add_header X-Content-Type-Options nosniff; 
add_header X-Frame-Options "SAMEORIGIN"; 
add_header X-XSS-Protection "1; mode=block"; 
add_header X-Robots-Tag none; 



# Path to the root of your installation 
root /usr/share/webapps/owncloud; 
# set max upload size 
client_max_body_size 10G; 
fastcgi_buffers 64 4K; 

    # Disable gzip to avoid the removal of the ETag header 
gzip off; 

# Uncomment if your server is build with the ngx_pagespeed module 
# This module is currently not supported. 
#pagespeed off;   

index index.php; 
error_page 403 /core/templates/403.php; 
error_page 404 /core/templates/404.php; 


    rewrite ^/.well-known/carddav /remote.php/carddav/ permanent; 
rewrite ^/.well-known/caldav /remote.php/caldav/ permanent; 

location ~ /.well-known { 
      allow all; 
    } 

    location = /robots.txt { 
    allow all; 
    log_not_found off; 
    access_log off; 
} 

location ~ ^/(build|tests|config|lib|3rdparty|templates|data)/ { 
     deny all; 
} 

location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { 
    deny all; 
} 





    location/{ 
    rewrite ^/remote/(.*) /remote.php last; 
    rewrite ^(/core/doc/[^\/]+/)$ $1/index.html; 
    try_files $uri $uri/ =404; 
} 

    location ~ \.php(?:$|/) { 
    fastcgi_split_path_info ^(.+\.php)(/.+)$; 
     fastcgi_pass unix:/run/php-fpm/php-fpm.sock; 
     fastcgi_index index.php; 
    fastcgi_param PATH_INFO $fastcgi_path_info; 
    fastcgi_param HTTPS on;  
     fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; 
    fastcgi_param modHeadersAvailable true; 
    fastcgi_intercept_errors on; 
     include  fastcgi_params; 
    } 


# Adding the cache control header for js and css files 
# Make sure it is BELOW the location ~ \.php(?:$|/) { block 
location ~* \.(?:css|js)$ { 
add_header Cache-Control "public, max-age=7200"; 
# Add headers to serve security related headers 
add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;"; 
add_header X-Content-Type-Options nosniff; 
    add_header X-Frame-Options "SAMEORIGIN"; 
add_header X-XSS-Protection "1; mode=block"; 
add_header X-Robots-Tag none; 
# Optional: Don't log access to assets 
access_log off; 
} 

# Optional: Don't log access to other assets 
location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|swf)$ { 
access_log off; 
} 
}

出典

2016-09-20 13:24:02

関連する問題

 関連する問題