nginx and owncloud in subfolder

Question

I want to have a owncloud instance in a subfolder on my nginx server. But I have problems with some of the files requested by opwncloud (it seems css and js don't load).

Here is the nginx conf file for this virtual host :

server {
   listen         80;
   server_name    blackblock.22decembre.eu;
   return 301     https://blackblock.22decembre.eu$request_uri;
}

server {
listen 443 default_server ssl;

server_name blackblock.22decembre.eu;
root /srv/www/blackblock/;

access_log  /var/log/nginx/blackblock.access.log;
error_log   /var/log/nginx/blackblock.errors.log;

index index.html index.php;

# This block will catch static file requests, such as images, css, js
# The : prefix is a "non-capturing" mark, meaning we do not require
# the pattern to be captured into $1 which should help improve performance
location ~* \.(:ico|css|js|gif|jpeg|png)$ {
    # Some basic cache-control for static files to be sent to the browser
    expires max;
    add_header Pragma public;
    add_header Cache-Control "public, must-revalidate, proxy-revalidate";
}

# remove the robots line if you want to use wordpress" virtual robots.txt
# location = /robots.txt { access_log off; log_not_found off; }
location = /favicon.ico { access_log off; log_not_found off; }

# this prevents hidden files (beginning with a period) from being served
location ~ /\. { access_log off; log_not_found off; deny all; }

#location ~ ^(?<script_name>.+?\.php)(?<path_info>/.*)?$ {
location ~ \.php {
    fastcgi_param SCRIPT_NAME $fastcgi_script_name;
    #fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param PATH_INFO $path_info;
    fastcgi_index index.php;
    fastcgi_pass unix:/run/php5-fpm.sock;
    include fastcgi_params;
}

location /roundcube/program/js/tiny_mce/ { alias /usr/share/tinymce/www/; }
location /roundcube/(config|temp|logs) { deny all;}

 ##### owncloud
 location ~ /owncloud/ {
root /srv/www/blackblock/owncloud/;
try_files $uri $uri/ index.php;

#client_max_body_size 10G; # set max upload size
    #fastcgi_buffers 64 4K;

    rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;
    rewrite ^/carddav(.*)$ /remote.php/carddav$1 redirect;
    rewrite ^/webdav(.*)$ /remote.php/webdav$1 redirect;

    location ~ ^/remote.php(/.*)$ {
            fastcgi_split_path_info ^(.+\.php)(/.*)$;
            fastcgi_pass unix:/run/php5-fpm.sock;
    include fastcgi_params;
    }

    error_page 403 /core/templates/403.php;
    error_page 404 /core/templates/404.php;

    location ~ ^/(data|config|\.ht|db_structure\.xml|README) {
            deny all;
    }

# The following 2 rules are only needed with webfinger
rewrite ^/.well-known/host-meta /public.php?service=host-meta last;
rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last;
rewrite ^/.well-known/carddav /remote.php/carddav/ redirect;
rewrite ^/.well-known/caldav /remote.php/caldav/ redirect;
rewrite ^(/core/doc/[^\/]+/)$ $1/index.html;

    # Optional: set long EXPIRES header on static assets
    #location ~* ^.+\.(jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
     #       expires 30d;
            # Optional: Don't log access to assets
      #      access_log off;
#   }
}

    ##### torrent (not related to owncloud, flask application)
location = /flask-torrent { rewrite ^ /flask-torrent/ last; }

 }

I can't find why owncloud doesn't load correctly ! You can have a look at the website, I feel fine and secured for that : https://blackblock.22decembre.eu/owncloud/ (cacert certificates). If I launch a specific virtual host for owncloud, it works perfectly, but I don't want, I prefer it in a subfolder of this host (blackblock) !

Answer 1

The reason why ownCloud doesn't work in a subfolder with nginx is that nginx, by default, doesn't include the subfolder in the parameter SCRIPT_NAME. If ownCloud is at domain.tld/owncloud/index.php, it expects $_SERVER['SCRIPT_NAME'] to be /owncloud/index.php, but nginx by default (if you include fastcgi_params;) sets it to index.php. The solution is to override the behaviour: add fastcgi_param SCRIPT_NAME /owncloud/$fastcgi_script_name; to the php-location-block in the nginx conf file.

Relevant parts of my nginx configuration file follow. Please note that I haven't tested it completely; on the first look it seems to work though. My System: nginx 1.2.1 and php 5.4.4 on Debian Wheezy 64 bit.

    location /owncloud/ {
            alias /var/www/owncloud/;
            location ~ ^/owncloud/(data|config|\.ht|db_structure\.xml|README) {
                    deny all;
            }
            rewrite ^/owncloud/caldav(.*)$ /owncloud/remote.php/caldav$1 redirect;
            rewrite ^/owncloud/carddav(.*)$ /owncloud/remote.php/carddav$1 redirect;
            rewrite ^/owncloud/webdav(.*)$ /owncloud/remote.php/webdav$1 redirect;
            rewrite ^/owncloud/.well-known/host-meta /owncloud/public.php?service=host-meta last;
            rewrite ^/owncloud/.well-known/host-meta.json /owncloud/public.php?service=host-meta-json last;

            rewrite ^/owncloud/.well-known/carddav /owncloud/remote.php/carddav/ redirect;
            rewrite ^/owncloud/.well-known/caldav /owncloud/remote.php/caldav/ redirect;

            rewrite ^/owncloud/apps/([^/]*)/(.*\.(css|php))$ /owncloud/index.php?app=$1&getfile=$2 last;
            rewrite ^(/owncloud/core/doc/[^\/]+/)$ $1/index.html;

            try_files $uri $uri/ index.php;

            location ~ ^/owncloud/(.+?\.php)/? {  # note the question mark here and in the next line!
                    fastcgi_split_path_info ^/owncloud/(.+?\.php)(/?.*)$;
                    set $path_info $fastcgi_path_info;  # workaround for bug: try_files resets fastcgi_path_info for some reason.
                    try_files $fastcgi_script_name = 404;
                    include fastcgi_params;
                    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                    fastcgi_param PATH_INFO $path_info;
                    fastcgi_param HTTPS on;
                    fastcgi_param SCRIPT_NAME /owncloud/$fastcgi_script_name;  # !!!
                    fastcgi_pass unix:/var/run/php5-fpm.sock;
            }
    }

Answer 2

None of the other answers worked for me, I finally got a working solution from this blog: http://www.aelog.org/install-owncloud-in-a-subdirectory-using-nginx/

Here's a version:

server {
    listen 80;
    server_name example.com;
    # enforce https
    return 301 https://$server_name$request_uri;
}

server {
    listen 443 ssl;
    server_name example.com;

    ssl_certificate /etc/ssl/nginx/cloud.example.com.crt;
    ssl_certificate_key /etc/ssl/nginx/cloud.example.com.key;

    # Add headers to serve security related headers
    add_header Strict-Transport-Security "max-age=15768000; includeSubDomains; preload;";
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;

    # Path to the root of your website (one level above owncloud folder)
    root /var/www;
    # set max upload size
    client_max_body_size 10G;
    fastcgi_buffers 64 4K;

    # Disable gzip to avoid the removal of the ETag header
    gzip off;

    # Uncomment if your server is build with the ngx_pagespeed module
    # This module is currently not supported.
    #pagespeed off;

    # ownCloud blacklist
    location ~ ^/owncloud/(?:\.htaccess|data|config|db_structure\.xml|README) {
        deny all;
        error_page 403 = /owncloud/core/templates/403.php;
    }

    index index.php;

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }

    location ~ ^/(?:\.htaccess|data|config|db_structure\.xml|README){
        deny all;
    }

    location /owncloud {
        error_page 403 = /owncloud/core/templates/403.php;
        error_page 404 = /owncloud/core/templates/404.php;

        rewrite ^/owncloud/caldav(.*)$ /remote.php/caldav$1 redirect;
        rewrite ^/owncloud/carddav(.*)$ /remote.php/carddav$1 redirect;
        rewrite ^/owncloud/webdav(.*)$ /remote.php/webdav$1 redirect;

        rewrite ^(/owncloud/core/doc[^\/]+/)$ $1/index.html;

        # The following rules are only needed with webfinger
        rewrite ^/owncloud/.well-known/host-meta /public.php?service=host-meta last;
        rewrite ^/owncloud/.well-known/host-meta.json /public.php?service=host-meta-json last;
        rewrite ^/owncloud/.well-known/carddav /remote.php/carddav/ redirect;
        rewrite ^/owncloud/.well-known/caldav /remote.php/caldav/ redirect;

        try_files $uri $uri/ index.php;
    }

    location ~ \.php(?:$|/) {
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
        fastcgi_param HTTPS on;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
    }

    location / {
         root /var/www/html/;
         index index.html;
    }

    # Optional: set long EXPIRES header on static assets
    location ~* \.(?:jpg|jpeg|gif|bmp|ico|png|css|js|swf)$ {
        expires 30d;
        # Optional: Don't log access to assets
        access_log off;
    }
}

I've created a documentation pull request here: https://github.com/owncloud/documentation/pull/1704

Answer 3

Apologies if you have reviewed this already but there are a few items including multiple Nginx location directives that are absent from the config you posted. I would recommend looking at the configuration notes (link at the bottom of this post) and ensuring that you have Nginx location directives for ownCloud and ownCloud data.

Check the Nginx PHP handler:

Your Nginx configuration should include a handler for PHP5-FPM, put this before the server directive at the top of the Nginx configuration:

upstream php5-fpm-handler {
        server unix:/var/run/php5-fpm.sock;
}

Check the Nginx directives:

Examples:

location /owncloud {
   rewrite ^ https://$http_host$request_uri? permanent;
   }

   location ~ ^/owncloud/(data|config|\.ht|db_structure\.xml|README) {
         deny all;
   }

Check the PHP5-FPM configuration:

Also, please ensure that you PHP5-FPM pool configuration (usually somewhere like /etc/php5/fpm/pool.d/www.conf on Ubuntu) is set to listen on the socket and not a TCP port which should match your handler. The configuration directives for PHP5-FPM socket versus port follow.

Example socket:

listen = /var/run/php5-fpm.sock

Example port (commented out to match the upstream handler):

;listen = 127.0.0.1:9000

Also, if you have not already done so, please take a look at the ownCloud configuration notes for Nginx.

http://doc.owncloud.org/server/5.0/admin_manual/installation/installation_others.html

Answer 4

First let me point out that / isn't working yet /index.php is working, which means that the index statement for some reason isn't working, or that your URI is matching another block.

To be safe rewrite location ~ /owncloud/ to location ^~ /owncloud

Your config needs a lot of rewriting, mind that the default configuration was made for owncloud installed on root directory, yours in a subdirecotry you need to fix few things, like keep in mind that $uri would include /owncloud and /file.ext would hop outside the owncloud folder, so all rewrites that are like

rewrite ^/caldav(.*)$ /remote.php/caldav$1 redirect;

need to be fixed because of 2 things,

1. ^/caldav(.*)$ will never happen, uri will always begin with ^/owncloud
2. /remote.php/... will look outside owncloud

A fix would be something like this:

rewrite ^/owncloud/caldav(.*)$ /owncloud/remote.php/caldav$1 redirect;

Try those for a start and tell me how it goes.