NGINX Config Example
Posted: Wed Mar 03, 2021 8:10 pm
Hello, I'd like to ask for examples and help with nginx configs. I have not been able to find any information on using nginx as the webserver on the forums or through google searches, however, there are a few posts here of members claiming to be using nginx on CentOS and Raspbian (Buster). I have been using TimeTrex on a Windows Server 2016 virtual machine for some time and I want to integrate it into my Linux Debian 10 server. I do not want to use Apache as I already have configured InvoiceNinja & Kimai to use nginx and mariadb with php7.3 and they all function correctly. I have tried to add TimeTrex to the stack to no avail. When I hit the server address or domain directly for TimeTrex, it does attempt to redirect to the install page which appends this quote to the url, but I'm left with error 404. And, if I remove the last block of the config containing "return 404;" my browser tries to download the index.php file.
Windows 10 Pro
Browser= Firefox 86.0
Server Info:
Linux Debian 10.8 (Buster)
MariaDB 10.3.27
PHP 7.3.27-1
NGINX 1.14.2
TimeTrex 12.6.5
NGINX Config
Notably: I am using PHP-FPM pools with TimeTrex having a newly specified user whom owns all the files in place of 'www-data', this is the same for my other operable apps. Also, I am including my step-by-step reference note, but know that it's very messy since it hasn't proven yet.
I set the log output in timetrex.php.ini to default, however, there is only an empty directory. I also set prod=FALSE and debug=TRUE. In nginx's error.log contains
My System:/interface/html5/index.php?installer=1&disable_db=1&external_installer=0#!m=Install&a=license&external_installer=0
Windows 10 Pro
Browser= Firefox 86.0
Server Info:
Linux Debian 10.8 (Buster)
MariaDB 10.3.27
PHP 7.3.27-1
NGINX 1.14.2
TimeTrex 12.6.5
NGINX Config
Code: Select all
# /etc/nginx/sites-available/nginx-timetrex.conf
server {
listen 30080;
# server_name timetrex.mstarm.net;
# Reqwrite - Redirect To HTTPS
# add_header Strict-Transport-Security max-age=2592000;
# rewrite ^ https://$server_name$request_uri? permanent;
#}
#server {
listen 30443 ssl;
server_name timetrex.mstarm.net;
ssl_certificate /etc/ssl/internal/Marte.MStarM.net.crt;
ssl_certificate_key /etc/ssl/internal/Marte.MStarM.net.key;
ssl_protocols TLSv1.2 TLSv1.3;
# ssl_ciphers ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384;
ssl_ciphers 'HIGH:AES256+EECDH:AES256+EDH:!aNULL:!MD5';
ssl_prefer_server_ciphers on;
ssl_session_timeout 5m;
# ssl_ecdh_curve secp384r1;
# ssl_session_cache shared:SSL:10m;
#
# resolver 8.8.8.8 valid=300s;
# resolver_timeout 5s;
#
# add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload";
# add_header X-Frame-Options DENY;
# add_header X-Content-Type-Options nosniff;
# add_header X-XSS-Protection "1; mode=block";
root /var/www/timetrex;
index index.php;
access_log off;
log_not_found off;
location ~ /\.ht {
deny all;
}
location / {
try_files $uri /index.php$is_args$args;
}
location ~ ^/index\.php(/|$) {
fastcgi_pass unix:/run/php/php7.3-fpm-timetrex.sock;
# fastcgi_index index.php;
# fastcgi_read_timeout 240;
# fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
# include fastcgi_params;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi.conf;
fastcgi_param PHP_ADMIN_VALUE "open_basedir=$document_root/..:/tmp/";
internal;
}
location ~ \.php$ {
return 404;
}
}
Code: Select all
2021/03/03 16:37:14 [error] 11032#11032: *1 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.168.10.1, server: timetrex.mstarm.net, request: "GET /interface HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.3-fpm-timetrex.sock:", host: "172.16.30.141:30080"
2021/03/03 16:37:14 [error] 11032#11032: *1 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.168.10.1, server: timetrex.mstarm.net, request: "GET /favicon.ico HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.3-fpm-timetrex.sock:", host: "172.16.30.141:30080", referrer: "http://172.16.30.141:30080/interface"
2021/03/03 16:37:16 [error] 11032#11032: *1 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.168.10.1, server: timetrex.mstarm.net, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.3-fpm-timetrex.sock:", host: "172.16.30.141:30080"
2021/03/03 16:37:17 [error] 11032#11032: *1 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.168.10.1, server: timetrex.mstarm.net, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.3-fpm-timetrex.sock:", host: "172.16.30.141:30080"
2021/03/03 16:37:18 [error] 11032#11032: *1 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.168.10.1, server: timetrex.mstarm.net, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.3-fpm-timetrex.sock:", host: "172.16.30.141:30080"
2021/03/03 16:37:18 [error] 11032#11032: *1 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.168.10.1, server: timetrex.mstarm.net, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.3-fpm-timetrex.sock:", host: "172.16.30.141:30080"
2021/03/03 16:39:46 [error] 11109#11109: *3 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 172.16.30.254, server: timetrex.mstarm.net, request: "GET /favicon.ico HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.3-fpm-timetrex.sock:", host: "timetrex.mstarm.net", referrer: "https://timetrex.mstarm.net/interface/install/install.php"
2021/03/03 16:40:05 [error] 11109#11109: *3 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 172.16.30.254, server: timetrex.mstarm.net, request: "GET /interface HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.3-fpm-timetrex.sock:", host: "timetrex.mstarm.net"
2021/03/03 17:02:11 [error] 12331#12331: *2 FastCGI sent in stderr: "PHP message: PHP Warning: require_once(): open_basedir restriction in effect. File(/var/www/timetrex/includes/global.inc.php) is not within the allowed path(s): (/var/www/timetrex/interface/html5/..:/tmp/) in /var/www/timetrex/interface/html5/index.php on line 40PHP message: PHP Warning: require_once(/var/www/timetrex/includes/global.inc.php): failed to open stream: Operation not permitted in /var/www/timetrex/interface/html5/index.php on line 40PHP message: PHP Fatal error: require_once(): Failed opening required '../../includes/global.inc.php' (include_path='.:/usr/share/php') in /var/www/timetrex/interface/html5/index.php on line 40" while reading response header from upstream, client: 172.16.30.254, server: timetrex.mstarm.net, request: "GET /favicon.ico HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.3-fpm-timetrex.sock:", host: "timetrex.mstarm.net", referrer: "https://timetrex.mstarm.net/interface/install/install.php"
2021/03/03 18:27:17 [error] 15561#15561: *1 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.168.10.1, server: timetrex.mstarm.net, request: "GET /favicon.ico HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.3-fpm-timetrex.sock:", host: "172.16.30.141:30080", referrer: "http://172.16.30.141:30080/interface/html5/index.php?installer=1&disable_db=1&external_installer=0"
2021/03/03 19:58:48 [error] 18408#18408: *2 FastCGI sent in stderr: "PHP message: PHP Warning: is_writable(): open_basedir restriction in effect. File(/var/log/timetrex) is not within the allowed path(s): (/var/www/timetrex/..:/tmp/) in /var/www/timetrex/classes/modules/core/Debug.class.php on line 720PHP message: PHP Warning: is_writable(): open_basedir restriction in effect. File(/var/log/timetrex) is not within the allowed path(s): (/var/www/timetrex/..:/tmp/) in /var/www/timetrex/classes/modules/core/Debug.class.php on line 720PHP message: PHP Warning: is_writable(): open_basedir restriction in effect. File(/var/log/timetrex) is not within the allowed path(s): (/var/www/timetrex/..:/tmp/) in /var/www/timetrex/classes/modules/core/Debug.class.php on line 720" while reading response header from upstream, client: 172.16.30.254, server: timetrex.mstarm.net, request: "GET / HTTP/1.1", upstream: "fastcgi://unix:/run/php/php7.3-fpm-timetrex.sock:", host: "timetrex.mstarm.net"