404 Page not found after successful owncloud setup

10

#1

Hello folks,

I'm really struggling with a files not found problem with owncloud 10. It is installed in /var/www/owncloud and reachable at v.niceserv.de/owncloud. The setup pages worked fine and owncloud got setup successfully (data folders in place, db user setup, ...). Yet, after those 2 pages owncloud is not displayed, instead I receive the 404 page. The interesting part is that it tries to load all .js and .css files of owncloud but fails for all of them with a 404 file not found. I checked the fastcgi_params and they look ok. The config is based on the config of the documentation.

Is there anyone out there that can help me?

Steps to reproduce

  1. Full purge of owncloud-files, nginx, mysql and php5 after unsolvable problems
  2. Setup-page worked, but css and js files were not found
  3. After adapting the root folder in the nginx config, the setup page worked and I was able to install owncloud
  4. No files are found anymore

Expected behaviour

Owncloud files found and working.

Actual behaviour

I can only see the 404 page of owncloud after setup was successfully done. The config nor the permissions of the owncloud folder were not changed after setup.

Server configuration

Operating system:
Debian Jessie (3.16.0-4-amd64 #1 SMP Debian 3.16.43-2+deb8u5 (2017-09-19) x86_64 )
Web server:
Nginx 1.13.8
Database:
mysql Ver 14.14 Distrib 5.5.59, for debian-linux-gnu (x86_64) using readline 6.3
PHP version:
PHP 5PHP 5.6.33-0+deb8u1 (cli)
ownCloud version:
10.0.4.4
Updated from an older ownCloud or fresh install:
Fresh install
Where did you install ownCloud from:
Repository
Signing status (ownCloud 9.0 and above):
No login possible

The content of config/config.php:

{
    "system": {
        "updatechecker": false,
        "instanceid": "123",
        "overwritewebroot": "\/owncloud",
        "passwordsalt": "***REMOVED SENSITIVE VALUE***",
        "secret": "***REMOVED SENSITIVE VALUE***",
        "trusted_domains": [
            "v.nicesrv.de"
        ],
        "datadirectory": "\/var\/oc_data",
        "overwrite.cli.url": "https:\/\/v.nicesrv.de\/owncloud",
        "dbtype": "mysql",
        "version": "10.0.4.4",
        "dbname": "cloud",
        "dbhost": "localhost",
        "dbtableprefix": "oc_",
        "dbuser": "***REMOVED SENSITIVE VALUE***",
        "dbpassword": "***REMOVED SENSITIVE VALUE***",
        "logtimezone": "UTC",
        "installed": true
    }
}

List of activated apps:

Enabled:
  - comments: 0.3.0
  - configreport: 0.1.1
  - dav: 0.3.2
  - federatedfilesharing: 0.3.1
  - federation: 0.1.0
  - files: 1.5.1
  - files_external: 0.7.1
  - files_sharing: 0.10.1
  - files_trashbin: 0.9.1
  - files_versions: 1.3.0
  - files_videoplayer: 0.9.8
  - firstrunwizard: 1.1
  - market: 0.2.3
  - notifications: 0.3.2
  - provisioning_api: 0.5.0
  - systemtags: 0.3.0
  - templateeditor: 0.1
  - updatenotification: 0.2.1
Disabled:
  - encryption
  - external
  - theme-example
  - user_external

Are you using external storage, if yes which one: local/smb/sftp/...
No
Are you using encryption: yes/no
No
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/...
No

Client configuration

Browser:
Firefox 57.0.3 (64-Bit)
Operating system:
Ubuntu 17.10

Logs

Web server error log

2018/01/22 15:05:18 [error] 444#444: *2212 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 88.217.181.181, server: v.nicesrv.de, request: "GET /owncloud/core/js/mimetype.js?v=f23b49e0391ed08afeebaa748ed4956f HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "v.nicesrv.de"
2018/01/22 15:05:18 [error] 444#444: *2210 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 88.217.181.181, server: v.nicesrv.de, request: "GET /owncloud/core/js/mimetypelist.js?v=f23b49e0391ed08afeebaa748ed4956f HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "v.nicesrv.de"
2018/01/22 15:05:18 [error] 444#444: *2211 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 88.217.181.181, server: v.nicesrv.de, request: "GET /owncloud/core/vendor/snapjs/dist/latest/snap.js?v=f23b49e0391ed08afeebaa748ed4956f HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "v.nicesrv.de"
2018/01/22 15:05:18 [error] 444#444: *2213 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 88.217.181.181, server: v.nicesrv.de, request: "GET /owncloud/core/js/oc-backbone.js?v=f23b49e0391ed08afeebaa748ed4956f HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "v.nicesrv.de"
2018/01/22 15:05:18 [error] 444#444: *2214 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 88.217.181.181, server: v.nicesrv.de, request: "GET /owncloud/core/js/placeholder.js?v=f23b49e0391ed08afeebaa748ed4956f HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "v.nicesrv.de"
2018/01/22 15:05:18 [error] 444#444: *2202 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 88.217.181.181, server: v.nicesrv.de, request: "GET /owncloud/core/js/jquery.avatar.js?v=f23b49e0391ed08afeebaa748ed4956f HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "v.nicesrv.de"
2018/01/22 15:05:18 [error] 444#444: *2212 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 88.217.181.181, server: v.nicesrv.de, request: "GET /owncloud/core/js/backgroundjobs.js?v=f23b49e0391ed08afeebaa748ed4956f HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "v.nicesrv.de"
2018/01/22 15:05:18 [error] 444#444: *2210 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 88.217.181.181, server: v.nicesrv.de, request: "GET /owncloud/core/js/files/fileinfo.js?v=f23b49e0391ed08afeebaa748ed4956f HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "v.nicesrv.de"
2018/01/22 15:05:18 [error] 444#444: *2211 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 88.217.181.181, server: v.nicesrv.de, request: "GET /owncloud/core/js/files/client.js?v=f23b49e0391ed08afeebaa748ed4956f HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "v.nicesrv.de"

ownCloud log (data/owncloud.log)

empty

Browser log

Example answer header:
Cache-Control | no-store, no-cache, must-reval…te, post-check=0, pre-check=0
Connection | keep-alive
Content-Security-Policy | default-src 			'self'; script-src…:; media-src *; connect-src *
Content-Type | text/html; 			charset=UTF-8
Date | Mon, 22 Jan 			2018 14:05:16 GMT
Expires | Thu, 19 Nov 			1981 08:52:00 GMT
Pragma | no-cache
Server | nginx/1.13.8
Transfer-Encoding | chunked

Example request header:  
Accept | text/html,application/xhtml+xm…plication/xml;q=0.9,*/*;q=0.8
Accept-Encoding | gzip, 			deflate, br
Accept-Language | de,en-US;q=0.7,en;q=0.3
Cache-Control | max-age=0
Connection | keep-alive
Cookie | ocllja27193p=7ilglqmsnhtr0v2i4…E0OiiKnW9y4KSTMi5m59lUIyQanHx
DNT | 1
Host | v.nicesrv.de
Upgrade-Insecure-Requests | 1
User-Agent | Mozilla/5.0 (X11; Ubuntu; Linu…) Gecko/20100101 Firefox/57.0

Configs

nginx.conf

user www-data; #nginx;
worker_processes  2;

error_log  /var/log/nginx/error.log warn;
pid        /var/run/nginx.pid;


events {
    worker_connections  1024;
}


http {
    include       mime.types;
    default_type  application/octet-stream;

    log_format  main  '$remote_addr - $remote_user [$time_local] "$request" '
                      '$status $body_bytes_sent "$http_referer" '
                      '"$http_user_agent" "$http_x_forwarded_for"';

    log_format scripts '$document_root > $fastcgi_script_name > $request';

    access_log  /var/log/nginx/access.log  main;

    sendfile        on;
    #tcp_nopush     on;

    keepalive_timeout  65;

    #gzip  on;

    include /etc/nginx/conf.d/*.conf;
}

cloud.conf in conf.d folder

upstream php-handler {
    #server 127.0.0.1:9000;
    # Depending on your used PHP version
    server unix:/var/run/php5-fpm.sock;
    #server unix:/var/run/php7-fpm.sock;
}

server {
    listen 80;
    server_name v.nicesrv.de;

    # For Lets Encrypt, this needs to be served via HTTP
    location /.well-known/acme-challenge/ {
        root /var/www/owncloud; # Specify here where the challenge file is placed
    }

    # enforce https
    location / {
        return 301 https://$server_name$request_uri;
    }
}

server {
    listen 443 ssl http2;
    server_name v.nicesrv.de;

    ssl_certificate /etc/letsencrypt/live/v.nicesrv.de/fullchain.pem;
    ssl_certificate_key /etc/letsencrypt/live/v.nicesrv.de/privkey.pem;

    # Example SSL/TLS configuration. Please read into the manual of
    # nginx before applying these.
    ssl_session_timeout 5m;
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
    ssl_ciphers "-ALL:EECDH+AES256:EDH+AES256:AES256-SHA:EECDH+AES:EDH+AES:!ADH:!NULL:!aNULL:!eNULL:!EXPORT:!LOW:!MD5:!3DES:!PSK:!SRP:!DSS:!AESGCM:!RC4";
    ssl_dhparam /etc/letsencrypt/diffie-hellman/dhparam4096.pem;
    ssl_prefer_server_ciphers on;
    keepalive_timeout    70;
    ssl_stapling on;
    ssl_stapling_verify on;

    # Add headers to serve security related headers
    # Before enabling Strict-Transport-Security headers please read into this topic first.
    #add_header Strict-Transport-Security "max-age=15552000; includeSubDomains";
    add_header X-Content-Type-Options nosniff;
    add_header X-Frame-Options "SAMEORIGIN";
    add_header X-XSS-Protection "1; mode=block";
    add_header X-Robots-Tag none;
    add_header X-Download-Options noopen;
    add_header X-Permitted-Cross-Domain-Policies none;

    add_header Z-SCRIPT_FILENAME $document_root$fastcgi_script_name;
    add_header Z-ROOT $document_root;
    add_header Z-SCRIPT_NAME $fastcgi_script_name; # necessary for owncloud to detect the contextr$
    add_header Z-PATH_INFO $fastcgi_path_info;
    add_header Z-URI $uri;
    add_header Z-REQUEST_URI $request_uri;
    add_header Z-QUERY_STRING $query_string;
    add_header Z-REQUEST_METHOD $request_method;


    # Path to the root of your installation
    root /var/www/;

    location = /robots.txt {
        allow all;
        log_not_found off;
        access_log off;
    }


    location = /.well-known/carddav {
        return 301 $scheme://$host/owncloud/remote.php/dav;
    }
    location = /.well-known/caldav {
        return 301 $scheme://$host/owncloud/remote.php/dav;
    }

    location ^~ /owncloud {

access_log /var/log/nginx/scripts.log scripts;

        root /var/www/; #owncloud/;

        # set max upload size
        client_max_body_size 512M;
        fastcgi_buffers 8 4K;                     # Please see note 1
        fastcgi_ignore_headers X-Accel-Buffering; # Please see note 2


        # Disable gzip to avoid the removal of the ETag header
        # Enabling gzip would also make your server vulnerable to BREACH
        # if no additional measures are done. See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773332
        gzip off;

        error_page 403 /owncloud/core/templates/403.php;
        error_page 404 /owncloud/core/templates/404.php;

        location /owncloud {
            rewrite ^ /owncloud/index.php$uri;
        }

        location ~ ^/owncloud/(?:build|tests|config|lib|3rdparty|templates|data)/ {
            return 404;
        }
        location ~ ^/owncloud/(?:\.|autotest|occ|issue|indie|db_|console) {
            return 404;
        }

        location ~ ^/owncloud/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|core/templates/40[34])\.php(?:$|/) {
            fastcgi_split_path_info ^/owncloud(.+\.php)(/.*)$;
            include fastcgi_params;
            fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
            fastcgi_param SCRIPT_NAME $fastcgi_script_name; # necessary for owncloud to detect the contextroot https://github.com/owncloud/core/blob/v10.0.$
            fastcgi_param PATH_INFO $fastcgi_path_info;
            fastcgi_param HTTPS on;
            fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice
            # EXPERIMENTAL: active the following if you need to get rid of the 'index.php' in the URLs
            #fastcgi_param front_controller_active true;
            fastcgi_read_timeout 180; # increase default timeout e.g. for long running carddav/ caldav syncs with 1000+ entries
            fastcgi_pass php-handler;
            fastcgi_intercept_errors on;
            fastcgi_request_buffering off; #Available since NGINX 1.7.11
        }

        location ~ ^/owncloud/(?:updater|ocs-provider)(?:$|/) {
            try_files $uri $uri/ =404;
            index index.php;
        }

        # Adding the cache control header for js and css files
        # Make sure it is BELOW the PHP block
        location ~ /owncloud(\/.*\.(?:css|js)) {
            try_files $1 /owncloud/index.php$1$is_args$args;
            add_header Cache-Control "max-age=15778463";
            # Add headers to serve security related headers  (It is intended to have those duplicated to the ones above)
            # Before enabling Strict-Transport-Security headers please read into this topic first.
            #add_header Strict-Transport-Security "max-age=15552000; includeSubDomains";
            add_header X-Content-Type-Options nosniff;
            add_header X-Frame-Options "SAMEORIGIN";
            add_header X-XSS-Protection "1; mode=block";
            add_header X-Robots-Tag none;            
            add_header X-Download-Options noopen;
            add_header X-Permitted-Cross-Domain-Policies none;
            # Optional: Don't log access to assets
            access_log on; #off;

        }

        location ~ /owncloud(/.*\.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg|map)) {
            try_files $1 /owncloud/index.php$1$is_args$args;
            add_header Cache-Control "public, max-age=7200";
            # Optional: Don't log access to other assets
            access_log off;
        }
    }
}

Folder permissions of owncloud directory

-rw-r-----  1 root     www-data  8859 Dec  5 17:14 AUTHORS
-rw-r-----  1 root     www-data 36228 Dec  5 17:14 CHANGELOG.md
-rw-r-----  1 root     www-data 34520 Dec  5 17:14 COPYING
drwxr-x--- 24 www-data www-data  4096 Jan  7 14:11 apps
drwxr-x---  2 root     www-data  4096 Dec  5 20:52 assets
drwxr-x---  2 www-data www-data  4096 Jan  7 14:12 config
-rw-r-----  1 root     www-data  4345 Dec  5 17:14 console.php
drwxr-x--- 17 root     www-data  4096 Jan  7 14:11 core
-rw-r-----  1 root     www-data  4969 Dec  5 17:14 cron.php
drwxr-x---  2 root     www-data  4096 Jan  7 14:12 data
-rw-r-----  1 root     www-data 30898 Dec  5 17:14 db_structure.xml
drwxr-x---  2 root     www-data  4096 Dec  5 20:52 etc
-rw-r-----  1 root     www-data   179 Dec  5 17:14 index.html
-rw-r-----  1 root     www-data  3898 Dec  5 17:14 index.php
drwxr-x---  3 root     www-data  4096 Jan  7 14:11 l10n
drwxr-x---  6 root     www-data  4096 Jan  7 14:11 lib
-rwxr-x--x  1 root     www-data   283 Dec  5 17:14 occ
drwxr-x---  2 root     www-data  4096 Jan  7 14:11 ocs
drwxr-x---  2 root     www-data  4096 Jan  7 14:11 ocs-provider
-rw-r-----  1 root     www-data  3197 Dec  5 17:14 public.php
-rw-r-----  1 root     www-data  5481 Dec  5 17:14 remote.php
drwxr-x---  4 root     www-data  4096 Jan  7 14:10 resources
drwxr-x--- 12 root     www-data  4096 Jan  7 14:11 settings
-rw-r-----  1 root     www-data  1884 Dec  5 17:14 status.php
drwxr-x---  6 www-data www-data  4096 Jan  7 14:11 updater
-rw-r-----  1 root     www-data   271 Dec  5 17:16 version.php

#2

I assume the default configuration proposed in the documentation works, so this is a configuration problem.

Maybe, if you can somehow mark what did you change, it might be easier to detect what's wrong


#3

I compared the example config (left) to my actual config (right). The changes are minimal and mainly due to php and ssl adaption. The main difference is the root folder inside the owncloud location. Yet, this deviation was necessary to make the setup page work. The original var/www/owncloud resulted in a path like var/www/owncloud/owncloud/index.php.


#4

A couple of things to check:

  • Check access via http in order to confirm possible problems in the https configuration.
  • The upstream php-handler might not be working properly. At least the error seems weird to me. I don't really know how we can verify that it's working properly though, or it just a configuration issue in nginx

#5

The config successfully displays a phpinfo() page. The fastcgi_params are the following. I think they are ok as there is no double folder like /owncloud/ownclod/...

Z-REQUEST_METHOD	
GET
Z-REQUEST_URI	
/owncloud/index.php
Z-ROOT	
/var/www
Z-SCRIPT_FILENAME	
/var/www/owncloud/index.php
Z-SCRIPT_NAME	
/owncloud/index.php
Z-URI	
/owncloud/index.php

I also tried the config with http without 433 and SSL config items. I could not make it work so far. Nginx still forwards to https and then reduce a 404 for all files.


#6

try this (changing root not neccessary in your case):
https://central.owncloud.org/t/struggling-with-nginx-configuration-with-owncloud-10-0-4-in-subdirectory/11213/6?u=bernie_o


#7

It worked!!!!
Thank you so much! I've been struggling with this issue for 4 weeks now.

Are these things mistakes in the original config?


#8

IMHO: yes they are. I just created a pull request:


#9

Good thing. This config issue was driving me crazy!