Steps to reproduce
- Manual installation of ownCloud
- Install nginx, SSL certificate, MySQL, php-fpm and all prerequisites
- here is the nginx config:
upstream php-handler {
server 127.0.0.1:9000; # Depending on your used PHP version # server unix:/var/run/php5-fpm.sock; #server unix:/run/php/php7.2-fpm.sock;}
server {listen 80; server_name cloud.bdevay.duckdns.org; # For SSL certificate verifications, this needs to be served via HTTP location /.well-known/(acme-challenge|pki-validation)/ { root /var/www/.well-known/pki-validation/; } # enforce https location / { return 301 XXXXS://$server_name$request_uri; }}
server {listen 443 ssl http2; server_name cloud.bdevay.duckdns.org; ssl_certificate /etc/ssl/nginx/certificate.crt; ssl_certificate_key /etc/ssl/nginx/private.key; # Example SSL/TLS configuration. Please read into the manual of NGINX before applying these. ssl_session_timeout 5m; ssl_protocols TLSv1 TLSv1.1 TLSv1.2; ssl_ciphers "-ALL:EECDH+AES256:EDH+AES256:AES256-SHA:EECDH+AES:EDH+AES:!ADH:!NULL:!aNULL:!eNULL:!EXPORT:!LOW:!MD5:!3DES:!PSK:!SRP:!DSS:!AESGCM:!RC4"; ssl_dhparam /etc/nginx/dh4096.pem; ssl_prefer_server_ciphers on; keepalive_timeout 70; ssl_stapling on; ssl_stapling_verify on; # Add headers to serve security related headers # The always parameter ensures that the header is set for all responses, including internally generated error responses. # Before enabling Strict-Transport-Security headers please read into this topic first. # XXXXS://www.nginx.com/blog/http-strict-transport-security-hsts-and-nginx/ #add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload" always; add_header X-Content-Type-Options nosniff always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-XSS-Protection "1; mode=block" always; add_header X-Robots-Tag none always; add_header X-Download-Options noopen always; add_header X-Permitted-Cross-Domain-Policies none always; # Path to the root of your installation root /var/www/owncloud/; location = /robots.txt { allow all; log_not_found off; access_log off; } # The following 2 rules are only needed for the user_webfinger app. # Uncomment it if you're planning to use this app. # rewrite ^/.well-known/host-meta /public.php?service=host-meta last; # rewrite ^/.well-known/host-meta.json /public.php?service=host-meta-json last; location = /.well-known/carddav { return 301 $scheme://$host/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host/remote.php/dav; } # set max upload size client_max_body_size 512M; fastcgi_buffers 8 4K; # Please see note 1 fastcgi_ignore_headers X-Accel-Buffering; # Please see note 2 # Disable gzip to avoid the removal of the ETag header # Enabling gzip would also make your server vulnerable to BREACH # if no additional measures are done. See XXXXS://bugs.debian.org/cgi-bin/bugreport.cgi?bug=773332 gzip off; # Uncomment if your server is build with the ngx_pagespeed module # This module is currently not supported. #pagespeed off; error_page 403 /core/templates/403.php; error_page 404 /core/templates/404.php; location / { rewrite ^ /index.php$uri; } location ~ ^/(?:build|tests|config|lib|3rdparty|templates|data)/ { return 404; } location ~ ^/(?:\.|autotest|occ|issue|indie|db_|console) { return 404; } location ~ ^/(?:index|remote|public|cron|core/ajax/update|status|ocs/v[12]|updater/.+|ocs-provider/.+|ocm-provider/.+|core/templates/40[34])\.php(?:$|/) { fastcgi_split_path_info ^(.+\.php)(/.*)$; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param SCRIPT_NAME $fastcgi_script_name; # necessary for owncloud to detect the contextroot XXXXS://github.com/owncloud/core/blob/v10.0.0/lib/private/AppFramework/Http/Request.php#L603 fastcgi_param PATH_INFO $fastcgi_path_info; fastcgi_param HTTPS on; fastcgi_param modHeadersAvailable true; #Avoid sending the security headers twice fastcgi_param front_controller_active true; fastcgi_read_timeout 180; # increase default timeout e.g. for long running carddav/ caldav syncs with 1000+ entries # fastcgi_pass php-handler; fastcgi_pass 127.0.0.1:9000; fastcgi_intercept_errors on; fastcgi_request_buffering off; #Available since NGINX 1.7.11 } location ~ ^/(?:updater|ocs-provider|ocm-provider)(?:$|/) { try_files $uri $uri/ =404; index index.php; } # Adding the cache control header for js and css files # Make sure it is BELOW the PHP block location ~ \.(?:css|js)$ { try_files $uri /index.php$uri$is_args$args; add_header Cache-Control "max-age=15778463" always; # Add headers to serve security related headers (It is intended to have those duplicated to the ones above) # The always parameter ensures that the header is set for all responses, including internally generated error responses. # Before enabling Strict-Transport-Security headers please read into this topic first. # XXXXS://www.nginx.com/blog/http-strict-transport-security-hsts-and-nginx/ #add_header Strict-Transport-Security "max-age=15552000; includeSubDomains; preload" always; add_header X-Content-Type-Options nosniff always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-XSS-Protection "1; mode=block" always; add_header X-Robots-Tag none always; add_header X-Download-Options noopen always; add_header X-Permitted-Cross-Domain-Policies none always; # Optional: Don't log access to assets access_log off; } location ~ \.(?:svg|gif|png|html|ttf|woff|ico|jpg|jpeg|map|json)$ { add_header Cache-Control "public, max-age=7200" always; try_files $uri /index.php$uri$is_args$args; # Optional: Don't log access to other assets access_log off; }}
Expected behaviour
CSS and Javascript content should be displayed on web
Actual behaviour
Browser displays the login text boxes but no buttons, no style available
Server configuration
Operating system:
Linux 5.4.0-42-generic #46~18.04.1-Ubuntu SMP Fri Jul 10 07:21:24 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
Distributor ID: Ubuntu
Description: Ubuntu 18.04.5 LTS
Release: 18.04
Codename: bionic
Web server:
nginx version: nginx/1.14.0 (Ubuntu)
Database:
MySQL Server version: 5.7.31-0ubuntu0.18.04.1 (Ubuntu)
PHP version:
PHP 7.2.24-0ubuntu0.18.04.6 (cli) (built: May 26 2020 13:09:11) ( NTS )
ownCloud version: (see ownCloud admin page)
$OC_VersionString = â10.5.0â;
$OC_Build = â2020-08-03T07:16:07+00:00 dc16af58beb6050976fd62bf683da0232034e1c6â;
Updated from an older ownCloud or fresh install:
Fresh install
Where did you install ownCloud from:
owncloud-complete-20200731.zip
Signing status (ownCloud 9.0 and above):
Unsigned. Unable to login since the controls are not displayed.
The content of config/config.php:
{
âsystemâ: {
âpasswordsaltâ: âREMOVED SENSITIVE VALUEâ,
âsecretâ: âREMOVED SENSITIVE VALUEâ,
âtrusted_domainsâ: [
âlocalhostâ,
âcloud.bdevay.duckdns.orgâ
],
âdatadirectoryâ: â/mnt/documents/www/owncloud/dataâ,
âoverwrite.cli.urlâ: âhttp://localhostâ,
âdbtypeâ: âmysqlâ,
âversionâ: â10.5.0.10â,
âdbnameâ: âowncloudâ,
âdbhostâ: âlocalhostâ,
âdbtableprefixâ: âoc_â,
âmysql.utf8mb4â: true,
âdbuserâ: âREMOVED SENSITIVE VALUEâ,
âdbpasswordâ: âREMOVED SENSITIVE VALUEâ,
âlogtimezoneâ: âUTCâ,
âapps_pathsâ: [
{
âpathâ: â/mnt/documents/www/owncloud/appsâ,
âurlâ: â/appsâ,
âwritableâ: false
},
{
âpathâ: â/mnt/documents/www/owncloud/apps-externalâ,
âurlâ: â/apps-externalâ,
âwritableâ: true
}
],
âinstalledâ: true,
âinstanceidâ: âocyzljj5kjshâ
}
}
List of activated apps:
Enabled:
- activity: 2.5.3
- comments: 0.3.0
- configreport: 0.2.0
- dav: 0.6.0
- federatedfilesharing: 0.5.0
- federation: 0.1.0
- files: 1.5.2
- files_external: 0.7.1
- files_mediaviewer: 1.0.3
- files_pdfviewer: 0.11.1
- files_sharing: 0.13.0
- files_texteditor: 2.3.0
- files_trashbin: 0.9.1
- files_versions: 1.3.0
- firstrunwizard: 1.2.0
- market: 0.6.0
- notifications: 0.5.2
- provisioning_api: 0.5.0
- systemtags: 0.3.0
- templateeditor: 0.4.0
- updatenotification: 0.2.1
Disabled: - admin_audit
- announcementcenter
- customgroups
- encryption
- enterprise_key
- external
- files_antivirus
- files_classifier
- files_external_dropbox
- files_external_ftp
- files_ldap_home
- firewall
- guests
- oauth2
- password_policy
- ransomware_protection
- sharepoint
- systemtags_management
- theme-enterprise
- twofactor_totp
- user_external
- user_ldap
- user_shibboleth
- windows_network_drive
- wopi
- workflow
Are you using external storage, if yes which one: local/smb/sftp/âŚ
no
Are you using encryption: yes/no
no
Are you using an external user-backend, if yes which one: LDAP/ActiveDirectory/Webdav/âŚ
no
LDAP configuration (delete this part if not used)
There are no commands defined in the âldapâ namespace.
Client configuration
Browser:
Chrome
Operating system:
Windows 10
Logs
Web server error log
2020/08/08 01:22:32 [alert] 28773#28773: *32 open socket #16 left in connection 6
2020/08/08 01:22:32 [alert] 28773#28773: aborting
2020/08/08 01:29:07 [alert] 29005#29005: *219 open socket #15 left in connection 8
2020/08/08 01:29:07 [alert] 29005#29005: aborting
ownCloud log (data/owncloud.log)
{âreqIdâ:âiO3tUJfPuLUZKRib9xwvâ,âlevelâ:3,âtimeâ:â2020-08-07T23:39:59+00:00â,âremoteAddrâ:"",âuserâ:"â",âappâ:âmysql.setupâ,âmethodâ:"â",âurlâ:"â",âmessageâ:âSpecific user creation failed: An exception occurred while executing âSELECT user FROM mysql.user WHERE user=?â with params [âoc_adminâ]:\n\nSQLSTATE[42000]: Syntax error or access violation: 1142 SELECT command denied to user âadminâ@âlocalhostâ for table âuserââ}
Browser log
Refused to apply style from âXXXXs://cloud.bdevay.duckdns.org/core/vendor/select2/select2.css?v=156c1a1cd2fc4710f74b3613142c96e9â because its MIME type (âtext/htmlâ) is not a supported stylesheet MIME type, and strict MIME checking is enabled.
login:1 Refused to apply style from âXXXXs://cloud.bdevay.duckdns.org/core/css/header.css?v=156c1a1cd2fc4710f74b3613142c96e9â because its MIME type (âtext/htmlâ) is not a supported stylesheet MIME type, and strict MIME checking is enabled.
login:1 Refused to apply style from âXXXXs://cloud.bdevay.duckdns.org/core/vendor/jquery-ui/themes/base/jquery-ui.css?v=156c1a1cd2fc4710f74b3613142c96e9â because its MIME type (âtext/htmlâ) is not a supported stylesheet MIME type, and strict MIME checking is enabled.
39Refused to execute script from ââ because its MIME type (âtext/cssâ) is not executable, and strict MIME type checking is enabled.
jquery.ocdialog.js?v=156c1a1cd2fc4710f74b3613142c96e9:194 Uncaught ReferenceError: jQuery is not defined
at jquery.ocdialog.js?v=156c1a1cd2fc4710f74b3613142c96e9:194
octemplate.js?v=156c1a1cd2fc4710f74b3613142c96e9:104 Uncaught ReferenceError: jQuery is not defined
at octemplate.js?v=156c1a1cd2fc4710f74b3613142c96e9:104
search.js?v=156c1a1cd2fc4710f74b3613142c96e9:397 Uncaught ReferenceError: OCA is not defined
at search.js?v=156c1a1cd2fc4710f74b3613142c96e9:397
at search.js?v=156c1a1cd2fc4710f74b3613142c96e9:398
login:1 Refused to execute script from âXXXXs://cloud.bdevay.duckdns.org/core/js/oc-requesttoken.js?v=156c1a1cd2fc4710f74b3613142c96e9â because its MIME type (âtext/htmlâ) is not executable, and strict MIME type checking is enabled.
select2.js?v=156c1a1cd2fc4710f74b3613142c96e9:39 Uncaught ReferenceError: jQuery is not defined
at select2.js?v=156c1a1cd2fc4710f74b3613142c96e9:39
oc-backbone.js?v=156c1a1cd2fc4710f74b3613142c96e9:104 Uncaught ReferenceError: jQuery is not defined
at oc-backbone.js?v=156c1a1cd2fc4710f74b3613142c96e9:104
oc-backbone-webdav.js?v=156c1a1cd2fc4710f74b3613142c96e9:397 Uncaught ReferenceError: OCA is not defined
at oc-backbone-webdav.js?v=156c1a1cd2fc4710f74b3613142c96e9:397
at oc-backbone-webdav.js?v=156c1a1cd2fc4710f74b3613142c96e9:398
sharemodel.js?v=156c1a1cd2fc4710f74b3613142c96e9:397 Uncaught ReferenceError: OCA is not defined
at sharemodel.js?v=156c1a1cd2fc4710f74b3613142c96e9:397
at sharemodel.js?v=156c1a1cd2fc4710f74b3613142c96e9:398
sharedialogresharerinfoview.js?v=156c1a1cd2fc4710f74b3613142c96e9:12 Uncaught ReferenceError: OC is not defined
at sharedialogresharerinfoview.js?v=156c1a1cd2fc4710f74b3613142c96e9:12
at sharedialogresharerinfoview.js?v=156c1a1cd2fc4710f74b3613142c96e9:124
sharedialoglinkshareview.js?v=156c1a1cd2fc4710f74b3613142c96e9:397 Uncaught ReferenceError: OCA is not defined
at sharedialoglinkshareview.js?v=156c1a1cd2fc4710f74b3613142c96e9:397
at sharedialoglinkshareview.js?v=156c1a1cd2fc4710f74b3613142c96e9:398
sharedialogshareelistview.js?v=156c1a1cd2fc4710f74b3613142c96e9:397 Uncaught ReferenceError: OCA is not defined
at sharedialogshareelistview.js?v=156c1a1cd2fc4710f74b3613142c96e9:397
at sharedialogshareelistview.js?v=156c1a1cd2fc4710f74b3613142c96e9:398
jquery.colorbox.js?v=156c1a1cd2fc4710f74b3613142c96e9:397 Uncaught ReferenceError: OCA is not defined
at jquery.colorbox.js?v=156c1a1cd2fc4710f74b3613142c96e9:397
at jquery.colorbox.js?v=156c1a1cd2fc4710f74b3613142c96e9:398
login:1 Refused to execute script from âXXXXs://cloud.bdevay.duckdns.org/core/js/files/fileinfo.js?v=156c1a1cd2fc4710f74b3613142c96e9â because its MIME type (âtext/htmlâ) is not executable, and strict MIME type checking is enabled.
visitortimezone.js?v=156c1a1cd2fc4710f74b3613142c96e9:397 Uncaught ReferenceError: OCA is not defined
at visitortimezone.js?v=156c1a1cd2fc4710f74b3613142c96e9:397
at visitortimezone.js?v=156c1a1cd2fc4710f74b3613142c96e9:398
lostpassword.js?v=156c1a1cd2fc4710f74b3613142c96e9:397 Uncaught ReferenceError: OCA is not defined
at lostpassword.js?v=156c1a1cd2fc4710f74b3613142c96e9:397
at lostpassword.js?v=156c1a1cd2fc4710f74b3613142c96e9:398
browser-update.js?v=156c1a1cd2fc4710f74b3613142c96e9:194 Uncaught ReferenceError: jQuery is not defined
at browser-update.js?v=156c1a1cd2fc4710f74b3613142c96e9:194
