0

I'm pulling my hair out with the sparse support and documentation for Ubuntu server 15.04. although that's to be expected from a non LTS release.

I have Nginx serving Owncloud, called example.com.conf in sites-available and symlinked to sites-enabled. OwnCloud is served from the same server as NGinx, with validated SSL certs.

The problem I face, and has been puzzling me for days is how to set up NGinx to carry on doing as it is (working with no issues) and reverse proxy a Node.js app running at 192.168.0.24:4000 on the same domain. I want both served on the same domain (i.e. example.com with the Node.js app acting as the / and OwnCloud as /owncloud. From what I can make out Owncloud is doing this itself from its config.php file?

<?php
$CONFIG = array (
  'instanceid' => '***********',
  'passwordsalt' => '***************************',
  'secret' => '****************************************',
  'trusted_domains' => 
   array (
     1 => 'example.com',
   ),
   'datadirectory' => '/shared/owncloud/data',
   'overwrite.cli.url' => 'https://example.com/owncloud',
 ......

I'm guessing the bottom line of text is over writing the URL to /owncloud, as I can find no hint of it in the .conf in sites-available/enabled.

upstream php-handler {
  server 127.0.0.1:9000;
  server unix:/var/run/php5-fpm.sock;
}

server {
  listen 80;
  server_name 192.168.0.23 localhost example.com;
  return 301 https://$server_name$request_uri; # enforce https
}

server {
  listen 443 ssl;
  server_name 192.168.0.23 localhost example.com;

  # Add headers to serve security related headers
  add_header Strict-Transport-Security max-age=15768000;
  add_header X-Content-Type-Options nosniff;
  add_header X-Frame-Options "SAMEORIGIN";
  add_header X-XSS-Protection "1; mode=block";
  add_header X-Robots-Tag none;

  ssl_certificate /etc/nginx/certs/example.crt;
  ssl_certificate_key /etc/nginx/certs/example.key;

  # Path to the root of your installation
  root /var/www/owncloud;
  client_max_body_size 10G; # set max upload size
  fastcgi_buffers 64 4K;

  # ownCloud blacklist
location ~ ^/owncloud/(?:\.htaccess|data|config|db_structure\.xml|README) {
    deny all;
    error_page 403 = /owncloud/core/templates/403.php;
}

location / {
    proxy_pass http://192.168.0.24:4000;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection 'upgrade';
    proxy_set_header Host $host;
    proxy_cache_bypass $http_upgrade;
}

location /owncloud/ {
    error_page 403 = /owncloud/core/templates/403.php;
    error_page 404 = /owncloud/core/templates/404.php;

    rewrite ^/owncloud/caldav(.*)$ /remote.php/caldav$1 redirect;
    rewrite ^/owncloud/carddav(.*)$ /remote.php/carddav$1 redirect;
    rewrite ^/owncloud/webdav(.*)$ /remote.php/webdav$1 redirect;

    rewrite ^(/owncloud/core/doc[^\/]+/)$ $1/index.html;

    # The following rules are only needed with webfinger
    rewrite ^/owncloud/.well-known/host-meta /public.php?service=host-meta last;
    rewrite ^/owncloud/.well-known/host-meta.json /public.php?service=host-meta-json last;
    rewrite ^/owncloud/.well-known/carddav /remote.php/carddav/ redirect;

I've tried everything I can think of to resolve this but can't find a way to serve OwnCloud and a reverse proxy on the same domain. Do I have to have a separate .conf file? I'm stumped.

OverRipeBananas
  • 1
  • 1
  • 3
  • What you've got setup in your OwnCloud config file (`'overwrite.cli.url' => 'https://example.com/owncloud'`) needs to be reflected in the configuration of your web server. Right now it's not, you're trying to serve OwnCloud from the root URL as opposed to the `/owncloud` URL as desired, and nowhere have you told NGinx to proxy anything to Node.js. – GregL Aug 20 '15 at 14:35
  • And what happens now, with that config? – GregL Aug 20 '15 at 15:23
  • I've save it under `example.com.conf` in `sites available` symlinked, to enabled. and it still does the same on NGinx restart. I can reach the node.js app by its real url and port just not from the root of the NGinx server. – OverRipeBananas Aug 20 '15 at 15:28
  • Try doing one thing at a time: Getting Node.js to work behind Nginx, then adding the OwnCloud portion. Or vice-versa. – GregL Aug 20 '15 at 15:40
  • The Owncloud part works fine behind NGInx. its getting the node app to been seen on port 80 at the / of the the same domain. I've even tried removing the 301 redirect to port 443 and placing the `location /` there. – OverRipeBananas Aug 20 '15 at 15:45
  • I think putting the `location /owncloud/` stanza ahead of the `location /` stanza will fix your issues since they're processed as configured. – GregL Aug 20 '15 at 17:12
  • doing that results in: `dave@server:/etc/nginx/sites-enabled# service nginx restart Job for nginx.service failed. See "systemctl status nginx.service" and "journalctl -xe" for details.` – OverRipeBananas Aug 20 '15 at 17:21
  • so with `nginx -t` i get `dave@server:/etc/nginx/sites-enabled# sudo nginx -t` `nginx: [emerg] location "/" is outside location "/owncloud/" in /etc/nginx/sites-enabled/pukkapi.com.conf:51` `nginx: configuration file /etc/nginx/nginx.conf test failed` – OverRipeBananas Aug 20 '15 at 17:25
  • Wait, do you want the Node app to *only* be HTTP, not HTTP**S**? – GregL Aug 20 '15 at 17:26
  • ultimately yes I want it to be HTTPS as I'm using passport.js for auth, but at the moment its just seving a 'hello world' app on HTTP just to get NGinx working and playing nince with owncloud and a proxy on the same domain, as my cert is single domain. – OverRipeBananas Aug 20 '15 at 17:32
  • Can you get it work with just the Node portion? No OwnCloud? – GregL Aug 20 '15 at 17:33
  • Thats the thing. if i make a seperate listen stanza for port 81 same domain it works as it should. – OverRipeBananas Aug 20 '15 at 17:37
  • but no i havent tried that alone – OverRipeBananas Aug 20 '15 at 17:38
  • with just the redirect from 192.168.0.24:4000 it works fine. – OverRipeBananas Aug 20 '15 at 18:12
  • After all this hassle it was all down to not calling JQuery by HTTPS ie.`` or `script(src='https://ajax.googleapis.com/ajax/libs/jquery/1.11.3/jquery.min.js')` (using jade.) I didn't realize all external requests for CSS, JS, etc had to reach HTTPS too. Although i now have Owncloud on a sub domain, I'm happy with this functionality. – OverRipeBananas Aug 22 '15 at 22:22

0 Answers0