Hi,
I have the kanboard server running fine on nginx by using this config:
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/thefern.dev/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/thefern.dev/privkey.pem; # managed by Certbot
server_name thefern.dev www.thefern.dev;
index index.php;
root /var/www/kanboard;
# client_max_body_size 32M;
location /kanboard {
try_files $uri $uri/ /index.php$is_args$args;
# If Kanboard is under a subfolder
# try_files $uri $uri/ /kanboard/index.php;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
include fastcgi_params;
}
location ~* ^.+\.(log|sqlite)$ {
return 404;
}
location ~ /\.ht {
return 404;
}
location ~* ^.+\.(ico|jpg|gif|png|css|js|svg|eot|ttf|woff|woff2|otf)$ {
log_not_found off;
expires 7d;
etag on;
}
gzip on;
gzip_comp_level 3;
gzip_disable "msie6";
gzip_vary on;
gzip_types
text/javascript
application/javascript
application/json
text/xml
application/xml
application/rss+xml
text/css
text/plain;
}
However I have two other applications running a git server and a blog, and when I integrate kanboard to the main nginx file everything works except kanboard, and when I leave both my initial config and leave all the kanboard stuff as seen above on a separate file so as to have separate configs, kanboard config takes over and nothing else works. I realize this is an nginx config issue, but maybe someone has a similar config that can give me a hint. Thank you!
server {
root /var/www/thefern.dev/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html index.php;
server_name thefern.dev www.thefern.dev;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location /git/ {
proxy_pass https://127.0.0.1:3000/;
}
location /blog {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:2368;
proxy_redirect off;
}
location /kanboard {
index index.php
root /var/www/kanboard;
client_max_body_size 32M;
try_files $uri $uri/ /index.php$is_args$args;
# If Kanboard is under a subfolder
# try_files $uri $uri/ /kanboard/index.php;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
include fastcgi_params;
}
location ~* ^.+\.(log|sqlite)$ {
return 404;
}
location ~ /\.ht {
return 404;
}
location ~* ^.+\.(ico|jpg|gif|png|css|js|svg|eot|ttf|woff|woff2|otf)$ {
log_not_found off;
expires 7d;
etag on;
}
gzip on;
gzip_comp_level 3;
gzip_disable "msie6";
gzip_vary on;
gzip_types
text/javascript
application/javascript
application/json
text/xml
application/xml
application/rss+xml
text/css
text/plain;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/thefern.dev/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/thefern.dev/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
# If Kanboard is under a subfolder
# try_files $uri $uri/ /kanboard/index.php;
think that might be your issue, since you didn’t change it per the comment. if you aren’t using a subfolder, then you have a conflict, since you also defined the root to go to 404.
It works fine without doing the /kanboard/index.php since I had made root = /var/www/kanboard on that separate nginx config file.
If I have this nginx config kanboard works fine by going to root or site/kanboard
server {
listen 443 ssl;
ssl_certificate /etc/letsencrypt/live/thefern.dev/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/thefern.dev/privkey.pem; # managed by Certbot
server_name thefern.dev www.thefern.dev;
index index.php;
root /var/www/kanboard;
# client_max_body_size 32M;
location /kanboard {
# index index.php;
try_files $uri $uri/ /index.php$is_args$args;
# If Kanboard is under a subfolder
# try_files $uri $uri/ /kanboard/index.php;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
include fastcgi_params;
}
location ~* ^.+\.(log|sqlite)$ {
return 404;
}
location ~ /\.ht {
return 404;
}
location ~* ^.+\.(ico|jpg|gif|png|css|js|svg|eot|ttf|woff|woff2|otf)$ {
log_not_found off;
expires 7d;
etag on;
}
gzip on;
gzip_comp_level 3;
gzip_disable "msie6";
gzip_vary on;
gzip_types
text/javascript
application/javascript
application/json
text/xml
application/xml
application/rss+xml
text/css
text/plain;
}
Problem with the above config is that it kills all my other server configs, and I have no idea why, I am not that great with nginx to be honest. I tried a bunch of ways, kanboard on a separate config, or by adding location /kanboard to my original nginx config. Tried nesting and all sorts of different ways, going on three days of pulling my hair lol.
Okay maybe I’ll rephrase my question, below is my current nginx config is serving a gitea, a ghost (blog) and a static html for root, how can I add kanboard to this config or a separate one without breaking anything?
server {
root /var/www/thefern.dev/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html;
server_name thefern.dev www.thefern.dev;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location /git/ {
proxy_pass https://127.0.0.1:3000/;
}
location /blog {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:2368;
proxy_redirect off;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/thefern.dev/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/thefern.dev/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.thefern.dev) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = thefern.dev) {
return 301 https://$host$request_uri;
} # managed by Certbot
# listen 80 default_server;
# listen [::]:80 default_server;
server_name thefern.dev www.thefern.dev;
return 404; # managed by Certbot
}
Adding the sample config with location /kanboard doesn’t seem to do the trick either. URL Rewriting — Kanboard documentation
Finally figured out this issue, it had to do with pointing to the wrong sock, and not so much with the location blocks. Found this good troubleshooting guide. NGINX 502 Bad Gateway: PHP-FPM | Datadog
fernandob@ubuntu-main ~ ❯❯❯ sudo tail -n 10 /var/log/nginx/error.log
[snip]
2021/08/04 14:24:31 [crit] 27204#27204: *1 connect() to unix:/var/run/php5-fpm.sock failed (2: No such file or directory) while connecting to upstream, client: 45.X.X.19, server: thefern.dev, request: "GET /kanboard/ HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "thefern.dev"
fernandob@ubuntu-main ~ ❯❯❯ ls /var/run/php*/**.sock
/var/run/php/php-fpm.sock@ /var/run/php/php7.4-fpm.sock=
Fixed it and it was good to go. Final configuration posted below, everything is working now, root static, gitea, ghost, and kanboard. I ended up placing the kanboard folder inside root folder.
server {
root /var/www/thefern.dev/html;
# Add index.php to the list if you are using PHP
index index.html index.htm index.nginx-debian.html index.php;
server_name thefern.dev www.thefern.dev;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location ^~ /git/ {
proxy_pass https://127.0.0.1:3000/;
}
location ^~ /blog {
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $http_host;
proxy_pass http://127.0.0.1:2368;
proxy_redirect off;
}
location /kanboard {
root /var/www/thefern.dev/html;
try_files $uri $uri/ /index.php$is_args$args;
# If Kanboard is under a subfolder
#try_files $uri $uri/ /kanboard/index.php;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass unix:/var/run/php/php7.4-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_index index.php;
include fastcgi_params;
}
# Deny access to the directory data
location ~* /data {
deny all;
return 404;
}
# Deny access to .htaccess
location ~ /\.ht {
deny all;
return 404;
}
listen [::]:443 ssl ipv6only=on; # managed by Certbot
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/thefern.dev/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/thefern.dev/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/ssl-dhparams.pem; # managed by Certbot
}
server {
if ($host = www.thefern.dev) {
return 301 https://$host$request_uri;
} # managed by Certbot
if ($host = thefern.dev) {
return 301 https://$host$request_uri;
} # managed by Certbot
# listen 80 default_server;
# listen [::]:80 default_server;
server_name thefern.dev www.thefern.dev;
return 404; # managed by Certbot
}