- Gitea version (or commit ref): 1.2.0
- Git version: 2.7.4
- Operating system: ubuntu 16.04.3
- Database (use
[x]):
- [ ] PostgreSQL
- [x] MySQL
- [ ] MSSQL
- [ ] SQLite
- Can you reproduce the bug at https://try.gitea.io:
- [ ] Yes (provide example URL)
- [ ] No
- [x] Not relevant
- Log gist:
Description
I set up my Gitea install with nginx and everything works fine, except when I click on a file name. When I click on a file, say, "index.php", it immediately pops up with a 404. And not the pretty 404, but an unstyled nginx 404. Everything else works fine.
gjsman
All 26 comments
What URL does index.php point to? Is it running in a sub-path? What does the nginx config look like? What does the gitea config look like?
bkcsoft
on 17 Oct 2017
This is indeed running in a sub-path. We do have Let's Encrypt going, and Gitea runs on Port 3002.
Everything loads absolutely fine (all logos, all images, no errors) except when you click on a file. One moment...
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name example.org;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
location /phpmyadmin {
auth_basic "Admin Login";
auth_basic_user_file /etc/nginx/pma_pass;
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
location /projects/ {
proxy_pass http://localhost:3002/;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/dhparams.pem;
}
List of files before:
https://screenshots.firefoxusercontent.com/images/f867a79b-71b2-44f5-8fea-8121cabc98a0.png
List of files when I click on one:
https://screenshots.firefoxusercontent.com/images/df9f9626-8308-49d5-b686-c935fb048c00.png
gjsman
on 17 Oct 2017
The URL when I click on a file looks normal:
https://example.org/projects/org.name.here/project/src/master/add-user.php
The subdir is referenced properly...
gjsman
on 17 Oct 2017
I almost think that Nginx is missing some rewrite rules. However, nowhere in the docs does it say you need rewrite rules.
gjsman
on 18 Oct 2017
Did you set
https://github.com/go-gitea/gitea/blob/ccd3577970b64078eb156a736b1583833f80b4a3/conf/app.ini#L102
to %(PROTOCOL)s://%(DOMAIN)s:%(HTTP_PORT)s/projects/?
pgaskin
on 18 Oct 2017
@geek1011 Yes, this is set. Including the subdirectory. Even the trailing slash.
gjsman
on 18 Oct 2017
APP_NAME = Example.org Projects
RUN_USER = root
RUN_MODE = prod
[security]
INTERNAL_TOKEN = <removed>
INSTALL_LOCK = true
SECRET_KEY = <removed>
[server]
HTTP_PORT = 3002
SSH_DOMAIN = example.org
DOMAIN = example.org
ROOT_URL = https://example.org/projects/
DISABLE_SSH = true
LFS_START_SERVER = false
OFFLINE_MODE = false
[database]
DB_TYPE = mysql
HOST = 127.0.0.1:3306
NAME = gitea
USER = gitea
PASSWD = <removed>
SSL_MODE = disable
PATH = data/gitea.db
[repository]
ROOT = /root/gitea-repositories
[mailer]
ENABLED = false
[service]
REGISTER_EMAIL_CONFIRM = false
ENABLE_NOTIFY_MAIL = false
DISABLE_REGISTRATION = false
ENABLE_CAPTCHA = true
REQUIRE_SIGNIN_VIEW = true
DEFAULT_KEEP_EMAIL_PRIVATE = true
DEFAULT_ALLOW_CREATE_ORGANIZATION = false
NO_REPLY_ADDRESS = noreply.example.org
[picture]
DISABLE_GRAVATAR = true
ENABLE_FEDERATED_AVATAR = false
[openid]
ENABLE_OPENID_SIGNIN = false
ENABLE_OPENID_SIGNUP = false
[session]
PROVIDER = file
[log]
MODE = file
LEVEL = Info
ROOT_PATH = /var/www/html/log
I think this part:
index index.php index.html index.htm index.nginx-debian.html;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
is conflicting with /projects/ as nginx is trying to find index.php first and then php steps in
lafriks
on 18 Oct 2017
I think you have a mistake in the projects location. The reverse Proxy is not setted up correctly. I can say that this is working perfectly with nginx and gitea.
location /projects/ {
proxy_pass http://127.0.0.1:3000$request_uri;
proxy_buffering off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
The part with the $request_uri is important, because otherwise you get 404 or 500 errors on requesting a specific site or file
ModdyLP
on 18 Oct 2017
Does the request get a 404 from nginx or gitea?
ptman
on 18 Oct 2017
@ptman This is a 404 from nginx, not gitea (see screenshot).
Evaluating new config. Will reply in a moment...
gjsman
on 18 Oct 2017
@ModdyLP I get a 502 Gateway Error from nginx when I try this.
gjsman
on 18 Oct 2017
Update to @ModdyLP, I changed http://localhost:3002 to http://127.0.0.1:3002, and something did change. However, this still isn't right...
https://screenshots.firefoxusercontent.com/images/014d1ff0-3c5b-4386-b645-22ec495c6f69.png
It appears to be a 404 from Gitea, but really screwed up. (Before it was a 404 from nginx.) This is from this URL:
https://example.org/projects/user/login
So this is obviously not right. I also don't get why changing to numbers made the difference, because aren't localhost and 127.0.0.1 the same thing?
This is actually a regression, because before everything worked until you clicked a file. Now, nothing works.
gjsman
on 18 Oct 2017
Have you Put the $request_uri behind the port number ? It is important to prevent 404 errors. Also Nginx can't handle localhost namespace lookup properly. Because of that you schould use the numbers instead the name.
ModdyLP
on 19 Oct 2017
@ModdyLP Yes. See amends.
server {
listen 80 default_server;
listen [::]:80 default_server;
root /var/www/html;
index index.php index.html index.htm index.nginx-debian.html;
server_name example.org;
location / {
try_files $uri $uri/ =404;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
location ~ /\.ht {
deny all;
}
location /phpmyadmin {
auth_basic "Admin Login";
auth_basic_user_file /etc/nginx/pma_pass;
root /usr/share/;
index index.php index.html index.htm;
location ~ ^/phpmyadmin/(.+\.php)$ {
try_files $uri =404;
root /usr/share/;
fastcgi_pass unix:/var/run/php/php7.0-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
location ~* ^/phpmyadmin/(.+\.(jpg|jpeg|gif|css|png|js|ico|html|xml|txt))$ {
root /usr/share/;
}
}
location /phpMyAdmin {
rewrite ^/* /phpmyadmin last;
}
location /projects/ {
proxy_pass http://127.0.0.1:3002$request_uri;
proxy_buffering off;
proxy_set_header Host $http_host;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $scheme;
}
listen 443 ssl; # managed by Certbot
ssl_certificate /etc/letsencrypt/live/example.org/fullchain.pem; # managed by Certbot
ssl_certificate_key /etc/letsencrypt/live/example.org/privkey.pem; # managed by Certbot
include /etc/letsencrypt/options-ssl-nginx.conf; # managed by Certbot
ssl_dhparam /etc/letsencrypt/dhparams.pem;
}
Try to comment this part out, i dont know why do you want to use it:
location / {
try_files $uri $uri/ =404;
}
I think this option cant handle the reverse proxy . Or change the option to this:
location / {
try_files http://127.0.0.1:3002$request_uri http://127.0.0.1:3002$request_uri/ =404;
}
I commented it out, and nothing changed.
I changed it to your suggested, nothing changed. Again.
gjsman
on 20 Oct 2017
okay that is weird, I don't know where the cause of this is. I don't need to ask if you restarted Nginx everytime?
i have no idea how you can solve this problem.
ModdyLP
on 20 Oct 2017
@ModdyLP I just hit gold on a potential cause.
I reset my config files to normal, when I discovered something truly critical. I would get a 404 error from Nginx _when I clicked a file ending with PHP in my project._ Clicking README.md loads fine, but view-users.php does not work.
Yes, I did restart nginx every time. This error (as seen above) is with my original config at the top, which worked for everything but PHP files in a project (it seems).
gjsman
on 21 Oct 2017
@lafriks I think you were on to something here...
gjsman
on 21 Oct 2017
Here is what I (currently) understand is happening with my config, discovering this.
When I click on a file, like add-course.php, in my project, it looks like this in URL form:
https://example.org/projects/example/tracker/src/master/add-course.php
However, instead of loading the file, nginx steps in and tries to run a non-existent file. Causing problems.
Whereas another file, like README.md, looks like this:
https://example.org/projects/example/tracker/src/master/README.md
And it loads properly. @lafriks @ModdyLP thoughts how this could be corrected?
It could be possible to delete the block:
index index.php index.html index.htm index.nginx-debian.html;
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass unix:/run/php/php7.0-fpm.sock;
}
However, I have PHP files in my root directory I want to run (and this breaks that).
gjsman
on 21 Oct 2017
yeah, i have removed the php block in my configuration because gitea or gogs don't use php, so it is useless and can cause this problem.
ModdyLP
on 21 Oct 2017
Not gitea issue. Please use forum or discord chat to ask for support
lafriks
on 21 Oct 2017
@lafriks @ModdyLP I wouldn't close it _just_ yet. There are people who run PHP files on the same server (like me). Perhaps something could be added to Gitea documentation...
gjsman
on 21 Oct 2017
@gjsman I agree with you and there is already issue for that #89. Keeping such issues open that not directly relates to gitea just makes it hard to keep track on real gitea issues. That's why we have Discord chat and Forum where you can ask support questions like this about configuration, deployment or anything else gitea related.
lafriks
on 21 Oct 2017
Related issues
BNolet
路
3Comments
mirhec
路
3Comments
kifirkin
路
3Comments
BRMateus2
路
3Comments
cookiengineer
路
3Comments
Most helpful comment
@gjsman I agree with you and there is already issue for that #89. Keeping such issues open that not directly relates to gitea just makes it hard to keep track on real gitea issues. That's why we have Discord chat and Forum where you can ask support questions like this about configuration, deployment or anything else gitea related.