1

Topic: issues with second nginx vhost, php enabled.

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.1 MARIADB edition
- Deployed with iRedMail Easy or the downloadable installer? downloadable installer
- Linux/BSD distribution name and version:  Ubuntu 18
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): MariaDb (MySQL)
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? No
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====


After all very successful test for iremail I've tried adding another vhost php enabled vhost in nginx, sadly without success.
Here are some details:

Created the files required in /var/www

    # tree /var/www/
    /var/www/
    ├── html
    │   ├── index.html
    │   ├── index.nginx-debian.html
    │   └── robots.txt
    ├── seconddomain.tld
    │   └── index.html
    └── subdomain.seconddomain.tld
        └── index.php

The problematic file is index.php in subdomain.seconddomain.tld, the content of index.php is

    # cat index.php 
    <html>
     <head>
      <title>PHP Test</title>
     </head>
     <body>
     <?php echo '<p>Hello World</p>';?>
     </body>
    </html>

I've created config files in

    # tree /etc/nginx/sites-available/subdomain.seconddomain.tld/
    /etc/nginx/sites-available/subdomain.seconddomain.tld/
    ├── subdomain-seconddomain-tld-ssl.conf
    └── subdomain-seconddomain-tld.conf

and linked them to sites-enabled

 
    # tree /etc/nginx/sites-available
    .
    ├── firstdomain-tld-ssl.conf -> /etc/nginx/sites-available/firstdomain.tld/firstdomain-tld-ssl.conf
    ├── firstdomain-tld.conf -> /etc/nginx/sites-available/firstdomain.tld/firstdomain-tld.conf
    ├── seconddomain-tld-ssl.conf -> /etc/nginx/sites-available/seconddomain.tld/seconddomain-tld-ssl.conf
    ├── seconddomain-tld.conf -> /etc/nginx/sites-available/seconddomain.tld/seconddomain-tld.conf
    ├── subdomain-seconddomain-tld-ssl.conf -> /etc/nginx/sites-available/subdomain.seconddomain.tld/subdomain-seconddomain-tld-ssl.conf
    └── subdomain-seconddomain-tld.conf -> /etc/nginx/sites-available/subdomain.seconddomain.tld/subdomain-seconddomain-tld.conf

Content of config files is :

    # cat subdomain-seconddomain-tld.conf 
        #
        # Note: This file must be loaded before other virtual host config files,
        #
        # HTTP
        server {
            if ($host = subdomain.seconddomain.tld) {
                return 301 https://$host$request_uri;
            }

            # Listen on ipv4
            listen 80;
            listen [::]:80;

            server_name subdomain.seconddomain.tld;

            # Redirect all insecure http:// requests to https://
            return 301 https://$host$request_uri;
        }

    # cat subdomain-seconddomain-tld-ssl.conf 
        #
        # Note: This file must be loaded before other virtual host config files,
        #
        # HTTPS
        server {
            listen 443 ssl;
            listen [::]:443 ssl;
            server_name subdomain.seconddomain.tld;

            root /var/www/subdomain.seconddomain.tld/;
            index index.php;

            ssl_certificate /etc/letsencrypt/live/subdomain.seconddomain.tld/fullchain.pem; # managed by Certbot
            ssl_certificate_key /etc/letsencrypt/live/subdomain.seconddomain.tld/privkey.pem; # managed by Certbot
        }

further more  here is nginx.conf and linked confs

    # cat nginx.conf
    user www-data;
    worker_processes 1;
    pid /var/run/nginx.pid;

    events {
        worker_connections 1024;
    }

    http {
        include /etc/nginx/conf-enabled/*.conf;
        include /etc/nginx/sites-enabled/*.conf;
    }

    # ls /etc/nginx/conf-enabled
    0-general.conf  client_max_body_size.conf  gzip.conf     log.conf         php_fpm.conf   server_tokens.conf
    cache.conf      default_type.conf          headers.conf  mime_types.conf  sendfile.conf  types_hash_max_size.conf

    # cat php_fpm.conf 
    upstream php_workers {
        server 127.0.0.1:9999;
    }

netstat on port 9999 reveals that is up and running :

    # netstat -an | grep 9999
    tcp        0      0 127.0.0.1:9999          0.0.0.0:*               LISTEN     
    tcp        0      0 127.0.0.1:19999         0.0.0.0:*               LISTEN     
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48764         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48704         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48776         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48700         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48724         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48696         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48728         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48752         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48782         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48736         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48720         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48772         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48740         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48756         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48744         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48748         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48732         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48708         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48716         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48768         TIME_WAIT  
    tcp        0      0 127.0.0.1:9999          127.0.0.1:48712         TIME_WAIT  

I've also tried with the next config

    #
    # Note: This file must be loaded before other virtual host config files,
    #
    # HTTPS
    server {
        listen 443 ssl;
        listen [::]:443 ssl;
        server_name subdomain.seconddomain.tld;

        root /var/www/subdomain.seconddomain.tld/;
        index index.php;

            location ~ \.php$ {
                fastcgi_split_path_info ^(.+\.php)(/.+)$;
                fastcgi_pass 127.0.0.1:9999;
                fastcgi_index index.php;
                include fastcgi_params;
            }

        ssl_certificate /etc/letsencrypt/live/subdomain.seconddomain.tld/fullchain.pem; # managed by Certbot
        ssl_certificate_key /etc/letsencrypt/live/subdomain.seconddomain.tld/privkey.pem; # managed by Certbot
    }

Finally nginx -t output :

    # nginx -t
    nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
    nginx: configuration file /etc/nginx/nginx.conf test is successful

With the first config php file is simply downloaded and with the second config a simple white html is displayed, not even html content is displayed.
Any suggestions are welcomed and appreciated.
Thanks.

2 (edited by Mosfet 2020-03-23 00:33:39)

Re: issues with second nginx vhost, php enabled.

Got IT big_smile

using the following config :

#cat  subdomain-seconddomain-tld-ssl.conf 
#
# Note: This file must be loaded before other virtual host config files,
#
# HTTPS
server {
    listen 443 ssl;
    listen [::]:443 ssl;
    server_name subdomain.seconddomain.tld;

    root /var/www/subdomain.seconddomain.tld/;
    index index.php index.html index.htm index.nginx-debian.html;

    location / {
        try_files $uri $uri/ =404;
    }

    location ~ \.php$ {
        include snippets/fastcgi-php.conf;
        fastcgi_pass 127.0.0.1:9999;
    }

    location ~ /\.ht {
        deny all;
    }

    ssl_certificate /etc/letsencrypt/live/subdomain.seconddomain.tld/fullchain.pem; # managed by Certbot
    ssl_certificate_key /etc/letsencrypt/live/subdomain.seconddomain.tld/privkey.pem; # managed by Certbot
}

I still cant figure out what is what so any explanation is still much appreciated.
except maybe I was missing the snippets/ from fastcgi-php.conf ...

Thanks.

P.S. Still unable to display php info using

 <?php phpinfo(); ?> 

this is killing me
P.P.S. But other functions work as excepted : ex

<?php echo date('l, F jS, Y'); ?> 

3

Re: issues with second nginx vhost, php enabled.

Mosfet wrote:

I still cant figure out what is what so any explanation is still much appreciated.
except maybe I was missing the snippets/ from fastcgi-php.conf ...

iRedMail has /etc/nginx/templates/php-catchall.tmpl, you can replace the " location ~ \.php$ {}" block by only one `include` directive like this:

include /etc/nginx/templates/php-catchall.tmpl;
Mosfet wrote:

P.S. Still unable to display php info using

 <?php phpinfo(); ?> 

this is killing me

function `phpinfo` is disabled in php.ini.

----

Does my reply help a little? How about buying me a cup of coffee ($5) as an encouragement?

buy me a cup of coffee