Fresh PROD Server Kirby CMS not working

dorian.design · November 2, 2023, 7:20pm

Thanks for your help anyway

dorian.design · November 2, 2023, 11:25pm

@texnixe I finally got it to work with this configuration:

server {
    listen 80;
    server_name transformative-philosophy.com www.transformative-philosophy.com;
    root /var/www/transformative-philosophy.com/public;
    
    access_log  /var/log/nginx/access.log;
    error_log   /var/log/nginx/error.log;
    
    # Route LetsEncrypt ACME Challenges to the right place
    location ^~ /.well-known/acme-challenge/ {
        allow all;
        default_type "text/plain";
        try_files $uri /404;
    }

    # Route everything else through SSL
    location ~* ^/(.*)$ {
        return 301 https://$server_name/$1$is_args$args;
    }
}

server {
    charset utf-8;
    server_name transformative-philosophy.com www.transformative-philosophy.com;
    root /var/www/transformative-philosophy.com/public;

    listen 443 ssl;
    ssl_protocols TLSv1.2;
    ssl_ciphers 'ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-SHA384:ECDHE-RSA-AES256-SHA384:ECDHE-ECDSA-AES128-SHA256:ECDHE-RSA-AES128-SHA256';
    ssl_prefer_server_ciphers On;
    ssl_certificate         /etc/letsencrypt/live/transformative-philosophy.com/fullchain.pem;
    ssl_certificate_key     /etc/letsencrypt/live/transformative-philosophy.com/privkey.pem;
    ssl_trusted_certificate /etc/letsencrypt/live/transformative-philosophy.com/chain.pem;
    ssl_session_cache shared:SSL:10m;
    add_header Strict-Transport-Security "max-age=31557600; includeSubDomains";
    ssl_stapling on;
    ssl_stapling_verify on;
    resolver 8.8.8.8; # Google Resolver
    index index.php index.html index.htm;

    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/html;
    }

    access_log /var/log/nginx/access.log;
    error_log /var/log/nginx/error.log;

    # Don't hint these as folders
    rewrite ^/(content|site|kirby)$ /error last;

    # Block content
    rewrite ^/content/(.*).(txt|md|mdown)$ /error last;

    # Block all files in the site and kirby folder from being accessed directly
    rewrite ^/(site|kirby)/(.*)$ /error last;

    # Panel links
    #location /panel {
    #    autoindex off;
    #    try_files $uri $uri/ /panel/index.php?$query_string;
    #}

    # Site links
    location / {
        autoindex off;
        try_files $uri $uri/ /index.php?$query_string; #$uri&$args;
    }

    # PHP scripts
    location ~ \.php$ {
        # Set CORS headers
        if ($request_method = 'OPTIONS') {
            add_header 'Access-Control-Allow-Origin' '*';
            add_header 'Access-Control-Allow-Credentials' 'true';
            add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
            add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
            add_header 'Access-Control-Max-Age' 1728000;
            add_header 'Content-Type' 'text/plain charset=UTF-8';
            add_header 'Content-Length' 0;
            return 204;
        }
        if ($request_method = 'POST') {
          add_header 'Access-Control-Allow-Origin' '*';
          add_header 'Access-Control-Allow-Credentials' 'true';
          add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
          add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
        }
        if ($request_method = 'GET') {
          add_header 'Access-Control-Allow-Origin' '*';
          add_header 'Access-Control-Allow-Credentials' 'true';
          add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS';
          add_header 'Access-Control-Allow-Headers' 'DNT,X-CustomHeader,Keep-Alive,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type';
        }

        try_files $uri =404;
        fastcgi_pass unix:/var/run/php/php-fpm.sock;
        fastcgi_index index.php;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_script_name;
        include fastcgi_params;
    }

    # Prevent clients from accessing hidden files (starting with a dot)
    # This is particularly important if you store .htpasswd files in the site hierarchy
    location ~ (?:^|/)\. {
        deny all;
    }

    # Prevent clients from accessing to backup/config/source files
    location ~ (?:\.(?:bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$ {
        deny all;
    }
}

Found it here: Nginx configuration for Kirby CMS · GitHub

But on error is left:

Do you know anything about this?

dorian.design · November 2, 2023, 11:38pm

I found out that php8.2-xml was missing on the server. Now everything works!

Topic		Replies	Views
Kirby 4, php settings Questions	16	335	January 15, 2024
Cannot get Kirby site to run on nginx on Raspberry Questions v3	15	1100	September 13, 2021
Error 500 on Panel (Nginx, PHP 7.3) Questions v3	19	9549	June 13, 2019
Kirby doesn't seem to add images to media folder Questions v3	10	1731	October 30, 2022
Problems with server environment Questions v4	9	75	April 21, 2025

Fresh PROD Server Kirby CMS not working

Related topics