Kirby panel - install script fails to create a user


#1

Hi Guys,

Was hoping to check if anyone here seen anything like this.

Got kirby starter kit running on nginx with the rewrites being setup as follows:

#
# Begin Kirby

# Don't hint these as folders
rewrite ^/(content|site|kirby)$ /error last;

# Block content
rewrite ^/content/(.*).(txt|md|mdown)$ /error last;

# Block all files in the site and kirby folder from being accessed directly
rewrite ^/(site|kirby)/(.*)$ /error last;

# Removes trailing slashes (prevents SEO duplicate content issues)
if (!-d $request_filename) {
    rewrite ^/(.+)/$ /$1 permanent;
}

# Panel links
location ~ /panel {
    autoindex off;
    try_files $uri $uri/ /panel/index.php?$uri&$args;
}

# Site links
location ~ / {
    autoindex off;
    try_files $uri $uri/ /index.php?$uri&$args;
}

# Prevent clients from accessing hidden files (starting with a dot)
# This is particularly important if you store .htpasswd files in the site hierarchy
location ~ (?:^|/)\. {
    deny all;
}

# Prevent clients from accessing to backup/config/source files
location ~ (?:\.(?:bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$ {
    deny all;
}

# End Kirby
#

Everything seems to be running fine, all pages are readable, panel shows you the user add screen. The issue is that the moment you fill out the form and click on the create your account button, the script immediately falls back into the same window as if nothing’s just happened (no user account gets created either)

File permissions are as follows
/

-rw-r–r-- 1 www-data www-data 421 Jul 8 18:51 .gitignore
drwxr-sr-x 8 www-data www-data 4096 Jul 8 18:51 .git
drwxr-sr-x 6 www-data www-data 4096 Jul 8 18:51 assets
-rw-r–r-- 1 www-data www-data 292 Jul 8 18:51 index.php
drwxr-sr-x 8 www-data www-data 4096 Jul 8 18:51 content
-rw-r–r-- 1 www-data www-data 6261 Jul 8 18:51 license.md
drwxr-sr-x 10 www-data www-data 4096 Jul 8 18:51 kirby
drwxr-sr-x 6 www-data www-data 4096 Jul 8 18:51 panel
drwxr-sr-x 10 www-data www-data 4096 Jul 8 18:51 site
-rw-r–r-- 1 www-data www-data 2049 Jul 8 18:51 readme.md
-rw-r–r-- 1 www-data www-data 1433 Jul 8 19:00 .htaccess
drwxrwsr-x 3 www-data www-data 4096 Jul 8 19:01 thumbs

/site

drwxr-sr-x 2 www-data www-data 4096 Jul 8 18:51 templates
drwxr-sr-x 2 www-data www-data 4096 Jul 8 18:51 snippets
drwxr-sr-x 2 www-data www-data 4096 Jul 8 18:51 plugins
drwxr-sr-x 2 www-data www-data 4096 Jul 8 18:51 controllers
drwxr-sr-x 2 www-data www-data 4096 Jul 8 18:51 cache
drwxr-sr-x 2 www-data www-data 4096 Jul 8 18:51 blueprints
drwxrwsr-x 2 www-data www-data 4096 Jul 8 18:51 accounts
drwxr-sr-x 2 www-data www-data 4096 Jul 8 19:52 config

Debugs and logs are silent :frowning:

Would appreciate any help.

Thanks


#2

Usually, this is likely to be a problem with the Apache user not. being able to. write to file. The permissions and owners look ok to me, though, if they are also applied to subfolders and files correctly.

I assume you have set remote install on the server to true, if we are talking about a public server? However, you should usually get an error message if you haven’t so this is probably not the issue.

I’m not familiar with nginx rewrites, you might want to compare it to this example one: https://gist.github.com/bastianallgeier/c2e1f1e519f5f2943ec4, although yours might be correct as these seem to be different from server to server.

What is your PHP version?


#3

Thanks for helping ! Made me to triple check everything and imagine how surprised I was to see it didn’t like WWW 301 redirect I had set :slight_smile:

# WWW redirect
if ($host = example.com){
   return 301 $scheme://www.$host$request_uri;
}

The moment I took it off, everything came back to normal. I guess now I just need to work around the redirect issue. Another day, another challenge :slight_smile:

Anyway, here’s a list of requirements for anyone trying to get things running on nginx

  1. PHP 7.0.30

  2. PHP Modules: php7.0-mbstring php7.0-zip php7.0-xml

  3. File permissions (given that php and nginx run under www-data)

find /var/www/ -type d -exec chmod 750 {} ;
find /var/www/ -type f -exec chmod 640 {} ;
chown -R www-data:www-data /var/www/

  1. nginx rewrites
#
# Start Kirby

# Don't hit these as folders
rewrite ^/(content|site|kirby)$ /error last;

# Block content
rewrite ^/content/(.*).(txt|md|mdown)$ /error last;

# Block all files in the site and kirby folder from being accessed directly
rewrite ^/(site|kirby)/(.*)$ /error last;

# Removes trailing slashes (prevents SEO duplicate content issues)
if (!-d $request_filename) {
    rewrite ^/(.+)/$ /$1 permanent;
}

# Panel links
location ~ /panel {
    autoindex off;
    try_files $uri $uri/ /panel/index.php?$uri&$args;
}

# Site links
location ~ / {
    autoindex off;
    try_files $uri $uri/ /index.php?$uri&$args;
}

# Prevent clients from accessing hidden files (starting with a dot)
# This is particularly important if you store .htpasswd files in the site hierarchy
location ~ (?:^|/)\. {
    deny all;
}

# Prevent clients from accessing backup/config/source files
location ~ (?:\.(?:bak|config|sql|fla|psd|ini|log|sh|inc|swp|dist)|~)$ {
    deny all;
}

# End Kirby
#