SOLVED: Help needed: Kirby behind a Nginx reverse proxy

nginx

#1

Hopefully Nginx users are active in this forum.

During the last few days I tried to get Kirby up and running behind a Nginx reverse proxy, but with no luck :frowning:

My selfhosted server setup is configured as follow…

  • OS: Ubuntu 18.04.1
  • Webserver: Nginx 1.15.2
  • PHP: PHP 7.2.8-1 and
  • SQL: MariaDB 10.3.8 (only for my Nextcloud instance)

The latest Kirby 2 version is located at /var/www/kirby. Within this directory i had run php -S 127.0.0.1:86 as I’ve configured port 86 in my Nginx gateway.conf file.

When I try to connect to http://tld.com/kirby/ I get ** 403 Forbidden**.

Also when I add “c::set(‘url’, ‘/kirby/’);” to my config.php in /var/www/kirby/site/config.

In /var/log/nginx/kirby.error.log I can read:
2018/08/07 18:14:59 [error] 3139#3139: *9 directory index of “/var/www/kirby/kirby/” is forbidden, client: 188.126.181.191, server: 127.0.0.1, request: “GET /kirby/ HTTP/1.0”, host: “tld.com
2018/08/07 18:15:01 [error] 3139#3139: *11 directory index of “/var/www/kirby/kirby/” is forbidden, client: 188.126.181.191, server: 127.0.0.1, request: “GET /kirby/ HTTP/1.0”, host: “tld.com
2018/08/07 18:15:02 [error] 3140#3140: *13 directory index of “/var/www/kirby/kirby/” is forbidden, client: 188.126.181.191, server: 127.0.0.1, request: “GET /kirby/ HTTP/1.0”, host: “tld.com

My configurations looks as follow:
/etc/nginx/conf.d/gateway.conf
=========================================

server {
listen 80 default_server;
server_name tld.com;
location ^~ /.well-known/acme-challenge {
proxy_pass http://127.0.0.1:81;
proxy_set_header Host $host;
}
location / {
return 301 https://$host$request_uri;
}
}
server {
listen 443 ssl http2 default_server;
server_name tld.com;
include /etc/nginx/ssl.conf;
include /etc/nginx/header.conf;

###NEXTCLOUD###
location ^~ / {
client_max_body_size 10G;
proxy_connect_timeout 3600;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
send_timeout 3600;
proxy_buffering on;
proxy_max_temp_file_size 10240m;
proxy_request_buffering on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-Proto $scheme;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:82;
proxy_redirect off;
}

### KIRBY ###
location ^~ /kirby/ {
client_max_body_size 1G;
proxy_connect_timeout 3600;
proxy_send_timeout 3600;
proxy_read_timeout 3600;
send_timeout 3600;
proxy_buffering on;
proxy_max_temp_file_size 1024m;
proxy_request_buffering on;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_pass http://127.0.0.1:86;
proxy_redirect off;
}
}

/etc/nginx/conf.d/kirby.conf
=========================================

server {
server_name 127.0.0.1;
listen 127.0.0.1:86 default_server;
include /etc/nginx/proxy.conf;
root /var/www/;
charset utf-8;
location ^~ /kirby {
client_max_body_size 1024M;
index index.php;
access_log /var/log/nginx/kirby.access.log main;
error_log /var/log/nginx/kirby.error.log warn;
location /kirby {
try_files $uri $uri/ /kirby/index.php$args;
}

location /kirby/ {
    include /etc/nginx/mime.types;
    index index.php;
    root /var/www/kirby/;

    location ~ \.php$ {
      try_files $uri =404;
      fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
      fastcgi_index index.php;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      fastcgi_param PATH_INFO $fastcgi_script_name;
      include fastcgi_params;
    }

    location /kirby/content {
      rewrite ^/kirby/content/(.*)\.(txt|md|mdown)$ /kirby/error redirect;
    }

    location /kirby/site {
      rewrite ^/kirby/site/(.*) /kirby/error redirect;
    }

    location /kirby/kirby {
      rewrite ^/kirby/kirby/(.*) /kirby/error redirect;
    }

    location /kirby/robots {
      rewrite ^/kirby/robots.txt /kirby/robots.txt break;
    }
}
}
}

Hopefully someone can help me to solve this tiny problem, thanks in advance.

Greatings,
ank0m


#2

OK, got it :smiley:

What did the trick was changing kirby.conf to:

server {
server_name 127.0.0.1;
listen 127.0.0.1:86 default_server;
include /etc/nginx/proxy.conf;
root /var/www/;
charset utf-8;
location ^~ /kirby {
client_max_body_size 1024M;
index index.php;
access_log /var/log/nginx/kirby.access.log main;
error_log /var/log/nginx/kirby.error.log warn;
location /kirby {
try_files $uri $uri/ /kirby/index.php$args;
}

  location /kirby/ {
    include /etc/nginx/mime.types;
    index index.php;
    root /var/www/;

    if (!-e $request_filename){
      rewrite ^/kirby/panel/(.*) /kirby/panel/index.php break;
    }

    if (!-e $request_filename) {
      rewrite ^/kirby/(.*)$ /kirby/index.php last;
      break;
    }

    location ~ \.php$ {
      try_files $uri =404;
      fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
      fastcgi_index index.php;
      fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
      fastcgi_param PATH_INFO $fastcgi_script_name;
      include fastcgi_params;
    }

    location /kirby/content {
      rewrite ^/kirby/content/(.*)\.(txt|md|mdown)$ /kirby/error redirect;
    }

    location /kirby/site {
      rewrite ^/kirby/site/(.*) /kirby/error redirect;
    }

    location /kirby/kirby {
      rewrite ^/kirby/kirby/(.*) /kirby/error redirect;
    }

    location /kirby/robots {
      rewrite ^/kirby/robots.txt /kirby/robots.txt break;
    }
}
}
}

#3

What also is very important:

Don’t forget to edit /your-kerby-www-root/site/config/config.php and add c::set(‘url’, ‘/kirby_installation_directory/’);


#4

Thanks for sharing your findings!