Installing / not saving / Bad Server Response /api/v1/ NGINX

Collapse
X
 
  • Time
  • Show
Clear All
new posts
  • sdesp
    Member
    • May 2019
    • 51

    Installing / not saving / Bad Server Response /api/v1/ NGINX

    Dear all,

    I reply'd to another topic, but maybe better to start a new one. https://forum.espocrm.com/forum/inst...-save-settings

    I've troubles getting EspoCRM installed. We should be able to get it running as it is not on a shared host, but a VPS.

    Installation seems to go fine. There are no errors in the systems page. We were able to change php settings and add the one plugin. So far it seems OK.

    The Server is a CentOS 7 with DirectAdmin. Php 7.2.17. Server API FPM/FastCGI. Services running including httpd / nginx / php-fpm72.
    I put the configuration in "debugging". Still there is no data/log.
    Location of CRM is: https://crm.mywebsite.com/

    Situation 1:
    If I DO NOT add the nginx: "location /api/v1 and location / - try_files $uri $uri/ index.php?$query_string;
    " I can get the system working. I can Log IN, I can add stuff (by example a task). But I cannot change anything. Not a task, not any settings in the system page.

    In the console/browser I get an error on the file /api/v1/Task/xxxxx
    It mentions protocol error on https. It mentions empty string on http.
    It gives the same error on PUT and GET, so it cannot be only a PUT error.

    So, it might has to do with a bad rewrite.

    Situation 2:
    If I add
    location /api/v1/ {
    if (!-e $request_filename){
    rewrite ^/api/v1/(.*)$ /api/v1/index.php last; break;
    }
    }

    I get a "Bad server response".
    Looking at the console it mentions: dispatch query-2.1.4.min.js:3:6472
    And then displays the inside of the index.php: Bad server response: <?php
    /************************************************** **********************
    * This file is part of EspoCRM.
    *
    * EspoCRM - Open Source CRM application.
    * Copyright (C) 2014-2019 Yuri Kuznetsov, Taras Machyshy
    etc.etc.etc

    Situation 3:
    If I comment out the '" if (!-e $request_filename){ ",
    then I get a error 500 at /api/v1/Settings.

    It does not matter if I change .htaccess inside /api/v1 with or without "RewriteBase /api/v1/"

    So I think it goes wrong during the rewrite.
    I think that the whole .htaccess is not being read anymore. If I make a mistake inside the file, it does not produce the normal "wrong configuration" error.

    Situation 4:
    I then add the
    location / { try_files $uri $uri/ index.php?$query_string;

    Then the error changes to a 404 error /api/v1/Settings

    l indeed cannot read: https://crm.mydomain.com/api/v1/index.php resulting in the 404 or 500 error.

    I found the nginx.cont at: nano /usr/local/directadmin/data/users/admin/nginx.conf
    And the espo files at: cd /home/admin/domains/mydomain.com/public_html/crm/

    I tried the chmod 755, these are the results:
    -rw-r--r-- 1 admin admin 1449 22 mei 15:20 index.php
    drwxr-xr-x 2 admin admin 4096 22 mei 15:20 portal-access
    -rw-r--r-- 1 admin admin 367 22 mei 15:20 web.config

    Any help is greatly appreciated. As it is unusable at the time and we're looking so much forward start using the system. First starting with contacts... then expanding to agenda - products and invoices. Let's first get the basics right. Thank you all!
  • Maximus
    Senior Member
    • Nov 2018
    • 2731

    #2
    Hello,
    please show us a whole nginx config file.

    Comment

    • sdesp
      Member
      • May 2019
      • 51

      #3
      p.s. I did find/replace on domain name. If needed in PM I will send it of course.

      nginx.conf
      Code:
      # Auto generated nginx config file by DirectAdmin version 1.56.4
      # Modifying this file is not recommended as any changes you make will be
      # overwritten when the user makes any changes to their website
      
      # For global config changes that affect all Users, see this guide:
      # http://help.directadmin.com/item.php?id=558
      # For local config changes that only affect one User, see this guide:
      # http://help.directadmin.com/item.php?id=3
      
      
      server
      {
          listen 212.114.109.184:80;
          server_name DOMAIN.EXT www.DOMAIN.EXT ;
          access_log /var/log/nginx/domains/DOMAIN.EXT.log;
          access_log /var/log/nginx/domains/DOMAIN.EXT.bytes bytes;
          error_log /var/log/nginx/domains/DOMAIN.EXT.error.log;
          root /home/admin/domains/DOMAIN.EXT/public_html;
          index index.php index.html index.htm;
          if ($http_x_forwarded_proto != 'https') {
              return 301 https://$host$request_uri;
          }
      #    include /usr/local/directadmin/data/users/admin/nginx_php.conf;
          location /
          {
                 try_files $uri $uri/ index.php?$query_string;
              # access_log off;
              proxy_buffering off;
              proxy_pass http://212.114.109.184:8080;
              proxy_set_header X-Client-IP      $remote_addr;
              proxy_set_header X-Accel-Internal /nginx_static_files;
              proxy_set_header Host             $host;
              proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
              proxy_hide_header Upgrade;
          }
       include /usr/local/directadmin/data/users/admin/nginx_php.conf;
          location /nginx_static_files/
          {
              # access_log  /var/log/nginx/access_log_proxy;
              alias       /home/admin/domains/DOMAIN.EXT/public_html/;
              internal;
          }
          include /etc/nginx/webapps.conf;
      }
      
      server
      {
          listen 212.114.109.184:443 ssl http2;
          server_name DOMAIN.EXT www.DOMAIN.EXT ;
          access_log /var/log/nginx/domains/DOMAIN.EXT.log;
          access_log /var/log/nginx/domains/DOMAIN.EXT.bytes bytes;
          error_log /var/log/nginx/domains/DOMAIN.EXT.error.log;
          root /home/admin/domains/DOMAIN.EXT/private_html;
          index index.php index.html index.htm;
          ssl_certificate /usr/local/directadmin/data/users/admin/domains/DOMAIN.EXT.cert.combined;
          ssl_certificate_key /usr/local/directadmin/data/users/admin/domains/DOMAIN.EXT.key;
      #    include /usr/local/directadmin/data/users/admin/nginx_php.conf;
          location /
          {
              # access_log off;
              proxy_buffering off;
              proxy_pass https://212.114.109.184:8081;
              proxy_set_header X-Client-IP      $remote_addr;
              proxy_set_header X-Accel-Internal /nginx_static_files;
              proxy_set_header Host             $host;
              proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
              proxy_hide_header Upgrade;
          }
          include /usr/local/directadmin/data/users/admin/nginx_php.conf;
          location /nginx_static_files/
          {
              # access_log  /var/log/nginx/access_log_proxy;
              alias       /home/admin/domains/DOMAIN.EXT/private_html/;
              internal;
          }
          include /etc/nginx/webapps.ssl.conf;
      }
      
      server
      {
          listen 212.114.109.184:80;
          server_name crm.DOMAIN.EXT www.crm.DOMAIN.EXT ;
          access_log /var/log/nginx/domains/DOMAIN.EXT.crm.log;
          access_log /var/log/nginx/domains/DOMAIN.EXT.crm.bytes bytes;
          error_log /var/log/nginx/domains/DOMAIN.EXT.crm.error.log;
          root /home/admin/domains/DOMAIN.EXT/public_html/crm;
          index index.php index.html index.htm;
          # include /usr/local/directadmin/data/users/admin/nginx_php.conf;
          if ($http_x_forwarded_proto != 'https') {
              return 301 https://$host$request_uri;
          }
          location /
          {
             try_files $uri $uri/ index.php?$query_string;
              # access_log off;
      #        proxy_buffering off;
              proxy_pass http://212.114.109.184:8080;
      #        proxy_set_header X-Client-IP      $remote_addr;
      #        proxy_set_header X-Accel-Internal /nginx_static_files;
      #        proxy_set_header Host             $host;
      #        proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
      #        proxy_hide_header Upgrade;
          }
      include /usr/local/directadmin/data/users/admin/nginx_php.conf;
          location /nginx_static_files/
          {
              # access_log  /var/log/nginx/access_log_proxy;
              alias       /home/admin/domains/DOMAIN.EXT/public_html/crm/;
              internal;
          }
          include /etc/nginx/webapps.conf;
      }
      
      server
      {
          listen 212.114.109.184:443 ssl http2;
          server_name crm.DOMAIN.EXT www.crm.DOMAIN.EXT ;
          access_log /var/log/nginx/domains/DOMAIN.EXT.crm.log;
          access_log /var/log/nginx/domains/DOMAIN.EXT.crm.bytes bytes;
          error_log /var/log/nginx/domains/DOMAIN.EXT.crm.error.log;
          root /home/admin/domains/DOMAIN.EXT/private_html/crm;
          index index.php index.html index.htm;
          ssl_certificate /usr/local/directadmin/data/users/admin/domains/DOMAIN.EXT.cert.combined;
          ssl_certificate_key /usr/local/directadmin/data/users/admin/domains/DOMAIN.EXT.key;
      #    include /usr/local/directadmin/data/users/admin/nginx_php.conf;
          location /
          {
             try_files $uri $uri/ index.php?$query_string;
              # access_log off;
              proxy_buffering off;
              proxy_pass https://212.114.109.184:8081;
              proxy_set_header X-Client-IP      $remote_addr;
              proxy_set_header X-Accel-Internal /nginx_static_files;
              proxy_set_header Host             $host;
              proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
              proxy_hide_header Upgrade;
          }
       include /usr/local/directadmin/data/users/admin/nginx_php.conf;
          location /nginx_static_files/
          {
              # access_log  /var/log/nginx/access_log_proxy;
              alias       /home/admin/domains/DOMAIN.EXT/private_html/crm/;
              internal;
          }
          include /etc/nginx/webapps.ssl.conf;
      }

      nginx_php.conf
      Code:
          client_max_body_size 50M;
      
          location  /api/v1 {
      #        if (!-e $request_filename){
                 rewrite ^/api/v1/(.*)$ api/v1/index.php last; break;
      #      }
         }
      
          location /portal/ {
              try_files $uri $uri/ /portal/index.php?$query_string;
          }
      
          location /api/v1/portal-access {
              if (!-e $request_filename){
                  rewrite ^/api/v1/(.*)$ /api/v1/portal-access/index.php last; break;
              }
          }
      
          location ~ /reset/?$ {
              try_files /reset.html =404;
          }
      
          location ^~ (data|api)/ {
              if (-e $request_filename){
                  return 403;
              }
          }
          location ^~ /data/logs/ {
              deny all;
          }
          location ^~ /data/\.backup/ {
              deny all;
          }
          location ^~ /data/config.php {
              deny all;
          }
          location ^~ /data/cache/ {
              deny all;
          }
          location ^~ /data/upload/ {
              deny all;
          }
          location ^~ /application/ {
              deny all;
          }
          location ^~ /custom/ {
              deny all;
          }
          location ^~ /vendor/ {
              deny all;
          }
          location ~ /\.ht {
              deny all;
          }

      Comment

      • sdesp
        Member
        • May 2019
        • 51

        #4
        Just thinking out loud, should a rewrite be done different when it's on another subdomain then www.?
        as we use CRM.domain.ext...

        Comment

        • Maximus
          Senior Member
          • Nov 2018
          • 2731

          #5
          The nginx_php.conf file is the EspoCRM config file that has created in the sites-available directory with a symlink to the sites-enabled directory?

          Comment

          • sdesp
            Member
            • May 2019
            • 51

            #6
            Thank you for your reply. I could not find the "sites-available". I found

            Code:
            [root@vps01 nginx]# nginx -t
            nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
            nginx: configuration file /etc/nginx/nginx.conf test is successful
            /etc/nginx
            Code:
            #user  nginx;
            worker_processes  auto;
            pid /var/run/nginx.pid;
            
            #error_log  logs/error.log;
            #error_log  logs/error.log  notice;
            #error_log  logs/error.log  info;
            
            events {
                include /etc/nginx/nginx-events.conf;
            }
            
            http {
                include      /etc/nginx/mime.types;
                # For user configurations not maintained by DirectAdmin. Empty by default.
                include /etc/nginx/nginx-includes.conf;
             # Supplemental configuration
                include /etc/nginx/nginx-modsecurity-enable.conf;
                include /etc/nginx/nginx-defaults.conf;
                include /etc/nginx/nginx-gzip.conf;
                include /etc/nginx/nginx-proxy.conf;
                include /etc/nginx/directadmin-ips.conf;
                include /etc/nginx/directadmin-settings.conf;
                include /etc/nginx/nginx-vhosts.conf;
                include /etc/nginx/directadmin-vhosts.conf;
            }
            Then inside:
            nano /etc/nginx/nginx-vhosts.conf;

            Code:
               server {
                listen       212.114.109.184:80;
                    listen       127.0.0.1:80;
                    #listen       [::1]:80;
                    server_name  $hostname 212.114.109.184;
                    root   /var/www/html;
                    index  index.html index.htm index.php;
                    include /etc/nginx/nginx-userdir.conf;
                    location / {
                            access_log off;
                            proxy_pass http://212.114.109.184:8080;
                            proxy_set_header X-Client-IP      $remote_addr;
                            proxy_set_header X-Accel-Internal /nginx_static_files;
                            proxy_set_header Host             $host;
                            proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
                            proxy_hide_header Upgrade;
                    }
                location /nginx_static_files/ {
                            access_log  /var/log/nginx/access_log_proxy;
                            alias       /var/www/html/;
                            internal;
                    }
                # deny access to .htaccess and .user.ini files
                    location ~ /(\.ht|\.user\.ini) {
                           deny  all;
                    }
                include /etc/nginx/nginx-info.conf;
                    include /etc/nginx/webapps.hostname.conf;
                }
                # HTTPS server
                #
                server {
                  listen       212.114.109.184:443 ssl http2;
                    listen       127.0.0.1:443 ssl http2;
                    #listen       [::1]:443 ssl http2;
                    server_name  $hostname 212.114.109.184;
                    ssl_certificate         /etc/httpd/conf/ssl.crt/server.crt.combined;
                    ssl_certificate_key     /etc/httpd/conf/ssl.key/server.key;
                    root   /var/www/html;
                  index  index.html index.htm index.php;
                    include /etc/nginx/nginx-userdir.conf;
                    location / {
                            access_log off;
                            proxy_pass https://212.114.109.184:8081;
                            proxy_set_header X-Client-IP      $remote_addr;
                            proxy_set_header X-Accel-Internal /nginx_static_files;
                            proxy_set_header Host             $host;
                            proxy_set_header X-Forwarded-For  $proxy_add_x_forwarded_for;
                            proxy_hide_header Upgrade;
                    }
                location /nginx_static_files/ {
                            access_log  /var/log/nginx/access_log_proxy;
                            alias       /var/www/html/;
                            internal;
                    }
                    # deny access to .htaccess and .user.ini files
                    location ~ /(\.ht|\.user\.ini) {
                            deny  all;
                    }
                include /etc/nginx/nginx-info.conf;
                    include /etc/nginx/webapps.hostname.conf;
                }
            There is a include:
            /etc/nginx/directadmin-vhosts.conf;

            Code:
            include /usr/local/directadmin/data/users/admin/nginx.conf;
            So that brought me to the location: /usr/local/directadmin/data/users/admin/nginx.conf;
            And, seeing the right
            server_name crm.DOMAIN.EXT www.crm.DOMAIN.EXT ; Brought me to the conclusion this should be the right file.

            Comment

            • sdesp
              Member
              • May 2019
              • 51

              #7
              If I make a mistake in the /api/v1/.htaccess
              I get error 500 (as it should, I guess) reading CRM.domain.ext/api/v1/ and CRM.domain.ext/api/v1/index.php
              But if I visit: CRM.domain.ext/api/v1/TEST (as it is a directory) - I do get a Webpage - saying: © 2019 EspoCRM, with Title page: EspoCRM

              Does this information is of any help?

              Comment

              • Maximus
                Senior Member
                • Nov 2018
                • 2731

                #8
                You can add the EspoCRM config (as defined here https://www.espocrm.com/documentatio...n-nginx-server ) to your default config file or create for this purpose virtual host.
                Take a look at how the EspoCRM config is defined in my default config file. The root directory is /var/www/html where is situated the EspoCRM main directory called 561.
                Code:
                # Default server configuration
                #
                server {
                    listen 8080 default_server;
                    listen [::]:8080 default_server;
                
                    # SSL configuration
                    #
                    #listen 443 ssl default_server;
                    #listen [::]:443 ssl default_server;
                
                    #
                    # Note: You should disable gzip for SSL traffic.
                    # See: https://bugs.debian.org/773332
                    #
                    # Read up on ssl_ciphers to ensure a secure configuration.
                    # See: https://bugs.debian.org/765782
                    #
                    # Self signed certs generated by the ssl-cert package
                    # Don't use them in a production server!
                    #
                    include snippets/snakeoil.conf;
                
                    root /var/www/html;
                
                    # Add index.php to the list if you are using PHP
                    index index.html index.htm index.nginx-debian.html index.php;
                
                    server_name localhost;
                
                    location / {
                        # First attempt to serve request as file, then
                        # as directory, then fall back to displaying a 404.
                        try_files $uri $uri/ =404;
                        #try_files $uri $uri/ /index.php?$args;
                        #try_files $uri $uri/ /index.php?$query_string;
                    }
                
                
                    # pass PHP scripts to FastCGI server
                    #
                    location ~ \.php$ {
                        include snippets/fastcgi-php.conf;
                        #try_files $uri $uri/ =404;
                        #try_files $uri $uri/ /index.php?$args;
                        #try_files $uri $uri/ /index.php?$query_string;
                        #fastcgi_index index.php;
                        include fastcgi.conf;
                        fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
                    }
                
                    location ~* ^.+.(js|css|jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
                        expires 1M;
                        access_log off;
                        add_header Cache-Control "public";
                    }
                
                    location = /favicon.ico { access_log off; log_not_found off; }
                    location = /robots.txt  { access_log off; log_not_found off; }
                
                    ## Disable viewing .htaccess & .htpassword
                    location ~ /(\.ht|\web.config|\.git) {
                        deny all;
                    }
                
                    ######################### Config for EspoCRM  ############################
                    location /561 {
                        location /561/api/v1/ {
                            if (!-e $request_filename){
                                rewrite ^/561/api/v1/(.*)$ /561/api/v1/index.php last; break;
                            }
                        }
                
                        location /561/portal/ {
                            try_files $uri $uri/ /561/portal/index.php?$query_string;
                        }
                
                        location /561/api/v1/portal-access {
                            if (!-e $request_filename){
                                rewrite ^/561/api/v1/(.*)$ /561/api/v1/portal-access/index.php last; break;
                            }
                        }
                
                        location ~ /561/reset/?$ {
                            try_files /reset.html =404;
                        }
                
                        location ^~ /561(data|api)/ {
                            if (-e $request_filename){
                                return 403;
                            }
                        }
                        location ^~ /561/data/logs/ {
                            deny all;
                        }
                        location ^~ /561/data/\.backup/ {
                            deny all;
                        }
                        location ^~ /561/data/config.php {
                            deny all;
                        }
                        location ^~ /561/data/cache/ {
                            deny all;
                        }
                        location ^~ /561/data/upload/ {
                            deny all;
                        }
                        location ^~ /561/application/ {
                            deny all;
                        }
                        location ^~ /561/custom/ {
                            deny all;
                        }
                        location ^~ /561/vendor/ {
                            deny all;
                        }
                        location ~ /561/\.ht {
                            deny all;
                        }
                    }
                }
                If you want to use a registered domain name for this you should create the virtual host.
                Last edited by Maximus; 05-28-2019, 12:18 PM.

                Comment

                • sdesp
                  Member
                  • May 2019
                  • 51

                  #9
                  Great. I simplified my setup, removing the
                  /usr/local/directadmin/data/users/admin/nginx.conf
                  And I inserted a
                  /usr/local/directadmin/data/users/admin/espo.conf
                  The results:
                  If I open CRM.domain.ext I don't see a page. But there is a download started with the Filename= same-as-url. Contents=/index.php
                  If I open CRM.domain.ext/api/v1 there is a file downloaded Filename=v1.dms. Contents=/api/v1/index.php
                  If I open CRM.domain.ext/api/v1/index.php there is a file downloaded Filename=index.php. Contents=/api/v1/index.php
                  If I open CRM.domain.ext/api/v1/web.config --> 403 forbidden (nginx)
                  If I open CRM.domain.ext/api/v1/ANYTHING there is a file downloaded Filename=anything.dms. Contents=/api/v1/index.php

                  So in general the new config without the (complex) standard vps /admin/nginx.conf works as the downloads are indeed files inside the webserver. But the result is not making it work (yet). I'm learning nginx on the fly

                  My edits and files:

                  I removed the /561 and 561, as the files are in root (of subdomain)
                  Meaning putting together the location /, otherwise it would be a duplicate (IS THIS RIGHT?)

                  In my old file I couldn't see the same php FastCGI include. With "find -name" I found a .conf. I included that one. NOT SURE IF THIS IS CORRECT

                  Code:
                  [root@vps01 /]# find -name "*fast*.conf"
                  ./etc/yum/pluginconf.d/fastestmirror.conf
                  ./etc/nginx/fastcgi.conf
                  
                  [root@vps01 /]# find -name "*fp*.conf"
                  ./usr/local/php70/etc/php-fpm.conf
                  ./usr/local/php71/etc/php-fpm.conf
                  ./usr/local/php72/etc/php-fpm.conf
                  ./usr/local/directadmin/custombuild/php-7.2.17/sapi/fpm/php-fpm.conf
                  ./usr/local/directadmin/data/users/admin/php/php-fpm70.conf
                  ./usr/local/directadmin/data/users/admin/php/php-fpm72.conf
                  ./usr/local/directadmin/data/templates/php-fpm.conf
                  /etc/nginx/fastcgi.conf; contains:
                  Code:
                  fastcgi_param  SCRIPT_FILENAME    $document_root$fastcgi_script_name;
                  fastcgi_param  QUERY_STRING      $query_string;
                  fastcgi_param  REQUEST_METHOD     $request_method;
                  fastcgi_param  CONTENT_TYPE      $content_type;
                  fastcgi_param  CONTENT_LENGTH     $content_length;
                  
                  fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
                  fastcgi_param  REQUEST_URI        $request_uri;
                  fastcgi_param  DOCUMENT_URI      $document_uri;
                  fastcgi_param  DOCUMENT_ROOT      $document_root;
                  fastcgi_param  SERVER_PROTOCOL    $server_protocol;
                  fastcgi_param  REQUEST_SCHEME     $scheme;
                  fastcgi_param  HTTPS              $https if_not_empty;
                  
                  fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
                  fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;
                  
                  fastcgi_param  REMOTE_ADDR        $remote_addr;
                  fastcgi_param  REMOTE_PORT        $remote_port;
                  fastcgi_param  SERVER_ADDR        $server_addr;
                  fastcgi_param  SERVER_PORT        $server_port;
                  fastcgi_param  SERVER_NAME        $server_name;
                  
                  # PHP only, required if PHP was built with --enable-force-cgi-redirect
                  fastcgi_param  REDIRECT_STATUS    200;
                  But I couldn't find a php7.2-fpm.sock

                  Code:
                  [root@vps01 /]# sudo service php-fpm72 stop
                  Redirecting to /bin/systemctl stop php-fpm72.service
                  [root@vps01 /]# sudo service php-fpm72 start
                  Redirecting to /bin/systemctl start php-fpm72.service
                  
                  [root@vps01 /]# find -name "php7*"
                  ./usr/local/php70
                  ./usr/local/php70/bin/php70
                  ./usr/local/php70/php/man/man1/php70.1
                  ./usr/local/php71
                  ./usr/local/php71/bin/php71
                  ./usr/local/php71/php/man/man1/php71.1
                  ./usr/local/php72
                  ./usr/local/php72/bin/php72
                  ./usr/local/php72/php/man/man1/php72.1
                  ./usr/local/directadmin/custombuild/php-7.1.28/win32/php7ts_cli.rc
                  ./usr/local/directadmin/custombuild/php-7.1.28/win32/php7ts_cli.rc2
                  ./usr/local/directadmin/custombuild/php-7.1.28/win32/php7dllts.rc
                  ./usr/local/directadmin/custombuild/php-7.1.28/win32/php7ts.rc2
                  ./usr/local/directadmin/custombuild/php-7.1.28/win32/php7ts.rc
                  ./usr/local/directadmin/custombuild/php-7.1.28/win32/php7dllts.rc2
                  ./usr/local/directadmin/custombuild/php-7.1.28/php7.spec.in
                  ./usr/local/directadmin/custombuild/php-7.2.17/win32/php7ts_cli.rc
                  ./usr/local/directadmin/custombuild/php-7.2.17/win32/php7ts_cli.rc2
                  ./usr/local/directadmin/custombuild/php-7.2.17/win32/php7dllts.rc
                  ./usr/local/directadmin/custombuild/php-7.2.17/win32/php7ts.rc2
                  ./usr/local/directadmin/custombuild/php-7.2.17/win32/php7ts.rc
                  ./usr/local/directadmin/custombuild/php-7.2.17/win32/php7dllts.rc2
                  ./usr/local/directadmin/custombuild/php-7.2.17/php7.spec.in
                  ./usr/local/directadmin/custombuild/php-7.2.17/php7.spec
                  
                  [root@vps01 /]# find -name "*.sock"
                  ./usr/local/php71/sockets/webapps.sock
                  ./usr/local/php72/sockets/webapps.sock
                  ./usr/local/php72/sockets/admin.sock
                  ./run/rpcbind.sock
                  ./var/lib/mysql/mysql.sock
                  Code:
                  [root@vps01 /]# nginx -t
                  nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
                  nginx: configuration file /etc/nginx/nginx.conf test is successful
                  So the Whole nano /usr/local/directadmin/data/users/admin/espo.conf
                  Code:
                  #Espo specific files;
                  # Default server configuration
                  #
                  server {
                          listen 212.114.109.184:80;
                      listen 212.114.109.184:443 ssl http2;
                  #    listen 8080 default_server;
                  #    listen [::]:8080 default_server;
                      server_name crm.DOMAIN.EXT www.crm.DOMAIN.EXT;
                  
                      access_log /var/log/nginx/domains/DOMAIN.EXT.crm.log;
                      access_log /var/log/nginx/domains/DOMAIN.EXT.crm.bytes bytes;
                      error_log /var/log/nginx/domains/DOMAIN.EXT.crm.error.log;
                  
                  
                      # SSL configuration
                      #
                      #listen 443 ssl default_server;
                      #listen [::]:443 ssl default_server;
                  
                      #
                      # Note: You should disable gzip for SSL traffic.
                      # See: https://bugs.debian.org/773332
                      #
                      # Read up on ssl_ciphers to ensure a secure configuration.
                      # See: https://bugs.debian.org/765782
                      #
                      # Self signed certs generated by the ssl-cert package
                      # Don't use them in a production server!
                      #
                      # =redir ssl certificate    include snippets/snakeoil.conf;
                      ssl_certificate /usr/local/directadmin/data/users/admin/domains/DOMAIN.EXT.cert.combined;
                      ssl_certificate_key /usr/local/directadmin/data/users/admin/domains/DOMAIN.EXT.key;
                  
                      root /home/admin/domains/DOMAIN.EXT/private_html/crm;
                  
                      # Add index.php to the list if you are using PHP
                      index index.html index.htm index.nginx-debian.html index.php;
                  
                    #  server_name localhost;
                  
                   #   location / {
                          # First attempt to serve request as file, then
                          # as directory, then fall back to displaying a 404.
                  #        try_files $uri $uri/ =404;
                          #try_files $uri $uri/ /index.php?$args;
                          #try_files $uri $uri/ /index.php?$query_string;
                   #   }
                  
                  
                      # pass PHP scripts to FastCGI server
                      #
                      location ~ \.php$ {
                  
                          include /etc/nginx/fastcgi.conf;
                  #        include snippets/fastcgi-php.conf;
                          #try_files $uri $uri/ =404;
                          #try_files $uri $uri/ /index.php?$args;
                          #try_files $uri $uri/ /index.php?$query_string;
                          #fastcgi_index index.php;
                  #        include fastcgi.conf;
                          fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
                      }
                  
                      location ~* ^.+.(js|css|jpg|jpeg|gif|png|ico|cur|gz|svg|svgz|mp4|ogg|ogv|webm|htc)$ {
                          expires 1M;
                          access_log off;
                          add_header Cache-Control "public";
                      }
                  
                      location = /favicon.ico { access_log off; log_not_found off; }
                      location = /robots.txt  { access_log off; log_not_found off; }
                  
                      ## Disable viewing .htaccess & .htpassword
                      location ~ /(\.ht|\web.config|\.git) {
                          deny all;
                      }
                  
                  
                      ######################### Config for EspoCRM  ############################
                         location /{
                  
                        # First attempt to serve request as file, then
                          # as directory, then fall back to displaying a 404.
                          try_files $uri $uri/ =404;
                          #try_files $uri $uri/ /index.php?$args;
                          #try_files $uri $uri/ /index.php?$query_string;
                  
                  
                        location /api/v1/ {
                              if (!-e $request_filename){
                                  rewrite ^/api/v1/(.*)$ /api/v1/index.php last; break;
                              }
                      }
                  
                      location /portal/ {
                              try_files $uri $uri/ /portal/index.php?$query_string;
                          }
                  
                      location /api/v1/portal-access {
                              if (!-e $request_filename){
                                  rewrite ^/api/v1/(.*)$ /api/v1/portal-access/index.php last; break;
                              }
                      }
                  
                      location ~ /reset/?$ {
                              try_files /reset.html =404;
                          }
                  
                      location ^~ /(data|api)/ {
                              if (-e $request_filename){
                             return 403;
                              }
                      }
                      location ^~ /data/logs/ {
                              deny all;
                          }
                      location ^~ /data/\.backup/ {
                              deny all;
                          }
                      location ^~ /data/config.php {
                              deny all;
                          }
                      location ^~ /data/cache/ {
                              deny all;
                          }
                      location ^~ /data/upload/ {
                              deny all;
                          }
                      location ^~ /application/ {
                  
                              deny all;
                          }
                      location ^~ /custom/ {
                              deny all;
                          }
                      location ^~ /vendor/ {
                              deny all;
                          }
                      location ~ /\.ht {
                              deny all;
                          }
                      }

                  Comment

                  • sdesp
                    Member
                    • May 2019
                    • 51

                    #10
                    I think that with copy/pase some ## came in extra. sorry, will try to correct here.

                    Comment

                    • sdesp
                      Member
                      • May 2019
                      • 51

                      #11
                      I see -- gateway goes wrong with:


                      Code:
                         location ~ \.php$ {
                      
                       #include /etc/nginx/fastcgi.conf;
                      #        include snippets/fastcgi-php.conf;
                              #try_files $uri $uri/ =404;
                              #try_files $uri $uri/ /index.php?$args;
                              #try_files $uri $uri/ /index.php?$query_string;
                              #fastcgi_index index.php;
                              include fastcgi.conf;
                              fastcgi_pass unix:/var/run/php/php7.2-fpm.sock;
                          }
                      I need to figure out how this server handles this part.
                      If I ### them, then then I'm back at the server bad response as before. I need to look further into this.

                      Comment

                      • sdesp
                        Member
                        • May 2019
                        • 51

                        #12
                        I noticed CentOS has no get-update. But I performed Yum-update.
                        PHP not being loaded properly fixed with:
                        Code:
                        # Pass all .php files onto a php-fpm/php-fcgi server.
                        location ~ \.php$ { try_files $uri =404;
                        fastcgi_split_path_info ^(.+\.php)(/.+)$;
                        include /etc/nginx/fastcgi_params;
                        fastcgi_index index.php;
                        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
                        include /etc/nginx/nginx_limits.conf;
                        fastcgi_pass unix:/usr/local/php72/socketwebapps.sock;
                        fastcgi_pass unix:/usr/local/php72/sockets/admin.sock;
                        fastcgi_cache_bypass $no_cache;
                        fastcgi_no_cache $no_cache;
                        fastcgi_cache WORDPRESS;
                        
                        #fastcgi_cache_valid 5m;
                        fastcgi_cache_valid 200 302 60m;
                        fastcgi_cache_valid 301 1h; fastcgi_cache_valid any 60m;
                        fastcgi_hide_header Pragma;
                        fastcgi_hide_header X-Page-Speed;
                        fastcgi_hide_header X-Pingback; fastcgi_hide_header X-Powered-By;
                        fastcgi_ignore_headers Cache-Control Expires;
                        }
                        code I found on the web.

                        Result so far:
                        I can access espocrm again.

                        Still editing existing values results into: jquery-2.1.4.min.js:4 PUT https://crm.DOMAIN.EXT/api/v1/Settings --> net::ERR_SPDY_PROTOCOL_ERROR

                        simple open page:
                        https://crm.DOMAIN.EXT/api/v1/test.php -> loading fine (printing php info)
                        https://crm.DOMAIN.EXT/api/v1/ -> produces webpage: "
                        <h1>EspoCRM REST API</h1>"

                        https://crm.acs.eu/api/ -> produces 403 forbidden

                        Still feels it is going wring inside /api/v1 directory.
                        Is this something that can be fixed with .htaccess?


                        Comment

                        • sdesp
                          Member
                          • May 2019
                          • 51

                          #13
                          OK, I did a fresh install, following:


                          Just to know all files in http are right.

                          And for permissions I tried:
                          chown -R admin:admin *
                          chown -R nginx:nginx *
                          chown -R apache:apache *


                          Still I get on http:
                          /api/v1/User/1:1 Failed to load resource: net::ERR_EMPTY_RESPONSE

                          And on https:
                          https://crm.DOM.EXT/api/v1/Task/5ceba5da7ec1e4ddd net::ERR_SPDY_PROTOCOL_ERROR

                          I also found this thread: https://forum.espocrm.com/forum/inst...ain-auth-error
                          Looking a bit similar.

                          My Path in data/config.php
                          'siteUrl' => 'https://crm.DOM.EXT:443/',

                          Stange is that the file on error, can be loaded when clicked. AJAX error?
                          Or something with the Subdomain?

                          ​​​​​​​
                          Click image for larger version

Name:	Schermafdruk 2019-06-03 09.38.47.png
Views:	1067
Size:	76.0 KB
ID:	48866
                          Click image for larger version

Name:	Schermafdruk 2019-06-03 09.38.56.png
Views:	915
Size:	23.2 KB
ID:	48867
                          Click image for larger version

Name:	Schermafdruk 2019-06-03 09.39.08.png
Views:	987
Size:	67.8 KB
ID:	48868

                          I tried the .htaccess in /api/v1 with:
                          RewriteBase /api/v1/

                          And
                          RewriteBase /api/v1

                          AND
                          # RewriteBase /api/v1/

                          Browsers tested in Safari and Opera and IE.

                          Tips?


                          Comment

                          • Maximus
                            Senior Member
                            • Nov 2018
                            • 2731

                            #14
                            I see that you completely finish your installation.
                            Don't use the .htaccess file because the nginx doesn't work with it. I think that the problem with the permissions of the EspoCRM. Set the permissions according to this https://www.espocrm.com/documentatio...-based-systems.
                            You can also switch to the console tab of the F12 mode or check the error log file here in the EspoCRM/data/logs to see more info about this error.

                            Comment

                            • sdesp
                              Member
                              • May 2019
                              • 51

                              #15
                              I tried this without any luck:


                              cd /home/admin/domains/DOMAIN.EXT/public_html/crm
                              find . -type d -exec chmod 755 {} + && find . -type f -exec chmod 644 {} +; find data custom client/custom -type d -exec chmod 775 {} + && find data custom client/custom -type f -exec chmod 664 {} +; chmod 775 application/Espo/Modules client/modules;
                              chown -R admin:admin .;
                              Looking at F12


                              Click image for larger version

Name:	Knipsel.PNG
Views:	963
Size:	34.3 KB
ID:	48940

                              It looks like XMLHttpRequests are not being processed.

                              As it seem to be a bit harder then I thought, maybe someone willing to help me (at a small fee)? I can send SSH login info if needed and/ or with teamviewer, also possible.

                              Comment

                              Working...