June 17, 20196 yr When I create a user the default subdomain 29_froxlor_normal_vhost_breakthroug.rhlab.io.conf for instance is created like this: server { listen 172.31.24.34:80; server_name breakthroug.rhlab.io *.breakthroug.rhlab.io; I would like it to listen on port 443. I have a wildcard certificate and http://* is set to redirect to https:// on my domain. Is there a setting for this somewhere that I am missing??? ... a little later ... Now I have it creating a 29_froxlor_ssl_vhost_breakthroug.rhlab.io.conf file. It was missing the ssl_certificate_key so I put it in. When I try to surf to the site I get an error: 2019/06/18 01:01:46 [error] 28498#28498: *15 "/var/customers/webs/breakthroug/index.php" is forbidden (13: Permission denied), client: 108.162.242.14, server: breakthroug.rhlab.io, request: "GET / HTTP/1.1", host: "breakthroug.rhlab.io". There is no index.php, only an index.html. When I try to get /index.html I get: 2019/06/18 01:38:06 [crit] 28496#28496: *38 stat() "/var/customers/webs/breakthroug/index.html" failed (13: Permission denied), client: 108.162.242.14, server: breakthroug.rhlab.io, request: "GET /index.html HTTP/1.1", host: "breakthroug.rhlab.io" I feel like maybe I am close. ... a little bit more later .... I did `chgrp -R www-data /var/customers/webs/breakthroug` and now I see the index.html file. Then with a `chgrp www-data /var/run/1-breakthroug-breakthroug.rhlab.io-php-fpm.socket` I could also see a phpinfo.php file that I created in the same folder as the index.html. My question remains. Are there config options in froxlor that would let me create a file in the sites-enabled folder with the ssl_certificate_key, a socket and root folder with the www-data group?
June 19, 20196 yr You are using php-fpm, so did you set up libnss-mysql or libnss-extrausers accordingly? It should NEVER be necessary to chown a customers directory to www-data!
June 20, 20196 yr Author I set up libnss-mysql so that It seemed to work. The directory was owned by the user that I created and he was in the ftp-users table. I didn't chown the folder I chgrp'd the folder and the php-fpm socket. My nginx is running as www-data:www-data. I guess that there is something that I am missing. It looks like from the sites-enabled/* files that php-fpm is just for the php files. How does nginx see the static files or the php-fpm socket if they aren't in the www-data group?
June 20, 20196 yr 4 hours ago, Richard Hildred said: I didn't chown the folder I chgrp'd the folder and the php-fpm socket. My nginx is running as www-data:www-data. This should also not be necessary. As i do not know your set up or what settings you've set and not, it's hard to reproduce, especially when you've messed with ownerships manually. I just say, normally, this works smoothly out of the box
Archived
This topic is now archived and is closed to further replies.