実現したいこと
ここに実現したいことを箇条書きで書いてください。
- NextCloudをインストール直後にapps/dashboardにアクセスし、403エラーが表示されるのを直したい
前提
ubuntu 22.04.3 LTS
nginx 1.25.3
php 8.2.13
mariadb 15.1
NextCloud 28
以上の環境でNextCloudをインストールし、インストール画面は無事通りました。
続けて、アプリをインストールするか?という画面で「はい」として処理を待っていたところ、403エラー画面に遷移しました。
発生している問題・エラーメッセージ
ブラウザ上では 403 Forbidden nginx とだけ表示されています。 /var/log/nginx/error.logには directory index of "/var/www/nextcloud/apps/dashboard/" is forbidden, client: x.x.x.x, server: example.com, request: "GET /apps/dashboard/ HTTP/2.0", host: "example.com" と残っています。
試したこと
いったん/var/www/nextcloudを削除し、再インストール。
mariadbからnextcloudのデータベースを削除し、再作成。
補足情報
nginx.confは以下の通りです。
upstream php-handler { server unix:/var/run/php/php8.2-fpm.sock; } map $arg_v $asset_immutable { "" ""; default "immutable"; } server { server_name example.com www.example.com; listen 80; listen [::]:80; server_tokens off; add_header X-Frame-Options "SAMEORIGIN"; add_header X-Content-Type-Options "nosniff"; add_header X-XSS-Protection "1; mode=block"; location ^~ /.well-known/(acme-challenge|pki-validation)/ { default_type "text/plain"; root /var/www/html; } return 301 https://$host$request_uri; location = /.well-known/webfinger { return 301 /index.php$uri; } location = /.well-known/nodeinfo { return 301 /index.php$uri; } } server { listen 443 ssl; http2 on; listen [::]:443 ssl; server_name example.com; server_tokens off; ssl_certificate /etc/letsencrypt/live/example.com/fullchain.pem; ssl_certificate_key /etc/letsencrypt/live/example.com/privkey.pem; ssl_dhparam /etc/example.com/ssl-dhparams.pem; location ~ /.well-known { allow all; } location = /.well-known/webfinger { return 301 /index.php$uri; } location = /.well-known/nodeinfo { return 301 /index.php$uri; } ssl_session_cache builtin:1000 shared:SSL:10m; ssl_session_timeout 1d; ssl_session_tickets off; ssl_protocols TLSv1.2 TLSv1.3; ssl_ciphers ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384; ssl_prefer_server_ciphers on; add_header Strict-Transport-Security "max-age=63072000; includeSubDomains; preload" always; add_header Referrer-Policy "no-referrer" always; add_header X-Content-Type-Options "nosniff" always; add_header X-Download-Options "noopen" always; add_header X-Frame-Options "SAMEORIGIN" always; add_header X-Permitted-Cross-Domain-Policies "none" always; add_header X-Robots-Tag "noindex,nofollow" always; add_header X-XSS-Protection "1; mode=block" always; fastcgi_hide_header X-Powered-By; include mime.types; types { text/javascript js mjs; } root /var/www/nextcloud; location = /robots.txt { allow all; log_not_found off; access_log off; } location = /.well-known/carddav { return 301 $scheme://$host:$server_port/remote.php/dav; } location = /.well-known/caldav { return 301 $scheme://$host:$server_port/remote.php/dav; } client_max_body_size 1024M; fastcgi_buffers 64 4K; client_body_buffer_size 512k; gzip on; gzip_vary on; gzip_comp_level 4; gzip_min_length 256; gzip_proxied expired no-cache no-store private no_last_modified no_etag auth; gzip_types application/atom+xml text/javascript application/javascript application/json application/ld+json application/manifest+json application/rss+xml application/vnd.geo+json application/vnd.ms-fontobject application/x-font-ttf application/x-web-app-manifest+json application/xhtml+xml application/xml font/opentype image/bmp image/svg+xml image/x-icon text/cache-manifest text/css text/plain text/vcard text/vnd.rim.location.xloc text/vtt text/x-component text/x-cross-domain-policy; location / { try_files $uri $uri/ /index.php$request_uri; } location ~ ^\/(?:build|tests|config|lib|3rdparty|templates|data)\/ { deny all; } location ~ ^\/(?:\.|autotest|occ|issue|indie|db_|console) { deny all; } location ~ \.php(?:$|/) { # Required for legacy support rewrite ^/(?!index|remote|public|cron|core\/ajax\/update|status|ocs\/v[12]|updater\/.+|ocs-provider\/.+|.+\/richdocumentscode\/proxy) /index.php$request_uri; fastcgi_split_path_info ^(.+?\.php)(/.*)$; set $path_info $fastcgi_path_info; try_files $fastcgi_script_name =404; include fastcgi_params; fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; fastcgi_param PATH_INFO $path_info; fastcgi_param HTTPS on; fastcgi_param modHeadersAvailable true; # Avoid sending the security headers twice fastcgi_param front_controller_active true; # Enable pretty urls fastcgi_pass php-handler; fastcgi_intercept_errors on; fastcgi_request_buffering off; fastcgi_max_temp_file_size 0; } location ~ \.(?:css|js|mjs|svg|gif|png|jpg|ico|wasm|tflite|map|ogg|flac)$ { try_files $uri /index.php$request_uri; add_header Cache-Control "public, max-age=15778463, $asset_immutable"; access_log off; # Optional: Don't log access to assets location ~ \.wasm$ { default_type application/wasm; } } location ~ \.woff2?$ { try_files $uri /index.php$request_uri; expires 7d; # Cache-Control policy borrowed from `.htaccess` access_log off; # Optional: Don't log access to assets } location ~ \.(?:png|html|ttf|ico|jpg|jpeg|bcmap|mp4|webm)$ { try_files $uri /index.php$request_uri; access_log off; } }
推測
以前NextCloudをインストールしたときにはアプリをインストールしなかった気がします。
それを踏まえると、そもそも/var/www/nextcloud/apps/dashboardのパーミッションに間違いがあるか、index.phpが存在しないのが問題があるような気がします。
これ以外に見直す点を思いつかないのですが、他に必要な情報はございますか?
0 コメント