tomashastings commented 11 years ago

I was pleased to see 1.7 has finally been released, yet somewhat displeased to see the zip file contains a number of .htaccess files.

Installing went fine, but as soon as I wanted to set up the API to inject e-mails into the system I ran into a number of 'URL not supported' errors.

I had set up NGINX to handle the /api/* URLS by adding this line to my configuration:

location ~ ^/api/(tickets|tasks)(.*)$ { try_files $uri $uri/ /api/http.php; }

Yet the requests still failed, it turns out the function get_path_info returns $_SERVER['PATH_INFO'] or $_SERVER['ORIG_PATH_INFO'], both of which aren't set when using NGINX + PHP-FPM.

I had to rewrite get_path_info() to have it look at the REQUEST_URI, snip off the excess bits at the front and back and return the part of the url which is expected.

The function get_path_info contains the following comment: //TODO: conruct possible path info.

You might want to change that to 'TODO: don't rely on PATH_INFO as it's unreliable cross-platform

protich commented 11 years ago

@tomashastings - Thank you for the feedback.

Like any other software osTicket v1.7 is not perfect! In our defense the requirements clearly indicates Apache & IIS being the supported web servers. We were sort aware of possible issues related to reliance on AcceptPathInfo directive and mode_rewrite on api urls - e.g path info on nginx.

Since we couldn't possibly test all possible server configurations - relying on collaborative feedback from the field/users (like yourself) is the approach we took. After all, it's an open source project.

I don't mean to sound defensive - but the tone of your feedback came off as "Look at all the work you guys made me do". TODO comments on open source code base are open invites for others to help. It would have been nice to get a pull request on path info fix you implemented and may be a writeup on how you got the API to work on nginx web server.

It's the open source way - together we can make it better.

tomashastings commented 11 years ago

Thanks for the reply protich, I'm sorry if my message came off a little strong, English isn't my main language.

I also seem to have overlooked the Apache/IIS requirement. I've used Apache for years but have moved to NGINX for performance reasons, I'm used to having to jump through a few hoops to get things working so that's ok.

As far as path info on nginx goes, the fastcgi_split_path_info directive isn't the solution as it's intended use are urls like /foo/bar.php/some/path and the osTicket api URL's don't contain .php

The way to get php to handle a non-existing url is by using the try_files directive.

Also, I'm new to Github, all I've ever used it for is looking-at and downloading code, never contributing, if I knew what a pull request was, I might have used it ;)

As far as a solution goes, I'll gladly provide information on how to get everything to work, but it involves a little editing of class.osticket.php and I'm not quite sure if /everything/ works yet, haven't had the time to test and find out which parts of osTicket rely on the get_path_info() function.

I plan to install apache on another port to see if I didn't break anything and if both webservers act the same.

Going to read up on pull requests and how to help now.

protich commented 11 years ago

Thanks for the reply. No apology needed - all I wanted you to know is that, you can help make osTicket better. You're now chief NGINX resident expert and with your feedback/help you can help others in the osTicket community - who might not be as tech-savvy as you.

That said, we have 2 issues;

API's url rewrite

I'm assuming the sample code you posted (quoted below) rewrites the requested URL on-the-fly.

location ~ ^/api/(tickets|tasks)(.*)$ {
try_files $uri $uri/ /api/http.php;
}

Basically we need to rewrite request to /api/path.x as /api/http.php/path.x

Missing PATH_INFO

osTicket's url dispatcher for the API and AJAX calls relies on PATH_INFO to serve the request. Best approach, in my opinion, is to let the server set the info - hence the need to enable AcceptPathInfo directive in apache. For NGINX I'm assuming fastcgi_split_path_info accomplishes the same.

As for users who can't possibly change web server's configuration - we'll need to put together a fix in get_path_info() method - something you already implemented.

PS: It's totally worth it to learn git. Let me know if I can be of any help.

tomashastings commented 11 years ago

I couldn't get it to work with fastcgi_split_path_info, I think that's meant for /file.php/extra/path type urls and not /fake/extra/path like osTicket is using (please correct me if i'm wrong).

I had a fix in which I modified class.osticket.php to chop up the request_uri and get the path_info from there, but that's far from ideal, so I decided to make nginx set the PATH_INFO by using set, if and a regular expression in the server-configuration.

This configuration file for NGINX seems to work, it set's PATH_INFO where needed, denies access to files which need not be accessed directly and serves the api/ajax requests

server {
        listen 80;
        server_name tickets.example.net;

        root /usr/home/tickets/html;
        access_log  /usr/home/tickets/logs/access.log main;

        set $path_info "";

        # Deny access to all files in the include directory
        location ~ ^/include {
                deny all;
                return 403;
        }

        # Deny access to apache .ht* files (nginx doesn't use these)
        location ~ /\.ht {
                deny all;
        }

        # Requests to /api/* need their PATH_INFO set, this does that
        if ($request_uri ~ "^/api(/[^\?]+)") {
                set $path_info $1;
        }

        # /api/*.* should be handled by /api/http.php if the requested file does not exist
        location ~ ^/api/(tickets|tasks)(.*)$ {
                try_files $uri $uri/ /api/http.php;
        }

        # /scp/ajax.php needs PATH_INFO too, possibly more files need it hence the .*\.php
        if ($request_uri ~ "^/scp/.*\.php(/[^\?]+)") {
                set $path_info $1;
        }

        # Make sure requests to /scp/ajax.php/some/path get handled by ajax.php
        location ~ ^/scp/ajax.php/(.*)$ {
                try_files $uri $uri/ /scp/ajax.php;
        }

        # Set index.php as our directoryindex
        location / {
                index index.php;
        }

        # Send php files off to the PHP-FPM listing on localhost:9000
        location ~ \.php$ {
                try_files $uri =404;
                fastcgi_pass    127.0.0.1:9000;
                fastcgi_index   index.php;
                fastcgi_param   SCRIPT_FILENAME         $document_root$fastcgi_script_name;
                fastcgi_param   PATH_INFO               $path_info;
                include fastcgi_params;
        }

}

tomashastings commented 11 years ago

I slept on the above and came up with the following solution for people who cannot (or don't want to) modify their nginx config, the use of 'if' statements in nginx is discouraged ( see: http://wiki.nginx.org/IfIsEvil )

By modifying class.osticket.php's get_path_info function, the path info is determined by looking at the request_uri and script_name.

I tested it on the /api and /scp/ajax.php urls and it seems to work as expected:

    function get_path_info() {
        if(isset($_SERVER['PATH_INFO']) && !empty($_SERVER['PATH_INFO']))
            return $_SERVER['PATH_INFO'];

        if(isset($_SERVER['ORIG_PATH_INFO']) && !empty($_SERVER['ORIG_PATH_INFO']))
            return $_SERVER['ORIG_PATH_INFO'];

        $request_uri = preg_replace('@\?.*$@', '', $_SERVER['REQUEST_URI']);

        if (strpos($request_uri, $_SERVER['SCRIPT_NAME']) !== false) {
            $guessed_pathinfo = preg_replace('#^'.preg_quote($_SERVER['SCRIPT_NAME']).'#', '', $request_uri);
        } else {
            $guessed_pathinfo = preg_replace('#^'.preg_quote(preg_replace('@/([^/]+)$@', '', $_SERVER['SCRIPT_NAME'])).'#', '', $request_uri);
        }
        if (!empty($guessed_pathinfo))
            return $guessed_pathinfo;

        return null;
    }

deanet commented 11 years ago

any update of this issue ? i'm currently using branch repo but it still doesnt work..

greezybacon commented 11 years ago

Sorry, we still haven't added NGINX as a supported platform yet. However, GoDadday hosting clients still have troubles with osTicket related to path parsing, so I think addressing this issue would be beneficial to a supported platform too.

SoulRaven commented 10 years ago

i have a similar problem but wit ajax calls, https://github.com/osTicket/osTicket-1.8/issues/382#issuecomment-31820879

any ideea how to fix this?

greezybacon commented 10 years ago

Use the nginx configuration posted by @tomashastings above

SoulRaven commented 10 years ago

this is my nginx config:

server { listen xxx:80; server_name xxxx; root /var/www/support; index index.php; index index.php; access_log /var/www/support/tmp/logs/access.log combined buffer=32k; error_log /var/www/support/tmp/logs/error.log;

set $path_info "";

# Deny access to all files in the include directory
    location ~ ^/include {
            deny all;
            return 403;
   }

# Deny access to apache .ht* files (nginx doesn't use these)
    location ~ /\.ht {
            deny all;
   }

# Requests to /api/* need their PATH_INFO set, this does that
    if ($request_uri ~ "^/api(/[^\?]+)") {
            set $path_info $1;
   }

   # /api/*.* should be handled by /api/http.php if the requested file does not exist
    location ~ ^/api/(tickets|tasks)(.*)$ {
            try_files $uri $uri/ /api/http.php;
   }

# /scp/ajax.php needs PATH_INFO too, possibly more files need it hence the .*\.php
    if ($request_uri ~ "^/scp/.*\.php(/[^\?]+)") {
            set $path_info $1;
   }

   # Make sure requests to /scp/ajax.php/some/path get handled by ajax.php
   location ~ ^/scp/ajax.php/(.*)$ {
            try_files $uri $uri/ /scp/ajax.php;
   }

# Set index.php as our directoryindex
    location / {
            index index.php;
   }

# Send php files off to the PHP-FPM listing on localhost:9000
location ~ \.php$ {
    try_files $uri =404;
    #fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass 127.0.0.1:9000;
       fastcgi_index index.php;
    fastcgi_param   SCRIPT_FILENAME         $document_root$fastcgi_script_name;
          fastcgi_param   PATH_INFO               $path_info;
          include fastcgi_params;
}   
gzip on;
gzip_comp_level 9;

# static file 404's aren't logged and expires header is set to maximum age
location ~* \.(jpg|jpeg|gif|css|png|js|ico|html)$ {
    access_log off;
    expires max;
}

location ~ /(\.ht|\.git|\.svn) {
        deny all;
    }

}

still not working, the same error

greezybacon commented 10 years ago

How about the var_dump? And have you tried uncommenting the fastcgi_split_path_info command?

SoulRaven commented 10 years ago

i have try, and nothing, this is the var_dump,

array(36) { ["USER"]=> string(8) "www-data" ["HOME"]=> string(8) "/var/www" ["FCGI_ROLE"]=> string(9) "RESPONDER" ["SCRIPT_FILENAME"]=> string(29) "/var/www/support/scp/ajax.php" ["PATH_INFO"]=> string(11) "/config/scp" ["QUERY_STRING"]=> string(0) "" ["REQUEST_METHOD"]=> string(3) "GET" ["CONTENT_TYPE"]=> string(0) "" ["CONTENT_LENGTH"]=> string(0) "" ["SCRIPT_NAME"]=> string(13) "/scp/ajax.php" ["REQUEST_URI"]=> string(24) "/scp/ajax.php/config/scp" ["DOCUMENT_URI"]=> string(13) "/scp/ajax.php" ["DOCUMENT_ROOT"]=> string(16) "/var/www/support" ["SERVER_PROTOCOL"]=> string(8) "HTTP/1.1" ["GATEWAY_INTERFACE"]=> string(7) "CGI/1.1" ["SERVER_SOFTWARE"]=> string(11) "nginx/1.5.8" ["REMOTE_ADDR"]=> string(13) "176.223.XX.XX" ["REMOTE_PORT"]=> string(5) "22072" ["SERVER_ADDR"]=> string(14) "93.186.XX.XXX" ["SERVER_PORT"]=> string(2) "80" ["SERVER_NAME"]=> string(20) "support.domain.tld" ["HTTPS"]=> string(0) "" ["REDIRECT_STATUS"]=> string(3) "200" ["HTTP_HOST"]=> string(20) "support.domain.tld" ["HTTP_CONNECTION"]=> string(10) "keep-alive" ["HTTP_CACHE_CONTROL"]=> string(9) "max-age=0" ["HTTPACCEPT"]=> string(46) "application/json, text/javascript, /_; q=0.01" ["HTTP_USER_AGENT"]=> string(107) "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/33.0.1750.5 Safari/537.36" ["HTTP_X_REQUESTED_WITH"]=> string(14) "XMLHttpRequest" ["HTTP_REFERER"]=> string(43) "http://support.domain.tld/scp/tickets.php" ["HTTP_ACCEPT_ENCODING"]=> string(17) "gzip,deflate,sdch" ["HTTP_ACCEPT_LANGUAGE"]=> string(14) "en-US,en;q=0.8" ["HTTP_COOKIE"]=> string(208) "utma=83980230.839041156.1387446640.1387446640.1387446640.1; utmz=83980230.1387446640.1.1.utmcsr=(direct)|utmccn=(direct)|utmcmd=(none); plg_system_eprivacy=2013-12-19; OSTSESSID=nogho77vgh5piqkfr40901h5f4" ["PHP_SELF"]=> string(24) "/scp/ajax.php/config/scp" ["REQUEST_TIME_FLOAT"]=> float(1389208301.4714) ["REQUEST_TIME"]=> int(1389208301) } string(11) "/config/scp"

SoulRaven commented 10 years ago

any news? i guess i have try everything, and still not working, maybe some help from the community?

SoulRaven commented 10 years ago

any new suggestions about this problem? is impossible to use without the possibility to add new clients

elmoyak commented 10 years ago

I've just updated http://wiki.nginx.org/OSTicket according to @tomashastings version with a small modification. works fine for me with osTicket v1.8.0.2.

@soulraven try http://wiki.nginx.org/OSTicket. @tomashastings try_files hides the query string thus osTicket has no POST/GET arguments

jiveshpednekar commented 10 years ago

I am facing same problem with Godaddy server with server API CGI/FastCGI . can you please tell what i need to do, I have no idea of nginx server and its configurations

elmoyak commented 10 years ago

@jiveshpednekar did you tried my changes http://wiki.nginx.org/OSTicket?

osticket ajax needs to have the path_info plus query string. thats what my changes do. It works very well for me.

e.g.: host.com/a/path/file.php/foo/bar?this=that&and=more. osticket needs the path_info in $_SERVER['PATH_INFO'] => /foo/bar and the query string in $_GET['this'],$_GET['and'] => this=that&and=more

if that doesn't help please post your conf

mprewitt commented 10 years ago

I am experiencing this issue using Go Daddy hosting, but am not using Nginx. I'm using version 1.8.1 of osTicket. The proposed solution at http://wiki.nginx.org/OSTicket seems to use some kind of Nginx configuration script, maybe similar to Apache's httpd.conf. But I'm guessing it would not work on Apache, and besides that I don't have access to the Apache configuration files, only .htaccess.

greezybacon commented 10 years ago

There is a known issue with GoDaddy. We have been unable to find a workaround and have contacted GoDaddy without any success or even response. I would recommend a ~~better~~ different hosting company. And if it's of use, I signed up for a GoDaddy hosting account to debug the issue, and it looks like the newer account interfaces do not suffer from the issue. You might see if you can be migrated or upgraded

jiveshpednekar commented 10 years ago

b>@elmoyak:</b I foud fixed for godaddy. I added php.ini file in my root folder with cgi.fix_pathinfo=1 and it worked for me. thanks for your suggestion

mprewitt commented 10 years ago

@jiveshpednekar Awesome! Your fix worked for my Go Daddy account as well.

We've been gradually moving our Go Daddy-based web properties to other companies (InMotion, HostGator, BlueHost). But until we can do that with this one, this is the way to go.

elvismdev commented 10 years ago

I have the same issue with GoDaddy, I'm using v1.8.1.2. Placing php.ini in the root as @jiveshpednekar find to work doesn't do for me. Someone found another fix for this in GoDaddy?

elvismdev commented 10 years ago

Solved with GoDaddy, the file php.ini must me named php5.ini and placed in the root folder with cgi.fix_pathinfo = 1

martinreynolds commented 10 years ago

this is my nginx config: ######## server { listen 80 ; server_name xxxx;

charset UTF-8;
#charset koi8-r;
access_log  /var/log/nginx/log/osticket.access.log  main;
error_log /var/log/nginx/log/osticket.error.log;
root   /var/www/osticket/;

set $path_info "";

# Deny access to all files in the include directory
location ~ ^/include {
    deny all;
    return 403;
}

# Deny access to apache .ht* files (nginx doesn't use these)
location ~ /\.ht {
    deny all;
}

# Requests to /api/* need their PATH_INFO set, this does that
if ($request_uri ~ "^/api(/[^\?]+)") {
  set $path_info $1;
}

# /api/*.* should be handled by /api/http.php if the requested file does not exist
location ~ ^/api/(?:tickets|tasks)(.*)$ {
    try_files $uri $uri/ /api/http.php?$query_string;
}

# /scp/ajax.php needs PATH_INFO too, possibly more files need it hence the .*\.php

if ($request_uri ~ "^/scp/.*\.php(/[^\?]+)") {
    set $path_info $1;
}

# Make sure requests to /scp/ajax.php/some/path get handled by ajax.php
location ~ ^/scp/ajax.php/(.*)$ {
     try_files $uri $uri/ /scp/ajax.php?$query_string;
}

location / { try_files $uri $uri/ index.php; }

Process PHP files

location ~ .php$ {
    try_files $uri = 404;
    fastcgi_pass 127.0.0.1:9000;
    fastcgi_index index.php;
    include /etc/nginx/fastcgi_params;
    fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
    fastcgi_param  PATH_INFO $path_info;
}

It still not to work, and reply scp/ajax.php/config/scp 404 Not Found

kenny-opennix commented 10 years ago

My config server { listen 123.45.67.89:80; server_name test.com; access_log /var/log/nginx/tickets.access.log; error_log /var/log/nginx/tickets.error.log info; index index.php; root /var/www/ticket; client_max_body_size 5M; keepalive_timeout 0; fastcgi_read_timeout 120; fastcgi_send_timeout 60; index index.php index.html; autoindex off;

gzip on;
gzip_types text/plain text/css application/x-javascript text/javascript application/javascript application/json application/xml text/x-component application/rss+xml text/xml;
sendfile on;

set $path_info "";

    location ~ /include {
        deny all;
        return 403;
    }

    if ($request_uri ~ "^/api(/[^\?]+)") {
    set $path_info $1;
}

location ~ ^/api/(?:tickets|tasks).*$ {
    try_files $uri $uri/ /api/http.php?$query_string;
}

if ($request_uri ~ "^/scp/.*\.php(/[^\?]+)") {
    set $path_info $1;
}

location ~ ^/scp/ajax.php/.*$ {
    try_files $uri $uri/ /scp/ajax.php?$query_string;
}

    location / {
        try_files $uri $uri/ index.php;
    }

location ~ \.php$ {
fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
    fastcgi_pass unix:/var/run/php-fpm.sock;
    fastcgi_index index.php;
    include fastcgi_params;
fastcgi_param  PATH_INFO   $path_info;
    fastcgi_intercept_errors on;
}

}

rick-pri commented 10 years ago

I found that I had to add the following code into my Nginx vhost file to get the custom forms to work when adding a ticket from a user's point of view in osticket 1.9.x.

location ~ ^/ajax.php/.*$ {
    try_files $uri $uri/ /ajax.php?$query_string;
}

deanet commented 9 years ago

just confirm. works as well osticket 1.8 + ldap with http://wiki.nginx.org/OSTicket . thanks

maephisto commented 9 years ago

Just solved this issue with the latest osTicket version, using @tomashastings both approaches: updating the class.osticket.php and updating nginx conf as in http://wiki.nginx.org/OSTicket

ghost commented 9 years ago

I ran into this just now. TL;DR:

To fix this in osTicket 1.9.7 stable, apply @tomashastings patch:

(I presume get_path_info() has not changed much so this should apply cleanly to any version).

diff --git a/include/class.osticket.php b/include/class.osticket.php
index d7e8f3d..505b145 100644
--- a/include/class.osticket.php
+++ b/include/class.osticket.php
@@ -356,7 +356,16 @@ class osTicket {
         if(isset($_SERVER['ORIG_PATH_INFO']))
             return $_SERVER['ORIG_PATH_INFO'];

-        //TODO: conruct possible path info.
+       // This fixes nginx
+       $request_uri = preg_replace('@\?.*$@', '', $_SERVER['REQUEST_URI']);
+
+        if (strpos($request_uri, $_SERVER['SCRIPT_NAME']) !== false) {
+            $guessed_pathinfo = preg_replace('#^'.preg_quote($_SERVER['SCRIPT_NAME']).'#', '', $request_uri);
+        } else {
+            $guessed_pathinfo = preg_replace('#^'.preg_quote(preg_replace('@/([^/]+)$@', '', $_SERVER['SCRIPT_NAME'])).'#', '', $request_uri);
+        }
+
+        if (!empty($guessed_pathinfo))
+            return $guessed_pathinfo;

         return null;
     }

and add

location ~ ^/ajax.php/.*$ {
    try_files $uri $uri/ /ajax.php?$query_string;
}

to your nginx config as per @rick-pri. Possibly prefix the location regex and paths with the directory you put osticket under. I used

location ~ ^/support/scp/ajax.php/.*$ {
  try_files $uri $uri/ /support/scp/ajax.php?$query_string;
}

as my installation is under /support instead of at the root of its own subdomain. No further changes to nginx configuration are needed for this fix.

infectormp commented 9 years ago

with nginx all work fine except canned response, when you choice canned response in ticket nothing happens and in log we see this error

open() "/xxx/scp/ajax.php/tickets/2796/canned-resp/3.json" failed (20: Not a directory)

Andrew908 commented 9 years ago

I finally fixed the custom forms by adding the following two lines:

    if ($request_uri ~ "^/ajax.php(/[^\?]+)") {
        set $path_info $1;
    }

    location ~ ^/ajax.php/.*$ {
        try_files $uri $uri/ /ajax.php?$query_string;
    }

I hope that this will help other people that are struggling with this issue.

infectormp commented 9 years ago

I get osticket work with this config https://www.nginx.com/resources/wiki/start/topics/recipes/osticket/ canned response work too.

nginx 1.9.6

danielbald commented 8 years ago

In addition to following @giandvd post, I had to add the following extra nginx rule:

    location ~ ^/support/api/(?:tickets|tasks).*$ {
        try_files $uri $uri/ /api/http.php?$query_string;
    }

Info bubbles and canned responses work.

timwhite commented 8 years ago

@giandvd post fixing get_post_info, and the Nginx config (minus the path_info stuff) works for me. Can we maybe get a PR for this?

jonvargas commented 8 years ago

Everything works fine except when a Help Topic has assigned custom forms. In the create ticket view, if the user first selects a Help Topic with a form, the form loads fine, but if he selects another Help Topic with a form, the following path returns 404:

https://HOSTNAME/ajax.php/form/help-topic/11?7dac67887eff7400%5B%5D=&653a0488deab90e0%5B%5D=1

The first time a form is loaded, the request is shorter and with no query string:

https://HOSTNAME/ajax.php/form/help-topic/10 https://HOSTNAME/ajax.php/form/help-topic/9 https://HOSTNAME/ajax.php/form/help-topic/8

I already configured what @Andrew908 pointed out. This seems to be a special case. @Andrew908 , can you reproduce this case? I am using 1.9.12.

This is my current config that works, except for that case I mentioned:

        #
        # Required OsTicket Options for Nginx
        #

        set $path_info "";

        if ($request_uri ~ "^/api(/[^\?]+)") {
                set $path_info $1;
        }

        if ($request_uri ~ "^/scp/.*\.php(/[^\?]+)") {
                set $path_info $1;
        }

        if ($request_uri ~ "^/ajax.php(/[^\?]+)") {
                set $path_info $1;
        }

        location ~ ^/scp/ajax.php/.*$ {
                try_files $uri $uri/ /scp/ajax.php?$query_string;
        }

        location ~ ^/api/(?:tickets|tasks).*$ {
                try_files $uri $uri/ /api/http.php?$query_string;
        }

        location ~ ^/ajax.php/(.*)$ {
                try_files $uri $uri/ /ajax.php$query_string;
        }

j0r000 commented 8 years ago

@jonvargas config works for me perfectly

jonvargas commented 8 years ago

@j0r000 Do you also use custom forms for Help Topics?

NCC-Lykos commented 7 years ago

This is 2016...you would think almost everything supports nginx.

I'm also having the blank ajax problem, I've tried all the solutions listed to no avail. Our entire infrastructure runs NGINX, and spinning up a single server to run Apache just for osTicket seems like a giant waste of resources...

What can be done about this?

infectormp commented 7 years ago

@NCC-Lykos here is my fully working config

 server {
    listen 80;
    server_name xxx;

    access_log /var/log/nginx/xx.access_log;
    error_log /var/log/nginx/xx.error_log;

    return 301 https://$server_name$request_uri;  # enforce https
}

server {
    listen 443 ssl http2;
    server_name xxx;

    access_log /var/log/nginx/xxx.access.ssl_log;
    error_log /var/log/nginx/xxx.error.ssl_log;

    include /etc/nginx/default.d/ssl.conf;

    root /var/www/localhost/htdocs/xxx;

    set $path_info "";

    location ~ /include {
        deny all;
        return 403;
    }

    if ($request_uri ~ "^/api(/[^\?]+)") {
        set $path_info $1;
    }

    location ~ ^/api/(?:tickets|tasks).*$ {
        try_files $uri $uri/ /api/http.php?$query_string;
    }

    if ($request_uri ~ "^/scp/.*\.php(/[^\?]+)") {
        set $path_info $1;
    }

    location ~ ^/scp/ajax.php/.*$ {
        try_files $uri $uri/ /scp/ajax.php?$query_string;
    }

    location ~ ^/ajax.php/.*$ {
        try_files $uri $uri/ /ajax.php?$query_string;
    }

    location ~ ^/kb/ajax.php/.*$ {
        try_files $uri $uri/ /kb/ajax.php?$query_string;
    }

    location / {
        try_files $uri $uri/ index.php;
    }

    location ~ \.php$ {
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        fastcgi_params;
            fastcgi_param  PATH_INFO        $path_info;
            fastcgi_pass        unix:/run/php-fpm/www.sock;
    }
}

lepazca commented 7 years ago

@infectormp I have my configuration like you and I can't even made it pass after the initial installation. I get blank tooltip and code 502 Bad gateway with text "Primary script unknown" in the error.log.

Using 1.10 stable release.

infectormp commented 7 years ago

@leandropc forgot to mention, i set cgi.fix_pathinfo = 1 in php.ini. Did you try this?

lepazca commented 7 years ago

@infectormp yes, btw according to the documentation the Default value is 1

cgi fix_pathinfo

infectormp commented 7 years ago

@leandropc can you post your config here? It's look like you have wrong config.

lepazca commented 7 years ago

Sure

/etc/nginx/sites-enabled/support

server {
    listen 80;
    server_name support.example.com;

    access_log /var/log/nginx/support_access.log;
    error_log /var/log/nginx/support_error.log;

    return 301 https://$server_name$request_uri;  # enforce https
}

server {
    listen 443 ssl;
    server_name support.example.com;

    access_log /var/log/nginx/support_access.log;
    error_log /var/log/nginx/support_error.log;

    ssl on;
    ssl_certificate /etc/ssl/private/osticket/osticket.crt;
    ssl_certificate_key /etc/ssl/private/osticket/osticket.key;

    root /var/www/html/support;

    set $path_info "";

    location ~ /include {
        deny all;
        return 403;
    }

    if ($request_uri ~ "^/api(/[^\?]+)") {
        set $path_info $1;
    }

    location ~ ^/api/(?:tickets|tasks).*$ {
        try_files $uri $uri/ /api/http.php?$query_string;
    }

    if ($request_uri ~ "^/scp/.*\.php(/[^\?]+)") {
        set $path_info $1;
    }

    location ~ ^/scp/ajax.php/.*$ {
        try_files $uri $uri/ /scp/ajax.php?$query_string;
    }

    location ~ ^/ajax.php/.*$ {
        try_files $uri $uri/ /ajax.php?$query_string;
    }

    location ~ ^/kb/ajax.php/.*$ {
        try_files $uri $uri/ /kb/ajax.php?$query_string;
    }

    location / {
        try_files $uri $uri/ index.php;
    }

    location ~ \.php$ {
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        fastcgi_params;
            fastcgi_param  PATH_INFO        $path_info;
            fastcgi_pass        unix:/var/run/php5-fpm.sock;
    }
}

/etc/nginx/fastcgi_params

fastcgi_param   QUERY_STRING            $query_string;
fastcgi_param   REQUEST_METHOD          $request_method;
fastcgi_param   CONTENT_TYPE            $content_type;
fastcgi_param   CONTENT_LENGTH          $content_length;

fastcgi_param   SCRIPT_FILENAME         $request_filename;
fastcgi_param   SCRIPT_NAME             $fastcgi_script_name;
fastcgi_param   REQUEST_URI             $request_uri;
fastcgi_param   DOCUMENT_URI            $document_uri;
fastcgi_param   DOCUMENT_ROOT           $document_root;
fastcgi_param   SERVER_PROTOCOL         $server_protocol;

fastcgi_param   GATEWAY_INTERFACE       CGI/1.1;
fastcgi_param   SERVER_SOFTWARE         nginx/$nginx_version;

fastcgi_param   REMOTE_ADDR             $remote_addr;
fastcgi_param   REMOTE_PORT             $remote_port;
fastcgi_param   SERVER_ADDR             $server_addr;
fastcgi_param   SERVER_PORT             $server_port;
fastcgi_param   SERVER_NAME             $server_name;

fastcgi_param   HTTPS                   $https if_not_empty;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param   REDIRECT_STATUS         200;

infectormp commented 7 years ago

@leandropc try replace fastcgi_param SCRIPT_FILENAME $request_filename; to fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; in /etc/nginx/fastcgi_params

tomashastings commented 7 years ago

Or put the fastcgi_param SCRIPT_FILENAME after the include of fastcgi_params, so you aren't setting it and immediately overwriting it again.

On Tue, Dec 20, 2016 at 7:28 PM, infectormp notifications@github.com wrote:

@leandropc https://github.com/leandropc try replace fastcgi_param SCRIPT_FILENAME $request_filename; to fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; in /etc/nginx/fastcgi_params

— You are receiving this because you were mentioned. Reply to this email directly, view it on GitHub https://github.com/osTicket/osTicket-1.7/issues/538#issuecomment-268319462, or mute the thread https://github.com/notifications/unsubscribe-auth/AD5QoX87DAWFycCevi417JFRBc8I918Gks5rKB5ngaJpZM4AjuBF .

lepazca commented 7 years ago

@infectormp @tomashastings I did the change in the fastcgi_params configuration file and delete the line fastcgi_param SCRIPT_FILENAME from the main one, trying to install now.

I keep getting the blank tooltip.

error.log 2016/12/20 13:34:51 [error] 63443#0: *4083 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 192.168.20.4, server: support.example.com, request: "GET /setup/ajax.php/help/tips/install HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "support.example.com", referrer: "https://support.example.com/setup/install.php"

lepazca commented 7 years ago

When I click the 'Install now' button almost instantly I get 502 BAD GATEWAY

error.log 2016/12/20 14:10:08 [error] 63590#0: *4436 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 192.168.20.4, server: support.example.com, request: "POST /setup/install.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php5-fpm.sock:", host: "support.example.com", referrer: "https://support.example.com/setup/install.php"

infectormp commented 7 years ago

@leandropc sorry my fault, i look to wrong conf. Please get back fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name; to main conf and set in fastcgi_params fastcgi_param SCRIPT_NAME $fastcgi_script_name;

here is my

fastcgi_param  QUERY_STRING       $query_string;
fastcgi_param  REQUEST_METHOD     $request_method;
fastcgi_param  CONTENT_TYPE       $content_type;
fastcgi_param  CONTENT_LENGTH     $content_length;

fastcgi_param  SCRIPT_NAME        $fastcgi_script_name;
fastcgi_param  REQUEST_URI        $request_uri;
fastcgi_param  DOCUMENT_URI       $document_uri;
fastcgi_param  DOCUMENT_ROOT      $document_root;
fastcgi_param  SERVER_PROTOCOL    $server_protocol;
fastcgi_param  REQUEST_SCHEME     $scheme;
fastcgi_param  HTTPS              $https if_not_empty;

fastcgi_param  GATEWAY_INTERFACE  CGI/1.1;
fastcgi_param  SERVER_SOFTWARE    nginx/$nginx_version;

fastcgi_param  REMOTE_ADDR        $remote_addr;
fastcgi_param  REMOTE_PORT        $remote_port;
fastcgi_param  SERVER_ADDR        $server_addr;
fastcgi_param  SERVER_PORT        $server_port;
fastcgi_param  SERVER_NAME        $server_name;

# PHP only, required if PHP was built with --enable-force-cgi-redirect
fastcgi_param  REDIRECT_STATUS    200;

# httpoxy mitigation (https://httpoxy.org/ https://www.nginx.com/blog/?p=41962)
fastcgi_param  HTTP_PROXY         "";

lepazca commented 7 years ago

@infectormp same outcome :(

/etc/nginx/sites-enabled/support

...
    location ~ \.php$ {
            fastcgi_param  SCRIPT_FILENAME  $document_root$fastcgi_script_name;
            include        fastcgi_params_ost;
            fastcgi_param  PATH_INFO        $path_info;
            fastcgi_pass        unix:/var/run/php5-fpm.sock;
    }

file /etc/nginx/fastcgi_params exactly like yours

osTicket / osTicket-1.7

Doesn't work on NGINX due to use of .htaccess files and relying on PATH_INFO #538

Process PHP files