Что не так с конфигом?

Question

[Марк Розенталь]

Прив!
index.html читает, index.php - нет. Ниже конфиг sites-available. Nginx.conf не трогал.
Права норм. php5-fpm стоит.
Что не так?

server {
        listen 80 default_server;
        listen [::]:80 default_server ipv6only=on;
        return 301 https://$server_name$request_uri;
        root /var/www/html;
        index index.php index.html;

        # Make site accessible from http://localhost/
        server_name localhost;

        location / {
        try_files $uri $uri/ =404;
                }
        error_page 404 /404.html;
        error_page 500 502 503 504 /50x.html;
        location = /50x.html {
        root /var/www/html;
        }
        location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi_params;
        }

        # deny access to .htaccess files, if Apache's document root
        # concurs with nginx's one
        #
        #location ~ /\.ht {
        #       deny all;
        #}
}
# another virtual host using mix of IP-, name-, and port-based configuration
#
#server {
#       listen 8000;
#       listen somename:8080;
#       server_name somename alias another.alias;
#       root html;
#       index index.html index.htm;
#
#       location / {
#               try_files $uri $uri/ =404;
#       }
#}


server {
    listen 443 ssl spdy;

    ssl on;
    ssl_certificate /etc/nginx/ssl/bundle.crt;
    ssl_certificate_key /etc/nginx/ssl/main.key;
    # side note: only use TLS since SSLv2 and SSLv3 have had recent vulnerabilities
    ssl_protocols TLSv1 TLSv1.1 TLSv1.2;

    # ...

}

Answer 1

[Марк Розенталь]

Нарисовал конфиг из кусков интернет конфигов.
Напонмню, проблема была как с index.php, так и с SSL: по хттп ходтл на сайт, по хттпс - нет.

server {
        listen 80 default_server;
        listen [::]:80 default_server ipv6only=on;

        root /usr/share/nginx/html;
        index index.html index.php index.htm;

        # Make site accessible from http://localhost/
        server_name localhost;
	return 301 https://$server_name$request_uri;
        location / {
                # First attempt to serve request as file, then
                # as directory, then fall back to displaying a 404.
                try_files $uri $uri/ /index.html;
                # Uncomment to enable naxsi on this location
                # include /etc/nginx/naxsi.rules
        }
}

server {
    # We also enable the SPDY protocol
    listen 443 ssl spdy;

    # Our SSL certificate
    ssl on;
    ssl_certificate /etc/nginx/ssl/bundle.crt;
    ssl_certificate_key /etc/nginx/ssl/main.key;

    # You can change the default root directory here
    root /usr/share/nginx/html;

    index index.php;

    # Your domain name
    server_name localhost;

    # The maximum body size, useful for file uploads
    client_max_body_size 10M;

    location / {
        try_files $uri $uri/ =404;
    }

    error_page 404 /404.html;
    error_page 500 502 503 504 /50x.html;
    location = /50x.html {
        root /usr/share/nginx/html;
    }

    # PHP-FPM configuration
    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass unix:/var/run/php5-fpm.sock;
        fastcgi_index index.php;
        include fastcgi.conf;
    }

    # Deny access to the directory data
    location ~* /data {
            deny all;
            return 404;
    }

    # Deny access to .htaccess
    location ~ /\.ht {
            deny all;
            return 404;
    }
}

Answer 2

[Игорь Алякимов]

Какая ошибка при обращении к index.php, что в логе php-fpm?

Comments

[Марк Розенталь]

php5-fpm.log

[19-Nov-2015 20:46:26] NOTICE: configuration file /etc/php5/fpm/php-fpm.conf test is successful

в nginx error.log

2015/11/19 20:46:48 [error] 1028#0: *6 directory index of "/usr/share/nginx/html/" is forbidden, client: 192.168.1.2, server: , request: "GET / HTTP/1.1", host: "localhost"
2015/11/19 20:46:48 [error] 1028#0: *6 open() "/usr/share/nginx/html/favicon.ico" failed