Grav assets and static files not loading with nginx

If you haven’t heard of it by now, Grav is a modern open source flat-file CMS. Flat-file basically means that it doesn’t require database or any similar kind of storage but rather, stores its data to a set of text files.

There are many good manuals across the web for installing Grav on a server running nginx and php-fpm, including Grav’s own. You should definitely follow such if you are installing Grav for the first time, however, if you did but are still having issues with the assets and static files not loading and only the dynamic php pages working, then you might have not carefully read the instructions (or unfortunate enough to be following a guide where the important user/group and file permissions part is not explained well).

Most of the installation guides advise that you create a dedicated user for running your Grav instance (which is always a good thing), different from the one you are running nginx with. If you followed that, then you probably ended up having nginx (let’s assume you are running ubuntu linux) using the www-data user and group, and php-fpm pool specific configuration for Grav running as user grav. So far so good but if you didn’t pay attention then you probably created the user grav with group grav and then when you try loading Grav via http you find out that no assets or static files are loading – getting 404 not found errors instead.

If that’s the case for you, the problem is simply file permissions related: nginx running as www-data is proxying the php requests to php-fpm which has permission to read the Grav files (as they are under the grav user/group), however the static files and assets cannot be accessed by the www-data user as neither it or its group are allowed to read grav‘s folder or files.

To solve this you simply need to give the www-data user/group read access to the Grav folder either by allowing everyone reading Grav’s files (not the best idea) or rather allow just the www-data group accessing those by chown-ing Grav’s folders and files they are with the www-data group instead of grav group:

chown -R :www-data /path/to/your/grav

Of course you still need to make sure trhat the grav folders are with 750 and files with 640 permissions so the owner group to have read access.