Xdebug silently catches connections with no reason

Xdebug silently catches connections with no reason - php

The application runs on docker containers: nginx and php-fpm. Xdebug is configured with PhpStorm. The app was working correctly until suddenly Xdebug started to catch all connections even when I didn't enable debugging. I didn't even change anything in configuration - it just started to do this (a bit magic but of course there should be something).
Why it's Xdebug: if I remove the Xdebug settings from Dockerfile, everything starts working. Also, requests hang like it happens when I debug them, i.e. they die after a few minutes waiting with the 504 Gateway Time-out error.
PhpStorm doesn't start a debug session, so it happens silently. Closing PhpStorm doesn't help. Restart of containers, the docker daemon itself and even OS don't help as well. Nothing changes in different browsers.
php-fpm/Dockerfile:
FROM php:7.3.18-fpm-alpine
RUN apk add --no-cache $PHPIZE_DEPS \
&& pecl install xdebug-2.9.8 \
&& docker-php-ext-enable xdebug
#...there are more lines, but even when I remove them, the issue remains
#When I comment this line and do `docker-compose build && docker-compose down && docker-compose up -d`,
# the app returns to life.
COPY xdebug.ini /usr/local/etc/php/conf.d/docker-php-ext-xdebug.ini
php-fpm/xdebug.ini:
zend_extension=xdebug.so
xdebug.remote_enable=1
xdebug.remote_connect_back=off
xdebug.remote_host=docker.for.mac.localhost
xdebug.remote_port=10000
xdebug.idekey=PHPSTORM
xdebug.remote_autostart=true
xdebug.var_display_max_depth = 16
xdebug.var_display_max_children = 256
xdebug.var_display_max_data = -1
docker-compose.yml:
version: '3.7'
services:
nginx:
image: nginx:stable
volumes:
- ./docker/nginx/vhost.conf.template:/tmp/vhost.conf.template
- ./docker/nginx/logs:/logs
- ./:/app
depends_on:
- php-fpm
php-fpm:
build: docker/php-fpm
environment:
PHP_IDE_CONFIG: serverName=app.local
volumes:
- ./:/app
nginx/vhost.conf:
server {
charset utf-8;
client_max_body_size 250M;
listen 80;
server_name app.local;
root /app/public;
index index.php;
access_log /logs/nginx.app.access.log;
error_log /logs/nginx.app.error.log;
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_pass fpm:9000;
include /etc/nginx/fastcgi_params;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $request_filename;
}
location ~* "/\." {
deny all;
return 404;
}
}
It's Docker Desktop 2.5.0 on MacOS 10.14.6.
What could it be?

Why it's Xdebug: if I remove the Xdebug settings from Dockerfile, everything starts working. Also, requests hang like it happens when I debug them, i.e. they die after a few minutes waiting with the 504 Gateway Time-out error.
Enable Xdebug log to confirm that the debug session is established and check what communication is going on there (if any). This should give you some clues on what that might be.
Anyway, it looks like you have some service on that TCP 10000 port already (on your host OS (Mac)) that prevents PhpStorm from listening there (IDE can detect already occupied port on Windows and Linux but not on Mac -- WI-29443).
Use something like sudo lsof -nP -iTCP -sTCP:LISTEN and check what that service might be. Then either shutdown that app or use another port (either for that app or for your Xdebug communications).

Related

Docker-Compose with PHP and Nginx not working on production

I have a very simple config in docker-compose with php:7-fpm and nginx that I want to use to host simple php websites.
Can someone please tell me what I did wrong?
Here is docker-compose.prod.yml:
version: '3.8'
services:
web:
image: nginx:latest
ports:
- "8080:80"
volumes:
- ../nurock/hidden_creste:/code
- ./site.prod.conf:/etc/nginx/conf.d/default.conf
php:
image: php:7-fpm
volumes:
- ../nurock/hidden_creste:/code
Here is the site.prod.conf file:
server {
listen 80;
index index.php index.html;
server_name example.com;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /code;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
I can compose up and the logs appear to be fine and when I run docker ps:
docker ps
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
c268a9cf4716 php:7-fpm "docker-php-entrypoi…" 27 minutes ago Up 16 seconds 9000/tcp example_code-php-1
beaaec39209b nginx:latest "/docker-entrypoint.…" 27 minutes ago Up 16 seconds 0.0.0.0:8080->80/tcp, :::8080->80/tcp example_code-web-1
Then checking the ports, I think this looks fine:
netstat -tulpn | grep :80
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 204195/docker-proxy
tcp6 0 0 :::8080 :::* LISTEN 204207/docker-proxy

You need to expose TCP port 9000 of the PHP container to made other containers able to use it (see What is the difference between docker-compose ports vs expose):
php:
image: php:7-fpm
expose:
- "9000"
...
Do you really want your sites to be available on TCP port 8080, not the standard port 80? If not, change "8080:80" to "80:80".
Besides the PHP handler, use a default location (although your site should be workable even without it, it is a bad practice to not add it to your nginx config):
location / {
try_files $uri $uri/ =404;
}

You must check the logs to find out the error. https://docs.docker.com/engine/reference/commandline/logs/
These issues can happen :
A php module is missing
user / permission are not correct. Is www-data defined in your nginx and php-fpm config ?
Use HTTPS and port 443 instead of HTTP and port 80. HTTP may be blocked by your browser. You can define a free SSL certificate with Let's Encrypt Docker image.
PHP 7.0 is EOL (end or life) since January 10, 2019. Please use PHP 8.0 or PHP 8.1. https://endoflife.date/php
Do not use use tag nginx:latest on production. You may have serious issues when you update your container, because last version will be downloaded.
Do not mount directory on production. Please use COPY in your Dockerfile.
Check the firewall on your server
Here is Docker Docker best practices : https://docs.docker.com/develop/dev-best-practices/
https://docs.docker.com/develop/develop-images/dockerfile_best-practices/
Here, I suggest this docker-compose.prod.yml
version: '3.8'
services:
web:
image: nginx:1.21
depends_on:
- my-php-container-name
container_name: my-nginx-container-name
working_dir: /code
ports:
- '80:80'
- '443:443'
volumes:
- ../nurock/hidden_creste:/code
- ./site.prod.conf:/etc/nginx/conf.d/default.conf
restart: always
php:
build: php-fpm
container_name: my-php-container-name
working_dir: /code
volumes:
- ../nurock/hidden_creste:/code
restart: always
In the same directory as this docker-compose.prod.yml file, create a php-fpm directory: mkdir php-fpm (or directory architecture written under build in docker-compose.prod.yml file.)
In php-fpm directory, please add this Dockerfile called Dockerfile
FROM php:8.1-fpm
COPY --from=composer:latest /usr/bin/composer /usr/local/bin/composer
WORKDIR "/code"
RUN apt-get update && apt-get install -y --no-install-recommends \
libfreetype6-dev \
libjpeg62-turbo-dev \
libpng-dev \
libicu-dev
&& docker-php-ext-configure gd --with-freetype --with-jpeg \
&& docker-php-ext-install -j$(nproc) gd pdo_mysql bcmath mysqli intl
Of course, add the PHP extensions that you need for your project. Here you have an example how to install gd, pdo_mysql, bcmatch, mysqli, intl. But there are others extension as curl, xml, xdebug, mcrypt, memcache, etc... https://github.com/mlocati/docker-php-extension-installer
In your nginx configuration, you should define config for HTTPS with port 443. Please also update this line fastcgi_pass php:9000;. Replace php by the container name. Of course, container name must be unique.
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass my-php-container-name:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
Then, build your set-up
docker-compose -f docker-compose.prod.yml build && docker-compose -f docker-compose.prod.yml up

Nginx and php-fpm most optimal setup configuration with docker [duplicate]

I am trying to link 2 separate containers:
nginx:latest
php:fpm
The problem is that php scripts do not work. Perhaps the php-fpm configuration is incorrect.
Here is the source code, which is in my repository. Here is the file docker-compose.yml:
nginx:
build: .
ports:
- "80:80"
- "443:443"
volumes:
- ./:/var/www/test/
links:
- fpm
fpm:
image: php:fpm
ports:
- "9000:9000"
and Dockerfile which I used to build a custom image based on the nginx one:
FROM nginx
# Change Nginx config here...
RUN rm /etc/nginx/conf.d/default.conf
ADD ./default.conf /etc/nginx/conf.d/
Lastly, here is my custom Nginx virtual host config:
server {
listen 80;
server_name localhost;
root /var/www/test;
error_log /var/log/nginx/localhost.error.log;
access_log /var/log/nginx/localhost.access.log;
location / {
# try to serve file directly, fallback to app.php
try_files $uri /index.php$is_args$args;
}
location ~ ^/.+\.php(/|$) {
fastcgi_pass 192.168.59.103:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS off;
}
}
Could anybody help me configure these containers correctly to execute php scripts?
P.S.
I run containers via docker-composer like this:
docker-compose up
from the project root directory.

I know it is kind an old post, but I've had the same problem and couldn't understand why your code didn't work.
After a LOT of tests I've found out why.
It seems like fpm receives the full path from nginx and tries to find the files in the fpm container, so it must be the exactly the same as server.root in the nginx config, even if it doesn't exist in the nginx container.
To demonstrate:
docker-compose.yml
nginx:
build: .
ports:
- "80:80"
links:
- fpm
fpm:
image: php:fpm
ports:
- ":9000"
# seems like fpm receives the full path from nginx
# and tries to find the files in this dock, so it must
# be the same as nginx.root
volumes:
- ./:/complex/path/to/files/
/etc/nginx/conf.d/default.conf
server {
listen 80;
# this path MUST be exactly as docker-compose.fpm.volumes,
# even if it doesn't exist in this dock.
root /complex/path/to/files;
location / {
try_files $uri /index.php$is_args$args;
}
location ~ ^/.+\.php(/|$) {
fastcgi_pass fpm:9000;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
Dockerfile
FROM nginx:latest
COPY ./default.conf /etc/nginx/conf.d/

Don't hardcode ip of containers in nginx config, docker link adds the hostname of the linked machine to the hosts file of the container and you should be able to ping by hostname.
EDIT: Docker 1.9 Networking no longer requires you to link containers, when multiple containers are connected to the same network, their hosts file will be updated so they can reach each other by hostname.
Every time a docker container spins up from an image (even stop/start-ing an existing container) the containers get new ip's assigned by the docker host. These ip's are not in the same subnet as your actual machines.
see docker linking docs (this is what compose uses in the background)
but more clearly explained in the docker-compose docs on links & expose
links
links:
- db
- db:database
- redis
An entry with the alias' name will be created in /etc/hosts inside containers for this service, e.g:
172.17.2.186 db
172.17.2.186 database
172.17.2.187 redis
expose
Expose ports without publishing them to the host machine - they'll only be accessible to linked services. Only the internal port can be specified.
and if you set up your project to get the ports + other credentials through environment variables, links automatically set a bunch of system variables:
To see what environment variables are available to a service, run docker-compose run SERVICE env.
name_PORT
Full URL, e.g. DB_PORT=tcp://172.17.0.5:5432
name_PORT_num_protocol
Full URL, e.g. DB_PORT_5432_TCP=tcp://172.17.0.5:5432
name_PORT_num_protocol_ADDR
Container's IP address, e.g. DB_PORT_5432_TCP_ADDR=172.17.0.5
name_PORT_num_protocol_PORT
Exposed port number, e.g. DB_PORT_5432_TCP_PORT=5432
name_PORT_num_protocol_PROTO
Protocol (tcp or udp), e.g. DB_PORT_5432_TCP_PROTO=tcp
name_NAME
Fully qualified container name, e.g. DB_1_NAME=/myapp_web_1/myapp_db_1

As pointed out before, the problem was that the files were not visible by the fpm container. However to share data among containers the recommended pattern is using data-only containers (as explained in this article).
Long story short: create a container that just holds your data, share it with a volume, and link this volume in your apps with volumes_from.
Using compose (1.6.2 in my machine), the docker-compose.yml file would read:
version: "2"
services:
nginx:
build:
context: .
dockerfile: nginx/Dockerfile
ports:
- "80:80"
links:
- fpm
volumes_from:
- data
fpm:
image: php:fpm
volumes_from:
- data
data:
build:
context: .
dockerfile: data/Dockerfile
volumes:
- /var/www/html
Note that data publishes a volume that is linked to the nginx and fpm services. Then the Dockerfile for the data service, that contains your source code:
FROM busybox
# content
ADD path/to/source /var/www/html
And the Dockerfile for nginx, that just replaces the default config:
FROM nginx
# config
ADD config/default.conf /etc/nginx/conf.d
For the sake of completion, here's the config file required for the example to work:
server {
listen 0.0.0.0:80;
root /var/www/html;
location / {
index index.php index.html;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass fpm:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
}
}
which just tells nginx to use the shared volume as document root, and sets the right config for nginx to be able to communicate with the fpm container (i.e.: the right HOST:PORT, which is fpm:9000 thanks to the hostnames defined by compose, and the SCRIPT_FILENAME).

New Answer
Docker Compose has been updated. They now have a version 2 file format.
Version 2 files are supported by Compose 1.6.0+ and require a Docker Engine of version 1.10.0+.
They now support the networking feature of Docker which when run sets up a default network called myapp_default
From their documentation your file would look something like the below:
version: '2'
services:
web:
build: .
ports:
- "8000:8000"
fpm:
image: phpfpm
nginx
image: nginx
As these containers are automatically added to the default myapp_default network they would be able to talk to each other. You would then have in the Nginx config:
fastcgi_pass fpm:9000;
Also as mentioned by #treeface in the comments remember to ensure PHP-FPM is listening on port 9000, this can be done by editing /etc/php5/fpm/pool.d/www.conf where you will need listen = 9000.
Old Answer
I have kept the below here for those using older version of Docker/Docker compose and would like the information.
I kept stumbling upon this question on google when trying to find an answer to this question but it was not quite what I was looking for due to the Q/A emphasis on docker-compose (which at the time of writing only has experimental support for docker networking features). So here is my take on what I have learnt.
Docker has recently deprecated its link feature in favour of its networks feature
Therefore using the Docker Networks feature you can link containers by following these steps. For full explanations on options read up on the docs linked previously.
First create your network
docker network create --driver bridge mynetwork
Next run your PHP-FPM container ensuring you open up port 9000 and assign to your new network (mynetwork).
docker run -d -p 9000 --net mynetwork --name php-fpm php:fpm
The important bit here is the --name php-fpm at the end of the command which is the name, we will need this later.
Next run your Nginx container again assign to the network you created.
docker run --net mynetwork --name nginx -d -p 80:80 nginx:latest
For the PHP and Nginx containers you can also add in --volumes-from commands etc as required.
Now comes the Nginx configuration. Which should look something similar to this:
server {
listen 80;
server_name localhost;
root /path/to/my/webroot;
index index.html index.htm index.php;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php-fpm:9000;
fastcgi_index index.php;
include fastcgi_params;
}
}
Notice the fastcgi_pass php-fpm:9000; in the location block. Thats saying contact container php-fpm on port 9000. When you add containers to a Docker bridge network they all automatically get a hosts file update which puts in their container name against their IP address. So when Nginx sees that it will know to contact the PHP-FPM container you named php-fpm earlier and assigned to your mynetwork Docker network.
You can add that Nginx config either during the build process of your Docker container or afterwards its up to you.

As previous answers have solved for, but should be stated very explicitly: the php code needs to live in the php-fpm container, while the static files need to live in the nginx container. For simplicity, most people have just attached all the code to both, as I have also done below. If the future, I will likely separate out these different parts of the code in my own projects as to minimize which containers have access to which parts.
Updated my example files below with this latest revelation (thank you #alkaline )
This seems to be the minimum setup for docker 2.0 forward
(because things got a lot easier in docker 2.0)
docker-compose.yml:
version: '2'
services:
php:
container_name: test-php
image: php:fpm
volumes:
- ./code:/var/www/html/site
nginx:
container_name: test-nginx
image: nginx:latest
volumes:
- ./code:/var/www/html/site
- ./site.conf:/etc/nginx/conf.d/site.conf:ro
ports:
- 80:80
(UPDATED the docker-compose.yml above: For sites that have css, javascript, static files, etc, you will need those files accessible to the nginx container. While still having all the php code accessible to the fpm container. Again, because my base code is a messy mix of css, js, and php, this example just attaches all the code to both containers)
In the same folder:
site.conf:
server
{
listen 80;
server_name site.local.[YOUR URL].com;
root /var/www/html/site;
index index.php;
location /
{
try_files $uri =404;
}
location ~ \.php$ {
fastcgi_pass test-php:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
In folder code:
./code/index.php:
<?php
phpinfo();
and don't forget to update your hosts file:
127.0.0.1 site.local.[YOUR URL].com
and run your docker-compose up
$docker-compose up -d
and try the URL from your favorite browser
site.local.[YOUR URL].com/index.php

I think we also need to give the fpm container the volume, dont we? So =>
fpm:
image: php:fpm
volumes:
- ./:/var/www/test/
If i dont do this, i run into this exception when firing a request, as fpm cannot find requested file:
[error] 6#6: *4 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 172.17.42.1, server: localhost, request: "GET / HTTP/1.1", upstream: "fastcgi://172.17.0.81:9000", host: "localhost"

For anyone else getting
Nginx 403 error: directory index of [folder] is forbidden
when using index.php while index.html works perfectly and having included index.php in the index in the server block of their site config in sites-enabled
server {
listen 80;
# this path MUST be exactly as docker-compose php volumes
root /usr/share/nginx/html;
index index.php
...
}
Make sure your nginx.conf file at /etc/nginx/nginx.conf actually loads your site config in the http block...
http {
...
include /etc/nginx/conf.d/*.conf;
# Load our websites config
include /etc/nginx/sites-enabled/*;
}

Connect host nginx and msql with a docker container of php5-fpm

I have a legacy Wordpress installation that run with Nginx/MySQL and php5-fpm and I have to move it to a recent VPS that features php7-fpm.
I'd like to leverage the new host VPS already installed Nginx/MySQL and install and use a container for managing php5 requests.
I pulled the official php5-fpm image from Docker Hub
docker pull php:5.6-fpm-alpine
... then I run the the image remapping the port 9000 where php5-fpm is listening and mounting the wordpress root folder (uncertain about that) and mysql socket, without -d flag in order to see the logs live:
docker run --name phpFpm5.6 -p 127.0.0.1:9999:9000 -v /home/ubuntu/www/html:/var/www/html -v /var/run/mysqld/mysqld.sock:/tmp/mysql.sock php:5.6-fpm-alpine
Here's the console logs:
[21-Aug-2017 12:36:19] NOTICE: fpm is running, pid 1
[21-Aug-2017 12:36:19] NOTICE: ready to handle connections
172.17.0.1 - 21/Aug/2017:12:37:09 +0000 "GET /index.php" 404
172.17.0.1 - 21/Aug/2017:12:39:30 +0000 "GET /index.php" 404
When I request the index page from a browser, I'm getting a 404 (not found) response.
Nginx directive:
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9999;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
Any clue is really appreciated.
Thanks in advance.
Best,
Luca

Think of container as the remote server. Now the mapping of ports that you are doing 9999:9000 tells docker to connect port number 9999 on host to port number 9000 of the container.
Now in your nginx directive, the one running inside container, you are redirecting at 9999. Instead, it should be 9000.
According to your scenario, all resources are served by the container at port 9999, but port 9999 of container is not accessible to host.

How to correctly link php-fpm and Nginx Docker containers?

I am trying to link 2 separate containers:
nginx:latest
php:fpm
The problem is that php scripts do not work. Perhaps the php-fpm configuration is incorrect.
Here is the source code, which is in my repository. Here is the file docker-compose.yml:
nginx:
build: .
ports:
- "80:80"
- "443:443"
volumes:
- ./:/var/www/test/
links:
- fpm
fpm:
image: php:fpm
ports:
- "9000:9000"
and Dockerfile which I used to build a custom image based on the nginx one:
FROM nginx
# Change Nginx config here...
RUN rm /etc/nginx/conf.d/default.conf
ADD ./default.conf /etc/nginx/conf.d/
Lastly, here is my custom Nginx virtual host config:
server {
listen 80;
server_name localhost;
root /var/www/test;
error_log /var/log/nginx/localhost.error.log;
access_log /var/log/nginx/localhost.access.log;
location / {
# try to serve file directly, fallback to app.php
try_files $uri /index.php$is_args$args;
}
location ~ ^/.+\.php(/|$) {
fastcgi_pass 192.168.59.103:9000;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS off;
}
}
Could anybody help me configure these containers correctly to execute php scripts?
P.S.
I run containers via docker-composer like this:
docker-compose up
from the project root directory.

I know it is kind an old post, but I've had the same problem and couldn't understand why your code didn't work.
After a LOT of tests I've found out why.
It seems like fpm receives the full path from nginx and tries to find the files in the fpm container, so it must be the exactly the same as server.root in the nginx config, even if it doesn't exist in the nginx container.
To demonstrate:
docker-compose.yml
nginx:
build: .
ports:
- "80:80"
links:
- fpm
fpm:
image: php:fpm
ports:
- ":9000"
# seems like fpm receives the full path from nginx
# and tries to find the files in this dock, so it must
# be the same as nginx.root
volumes:
- ./:/complex/path/to/files/
/etc/nginx/conf.d/default.conf
server {
listen 80;
# this path MUST be exactly as docker-compose.fpm.volumes,
# even if it doesn't exist in this dock.
root /complex/path/to/files;
location / {
try_files $uri /index.php$is_args$args;
}
location ~ ^/.+\.php(/|$) {
fastcgi_pass fpm:9000;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
}
}
Dockerfile
FROM nginx:latest
COPY ./default.conf /etc/nginx/conf.d/

As pointed out before, the problem was that the files were not visible by the fpm container. However to share data among containers the recommended pattern is using data-only containers (as explained in this article).
Long story short: create a container that just holds your data, share it with a volume, and link this volume in your apps with volumes_from.
Using compose (1.6.2 in my machine), the docker-compose.yml file would read:
version: "2"
services:
nginx:
build:
context: .
dockerfile: nginx/Dockerfile
ports:
- "80:80"
links:
- fpm
volumes_from:
- data
fpm:
image: php:fpm
volumes_from:
- data
data:
build:
context: .
dockerfile: data/Dockerfile
volumes:
- /var/www/html
Note that data publishes a volume that is linked to the nginx and fpm services. Then the Dockerfile for the data service, that contains your source code:
FROM busybox
# content
ADD path/to/source /var/www/html
And the Dockerfile for nginx, that just replaces the default config:
FROM nginx
# config
ADD config/default.conf /etc/nginx/conf.d
For the sake of completion, here's the config file required for the example to work:
server {
listen 0.0.0.0:80;
root /var/www/html;
location / {
index index.php index.html;
}
location ~ \.php$ {
include fastcgi_params;
fastcgi_pass fpm:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root/$fastcgi_script_name;
}
}
which just tells nginx to use the shared volume as document root, and sets the right config for nginx to be able to communicate with the fpm container (i.e.: the right HOST:PORT, which is fpm:9000 thanks to the hostnames defined by compose, and the SCRIPT_FILENAME).

As previous answers have solved for, but should be stated very explicitly: the php code needs to live in the php-fpm container, while the static files need to live in the nginx container. For simplicity, most people have just attached all the code to both, as I have also done below. If the future, I will likely separate out these different parts of the code in my own projects as to minimize which containers have access to which parts.
Updated my example files below with this latest revelation (thank you #alkaline )
This seems to be the minimum setup for docker 2.0 forward
(because things got a lot easier in docker 2.0)
docker-compose.yml:
version: '2'
services:
php:
container_name: test-php
image: php:fpm
volumes:
- ./code:/var/www/html/site
nginx:
container_name: test-nginx
image: nginx:latest
volumes:
- ./code:/var/www/html/site
- ./site.conf:/etc/nginx/conf.d/site.conf:ro
ports:
- 80:80
(UPDATED the docker-compose.yml above: For sites that have css, javascript, static files, etc, you will need those files accessible to the nginx container. While still having all the php code accessible to the fpm container. Again, because my base code is a messy mix of css, js, and php, this example just attaches all the code to both containers)
In the same folder:
site.conf:
server
{
listen 80;
server_name site.local.[YOUR URL].com;
root /var/www/html/site;
index index.php;
location /
{
try_files $uri =404;
}
location ~ \.php$ {
fastcgi_pass test-php:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
In folder code:
./code/index.php:
<?php
phpinfo();
and don't forget to update your hosts file:
127.0.0.1 site.local.[YOUR URL].com
and run your docker-compose up
$docker-compose up -d
and try the URL from your favorite browser
site.local.[YOUR URL].com/index.php

I think we also need to give the fpm container the volume, dont we? So =>
fpm:
image: php:fpm
volumes:
- ./:/var/www/test/
If i dont do this, i run into this exception when firing a request, as fpm cannot find requested file:
[error] 6#6: *4 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 172.17.42.1, server: localhost, request: "GET / HTTP/1.1", upstream: "fastcgi://172.17.0.81:9000", host: "localhost"

For anyone else getting
Nginx 403 error: directory index of [folder] is forbidden
when using index.php while index.html works perfectly and having included index.php in the index in the server block of their site config in sites-enabled
server {
listen 80;
# this path MUST be exactly as docker-compose php volumes
root /usr/share/nginx/html;
index index.php
...
}
Make sure your nginx.conf file at /etc/nginx/nginx.conf actually loads your site config in the http block...
http {
...
include /etc/nginx/conf.d/*.conf;
# Load our websites config
include /etc/nginx/sites-enabled/*;
}

Trouble Installing Nginx and php5-fpm on Debian 7.3

I have a Debian 7.3 installation in a VM that I am practising installing Nginx and php5-fpm on. I got the Nginx working, by assigning it a manual port of :8080 and that points to /var/www/ for data and in that directory is an index.html and info.php file.
The config file for my Nginx is located at /etc/nginx/conf.d/default.conf and looks like this:
server {
listen 8080;
root /var/www;
index index.php index.html index.htm;
server_name localhost;
location / {
try_files $uri $uri/ /index.html;
}
location /doc/ {
alias /usr/share/doc/;
autoindex on;
allow 127.0.0.1;
allow ::1;
deny all;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/www;
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass 127.0.0.1:9000;
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
location ~ /\.ht {
deny all;
}
}
I have tried changing fastcgi_pass both ways:
fastcgi_pass 127.0.0.1:9000;
and also as:
fastcgi_pass unix:/var/run/php5-fpm.sock;
In my /etc/php5/fpm/pool.d/www.conf file I have the following configuration:
[www]
user = www-data
group = www-data
listen = 127.0.0.1:9000
;listen = /var/run/php5-fpm.sock
Here too, I have uncommented the line to match in the Nginx default.conf file.
In my php.ini file I have edited it so that it shows cgi.fix_pathinfo = 0 as required by most of the guides I have seen.
When I try to load nginx, it runs OK. When I try to run php5-fpm this is what happens:
root#debianx86:/# /etc/init.d/php5-fpm status
[FAIL] php5-fpm is not running ... failed!
root#debianx86:/# /etc/init.d/php5-fpm reload
[ ok ] Reloading PHP5 FastCGI Process Manager: php5-fpm.
root#debianx86:/# /etc/init.d/php5-fpm restart
[FAIL] Restarting PHP5 FastCGI Process Manager: php5-fpm failed!
root#debianx86:/# /etc/init.d/php5-fpm start
root#debianx86:/# /etc/init.d/php5-fpm status
[FAIL] php5-fpm is not running ... failed!
root#debianx86:/#
I then open up any of the browsers on my VM and point them to either 127.0.0.1:8080 or localhost:8080 and I get the custom index.html loading that I made and it works! So I then try to load theinfo.php file and I get presented with a 404 Not Found - nginx/1.4.4.
I don't understand what I'm doing wrong. Is there something I'm missing from all this?
I installed nginx from sudo apt-get -y install nginx and sudo apt-get -y install php5-fpm too. Any dependencies they required would have been installed along with that.
Is there a script that I can run on a fresh install of Debian 7.3 that someone has got that will install it properly for me, and make all the modifications so that nginx and php5-fpm are up and running? I've looked over many of the websites with the instructions and I seem to be doing pretty much everything they do, except for the default-sites and enabled-sites, as neither of those folders exist for me, and I don't want to run my virtual hosts like that. I will run them with their own servers listed in the default.conf file.
EDIT: I have even tried following this article at DigitalOcean and it still doesn't work.
EDIT #2: I also did chown -R www-data:www-data /var/www to ensure that the user and group match the information in the www.conf file. I also tried by changing it back to the original root:root specs too. Still nothing.

I think maybe port 9000 is already being used, so php5-fpm can't bind with that port and fails to start.
in the fpm pool settings swap the line of port 9000 with the line with the sock file, then try to start php5-fpm like you were doing, if it works then all you need is to update the nginx configuratuin to proxy pass to the sock file instead of the port.

We Keep Coding

PHP, A popular general-purpose scripting language that is especially suited to web development.