Have been trying to setup my own LEMP stack locally , nginx and php both seem to be working well alone, however on trying to integrate php in nginx is failing...!!! getting error
403 Forbidden
nginx error logs:
2018/07/22 12:06:48 [error] 9#9: *1 directory index of "/usr/share/nginx/html/" is forbidden, client: 172.19.0.4, server: localhost, request: "GET / HTTP/1.1", host: "laradock.localhost:8000"
172.19.0.4 - - [22/Jul/2018:12:06:48 +0000] "GET / HTTP/1.1" 403 571 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36" "172.19.0.1"
Been using below docker image versions:
PHP_TAG=7.1-fpm-alpine
NGINX_TAG=alpine
my docker-compose.yml file
version: "2"
services:
php:
image: php:$PHP_TAG
# restart: always
container_name: "${PROJECT_NAME}_php"
environment:
PHP_SENDMAIL_PATH: /usr/sbin/sendmail -t -i -S mailhog:1025
DB_HOST: $DB_HOST
DB_USER: $DB_USER
DB_PASSWORD: $DB_PASSWORD
DB_NAME: $DB_NAME
DB_DRIVER: $DB_DRIVER
volumes:
- /var/www/ro_www/src/sample_site/:/usr/share/nginx/html
nginx:
image: nginx:$NGINX_TAG
container_name: "${PROJECT_NAME}_nginx"
depends_on:
- php
# - mysqld
environment:
NGINX_STATIC_CONTENT_OPEN_FILE_CACHE: "off"
NGINX_ERROR_LOG_LEVEL: debug
NGINX_BACKEND_HOST: php
NGINX_SERVER_ROOT: /var/www/html/
# NGINX_DRUPAL_FILE_PROXY_URL: http://example.com
volumes:
- /var/www/ro_www/src/sample_site/:/usr/share/nginx/html
- ./config/site.conf:/etc/nginx/conf.d/site.conf:ro
# - ./etc/ssl:/etc/ssl
# ports:
# - "8000:80"
# - "3000:443"
labels:
- 'traefik.backend=nginx'
- 'traefik.port=80'
- 'traefik.frontend.rule=Host:${PROJECT_BASE_URL}'
mailhog:
image: mailhog/mailhog
container_name: "${PROJECT_NAME}_mailhog"
labels:
- 'traefik.backend=mailhog'
- 'traefik.port=8025'
- 'traefik.frontend.rule=Host:mailhog.${PROJECT_BASE_URL}'
adminer:
container_name: "${PROJECT_NAME}_adminer"
image: wodby/adminer:$ADMINER_TAG
environment:
ADMINER_SALT: adminer-salt
volumes:
- /var/www/ro_www/src/sample_site/adminer/:/usr/share/nginx/html
labels:
- 'traefik.backend=adminer'
- 'traefik.port=9000'
- 'traefik.frontend.rule=Host:adminer.${PROJECT_BASE_URL}'
portainer:
image: portainer/portainer
container_name: "${PROJECT_NAME}_portainer"
command: --no-auth -H unix:///var/run/docker.sock
volumes:
- /var/run/docker.sock:/var/run/docker.sock
labels:
- 'traefik.backend=portainer'
- 'traefik.port=9000'
- 'traefik.frontend.rule=Host:portainer.${PROJECT_BASE_URL}'
traefik:
image: traefik
container_name: "${PROJECT_NAME}_traefik"
command: -c /dev/null --web --docker --logLevel=INFO
ports:
- '8000:80'
- '8080:8080' # Dashboard
volumes:
- /var/run/docker.sock:/var/run/docker.sock
The nginx site.conf file is as follows:
server {
listen 80;
server_name nginx;
#charset koi8-r;
#access_log /var/log/nginx/host.access.log main;
location / {
root /usr/share/nginx/html;
index index.html index.htm index.php;
}
#error_page 404 /404.html;
# redirect server error pages to the static page /50x.html
#
# error_page 500 502 503 504 /50x.html;
# location = /50x.html {
# root /usr/share/nginx/html;
# }
# proxy the PHP scripts to Apache listening on 127.0.0.1:80
#
#location ~ \.php$ {
# proxy_pass http://127.0.0.1;
#}
# pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
#
location ~ \.php$ {
#root html;
#fastcgi_pass php:9000;
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME /scripts$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
Thanks in advance for your help !!! ;)
Since I did not get much feedback, after much trial and error, I got my solution!!
So am posting this, in case somebody may have similar issue.
It seems the issue here was the nginx site.conf file.
server {
listen 80;
listen [::]:80;
index index.php index.html;
server_name laradock.localhost;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /usr/share/nginx/html;
location / {
autoindex on; #to list file in the directory if the index file is missing
}
#### this was where i was facing the issue, the php block
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
Another this to note is that nginx can have multiple .conf config files, and it dosent support .htaccess file like apache (the htaccess logic needs to be re-written to a .conf file in the nginx conf.d directory here)
The complete code for my solution can be found at this git repository
Related
I need to configure an nginx server to connect to multiple docker networks for different projects. As of now, I am trying to connect nginx to one docker network.
The docker network has php (laravel) and mysql in two different containers.
Here is the nginx configuration:
upstream web {
server 127.0.0.1:9000;
}
server {
listen 443 ssl http2;
listen [::]:443 ssl http2;
server_name tinyurl.abc.org;
root /home/azureuser/app/url-shorterner/public;
ssl_certificate /home/azureuser/app/certs/abc.org.crt;
ssl_certificate_key /home/azureuser/app/certs/abc.org.key;
error_log /var/log/nginx/error.log error;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.php;
charset utf-8;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
error_page 404 /index.php;
location ~ \.php$ {
fastcgi_pass web;
fastcgi_index index.php;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_param SCRIPT_FILENAME /tinyurl/public$fastcgi_script_name;
fastcgi_param QUERY_STRING $query_string;
include fastcgi_params;
}
location ~ /\.(?!well-known).* {
deny all;
}
}
server {
listen 80;
listen [::]:80;
server_name tinyurl.abc.org;
return 301 https://$server_name$request_uri;
}
The docker-compose.yml file has the following:
version: '3.8'
# Services
services:
# Web (Application) Service
web:
build:
context: ./.docker/web
args:
HOST_UID: $HOST_UID
container_name: tinyurl-web
ports:/
- '9000:9000'
volumes:
- '.:/var/www/html'
depends_on:
mysql:
condition: service_healthy
# MySQL Service
mysql:
image: mysql/mysql-server:8.0
container_name: tinyurl-mysql
environment:
MYSQL_ROOT_PASSWORD: '${DB_ROOT_PASSWORD}'
MYSQL_ROOT_HOST: '${DB_HOST}'
MYSQL_DATABASE: '${DB_DATABASE}'
MYSQL_USER: '${DB_USERNAME}'
MYSQL_HOST: '${DB_HOST}'
MYSQL_PASSWORD: '${DB_PASSWORD}'
MYSQL_ALLOW_EMPTY_PASSWORD: 'no'
volumes:
- ./.docker/mysql/my.cnf:/etc/mysql/conf.d/my.cnf
- mysqldata:/var/lib/mysql
healthcheck:
test: mysqladmin ping -h 127.0.0.1 -u root --password=$$MYSQL_ROOT_PASSWORD
interval: 5s
retries: 10
# Scheduler Service
scheduler:
image: mcuadros/ofelia:latest
container_name: tinyurl-scheduler
volumes:
- /var/run/docker.sock:/var/run/docker.sock
- ./.docker/scheduler/config.ini:/etc/ofelia/config.ini
depends_on:
- web
volumes:
mysqldata:
driver: local
The problem seems to be in the routing of the request. The index.page within the public folder of laravel shows up, but none of the other static pages are showing up. Also, the routing of the requests is not happening correctly.
Looks like the fastcgi configuration is not okay.
Can anyone help with this, and point me to what needs to be done to the nginx configuration to route to the web container having laravel.
With Regards,
Sharat
In your nginx config, replace 127.0.0.1 with the service name in your docker-compose
upstream web {
server web:9000;
}
server {
...
location ~ \.php$ {
fastcgi_pass http://web;
...
this is my first time working with nginx and I'm using it to access my dockerised drupal appliction from a production subdomain.
So before everything, I'm currently using docker-compose to create my sql, app, and webservice containers, here is my docker-compose file :
version: '3'
services:
app:
image: osiolabs/drupaldevwithdocker-php:7.4
volumes:
- ./docroot:/var/www/html:cached
depends_on:
- db
restart: always
container_name: intranet
db:
image: mysql:5.5
volumes:
- ./mysql:/var/lib/mysql
restart: always
environment:
- MYSQL_ROOT_PASSWORD=linux1354web
- MYSQL_USER=root
- MYSQL_PASSWORD=linux1354web
- MYSQL_DATABASE=intranet
container_name: intranet-db
web:
build: ./web
ports:
- 88:80
depends_on:
- app
volumes:
- ./docroot:/var/www/html:cached
restart: always
container_name: webIntranet
I don't think the containers are the problem, as when I go to the drupal containers the site works, but my main problem is the link with the nginx container. Here is my nginx.conf :
# stuff for http block
client_max_body_size 1g;
# fix error: upstream sent too big header while reading response header from upstream
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
server {
listen 80;
listen [::]:80 default_server;
server_name _;
index index.php index.html;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /var/www/html;
#RENVOYER LA PAGE DE GARDE DE APACHE2
location / {
# try to serve file directly, fallback to app.php
try_files $uri /index.php?$query_string; # For Drupal >= 7
}
location /intranet {
# try to serve file directly, fallback to app.php
try_files $uri $uri/;
}
#RENVOYER LE FICHIER ROBOTS.TXT
location = /robots.txt {
allow all;
log_not_found off;
access_log off;
}
location = /favicon.ico {
log_not_found off;
access_log off;
}
location ~ \.php(/|$) {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass app:80;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $document_root;
}
}
And this is my DockerFile to build nginx image:
FROM nginx:alpine
COPY nginx.conf /etc/nginx/conf.d/default.conf
When I go to localhost:88/ I currently have a apache2 hub page, but the moment I'm trying for another page I always get a 502 bad gateway error and the logs are saying :
webIntranet | 2021/03/11 08:44:55 [error] 30#30: *1 upstream sent unsupported FastCGI protocol version: 72 while reading response header from upstream, client: 172.26.0.1, server: _, request: "GET /index HTTP/1.1", upstream: "fastcgi://172.26.0.3:80", host: "localhost:88"
To go more into details, my docker folder looks like that, docroot containes the drupal website.
I have tried sovling the problem by changing the ports as some solution mentionned it but it did nothing, I don't understand what could be wrong, I've tried many things with the conf but none of them works, and I still even can't have a single page of the drupal site showing up.
The drupaldevwithdocker-php project isn't using php-fpm, hence the response is unsupported as it's from apache rather than php-fpm. I'd imagine you'd need something more like this?
proxy_pass http://app:80;
See https://gist.github.com/BretFisher/468bca2900b90a4dddb7fe9a52143fc6
Hello I need to setup php5.6 on my local machine. Following are the docker-compose.yml file
version: '3'
networks:
laravel:
services:
nginx:
image: nginx:stable-alpine
container_name: nginx
ports:
- "8000:80"
volumes:
- ./src:/var/www
- ./nginx/default.conf:/etc/nginx/conf.d/default.conf
depends_on:
- php
networks:
- laravel
php:
image: gotechnies/php-5.6-alpine
container_name: php
volumes:
- ./src:/var/www
ports:
- "9000:9000"
networks:
- laravel
ngnix configuration file
server {
listen 80;
index index.php index.html;
server_name localhost;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /var/www/public;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
after running docker-compose up -d command following is the output.
but when i am trying to access http://localhost:8000 i am unable to render page.
To run PHP5.6 with NGINX you will need to do the following:
Directory layout. All web files go in your local src/ directory
For nginx/default.conf use the following:
server {
listen 80;
index index.php index.html;
server_name localhost;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /var/www/html;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
For src/index.php (test to make sure PHP is working)
<? echo phpinfo(); ?>
For your docker-compose.yml I have removed a lot of things that you will not need:
version: "3"
services:
nginx:
image: nginx:latest
ports:
- "8080:80"
volumes:
- ./src/:/var/www/html
- ./nginx/default.conf:/etc/nginx/conf.d/default.conf
depends_on:
- php
php:
image: mikolatero/php5.6-fpm-alpine
volumes:
- ./src/:/var/www/html
Execute docker-compose up.
Navigate to http://localhost:8080/index.php and you should be greeted with the PHP info page:
What Changed?
In this case, I opted for the latest NGINX and located a good image for PHP5.6-FPM and used those for the stack.
For the mounted volumes, I moved the directories into the same context as the Docker Compose file. Not necessary, but maybe more portable when running from a laptop. Your mounted web source may/should be the location of your web repo. I also used the well-know location for the web files in the NGINX image /var/www/html
The PHP5.6-FPM is mounted to the same directory as the web source so PHP is available to the files in that directory.
Lastly, I got rid of the networks as, unless you have a specific reason, it is not necessary as these images will use the default Docker network.
I'm attempting to setup a development environment using docker using 2 containers: nginx and php7-fpm.
What I want to happen is when a user visits any URL that contains /api it uses php-fpm, but everything else is loaded from /var/www/html.
Here is my configuration:
site.conf:
server {
index index.html;
server_name impressive.local;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /var/www/html;
location /api {
index index.php;
alias /var/www/api;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
}
}
docker-compose.yml
web:
image: nginx
volumes:
- ./frontend/public:/var/www/html
- ./site.conf:/etc/nginx/conf.d/site.conf
links: [ php ]
ports:
- "8080:80"
environment:
- NGINX_HOST=http://impressive.local
- NGINX_PORT=80
php:
image: php:7-fpm
volumes:
- ./api:/var/www/api
This doesn't work as expected and when I visit impressive.local/api I get the following error in logs:
web_1 | 2019/01/10 12:23:47 [error] 6#6: *1 "/var/www/api/index.php" is not found (2: No such file or directory), client: 172.17.0.1, server: impressive.local, request: "GET /api/ HTTP/1.1", host: "impressive.local:8080"
I realize that the php-fpm container is the one that contains the /var/www/api directory and not nginx. With my configuration nginx is trying to alias to a non existent path and is thus failing.
My question is how is possible to achieve this?
Yes, I use exactly this configuration for all of my Laravel apps.
Here is an example of my configuration...
version: '2'
services:
app:
container_name: app
build:
context: ./
dockerfile: app.dockerfile
working_dir: /var/www
volumes:
- ./:/var/www
environment:
- "DB_PORT=3306"
- "DB_HOST=x.x.x.x"
web:
container_name: web
build:
context: ./
dockerfile: web.dockerfile
working_dir: /var/www
volumes_from:
- app
ports:
- 8080:80
As you can see you specify to use the volume from your web container.
I think the configuration file is invalid; try this code to fix [ docker-compose.yml and site.conf ]
docker-compose.yml
version: '2'
services:
web:
image: nginx
volumes:
- ./frontend/public:/var/www/html
- ./site.conf:/etc/nginx/conf.d/site.conf
ports:
- "8080:80"
environment:
- NGINX_HOST=impressive.local
- NGINX_PORT=80
links:
- php
php:
image: php:7-fpm
volumes:
- ./api:/var/www/api
- ./frontend/public:/var/www/html
site.conf
server {
index index.html index.php;
server_name impressive.local;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /var/www/html;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
}
location /api/ {
alias /var/www/api;
}
location ~ ^/api/(.+\.php)$ {
alias /var/www/api;
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
# pass the PHP scripts to FastCGI server listening on php:9000
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass php:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
# deny access to .htaccess files, if Apache's document root
# concurs with nginx's one
#
location ~ /\.ht {
deny all;
}
}
finally, run docker-compose build and docker-compose up
I have next docker-compose file:
nginx:
build: .
ports:
- "80:80"
- "443:443"
links:
- fpm
fpm:
image: php:fpm
ports:
- "9000:9000"
The Dockerfile command list is:
FROM nginx
ADD ./index.php /usr/share/nginx/html/
# Change Nginx config here...
RUN rm /etc/nginx/conf.d/default.conf
ADD ./default.conf /etc/nginx/conf.d/
And my custom Nginx config default.conf file is:
server {
listen 80;
server_name localhost;
root /usr/share/nginx/html;
error_log /var/log/nginx/localhost.error.log;
access_log /var/log/nginx/localhost.access.log;
location / {
# First attempt to serve request as file, then
# as directory, then fall back to displaying a 404.
try_files $uri $uri/ =404;
# Uncomment to enable naxsi on this location
# include /etc/nginx/naxsi.rules
}
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
# With php5-cgi alone:
fastcgi_pass 127.0.0.1:9000;
# With php5-fpm:
#fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
include fastcgi_params;
}
}
After docker-compose up command the static pages work fine when I get http://localhost/index.html.
But when I open http://localhost/index.php I had an error 502 Bad Gateway.
I think the problem with incorrect fastcgi_pass. Could anybody help me config fastcgi_pass in my case, please?