I created a website and a respective admin-backend with Angular and want to serve it using Nginx via Docker. The website should be available via 'mydomain.com/' whereas the backend should be available via 'mydomain.com/backend/'. Getting the website running works perfectly fine. But the path resolution for the backend just does not work.
This is my Dockerfile:
# Webpage
FROM node:16 as build-webpage
WORKDIR /usr/local/app
COPY ./webpage /usr/local/app/
RUN npm ci
RUN npm run build # ng build
# Backend
FROM node:16 as build-backend
WORKDIR /usr/local/app
COPY ./backend /usr/local/app/
RUN npm ci
RUN npm run build
# Nginx
FROM nginx:latest
COPY --from=build-webpage /usr/local/app/dist/webpage /usr/share/nginx/html/webpage
COPY --from=build-backend /usr/local/app/dist/backend /usr/share/nginx/html/backend
COPY nginx.conf /etc/nginx/nginx.conf
EXPOSE 80
The nginx.conf contains these location blocks:
location /backend/ {
root /usr/share/nginx/html/; # backend should get appended (due to root)
index index.html index.htm;
include /etc/nginx/mime.types;
}
location / {
root /usr/share/nginx/html/webpage/; # only / is appended, so webpage is appended manually
index index.html index.htm;
include /etc/nginx/mime.types;
}
When I then try to open 'mydomain.com/backend' or 'mydomain.com/backend/index.html', the following log is generated by Nginx:
open() /usr/share/nginx/html/webpage/backend/index.html failed …
As it seems to me, Nginx matches the "/-Location" instead of the "/backend/-Location", since the "webpage"-folder is part of the directory Nginx resolves.
According to various blogposts, Nginx chooses the "best-fitting" location branch when resolving a URL. Therefore, "/backend/" should be chosen. Also, I tried to replace location /backend/ with location ^~ \/backend\/, so that the caret enforces that branch since it is before the "/-Location" in the config file. Unfortunately, that made no difference either.
So I was blessed if someone could tell me what I'm doing wrong.
Thank you!
I want to access a directory not containing in the docroot from nginx.
The Situation:
I've got a folder which contains files:
Command:
ls -lah /var/www/
Output:
drwxr-x---. 2 docker-www docker-www 6 Jul 24 16:56 some_folder
And I've got a path which should delivers the content from the folder above:
Command:
ls -lah /var/www/typo3/releases/current/typo3-web/web/info/symlink
Output:
lrwxrwxrwx. 1 docker-www docker-www 32 Jul 24 16:56 symlink -> /var/www/some_folder
My nginx config:
root /usr/share/nginx/current/typo3-web/web;
...
location /info/symlink/ {
allow all;
autoindex on;
disable_symlinks off;
}
Problem:
The nginx delivers "404 Not Found"
Things I've tried yet:
Create a normal folder in /var/www/typo3/releases/current/typo3-web/web/info/ and it works. NGINX delivers the file index.
Check the file permissions: the user docker-www has access to the files.
Sorry guys. I have to mount the folder into the docker container by using another docker volume.
Im building my docker image from a jenkins job.
I do ADD an index.html file to the html directory of nignx.
The permissions on the jenkins host are
-rw-r----- 1 jenkins jenkins 3.3K Nov 10 14:12 index.html
and also the permissions inside the container are set to
-rw-r----- 1 root root 3.2K Nov 10 13:12 index.html
so the webserver serves an 403 Forbidden instead of the file.
Can I omit the permissions on the host and use a default umask (rwxr-xr-x) or do I have to chmod every file I want serve via nginx?
The Docker Documentation for ADD states the following:
All new files and directories are created with a UID and GID of 0.
This means that you have to run either chown or chmod after copying the files.
There are some further discussions here:
https://github.com/docker/docker/issues/7537
https://github.com/docker/docker/pull/9934
I have provisioned a scalable EB(Elasticbeanstalk) rails(puma) instance. I have applied for https through ACM(Amazon Certificate Manager) and applied it to my load balancer. HTTPS is enabled for my website now. But how do I force redirect to https? I have tried a number of solutions online where it was suggested to make a nginx configuration setting manually through .ebextensions and I am not sure where to get the certificate from ACM for this?(I am assuming that is not possible with ACM right now?). How do I force HTTPS?
The current AWS EB Rails and Node.js setups both use nginx (if your web server is apache see this answer), so the following should work (adapted from this question):
Create the file .ebextensions/01-force-https.config (the .config is important, not .conf) with the following content.
If your environment is a single instance:
files:
"/etc/nginx/conf.d/01-force-https.conf":
owner: root
group: root
mode: "000644"
content: |
server {
listen 8080;
return 301 https://$host$request_uri;
}
If your environment is load balanced, you unfortunately cannot simply add to the existing config but need to modify it with sed:
files:
"/tmp/45_nginx_https_rw.sh":
owner: root
group: root
mode: "000644"
content: |
#! /bin/bash
CONFIGURED=`grep -c "return 301 https" /opt/elasticbeanstalk/support/conf/webapp_healthd.conf`
if [ $CONFIGURED = 0 ]
then
sed -i '/listen 80;/a \ if ($http_x_forwarded_proto = "http") { return 301 https://$host$request_uri; }\n' /opt/elasticbeanstalk/support/conf/webapp_healthd.conf
logger -t nginx_rw "https rewrite rules added"
exit 0
else
logger -t nginx_rw "https rewrite rules already set"
exit 0
fi
container_commands:
00_appdeploy_rewrite_hook:
command: cp -v /tmp/45_nginx_https_rw.sh /opt/elasticbeanstalk/hooks/appdeploy/enact
01_configdeploy_rewrite_hook:
command: cp -v /tmp/45_nginx_https_rw.sh /opt/elasticbeanstalk/hooks/configdeploy/enact
02_rewrite_hook_perms:
command: chmod 755 /opt/elasticbeanstalk/hooks/appdeploy/enact/45_nginx_https_rw.sh /opt/elasticbeanstalk/hooks/configdeploy/enact/45_nginx_https_rw.sh
03_rewrite_hook_ownership:
command: chown root:users /opt/elasticbeanstalk/hooks/appdeploy/enact/45_nginx_https_rw.sh /opt/elasticbeanstalk/hooks/configdeploy/enact/45_nginx_https_rw.sh
Then add it to your git repo or app bundle and eb deploy. This creates /etc/nginx/conf.d/01-force-https.conf which is automatically included from /etc/nginx/nginx.conf. Note that eb deploy won't delete the file on the server if you later remove the corresponding file from .ebextensions. Also, I found the following helpful in debugging through eb ssh:
sudo service nginx configtest
sudo service nginx restart
AWS has a help article for HTTP to HTTPS redirection here:
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/configuring-https-httpredirect.html
It covers 2 main approaches, and has links to the relevant scripts you can use to do it all for you (which they maintain as they update the Elastic Beanstalk platform).
I'm running a rails application on Ruby 2.0/Puma instances and am trying to customize the nginx configuration. I need to increase the permitted request size to allow file uploads. I've found some other posts that have lead me to add this to my .ebextensions:
files:
"/etc/nginx/conf.d/proxy.conf" :
mode: "000755"
owner: root
group: root
content: |
client_max_body_size 70M;
That does create the file as expected, but it doesn't seem to work until I manually restart nginx. Because of that, I've tried to figure out a way to restart nginx with .ebextensions commands, but haven't had any success. Does anyone know of a way to restart nginx with .ebextensions or know of a better approach to solving this problem?
I found a way to restart nginx after deployment using an undocumented technique for running post-deployment scripts. I added this to my .ebextensions:
files:
"/opt/elasticbeanstalk/hooks/appdeploy/post/03_restart_nginx.sh":
mode: "000755"
owner: root
group: root
content: |
#!/usr/bin/env bash
service nginx restart
To reload the nginx config, you can use container_commands
From http://www.infoq.com/news/2012/11/elastic-beanstalk-config-files:
The container_commands key allows you to execute commands for your container. They are run after the application and web server have been set up and the application has been extracted, but before the application is deployed. container_commands are processed in lexicographical order by name.
container_commands:
01_reload_nginx:
command: "service nginx reload"
I might be a little late with the response here, but I've discovered another, less intrusive way to configure nginx on Elastic Beanstalk.
You can specify configuration files for nginx directly by creating an .ebextensions/nginx/conf.d directory. Any config files found inside are automatically copied to your /etc/nginx/conf.d/ directory during the EB deployment.
This seems to be a more robust solution.
Documentation available here:
https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/java-se-nginx.html
EDIT: As pointed out in comments, Elastic Beanstalk has inconsistent implementations between platforms. The documentation here is for Java SE, and it appears this documentation is not relevant for all platforms.
this is my configuration and worked for me. You have to include it inside of the http block.
files:
"/etc/nginx/conf.d/proxy.conf" :
mode: "000755"
owner: root
group: root
content: |
http {
client_max_body_size 20M;
}
The following worked for me (I increased my HTTP payload to 100M - please adjust if you'd like to increase to another size):
files:
"/etc/nginx/conf.d/proxy.conf":
mode: "000755"
owner: root
group: root
content: |
client_max_body_size 100M;
"/opt/elasticbeanstalk/hooks/appdeploy/post/03_restart_nginx.sh":
mode: "000755"
owner: root
group: root
content: |
#!/usr/bin/env bash
service nginx restart
I got it working like this. No need to restart or reload nginx since the commands (and not container_commands) runes BEFORE the application deploy.
commands:
01-get-nginx-conf-file:
command: "aws s3 cp s3://somepath/nginx.conf /home/ec2-user"
02-replace-default-nginx-config:
command: "cp /home/ec2-user/nginx.conf /etc/nginx/nginx.conf"
I had a similar situation with a Docker deployment into Elastic Beanstalk. I was able to solve the change as well as the nginx reload with a single config file here: <app>/.ebextensions/increase_upload_size.config including the following code:
container_commands:
01_reload_nginx:
command: "sudo service nginx reload"
files:
"/etc/nginx/conf.d/proxy.conf" :
mode: "000644"
owner: root
group: root
content: |
client_max_body_size 20M;
The change was implemented when I did an "Upload and Deploy" within EB.
I was able to get it working by adding the configuration files under the .platform directory as noted in https://docs.aws.amazon.com/elasticbeanstalk/latest/dg/platforms-linux-extend.html. I created a file .platform/nginx/conf.d/increase_upload_size.conf with the following code and just did a standard deploy
client_max_body_size 10M;