I'm using Docker for the first time, trying to build an NGINX proxy (also first time with NGINX). I've seen multiple guides that all seem to suggest I'm on the right path, but when I run the image, I get duplicate listen options for [::]:80 in /etc/nginx/conf.d/site.conf.
site.conf:
server {
listen 80;
listen [::]:80 ipv6only=on;
server_name gamersplane.local;
root /var/www;
index dispatch.php;
location / {
try_files $uri /dispatch.php$is_args$args;
}
location ~ \.php$ {
try_files $uri /dispatch.php =404;
fastcgi_pass api:9000;
fastcgi_index dispatch.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fixes timeouts
fastcgi_read_timeout 600;
include fastcgi_params;
}
}
api.conf:
server {
listen 80;
listen [::]:80 ipv6only=on;
server_name api.gamersplane.local;
root /var/www/api;
index dispatch.php;
location / {
try_files $uri /dispatch.php$is_args$args;
}
location ~ \.php$ {
try_files $uri /dispatch.php =404;
fastcgi_pass api:9000;
fastcgi_index dispatch.php;
fastcgi_buffers 16 16k;
fastcgi_buffer_size 32k;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
#fixes timeouts
fastcgi_read_timeout 600;
include fastcgi_params;
}
}
I have two compose files:
docker-compose.yal
proxy:
build:
context: ./nginx
dockerfile: Dockerfile
container_name: gamersplane-proxy
ports:
- 80:80
volumes:
- ../:/var/www
docker-compose.dev.yml
proxy:
volumes:
- ./nginx/dev/site.conf:/etc/nginx/conf.d/site.conf
- ./nginx/dev/api.conf:/etc/nginx/conf.d/api.conf
You need to remove ipv6_only=on, according to the documentation:
This parameter is turned on by default. It can only be set once on start.
So no need to add it to your config
Related
I've set up Xdebug with my PhpStorm and I can debug only from 0.0.0.0.
The question is:
How can I force to run debug process (listening for PHP debug connections) from any other hostname (like: app.local)?
Dockerfile:
....
RUN echo 'xdebug.client_port=9003' >> /usr/local/etc/php/php.ini
RUN echo 'xdebug.mode=debug' >> /usr/local/etc/php/php.ini
RUN echo 'xdebug.discover_client_host=true' >> /usr/local/etc/php/php.ini
...
docker-compose:
...
app:
environment:
PHP_IDE_CONFIG: serverName=docker_app
XDEBUG_CONFIG: remote_host=172.17.0.1
volumes:
- ./app/.docker/php/local.ini:/usr/local/etc/php/conf.d/local.ini
nginx:
volumes:
- ./app/.docker/nginx/conf.d/:/etc/nginx/conf.d/
...
app.conf:
server {
listen 80;
index index.php index.html;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /var/www/app/public;
client_max_body_size 40M;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass app:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location / {
try_files $uri $uri/ /index.php?$query_string;
gzip_static on;
}
}
Servers:
My app files are located in phpfpm container and I need to serve them through nginx. I want to avoid mounting the same files in two containers, so I'm trying to figure out a way to serve them only from one, phpfpm, container. When I use reverse proxy to other containers:
server {
listen 0.0.0.0:8080;
server_name myapp.test;
location / {
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header HOST $http_host;
proxy_set_header X-NginX-Proxy true;
proxy_pass http://phpfpm:900;
proxy_redirect off;
}
}
I get 502 Bad Gateway error with the following error log record:
1 recv() failed (104: Connection reset by peer) while reading response header from upstream, client: 172.18.0.1, server: myapp.test, request: "GET / HTTP/1.1", upstream: "http://172.18.0.2:9000/", host: "myapp.test"
I guess it's because phpfpm container is not a HTTP server.
So, alternatively, I try using fastcgi_pass like so:
server {
listen 0.0.0.0:8080;
server_name myapp.test;
root /app;
location / {
try_files $uri $uri/index.php;
}
location ~ \.php$ {
fastcgi_pass phpfpm:9000;
fastcgi_index index.php;
include fastcgi.conf;
}
}
This serves *.php files as expected, but doesn't serve other files, namely static content.
How do I makenginx serve both .php and static files from my phpfpm container?
Here's my docker-compose.yml:
version: "3.7"
services:
phpfpm:
image: "php-fpm:7.3"
volumes:
- ./site:/app
ports:
- "9000:9000"
nginx:
image: "nginx:1.17"
volumes:
- ./nginx/app.conf:/opt/nginx/conf/nginx.conf
ports:
- "80:8080"
You have 2 issues:
You did not mount your static content into your Nginx container, therefore it cannot be served. Add this volume to your container
./site/public/:/var/www/html/public/:ro
You need to setup your Nginx config in order to serve this static content. You may try this one
server {
listen 0.0.0.0:8080;
server_name myapp.test;
root /var/www/html/public;
add_header X-Frame-Options "SAMEORIGIN";
add_header X-XSS-Protection "1; mode=block";
add_header X-Content-Type-Options "nosniff";
index index.html index.htm index.php;
charset utf-8;
location / {
try_files $uri /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass phpfpm:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi.conf;
}
}
I'm fairly new to Nginx and web servers in general.
My setup is docker, Nginx, PHP/laravel, +let's encrypt.
I have this Nginx config file:
server {
listen 80;
server_name www.example.io;
return 301 https://example.io$request_uri;
}
server {
listen 80;
server_name example.io;
return 301 https://example.io$request_uri;
}
server {
listen 443 ssl;
server_name example.io;
ssl_certificate /etc/nginx/certs/example.io.pem;
ssl_certificate_key /etc/nginx/certs/example.io.key;
index index.php index.html;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /var/www/public;
location ~ \.php$ {
try_files $uri =404;
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass app:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param PATH_INFO $fastcgi_path_info;
}
location / {
try_files $uri $uri/ /index.php?$query_string;
gzip_static on;
}
}
I'm pretty sure my certificates are not what the problem is. because they do work when I have a single port 80 server and it has server_name example.io www.example.io but in that case, I'm unable to access the website through example.io as secure. while the www.example.io is secure. it also acts like two different websites. I believe the cookies in one do not implement in the other.
What I'm trying to achieve is, I wish to redirect both www.example.io and example.io to https://example.io
I am trying to connect to a proxypass in docker I have setup but I keep getting:
8#8: *1 api.example.local could not be resolved (3: Host not found)
I can access the proxy by going to http://api.example.com in my browser, but not if I go through the nginx proxy pass. My nginx is as follows, and please note that:
Have ipv6 disabled
I am resolving to 127.0.0.11
server {
listen 80;
server_name api.example.local;
resolver 127.0.0.11 ipv6=off;
location / {
root /code/api/public_html/;
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?rt=$uri&$args;
}
location ~ \.php$ {
root /code/api/public_html/;
fastcgi_pass php:9000;
fastcgi_index index.php;
#fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param ENV development;
fastcgi_param HTTPS off;
fastcgi_read_timeout 9600;
}
}
server {
index index.php index.html;
server_name www.example.local;
resolver 127.0.0.11 ipv6=off;
error_log /var/log/nginx/error.log;
access_log /var/log/nginx/access.log;
root /code/main/public_html;
location / {
root /code/main/public_html/;
index index.php index.html index.htm;
try_files $uri $uri/ /index.php?rt=$uri&$args;
}
location /api {
resolver 127.0.0.11 ipv6=off;
proxy_pass_header Set-Cookie;
proxy_pass_header P3P;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Fowarded-Host $host;
set $upstream api.example.local;
proxy_pass http://$upstream;
proxy_connect_timeout 60;
proxy_redirect off;
}
location ~ \.php$ {
root /code/main/public_html/;
fastcgi_pass php:9000;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
fastcgi_param PATH_INFO $fastcgi_path_info;
fastcgi_param ENV development;
fastcgi_param HTTPS off;
fastcgi_read_timeout 300;
}
}
I also have the domains in my /etc/hosts. The OS is Ubuntu 18.04.
127.0.0.1 localhost
127.0.1.1 my-comp
127.0.0.1 www.example.local
127.0.0.1 api.example.local
What can I be doing wrong?
The nginx container and the upstream server need to be on the same docker network.
Example:
Assuming the nginx container is exposed ports 443 on the bridge, create a docker network called nginx-network and join it to that network.
Assuming also the upstream server is a container called ‘mysite’, join that container to the nginx-network, nginx will then be able to resolve the dns ‘mysite’.
I have a Rails app configured with nginx with its root at /var/www/apps/example/current/public. It's accessed at https://www.example.com. That all works great. I decided to add a blog, and I wanted to go with Wordpress. I installed it in a different directory on the server, /var/www/apps/blog, and I want to be able to access it by going to https://www.example.com/blog
Below is my nginx config:
server {
listen 443;
ssl on;
ssl_certificate /etc/ssl/certs/example.com.pem;
ssl_certificate_key /etc/ssl/certs/example.com.key;
server_name www.example.com;
root /var/www/apps/example/current/public;
passenger_enabled on;
rails_env production;
client_max_body_size 100M;
client_body_buffer_size 256k;
error_page 404 /404.html;
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root html;
}
location /blog {
root /var/www/apps;
location ~ [^/]\.php(/|$) {
try_files $uri =404;
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
}
I can navigate to example.com/blog and it takes me there without any issues. The problem comes when I enable pretty URLs and try to view a post. It circumvents the /blog directory and hits my Rails app, ending up with a 404. I see the following error in /var/log/nginx/error.log:
2016/06/30 17:24:32 [error] 7035#0: *20 "/var/www/apps/blog/hello-world/index.html" is not found (2: No such file or directory), client: 199.27.128.198, server: www.example.com, request: "GET /blog/hello-world/ HTTP/1.1", host: "www.example.com", referrer: "https://www.example.com/blog/"
Adding an index index.php directive doesn't fix the problem, it merely then states that /var/www/apps/blog/hello-world/index.php is not found instead.
Any ideas? I'm stumped.
try_files $uri=404; is not enough for pretty permalinks.
To enable pretty permalinks, you need to change it to:
location /blog {
root /var/www/apps/blog;
try_files $uri $uri/ /index.php?$args;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
Or, try non-root try_files redirect:
location /blog {
try_files $uri $uri/ /blog/index.php?$args;
location ~ \.php$ {
fastcgi_pass unix:/var/run/php5-fpm.sock;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
Here's a quick guide setting up wordpress with rails