Develop Reference

Nginx geoip does not show the country in the logs

I am using a public repo for nginx configured for geolocation with geoip, but I am getting dashes in the fields $geoip2_data_country_code $geoip2_data_country_name'. I have the following Dockerfile:
FROM alpine:3.11
COPY GeoLite2-Country.mmdb /usr/share/geoip/
# Install libmaxminddb and ngx_http_geoip2_module
ENV MAXMIND_VERSION=1.2.1
RUN set -x \
&& apk add --no-cache --virtual .build-deps \
alpine-sdk \
perl \
&& git clone https://github.com/leev/ngx_http_geoip2_module /ngx_http_geoip2_module \
&& wget https://github.com/maxmind/libmaxminddb/releases/download/${MAXMIND_VERSION}/libmaxminddb-${MAXMIND_VERSION}.tar.gz \
&& tar xf libmaxminddb-${MAXMIND_VERSION}.tar.gz \
&& cd libmaxminddb-${MAXMIND_VERSION} \
&& ./configure \
&& make \
&& make check \
&& make install \
&& apk del .build-deps
# TODO fix issue with non zero return code
RUN ldconfig || :
# Install nginx
ENV NGINX_VERSION 1.15.11
RUN GPG_KEYS=B0F4253373F8F6F510D42178520A9993A1C052F8 \
&& CONFIG="\
--prefix=/etc/nginx \
--sbin-path=/usr/sbin/nginx \
--modules-path=/usr/lib/nginx/modules \
--conf-path=/etc/nginx/nginx.conf \
--error-log-path=/var/log/nginx/error.log \
--http-log-path=/var/log/nginx/access.log \
--pid-path=/var/run/nginx.pid \
--lock-path=/var/run/nginx.lock \
--http-client-body-temp-path=/var/cache/nginx/client_temp \
--http-proxy-temp-path=/var/cache/nginx/proxy_temp \
--http-fastcgi-temp-path=/var/cache/nginx/fastcgi_temp \
--http-uwsgi-temp-path=/var/cache/nginx/uwsgi_temp \
--http-scgi-temp-path=/var/cache/nginx/scgi_temp \
--user=nginx \
--group=nginx \
--with-http_ssl_module \
--with-http_realip_module \
--with-http_addition_module \
--with-http_sub_module \
--with-http_dav_module \
--with-http_flv_module \
--with-http_mp4_module \
--with-http_gunzip_module \
--with-http_gzip_static_module \
--with-http_random_index_module \
--with-http_secure_link_module \
--with-http_stub_status_module \
--with-http_auth_request_module \
--with-http_xslt_module=dynamic \
--with-http_image_filter_module=dynamic \
--with-http_geoip_module=dynamic \
--with-threads \
--with-stream \
--with-stream_ssl_module \
--with-stream_ssl_preread_module \
--with-stream_realip_module \
--with-stream_geoip_module=dynamic \
--with-http_slice_module \
--with-mail \
--with-mail_ssl_module \
--with-compat \
--with-file-aio \
--with-http_v2_module \
--add-dynamic-module=/ngx_http_geoip2_module \
" \
&& addgroup -S nginx \
&& adduser -D -S -h /var/cache/nginx -s /sbin/nologin -G nginx nginx \
&& apk add --no-cache --virtual .build-deps \
gcc \
libc-dev \
make \
openssl-dev \
pcre-dev \
zlib-dev \
linux-headers \
curl \
gnupg1 \
libxslt-dev \
gd-dev \
geoip-dev \
&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz -o nginx.tar.gz \
&& curl -fSL https://nginx.org/download/nginx-$NGINX_VERSION.tar.gz.asc -o nginx.tar.gz.asc \
&& export GNUPGHOME="$(mktemp -d)" \
&& found=''; \
for server in \
ha.pool.sks-keyservers.net \
hkp://keyserver.ubuntu.com:80 \
hkp://p80.pool.sks-keyservers.net:80 \
pgp.mit.edu \
; do \
echo "Fetching GPG key $GPG_KEYS from $server"; \
gpg --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$GPG_KEYS" && found=yes && break; \
done; \
test -z "$found" && echo >&2 "error: failed to fetch GPG key $GPG_KEYS" && exit 1; \
gpg --batch --verify nginx.tar.gz.asc nginx.tar.gz \
&& rm -rf "$GNUPGHOME" nginx.tar.gz.asc \
&& mkdir -p /usr/src \
&& tar -zxC /usr/src -f nginx.tar.gz \
&& rm nginx.tar.gz \
&& cd /usr/src/nginx-$NGINX_VERSION \
&& ./configure $CONFIG --with-debug \
&& make -j$(getconf _NPROCESSORS_ONLN) \
&& mv objs/nginx objs/nginx-debug \
&& mv objs/ngx_http_xslt_filter_module.so objs/ngx_http_xslt_filter_module-debug.so \
&& mv objs/ngx_http_image_filter_module.so objs/ngx_http_image_filter_module-debug.so \
&& mv objs/ngx_http_geoip_module.so objs/ngx_http_geoip_module-debug.so \
&& mv objs/ngx_stream_geoip_module.so objs/ngx_stream_geoip_module-debug.so \
&& ./configure $CONFIG \
&& make -j$(getconf _NPROCESSORS_ONLN) \
&& make install \
&& rm -rf /etc/nginx/html/ \
&& mkdir /etc/nginx/conf.d/ \
&& mkdir -p /usr/share/nginx/html/ \
&& install -m644 html/index.html /usr/share/nginx/html/ \
&& install -m644 html/50x.html /usr/share/nginx/html/ \
&& install -m755 objs/nginx-debug /usr/sbin/nginx-debug \
&& install -m755 objs/ngx_http_xslt_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_xslt_filter_module-debug.so \
&& install -m755 objs/ngx_http_image_filter_module-debug.so /usr/lib/nginx/modules/ngx_http_image_filter_module-debug.so \
&& install -m755 objs/ngx_http_geoip_module-debug.so /usr/lib/nginx/modules/ngx_http_geoip_module-debug.so \
&& install -m755 objs/ngx_stream_geoip_module-debug.so /usr/lib/nginx/modules/ngx_stream_geoip_module-debug.so \
&& ln -s ../../usr/lib/nginx/modules /etc/nginx/modules \
&& strip /usr/sbin/nginx* \
&& strip /usr/lib/nginx/modules/*.so \
&& rm -rf /usr/src/nginx-$NGINX_VERSION \
\
# Bring in gettext so we can get `envsubst`, then throw
# the rest away. To do this, we need to install `gettext`
# then move `envsubst` out of the way so `gettext` can
# be deleted completely, then move `envsubst` back.
&& apk add --no-cache --virtual .gettext gettext \
&& mv /usr/bin/envsubst /tmp/ \
\
&& runDeps="$( \
scanelf --needed --nobanner --format '%n#p' /usr/sbin/nginx /usr/lib/nginx/modules/*.so /tmp/envsubst \
| tr ',' '\n' \
| sort -u \
| awk 'system("[ -e /usr/local/lib/" $1 " ]") == 0 { next } { print "so:" $1 }' \
)" \
&& apk add --no-cache --virtual .nginx-rundeps $runDeps \
&& apk del .build-deps \
&& apk del .gettext \
&& mv /tmp/envsubst /usr/local/bin/ \
\
# Bring in tzdata so users could set the timezones through the environment
# variables
&& apk add --no-cache tzdata \
\
# forward request and error logs to docker log collector
&& ln -sf /dev/stdout /var/log/nginx/access.log \
&& ln -sf /dev/stderr /var/log/nginx/error.log
COPY nginx.conf /etc/nginx/nginx.conf
COPY nginx.vh.default.conf /etc/nginx/conf.d/default.conf
EXPOSE 80
STOPSIGNAL SIGTERM
CMD ["nginx", "-g", "daemon off;"]
And the two files nginx.conf:
user nginx;
worker_processes 1;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
load_module modules/ngx_http_geoip2_module.so; # GeoIP2
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
# GeoIP2
geoip2 /usr/share/geoip/GeoLite2-Country.mmdb {
$geoip2_data_country_code source=$remote_addr country iso_code;
$geoip2_data_country_name source=$remote_addr country names en;
}
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
# GeoIP2
log_format main_geo '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for" '
'$geoip2_data_country_code $geoip2_data_country_name';
access_log /var/log/nginx/access.log main_geo; # GeoIP2
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
And nginx.vh.default.conf:
server {
listen 80;
server_name localhost;
location / {
root /usr/share/nginx/html;
index index.html index.htm;
}
error_page 500 502 503 504 /50x.html;
location = /50x.html {
root /usr/share/nginx/html;
}
}
According to this page if I do docker run --rm -p 80:80 bubelov/nginx-alpine-geoip2 then I will get the correct log:
183.88.21.120 - - [16/Apr/2019:09:08:55 +0000] "GET / HTTP/1.1"
200 612 "-"
"Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:66.0) Gecko/20100101 Firefox/66.0" "-"
TH Thailand
But in my case it is the following:
192.168.3.1 - - [15/Jun/2022:10:46:11 +0000] "GET / HTTP/1.1" 304 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36" "10.0.8.83" - -
The actual nginx configuration file is the following:
events{}
# See blow link for Creating NGINX Plus and NGINX Configuration Files
# https://docs.nginx.com/nginx/admin-guide/basic-functionality/managing-configuration-files/
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
# The identifier Backend is internal to nginx, and used to name this specific upstream
upstream backend {
# BACKEND_HOST is the internal DNS name used by the Backend Service inside the Kubernetes cluster
# or in the services list of the docker-compose.
server ${BACKEND_HOST}:${BACKEND_PORT};
}
server {
listen ${NODE_PORT};
root /usr/share/nginx/html;
index index.html;
location / {
try_files $uri $uri/ /index.html;
}
location /api/ {
resolver 127.0.0.11;
#nginx will not crash if host is not found
# The following statement will proxy traffic to the upstream
proxy_pass http://backend;
proxy_set_header Host $host;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
}
}
}

Wait a second, your IP 192.168.3.1 is a private one. So it can not have a location identified.
> mmdblookup --file GeoLite2-Country.mmdb --ip 192.168.3.1
Could not find an entry for this IP address (192.168.3.1)
More on IP ranges: https://www.arin.net/reference/research/statistics/address_filters/

Below is the list of Private Network Subnets. Inside your VPN (Virtual Private Network) network admins can assign any subnet to any location.
RFC 1918 name IP address range Number of addresses Largest CIDR block (subnet mask) Host ID size Mask bits Classful description[Note 1]
24-bit block 10.0.0.0 – 10.255.255.255 16777216 10.0.0.0/8 (255.0.0.0) 24 bits 8 bits single class A network
20-bit block 172.16.0.0 – 172.31.255.255 1048576 172.16.0.0/12 (255.240.0.0) 20 bits 12 bits 16 contiguous class B networks
16-bit block 192.168.0.0 – 192.168.255.255 65536 192.168.0.0/16 (255.255.0.0) 16 bits 16 bits 256 contiguous class C networks
Only Public IP addresses can be found in GeoLite2-Country.mmdb. That's why the your IP 192.168.3.1 does not return any location.

Docker link to connect nginx and php containers

I tried to learn a (even though a bit outdated) form of linking containers. I created an NGINX and PHP container, which should get linked. Everything runs on my local machine.
Dockerfile NGINX
FROM ubuntu:16.04
MAINTAINER Sebastian Scharf
# Install NGINX
RUN apt-get update && apt-get install -y nginx \
# Clean after apt-get
&& apt-get clean \
## remove content from apt/lists and var/tmp
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/* \
## set deamon off
&& echo "daemon off;" >> /etc/nginx/nginx.conf
ADD default /etc/nginx/sites-available/default
# forward request and error logs to docker log collector
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
&& ln -sf /dev/stderr /var/log/nginx/error.log
CMD ["nginx"]
Dockerfile PHP
FROM ubuntu:16.04
MAINTAINER Sebastian Scharf
RUN apt-get update \
&& apt-get install -y locales \
&& locale-gen en_US.UTF-8
ENV LANG en_US.UTF-8
ENV LANGUAGE en_US:en
ENV LC_ALL en_US.UTF-8
RUN apt-get update \
&& apt-get install -y curl zip unzip git software-properties-common \
&& add-apt-repository -y ppa:ondrej/php \
&& apt-get update \
&& apt-get install -y php7.0-fpm php7.0-cli php7.0-mcrypt php7.0-gd php7.0-mysql \
php7.0-pgsql php7.0-imap php-memcached php7.0-mbstring php7.0-xml php7.0-curl \
&& php -r "readfile('http://getcomposer.org/installer');" | php -- --install-dir=/usr/bin/ --filename=composer \
&& mkdir /run/php \
&& apt-get remove -y --purge software-properties-common \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/* /tmp/* /var/tmp/*
ADD php-fpm.conf /etc/php/7.0/fpm/php-fpm.conf
ADD www.conf /etc/php/7.0/fpm/pool.d/www.conf
EXPOSE 9000
CMD ["php-fpm7.0"]
NGINX CONFIG
server {
listen 8080 default_server;
root /var/www/html/public;
index index.html index.htm index.php;
server_name _;
charset utf-8;
location = /favicon.ico { log_not_found off; access_log off; }
location = /robots.txt { log_not_found off; access_log off; }
location / {
try_files $uri $uri/ /index.php$is_args$args;
}
location ~ \.php$ {
include snippets/fastcgi-php.conf;
fastcgi_pass php:9000;
}
error_page 404 /index.php;
location ~ /\.ht {
deny all;
}
}
When I call localhost:8080, I get the error: This page isn't working (localhost didn't send any data). I was expecting to see a test file.
This is how I started the containers and linked them:
docker run -d --name=myphp -v $(pwd)/application:/var/www/html retronexus/php:0.1.0
docker run -d --link=myphp:php -p 8080:80 -v $(pwd)/application:/var/www/html retronexus/nginx:0.2.0

Nginx in your container listens on port 8080, but you are binding port 80 from the container to 8080 on the host. Switch to binding 8080 from the container.
docker run -d \
--link=myphp:php \
-p 8080:8080 \
-v $(pwd)/application:/var/www/html \
retronexus/nginx:0.2.0
See here for more details: https://docs.docker.com/config/containers/container-networking/#published-ports

nginx 1.14.2 docker bad gateway respone

Good day.
I have been working with Docker recently. Faced such a problem:
The administrative part of the site is working fine, and the public part gives an error 502 bad gateway.
Here are the settings for my docker:
docker-kompose.yml (root folder):
version: '3'
services:
nginx:
image: nginx:1.14
ports:
- "${NGINX_HOST}:${NGINX_PORT}:80"
volumes:
- ./:/var/www/html:cached
- ./docker/nginx/nginx.conf:/etc/nginx/nginx.conf
depends_on: [php]
env_file: .env
restart: always
php:
build:
context: docker/php
args:
TIMEZONE: ${TIMEZONE}
volumes:
- ./:/var/www/html:cached
- ./docker/php/php.ini:/usr/local/etc/php/php.ini:cached
- ./docker/php/php-fpm.conf:/usr/local/etc/php-fpm.d/99-custom.conf:cached
user: "${DOCKER_UID}"
env_file: .env
restart: always
docker-kompose.override.yml (root folder):
version: '3'
services:
markup:
build: docker/markup
user: "${DOCKER_UID}"
ports:
- "${MARKUP_PORT}:4000"
volumes:
- ./:/app:cached
command: bash -c "npm install --no-save && bower install && gulp external"
environment:
NODE_ENV: "${MARKUP_ENV}"
.env file (root folder):
COMPOSE_PROJECT_NAME=nrd
# "docker-compose.yml:docker-compose.prod.yml" for prod
# "docker-compose.yml:docker-compose.stage.yml" for stage
COMPOSE_FILE=
DOCKER_UID=1000
DOCKER_ADDRESS=172.17.0.1
# "develop" or "production"
MARKUP_ENV=develop
MARKUP_PORT=4000
# 0.0.0.0 for external access
NGINX_HOST=127.0.0.1
NGINX_PORT=80
TIMEZONE=Europe/Moscow
nginx.conf (folder docker/nginx/):
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log off;
error_log /dev/null crit;
client_max_body_size 1024M;
client_header_buffer_size 4k;
large_client_header_buffers 4 8k;
sendfile on;
keepalive_timeout 65;
map $http_x_forwarded_proto $fastcgi_https {
default off;
https on;
}
map $http_upgrade $connection_upgrade {
default upgrade;
'' close;
}
server {
root /var/www/html;
listen 80;
server_name _;
access_log off;
error_log /dev/null crit;
charset utf-8;
location ~ ^/(\.git|log|docker|\.env) {
return 404;
}
location ~ \.php$ {
fastcgi_pass php:9000;
fastcgi_read_timeout 7200;
fastcgi_send_timeout 72000;
fastcgi_buffer_size 32k;
fastcgi_buffers 16 32k;
fastcgi_index index.php;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_param HTTPS $fastcgi_https if_not_empty;
fastcgi_param REMOTE_ADDR $http_x_forwarded_for;
include fastcgi_params;
if (!-f $request_filename) {
rewrite ^(.*)/index.php$ $1/ redirect;
}
}
location / {
index index.php index.html index.htm;
if (!-e $request_filename){
rewrite ^(.*)$ /bitrix/urlrewrite.php last;
}
}
location ~ /\.ht {
deny all;
}
location ~* ^.+\.(xml|html|jpg|jpeg|gif|ttf|eot|swf|svg|png|ico|mp3|css|woff2?|zip|tgz|gz|rar|bz2|doc|xls|exe|pdf|dat|avi|ppt|txt|tar|mid|midi|wav|bmp|rtf|wmv|mpeg|mpg|mp4|m4a|spx|ogx|ogv|oga|webm|weba|ogg|tbz|js)$ {
expires 30d;
access_log off;
}
}
}
.Dockerfile (folder docker/php):
# See https://github.com/docker-library/php/blob/master/7.1/fpm/Dockerfile
FROM php:7.1-fpm
ARG TIMEZONE
RUN apt-get update && apt-get install -y \
openssl \
git \
zlibc \
zlib1g \
zlib1g-dev \
libfreetype6-dev \
libssl-dev \
libjpeg62-turbo-dev \
libmemcached-dev \
libmagickwand-dev \
libmcrypt-dev \
libpng-dev \
libicu-dev \
unzip
# Install Composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
RUN mkdir /.composer/ && chmod 777 /.composer/
# Set timezone
RUN ln -snf /usr/share/zoneinfo/${TIMEZONE} /etc/localtime && echo ${TIMEZONE} > /etc/timezone
RUN printf '[PHP]\ndate.timezone = "%s"\n', ${TIMEZONE} > /usr/local/etc/php/conf.d/tzone.ini
RUN "date"
# Type docker-php-ext-install to see available extensions
RUN docker-php-ext-configure gd --with-freetype-dir=/usr/include/ --with-jpeg-dir=/usr/include/
RUN docker-php-ext-install pdo_mysql gd
# Install memcached extension
RUN apt-get update \
&& apt-get install -y libmemcached11 libmemcachedutil2 build-essential libmemcached-dev libz-dev \
&& pecl install memcached \
&& echo extension=memcached.so >> /usr/local/etc/php/conf.d/memcached.ini \
&& apt-get remove -y build-essential libmemcached-dev libz-dev \
&& apt-get autoremove -y \
&& apt-get clean \
&& rm -rf /tmp/pear
RUN docker-php-ext-install intl
RUN docker-php-ext-install opcache
RUN docker-php-ext-install soap
RUN apt-get install -y --no-install-recommends default-libmysqlclient-dev
RUN apt-get install -y \
libzip-dev \
zip \
&& docker-php-ext-configure zip --with-libzip \
&& docker-php-ext-install zip
RUN docker-php-ext-install mysqli
WORKDIR /var/www/html
CMD ["php-fpm"]
php.ini (folder docker/php):
[PHP]
short_open_tag = On
upload_max_filesize = 200M
post_max_size = 250M
display_errors = Off
memory_limit = 1024M
max_execution_time = 60
[mbstring]
mbstring.internal_encoding = UTF-8
mbstring.func_overload = 2
php-fpm.conf (folder docker/php):
[www]
pm = dynamic
pm.max_children = 50
pm.start_servers = 2
pm.min_spare_servers = 2
pm.max_spare_servers = 10
access.format = "%{REMOTE_ADDR}e - %u %t \"%m %{REQUEST_URI}e%Q%q\" %s %{miliseconds}dms %{megabytes}MM %C%%"
;slowlog = /proc/self/fd/2
;request_slowlog_timeout = 2s
php_admin_value[error_log] = /proc/self/fd/2
php_admin_flag[log_errors] = on
.Dockerfile (folder docker/markup):
FROM node:10.13
RUN npm install -g gulp bower
RUN echo '{ "allow_root": true }' > /root/.bowerrc
RUN mkdir /.npm && mkdir /.config && mkdir /.cache && mkdir /.local && chmod 777 /.npm && chmod 777 /.config && chmod 777 /.cache && chmod 777 /.local
EXPOSE 4000
WORKDIR /app/markup
Please help, I do not understand what is the matter. Today everything worked fine, I did not touch the settings anywhere, I did not change the passwords anywhere. The public part of my local project just started giving 502 errors
Using Docker for Windows.

Docker / Nginx / Symfony4: php modifications aren't displayed

I'm setting up a docker stack for a Symfony 4 application with Nginx and PHP 7. I need advice for my docker stack because i met one problem : every changes in a PHP file (a controller, a repository, an entity etc...) aren't displayed. Each time, i need to down ma docker stack and restart to see the changes, even for a simple dump().
I verified OPCache is enabled and configured like in Symfony documentation.
I think the problem is in my docker stack.
This is docker-compose.yml :
version: '2.2'
services:
# PHP
php:
build:
context: docker/php7-fpm
args:
TIMEZONE: ${TIMEZONE}
container_name: dso_php
volumes:
- ".:/var/www/myproject:rw,cached"
- "./docker/php7-fpm/www.conf:/usr/local/etc/php-fpm.d/www.conf"
- "./docker/php7-fpm/php.ini:/usr/local/etc/php/conf.d/030-custom.ini"
env_file:
- .env
working_dir: /var/www/myproject
# NGINX
nginx:
build:
context: docker/nginx
args:
NGINX_HOST: ${NGINX_HOST}
container_name: dso_nginx
ports:
- 80:80
depends_on:
- php
volumes:
- ".:/var/www/myproject:cached"
- ./logs/nginx/:/var/log/nginx
env_file:
- .env
environment:
- NGINX_HOST=${NGINX_HOST}
I build my own Dockerfile for PHP and Nginx:
First PHP, here the Dockerfile :
FROM php:7.2-fpm
MAINTAINER HamHamFonFon <balistik.fonfon#gmail.com>
USER root
# Utils
RUN apt-get update \
&& apt-get upgrade -y \
&& apt-get install -y curl less vim libpq-dev wget gnupg libicu-dev libpng-dev zlib1g-dev sudo wget \
&& docker-php-ext-install mysqli \
&& docker-php-ext-install pdo_mysql \
&& docker-php-ext-install intl \
&& docker-php-ext-install opcache \
&& docker-php-ext-install zip \
&& docker-php-ext-install gd
RUN apt-get install -y zip unzip
# Install Composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer \
&& composer --version
# npm & node
RUN curl -sL https://deb.nodesource.com/setup_9.x | bash
RUN apt-get install -y nodejs npm \
&& update-alternatives --install /usr/bin/node node /usr/bin/nodejs 10
# build tools
RUN apt-get install -y build-essential
# yarn package manager
RUN curl -sS https://dl.yarnpkg.com/debian/pubkey.gpg | apt-key add - \
&& echo "deb https://dl.yarnpkg.com/debian/ stable main" | tee /etc/apt/sources.list.d/yarn.list
# Git
RUN apt-get install -y git
# bugfix: remove cmdtest to install yarn correctly.
RUN apt-get remove -y cmdtest
RUN apt-get update
RUN apt-get install -y yarn
# Clear archives in apt cache folder
RUN apt-get clean && rm -rf /var/lib/apt/lists/*
COPY docker-entrypoint.sh /usr/local/bin/docker-entrypoint
RUN chmod +x /usr/local/bin/docker-entrypoint
ENTRYPOINT ["docker-entrypoint"]
php.ini :
; General settings
date.timezone = Europe/Paris
xdebug.max_nesting_level=500
short_open_tag = Off
memory_limit="512M"
; Error reporting optimized for production (http://www.phptherightway.com/#error_reporting)
display_errors = Off
display_startup_errors = Off
error_reporting = E_ALL
log_errors = On
error_log = /var/log/php-app/error.log
apc.enable_cli = 1
# http://symfony.com/doc/current/performance.html
opcache.interned_strings_buffer = 16
opcache.memory_consumption = 256
opcache.max_accelerated_files = 20000
opcache.validate_timestamps=0
; maximum memory allocated to store the results
realpath_cache_size=4096K
; save the results for 10 minutes (600 seconds)
realpath_cache_ttl=600
And www.conf (i have removed in this exemple all commented lines) :
[www]
user = site
listen = [::]:9000
pm = dynamic
pm.max_children = 5
pm.start_servers = 2
pm.min_spare_servers = 1
pm.max_spare_servers = 3
php_admin_value[upload_max_filesize] = 50M
php_admin_value[post_max_size] = 50M
Now, for nginx :
First, Dockerfile :
FROM debian:jessie
ARG NGINX_HOST
MAINTAINER HamHamFonFon <balistik.fonfon#gmail.com>
# Install nginx
RUN apt-get update && apt-get install -y nginx
# Configure Nginx
ADD nginx.conf /etc/nginx/
ADD symfony.conf /etc/nginx/conf.d/
RUN sed "/server_name nginx_host;/c\ server_name ${NGINX_HOST};" -i /etc/nginx/conf.d/symfony.conf
RUN echo "upstream php-upstream { server php:9000; }" > /etc/nginx/conf.d/upstream.conf
RUN usermod -u 1000 www-data
# Run Nginx
CMD ["nginx"]
# Expose ports
EXPOSE 80
nginx.conf :
user www-data;
worker_processes 4;
pid /run/nginx.pid;
events {
worker_connections 2048;
multi_accept on;
use epoll;
}
http {
server_tokens off;
sendfile on;
tcp_nopush on;
tcp_nodelay on;
keepalive_timeout 15;
types_hash_max_size 2048;
include /etc/nginx/mime.types;
default_type application/octet-stream;
access_log off;
error_log off;
gzip on;
gzip_disable "msie6";
include /etc/nginx/conf.d/*.conf;
open_file_cache max=100;
client_body_temp_path /tmp 1 2;
client_body_buffer_size 256k;
client_body_in_file_only off;
}
daemon off;
And finally, symfony.conf :
server {
listen 80;
listen [::]:80;
server_name nginx_host;
client_max_body_size 20M;
root /var/www/deep-space-objects/public;
location / {
try_files $uri /index.php$is_args$args;
}
location ~ ^/(index)\.php(/|$) {
fastcgi_pass php-upstream;
fastcgi_split_path_info ^(.+\.php)(/.*)$;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $realpath_root$fastcgi_script_name;
fastcgi_param DOCUMENT_ROOT $realpath_root;
internal;
}
location ~ \.php$ {
return 404;
}
error_log /var/log/nginx/symfony_error.log;
access_log /var/log/nginx/symfony_access.log;
}
In Dockerfile, the command "sed" replace "nginx_host" by the server name i declare in .env file.
My problem looks like this one : Docker with Symfony 4 - Unable to see the file changes but i have verified the OPCache configuration.
How can i check if nginx and php communicate ? Are there some badthings in my stack i can improve ?
Thank you, i don't know how to looking for.

GET http://backend/api/countries net::ERR_NAME_NOT_RESOLVED

I am actually getting error when making CORS calls to the backend:
GET http://backend/api/countries net::ERR_NAME_NOT_RESOLVED
I am using for that docker-compose:
docker-compose.yml
version: '2'
networks:
minn_net:
services:
backend:
build: backend-symfony
container_name: backend
networks:
- minn_net
ports:
- 81:80
volumes:
- ./backend-symfony/backend/var/logs-nginx:/var/log/nginx
- ./backend-symfony/backend/:/var/www/html
- ./backend-symfony/errors/:/var/www/errors
db:
image: mysql:5.7.19
container_name: db
networks:
- minn_net
ports:
- 3306
volumes:
- "./.data/db:/var/lib/mysql"
environment:
MYSQL_ROOT_PASSWORD: ${MYSQL_ROOT_PASSWORD}
MYSQL_DATABASE: ${MYSQL_DATABASE}
MYSQL_USER: ${MYSQL_USER}
MYSQL_PASSWORD: ${MYSQL_PASSWORD}
phpmyadmin:
image: phpmyadmin/phpmyadmin:edge-4.7
container_name: phpmyadmin
networks:
- minn_net
ports:
- 8080:80
links:
- db
frontend:
build: frontend-angular
container_name: frontend
networks:
- minn_net
links:
- backend # I added links as extra: may be the frontend recognises the backend
ports:
- 88:80
volumes:
- ./frontend-angular/frontend2/dist:/var/www/frontend
- ./frontend-angular/conf/docker/default.conf:/etc/nginx/conf.d/default.conf
- ./frontend-angular/logs/nginx/:/var/log/nginx
config of nginx for the backend
server {
listen 80; ## listen for ipv4; this line is default and implied
listen [::]:80 default ipv6only=on; ## listen for ipv6
root /var/www/html/public;
index index.php;
# Make site accessible from http://localhost/
server_name _;
# Disable sendfile as per https://docs.vagrantup.com/v2/synced-folders/virtualbox.html
sendfile off;
# Add stdout logging
error_log /dev/stdout info;
access_log /dev/stdout;
# Add option for x-forward-for (real ip when behind elb)
#real_ip_header X-Forwarded-For;
#set_real_ip_from 172.16.0.0/12;
location / {
# Match host using a hostname if you like
#if ($http_origin ~* (https?://.*\.tarunlalwani\.com(:[0-9]+)?$)) {
# set $cors "1";
#}
set $cors "1";
# OPTIONS indicates a CORS pre-flight request
if ($request_method = 'OPTIONS') {
set $cors "${cors}o";
}
# OPTIONS (pre-flight) request from allowed
# CORS domain. return response directly
if ($cors = "1o") {
add_header 'Access-Control-Allow-Origin' '$http_origin' always;
add_header 'Access-Control-Allow-Methods' 'GET, POST, OPTIONS, PUT, DELETE, PATCH' always;
add_header 'Access-Control-Allow-Credentials' 'true' always;
add_header 'Access-Control-Allow-Headers' 'Origin, Content-Type, Accept, Lang, Authorization' always;
add_header Content-Length 0;
add_header Content-Type text/plain;
return 204;
}
add_header 'Access-Control-Allow-Headers' 'Content-Type,Authorization,Lang';
# add_header 'Access-Control-Allow-Headers' '*';
add_header 'Access-Control-Allow-Methods' 'POST,GET,PUT,DELETE,OPTIONS';
add_header 'Access-Control-Allow-Origin' '*';
try_files $uri /index.php$is_args$args;
}
location ~* \.(jpg|jpeg|gif|css|png|js|ico|html|eof|woff|ttf)$ {
add_header 'Access-Control-Allow-Headers' 'Content-Type,Authorization,Lang';
#add_header 'Access-Control-Allow-Headers' '*';
add_header 'Access-Control-Allow-Methods' 'POST,GET,PUT,DELETE,OPTIONS';
add_header 'Access-Control-Allow-Origin' '*';
if (-f $request_filename) {
expires 30d;
access_log off;
}
}
location ~ \.php$ {
add_header 'Access-Control-Allow-Headers' 'Content-Type,Authorization,Lang';
#add_header 'Access-Control-Allow-Headers' '*';
add_header 'Access-Control-Allow-Methods' 'POST,GET,PUT,DELETE,OPTIONS';
add_header 'Access-Control-Allow-Origin' '*';
fastcgi_pass unix:/var/run/php-fpm.sock;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
include fastcgi_params;
}
}
Angular service that calls the backend
import { Injectable } from '#angular/core';
import { HttpClient, HttpErrorResponse, HttpHeaders } from '#angular/common/http';
// import { HttpClientModule } from '#angular/common/http';
// Grab everything with import 'rxjs/Rx';
import { Observable } from 'rxjs/Observable';
import 'rxjs/add/observable/throw';
import { Observer } from 'rxjs/Observer';
import 'rxjs/add/operator/do';
import 'rxjs/add/operator/map';
import 'rxjs/add/operator/catch';
import * as _ from 'lodash';
import { ICountry } from '#app/shared/interfaces';
#Injectable()
export class DataService {
baseUrl = 'http://backend/api'; // it does not work
// baseUrl = 'http://172.18.0.4/api'; // it works perfectly
constructor(private http: HttpClient) { }
// private httpheadersGet = new HttpHeaders().set("Access-Control-Allow-Origin", "http://localhost:4200");
public getCountries(): Observable<ICountry[]> {
return (
this.http
.get<ICountry[]>(this.baseUrl + '/countries'/* , {"headers": this.httpheadersGet} */)
.do(console.log)
.map(data => _.values(data["hydra:member"]))
.catch(this.handleError)
);
}
}
Please be noticed, if I set backend IP address manually from the frontend (as it can be seen in the angular code), the CORS calls are working perfectly. So, have I missing something in the config of the docker-compose.yml file?
PS: Even the network and the container names were specified to avoid an incorrect container name in the angular code.
Nginx Dockerfile for the frontend container
FROM debian:stretch-slim
LABEL maintainer="NGINX Docker Maintainers <docker-maint#nginx.com>"
ENV NGINX_VERSION 1.13.9-1~stretch
ENV NJS_VERSION 1.13.9.0.1.15-1~stretch
RUN set -x \
&& apt-get update \
&& apt-get install --no-install-recommends --no-install-suggests -y gnupg1 apt-transport-https ca-certificates \
&& \
NGINX_GPGKEY=573BFD6B3D8FBC641079A6ABABF5BD827BD9BF62; \
found=''; \
for server in \
ha.pool.sks-keyservers.net \
hkp://keyserver.ubuntu.com:80 \
hkp://p80.pool.sks-keyservers.net:80 \
pgp.mit.edu \
; do \
echo "Fetching GPG key $NGINX_GPGKEY from $server"; \
apt-key adv --keyserver "$server" --keyserver-options timeout=10 --recv-keys "$NGINX_GPGKEY" && found=yes && break; \
done; \
test -z "$found" && echo >&2 "error: failed to fetch GPG key $NGINX_GPGKEY" && exit 1; \
apt-get remove --purge --auto-remove -y gnupg1 && rm -rf /var/lib/apt/lists/* \
&& dpkgArch="$(dpkg --print-architecture)" \
&& nginxPackages=" \
nginx=${NGINX_VERSION} \
nginx-module-xslt=${NGINX_VERSION} \
nginx-module-geoip=${NGINX_VERSION} \
nginx-module-image-filter=${NGINX_VERSION} \
nginx-module-njs=${NJS_VERSION} \
" \
&& case "$dpkgArch" in \
amd64|i386) \
# arches officialy built by upstream
echo "deb https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \
&& apt-get update \
;; \
*) \
# we're on an architecture upstream doesn't officially build for
# let's build binaries from the published source packages
echo "deb-src https://nginx.org/packages/mainline/debian/ stretch nginx" >> /etc/apt/sources.list.d/nginx.list \
\
# new directory for storing sources and .deb files
&& tempDir="$(mktemp -d)" \
&& chmod 777 "$tempDir" \
# (777 to ensure APT's "_apt" user can access it too)
\
# save list of currently-installed packages so build dependencies can be cleanly removed later
&& savedAptMark="$(apt-mark showmanual)" \
\
# build .deb files from upstream's source packages (which are verified by apt-get)
&& apt-get update \
&& apt-get build-dep -y $nginxPackages \
&& ( \
cd "$tempDir" \
&& DEB_BUILD_OPTIONS="nocheck parallel=$(nproc)" \
apt-get source --compile $nginxPackages \
) \
# we don't remove APT lists here because they get re-downloaded and removed later
\
# reset apt-mark's "manual" list so that "purge --auto-remove" will remove all build dependencies
# (which is done after we install the built packages so we don't have to redownload any overlapping dependencies)
&& apt-mark showmanual | xargs apt-mark auto > /dev/null \
&& { [ -z "$savedAptMark" ] || apt-mark manual $savedAptMark; } \
\
# create a temporary local APT repo to install from (so that dependency resolution can be handled by APT, as it should be)
&& ls -lAFh "$tempDir" \
&& ( cd "$tempDir" && dpkg-scanpackages . > Packages ) \
&& grep '^Package: ' "$tempDir/Packages" \
&& echo "deb [ trusted=yes ] file://$tempDir ./" > /etc/apt/sources.list.d/temp.list \
# work around the following APT issue by using "Acquire::GzipIndexes=false" (overriding "/etc/apt/apt.conf.d/docker-gzip-indexes")
# Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
# ...
# E: Failed to fetch store:/var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages Could not open file /var/lib/apt/lists/partial/_tmp_tmp.ODWljpQfkE_._Packages - open (13: Permission denied)
&& apt-get -o Acquire::GzipIndexes=false update \
;; \
esac \
\
&& apt-get install --no-install-recommends --no-install-suggests -y \
$nginxPackages \
gettext-base \
&& apt-get remove --purge --auto-remove -y apt-transport-https ca-certificates && rm -rf /var/lib/apt/lists/* /etc/apt/sources.list.d/nginx.list \
\
# if we have leftovers from building, let's purge them (including extra, unnecessary build deps)
&& if [ -n "$tempDir" ]; then \
apt-get purge -y --auto-remove \
&& rm -rf "$tempDir" /etc/apt/sources.list.d/temp.list; \
fi
# forward request and error logs to docker log collector
RUN ln -sf /dev/stdout /var/log/nginx/access.log \
&& ln -sf /dev/stderr /var/log/nginx/error.log
EXPOSE 80
STOPSIGNAL SIGTERM
CMD ["nginx", "-g", "daemon off;"]
After installing dnsutils
root#123e38093010:/# nslookup backend
Server: 127.0.0.11
Address: 127.0.0.11#53
Non-authoritative answer:
Name: backend
Address: 172.18.0.3