I just tried to host a Wordpress instance using docker on a freshly install Ubuntu machine. My problem is I am not allowed to modify the Wordpress files or create new files - I recieve Permission denied. I am certain that I am missing something - Can somebody explain to me what I am doing wrong?
Here are the commands I've used:
wget -qO- https://get.docker.com/ | sh
sudo usermod -aG docker $(whoami)
*restart*
sudo apt-get -y install python-pip
sudo pip install docker-compose
nano docker-compose.yml (See further down for the content of the file)
docker-compose up
The content of docker-compose.yml
wordpress:
image: wordpress
links:
- wordpress_db:mysql
ports:
- 80:80
volumes:
- ./src:/var/www/html
wordpress_db:
image: mariadb
environment:
MYSQL_ROOT_PASSWORD: ****
ports:
- 3306:3306
phpmyadmin:
image: corbinu/docker-phpmyadmin
links:
- wordpress_db:mysql
ports:
- 8181:80
environment:
MYSQL_USERNAME: root
MYSQL_ROOT_PASSWORD: ****
Here is the contents of ls -la inside the src dir:
total 196
drwxr-xr-x 5 www-data www-data 4096 apr 26 16:24 .
drwxrwxr-x 3 philip philip 4096 apr 26 16:14 ..
-rw-r--r-- 1 www-data www-data 234 apr 26 16:14 .htaccess
-rw-r--r-- 1 www-data www-data 418 sep 25 2013 index.php
-rw-r--r-- 1 www-data www-data 19935 mar 5 21:14 license.txt
-rw-r--r-- 1 www-data www-data 7358 dec 6 19:49 readme.html
-rw-r--r-- 1 www-data www-data 5032 jan 28 04:35 wp-activate.php
drwxr-xr-x 9 www-data www-data 4096 apr 12 20:46 wp-admin
-rw-r--r-- 1 www-data www-data 364 dec 19 12:20 wp-blog-header.php
-rw-r--r-- 1 www-data www-data 1476 jan 30 22:56 wp-comments-post.php
-rw-r--r-- 1 www-data www-data 3233 apr 26 16:24 wp-config.php
-rw-r--r-- 1 www-data www-data 2853 apr 26 16:24 wp-config-sample.php
drwxr-xr-x 4 www-data www-data 4096 apr 26 16:33 wp-content
-rw-r--r-- 1 www-data www-data 3286 maj 24 2015 wp-cron.php
drwxr-xr-x 16 www-data www-data 12288 apr 12 20:46 wp-includes
-rw-r--r-- 1 www-data www-data 2380 okt 25 2013 wp-links-opml.php
-rw-r--r-- 1 www-data www-data 3316 nov 6 00:59 wp-load.php
-rw-r--r-- 1 www-data www-data 33837 mar 6 04:06 wp-login.php
-rw-r--r-- 1 www-data www-data 7887 okt 6 2015 wp-mail.php
-rw-r--r-- 1 www-data www-data 13106 feb 17 23:58 wp-settings.php
-rw-r--r-- 1 www-data www-data 28624 jan 28 04:51 wp-signup.php
-rw-r--r-- 1 www-data www-data 4035 nov 30 2014 wp-trackback.php
-rw-r--r-- 1 www-data www-data 3061 okt 3 2015 xmlrpc.php
Related
was trying to make a quick dbt container:
docker pull xemuliam/dbt
docker run -d --name dbt \
-p 8085:8085 \
-v /home/mypath/app:/usr/app \
xemuliam/dbt:latest
that didn't work, so i tried to inspect and saw the binding was rprivate, so i changed it to:
docker run -d --name dbt \
-p 8085:8085 \
-v /home/mypath/app:/usr/app,rshared:rshared \
xemuliam/dbt:latest
the issue is that /home/mypath/app ends up being empty, and if i go inside the container it has in the working directory of /usr/app:
drwxr-xr-x 15 root root 4096 Apr 29 12:24 .
drwxr-xr-x 1 root root 4096 Jun 21 20:14 ..
-rw-rw-r-- 1 root root 4895 Apr 28 16:54 ARCHITECTURE.md
-rwxrwxr-x 1 root root 16732 Apr 28 16:54 CHANGELOG.md
-rw-rw-r-- 1 root root 18081 Apr 28 16:54 CONTRIBUTING.md
-rw-rw-r-- 1 root root 2239 Apr 28 16:54 Dockerfile.test
-rw-rw-r-- 1 root root 11344 Apr 28 16:54 License.md
-rw-rw-r-- 1 root root 3271 Apr 28 16:54 Makefile
-rw-rw-r-- 1 root root 2365 Apr 28 16:54 README.md
drwxrwxr-x 5 root root 4096 Apr 28 16:54 core
drwxrwxr-x 4 root root 4096 Apr 29 12:23 dbt-core-1.1.0
-rw-rw-r-- 1 root root 205 Apr 28 16:54 dev-requirements.txt
drwxrwxr-x 2 root root 4096 Apr 28 16:54 docker
-rw-rw-r-- 1 root root 777 Apr 28 16:54 docker-compose.yml
drwxrwxr-x 3 root root 4096 Apr 28 16:54 docs
-rw-rw-r-- 1 root root 51 Apr 28 16:54 editable-requirements.txt
drwxrwxr-x 2 root root 4096 Apr 28 16:54 etc
drwxrwxr-x 3 root root 4096 Apr 28 16:54 events
-rw-rw-r-- 1 root root 65 Apr 28 16:54 mypy.ini
drwxrwxr-x 8 root root 4096 Apr 28 16:54 performance
drwxrwxr-x 6 root root 4096 Apr 28 16:54 plugins
-rw-r--r-- 1 root root 95 Apr 29 12:23 plugins.txt
-rw-rw-r-- 1 root root 242 Apr 28 16:54 pytest.ini
-rw-rw-r-- 1 root root 26 Apr 28 16:54 requirements.txt
drwxrwxr-x 2 root root 4096 Apr 28 16:54 scripts
drwxrwxr-x 5 root root 4096 Apr 28 16:54 test
drwxrwxr-x 7 root root 4096 Apr 28 16:54 tests
drwxrwxr-x 10 root root 4096 Apr 28 16:54 third-party-stubs
-rw-rw-r-- 1 root root 798 Apr 28 16:54 tox.ini
drwxr-xr-x 2 root root 4096 Apr 29 12:24 wheels
in my postgres db i am able to do a volume like this and it works:
-v /home/mypath/data:/var/lib/postgresql/data
i would like to access that stuff on the host so i can play around with editing it.
this is probably the worst way to get this done, so i would appreciate a better answer - but my solution:
step 1: pull image
$ podman pull xemuliam/dbt
step 2: create a container through cli instead of dockerfile
$ podman run -d --name db_dbt \
-p 8085:8085 \
-v /home/myusr/dbt_test/_official:/home/dbt_test/_official \
xemuliam/dbt:latest
step 3: copy files from /usr/app to /home/dbt_test/_official
$ cp -R /usr/app/* /home/dbt_test/_official
exit
$ podman stop db_dbt && podman rm db_dbt
step 4: copy files on the host
$ mkdir /home/myusr/dbt_test/app1
$ cp -R /home/myusr/dbt_test/_official/* /home/myusr/dbt_test/app1/
step 5: create a new volume
$ podman run -d --name db_dbt \
-p 8085:8085 \
-v /home/myusr/dbt_test/app1/:/usr/app/ \
xemuliam/dbt:latest
i really dont like this roundabout way, but now i am able to edit from the host and see what the container does.
Containerized a Laravel application using Docker Compose. It simply has 2 services: app (running PHP8.0-FPM) and nginx.
docker-compose.yml:
version: "3"
services:
app:
build:
args:
USER: novruz
context: ./
dockerfile: Dockerfile
image: blogger
container_name: blogger-app
restart: unless-stopped
working_dir: /var/www/
volumes:
- ./:/var/www/
networks:
- laravel
nginx:
image: nginx:alpine
container_name: blogger-nginx
restart: unless-stopped
ports:
- 8000:80
volumes:
- ./:/var/www/
- ./.docker/nginx/:/etc/nginx/conf.d/
networks:
- laravel
networks:
laravel:
driver: bridge
Dockerfile:
FROM php:8.0-fpm
ARG USER
RUN apt-get update && apt-get install -y --no-install-recommends \
curl \
git \
zip \
unzip \
libpng-dev \
libonig-dev \
libxml2-dev \
libzip-dev \
&& apt-get clean \
&& rm -rf /var/lib/apt/lists/*
RUN docker-php-ext-install bcmath
COPY --from=composer:latest /usr/bin/composer /usr/bin/composer
# Create a system user to run Composer and Artisan commands.
RUN useradd -G www-data,root -d /home/$USER $USER
RUN mkdir -p /home/$USER/.composer \
&& chown -R $USER:$USER /home/$USER
WORKDIR /var/www
USER $USER
These configurations build (docker-compose build app) and run (docker-compose up -d) the application successfully.
Problem
But when I run composer install --optimize-autoloader --no-dev in the app service container, it throws an exception:
[RuntimeException]
/var/www/vendor does not exist and could not be created.
This is a permission issue, but how can I give right permissions to the user novruz which was created at build time (and added to the group www-data)?
Debug
Here's the interesting part. Everything works correctly on my local machine (MacBook Air M1 2020) but it does not on Ubuntu 20.04 (Focal Fossa).
ls -l output on my local machine:
-rw-r--r-- 1 www-data www-data 556 Sep 14 13:53 Dockerfile
-rw-r--r-- 1 www-data www-data 17 Sep 9 07:00 README.md
drwxr-xr-x 7 www-data www-data 224 Sep 7 14:33 app
-rwxr-xr-x 1 www-data www-data 1686 Sep 7 14:33 artisan
drwxr-xr-x 4 www-data www-data 128 Sep 7 14:33 bootstrap
-rw-r--r-- 1 www-data www-data 1766 Sep 9 07:37 composer.json
-rw-r--r-- 1 www-data www-data 338242 Sep 9 07:37 composer.lock
drwxr-xr-x 17 www-data www-data 544 Sep 13 07:22 config
drwxr-xr-x 7 www-data www-data 224 Sep 13 06:45 database
-rw-r--r-- 1 www-data www-data 713 Sep 14 14:32 docker-compose.yml
-rw-r--r-- 1 www-data www-data 1319 Sep 9 07:04 phpunit.xml
drwxr-xr-x 7 www-data www-data 224 Sep 7 14:33 public
drwxr-xr-x 4 www-data www-data 128 Sep 9 07:07 resources
drwxr-xr-x 6 www-data www-data 192 Sep 10 05:52 routes
-rw-r--r-- 1 www-data www-data 563 Sep 7 14:33 server.php
drwxr-xr-x 5 www-data www-data 160 Sep 7 14:33 storage
drwxr-xr-x 7 www-data www-data 224 Sep 9 12:02 tests
As you can see, www-data is the owner of /var/www/ directory and the files in it. I can run any command without any problem.
ls -l output on Ubuntu 20.04:
-rw-rw-r-- 1 998 997 599 Sep 14 13:41 Dockerfile
-rw-rw-r-- 1 998 997 17 Sep 14 10:16 README.md
drwxrwxr-x 7 998 997 4096 Sep 14 10:16 app
-rwxrwxr-x 1 998 997 1686 Sep 14 10:16 artisan
drwxrwxr-x 3 998 997 4096 Sep 14 10:16 bootstrap
-rw-rw-r-- 1 998 997 1766 Sep 14 10:16 composer.json
-rw-rw-r-- 1 998 997 338242 Sep 14 10:16 composer.lock
drwxrwxr-x 2 998 997 4096 Sep 14 10:16 config
drwxrwxr-x 5 998 997 4096 Sep 14 10:16 database
-rw-rw-r-- 1 998 997 720 Sep 14 10:16 docker-compose.yml
-rw-rw-r-- 1 998 997 1319 Sep 14 10:16 phpunit.xml
drwxrwxr-x 2 998 997 4096 Sep 14 10:16 public
drwxrwxr-x 4 998 997 4096 Sep 14 10:16 resources
drwxrwxr-x 2 998 997 4096 Sep 14 10:16 routes
-rw-rw-r-- 1 998 997 563 Sep 14 10:16 server.php
drwxrwxr-x 5 998 997 4096 Sep 14 10:16 storage
drwxrwxr-x 5 998 997 4096 Sep 14 10:16 tests
But the user is 998 and the group is 997 on Ubuntu. And I keep getting a runtime exception. Why is this happening?
The problem here is that the UID/GID of the user within the container is not the same as the UID/GID of the user outside the container.
There are three ways you can go about solving this problem:
Don't use bind mounts. (This is when a directory is mounted both on the host and the container.) The problem is that the host and guest disagree about which users correspond to which UID, so if you make them not share files, this issue will go away.
Instead of using a bind mount, you can use COPY within the Dockerfile.
COPY . /var/www
The downside is that it can be useful to edit the container's files while the container is running.
Match UID/GID inside and outside the container. Rather than create the user at build time, override the UID/GID of the FPM process at run time. This can be done in docker compose like this: How to set uid and gid in Docker Compose?
Remap users using user namespaces. I've never tried this approach, so I can't really give you any guidance, but here's the Docker documentation on how to do this: https://docs.docker.com/engine/security/userns-remap/
Also, here's a thread about using user remapping with bind mounts: https://forums.docker.com/t/permission-denied-when-using-userns-remap-and-writing-to-a-directory-mounted-from-the-host/48379/2
php Dockerfile:
FROM php:8-fpm-alpine
WORKDIR /var/www/project
# Install dependencies
RUN apk update && apk add zip git libzip-dev postgresql-client postgresql-dev
## Install extensions
RUN docker-php-ext-install opcache zip pdo_pgsql
RUN apk add --no-cache bash
# Install composer
RUN curl -sS https://getcomposer.org/installer | php -- --install-dir=/usr/local/bin --filename=composer
# Copy existing application directory permissions
COPY --chown=www-data:www-data . /var/www/project
docker-compose.yml:
version: '3'
services:
# NGINX - Service
nginx:
build:
context: .
dockerfile: docker-compose/nginx/Dockerfile
ports:
- "8080:80"
- "8143:443"
links:
- php-fpm
volumes:
- ./:/var/www/project
# PHP-FPM - Service
php-fpm:
build:
context: .
dockerfile: docker-compose/php/Dockerfile
volumes:
- ./:/var/www/project
ls -la project( sudo docker exec -it project_php-fpm_1 bash):
bash-5.1$ ls -la
total 416
drwxrwxr-x 16 1001 1001 4096 Jan 22 08:52 .
drwxr-xr-x 1 root root 4096 Jan 22 09:26 ..
-rw-rw-r-- 1 1001 1001 126 Nov 13 10:44 .editorconfig
-rw-rw-r-- 1 1001 1001 1499 Dec 30 12:04 .env
-rw-rw-r-- 1 1001 1001 1422 Nov 26 11:31 .env.example
drwxrwxr-x 8 1001 1001 4096 Jan 22 08:05 .git
-rw-rw-r-- 1 1001 1001 111 Nov 10 14:57 .gitattributes
-rw-rw-r-- 1 1001 1001 247 Dec 4 20:35 .gitignore
drwxrwxr-x 6 1001 1001 4096 Jan 22 09:26 .idea
-rw-rw-r-- 1 1001 1001 356 Nov 18 07:19 .phpunit.result.cache
-rw-rw-r-- 1 1001 1001 0 Nov 18 08:50 README.md
drwxrwxr-x 12 1001 1001 4096 Jan 6 19:56 app
-rwxr-xr-x 1 1001 1001 1686 Nov 10 14:57 artisan
drwxrwxr-x 3 1001 1001 4096 Nov 10 14:57 bootstrap
-rw-rw-r-- 1 1001 1001 1749 Dec 9 06:39 composer.json
-rw-rw-r-- 1 1001 1001 311695 Jan 11 06:54 composer.lock
drwxrwxr-x 2 1001 1001 4096 Jan 6 19:34 config
drwxrwxr-x 5 1001 1001 4096 Nov 10 14:57 database
drwxrwxr-x 4 1001 1001 4096 Jan 21 12:47 docker-compose
-rw-rw-r-- 1 1001 1001 435 Jan 22 08:52 docker-compose.yml
drwxrwxr-x 5 1001 1001 4096 Jan 11 06:54 frontend
-rw-rw-r-- 1 1001 1001 1202 Nov 10 14:57 phpunit.xml
drwxrwxr-x 5 1001 1001 4096 Jan 21 17:34 public
drwxrwxr-x 4 1001 1001 4096 Nov 23 11:53 resources
drwxrwxr-x 3 1001 1001 4096 Jan 11 06:54 routes
-rw-rw-r-- 1 1001 1001 563 Nov 10 14:57 server.php
drwxrwxrwx 5 1001 xfs 4096 Nov 16 12:00 storage
drwxrwxr-x 4 1001 1001 4096 Nov 17 20:31 tests
drwxrwxr-x 52 1001 1001 4096 Jan 11 06:23 vendor
Error:
The stream or file "/var/www/project/storage/logs/laravel.log" could not be opened in append mode: Failed to open stream: Permission denied
how can this be fixed?
I'm learning docker and here is part of the docker-compose.yml file for a project that I'm learning from:
services:
...
...
redis:
build: ./redis
image: smartjoe:redis
container_name: smartjoe--redis
command: redis-server
ports:
- '9993:6379'
volumes:
- /redis
volumes_from:
- data
data:
build: ./data
image: smartjoe:data
container_name: smartjoe--data
volumes:
- /data
- /var/lib/mysql
- /var/lib/redis/data
command: tail -f /dev/null
...
...
In the line command: redis-server under redis:, I was wondering where the redis-servercame from. After some search I was able to find that it is in a entrypoint.sh file located within the smartjoe--redis container:
/ # ls -la
total 68
drwxr-xr-x 1 root root 4096 Mar 28 21:24 .
drwxr-xr-x 1 root root 4096 Mar 28 21:24 ..
-rwxr-xr-x 1 root root 0 Mar 28 21:24 .dockerenv
drwxr-xr-x 1 root root 4096 Jun 28 2017 bin
drwxr-xr-x 4 redis redis 4096 Aug 2 19:51 data
drwxr-xr-x 5 root root 340 Aug 5 14:54 dev
lrwxrwxrwx 1 root root 34 Jun 28 2017 entrypoint.sh -> usr/local/bin/docker-entrypoint.sh
drwxr-xr-x 1 root root 4096 Mar 28 21:24 etc
drwxr-xr-x 1 root root 4096 Jun 28 2017 home
drwxr-xr-x 1 root root 4096 Jun 28 2017 lib
drwxr-xr-x 5 root root 4096 Jun 25 2017 media
drwxr-xr-x 2 root root 4096 Jun 25 2017 mnt
dr-xr-xr-x 229 root root 0 Aug 5 14:54 proc
drwxr-xr-x 2 root root 4096 Sep 7 2018 redis
drwx------ 1 root root 4096 Aug 5 18:14 root
drwxr-xr-x 2 root root 4096 Jun 25 2017 run
drwxr-xr-x 1 root root 4096 Jun 28 2017 sbin
drwxr-xr-x 2 root root 4096 Jun 25 2017 srv
dr-xr-xr-x 13 root root 0 Aug 1 16:00 sys
drwxrwxrwt 1 root root 4096 Jun 28 2017 tmp
drwxr-xr-x 1 root root 4096 Jun 28 2017 usr
drwxr-xr-x 1 root root 4096 Jun 28 2017 var
And the content of entrypoint.sh looks like:
/ # cat entrypoint.sh
#!/bin/sh
set -e
# first arg is `-f` or `--some-option`
# or first arg is `something.conf`
if [ "${1#-}" != "$1" ] || [ "${1%.conf}" != "$1" ]; then
set -- redis-server "$#"
fi
# allow the container to be started with `--user`
if [ "$1" = 'redis-server' -a "$(id -u)" = '0' ]; then
chown -R redis .
exec su-exec redis "$0" "$#"
fi
exec "$#"
My question is: I don't see entrypoint.sh being referenced anywhere in the docker-compose.yml script, does docker just assume there is a such entrypoint.sh file and search the key word after command: in the file?
btw, the Dockerfile is quite simple:
Bob#MacBook-Pro:~/smartjoe/smartjoe-local/docker/redis$ cat Dockerfile
FROM redis:3.0-alpine
MAINTAINER smartjoe Engineering "engineering#smartjoe.com"
Bob#MacBook-Pro:~/smartjoe/smartjoe-local/docker/redis$
The entrypoint would have been defined in the image, smartjoe:redis. Setting from the Dockerfile are a default that you can override in the docker-compose.yml. You can see the image configuration by inspecting the image, e.g.
docker image inspect smartjoe:redis
In an Ubuntu 14.4 environment, am running Passenger under Apache to serve my Rails app.
After starting apache however:
$ passenger-status
Version : 5.3.3
Date : 2018-08-10 17:08:52 -0400
Instance: DZeozT5t (Apache/2.4.7 (Ubuntu) Phusion_Passenger/5.3.3)
Phusion Passenger is currently not serving any applications.
$ passenger-config list-instances
Name PID Description
--------------------------------------------------------------------------
DZeozT5t 1438 Apache/2.4.7 (Ubuntu) Phusion_Passenger/5.3.3
It seems as if Passenger is installed and happily running, but not detecting my application.
$ cat /etc/apache2/sites-enabled/rails.conf
<VirtualHost *:80>
ServerName url.com
DocumentRoot /opt/members-only/public
PassengerRuby /usr/local/bin/ruby
<Directory "/opt/members-only/public">
Allow from all
Options FollowSymLinks
Options -MultiViews
Require all granted
</Directory>
</VirtualHost>
My apache user is www-data
/opt/members-only is a soft link to the deployment directory ( a standard rails app)
$ ls -lash /opt/members-only/
total 104K
4.0K drwxrwxr-x 16 www-data www-data 4.0K Aug 10 17:06 .
4.0K drwxr-xr-x 10 platform platform 4.0K Aug 10 16:34 ..
4.0K drwxrwxr-x 11 www-data www-data 4.0K Jul 30 22:22 app
4.0K drwxrwxr-x 2 www-data www-data 4.0K Jul 30 22:22 bin
4.0K drwxrwxr-x 2 www-data www-data 4.0K Jul 30 23:13 .bundle
4.0K drwx------ 5 www-data www-data 4.0K Aug 10 16:10 config
4.0K -rw-rw-r-- 1 www-data www-data 130 Jul 30 22:22 config.ru
4.0K drwx------ 4 www-data www-data 4.0K Jul 30 22:22 db
4.0K drwxrwxr-x 3 www-data www-data 4.0K Jul 30 22:22 doc
4.0K -rw-rw-r-- 1 www-data www-data 2.3K Aug 10 15:45 Gemfile
8.0K -rw-rw-r-- 1 www-data www-data 6.3K Aug 10 15:45 Gemfile.lock
4.0K drwxrwxr-x 4 www-data www-data 4.0K Jul 30 22:22 lib
4.0K drwxrwxr-x 2 www-data www-data 4.0K Aug 10 16:12 log
4.0K drwxr-xr-x 2 www-data www-data 4.0K Aug 10 16:33 node_modules
4.0K -rw-rw-r-- 1 www-data www-data 70 Jul 30 22:22 package.json
4.0K drwxrwxr-x 4 www-data www-data 4.0K Aug 10 16:13 public
4.0K -rw-rw-r-- 1 www-data www-data 227 Jul 30 22:22 Rakefile
4.0K -rw-rw-r-- 1 www-data www-data 374 Jul 30 22:22 README.md
4.0K drwxrwxr-x 3 www-data www-data 4.0K Jul 30 23:13 vendor
4.0K -rw-r--r-- 1 www-data www-data 86 Aug 10 16:33 yarn.lock
There are no passenger related errors in /var/log/apache2/error.log
How can I get passenger to detect my application?
I had exactly the same problem. When going through this step by step deployment:
https://www.digitalocean.com/community/tutorials/how-to-deploy-a-rails-app-with-passenger-and-apache-on-ubuntu-14-04
I realized that I had not disabled the default site or enabled mine:
sudo a2dissite 000-default
sudo a2ensite testapp
sudo service apache2 restart