0
votes

Have been trying to setup my own LEMP stack locally , nginx and php both seem to be working well alone, however on trying to integrate php in nginx is failing...!!! getting error

403 Forbidden

nginx error logs:

2018/07/22 12:06:48 [error] 9#9: *1 directory index of "/usr/share/nginx/html/" is forbidden, client: 172.19.0.4, server: localhost, request: "GET / HTTP/1.1", host: "laradock.localhost:8000"

172.19.0.4 - - [22/Jul/2018:12:06:48 +0000] "GET / HTTP/1.1" 403 571 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/67.0.3396.99 Safari/537.36" "172.19.0.1"

Been using below docker image versions:

PHP_TAG=7.1-fpm-alpine
NGINX_TAG=alpine

my docker-compose.yml file

version: "2"

services:

  php:
    image: php:$PHP_TAG
    # restart: always
    container_name: "${PROJECT_NAME}_php"
    environment:
      PHP_SENDMAIL_PATH: /usr/sbin/sendmail -t -i -S mailhog:1025
      DB_HOST: $DB_HOST
      DB_USER: $DB_USER
      DB_PASSWORD: $DB_PASSWORD
      DB_NAME: $DB_NAME
      DB_DRIVER: $DB_DRIVER
    volumes:
      - /var/www/ro_www/src/sample_site/:/usr/share/nginx/html

  nginx:
    image: nginx:$NGINX_TAG
    container_name: "${PROJECT_NAME}_nginx"
    depends_on:
      - php
      # - mysqld
    environment:
      NGINX_STATIC_CONTENT_OPEN_FILE_CACHE: "off"
      NGINX_ERROR_LOG_LEVEL: debug
      NGINX_BACKEND_HOST: php
      NGINX_SERVER_ROOT: /var/www/html/
#      NGINX_DRUPAL_FILE_PROXY_URL: http://example.com
    volumes:
      - /var/www/ro_www/src/sample_site/:/usr/share/nginx/html
      - ./config/site.conf:/etc/nginx/conf.d/site.conf:ro
      # - ./etc/ssl:/etc/ssl
    # ports:
      # - "8000:80"
    #   - "3000:443"
    labels:
      - 'traefik.backend=nginx'
      - 'traefik.port=80'
      - 'traefik.frontend.rule=Host:${PROJECT_BASE_URL}'

  mailhog:
    image: mailhog/mailhog
    container_name: "${PROJECT_NAME}_mailhog"
    labels:
      - 'traefik.backend=mailhog'
      - 'traefik.port=8025'
      - 'traefik.frontend.rule=Host:mailhog.${PROJECT_BASE_URL}'

  adminer:
    container_name: "${PROJECT_NAME}_adminer"
    image: wodby/adminer:$ADMINER_TAG
    environment:
      ADMINER_SALT: adminer-salt
    volumes:
      - /var/www/ro_www/src/sample_site/adminer/:/usr/share/nginx/html
    labels:
      - 'traefik.backend=adminer'
      - 'traefik.port=9000'
      - 'traefik.frontend.rule=Host:adminer.${PROJECT_BASE_URL}'

  portainer:
    image: portainer/portainer
    container_name: "${PROJECT_NAME}_portainer"
    command: --no-auth -H unix:///var/run/docker.sock
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock
    labels:
      - 'traefik.backend=portainer'
      - 'traefik.port=9000'
      - 'traefik.frontend.rule=Host:portainer.${PROJECT_BASE_URL}'

  traefik:
    image: traefik
    container_name: "${PROJECT_NAME}_traefik"
    command: -c /dev/null --web --docker --logLevel=INFO
    ports:
      - '8000:80'
      - '8080:8080' # Dashboard
    volumes:
      - /var/run/docker.sock:/var/run/docker.sock

The nginx site.conf file is as follows:

    server {
    listen       80;
    server_name  nginx;

    #charset koi8-r;
    #access_log  /var/log/nginx/host.access.log  main;

    location / {
        root   /usr/share/nginx/html;
        index  index.html index.htm index.php;
    }

    #error_page  404              /404.html;

    # redirect server error pages to the static page /50x.html
    #
#    error_page   500 502 503 504  /50x.html;
#    location = /50x.html {
#        root   /usr/share/nginx/html;
#    }

    # proxy the PHP scripts to Apache listening on 127.0.0.1:80
    #
    #location ~ \.php$ {
    #    proxy_pass   http://127.0.0.1;
    #}

    # pass the PHP scripts to FastCGI server listening on 127.0.0.1:9000
    #
    location ~ \.php$ {
        #root           html;
        #fastcgi_pass   php:9000;
         fastcgi_pass unix:/var/run/php-fpm.sock;
        fastcgi_index  index.php;
        #fastcgi_param  SCRIPT_FILENAME  /scripts$fastcgi_script_name;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        include        fastcgi_params;
    }

    # deny access to .htaccess files, if Apache's document root
    # concurs with nginx's one
    #
    location ~ /\.ht {
        deny  all;
    }
}

Thanks in advance for your help !!! ;)

1

1 Answers

0
votes

Since I did not get much feedback, after much trial and error, I got my solution!! So am posting this, in case somebody may have similar issue.

It seems the issue here was the nginx site.conf file.

server {
    listen      80;
    listen [::]:80;

    index index.php index.html;
    server_name laradock.localhost;
    error_log  /var/log/nginx/error.log;
    access_log /var/log/nginx/access.log;
    root /usr/share/nginx/html;


    location / {
        autoindex on; #to list file in the directory if the index file is missing
    }

    #### this was where i was facing the issue, the php block
    location ~ \.php$ {
        try_files $uri =404;
        fastcgi_split_path_info ^(.+\.php)(/.+)$;
        fastcgi_pass php:9000;
        fastcgi_index index.php;
        include fastcgi_params;
        fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param PATH_INFO $fastcgi_path_info;
    }
}

Another this to note is that nginx can have multiple .conf config files, and it dosent support .htaccess file like apache (the htaccess logic needs to be re-written to a .conf file in the nginx conf.d directory here)

The complete code for my solution can be found at this git repository