skip to Main Content

I am programming a web server using xampp and when uploading it to production where I use docker I have found this problem:

2021/04/28 08:58:19 [crit] 15#15: *4 open() "/var/lib/nginx/tmp/client_body/0000000001" failed (13: Permission denied), client: XXX, server: , request: "POST /admin/data/test.php HTTP/1.1", host: "XXX", referrer: "https://XXX/admin/data/othercsv.php"

I entered docker using "sh" and changed the permissions with chmod -R 755 /var/lib/nginx and it worked perfectly. later I have seen that with chgrp -R nginx /var/lib/nginx it also worked.

So I have gone to my docker-compose.yaml and added thecommand: bash -c "chgrp -R nginx /var/lib/nginx"; getting a 502 error all over the web, I have tried with everything that crossed my mind and google too, even entrypoint: [ "sh", "-c", "sleep 10 && chgrp -R nginx /var/lib/nginx"] and command: [sh, -c, "chmod -R 755 /var/lib/nginx";]. Also loading external files with the commands and trying to execute them externally. But I have not been lucky.

Code in docker-compose:

  nginx_web:
    image: tobi312/php:8.0-fpm-nginx-alpine
    hostname: XXX
    restart: always
    expose:
      - "80"
    volumes:
      - /var/www/html/XXX:/var/www/html:rw
    environment:
      - VIRTUAL_HOST=XXX
      - LETSENCRYPT_HOST=XXX
      - LETSENCRYPT_EMAIL=XXX
      - ENABLE_NGINX_REMOTEIP=1
    networks:
      - frontend
      - backend
    depends_on:
       - mongodb
       - nginx-proxy

(I am using docker proxy)
Any help is appreciated!

2

Answers


  1. Chosen as BEST ANSWER

    The solution came from the creator of the docker image. His solution was chown -R www-data:www-data /var/lib/nginx/*. Directly in docker.

    Thank you all!

    I will continue looking for ways to include commands on docker-compose

    Link to Issue


  2. The docker image you are using supports additional entrypoint scripts, as show here the entrypoint.sh for the image, executes all the scripts under /entrypoint.d. So you can make use of it.

    Create a chmod-www-dir.sh and make it executable in your machine chmod u+x chmod-www-dir.sh and mount it into the /entrypoint.d.

    The script will look something like this

    #!/usr/bin/bash
    chgrp -R nginx /var/lib/nginx
    

    And the compose-file

    nginx_web:
        image: tobi312/php:8.0-fpm-nginx-alpine
        hostname: XXX
        restart: always
        expose:
          - "80"
        volumes:
          - /var/www/html/XXX:/var/www/html:rw
          - ./chmod-www-dir.sh:/entrypoint.d
        environment:
          - VIRTUAL_HOST=XXX
          - LETSENCRYPT_HOST=XXX
          - LETSENCRYPT_EMAIL=XXX
          - ENABLE_NGINX_REMOTEIP=1
        networks:
          - frontend
          - backend
        depends_on:
           - mongodb
           - nginx-proxy
    

    when you container will start it will execute the chmod-www-dir.sh as part of the entrypoint.sh script. and will change the file permissions for the files in already mounted volume

    Login or Signup to reply.
Please signup or login to give your own answer.
Back To Top
Search