Error etc nginx conf d default conf differs from the packaged version

I am experiencing the same problem in a service run as docker swarm (docker stack deploy)
the error was «No route to host», after surfing and searching I found that nginx service was ready before the companion service (php fpm), I just stopped the container and the swarm controller restart a new one, this fixed the problem.
I have no idea on how to solve this (there is a solution in docker.com site, actually), but I think it is not correct this upfront resolution of ip address in a docker environment.

I mean, why nginx resolve address name once at start and not ask for resolver every time? If I had removed the service then deployed it again that would have not worked, because the nginx resolved with the old service address that changes everytime a service is restarted.

maybe https://medium.com/driven-by-code/dynamic-dns-resolution-in-nginx-22133c22e3ab would work?
I paste it here:

location / {
    resolver 10.0.0.2;
set $elb_dns internal-balancer-loader-2000–1525531520.us-west-2.elb.amazonaws.com;
proxy_pass $elb_dns;
}

(my case is fastcgi_pass), the author say «Nginx evaluates the value of the variable per-request, instead of just once at startup.», and it is workaround way

I’m trying to set up a web server with multiple containers — but starting with a simple setup for my reverse proxy.

My docker-compose.yml looks as follows:

version: '3'

services:
    reverse-proxy:
        container_name: reverse-proxy
        hostname: reverse-proxy
        image: nginx:latest
        ports:
        - 80:80
        volumes:
        - ./nginx-config/conf.d:/etc/nginx/conf.d
        - ./html:/usr/share/nginx/html
        environment:
            - NGINX_PORT=80
            - ENV=development

Having nginx-config folder structure like:

nginx-config
|- templates
  |-default.conf.template
  |- sites-available
    |- mysite.conf.template

And default.conf.template that looks like:

server {
    listen       ${NGINX_PORT} default_server;
    listen  [::]:${NGINX_PORT} default_server;
    
    server_name  _;
    root   /usr/share/nginx/html;

    charset UTF-8;

    error_page 404 /notfound.html;
    location = /notfound.html {
        allow   all;
    }
    location / {
        return 404;
    }

    access_log off;
    log_not_found off;
    error_log  /var/log/nginx/error.log error;
}

However, whenever I run docker-compose --context myremote up it doesn´t work, throwing the following output:

reverse-proxy    | /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
reverse-proxy    | /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
reverse-proxy    | /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
reverse-proxy    | 10-listen-on-ipv6-by-default.sh: Getting the checksum of /etc/nginx/conf.d/default.conf
reverse-proxy    | 10-listen-on-ipv6-by-default.sh: /etc/nginx/conf.d/default.conf differs from the packaged version, exiting
reverse-proxy    | /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
reverse-proxy    | /docker-entrypoint.sh: Configuration complete; ready for start up

It all generates the right output under nginx-config/conf.d/default.conf at least on my local machine.

Is there any way I can take advantage of custom config and templates using docker-compose without running into such an issue?

Добрый день.
Возникла проблема на рабочем сервере.
Создал образ docker на локальном, выгрузил на сервер.
Естественно сайт не запустился.
В логах docker на сервере ошибка

docker logs cont-nginx_1
/docker-entrypoint.sh: Configuration complete; ready for start up
2020/12/28 13:38:57 [emerg] 1#1: open() «/etc/nginx/fastcgi-params» failed (2: No such file or directory) in /etc/nginx/conf.d/default.conf:26
nginx: [emerg] open() «/etc/nginx/fastcgi-params» failed (2: No such file or directory) in /etc/nginx/conf.d/default.conf:26

Если посмотреть логи docker на локальном, то никакой ошибки нет и всё работает.

docker logs cont-nginx_1
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf differs from the packaged version
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Configuration complete; ready for start up

Образ собирался из

nginx:1.19-alpine

Конфигурация nginx

server{
    listen 80;
    server_name _;
    index index.php index.html;
    root /app/public;
    charset utf-8;

    add_header X-Frame-Options "SAMEORIGIN";

    location ~* .(?:ico|gif|jpe?g|png|woff2?|eot|otf|ttf|svg|js|css)$ {
        access_log off;
        expires max;
        add_header Pragma public;
        add_header Cache-Control "public";
        try_files $uri /index.php?$args;
    }

    location / {
       try_files $uri /index.php?$args;
    }

    location ~ .php$ {
       fastcgi_split_path_info ^(.+.php)(/.+)$;
       fastcgi_pass pohoron-php-fpm:9000;
       fastcgi_index index.php;
       include fastcgi-params;
       fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
       fastcgi_param PATH_INFO $fastcgi_path_info;
    }
}

Куда пропал fastcgi-params? Как исправить ситуацию?

UPD

docker build --pull --file=site/docker/production/nginx.docker --tag ${REGISTRY_ADDRESS}:nginx-${IMAGE_TAG} site

docker push ${REGISTRY_ADDRESS}:nginx-${IMAGE_TAG}

scp -o StrictHostKeyChecking=no ${PORDUCTION_PORT} docker-compose-production.yml ${PRODUCTION_HOST}:docker-compose.yml
ssh -o StrictHostKeyChecking=no ${PRODUCTION_HOST} -p ${PRODUCTION_PORT} 'docker-compose pull'
ssh -o StrictHostKeyChecking=no ${PRODUCTION_HOST} -p ${PRODUCTION_PORT} 'docker-compose up --build -d'

docker-compose-production.yml

version: '3'
services:
  site-nginx:
    image: ${REGISTRY_ADDRESS}:nginx-${IMAGE_TAG}
    restart: always
    depends_on:
      - site-php-fpm
    ports:
    - "80:80"
  site-php-fpm:
    image: ${REGISTRY_ADDRESS}:php-fpm-${IMAGE_TAG}
    restart: always
    environment:
      DATABASE_URL: pgsql://app:${DB_PASSWORD}@site-postgres:5432/app
      OAUTH_FACEBOOK_SERCRET: ${OAUTH_FACEBOOK_SECRET}
      REDIS_URL: tcp://site-redis:6379?password=${REDIS_PASSWORD}
      MAILER_URL: null://localhost
    depends_on:
      - site-postgres
      - site-redis

  site-redis:
    image: ${REGISTRY_ADDRESS}:redis-${IMAGE_TAG}
    restart: always
    volumes:
    - site-redis:/data
    command: redis-server --requirepass ${REDIS_PASSWORD}

volumes:
  site-postgres:
  site-redis:

nginx-docker

FROM nginx:1.19-alpine
COPY ./docker/production/nginx/conf.d /etc/nginx/conf.d
WORKDIR /app
COPY ./public ./public
COPY --from=node-builder /app/public/build ./public/build

0

2

sudo docker run -d --name php_container php:fpm

from nginx
COPY default.host /etc/nginx/conf.d/default.conf

server {
    listen 80 default;

    root /var/www/html;
    index index.php;

    location / {
        try_files $uri/ /index.php?$args;
    }

    location ~ .php$ {
        fastcgi_pass php:9000;
        fastcgi_index index.php;
        fastcgi_param  SCRIPT_FILENAME $document_root$fastcgi_script_name;
        fastcgi_param  SCRIPT_NAME $fastcgi_script_name;
        fastcgi_buffers 16 16k;
        fastcgi_buffer_size 32k;
        include fastcgi_params;
    }
}

sudo docker build -t nginx_image .

sudo docker run -p 80:80 --link php_container:php -v /home/yr/index.php:/var/www/html/index.php nginx_image

/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf differs from the packaged version
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Launching /docker-entrypoint.d/30-tune-worker-processes.sh
/docker-entrypoint.sh: Configuration complete; ready for start up
2021/06/06 10:47:55 [notice] 1#1: using the "epoll" event method
2021/06/06 10:47:55 [notice] 1#1: nginx/1.21.0
2021/06/06 10:47:55 [notice] 1#1: built by gcc 8.3.0 (Debian 8.3.0-6) 
2021/06/06 10:47:55 [notice] 1#1: OS: Linux 5.12.8-300.fc34.x86_64
2021/06/06 10:47:55 [notice] 1#1: getrlimit(RLIMIT_NOFILE): 1048576:1048576
2021/06/06 10:47:55 [notice] 1#1: start worker processes
2021/06/06 10:47:55 [notice] 1#1: start worker process 30
2021/06/06 10:47:55 [notice] 1#1: start worker process 31
2021/06/06 10:47:55 [notice] 1#1: start worker process 32
2021/06/06 10:47:55 [notice] 1#1: start worker process 33
2021/06/06 10:48:14 [error] 31#31: *1 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 172.17.0.1, server: , request: "GET / HTTP/1.1", upstream: "fastcgi://172.17.0.2:9000", host: "0.0.0.0"
172.17.0.1 - - [06/Jun/2021:10:48:14 +0000] "GET / HTTP/1.1" 404 27 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36" "-"

How to Install Nginx and Let’s Encrypt with Docker – Ubuntu 20.04. In this guide you are going to learn how to install and configure Nginx with Let’s Encrypt SSL using Docker and Docker Compose on Ubuntu 20.04.

In this tutorial we will use latest Nginx image and latest Certbot image and setup validation and finally configure SSL with a basic HTML site served using Nginx.

This installation and setup is tested on Google Cloud Compute Engine running Ubuntu 20.04 with Docker and Docker Compose. So this setup will work on other cloud service providers like AWS or Digital Ocean or Azure or any VPS or Dedicated servers.

Prerequisites

• Running Compute Engine, see the Setting up Compute Engine Instance.
• Follow this guide to Install Docker on Ubuntu 20.04.
• For managing containers install Docker Compose on your server.
• Configure DNS to point the domain to the server to install SSL.

Once you have all the prerequisites done you can proceed to make the setup and install SSL.

Create Docker Compose YML file

Now SSH inside your server or Virtual machine and create a directory to hold all the configurations by running the following command.

sudo mkdir ~/nginx-ssl

Move inside the directory and create a docker-compose.yml file that holds our configuration.

cd ~/nginx-ssl

sudo nano ~/nginx-ssl/docker-compose.yml

Paste the following configurations inside the file.

version: "3.8"
services:
    web: 
        image: nginx:latest
        restart: always
        volumes:
            - ./public:/var/www/html
            - ./conf.d:/etc/nginx/conf.d
            - ./certbot/conf:/etc/nginx/ssl
            - ./certbot/data:/var/www/certbot
        ports:
            - 80:80
            - 443:443

    certbot:
        image: certbot/certbot:latest
        command: certonly --webroot --webroot-path=/var/www/certbot --email [email protected] --agree-tos --no-eff-email -d domain.com -d www.domain.com
        volumes:
            - ./certbot/conf:/etc/letsencrypt
            - ./certbot/logs:/var/log/letsencrypt
            - ./certbot/data:/var/www/certbot

Hit CTRL-X followed by Y and ENTER to save and exit the file.

Here are the configuration details.

• version: Compose file version which is compatible with the Docker Engine. You can check compatibility here.
• image: We use latest Nginx and Certbot images available in Docker hub.
• volumes:
  • public: we have configured this directory to be synced with the directory we wish to use as the web root inside the container.
  • conf.d: here we will place the Nginx configuration file to be synced with the default Nginx conf.d folder inside the container.
  • certbot/conf: this is where we will receive the SSL certificate and this will be synced with the folder we wish to inside the container.
  • ports: configure the container to listen upon the listed ports.
  • command: the command used to receive the SSL certificate.

Now you have your docker-compose.yml in place.

Configure Nginx

Now we need to configure Nginx for validation to obtain the Let’s Encrypt SSL certificate.

We will create a directory as mentioned in the docker-compose file as conf.d.

sudo mkdir ~/nginx-ssl/conf.d

Create a configuration file with the .conf extension.

sudo nano ~/nginx-ssl/conf.d/default.conf

Paste the following configuration inside the file.

 server {
     listen [::]:80;
     listen 80;

     server_name domain.com www.domain.com;

     location ~ /.well-known/acme-challenge {
         allow all; 
         root /var/www/certbot;
     }
} 

Hit CTRL-X followed by Y and ENTER to save and exit the file.

Now you have the Nginx configuration which gets synced to the /etc/nginx/conf.d folder which automatically gets loaded by Nginx.

Start Containers

Now it’s time to start the containers using the following command to receive the SSL certificates.

You need to pass the -d flag which starts the container in background and leaves them running.

docker-compose up -d

You will see an output similar to the one below.

Output
Creating network "nginx-ssl_default" with the default driver
Pulling web (nginx:latest)…
latest: Pulling from library/nginx
8559a31e96f4: Pull complete
8d69e59170f7: Pull complete
3f9f1ec1d262: Pull complete
d1f5ff4f210d: Pull complete
1e22bfa8652e: Pull complete
Digest: sha256:21f32f6c08406306d822a0e6e8b7dc81f53f336570e852e25fbe1e3e3d0d0133
Status: Downloaded newer image for nginx:latest
Pulling certbot (certbot/certbot:latest)…
latest: Pulling from certbot/certbot
cbdbe7a5bc2a: Pull complete
26ebcd19a4e3: Pull complete
a29d43ca1bb4: Pull complete
979dbbcf63e0: Pull complete
30beed04940c: Pull complete
48a1f8a4d505: Pull complete
4416e9b4bbe0: Pull complete
8173b4be7870: Pull complete
21c8dd124dab: Pull complete
c19b04e11dc7: Pull complete
1b560611cec1: Pull complete
Digest: sha256:568b8ebd95641a365a433da4437460e69fb279f6c9a159321988d413c6cde0ba
Status: Downloaded newer image for certbot/certbot:latest
Creating nginx-ssl_certbot_1 … done
Creating nginx-ssl_web_1     … done

This output indicates Nginx and Certbot images are pulled from Docker hub and the containers are created successfully.

To view the containers you can execute the following command.

docker-compose ps

Output
       Name                      Command               State                     Ports
nginx-ssl_certbot_1   certbot certonly --webroot …   Exit 0                                           
nginx-ssl_web_1       /docker-entrypoint.sh ngin …   Up       0.0.0.0:443->443/tcp, 0.0.0.0:80->80/tcp

The state Exit 0 indicates the setup is completed without any error.

Now when you check your work directory, there will be a new directory created as certbot inside which you will have the SSL certificate synced.

ls ~/nginx-ssl/certbot/conf/live/domain.com

Configure SSL with Nginx

As you have received the Let’s Encrypt SSL certificate you can configure HTTPS and setup redirection to HTTPS.

Edit the default.conf and make the following changes.

Your file should like the one below at the final stage.

server {
    listen [::]:80;
    listen 80;

    server_name domain.com www.domain.com;

    location ~ /.well-known/acme-challenge {
        allow all; 
        root /var/www/certbot;
    }

    # redirect http to https www
    return 301 https://www.domain.com$request_uri;
}

server {
    listen [::]:443 ssl http2;
    listen 443 ssl http2;

    server_name domain.com;

    # SSL code
    ssl_certificate /etc/nginx/ssl/live/domain.com/fullchain.pem;
    ssl_certificate_key /etc/nginx/ssl/live/domain.com/privkey.pem;

    root /var/www/html;

    location / {
        index index.html;
    }

    return 301 https://www.domain.com$request_uri;
}

server {
    listen [::]:443 ssl http2;
    listen 443 ssl http2;

    server_name www.domain.com;

    # SSL code
    ssl_certificate /etc/nginx/ssl/live/domain.com/fullchain.pem;
    ssl_certificate_key /etc/nginx/ssl/live/domain.com/privkey.pem;

    root /var/www/html/domain-name/public;

    location / {
        index index.html;
    }
} 

Hit CTRL-X followed by Y and ENTER to save and exit the file.

Create index.html file

Now you can create the index.html file inside the public directory which then syncs to the directory configured.

Create the public directory.

sudo mkdir ~/nginx-ssl/public

sudo nano ~/nginx-ssl/public/index.html

<html>
    <body>
        <h1>Docker setup with Nginx and Let's Encrypt SSL.</h1>
    </body>
</html

Hit CTRL-X followed by Y and ENTER to save and exit the file.

Restart the containers

Now you can restart the containers to load the new configurations.

docker-compose restart

Once the containers are restarted you can check your domain name. You will get a redirection to HTTPS and your SSL.

Get your Professional Google Cloud Architect certificate with this easy to learn course now.

Conclusion

Now you have learned how to install and configure Nginx and Let’s Encrypt with Docker on Ubuntu 20.04.

Thanks for your time. If you face any problem or any feedback, please leave a comment below.

Nginx и php-fpm не получается связать в docker

В целях изучения Docker взялся за связку php и nginx. Связать их вместе не получилось.

Моя последовательность действий:

Запускаю контейнер с php первым (т.к nginx его потом использует):

Создаю Dockerfile для nginx:

Собираю образ с Nginx:

Перехожу на 0.0.0.0:80 и браузер выводит File not found. В логах контейнера nginx:

В команде запуска контейнера с php надо указать открытый порт.

Уже пробовал

Вообще nginx видит контейнер php без проброса порта php наружу.

Все перезапустил. Результат тот же. Может я накосячил default.host?

Что говорит curl на 9000 порт php контейнера из контейнера Nginx’а ?

А curl что пишет?)

curl: (56) Recv failure: Connection reset by peer

А у тебя точно, твой порт контейнера проброшен во внешний мир и слушает твой 172.17.0.2 , а не 127.0.0.1 ?

172.17.0.0/16, по-моему, внутреняя дефолтная сеть докера

Похоже, что в принципе порт пыхи видно. Но почему-то nginx до контейнера достучаться не может.
попробуй:

1. в браузере не 0.0.0.0, а localhost (порт 80 можно не писать, браузер его автоматом добавляет)
2. на всякий случай добавь сеть при запуске контейнеров: https://docs.docker.com/network/bridge/
3. в конфиг default.conf после listen 80 добавь: server_name localhost;
4. тут так: sudo docker run -d –name php_container php
5. тома проще папками подключать, чем файлами: -v /home/yr:/var/www/html

А вообще лучше docker-compose попробуй, то же самое, только не возиться в консоли, а в файле всё это пишешь и роняешь-поднимаешь пока не поймешь суть

Источник

10-listen-on-ipv6-by-default.sh: error: /etc/nginx/conf.d/default.conf is not a file or does not exist #461

Comments

davStar commented Oct 17, 2020 •

Hello dear team,

I ve updated my container and I stuck.
However my conf files are well mounted but it asks a default.conf files that it never ask before.

Configuration:

NGINX alpine official image
HOST : UBUNTU 20.0.4
Docker version 19.03.8, build afacb8b7f0

Issue Description:
I encounter an issue at the start of the container:

When I rename beta-rp.conf by default.conf I encounter the following message:

==> error: /etc/nginx/conf.d/default.conf differs from the packages version

Configuration:

Here is my conf file named beta-rp.conf:

«^(docker/1.(3|4|5(?!.[0-9]-dev))|Go ).*$» ) < return 404; >proxy_pass http://account_manager_service/api/v0.1/account_manager/authentification/; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_read_timeout 900; > location /api/v0.1/account_manager/register/ < # Do not allow connections from docker 1.5 and earlier # docker pre-1.6.0 did not properly set the user agent on ping, catch «Go *» user agen>if ($http_user_agent

«^(docker/1.(3|4|5(?!.[0-9]-dev))|Go ).*$» ) < return 404; >proxy_pass http://account_manager_service/api/v0.1/account_manager/register/; proxy_set_header Host $http_host; proxy_set_header X-Real-IP $remote_addr; proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for; proxy_set_header X-Forwarded-Proto $scheme; proxy_read_timeout 900; > > «>

I use Ansible playbook and docker_container module where I mount my conf file:

My path /opt/devops/nginx/ contains conf.d and ssl folders where I can see my conf files.

When I user docker exec -it nginx bash, I can see my beta-rp.conf files and my ssl files in the respectives folders.

Please need your support.

The text was updated successfully, but these errors were encountered:

Источник

Как исправить ошибку nginx на сервере?

Добрый день.
Возникла проблема на рабочем сервере.
Создал образ docker на локальном, выгрузил на сервер.
Естественно сайт не запустился.
В логах docker на сервере ошибка

docker logs cont-nginx_1
/docker-entrypoint.sh: Configuration complete; ready for start up
2020/12/28 13:38:57 [emerg] 1#1: open() «/etc/nginx/fastcgi-params» failed (2: No such file or directory) in /etc/nginx/conf.d/default.conf:26
nginx: [emerg] open() «/etc/nginx/fastcgi-params» failed (2: No such file or directory) in /etc/nginx/conf.d/default.conf:26

Если посмотреть логи docker на локальном, то никакой ошибки нет и всё работает.

docker logs cont-nginx_1
/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
10-listen-on-ipv6-by-default.sh: info: Getting the checksum of /etc/nginx/conf.d/default.conf
10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf differs from the packaged version
/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
/docker-entrypoint.sh: Configuration complete; ready for start up

Образ собирался из

Куда пропал fastcgi-params? Как исправить ситуацию?

Источник

/etc/nginx/conf.d/default.conf differs from the packaged version, exiting #419

Comments

matuszewskijan commented Jun 3, 2020 •

Hello, I am trying to setup Rails application with ngnix, but no matter what I do I am always getting this error: nginx_1 | 10-listen-on-ipv6-by-default.sh: /etc/nginx/conf.d/default.conf differs from the packaged version, exiting when using: sudo docker-compose -f docker-compose.prod.yml up command any similar.

Anyone is having any idea why it happen? I’ve tried everything what comes to my mind to fix it. I wonder how the Conffiles are generated as it seems to be the source of the issue: https://github.com/nginxinc/docker-nginx/blob/master/mainline/alpine/10-listen-on-ipv6-by-default.sh

The text was updated successfully, but these errors were encountered:

thresheek commented Jun 3, 2020

That means the 10-listen-on-ipv6-by-default.sh exits, not the container itself. I guess I should update the wording to avoid confusion.

willzhang commented Jul 29, 2020

That means the 10-listen-on-ipv6-by-default.sh exits, not the container itself. I guess I should update the wording to avoid confusion.

i don’t like the error

thresheek commented Jul 29, 2020

That’s normal when you have default.conf differing from what we package. We delibarately would not change it to enable ipv6. (in your case, its already enabled). You can suppress error messages with NGINX_ENTRYPOINT_QUIET_LOGS variable in your docker container environment configuration.

mahrton commented Jul 31, 2020

@thresheek sorry just an opinion, because I do not know if you have a policy governing these things, but then it is not really an error. it is just an «info». I also ran into this and when I saw the word «error» I automatically thought I have made a mistake in the configuration.

shijiezhou03 commented Aug 21, 2020

I dont like when it say the error on this case.

davStar commented Oct 18, 2020

I ve raised an issue related to this issue here. I m lost. connection between the host and my backend working like a charmed.

My conf file was working before I ve redeployed my Nginx container.
The conf file is well pointed (checked via docker exec)

When I change the name from default.conf to xxx.conf (before named xxx.conf , and suddenly error as no default.conf was located. )

The message is the following:

However the service seems not running and not lin with my backend anymore.

Needs your support please!

panique commented Oct 18, 2020

I found the error in my case ! My non working nginx config had this line:

and the problem was that php seems to a hostname here, but nginx box couldnt find another docker box reachable with the name php .

But this works: Rename the PHP docker box to something different like

and change the nginx config accordingly

danielecr commented Oct 22, 2020

I am experiencing the same problem in a service run as docker swarm ( docker stack deploy )
the error was «No route to host», after surfing and searching I found that nginx service was ready before the companion service (php fpm), I just stopped the container and the swarm controller restart a new one, this fixed the problem.
I have no idea on how to solve this (there is a solution in docker.com site, actually), but I think it is not correct this upfront resolution of ip address in a docker environment.

I mean, why nginx resolve address name once at start and not ask for resolver every time? If I had removed the service then deployed it again that would have not worked, because the nginx resolved with the old service address that changes everytime a service is restarted.

(my case is fastcgi_pass ), the author say «Nginx evaluates the value of the variable per-request, instead of just once at startup.», and it is workaround way

Источник

Error in nginx config with Docker #701

Comments

1ubuntuuser commented Mar 15, 2022

Recently found this project, excited to give it a try for a NFP I am working on. 🙂

Description of the issue

There seems to be an error with the current nginx config when deploying on production according to the documentation. I’m pretty experienced with docker so I don’t think I’m doing anything dumb.

Context information (for bug reports)

Latest version of docker and docker-compose running on ubunu.

Steps to reproduce the issue

1. Download repo with git
   2. docker-compose -f compose.yaml -f overrides/compose.erpnext.yaml -f overrides/compose.mariadb.yaml -f overrides/compose.redis.yaml -f overrides/compose.https.yaml config >

/app/erpnext/docker-compose.yml
docker-compose —project-name xx -f

nginx.conf as extracted from container

Stacktrace / full error message if available

The text was updated successfully, but these errors were encountered:

revant commented Mar 15, 2022

there are certain mandatory variables needed for the image

Lines 41 to 47 in 0906034

defnotjonas commented Mar 15, 2022 •

This worked for me

I was just facing the same issue. I found an error in my docker-compose.yaml file.

I resolved the issue by changing $$$$host to $$host .

Steps to reproduce

The parent directory that the docker-compose.yaml is written to, is empty except for the frappe_docker git repository.
Running docker-compose up -d results in the same error as above.

Probable cause of the error

There seems to be an issue with the way, that the way that the final docker-compose.yaml is combined. Running docker-compose -f compose.yaml config > ../docker-compose.yaml produces the same $$$$ -problem.

revant commented Mar 15, 2022

There seems to be an issue with the way, that the way that the final docker-compose.yaml is combined.

thanks for the help in figuring it out. I’ll check what can be done to fix.

1ubuntuuser commented Mar 16, 2022

This worked for me

I was just facing the same issue. I found an error in my docker-compose.yaml file.

I resolved the issue by changing $$$$host to $$host .

Steps to reproduce

The parent directory that the docker-compose.yaml is written to, is empty except for the frappe_docker git repository. Running docker-compose up -d results in the same error as above.

Probable cause of the error

There seems to be an issue with the way, that the way that the final docker-compose.yaml is combined. Running docker-compose -f compose.yaml config > ../docker-compose.yaml produces the same $$$$ -problem.

Removing the extra $$ fixed it for me too! Thanks. I did notice the extra $$. I thought it as some fancy var passing method or somthing.

vrslev commented Mar 16, 2022

The issue comes up if you use docker-compose v1. On second version everything works fine. There’s no universal solution: v1 requires «$host», v2 — «$$host».

1ubuntuuser commented Mar 17, 2022

The issue comes up if you use docker-compose v1. On second version everything works fine. There’s no universal solution: v1 requires «$host», v2 — «$$host».

Actaully, the text in the compose yml defults to «$$$$host» not «$$host». The 4 dollar signs is what is causing the issue.

defnotjonas commented Mar 18, 2022 •

@1ubuntuuser I think you misunderstood. @vrslev is correct in their answer. Let me elaborate:

compose.yaml contains the following:

Notice the $$host.

with Compose v1

I ran into problems using docker-compose v1 ( docker-compose -v : docker-compose version 1.29.2, build 5becea4c). The command docker-compose -f compose.yaml parses the line to

So we would need a single $ in compose.yaml.

with Compose v2

After upgrading to docker-compose v2 ( docker-compose -v : Docker Compose version v2.2.3), the same command parses the line to

Источник

Контекст

У меня было приложение, работающее с глобальным Nginx в качестве обратного прокси на моем частном сервере без проблем. Однако для моего проекта мне нужно развернуть его на серверах моего университета, где мне нужно будет переместить все это в мои контейнеры, но я не могу заставить его работать.

Общая настройка проекта

Краткое введение в настройку: у меня есть интерфейс frontend-ui, который представляет собой простой PWA, созданный с помощью vue, который также использует Firebase Messaging для уведомлений. Токены уведомлений хранятся в моем диспетчере уведомлений — приложении Spring — в базе данных, и он также выполняет все запросы к базе данных, такие как удаление токенов при удалении и т. д. Мой третий пользовательский интерфейс — это интерфейс-уведомление, который предоставляет простой (vue) интерфейс для отправки out уведомления с помощью firebase, для этого он также взаимодействует с базой данных для получения токенов. Все проекты находятся в одной папке с docker-compose.
Мне нужны оба моих фронта для обслуживания https.

Настройка Nginx / Docker

Интерфейс-интерфейс

Мой интерфейс-интерфейс имеет следующую конфигурацию Nginx, а сертификаты находятся в папке сертификатов:

server {
  listen 80;
  server_name SERVERNAME;
  # Redirect all traffic to SSL
  rewrite ^ https://$server_name$request_uri? permanent;
}

server {
  listen 443 ssl;

  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_prefer_server_ciphers on;
  ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA256:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EDH+aRSA+AESGCM:EDH+aRSA+SHA256:EDH+aRSA:EECDH:!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED";

  add_header Strict-Transport-Security "max-age=31536000";
  server_name SERVERNAME;

  ## Access and error logs.
  access_log /var/log/nginx/access.log;
  error_log  /var/log/nginx/error.log info;

  ## Server certificate and key.
  ssl on;
    ssl_certificate /etc/nginx/ssl/nginx.cert;
    ssl_certificate_key /etc/nginx/ssl/nginx.key;

  root /usr/share/nginx/html;
  location / {
    try_files $uri $uri/ =404;
  }
  location /api {
    proxy_pass http://127.0.0.1:42372;
  }
}

И этот Dockerfile:

# build stage
FROM node:lts-alpine as build-stage
WORKDIR /app
COPY package*.json /app/
RUN npm install
COPY . .
RUN npm run build

#COPY default.conf /etc/nginx/conf.d/
#COPY certificates/nginx.cert /etc/ssl/
#COPY certificates/nginx.key /etc/ssl/

# production stage
FROM nginx:stable-alpine as production-stage

COPY certificates/nginx.cert /etc/nginx/ssl/
COPY certificates/nginx.key /etc/nginx/ssl/

COPY default.conf /etc/nginx/conf.d/

COPY --from=build-stage /app/dist /usr/share/nginx/html
CMD ["nginx", "-g", "daemon off;"]

Уведомление-пользовательский интерфейс

Мой интерфейс-уведомление имеет следующую конфигурацию Nginx, а сертификаты находятся в папке Certificates:

server {
  listen 80;
  server_name SERVERNAME;
  # Redirect all traffic to SSL
  rewrite ^ https://$server_name$request_uri? permanent;
}

server {
  listen 443 ssl;

  ssl_protocols TLSv1 TLSv1.1 TLSv1.2;
  ssl_prefer_server_ciphers on;
  ssl_ciphers "EECDH+ECDSA+AESGCM:EECDH+aRSA+AESGCM:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA256:EECDH+ECDSA+SHA384:EECDH+ECDSA+SHA256:EECDH+aRSA+SHA384:EDH+aRSA+AESGCM:EDH+aRSA+SHA256:EDH+aRSA:EECDH:!aNULL:!eNULL:!MEDIUM:!LOW:!3DES:!MD5:!EXP:!PSK:!SRP:!DSS:!RC4:!SEED";

  add_header Strict-Transport-Security "max-age=31536000";
  server_name SERVERNAME;

  ## Access and error logs.
  access_log /var/log/nginx/access.log;
  error_log  /var/log/nginx/error.log info;

  ## Server certificate and key.
  ssl on;
    ssl_certificate /etc/nginx/ssl/nginx.cert;
    ssl_certificate_key /etc/nginx/ssl/nginx.key;

  root /usr/share/nginx/html;
  location / {
    try_files $uri $uri/ =404;
  }
  location /api {
    proxy_pass http://127.0.0.1:42372;
  }
}

И этот Dockerfile:

# build stage
FROM node:lts-alpine as build-stage
WORKDIR /app
COPY package*.json /app/
RUN npm install
COPY . .
RUN npm run build

#COPY default.conf /etc/nginx/conf.d/
#COPY certificates/nginx.cert /etc/ssl/
#COPY certificates/nginx.key /etc/ssl/

# production stage
FROM nginx:stable-alpine as production-stage

COPY certificates/nginx.cert /etc/nginx/ssl/
COPY certificates/nginx.key /etc/nginx/ssl/

COPY default.conf /etc/nginx/conf.d/

COPY --from=build-stage /app/dist /usr/share/nginx/html
CMD ["nginx", "-g", "daemon off;"]

Уведомление-бэкэнд

У моего бэкэнда нет конфигурации Nginx, так как она сама по себе не нужна. Dockerfile выглядит так:

### BUILDER
FROM maven:3.6.3-jdk-11-slim as builder

RUN mkdir -p /build
WORKDIR /build
COPY pom.xml /build

#Download dependencies
#RUN mvn -B dependency:resolve dependency:resolve-plugins

#copy src-code
COPY src /build/src

#Build application
RUN mvn clean install

### RUNTIME

FROM openjdk:11-slim as runtime
ENV APP_HOME /

#Create folders for config and logging
RUN mkdir $APP_HOME/config
RUN mkdir $APP_HOME/log

VOLUME $APP_HOME/log
VOLUME $APP_HOME/config

WORKDIR $APP_HOME
#Copy jar from builder
COPY --from=builder /build/target/*.jar notificationmanager.jar
ENTRYPOINT ["java","-jar","notificationmanager.jar", "de.hsa.frontend.notificationmanager.NotificationmanagerApplication"]

Развертывание

Я развертываю сеть с помощью docker-compose:

version: '3.2'
services:
    backend:
        image: notificationmanager-be:1
        build:
            context: ./notificationmanager
            dockerfile: ./Dockerfile
        ports:
            - "42372:8085"
        networks:
            - notificationmanager
        restart: on-failure:5
    notification-ui:
        image: notificationmanager-ui:1
        build:
            context: ./notificationmanager-ui
            dockerfile: ./Dockerfile
        ports:
            - "42373:80"
            - "42376:443"
        networks:
            - notificationmanager
    db:
        image: postgres
        ports:
            - "42374:5432"
        environment:
            - POSTGRES_USER=USERNAME
            - POSTGRES_PASSWORD=PASSWORD
            - POSTGRES_DB=DATABASE
        volumes:
            - data:/var/lib/postgresql/data/
        restart: on-failure:5
    frontend-ui:
        image: frontend-ui:1
        build:
            context: ./frontend-ui
            dockerfile: ./Dockerfile
        ports:
            - "42375:80"
            - "42377:443"
        networks:
            - notificationmanager
networks:
    notificationmanager:
        driver: bridge
volumes:
    data:
        driver: local

Отображение порта 443 я добавил в качестве последней идеи о том, почему он может не работать, поэтому я могу его снова удалить. Я не вижу большой разницы от просмотренных мною онлайн-туториалов, но я все равно получаю SSL-ошибку (ERR_SSL_PROTOCOL_ERROR) при попытке открыть веб-страницы, Dev-Tools не показывает никаких ошибок, журналы из внешнего интерфейса -ui выглядят так (другие похожи):

/docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration


/docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/


/docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh


10-listen-on-ipv6-by-default.sh: Getting the checksum of /etc/nginx/conf.d/default.conf


10-listen-on-ipv6-by-default.sh: info: /etc/nginx/conf.d/default.conf differs from the packaged version


/docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh


/docker-entrypoint.sh: Configuration complete; ready for start up


2021/03/29 11:55:04 [warn] 1#1: the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/conf.d/default.conf:23


nginx: [warn] the "ssl" directive is deprecated, use the "listen ... ssl" directive instead in /etc/nginx/conf.d/default.conf:23


10.144.43.100 - - [29/Mar/2021:11:55:53 +0000] "x16x03x01x02x00x01x00x01xFCx03x03xB1xC7" 400 157 "-" "-" "-"


10.144.43.100 - - [29/Mar/2021:11:55:53 +0000] "x16x03x01x02x00x01x00x01xFCx03x03:XxFBx83xADx18x13n^xF4x06:xEDx93~;xB2%jxD0xACxDCxFB#WxCB)bx16rxC9xCE xFEx1FuxA3Y;xB2xC0xFBx11 x02xDEx91=$U" 400 157 "-" "-" "-"


10.144.43.100 - - [29/Mar/2021:11:55:54 +0000] "x16x03x01x02x00x01x00x01xFCx03x03Bpx91xA8xC6h)x81xA41x12xAAlxF4xD1qxA8xEAxC6{xC4x0Bx83xA9xE1xFCJ@1#x1FxB9 ?xCFVxA7x0Fvxx1CxF5xF5xA4x0BxAFxA2Z>xB4xCAxC4!i;F6xC0x1FxB5Hx94xC4xBCx19x00x22::x13x01x13x02x13x03xC0+xC0/xC0,xC00xCCxA9xCCxA8xC0x13xC0x14x00x9Cx00x9Dx00/x005x00" 400 157 "-" "-" "-"


10.144.43.100 - - [29/Mar/2021:11:55:54 +0000] "x16x03x01x02x00x01x00x01xFCx03x03x9D#Ju;j24xC0xF6xEAxDCxBFxFAx0E;xBDJx030xD4xF6xE8Vx88IxB8/'xA6Vj xA1Bx17x5C$" 400 157 "-" "-" "-"

Я немного переименовал, чтобы улучшить читаемость, и попытался удалить все свои (неудачные) попытки решения возможных проблем, поэтому прошу прощения, если где-то это не удалось. Мне пришлось удалить некоторые значения (например, данные для входа в базу данных), поэтому я просто написал туда заполнители, файлы, конечно, заполнены полностью.
Может ли кто-нибудь указать мне на мою ошибку?

У меня проблема с настройкой сервера nginx с помощью docker и django.
Вот моя структура каталогов

-nginx
--default.conf
--Dockerfile
-portfolio_app (django webpapp)
--main_app
---settings.py
---wsgi.py
--sub_app
---views.py
---static
---media
-docker-compose.yml
-Dockerfile (django related)
-entrypoint.sh (to start django server)

Что касается django, то он работает, но я не могу обслуживать статические файлы. Мне кажется, я неправильно указываю путь.

Здесь находится Dockerfile, связанный с django

FROM python:3.8.13-slim-buster

WORKDIR /app
RUN pip install --upgrade pip
COPY ./requirements.txt ./
RUN pip install -r requirements.txt

COPY ./portfolio_app ./

COPY ./entrypoint.sh ./
ENTRYPOINT ["sh","/app/entrypoint.sh"]

nginx файлы
default.conf

upstream django{
    server portfolio_app:8000;
}

server {
    listen 80;

    location /{
        proxy_pass http://django;
    }

    location /static/ {
        alias sub_app/static/;
    }

}

Dockerfile

FROM nginx:1.19.0-alpine
COPY ./default.conf /etc/nginx/conf.d/default.conf

Вот файл docker-compose.yml

version: '3.3'
services:
  portfolio_app:
    build: .
    container_name: portfolio_app
    volumes:
      - static_volume:/sub_app/static
      - media_volume:/sub_app/media
    ports:
      - "8000:8000"
    env_file:
      - .env

  nginx:
    build: ./nginx
    volumes:
      - static_volume:/sub_app/static
      - media_volume:/sub_app/media
    ports:
      - "80:80"
    depends_on:
      - portfolio_app


volumes:
  media_volume:
  static_volume:

Я не уверен в пути к томам в yml файле и настройках default.conf.
Вот журналы

Successfully built 8459b7bb3baf
Successfully tagged docker_nginx:latest
Recreating b0f1b634454f_portfolio_app ... done
Recreating docker_nginx_1             ... done
Attaching to portfolio_app, docker_nginx_1
nginx_1          | /docker-entrypoint.sh: /docker-entrypoint.d/ is not empty, will attempt to perform configuration
nginx_1          | /docker-entrypoint.sh: Looking for shell scripts in /docker-entrypoint.d/
nginx_1          | /docker-entrypoint.sh: Launching /docker-entrypoint.d/10-listen-on-ipv6-by-default.sh
portfolio_app    | [2022-07-21 08:09:47 +0000] [7] [INFO] Starting gunicorn 20.1.0
nginx_1          | 10-listen-on-ipv6-by-default.sh: Getting the checksum of /etc/nginx/conf.d/default.conf
portfolio_app    | [2022-07-21 08:09:47 +0000] [7] [INFO] Listening at: http://0.0.0.0:8000 (7)
portfolio_app    | [2022-07-21 08:09:47 +0000] [7] [INFO] Using worker: sync
nginx_1          | 10-listen-on-ipv6-by-default.sh: /etc/nginx/conf.d/default.conf differs from the packages version, exiting
portfolio_app    | [2022-07-21 08:09:47 +0000] [9] [INFO] Booting worker with pid: 9
nginx_1          | /docker-entrypoint.sh: Launching /docker-entrypoint.d/20-envsubst-on-templates.sh
nginx_1          | /docker-entrypoint.sh: Configuration complete; ready for start up
portfolio_app    | Not Found: /static/lib/animate/animate.min.css

Редактировать
Вот как я добавил статические url и файл в settings.py

MEDIA_ROOT = os.path.join(BASE_DIR, 'sub_app','media') 
MEDIA_URL = '/media/'
STATIC_URL = '/static/'
STATIC_ROOT = os.path.join(BASE_DIR, 'sub_app','static')

location /static/ {
        alias sub_app/static/;
    }

location /static/ {
        alias ./static/;
    }

static_volume:/app/sub_app/static

location /static/ {
        alias /app/sub_app/static/;
    }

Вернуться на верх