Related
NGINX Config Generator
Tool
How to configure two apps over same domain
Question
Question
PHP Error Log: authz_core:error - For files that don't exists on my server
Question
Question
Question
Not sure why I can't access my web servers (Ubuntu server on Hyper-V) from host OS (Windows)
My environment: Host OS with Hyper-V Ubuntu Server.
I am running 5 containers (2 DB, 2 Wordpress, 1 NGINX). Here is everything I setup and the NGINX config output. I followed these steps from another dev.
**I created the docker network for NGINX FYI before I ran NGINX.
NGINX YML:
version: "3"
services:
nginx-proxy:
image: jwilder/nginx-proxy
container_name: nginx-proxy
ports:
- "80:80"
volumes:
- /var/run/docker.sock:/tmp/docker.sock:ro
networks:
default:
external:
name: nginx-proxy
1st wordpress YAML:
bain@wordpress:/home/hakase/multi-wp/reagan$ cat docker-compose.yml
version: "3"
services:
reagan-website:
image: mysql:5.7
volumes:
- db_data:/var/lib/mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: PASSWORD
MYSQL_DATABASE: db2
MYSQL_USER: wordpress2
MYSQL_PASSWORD: PASSWORD
container_name: wordpress_db2
wordpress:
depends_on:
- reagan-website
image: wordpress:latest
expose:
- 80
restart: always
environment:
VIRTUAL_HOST: blog.reagan.localhost
WORDPRESS_DB_HOST: reagan-website:3306
WORDPRESS_DB_USER: wordpress2
WORDPRESS_DB_PASSWORD: PASSWORD
container_name: wordpress2
volumes:
db_data:
networks:
default:
external:
name: nginx-proxy
2nd wordpress YAML:
bain@wordpress:/home/hakase/multi-wp/reagan$ cat /home/hakase/multi-wp/zack/docker-compose.yml
version: "3"
services:
zack-website:
image: mysql:5.7
volumes:
- db_data:/var/lib/mysql
restart: always
environment:
MYSQL_ROOT_PASSWORD: PASSWORD
MYSQL_DATABASE: db1
MYSQL_USER: wordpress1
MYSQL_PASSWORD: PASSWORD
container_name: wordpress_db1
wordpress:
depends_on:
- zack-website
image: wordpress:latest
expose:
- 80
restart: always
environment:
VIRTUAL_HOST: blog.zack.localhost
WORDPRESS_DB_HOST: zack-website:3306
WORDPRESS_DB_USER: wordpress1
WORDPRESS_DB_PASSWORD: PASSWORD
container_name: wordpress1
volumes:
db_data:
networks:
default:
external:
name: nginx-proxy
My docker conainters running after executing the three YML files:
bain@wordpress:~$ docker ps
WARNING: Error loading config file: /home/bain/.docker/config.json: stat /home/bain/.docker/config.json: permission denied
CONTAINER ID IMAGE COMMAND CREATED STATUS PORTS NAMES
b7336682c99d wordpress:latest "docker-entrypoint.s…" 10 hours ago Up 3 hours 80/tcp wordpress2
bd83b37e0fe2 mysql:5.7 "docker-entrypoint.s…" 10 hours ago Up 3 hours 3306/tcp, 33060/tcp wordpress_db2
ecc9308b34d1 wordpress:latest "docker-entrypoint.s…" 10 hours ago Up 3 hours 80/tcp wordpress1
2a829cf66508 mysql:5.7 "docker-entrypoint.s…" 10 hours ago Up 3 hours 3306/tcp, 33060/tcp wordpress_db1
a3a0e1a68f66 jwilder/nginx-proxy "/app/docker-entrypo…" 11 hours ago Up 2 hours 0.0.0.0:80->80/tcp nginx-proxy
1b52abdf09fb wordpress:latest "docker-entrypoint.s…" 14 hours ago Up 3 hours 0.0.0.0:8080->80/tcp wordpress-compose_wordpress_1
010224c98ed6 mariadb "docker-entrypoint.s…" 14 hours ago Up 3 hours 0.0.0.0:3306->3306/tcp wordpress-compose_mysql_1
NGINX config after container made:
root@a3a0e1a68f66:/etc# nginx -T
nginx: the configuration file /etc/nginx/nginx.conf syntax is ok
nginx: configuration file /etc/nginx/nginx.conf test is successful
# configuration file /etc/nginx/nginx.conf:
user nginx;
worker_processes auto;
error_log /var/log/nginx/error.log warn;
pid /var/run/nginx.pid;
events {
worker_connections 1024;
}
http {
include /etc/nginx/mime.types;
default_type application/octet-stream;
log_format main '$remote_addr - $remote_user [$time_local] "$request" '
'$status $body_bytes_sent "$http_referer" '
'"$http_user_agent" "$http_x_forwarded_for"';
access_log /var/log/nginx/access.log main;
sendfile on;
#tcp_nopush on;
keepalive_timeout 65;
#gzip on;
include /etc/nginx/conf.d/*.conf;
}
daemon off;
# configuration file /etc/nginx/mime.types:
types {
text/html html htm shtml;
text/css css;
text/xml xml;
image/gif gif;
image/jpeg jpeg jpg;
application/javascript js;
application/atom+xml atom;
application/rss+xml rss;
text/mathml mml;
text/plain txt;
text/vnd.sun.j2me.app-descriptor jad;
text/vnd.wap.wml wml;
text/x-component htc;
image/png png;
image/svg+xml svg svgz;
image/tiff tif tiff;
image/vnd.wap.wbmp wbmp;
image/webp webp;
image/x-icon ico;
image/x-jng jng;
image/x-ms-bmp bmp;
font/woff woff;
font/woff2 woff2;
application/java-archive jar war ear;
application/json json;
application/mac-binhex40 hqx;
application/msword doc;
application/pdf pdf;
application/postscript ps eps ai;
application/rtf rtf;
application/vnd.apple.mpegurl m3u8;
application/vnd.google-earth.kml+xml kml;
application/vnd.google-earth.kmz kmz;
application/vnd.ms-excel xls;
application/vnd.ms-fontobject eot;
application/vnd.ms-powerpoint ppt;
application/vnd.oasis.opendocument.graphics odg;
application/vnd.oasis.opendocument.presentation odp;
application/vnd.oasis.opendocument.spreadsheet ods;
application/vnd.oasis.opendocument.text odt;
application/vnd.openxmlformats-officedocument.presentationml.presentation
pptx;
application/vnd.openxmlformats-officedocument.spreadsheetml.sheet
xlsx;
application/vnd.openxmlformats-officedocument.wordprocessingml.document
docx;
application/vnd.wap.wmlc wmlc;
application/x-7z-compressed 7z;
application/x-cocoa cco;
application/x-java-archive-diff jardiff;
application/x-java-jnlp-file jnlp;
application/x-makeself run;
application/x-perl pl pm;
application/x-pilot prc pdb;
application/x-rar-compressed rar;
application/x-redhat-package-manager rpm;
application/x-sea sea;
application/x-shockwave-flash swf;
application/x-stuffit sit;
application/x-tcl tcl tk;
application/x-x509-ca-cert der pem crt;
application/x-xpinstall xpi;
application/xhtml+xml xhtml;
application/xspf+xml xspf;
application/zip zip;
application/octet-stream bin exe dll;
application/octet-stream deb;
application/octet-stream dmg;
application/octet-stream iso img;
application/octet-stream msi msp msm;
audio/midi mid midi kar;
audio/mpeg mp3;
audio/ogg ogg;
audio/x-m4a m4a;
audio/x-realaudio ra;
video/3gpp 3gpp 3gp;
video/mp2t ts;
video/mp4 mp4;
video/mpeg mpeg mpg;
video/quicktime mov;
video/webm webm;
video/x-flv flv;
video/x-m4v m4v;
video/x-mng mng;
video/x-ms-asf asx asf;
video/x-ms-wmv wmv;
video/x-msvideo avi;
}
# configuration file /etc/nginx/conf.d/default.conf:
# If we receive X-Forwarded-Proto, pass it through; otherwise, pass along the
# scheme used to connect to this server
map $http_x_forwarded_proto $proxy_x_forwarded_proto {
default $http_x_forwarded_proto;
'' $scheme;
}
# If we receive X-Forwarded-Port, pass it through; otherwise, pass along the
# server port the client connected to
map $http_x_forwarded_port $proxy_x_forwarded_port {
default $http_x_forwarded_port;
'' $server_port;
}
# If we receive Upgrade, set Connection to "upgrade"; otherwise, delete any
# Connection header that may have been passed to this server
map $http_upgrade $proxy_connection {
default upgrade;
'' close;
}
# Apply fix for very long server names
server_names_hash_bucket_size 128;
# Default dhparam
ssl_dhparam /etc/nginx/dhparam/dhparam.pem;
# Set appropriate X-Forwarded-Ssl header
map $scheme $proxy_x_forwarded_ssl {
default off;
https on;
}
gzip_types text/plain text/css application/javascript application/json application/x-javascript text/xml application/xml application/xml+rss text/javascript;
log_format vhost '$host $remote_addr - $remote_user [$time_local] '
'"$request" $status $body_bytes_sent '
'"$http_referer" "$http_user_agent"';
access_log off;
ssl_protocols TLSv1.2 TLSv1.3;
ssl_ciphers 'ECDHE-ECDSA-AES128-GCM-SHA256:ECDHE-RSA-AES128-GCM-SHA256:ECDHE-ECDSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-GCM-SHA384:ECDHE-ECDSA-CHACHA20-POLY1305:ECDHE-RSA-CHACHA20-POLY1305:DHE-RSA-AES128-GCM-SHA256:DHE-RSA-AES256-GCM-SHA384';
ssl_prefer_server_ciphers off;
resolver 127.0.0.11;
# HTTP 1.1 support
proxy_http_version 1.1;
proxy_buffering off;
proxy_set_header Host $http_host;
proxy_set_header Upgrade $http_upgrade;
proxy_set_header Connection $proxy_connection;
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header X-Forwarded-Proto $proxy_x_forwarded_proto;
proxy_set_header X-Forwarded-Ssl $proxy_x_forwarded_ssl;
proxy_set_header X-Forwarded-Port $proxy_x_forwarded_port;
# Mitigate httpoxy attack (see README for details)
proxy_set_header Proxy "";
server {
server_name _; # This is just an invalid value which will never trigger on a real hostname.
listen 80;
access_log /var/log/nginx/access.log vhost;
return 503;
}
# blog.reagan.localhost
upstream blog.reagan.localhost {
## Can be connected with "nginx-proxy" network
# wordpress2
server 172.20.0.3:80;
}
server {
server_name blog.reagan.localhost;
listen 80 ;
access_log /var/log/nginx/access.log vhost;
location / {
proxy_pass http://blog.reagan.localhost;
}
}
# blog.zack.localhost
upstream blog.zack.localhost {
## Can be connected with "nginx-proxy" network
# wordpress1
server 172.20.0.4:80;
}
server {
server_name blog.zack.localhost;
listen 80 ;
access_log /var/log/nginx/access.log vhost;
location / {
proxy_pass http://blog.zack.localhost;
}
}
IP’s of everything
bain@wordpress:/home/hakase/multi-wp/reagan$ ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether 00:15:5d:95:71:17 brd ff:ff:ff:ff:ff:ff
inet 192.168.218.68/28 brd 192.168.218.79 scope global dynamic eth0
valid_lft 86127sec preferred_lft 86127sec
inet6 fe80::215:5dff:fe95:7117/64 scope link
valid_lft forever preferred_lft forever
3: docker0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:de:bd:c9:32 brd ff:ff:ff:ff:ff:ff
inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
valid_lft forever preferred_lft forever
inet6 fe80::42:deff:febd:c932/64 scope link
valid_lft forever preferred_lft forever
4: br-9e66eb9fb660: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
link/ether 02:42:7f:16:74:b6 brd ff:ff:ff:ff:ff:ff
inet 172.20.0.1/16 brd 172.20.255.255 scope global br-9e66eb9fb660
valid_lft forever preferred_lft forever
inet6 fe80::42:7fff:fe16:74b6/64 scope link
valid_lft forever preferred_lft forever
6: vethae1a0ff@if5: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-9e66eb9fb660 state UP group default
link/ether de:88:68:41:b9:c2 brd ff:ff:ff:ff:ff:ff link-netnsid 4
inet6 fe80::dc88:68ff:fe41:b9c2/64 scope link
valid_lft forever preferred_lft forever
8: veth9e22a38@if7: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 6a:a9:18:f3:02:94 brd ff:ff:ff:ff:ff:ff link-netnsid 1
inet6 fe80::68a9:18ff:fef3:294/64 scope link
valid_lft forever preferred_lft forever
10: veth911c303@if9: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-9e66eb9fb660 state UP group default
link/ether e6:c7:7c:b3:36:f9 brd ff:ff:ff:ff:ff:ff link-netnsid 3
inet6 fe80::e4c7:7cff:feb3:36f9/64 scope link
valid_lft forever preferred_lft forever
12: vethcf3a3da@if11: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-9e66eb9fb660 state UP group default
link/ether fa:9d:4f:83:ae:95 brd ff:ff:ff:ff:ff:ff link-netnsid 0
inet6 fe80::f89d:4fff:fe83:ae95/64 scope link
valid_lft forever preferred_lft forever
14: veth667a57b@if13: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-9e66eb9fb660 state UP group default
link/ether 5a:5c:c4:81:0b:74 brd ff:ff:ff:ff:ff:ff link-netnsid 2
inet6 fe80::585c:c4ff:fe81:b74/64 scope link
valid_lft forever preferred_lft forever
16: veth1fe63b8@if15: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master docker0 state UP group default
link/ether 86:ba:c9:34:a2:98 brd ff:ff:ff:ff:ff:ff link-netnsid 5
inet6 fe80::84ba:c9ff:fe34:a298/64 scope link
valid_lft forever preferred_lft forever
26: veth9bb6005@if25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master br-9e66eb9fb660 state UP group default
link/ether 06:3e:ac:80:ba:e6 brd ff:ff:ff:ff:ff:ff link-netnsid 6
inet6 fe80::43e:acff:fe80:bae6/64 scope link
valid_lft forever preferred_lft forever
Looks like everything is setup correctly, but I can’t access via domain name. I can’t do it by IP since NGINX looks for request from port 80 and if it matches the domain, it forwards the request to the wordpress domain. Since in containers, the IPs are internal to the docker bridged network.
I added the eth0 IP and domain names to SYSTEM32/Drivers/Hosts and can ping using the local domain names. But through the browser, nothing. But NGINX is running because I get a 503 error using the actual server IP.
But If i create a single webserver not using NGINX, I can access it by IP:8080. But hosting several wesites, that’s not feasible. Please help me. 20 hours deep and can’t figure it out.
Add a comment
edited by MattIPv4
These answers are provided by our Community. If you find them useful, show some love by clicking the heart. If you run into issues leave a comment, or add your own answer to help others.
×