Proxying php apps with docker

camonne · December 15, 2020, 6:18pm

1. Caddy version (`caddy version`):

v2.2.1 h1:Q62GWHMtztnvyRU+KPOpw6fNfeCD3SkwH7SfT1Tgt2c=

2. How I run Caddy:

docker-compose.yml:

    version: "3.7"

    services:
      caddy:
        image: caddy:2
        ports:
          - "80:80"
          - "443:443"
        volumes:
          - ./Caddyfile:/etc/caddy/Caddyfile
          - /data/caddy/data:/data
          - /data/caddy/config:/config
          #- /data/caddy/srv:/srv
          - /home/user/docker/crater/public:/srv/crater
          - /data/invoiceninja/public:/srv/invoiceninja
        restart: unless-stopped
        networks:
          - letsencrypt_default


    networks:
      letsencrypt_default:
        external: true

a. System environment:

ubuntu 20
uname -a
Linux user 5.4.0-58-generic #64-Ubuntu SMP Wed Dec 9 08:16:25 UTC 2020 x86_64 x86_64 x86_64 GNU/Linux
docker -v
Docker version 20.10.1, build 831ebea
docker-compose version
docker-compose version 1.27.4, build 40524192
docker-py version: 4.3.1
CPython version: 3.7.7
OpenSSL version: OpenSSL 1.1.0l 10 Sep 2019

b. Command:

docker-compose up -d

d. My complete Caddyfile or JSON config:

{
    email my@email
}
#invoiceninja
invoice.domain.tld {
        root * /srv/invoiceninja
        php_fastcgi invoiceninja_app_1:9000
        encode zstd gzip
        file_server browse
}

www.invoice.domain.tld {
        redir https://invoice.domain.tld{uri}
}

3. The problem I’m having:

Run any dockerized php app, as in an app with a php container that requires caddy to serve the files. I tried two of them, invoceninja and crater, and I have the same issue. I feel like I’m really near but I can’t get it to work. I can already run “normal” dockerized app (with reverse_proxy).

version: '3.7'

services:
  app:
    image: invoiceninja/invoiceninja:5
    restart: unless-stopped
    cap_add:
      - SYS_ADMIN
    environment:
      - APP_URL=${APP_URL}
      - APP_KEY=${APP_KEY}
      - MULTI_DB_ENABLED=false
      - DB_USERNAME1=${DB_USER}
      - DB_PASSWORD1=${DB_PASSWORD}
    volumes:
      # Configure your mounted directories, make sure the folder 'public' and 'storage'
      # exist, before mounting them
      -  /data/invoiceninja/public:/var/www/app/public
      -  /data/invoiceninja/storage:/var/www/app/storage
    depends_on:
      - ninjadb
    networks:
      - letsencrypt_default

  ninjadb: ...

networks:
  letsencrypt_default:
    external: true

4. Error messages and/or full log output:

Visiting invoice.domain.tld the caddy container does not throw any error, the invoiceninja throws a 404 not found. If I try invoice.domain.tld/index.php I get the same error

docker-compose logs

[15-Dec-2020 17:23:04] NOTICE: [pool www] 'user' directive is ignored when FPM is not running as root
[15-Dec-2020 17:23:04] NOTICE: [pool www] 'user' directive is ignored when FPM is not running as root
[15-Dec-2020 17:23:04] NOTICE: [pool www] 'group' directive is ignored when FPM is not running as root
[15-Dec-2020 17:23:04] NOTICE: [pool www] 'group' directive is ignored when FPM is not running as root
[15-Dec-2020 17:23:04] NOTICE: fpm is running, pid 1
[15-Dec-2020 17:23:04] NOTICE: ready to handle connections
172.19.0.13 -  15/Dec/2020:17:29:21 +0000 "GET /index.php" 404
172.19.0.13 -  15/Dec/2020:17:29:29 +0000 "GET /index.php" 404
172.19.0.13 -  15/Dec/2020:18:00:21 +0000 "GET /index.php" 404
172.19.0.13 -  15/Dec/2020:18:00:26 +0000 "GET /index.php" 404

Looking from the firefox console, I can see that the first request also returns a 502 on the favicon.ico

5. What I already tried:

/bin/sh into the caddy container ls -al /srv/invoiceninja

drwxr-xr-x   10 1000     82            4096 Dec 15 17:23 .
drwxr-xr-x    1 root     root          4096 Dec 15 17:28 ..
drwxr-xr-x    2 1000     82            4096 Dec 15 17:19 app
drwxr-xr-x    6 1000     82            4096 Dec  8 20:42 assets
drwxr-xr-x    2 1000     82            4096 Dec  8 20:42 css
-rw-r--r--    1 1000     82           15086 Dec  8 20:42 favicon.ico
-rw-r--r--    1 1000     82            2700 Dec  8 20:42 favicon.png
-rw-r--r--    1 1000     82            8120 Dec  8 20:42 flutter_service_worker.js
drwxr-xr-x    2 1000     82            4096 Dec  8 20:42 icons
drwxr-xr-x    3 1000     82            4096 Dec  8 20:42 images
-rw-r--r--    1 1000     82            1850 Dec  8 20:42 index.php
drwxr-xr-x    5 1000     82            4096 Dec  8 20:42 js
-rw-r--r--    1 1000     82         7530443 Dec  8 20:42 main.dart.js
-rw-r--r--    1 1000     82         5100101 Dec  8 20:42 main.dart.js.map
-rw-r--r--    1 1000     82             797 Dec  8 20:42 manifest.json
-rw-r--r--    1 1000     82            1835 Dec  8 20:42 mix-manifest.json
-rw-r--r--    1 1000     82              24 Dec  8 20:42 robots.txt
drwxr-xr-x    2 1000     82            4096 Dec  8 20:42 svg
drwxr-xr-x    4 1000     82            4096 Dec  8 20:42 vendor
-rw-r--r--    1 1000     82               7 Dec 15 17:23 version
-rw-r--r--    1 1000     82              74 Dec  8 20:42 version.json

I also tried a different Caddyfile configuration for crater with no success:

#crater
invoice.domain.tld {
    root * /srv/crater
    encode gzip
    try_files {path} {path}/ /index.php?{query}
    php_fastcgi crater_app_1:9000
    file_server
}
www.invoice.domain.tld {
    redir https://invoice.domain.tld{uri}
}

root * /srv/crater should be correct since I can see them from the caddy container
crater_app_1:9000 should be correct since I get the container logs

Checked the networks, they are on the same (I point all my frontends to the same network anyway)

rebooted the whole server

6. Links to relevant resources:

invoiceninja docker repo

invoiceninja caddy tutorial

francislavoie · December 15, 2020, 6:29pm

The directory the code is in needs to be the same in both containers (the absolute paths). It seems like you have it at /var/www/app/public in one, and /srv/invoiceninja in the other. This is because fastcgi messages tell php-fpm to run a file at an absolute path.

camonne · December 15, 2020, 6:52pm

Thanks! I know nothing of php so I really missed that. I saw that solution on this forum already but I thought it was referring to something else.

Anyway now I get a 500 error → EDIT: related to invoiceninja and not caddy so no need to chek

Caddyfile

#invoiceninja
invoice.domain.tld {
    root * /var/www/app/public
    php_fastcgi invoiceninja_app_1:9000
    encode zstd gzip
    file_server browse
}

www.invoice.domain.tld {
    redir https://invoice.domain.tld{uri}
}

new docker-compose.yml volume

    volumes:
      - /data/invoiceninja/public:/var/www/app/public

still no logs on caddy, invoiceninja container log:

172.19.0.3 - 15/Dec/2020:18:44:30 +0000 “GET /index.php” 500

Firefox shows that now it’s the invoice.domain.tld/index.php throwing a 502 on the favicon.txt

Another question: how can I serve multiple php apps if I need to map them to the same folder? (/var/www/app/public) Do I need to change the source folder (the one in the invoiceninja folder, for example)? Or does invoiceninja (for example) need it in that specific folder too because some code will look there?

EDIT: I also tried again crater with this solution and it works, so the 500 issue is related to my invoiceninja config and I’ll try something another time

francislavoie · December 15, 2020, 9:38pm

Yeah, they’ll need to be in different directories probably. Caddy doesn’t have support for telling fastcgi to look in a different document root than it knows right now, but it’s theoretically possible now that I think of it, it would require some changes to Caddy though.

Ideally it would run under any directory, but I know nothing about that app, so I can’t say for sure.

system · January 14, 2021, 6:18pm

This topic was automatically closed after 30 days. New replies are no longer allowed.