I’m quite new to Docker, and have run up against an issue that I’m hoping someone here has a straightforward fix for.
I’m hosting my containers on a Synology NAS, and as such some images (eg. Nextcloud) that have an image option with a built-in Apache web server won’t work due to a kernel issue. They fail with a reference to the random number generator.
This obliges me to use the FPM image for Nextcloud, which requires another container to act as the web server for the content.
My issue: The application and database containers look all right but when the web container attempts to access the application container I get this error:
2022/07/12 23:04:41 [error] 34#34: *2 “/var/www/html/index.php” is forbidden (13: Permission denied), client: 172.21.0.1, server: , request: “GET / HTTP/1.1”, host: “10.33.10.2:9095”
I seem to need to find a way of setting the permissions on the content and / or defining the user with which the web container is trying to access the content.
The NAS is running DSM 7.0.1-42218 and Docker version 20.10.3-1239. I’m managing the environment with Portainer. Here is the docker compose config from the stack:
version: '2.4' volumes: ncapp: networks: inside: outside: external: true name: PROXYBRIDGE #Access to site from a reverse proxy services: ncdb: #Database Container image: mariadb:latest restart: always command: --transaction-isolation=READ-COMMITTED --binlog-format=ROW volumes: - /volume1/docker/ncdb:/var/lib/mysql #Bind Mount for database files environment: - MYSQL_ROOT_PASSWORD=nextcloud - MYSQL_PASSWORD=nextcloud - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - TZ=Pacific/Auckland networks: - inside ncapp: #Application Container image: nextcloud:10-fpm restart: always depends_on: - ncdb links: - ncdb volumes: - ncapp:/var/www/html #Named Volume for application data - /volume1/docker/ncapp/data:/var/www/html/data #Bind Mount for cloud storage of User Data environment: - MYSQL_PASSWORD=nextcloud - MYSQL_DATABASE=nextcloud - MYSQL_USER=nextcloud - MYSQL_HOST=ncdb - NEXTCLOUD_ADMIN_PASSWORD=XXXX - NEXTCLOUD_ADMIN_USER=XXXX networks: - inside ncweb: #Web front end Container image: nginx:latest restart: always depends_on: - ncapp ports: - 9095:80 links: - ncapp volumes: - /volume1/docker/ncweb/nginx.conf:/etc/nginx/nginx.conf:ro #Web server config file volumes_from: - ncapp:ro #Access to Application Data networks: - inside - outside
And here is the config file for the Nginx web front end:
Cheers for any insight.