Summary:
I'm trying to set up an Nginx container as part of a Docker stack. I want to use a bind mount to make a folder on my computer available to the container as /data/www
, and use that as the root folder for Nginx to serve content from. The Nginx container builds and starts without any errors, and the port is exposed as 8080
; however, if I actually try to go to localhost:8080
, I get HTTP 403 errors.
Details:
Here's the relevant folder structure of my project:
/frontend
/static
index.html
frontend.dockerfile
nginx.conf
docker-compose.yml
The folder /frontend/static
is the one I am trying to add as a bind mount volume to the Nginx container.
docker-compose.yml
version: '3.7'
services:
frontend:
build:
context: frontend
dockerfile: frontend.dockerfile
ports:
- 8080:80
volumes:
- type: bind
source: ./frontend/static
target: /data/www
read_only: true
frontend.dockerfile
FROM nginx:1.16-alpine
EXPOSE 80
COPY nginx.conf /etc/nginx/nginx.conf
nginx.conf
events {
}
http {
server {
listen 80;
location / {
root /data/www;
}
}
}
When I run docker-compose up
, the container builds and starts without any problems, but when I type localhost:8080
into the browser, I get HTTP 403, and the following error in the docker console:
frontend_1 | 172.18.0.1 - - [04/Aug/2019:22:15:50 +0000] "GET / HTTP/1.1" 403 555 "-" "Mozilla/5.0 (X11; Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/76.0.3809.87 Safari/537.36"
frontend_1 | 2019/08/04 22:15:50 [error] 7#7: *1 "/data/www/index.html" is forbidden (13: Permission denied), client: 172.18.0.1, server: , request: "GET / HTTP/1.1", host: "localhost:8080"
So Nginx is clearly receiving the HTTP request and trying to serve the content (in this case, index.html
), but it does not have permission to access any files in the folder /data/www
, i.e. the bind mount volume.
I'm running Fedora 30. The project itself is in my home folder: ~/Dev/sandbox
. I've used chmod -R 755 frontend/static
in the project folder to grant permissions on the folder that needs to be bound.
I've also tried using a non-alpine image of Nginx, no difference.
Best Answer
This clearly says that it's a permission issue. Please check document root "/data/www/" is owned by Nginx user. You can also change the ownership by entering container with below commands.
docker exec -it bash
Give this a try and post back with the errors you have identified and we shall try to resolve it.