Good morning.
I have been trying to get docker working for a week now.
I almost always get to error 403 error.
Maybe I am doing something wrong, because I have a docker-compose.yml, where I define all the dockers, I use Traefik 2.
ninja_nginx:
<<: *common-keys-core # See EXTENSION FIELDS at the top
<<: *min-limits
image: nginx:latest
container_name: ninja_nginx
env_file: .envninja
ports:
- "8087:80"
networks:
proxy:
ipv4_address: 192.168.90.66
volumes:
- $DOCKERDIR/appdata/invoiceninja/nginx/in-vhost.conf:/etc/nginx/conf.d/in-vhost.conf:ro
- $DOCKERDIR/appdata/invoiceninja/public:/var/www/app/public:rw,delegated
- $DOCKERDIR/appdata/invoiceninja/storage:/var/www/app/storage:rw,delegated
labels:
- "traefik.enable=true"
- "traefik.http.routers.ninja-nginx-rtr.tls=true"
## HTTP Routers
- "traefik.http.routers.ninja-nginx-rtr.entrypoints=https"
- "traefik.http.routers.ninja-nginx-rtr.rule=Host(`fact.$DOMAINNAME`)"
## Middlewares
- "traefik.http.routers.ninja-nginx-rtr.middlewares=chain-no-auth@file"
## HTTP Services
- "traefik.http.routers.ninja-nginx-rtr.service=ninja-nginx-svc"
- "traefik.http.services.ninja-nginx-svc.loadbalancer.server.port=80"
depends_on:
- invoiceninja
invoiceninja:
<<: *common-keys-core # See EXTENSION FIELDS at the top
<<: *min-limits
image: invoiceninja/invoiceninja:latest
container_name: invoiceninja
env_file: .envninja
networks:
proxy:
ipv4_address: 192.168.90.67
volumes:
- $DOCKERDIR/appdata/invoiceninja/hosts:/etc/hosts:ro
- $DOCKERDIR/appdata/invoiceninja/public:/var/www/app/public:rw,delegated
- $DOCKERDIR/appdata/invoiceninja/storage:/var/www/app/storage:rw,delegated
depends_on:
- mariadb
I have a maria db docker where I have several databases, at least invoice ninja creates the tables well.
The .env file is as follows (it is called .envninja).
# IN application vars
APP_URL=https://fact.mydomain.com
APP_KEY=base64:XXXXXXXXXXXXXXXXXXXXXXX
APP_DEBUG=false
REQUIRE_HTTPS=true
PHANTOMJS_PDF_GENERATION=false
PDF_GENERATOR=snappdf
TRUSTED_PROXIES='*'
QUEUE_CONNECTION=database
# DB connection
DB_HOST=mariadb
DB_PORT=3306
DB_DATABASE=invoiceninja
DB_USERNAME=invoice_user
DB_PASSWORD=XXXXXXX
# Create initial user
# Default to these values if empty
# IN_USER_EMAIL=admin@example.com
# IN_PASSWORD=changeme!
IN_USER_EMAIL=
IN_PASSWORD=
# Mail options
MAIL_MAILER=log
MAIL_HOST=my.mail.host
MAIL_PORT=587
MAIL_USERNAME=mail
MAIL_PASSWORD=password
MAIL_ENCRYPTION=TLS
MAIL_FROM_ADDRESS='mail'
MAIL_FROM_NAME='Self Hosted User'
# MySQL
MYSQL_ROOT_PASSWORD=XXXXXXXX
MYSQL_USER=ninja
MYSQL_PASSWORD=ninja
MYSQL_DATABASE=ninja
# V4 env vars
# DB_STRICT=false
# APP_CIPHER=AES-256-CBC
The file in-vhost.conf
server {
listen 80 default_server;
server_name _fact.mydomain.com;
server_tokens off;
client_max_body_size 100M;
root /var/www/app/public/;
index index.php;
location / {
try_files $uri $uri/ /index.php?$query_string;
}
location = /favicon.ico { access_log off; log_not_found off; }
location = /robots.txt { access_log off; log_not_found off; }
location ~ \.php$ {
fastcgi_split_path_info ^(.+\.php)(/.+)$;
fastcgi_pass invoiceninja:9000;
fastcgi_index index.php;
include fastcgi_params;
fastcgi_param SCRIPT_FILENAME $document_root$fastcgi_script_name;
fastcgi_intercept_errors off;
fastcgi_buffer_size 16k;
fastcgi_buffers 4 16k;
}
}
I have tried changing the REQUIRE_HTTPS=true and false and adding TRUSTED_PROXIES=‘*’ or TRUSTED_PROXIES=‘192.168.0.0/16’.
I have also tried to do an installation without the domain, only with the Local IP “192.168.0.200”.
After a lot of research, accessing the containers themselves, I have seen that the nginx user of the invoiceninja is 1500:1500, but the ninja_nginx user is 101:101, so I don’t know if this is where the error is coming from.
I have made a chown -R 101:101 public and storage, and if I get that I no longer get the 403 error, but then I get a 404 error.
I don’t know what else to try.