dockernginxreverse-proxyjwilder-nginx-proxy

jwilder/nginx giving 403 permission forbidden


I'm trying to serve multiple containers with a static index.html file with a nginx reverse proxy

I've tried to follow the documentation here to create a default location

location / {
  root   /app;
  index  index.html;
  try_files $uri $uri/ /index.html;
}

If I check my default.conf in my container with

$ docker-compose exec nginx-proxy cat /etc/nginx/conf.d/default.conf

I get this result:

server {
        server_name _; # This is just an invalid value which will never trigger on a real hostname.
        listen 80;
        access_log /var/log/nginx/access.log vhost;
        return 503;
}
# xx.example.services
upstream xx.example.services {
                                ## Can be connected with "nginx-proxy" network
                        # examplecontainer1
                        server 172.18.0.4:80;
}
server {
        server_name xx.example.services;
        listen 80 ;
        access_log /var/log/nginx/access.log vhost;
        location / {
                proxy_pass http://xx.example.services;
                include /etc/nginx/vhost.d/default_location;
        }
}
# yy.example.services
upstream yy.example.services {
                                ## Can be connected with "nginx-proxy" network
                        # examplecontainer2
                        server 172.18.0.2:80;
}
server {
        server_name yy.example.services;
        listen 80 ;
        access_log /var/log/nginx/access.log vhost;
        location / {
                proxy_pass http://yy.example.services;
                include /etc/nginx/vhost.d/default_location;
        }
}

If i check the content of /etc/nginx/vhost.d/default_location it is exactly what I typed in the beginning, so that's fine

However when i go to xx.example.services I get a 403 forbidden.

To my understanding this means that no index.html file was found, but if i exec into my container and cat app/index.html it does exist!

I've checked that all my containers are on the same network.

I'm running my container with this command

docker run -d --name examplecontainer1 --expose 80 --net nginx-proxy -e VIRTUAL_HOST=xx.example.services my-container-registry

Update I checked the logs of my nginx-proxy container and found this error message:

[error] 29#29: *1 directory index of "/app/" is forbidden..

Tried removing $uri/ as per this SO post but this just left me with redirect cycles. Right now I'm trying to see if I can set the correct permissions, but I'm struggling

What am I missing?


Solution

  • My issue was a basic misunderstanding that the reverse proxy can reach into the filesystem of my containers as stated by jwilder himself here.

    Therefor the default location on the reverse proxy is unnecessary in my case. Instead I can simply let it point to my container, and have the nginx config in my container determine the location of my app.